Podcasts about arcsight

In this On Location Brand Story episode, Sean Martin speaks with Hugh Njemanze, Founder and CEO of Anomali, who has been at the center of cybersecurity operations since the early days of SIEM. Known for his prior work at ArcSight and now leading Anomali, Hugh shares what's driving a dramatic shift in how security teams access, analyze, and act on data.Anomali's latest offering—a native cloud-based next-generation SIEM—goes beyond traditional detection. It combines high-performance threat intelligence with agentic AI to deliver answers and take action in ways that legacy platforms simply cannot. Rather than querying data manually or relying on slow pipelines, the system dynamically spins up thousands of cloud resources to answer complex security questions in seconds.Agentic AI Meets Threat IntelligenceHugh walks through how agentic AI, purpose-built for security, breaks new ground. Unlike general-purpose models, Anomali's AI operates within a secure, bounded dataset tailored to the customer's environment. It can ingest a hundred-page threat briefing, extract references to actors and tactics, map those to the MITRE ATT&CK framework, and assess the organization's specific exposure—all in moments. Then it goes a step further: evaluating past events, checking defenses, and recommending mitigations. This isn't just contextual awareness—it's operational intelligence at speed and scale.Making Security More Human-CentricOne clear theme emerges: the democratization of security tools. With Anomali's design, teams no longer need to rely on a few highly trained specialists. Broader teams can engage directly with the platform, reducing burnout and turnover, and increasing organizational resilience. Managers and security leaders now shift focus to prioritization, strategic decision-making, and meaningful business conversations—like aligning defenses to M&A activity or reporting to the board with clarity on risk.Real-World Results and Risk InsightsCustomers are already seeing measurable benefits: an 88% reduction in incidents and an increase in team-wide tool adoption. Anomali's system doesn't just detect—it correlates attack surface data with threat activity to highlight what's both vulnerable and actively targeted. This enables targeted response, cost-effective scaling, and better use of resources.Learn more about Anomali: https://itspm.ag/anomali-bdz393Note: This story contains promotional content. Learn more.Guest: Hugh Njemanze, Founder and President at Anomali | https://www.linkedin.com/in/hugh-njemanze-603721/ResourcesLearn more and catch more stories from Anomali: https://www.itspmagazine.com/directory/anomaliLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, hugh njemanze, siem, cybersecurity, ai, threat intelligence, agentic ai, risk management, soc, cloud security, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

In this 7 Minutes on ITSPmagazine Short Brand Story recorded during Black Hat SecTor 2024, host Sean Martin sits down with Michael Mychalczuk, Director of Product Management for ArcSight at OpenText, to dissect the complexities of multi-cloud environments. Hosted during Black Hat SecTor 2024 in Toronto, they share invaluable insights into why businesses are increasingly finding themselves managing multiple cloud services.Mychalczuk explains that while many organizations initially hoped to stick with a single cloud provider, factors such as mergers, acquisitions, and specific technological pushes from giants like Microsoft and Google have made multi-cloud unavoidable. This proliferation presents unique challenges, particularly in maintaining security across varied platforms. He highlights the critical need for collaboration between security operations and IT operations teams. “No one person can know all of this,” Mychalczuk notes, emphasizing the importance of teamwork and specialization. He advises focusing on essential areas like identity management and automation to minimize human error and ensure consistent and secure deployments.Sean Martin and Michael Mychalczuk also discuss the importance of leveraging technologies such as Kubernetes and container security to manage and secure multi-cloud environments effectively. Mychalczuk stresses the value of robust monitoring tools like ArcSight to detect and respond to threats across these diverse systems, ultimately enabling businesses to succeed securely in today's fast-paced world. In closing, the emphasis on understanding one's maturity as a security operations team and aligning efforts accordingly stands out as a key takeaway.Note: This story contains promotional content. Learn more.Guest: Michael Mychalczuk, Director of Product Management at OpenText [@opentext]On LinkedIn | https://www.linkedin.com/in/michaelmychalczuk/ResourcesLearn more and catch more stories from OpenText: https://www.itspmagazine.com/directory/opentextLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

In this 7 Minutes on ITSPmagazine Short Brand Story recorded during Black Hat SecTor 2024, host Sean Martin sits down with Michael Mychalczuk, Director of Product Management for ArcSight at OpenText, to dissect the complexities of multi-cloud environments. Hosted during Black Hat SecTor 2024 in Toronto, they share invaluable insights into why businesses are increasingly finding themselves managing multiple cloud services.Mychalczuk explains that while many organizations initially hoped to stick with a single cloud provider, factors such as mergers, acquisitions, and specific technological pushes from giants like Microsoft and Google have made multi-cloud unavoidable. This proliferation presents unique challenges, particularly in maintaining security across varied platforms. He highlights the critical need for collaboration between security operations and IT operations teams. “No one person can know all of this,” Mychalczuk notes, emphasizing the importance of teamwork and specialization. He advises focusing on essential areas like identity management and automation to minimize human error and ensure consistent and secure deployments.Sean Martin and Michael Mychalczuk also discuss the importance of leveraging technologies such as Kubernetes and container security to manage and secure multi-cloud environments effectively. Mychalczuk stresses the value of robust monitoring tools like ArcSight to detect and respond to threats across these diverse systems, ultimately enabling businesses to succeed securely in today's fast-paced world. In closing, the emphasis on understanding one's maturity as a security operations team and aligning efforts accordingly stands out as a key takeaway.Note: This story contains promotional content. Learn more.Guest: Michael Mychalczuk, Director of Product Management at OpenText [@opentext]On LinkedIn | https://www.linkedin.com/in/michaelmychalczuk/ResourcesLearn more and catch more stories from OpenText: https://www.itspmagazine.com/directory/opentextLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Greetings, listeners! Welcome to another exciting episode of The SaaS CFO Podcast. Today, we're thrilled to host Colby DeRodeff, co-founder and CEO of Abstract Security, with over 25 years of experience in the cybersecurity field. From his early days at Arcsight to pivotal roles at Silvertail Systems, Anomaly, and Veridan, which later became part of Google, Colby's journey is a masterclass in innovation and leadership. In this episode, Colby delves into Abstract Security's mission to redefine the future of security operations. He shares how his team is tackling the relentless cyber threats by monitoring and managing threat data in real-time to protect organizations from breaches. Colby's passion makes the complex world of cybersecurity both accessible and intriguing. We also explore his entrepreneurial journey, discussing the challenges and successes of building a SaaS company. Colby offers invaluable advice on fundraising, securing venture capital, and the strategic steps necessary for delivering a successful product. Whether you're a tech enthusiast, entrepreneur, or curious about cybersecurity, this episode is packed with insights and inspiration. So, buckle up and join us on The SaaS CFO Podcast as we uncover Colby DeRodeff's incredible story and vision. Trust us, you won't want to miss this! Show Notes: 00:00 Built fraud detection content, co-founded successful companies. 05:25 Expansion of cloud infrastructure can lead to challenges. 07:42 Company hubs in various U.S. locations, future-focused. 10:09 Leveraging strong networks to shape product direction. 15:07 Be cautious with venture capitalists, seek experience. 16:23 Experienced advisors provide valuable insights for startups. 21:18 Internal product use vital for customer success. 23:05 Appreciate your time, check out Abstract Security. Links: SaaS Fundraising Stories: https://www.thesaasnews.com/news/abstract-security-raises-8-5m-in-seed-round Colby DeRodeff's LinkedIn: https://www.linkedin.com/in/colbyderodeff/ Abstract Security's LinkedIn: https://www.linkedin.com/company/abstractsecurity/ Abstract Security's Website: https://www.abstract.security/ To learn more about Ben check out the links below: Subscribe to Ben's daily metrics newsletter: https://saasmetricsschool.beehiiv.com/subscribe Subscribe to Ben's SaaS newsletter: https://mailchi.mp/df1db6bf8bca/the-saas-cfo-sign-up-landing-page SaaS Metrics courses here: https://www.thesaasacademy.com/ Join Ben's SaaS community here: https://www.thesaasacademy.com/offers/ivNjwYDx/checkout Follow Ben on LinkedIn: https://www.linkedin.com/in/benrmurray

