Podcasts about coalfire

Charles Henderson, who leads the cybersecurity services division at Coalfire, shares how the company is reimagining offensive and defensive operations through a programmatic lens that prioritizes outcomes over checkboxes. His team, made up of practitioners with deep experience and creative drive, brings offensive testing and exposure management together with defensive services and managed offerings to address full-spectrum cybersecurity needs. The focus isn't on commoditized services—it's on what actually makes a difference.At the heart of the conversation is the idea that cybersecurity is a team sport. Henderson draws parallels between the improvisation of music and the tactics of both attackers and defenders. Both require rhythm, creativity, and cohesion. The myth of the lone hero doesn't hold up anymore—effective cybersecurity programs are driven by collaboration across specialties and by combining services in ways that amplify their value.Coalfire's evolution reflects this shift. It's not just about running a penetration test or red team operation in isolation. It's about integrating those efforts into a broader mission-focused program, tailored to real threats and measured against what matters most. Henderson emphasizes that CISOs are no longer content with piecemeal assessments; they're seeking simplified, strategic programs with measurable outcomes.The conversation also touches on the importance of storytelling in cybersecurity reporting. Henderson underscores the need for findings to be communicated in ways that resonate with technical teams, security leaders, and the board. It's about enabling CISOs to own the narrative, armed with context, clarity, and confidence.Henderson's reflections on the early days of hacker culture—when gatherings like HoCon and early Def Cons were more about curiosity and camaraderie than business—bring a human dimension to the discussion. That same passion still fuels many practitioners today, and Coalfire is committed to nurturing it through talent development and internships, helping the next generation find their voice, their challenge, and yes, even their hacker handle.This episode offers a look at how to build programs, teams, and mindsets that are ready to lead—not follow—on the cybersecurity front.Learn more about Coalfire: https://itspm.ag/coalfire-yj4wNote: This story contains promotional content. Learn more.Guest: Charles Henderson, Executive Vice President of Cyber Security Services, Coalfire | https://www.linkedin.com/in/angustx/ResourcesLearn more and catch more stories from Coalfire: https://www.itspmagazine.com/directory/coalfireLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:charles henderson, sean martin, coalfire, red teaming, penetration testing, cybersecurity services, exposure management, ciso, threat intelligence, hacker culture, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

Scott Norberg joins Ken Johnson and Seth Law for an episode of Absolute AppSec all about SAST. Scott is an ASP.NET Security Consultant, Author, Researcher and Speaker. In addition to running his Opperis Technologies consultancy, Scott has recently begun working as lead application security architect at CDW. Before that he worked as Lead Application Security engineer at Gallagher and was a Senior Consultant with the AppSec team at Coalfire. He has been a web security specialist for nearly two decades, and holds several certifications, including Microsoft Certified Technology Specialist (MCTS), certifications for ASP.NET and SQL Server, and a Certified Information Systems Security Professional (CISSP) and CCSP certification. He also has an MBA from Indiana University. To find out more about Scott check out his website https://scottnorberg.com/ as well as his 2020 book Advanced ASP NET Core Security Vulnerabilities.

In 2019, Gary De Murcurio, founder of Kaiju Security and former director of red team and enterprise penetration testing at Coalfire, and Justin Wynn, director at Coalfire, performed a physical penetration test that led to felony charges being placed against them. The two men ultimately served time in jail for this incident, despite being hired to perform the initial pen test. In this episode, De Murcurio and Wynn join host Melissa O'Leary to discuss their experience in detail. • For more on cybersecurity, visit us at https://cybersecurityventures.com

This week on episode 370, we interviewed Cristina Alaimo and Jannis Kalliniko, Co-authors of Data Rules: Reinventing the Market Economy, Charles Henderson, EVP of Cyber Security Services at Coalfire and Ron Miller, Enterprise Reporter at TechCrunch. Topics covered include:

Cybersecurity becomes almost a personal matter when you're working in a war zone and information superiority is a must. My next guest spent 14 months in Afghanistan before the U.S. withdrawal. The retired Navy captain is now CEO of Coalfire, a cybersecurity company. Tom McAndrew joins me now. Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Cybersecurity becomes almost a personal matter when you're working in a war zone and information superiority is a must. My next guest spent 14 months in Afghanistan before the U.S. withdrawal. The retired Navy captain is now CEO of Coalfire, a cybersecurity company. Tom McAndrew joins me now. Learn more about your ad choices. Visit megaphone.fm/adchoices