In this episode we welcome serial investor, CEO and board member Tom Reilly who shares his insight into business growth, leadership and the role of a CEO. KEY TAKEAWAYS FROM THIS EPISODE What is the role of a CEO? The Three Essential Ingredients to Scaling a Business How to lead leaders The Story of a Ten Figure Exit THIS WEEK'S GUEST Tom Reilly has a thirty year career forming, leading, scaling and advising high-growth enterprise software and cybersecurity vendors. After an early career with IBM and running sales in the 90s for Lotus and BroadQuest, he became CEO of Trigeo, which was sold to IBM in 2004, and then became President and CEO of ArcSight, which he scaled globally, took through an IPO and exited to HP for over $1.5Bn and then CEO of Cloudera which he IPO'd with a $3Bn valuation and a $5.2Bn merger with HortonWorks. He has served on the boards of companies such as ELoqua, Jive Software, Trusona, Incorta, Datastax and Anomali, and served as the Chair of the Economic Development and Advisory Committee for the City of Sausalito. Tom is proud to support the work of Cybermindz.org, for more information about their incredible work in mental health within the cybersecurity community, please visit https://cybermindz.org/ YOUR HOST Simon Lader is the host of The Conference Room, Co-Founder of global executive search firm Salisi Human Capital, and podcast growth consultancy Viva Podcasts. Since 1997, Simon has helped cybersecurity vendors to build highly effective teams, and since 2022 he has helped people make money from podcasting. Get to know more about Simon at: Website: https://simonlader.com/ Make Money from Podcasting: https://www.vivapodcasts.com/podcastpowerups Twitter: https://twitter.com/simonlader LinkedIn: https://www.linkedin.com/in/headhuntersimonlader The Conference Room is available on Spotify, Apple Podcasts, Amazon Music iHeartRadio And everywhere else you listen to podcasts!

A real Ted Talk with the one and only Ted Schlein. Ted's excellent adventure was a 25 year roller coaster ride at Tier 1 VC firm Kleiner Perkins, by way of Symantec where he talked the company into entering the cybersecurity business. Now he turns full circle and has started Ballistic Ventures where he serves as Chairman and GP. Ted serves on the Board of Trustees and Board of Overseers of the Engineering School at the University of Pennsylvania, and also serves on the CISA, DHS and NSA Advisory Boards, IQT Board of Trustees, and is founder of the DoD-sponsored DeVenCI program. A few of his successful investments include AlienVault, ArcSight, CarbonBlack, Chegg, LifeLock, Mandiant, Phantom Security, and Shape Security.

After 2 decades of trying to make SIEMs work, security data lakes are a hot topic as they present an increasingly attractive alternative. The only hotter topic is ChatGPT and the game changing potential of AI. So in episode 52 of Security Voices, we mash the two together as Dave, Pathik Patel (Informatica), and Omer Singer (Snowflake) explore the many angles of security data lakes with an AI-assist from ChatGPT.From a functional definition to dishing on whether security data lakes signal the death of the SIEM, ChatGPT weighs in impressively early in the episode. Its later performance is much more suspect, seemingly gassing out under the pressure of harder (more poorly formed?) questions and likely a knee-buckling workload from millions of others testing the service simultaneously. The humans go on to discuss the real-time expectations for SIEMs vs. the “single source of truth” nature of security data lakes which lead to an exploration of product “suites” vs. specialized services and promise of the data lake to potentially unify them all.The week prior to the recording was the announcement of both the Open Cybersecurity Schema Framework (OCSF) standard alongside AWS' new Security Data Lake offering built on top of S3. We discuss the implications of AWS entering the space and what it means for already entrenched companies like Snowflake and Splunk. Pathik explains the significance of OCSF for security leaders and his projection of how important it will be for alleviating vendor lock-in and ultimately boosting our ability to provide strong security analytics.The practical realities of building and running a security data lake are clearly described from Pathik's experience at Informatica focusing on harmonizing and reporting on vulnerability data. He makes plain the amount of work involved– and the clear benefits of piggybacking off the company's existing data lake.The episode wraps with ChatGPT refusing to say anything further while Omer and Pathik take turns doing some end of year crystal ball gazing.

In this first-ever MARKETING MEDDICC Podcast, our Head of Marketing, Jessica Walker catches up with leading CMO, Meagen Eisenberg. They discuss; - Scaling, building and managing a growing marketing team- The benefits of both sales and marketing teams speaking MEDDIC as a common language- And then, how these teams should work together to drive resultsMeagen Eisenberg is a seasoned executive, board member, and advisor to some of the fastest-growing and most successful companies in enterprise and SaaS technology. In her current role, Meagen leads the marketing, growth and sales development teams of TripActions as its Chief Marketing Officer; she serves on the board of G2 and Terminus and advises a portfolio of companies including Loom, Styra, productboard, Gretel.ai and Redpanda. With 17 successful exits including 3 IPOs and 14 mergers and acquisitions under her belt, Meagen's career is a master class on building and delivering technology companies. She specializes in worldwide demand generation, working in concert with sales, product and executive teams to manage pipeline and aggressive growth. Most recently, Meagen has overseen the growth of TripActions from a fledgling corporate travel company, through a pandemic and into the $9.25B global leader in modern travel, corporate card and expense management programs. Prior to her current roles, Meagen was the Chief Marketing Officer at MongoDB (a company that she took public $MDB), VP of Customer Acquisition & Marketing at DocuSign ($DOCU), and leader across a stable of high tech companies including ArcSight (acquired by HP), TRIRIGA (acquired by IBM), IBM, and Cisco. Beneath her constellation of work endeavors, Meagen's true superpower is in balancing her family and personal life. Married, with three daughters, and four dogs, she currently resides in the Bay Area, CA.

Brian Contos is the CSO at Phosphorous. Before joining Phosphorus, he held CSO, Advisor, & leadership roles at companies like ArcSight, Cylance, Jask, and Verodin, to name a few.

Ray Lane is a storied technology executive and venture capitalist. He was the President & COO of Oracle, the Executive Chairman of HP, a Managing Partner at Kleiner, Perkins, and the Chairman of the Board of Trustees of Carnegie Mellon. He is also a recipient of the David Packard Medal of Achievement Award, whose other notable recipients include Reid Hoffman, Marc Benioff, and Ross Perot. Ray is responsible for creating over $19 billion in enterprise value in the last 5 years. Those investments include Beyond Meat (2019 peak of $14 billion; Ray was the first institutional investor), UpWork ($2.3 billion1), Uptake (currently valued at $2.3 billion) and Kinetica. Ray is best known for leading the turnaround of Oracle in the 1990's. During his tenure as President and COO, Ray helped grow Oracle's market cap by more than 114x from $2.1 billion to $236 billion2, and he expanded the company from 7,500 to 40,000 employees. After Oracle, Ray was a Managing Partner at venture capital firm Kleiner Perkins Caufield & Byers from 2000-2014, a firm noted for investing in many of today's industry leaders during Ray's tenure, such as Google, Amazon, Spotify, DocuSign, Slack, Twitter, Nest, Arcsight, Beyond Meat, Facebook, Square, Slack and Snap. Earlier in his career, Ray was the Managing Partner of the technology practice for Booz Allen Hamilton, led a Division of Electronic Data Systems Corporation working for Ross Perot, and was a Sales/Product Manager for IBM. Ray is also a US Army Veteran, has served as the Vice Chairman of the Special Olympics International since 2012, and holds multiple honorary PhDs. Outside of GreatPoint Ventures, Ray is an outdoorsman, and spends time with his wife, Stephanie, five children, and five grandchildren.          Become a supporter of this podcast: https://www.spreaker.com/podcast/success-made-to-last-legends--4302039/support.

In this week's episode, we welcome the VP Global Sales of Skyline ATS, Mark Strutner as he shares some insights about establishing a team. KEY TAKEAWAYS FROM THIS EPISODE: The advantages of having work experience from both small and large companies Important factors to consider in creating a team The Key things to motivate and get the best of your team Top three tips to have a successful team and business THIS WEEK'S GUEST Mark Strutner is the VP Global Sales of Skyline ATS - the leading provider of advanced technology adoption, utilization and enablement solutions, and formerly VP Worldwide Sales of Lastline, who are now part of VMWare and successfully led sales teams at early stage cyber security vendors including Resolution 1, who were acquired by Fidelis, Veracode, who were acquired by CA, and ArcSight who were acquired by HP and are now part of MicroFocus. Before his time in sales leadership Mark had sales positions with Symantec, IBM and Oracle. For more information, or to get in touch with Mark, check out: LinkedIn: https://www.linkedin.com/in/markstrutner1 Website: https://www.skyline-ats.com/ A MESSAGE FROM SIMON On February 24, 2022 Russia invaded Ukraine, in an unprovoked and unjustified attack. At the time I am writing this, I personally know people who, are trying to survive in bomb shelters in Kyiv, and others who have taken up arms to defend this country. Here at The Conference Room our thoughts and prayers are with our friends and colleagues and the whole of the Ukrainian people. But thoughts and prayers are not enough. As President Kennedy said in the name of Thomas Burke, all it takes for evil to succeed is for good men to do nothing. So, let's do something. In the shownotes for this episode, and for every episode while the people of Ukraine are fighting for their country, we'll post links of how you can help: reputable organizations you can donate to that will help the Ukrainian people and reliable sources of information about what's happening on the ground. As individuals, we may not be able to stand up to Putin ourselves, but let's all do something and not let evil triumph on our watch. Thank you. Telegram Channel for real time information: English: https://lnkd.in/dqY7X4Ue Spanish: https://lnkd.in/dVCs7qNw German: https://lnkd.in/dVgdD-aG French: https://lnkd.in/dC_cedbc Resources for reputable charities: https://www.charitywatch.org/charity-donating-articles/top-rated-charities-providing-aid-in-ukraine https://www.nbc15.com/2022/02/25/heres-how-donate-credibly-ukraine-relief-organizations/

Raffael Marty joins Alona to discuss the state of AI for security systems, why it is important to get the users more involved with security, and how data exploration is still in its infancy. Highlights For small enterprises and MSP it's important for a security product to be easy to use. The threat landscape is slightly different for small businesses. The security problems today are still fundamentally the same as 20 years ago despite having more powerful programs. Understanding how people use their systems is critical to understanding and identifying when there is a deviation. Many AI systems are being built with poor, biased, or incomplete data. We cannot solve everything with supervised machine learning. Data visualization for dashboards has improved but data exploration is still emerging. Data should be ingested and formatted for anonymity. Some data is very difficult to make anonymous by the nature of it. It is imperative to build security into the system from the beginning. Something like GDPR will most likely be enacted in the United States. Relevant Links https://www.linkedin.com/in/raffy/ https://www.connectwise.com/ https://raffy.ch/ https://www.vicarius.io/ Get to Know Raffy Raffael Marty is SVP of Security Products at ConnectWise. He brings more than 20 years of cybersecurity industry experience across engineering, analytics, research, and strategy to the company. Marty is responsible for developing and executing the ConnectWise cybersecurity strategy. Prior to Connectwise, Marty was head of research and intelligence at Forcepoint, ran security analytics for Sophos, launched PixlCloud, a visual analytics platform, and Loggly, a cloud-based log management solution. Additionally, Marty held key roles at IBM Research, ArcSight and Splunk and is an expert on established best practices and emerging innovative trends in the big data and security analytics space. Marty is one of the industry's most respected authorities on security data analytics, big data and visualization. He is the author of Applied Security Visualization and is a frequent speaker at global academic and industry events. Marty holds a master's degree in computer science from ETH Zurich, Switzerland and is a student of the Japanese tradition of Zen meditation.