Merlin Namuth is our feature interview this week, interviewed by Debbi Blyth. News from Kingdom Wealth Exchange, Lightship Energy, Foundry Group, Coalfire, Ping Identity, Red Canary and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Colorado Pastor Accused Of Multimillion Dollar Crypto Scheme Everything you need to know about navigating DIA's new security Electric RV maker lands $34M as it prepares to open its Denver-area factory Boulder VC firm Foundry to shutter, not raise additional fund Colorado software Startups to Watch in 2024 Space ISAC and National Cybersecurity Center Announce Next Stage in Relationship Mastering AI Risks: Navigating the NIST AI RMF Core with Coalfire What is Device Trust? How it Works in 2024 Kubernetes security: Safeguarding your container kingdom BSides Boulder 2024: Call for Speakers Job Openings: Pax8 - VP of GRC 1Password - Director, Security Operations Inspirato - Director, Cybersecurity Operations Sage Hospitality Group - Information Security, Manager Newmont - Senior Operational Technology Cybersecurity Analyst U.S. Immigration and Customs Enforcement (ICE) - Information Technology Specialist (Information Security) Klaviyo - Senior Security Trust & Compliance Analyst - GRC Analyst Datadog - Business Continuity and Disaster Recovery Governance Analyst Salesforce - Security Governance, Risk & Compliance Lead/Manager - Security IEM BofA - Manual Ethical Hacker Upcoming Events: This Week and Next: ISACA Denver - Technical Training: Alteryx Exploration (A Beginner Workshop) - 2/9 ISSA Denver - February Meetings - 2/14 Let's Talk Software Security - Are We Defending Against the Biggest Threats to Software? - 2/14 ISACA Denver - February Joint Chapter Meeting with IIA - 2/15 CSA Colorado - CI/CD Workload Security with Orca - 2/20 ISSA Denver - Privacy SIG - 2/22 ISSA COS - Mini Seminar - 2/24 Colorado = Security Gives Back - Homeless Shelter Service - 2/25 ISSA COS - February Meeting, An Introduction to Zero Trust With Enterprise Linux - 2/27 ISC2 Pikes Peak - February Meeting - 2/28 ISSA COS - Mentoring Mixer and LogWars - 2/29 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Join Jen Stone of SecurityMetrics as she sits down with two industry veterans, Gary Glover (VP of Assessments at SecurityMetrics) and Andy Barratt (VP of Assurance Business at Coalfire), for a lively discussion about their careers, the challenges of PCI compliance, and the unique collaboration they share through the PCI Security Standards Council's GEAR program.Listen to learn:How this vital program that brings together leading QSA companies to provide feedback and influence on PCI standards.Get insights into where the PCI landscape is headed and how GEAR is shaping its evolution.Discover how Gary and Andy, despite representing rival companies, find common ground and work together to improve the industry.Filmed at the 2023 PCI Community Meeting in Dublin, Ireland.Hosted by Jen Stone, Principal Security Analyst (MCIS, CISSP, CISA, QSA)[Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts.

Richard Mac Namee, Director of the Cybersecurity Center at MSU is our feature interview this week, interviewed by Frank Victory. News from DISH, Ping Identity, Broadcom, Coalfire, zvelo, LogRhythm and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Migration to Colorado is on the decline, but here's where people are moving from Remote work on a slight decline in Colorado, nationally The world's fastest temporary internet service gets turned on in Denver Layoffs @ Dish, Ping & Broadcom Dish Network laying off hundreds in Colorado Denver-based Ping Identity goes through layoffs after merger with San Francisco company Broadcom lays off 184 Colorado employees following $69B VMware merger RADICL Adds $9 Million in Funding to Fortify Cyber Defenses of SMBs in Defense Industrial Base JeffCo Schools hacker demands money, threatens to release stolen data Navigating the AI security landscape: The federal push for responsible AI adoption The Role of AI in Social Engineering Colorado Publishes Universal Opt-Out Mechanism Shortlist Detecting Domain Name Abuse – Security Spotlight | LogRhythm Job Openings: Pax8 - Director of GRC Spectrum - VP, Information Security Engineering Vertafore - VP, Cybersecurity Zoll - Director, Information Security & Cyber Risk Connect for Health Colorado - Director of Cybersecurity Cloudflare - Director, Cybersecurity & IT Audit Darktrace - Cyber Security Technologist City and County of Denver - Senior Manager of Airport Security - Denver International Airport Sovrn - Privacy Ops Engineer Denver Water - IT Security Architect Upcoming Events: This Week and Next: ISC2 Pikes Peak - December Meeting: Holiday Lunch - 12/8 CSA Colorado/LIFT Holiday Party - 12/12 Annual ISSA & ISACA Holiday Party - 12/12 ASIS - Holiday Happy Hour & Board Nominations - 12/12 Let's Talk Software Security - Are Industry Security Controls Relevant? - 12/14 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

In this episode, host Ron Eddings is joined by Sr. Director of Red Team Operations at Coalfire, Pete Deros, to discuss the hottest topic around; adversarial AI. Ron and Pete discuss how AI is used and how the adversary is using AI so everyone can stay one step ahead of them as well. Impactful Moments 00:00 - Welcome 01:35 - Introducing Pete Deros 03:30 - More Easily Phished 05:09 - 11 Labs Video 06:42 - Is this AI or LLM? 9:18 - AI or LLMs: Who has the Speed? 10:36 - Fine Tuning LLMs 14:37 - WormGPT & Hallucinations 17:01 - LLMs Changing Second to Second 18:38 - A Word From Our Sponsor 20:19 - ‘Write me Ransomware!' 23:24 - Working Around AI Roadblocks 28:00 - “Undetectable for A Human” 31:58 - Pete Can Help You Floss! 34:56 - OWASP Top 10 & Resources 37:00 - Check out Coalfire Links: Connect with our guest Pete Deros: https://www.linkedin.com/in/pete-deros-94524b9a/ Coalfire's Website: https://www.coalfire.com/ Coalfire Securialities Report: https://www.coalfire.com/insights/resources/reports/securealities-report-2023-compliance OWASP Top 10 LLM: https://owasp.org/www-project-top-10-for-large-language-model-applications/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