Today I will discuss: 1. What is Micro Focus ArcSight ESM? 2. How does it work? 3. What is Real Time Correlation? Watch

The most interesting dilemma for a CEO? The decision that comes with having the option to go public or accept a strategic acquisition offer.Tom Reilly, former CEO at Cloudera has been a CEO with the experience of selling a company to IBM, another company to HP and then taking Cloudera public after raising $766.5M from strategic partner, Intel.Tom says a CEO should invest 20% - 30% of their time working with strategic partners - do not outsource to your partnership team. In fact, this advice comes from the experience of Tom working closely with the CEO at Intel which led to their strategic investment in Cloudera.Strategic buyers use partnerships to evaluate the value and fit of a strategic acquisition. It is critical to have well defined performance metrics for strategic partnerships, including close rates, annual contract value, gross and net dollar retention rate and CAC payback period to highlight the financial performance and efficiency of strategic partnerships.We then turned to discuss the decision to go public versus accepting a strategic acquisition offer. Tom shares that IPOs and being a public company do have their challenges - and that there are many great options including Private Equity, Growth Equity and now SPACS!Being public comes with heightened scrutiny on quarterly performance and transparency - which can be distracting. Developing the capability and culture of being able to accurately forecast quarterly revenue, margins and provide longer term guidance needs to a be a focus and competency developed three to four quarters before an IPOHot take #1 - being capital constrained can led to learning how to operate more efficiently - it may not always be best to take a lot more capital than needed OR at least ensure the culture of efficiency is maintained even after taking a large sum of investmentHot take #2 - companies have to start early to instrument, capture, analyze and make metrics informed decisions earlier and faster - numbers do not lie!!!#IPO #SaaS #cloud

It’s cyber security week on the podcast as Priyanka Vergadia joins Mark Mirchandani to talk with the folks of the Chronicle Security Team. Our guests Ansh Patniak and Dr. Anton Chuvakin start the show off with a brief explanation of Chronicle, which is a security analytics platform that can identify threats and correct them. Anton details the threats facing clients today and why it’s important to continue to guard against old threats as well. Cyber security developers must constantly examine the landscape, adjust tools used, and think ahead to try to predict possible future problems. Ansh elaborates, pointing out that sometimes, all the security needed to protect against old, current, and potentially new threats can create a data overload that causes some threats to be lost in a jungle of notifications. Analyzing this data to gain insights about the health of a company’s cyber security is an important part of the process, and Chronicle can help with that. We discuss other challenges in the security analytics world and learn tips and tricks to help overcome them. Our guests wrap up the show explaining how Chronicle, as part of GCP, benefits Google Cloud customers. Dr. Anton Chuvakin Dr. Anton Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019. Anton was, until recently, a Research Vice President and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team. Anton is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. Ansh Patniak Ansh Patnaik is responsible for product marketing at Chronicle. Previously, he was VP of Product Management at Oracle where he defined and launched their Security Analytics Cloud service. Ansh has held product management, marketing and sales engineering roles at several cybersecurity and data segment market leaders including Delphix, ArcSight (acquired by HP), and BindView (acquired by Symantec). Cool things of the week UEFI, Shielded VM now the default for Google Compute Engine customers—no additional charge blog Anthos—driving business agility and efficiency blog Anthos 101 videos Interview Chronicle Security site Chronicle Security Blog blog Chronicle Security Resources site Why Your Security Data Lake Project Will FAIL! blog Question of the week Whats one thing you have seen users ask about security on Google Cloud? What’s something cool you’re working on? Our guests be doing the SANS Webinar on April 30th. 13 days of GCP Architecture series! We’re on day nine now, but you can catch up on Twitter with posts like Day 6 on Data Lake and join us for the next few!

As Director of Security at Alto Pharmacy, Joy Forsythe focuses on helping the modern pharmacy startup improve healthcare while preserving patient security and privacy. It's no small feat. Joy brings over a decade of experience working on software security, security monitoring, and enterprise security tools and has worked with companies including Fortify Software, HP, and Arcsight. She also ran security at Mango Health and has a masters of engineering in computer science from MIT. Joy feels passionately about supporting the next generation of infosec professionals and is actively recruiting candidates to join her at Alto Pharmacy. Joy and Caroline will also be speaking together at the People + Security panel at the Shift AppSec Summit this February in San Francisco.

Lars Nilsson started his career selling for Xerox at the peak of their technology dominance in America and learning from the best sales organization in the country. He took that experience to become VP of Sales at companies like Hewlett Packard, Cloudera, and Arcsight. Today, Lars works with startups at True Ventures to advises startups from pre-revenue to pre-IPO about setting up effective sales organizations. @larsnilsson65 on Twitter linkedin.com/in/lanilsson/

SIEM: https://en.wikipedia.org/wiki/Security_information_and_event_management Splunk: https://www.splunk.com/ Arcsight: https://www.microfocus.com/en-us/products/siem-security-information-event-management/overview ELK: https://www.elastic.co/what-is/elk-stack Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support