Douglas Brush, Founder and Court Appointed Neutral of Accel Consulting is our feature interview this week, interviewed by Frank Victory. News from Xcel Energy, Guild Education, National Cybersecurity Center, Coalfire, Red Canary, Zvelo and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Colorado has the four most expensive housing markets in U.S. not on a coast Ten Reasons Why Denver Is a “Bastion of Geekdom” Colorado designated as official tech hub for quantum industry Aurora data center to become one of Xcel Energy's biggest customers, rivaling mines and steel mills Denver-area tech unicorn Guild just made a big investment in AI education National Cybersecurity Center Hosts Project Pisces Training And Onboarding - National Cybersecurity Center Maximizing the value of threat modeling Guardians of IoT: Strengthening the security of IoT-connected medical devices in the healthcare industry Validating detection for Gootloader with Atomic Red Team Cyber Insurance Tightens the Reins to Lower Risk Job Openings: Tiktok - Converged Security Technology Security Specialist Maximus - VP - Business Information Security Officer Tanium - Senior Cloud Cybersecurity Engineer, CCS Advanced Energy - Manager, IT Governance, Risk & Compliance Western Union - Cyber Security Governance Business Manager US Bank - Risk Framework Professional Datavant - Head of Information Security Governance Kroll - Vice President, Policy Writer, Cyber Risk Modivcare - Sr. IT Governance Analyst Meta - Security Partner - Infrastructure Upcoming Events: Let's Talk Software Security - What's Your Biggest Security Challenge? - 11/8 ISSA Denver - November Chapter Meeting, Asset Management - 11/8 CISO Debate Series: Will more government regulation help drive better security? - 11/9 ISSA Denver - The New SEC Reporting Rule and the End Cybersecurity as We Know It - 11/9 ISSA COS - November Mini Seminar - 11/11 CSA Colorado - Security Insights With James Condon - 11/14 ISSA COS - November Chapter Meeting - 11/14 ISC2 Pikes Peak - November Meeting - 11/15 ISSA Denver - Inaugural Veterans Special Interest Group meeting - 11/16 ISACA Denver - SEC Cybersecurity Disclosure - 11/16 ISSA COS - Mentoring Mixer and Log Wars - 11/30 Colorado Cyber Security - Cyber First Friday - 12/1 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Darren Weiner, President of Cloud Security Alliance Colorado is our feature interview this week, interviewed by Frank Victory. News from Maxar, University of Colorado, Ping Identity, LogRhythm, Coalfire, Red Canary and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Colorado's first Michelin Star recipients announced 10 companies selected as finalists for Coolest Thing Made in Colorado contest Denver airport unveils plans for new walkable concourses (Renderings) Colorado aerospace giant being split in two, its CEO replaced and some employees laid off Colorado school ranks among top universities for startup founders MSU Denver cybersecurity program expands with the help of a new grant MFA Bombing Dismantled | Ping Identity Q3 2023 Analytic Co-Pilot Use Cases | LogRhythm A rundown of the OWASP top 10 for large language model applications SEC tells companies to “show their work” on cybersecurity - Red Canary Job Openings: Greenlight - VP, Security Thrivent - Director of Information Security BDO - Director, Privacy & Data Protection Gensler - Security Administrator - Senior Western Union - Information Security Architect Bank of America - Vulnerability Identification Senior Analyst Gogo Business Aviation - Senior Cybersecurity Analyst Honeywell - IT Security Engineering Manager CoBank - Senior Cloud Security Analyst Plante Moran - Cybersecurity Consultant - Entry Level (2024) Upcoming Events: This Week and Next: ISSA Denver - October Chapter Meetings - 10/11 Let's Talk Software Security - Is Threat Modeling Scalable? - 10/17 ISACA Denver - October Chapter Meeting: Fraud Lessons from a Reinvention Architect & Mindset Coach - 10/19 ISACA Denver - Fraud Lessons from a Reinvention Architect & Mindset Coach - 10/19 ISC2 Pikes Peak - October Meeting - 10/25 CSA Colorado - Fall Summit 2023 AI IN CYBERSECURITY: REVOLUTION AND RISKS - 10/25 ISSA Denver - Women and Whiskey - 10/25 ISACA Denver - Dark Web Investigations Workshop - 11/3 Let's Talk Software Security - What's Your Biggest Security Challenge? - 11/8 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Brandon Stewart, CEO at Nereus Systems is our feature interview this week, interviewed by Frank Victory. News from Teriyaki Madness, DISH, Echostar, Ball Corp, Blazy Susan, Ping Identity, Coalfire, and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Denver-based fast-casual chain rolls out new tech to be 'faster than a drive thru' Here's what execs say will come from a Dish Network, EchoStar merger Behind the deal: Here's why Ball Corp.'s CEO says it sold off its aerospace business 134 Colorado companies rank among the fastest-growing in America, according to Inc. As VC funding slows in Colorado and the West, it's rising elsewhere Colorado receives $1M grant to allay cyberattacks and threats Pikes Peak Small Business Development Center, National Cybersecurity Center, and University of Colorado Colorado Springs Unite to Drive Impactful Cybersecurity Initiatives with $927,236 Grant - National Cybersecurity Center Thoma Bravo Merges ForgeRock with Ping Identity How Fortune 500s are building brand value by communicating security posture Twelve Planning Tips to Avoid Complications with the SEC's Cybersecurity Disclosure Rules: Part II Job Openings: Ibotta - Director, Compliance RingCentral - Director, Security Programs Western Union - Senior Manager, Information Security Holland & Hart - Information Security Manager Astroscale - Security Manager/FSO Charles Schwab - Information Technology Asset Manager Risk Governance Flexential - IT Security and Compliance Analyst Quantinuum - Senior Cybersecurity Engineer Krayden - Cybersecurity Analyst Modivcare - IT Governance Analyst Upcoming Events: This Week and Next: ISSA Denver - September Chapter Meetings (DTC and Downtown) - 9/13 ISACA Denver - September Chapter Meeting: Getting Started in Blue Teaming & Advanced Concepts and Testing Strategies for Auditing SAP - 9/14 CSA Colorado - September Chapter Meeting: The API Security Landscape and what we are seeing in the field - 9/19 SecureWorld Denver - 9/19 Let's Talk Software Security - Operating Models for Modern Software Security - 9/21 ISC2 Pikes Peak - September Meeting - 9/27 ISA Automation and Leadership Conference - 10/4-6 ISACA Denver - ISACA CommunIty Day 2023 : Denver Parks: Preparing Wash Park for Fall/Winter - 10/7 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Patrick Walsh, CEO and founder at IronCore Labs is our feature interview this week. News from Casa Bonita, Koelbel and Company, CyberGRX, Lares, Coalfire, Red Canary and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Casa Bonita taps Denver brewery to create an original “casa beer” Denver's airport is spending $1.5 million on one way to ease security lines New Denver company is hungry for 'zombie buildings' across the country 3 startups win Colorado pitch competition and $5,000 grants Biden to keep US Space Command in Colorado, reversing Trump decision Colorado Dept. of Higher Education cyberattack threatens student, teacher data Denver-based CyberGRX goes through layoffs following acquisition Strengthening Cybersecurity Practices: An Overview of the SEC's Latest Rules Coalfire Unveils Offensive Security Platform Contain yourself: An intro to Linux EDR Job Openings: Davita - Engineer, Security (IT) Homebot - Security Operations Manager Bank of America - Senior Data Security Engineer StarRez - Data Privacy Manager Workday - Senior Cyber Threat Intelligence Engineer Salesforce - Senior Incident and Vulnerability Manager Deloitte - Confidentiality & Privacy - Incident Management Senior Specialist Movement Mortgage - Cyber Security Cloud Engineer CoBank - Senior Cloud Security Analyst Colorado PERA - Information Security Engineer Upcoming Events: This Week and Next: How to Protect Sensitive AI Data in Vector Databases - 8/10 CSA Colorado - Rockies Night - 8/15 Let's Talk Software Security - Getting Buy-In: Impactful Communication for Software Security Business Cases - 8/23 ISC2 Pikes Peak - August Meeting - 8/23 Denver OWASP - API Security: A CISO Perspective - 8/23 LIFT - Level up your golf game with LIFT, Women in Cybersecurity - 8/28 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

In this episode of the Future of Application Security, Harshil speaks with Warren Kopp, Application Security Consultant at Coalfire, a cybersecurity advisor. Together they discuss how better application security involves building relationships with the people behind the processes, and why skills like communication, collaboration, and an understanding of psychology are keys to moving forward security initiatives. They also discuss the increasing availability of security training today, how to think more aggressively about security, and why the future of AppSec will focus on expansion. Topics discussed: How Warren "backed into technology" after getting a degree in animation, and his experiences inside an enterprise software company before becoming a consultant with Coalfire. Why security isn't just a technology problem and how you need to find the people behind the processes, get to know their struggles, and compromise in order to build great AppSec initiatives. Why one of the key skills any security person can have is communication, and why clearly articulating business impact can help with getting buy-in. The need for not just training in hard security skills, but in soft skills like communication and psychology in order to meet people where they are and better understand their needs. How to look for opportunities for collaboration in your organization, and why it's key to talk to others (over the phone or over lunch) and build your network. How teams can leverage automation, and why you need to think more aggressively about AppSec in order to open up new opportunities. The current state of AppSec, and the growing availability of training and information-sharing through more informal channels like YouTube that can increase impact and reduce struggle.  Why the future of application security involves teams being more aggressive, more iterative, and growing quicker.