MailChimp's recent pivot from an email marketing provider to a full-service marketing platform left many authors in the dust. Including us! We jumped ship and we have some key tips to help you move on... and preferably move up to something that will make organizing your email list and newsletter life in ways you never dreamed were possible. Check out David Gaughran's article on MailChimp's changes here. You can check out Convertkit HERE and the migration form HERE. Join us on Facebook! New videos EVERY single Monday. Make sure to subscribe: http://bit.ly/1WIwIVC PATREON! Many bonus perks for those who become a patron of the channel. https://www.patreon.com/AmWritingFantasy LET'S CONNECT! Closed Facebook group: https://www.facebook.com/groups/AmWritingFantasy/ Blog and Courses: https://www.amwritingfantasy.com/ Podcast: http://podcast.amwritingfantasy.com/ Jesper on Twitter: https://twitter.com/SchmidtJesper Autumn on Twitter: https://twitter.com/weifarer Read the full transcript below. (Please note that it's automatically generated and while the AI is super cool, it isn't perfect. There may be misspellings or incorrect words on occasion). Autumn (1s): What the heck is going on with MailChimp. I've used it for years and it was slowly becoming more lost each time I logged in and it wasn't because I've crossed some invisible age threshold where software no longer made sense. I've never seen a company make a platform more difficult to navigate and use of every update so horribly. I treaded logging in this situation was unsustainable, not if I actually wanted to do you know, do business with a man and mailing list, but yes for and I had a plan. Autumn (38s): If you're a fantasy author, then you've come to the right place. My name is Autumn and together with Jesper we've published more than 20 novels. Our aim is to use our experience to help you writing marketing and selling books to fans all over the world. It started with little things like when I clicked on a campaign in MailChimp, the default action directed it to the stats instead of edits like it used to. I can't tell you how many times I groaned as I needed to back up, hit the dropdown menu to say I wanted to edit an automation sequence. Autumn (1m 12s): Instead of seeing, you know, the stats, years of doing things one way or so difficult to unlearn. Then my list disappeared and changed to audiences. It took two or three steps to burrow into the menu to find my formerly easily located lists and subscribers and the from there to go to items like subscription forms and emails. I was sorta like, what the fuck. But then I took a deep breath. I really don't rattle easily. I'm waking Lee adaptable. But then it got even worse. Autumn (1m 43s): My campaign menu's changed. Instead of seeing all the automations or recently sent email blasts, I could only see the ones that related to the audience I was currently viewing. So if I was working with a list for books in one Shondra, uh, wanted to see if I had email, I'd sent to a list that came in through like a giveaway. The search turned up, nothing, not a notice. There was a campaign like that attached to a different list. But thing. It was full panic mode a couple of times as surge just came up empty, like my entire history of emails had been erased. Old McGrumpy (2m 21s): Only worthless. Humans can mess up the beauty of code. Autumn (2m 26s): Oh hi or would make grubby. I should have guessed that our AI Cohoes you would take that view. Do I need to remind you that worthless humans invented computer code and some of it is all that beautiful, Old McGrumpy (2m 39s): but computers will perfect what you've begun Autumn (2m 43s): perhaps, but the last time I checked, there's still a lot of work to do now. Why don't you go chase down some redundant, outdated code of your own before you call humans too complicated. Old McGrumpy (2m 54s): I don't have time for this. Autumn (2m 57s): Where were we? Oh, right. MailChimp is the mailing list platform I've used since I first created an account as a new author. I recommended it to the writing courses I teach. At least I did until I didn't. I already didn't use about half of the platform because it was more than I needed to send newsletters out and organize a book launch or launch teams as MailChimp pivoted towards a new business model of a full service marketing platform and it left me in the dust. I don't use over half the platform normally, but when they transitioned to something entirely new where I wouldn't use over 80% of it but needed to pay for, well 100% I can only be happy that we jumped ship when we did, which was a full month before the new changes in pricing tiers. Autumn (3m 44s): I won't go into what MailChimp has been doing, but we'll billing to a very detailed article by David Koch ran in the show notes. That article is a great discussion in itself, which we've been doing in the amwritingfantasy closed Facebook group. We'd love to have you join us there and add your thoughts. The link is in the show notes. Yes. For night jumped out of MailChimp before getting out needed to happen ASAP and our account costs would have at least doubled if not tripled or more. Autumn (4m 15s): Part of the reason why we loved was I was tired of being frustrated with figuring out the platform when I just wanted to create a newsletter or just simply check the wording of it. Automation, a two minute task became 15 minutes Odyssey of frustration. Honestly, about a year ago I moved my reader lists out of MailChimp's to Miller Lite. Then Yesper and I decided this winter to move our author list to convert kit where he hosts his reader account. Don't get me wrong, I like Miller Lite. Autumn (4m 46s): It works fine for the reader newsletters, but convert kit is awesome. It is a whole level of organization and simplicity. I hadn't even known existed with mailing lists. If you have some pretty sophisticated automations, ConvertKit will not let you down. In fact, it will make your newsletter life upright so smooth that you'll be able to take the time to figure out any kinks in the flow and to get it all working better. One of my favorite things is we didn't have to do all the heavy lifting. If you have more than 5,000 subscribers, ConvertKit will migrate you to their platform for free. Autumn (5m 20s): You get a personal team who will work with you to translate what you used to do and to how it works in covid kit and give you the tour. Before handing over the keys. Our team was fantastic and asked lots of clarifying questions, which always boosts my confidence that they care and are taking their task seriously. Part of the process is completing a month migration form, which at first I felt so daunting. They wanted me to organize the chaos. I'd created a MailChimp. Autumn (5m 51s): Oh my gosh. I'll link to the migration forum too, but there are some key was of information you'll need. You'll of course near the main website you use the signup forms on, but if you are like us and have a few different sites, that isn't a problem. There is a spot for those too. You need your subscriber count, but approximate is fine, which is good because if you have duplicate emails you might not have as many subscribers as you think you do. You also need a list of all your subscriber forms in a very specific way. Autumn (6m 21s): That is one the URL, the optin to any thank you attached. Page three any lead magnet or freebie attached and for which list groups opt. It needs to view attitude. For me, that could look a little bit like this one, a photo link at this plebiscite to know thank you. Page three, PDF download, pound up this website and four goes to a free booklet. Not that bad except you need to do it for all of your opt-ins. I think it was at this point I realized I needed to do this exercise at a document and then copy and paste to the migration forum. Autumn (6m 55s): ConvertKit also leaves an entire section for you to type in anything odd or unique about your list or list management. For me, I listed the my website themes because I have one that wants stripped code in order to create a special pop-up signup form. They handle that. No problem. Next you need to know the name of your list tags and or groups that need to be moved. That makes sense. Especially for us, since I had some author lists and some Reno lettuce and well not everything was going to be in the same spot when it was all said and done. Autumn (7m 27s): The next really big piece of info you need is your automations and know how they are connected with lists sort of the whole way the puzzle fits together. They get written down like this. The arc reader onboard automation connects to the ArcSight of form and the arc reader list. There's also a place to list any integrations you use Zapier or a membership plugin as well as your timeline and any extra info you need to share after that you need to actually give a ConvertKit access to everything from MailChimp to your website, plugins and such because they actually go in and do all the switching for you. Autumn (8m 3s): I can't even begin to tell you how fantastic that was because I gave them some crazy long answers to all the above questions and they did it all and checked in to be sure they were moving it right and they do it in a very thoughtful way. The migration form has some fun examples and phrasing to take the, Oh my gosh, you need to meet to actually be organized and explain this to you. Pain out of the ordeal. Oh, and they give you a free tee shirt, which is kind of awesome too. Autumn (8m 33s): What about that MailChimp account you'll be leaving behind? You may still have subscribers coming through the old legs. Do you want to have them find a blank page? I didn't. So I figured out a few alternatives. One thing you can do is scrub all your list once you have them safely downloaded and then request MailChimp revert your account to free as long as you haven't done that before and now have less than 2000 subscribers if you have all is not lost. Another option is to pause your account. This is an option that's under your settings. Autumn (9m 4s): Hey, wait, wait, wait. Down at the bottom. Once your account is pause, you would not be billed and you cannot send whoever people could still sign up and so if they come in through an old link and then you can download that new site up and upload it to your new platform plow, you can view all of your account information like lists, campaigns and automations. It is actually a really great feature. Nothing's lost. You can still refer to it. I'd recommend that if you do pause the account though to change all of your subscription forms to say right there that the subscriber landed on an old link and a signup will not result in getting whatever it is they think they're signing up for, but not to worry and to follow the link provided to the correct sign-up spot. Autumn (9m 47s): Yeah, might use it through a few people through the jumble of link clicking, but you will have a better success rate than if a potential subscriber hits a dead link. If your questions are to ConvertKit migration and what is going on at MailChimp or some steps you can take, let us know in the show notes in the comments below. And if you're running an author newsletter, check out this video on using your email list to sell books for some tips. Stay safe out there and see your next Monday.  

Mark Godley sits down with Karan Singh, COO at SalesSource, and Lars Nilsson, CEO of SalesSource, to discuss why data can make or break B2B GTM strategy. Between the three of these data dogs, they know a thing or two about data and most of it has been learned through trial by fire in their early years. Join the podcast to hear what pitfalls to avoid when choosing a data provider and what defines success.   Karan Singh, COO, SalesSource LinkedIn: https://www.linkedin.com/in/karan-singh-29269015/ Website: https://www.salessource.com/ With over ten years of experience managing and growing Sales Operations functions at hyper-growth companies, Karan has been at the forefront of Enterprise Sales Operations for B2B technology companies in Silicon Valley.  Most recently, Karan led the global Sales Strategy, Programs & Analytics role within Cloudera, where he was responsible for driving the Go-To-Market Strategy, which was instrumental in the overall IPO readiness and execution effort within the company. Karan has also held leadership roles within Corporate Operations (Deal Desk, Order Management), Sales Systems and Compensation Design.  Prior to serving as the co-founder and COO of SalesSource, Karan held leadership roles at ArcSight and Cloudera, both of which were propelled to an IPO through strong operational infrastructure and sales strategy.  Lars Nilsson, CEO, SalesSource LinkedIn:  https://www.linkedin.com/in/lanilsson/ Website:  https://www.salessource.com/ With over twenty-five years of sales and operations experience in the technology sector, Lars is a global leader in enterprise software and selling solutions. Prior to serving as the CEO of SalesSource, Lars was VP of Global Inside Sales for Cloudera, the company that revolutionized enterprise data management by offering the first unified platform for machine learning and advanced analytics optimized for the cloud. Lars and his team at Cloudera developed the sales methodology Account-Based Sales Development (ABSD), which has transformed how businesses approach high-value targets. Lars also led the sales enablement and field readiness teams at Cloudera. These two functions are becoming increasingly important to fast-growth companies looking to rapidly scale sales organizations by shortening onboarding and ramp time for sales reps.  Lars has served in sales executive roles at ArcSight/Hewlett Packard, Riverbed Technology and Portal Software – all three of which achieved IPOs, in addition to Cloudera (2017). 

Our guest is Meagen Eisenberg. We’ve been featuring guest experts on the sales side, so finally we’re going to spend a little time in the next couple episodes on the marketing side of the business and talk particularly to marketers that are embracing revenue responsibility, that are taking advantage of the opportunity from a cost center into a profit center. ----more----   It’s important in B2B marketing these days to make sure that what you’re doing is driving to business results, and I can’t think of a better person to feature than Meagen. Listen to find out what Meagen sees as the trends that will hone how B2Bmarketers focus and where she thinks B2B marketers are going to increasingly need to "lean in" to continue to be successful.  Find out what her marketing stack is and how she built her team.  Meagen brings more than 19 years of experience in the high-tech industry to her role at TripActions. She has been recognized as one of the Top 50 most retweeted by mid-sized marketers according to AdWeek and one of the Top 25 B2B Marketing Influencers according to InsideView. In 2014, she won the Marketers that Matter award. Additionally, she won the SuperNova Award in Matrix Commerce from Constellation Research in 2012 and the Marketing Visionary Markie award within the marketing automation field in 2011. Meagen advises for several tech startups and before joining MongoDB, she was the Vice President of Customer Marketing and Demand Generation at DocuSign. She also held previous positions with ArcSight, an HP Company, TRIRIGA (acquired by IBM), Postini (acquired by Google) and IBM. Meagen has an MBA with a focus on marketing and strategy from Yale School of Management and holds a B.S. in MIS with a minor in CSC from California Polytechnic University at San Luis Obispo. ____________________________________ Sales Pipeline Radio is sponsored and produced by Heinz Marketing on the Funnel Radio Channel.  Each week at 11:30 am Pacific time (plus 8 hours UTC Time) Matt Heinz interviews the best and brightest minds in sales and Marketing.  If you would like to be a guest on Sales Pipeline Radio send an email to: sheena@Heinzmarketing.com

In this #AskTHAT, I talk to Brian Contos, CISO of Verodin and we dive into cybersecurity. No MOAR excuses, we have to take an active role in our securing our applications.    Brian has over two decades of experience in the security industry. He is a seasoned executive, board advisor, security company entrepreneur and author. After getting his start in security with the Defense Information Systems Agency (DISA) and later Bell Labs, Brian began the process of building security startups and taking multiple companies through successful IPOs and acquisitions including:  Riptech, ArcSight, Imperva, McAfee and Solera Networks.   Brian has worked in over 50 countries across six continents. He is a strategic board advisor for multiple companies including Cylance and Appdome. He has authored several security books, his latest with the former Deputy Director of the NSA, spoken at leading security events globally and is a Distinguished Fellow with the Ponemon Institute. Brian frequently appears in the news and has been featured in CNBC, C-SPAN, Fox, NPR, Forbes, Wall Street Journal, The London Times and many others. He most recently appeared in a cyberwar documentary alongside General Michael Hayden (former Director NSA and CIA).   Links from today’s show: Blog:  https://verodin.com/blog/ LinkedIn:  https://www.linkedin.com/in/briancontos/ Twitter:  @BrianContos Brian’s company - Verodin is a Security Instrumentation Platform or SIP Company:  https://verodin.com/ Open Source Threat Simulation Projects, these are more Breach and Attack Simulation (BAS) related than SIP, but they can be used to test some security controls:  https://blogs.gartner.com/augusto-barros/2018/04/17/threat-simulation-open-source-projects/

In this episode, Tom shares his advice on: Building Data Startups Company culture and growth  Future of AI About Tom Reilly: Tom Reilly is the CEO of Cloudera. Tom has a distinguished 30-year career in the enterprise software market. Tom has led several tech startups through a successful initial public offering. Prior to Cloudera, Tom served as CEO of ArcSight, an enterprise security company acquired by HP in 2010. Fun fact: Tom is one of things in the Internet of Thing (IoT). More on that in the podcast. 

Russians vs. NSA, ArcSight vs. Russia, DISQUS breach, TrendMicro vulnerability, Stamos, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show: https://danielmiessler.com/support/ See omnystudio.com/listener for privacy information.

Ofer Shezaf is Director of Cyber Security at Varonis. A self-described all-around security guy, Ofer is in charge of security standards for Varonis products. He has had a long career that includes most recently a stint at Hewlett-Packard, where he was a product manager for their SIEM software, known as ArcSight. Ofer is a graduate of Israel's elite Technion University. In this second part of the interview, we explore ways to improve data security through security by design techniques at the development stage, pen testing, deploying Windows 10s, and even labeling security products!

Ofer Shezaf is Director of Cyber Security at Varonis. A self-described all-around security guy, Ofer is in charge of security standards for Varonis products. He has had a long career that includes most recently a stint at Hewlett-Packard, where he was a product manager for their SIEM software, known as ArcSight. Ofer is a graduate of Israel's elite Technion University. In this first part of the interview, Ofer shares his thoughts on the changing threat landscape.

Proofpoint (https://www.proofpoint.com/us) and is a sought-out expert for media commentary on breaches and best practices for enterprises as well as consumers. He joined Proofpoint from WatchDox where he served as chief marketing officer and was responsible for successfully building and leading the marketing team through the company’s acquisition by Blackberry. Prior to WatchDox, Ryan was instrumental in running solutions across Hewlett-Packard’s portfolio of security products. He has also held a variety of marketing leadership positions at ArcSight and VeriSign including EMEA regional manager. Ryan received his bachelor's degree from Stanford University, where he studied fault tolerance, cryptography, and authentication algorithms. In this episode we discuss his start in cyber security, his transition to marketing and product management, the importance of communication skills, the changing role of the CISO, AI and machine learning, the malware research his team does, the spread of ransomware, and so much more. Where you can find Ryan: LinkedIn (https://www.linkedin.com/in/kalember/) Twitter (https://twitter.com/rkalember) Proofpoint Blog (https://www.proofpoint.com/us/corporate-blog)

I have a very special guest Meagen Eisenberg, who is the CMO of MongoDB. She has just done so many things in the B2B marketing world. We've been featuring guest experts on the sales side,so finally we're going to spend a little time in the next couple episodes on the marketing side of the business and talk particularly to marketers that are embracing revenue responsibility, that are taking advantage of the opportunity from a cost center into a profit center. It's so important in B2B marketing these days to make sure that what you're doing is driving to business results,and I can't think of a better person to feature than Meagen from MongoDB. Listen to find out what Meagen sees as the trends that will hone how B2Bmarketers focus and where she thinks B2B marketers are going to increasingly need to "lean in" to continue to be successful.  Find out what her marketing stack is and how she built her team.  Meagen brings more than 19 years of experience in the high-tech industry to her role at MongoDB. She has been recognized as one of the Top 50 most retweeted by mid-sized marketers according to AdWeek and one of the Top 25 B2B Marketing Influencers according to InsideView. In 2014, she won the Marketers that Matter award. Additionally, she won the SuperNova Award in Matrix Commerce from Constellation Research in 2012 and the Marketing Visionary Markie award within the marketing automation field in 2011. Meagen advises for several tech startups and before joining MongoDB, she was the Vice President of Customer Marketing and Demand Generation at DocuSign. She also held previous positions with ArcSight, an HP Company, TRIRIGA (acquired by IBM), Postini (acquired by Google) and IBM. Meagen has an MBA with a focus on marketing and strategy from Yale School of Management and holds a B.S. in MIS with a minor in CSC from California Polytechnic University at San Luis Obispo.

Laura Menicucci from Cloudera joined us this week on the podcast to chat specifically about hiring effective sales engineers. We've talked a bit before aboutsales hiringin general but never specifically about the sales engineer role and hiring effective sales engineers. Laura brings a wealth of knowledge and experience to the discussion around hiring effective sales engineers having formerly built out the worldwide sales engineering organization at ArcSight and Rapt before joining Cloudera as their first VP of Sales Engineering. She's made that critical first sales engineer hire, built a team of 100+ sales engineers on several occasions, and has seen the ins and outs of hiring effective sales engineers from all angles. We start the discussion on when to consider the sales engineer hiring question. Specifically there are a number of key items to think about and things to avoid when thinking about hiring that first sales engineer. In addition we talk about the profile of the company needed to ponder this question. We then move on to actually embarking on the hire and exactly how as a young SaaS founder you should be outbound trying to find this person. We walk through the ideal profile of the sales engineer and then move on to closing that person and how to effectively put forth the correct compensation package. Beyond this we walk through how to specifically incentivize sales engineers and what metrics you should put in place from day one. We close with a walk through of how to grow the organization from one to many and Laura gives some tips and tricks from her experiences over the years. All in it was a great topic on hiring effective sales engineers that we hope the listeners enjoy.

Laura Menicucci from Cloudera joined us this week on the podcast to chat specifically about hiring effective sales engineers. We've talked a bit before aboutsales hiringin general but never specifically about the sales engineer role and hiring effective sales engineers. Laura brings a wealth of knowledge and experience to the discussion around hiring effective sales engineers having formerly built out the worldwide sales engineering organization at ArcSight and Rapt before joining Cloudera as their first VP of Sales Engineering. She's made that critical first sales engineer hire, built a team of 100+ sales engineers on several occasions, and has seen the ins and outs of hiring effective sales engineers from all angles. We start the discussion on when to consider the sales engineer hiring question. Specifically there are a number of key items to think about and things to avoid when thinking about hiring that first sales engineer. In addition we talk about the profile of the company needed to ponder this question. We then move on to actually embarking on the hire and exactly how as a young SaaS founder you should be outbound trying to find this person. We walk through the ideal profile of the sales engineer and then move on to closing that person and how to effectively put forth the correct compensation package. Beyond this we walk through how to specifically incentivize sales engineers and what metrics you should put in place from day one. We close with a walk through of how to grow the organization from one to many and Laura gives some tips and tricks from her experiences over the years. All in it was a great topic on hiring effective sales engineers that we hope the listeners enjoy.

For those of you unfamiliar with the event, HP Protect is the premier event of the year for the HP Enterprise Security products and services organization, held to bring customer practitioners, industry experts, products/services managers and their support specialists together to not only solve real-world problems but to also help set the course for the next year. If you've not had a chance to attend the event and you're an HP customer, or you're interested in the event - check out the HP Protect website. I was a guest at the conference this year and had an amazing opportunity to sit down in 3 separate sessions with a serviceEpis provider, a practitioner, and 2 vendor-partners and talk real-world security...  Episode 1 - Ian Beckford, Senior Product Manager, TELUS Security Solutions - Ian and I had a lively discussion around the service-provider use of the analytics and network security devices (currently ArcSight and TippingPoint) to provide customers with security solutions which benefit them, while remaining cost effective.

Synopsis This episode is a mini-episode recorded live from the social media lounge at HP Discover Las Vegas 2012.  It was an incredible show, where I caught up with Marc and Matt - two guys who are really from opposite side of today's deploy vs. secure coin.  Somehow we quickly dove into DevOps and picked up right where my conversation with the incomprable Gene Kim left off in episode 20.  Ironically, we discussed how to deploy faster (sound familiar?) and still get security and quality into the scope of delivery... this isn't a product pitch but it's two HP guys talking about how products impact software quality, security and overall delivery speed. Guests Marc Blackmer  - Senior Solutions Marketing Manager (HP Enterprise Security Products) - Marc is a seasoned veteran of the Information Security industry with experience going back to high technician days in 1998.  Since 2006 Marc has held various technical and engineering roles at ArcSight and has come to learn the SEIM industry better than anyone I know.  Marc is one of the rare people who 'gets' how products solve actual problems. Matt Morgan Vice President and General Manager, HP Software Cloud and Hybrid IT - Matthew Morgan is the vice president and general manager of product marketing for the HP Software Cloud and Hybrid IT software organization, a $2.5B software business delivering solutions used by 100,000s of users to successfully define, deliver, and manage business software in a cloud and mobile world.  Matt has 20 years of experience in the Internet and IT business application industry. In his time at HP Software, he had held multiple executive roles including leading the commercialization of HP Application Lifecycle Management, launching HP's first mobile testing and monitoring solutions, and leading a shift to digital marketing operations.

A major international arrest came today.  Indonesia’s National Police arrested 35 Chinese and Taiwanese nationals at the request from Interpol.  They were all allegedly involved in cybercrime. The best way to fight cybercrime is to constantly monitor your network.  That’s the latest from a senior official for Arcsight, a subsidiary of Hewlett Packard. Microsoft took down what’s being described as a small but dangerous botnet.  On Monday, a Virginia federal judge ordered VeriSign to shut down almost two dozen domains linked to servers that controlled the Kelihos botnet at the request of Microsoft. Also tune in for the job of the day.

iPhone Turned into Pocket-Sized Hacking PlatformRuling Eases Government’s Efforts for Cell Phone TrackingHackers Post Techniques for Reversing iPhone UpgradeGun Safe Zone on you tube Whistleblower lawsSuit: Employee Fired for Reporting BreachOpt-out from pre-approved credit applicationsOctober is the fourth annual National Cyber Security Awareness MonthYour Digg username is probably "too secure" for American ExpressBluetooth HeadsetGo Ahead (Bomb New York)Jim Tiller for (ISC)2 board of Directors - if you are a CISSP please "Vote for Jim"HostsGene Naftulyev, CISSPAnatoly Elberg, CISSPBen Spader, CISSP

This show we interview Brian Contos, Chief Security Officer for ArcSight.  He talks about his new book Insider Threat: Enemy at the Watercooler.  Also on this show we discuss the new FBI computer crime survey results, Web Historian 1.3, new look to CyberSpeak site, and a couple of websites of the week.  This show is dedicated to Tim Poole's "bloody left mouse clicking finger."

This topic will present the proposal/idea/work from the author's master graduate project about effective detection of SQL Injection exploits while lowering the number of false positives. It gives detail analysis example of how database auditing could help this case, and also presents the challenge with anomaly detection for this attack and how the author tried to solve them. Finally a correlation between the two will be presented. Yuan Fan, CISSP, has worked in the network security area for more than 7 years. He currently works for ArcSight as a Software Engineer. He holds a Master of Computer Engineering degree from San Jose State University. The tool he is writing for master graduate research project related to this topic is a Java-based, multilayer anomaly intrusion detection system.

This topic will present the proposal/idea/work from the author's master graduate project about effective detection of SQL Injection exploits while lowering the number of false positives. It gives detail analysis example of how database auditing could help this case, and also presents the challenge with anomaly detection for this attack and how the author tried to solve them. Finally a correlation between the two will be presented. Yuan Fan, CISSP, has worked in the network security area for more than 7 years. He currently works for ArcSight as a Software Engineer. He holds a Master of Computer Engineering degree from San Jose State University. The tool he is writing for master graduate research project related to this topic is a Java-based, multilayer anomaly intrusion detection system.