Larisa Thomas, CISO at Nox Health is our feature interview this week. News from Bandimere, Orbit Fab, Maxar, True Anomaly, Red Canary, Coalfire, Zvelo, LogRhythm and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Bandimere Speedway leaving Morrison location after 2023 Colorado becomes 1st state to pass "right to repair" law for farmers Colorado space 'gas station' startup lands millions in venture backing, plans significant expansion Private equity firm closes $6.4 billion deal to acquire Maxar Technologies Colorado to launch seed grants to jumpstart quantum tech industry Colorado Space Force veterans launch startup to prepare US military for space warfare Red Canary Announces Readiness Introducing: Red Canary Mac Monitor Coalfire recognition from Cyber Defense Magazine Zvelo - Phishing Detection in Depth LogRhythm Announces Partnership with Zscaler to Address Cloud Access Security Challenges Faced by the Modern SOC Job Openings: Jeffco Public Schools - Executive Director - Enterprise Architecture, Information Security and Identity BI Incorporated - Senior Security Engineer Ring Central - Security Trust Data Analyst DISH - Security Threat Response Manager Frontier Airlines - Engineer, Application & Cloud Security Banner Health - Cybersecurity IAM Architect Remote HSS - Biomedical Device Network & Security Field Technician Avanade - Global Security Advisory Lead Block - Vulnerability Research Analyst Workday - Principal Cybersecurity Engineer – Analytics and Automation Upcoming Events: This Week and Next: ASIS Denver - NEXT: YOUR DIGITAL PROFILE WITH KERRI SUTHERLAND - 5/2 ISSA Denver - May Chapter Meeting "How cyber insurance drives C-Suite decisions around IT strategy, infrastructure, and planning" - 5/10 OWASP Denver - Back to Basics - How to Mature your Security Program - 5/10 Let's Talk Software Security - Software Security: What are we missing?? - 5/12 ISSA C.Springs - May Chapter Meeting - 5/16 ISACA Denver - May Meeting (Virtual) - 5/18 CSA Colorado - May Meeting, "The Future of Cloud Security: Embracing CNAPP to Protect Cloud-Native Applications" - 5/18 ISSA C.Springs - Mini Seminar - 5/20 ISSA Denver - Cybersecurity Is Not A Game? - 5/25 RMISC - 6/7-9 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Joe McComb, CISO at Holland & Hart is our feature interview this week, interviewed by Frank Victory. News from Carvana, Denver International Airport, DISH Networks, Coalfire, Ping Identity, Red Canary LogRhythm and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Carvana's car vending machine in Denver finally opens after two-year project completed Denver airport set a new passenger record in 2022 Microgrant program to help Denver-area entrepreneurs jump-start businesses The state of Colorado tech: 6 key takeaways unveiled in inaugural report Dish confirms ransomware attack allowed hackers to steal personal data Coalfire 1 Leader in FedRAMP Compliance Cloud Protecting Financial APIs and Managing Supply Chain Risk Gatekeeping in macOS: Keeping adversaries off our Apples LogRhythm Named Company of the Year | LogRhythm Job Openings: Jefferson County - CISO TIAA - Dir, Business Information Security Officer- Integration DISH Network - Senior Manager, Network Security Infrastructure Movement Mortgage - Product Owner, Cyber Security Crocs - Sr. Manager, IT Internal Audit Charles Schwab - Cybersecurity Advisor CHI - IT Cybersecurity Sr Analyst CoBank - Senior IT Security Analyst Marathon Petroleum Corporation - Cybersecurity Analyst - Endpoint Security Xcel Energy - Security Analyst Job Upcoming Events: This Week and Next: ISSA Denver - From Private Sector to Academia – Women's Gains in Cybersecurity - 3/14 ISACA Denver - March Meeting (Virtual) - 3/16 Let's Talk Software Security - It's time for a... Vendor Intervention! - 3/17 CSA Colorado - March New Threats means New Tools, this isn't your Dad's cloud anymore? - 3/21 ISC2 Pikes Peak - March Meeting - 3/22 ASIS Denver - Coffee Chat with Lisa Buckley - 4/7 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

In today's Podcast, we Have Jason Hicks, Field CISO at Coalfire. Jason Hicks has worked on the Technical and Business side at CISO. Mr. Hicks helps people transition from being a technical CISO to being a business leader with skills he has learned and delivers business strategies back to his community and other businesses. Enjoy today's Podcast of New Cyber Frontier. Visit our sponsors: BlockFrame Inc. IEEE Digital Privacy Murray Security Services  

Derek Booth, Special Agent, US Secret Service is our feature interview this week. News from Toys R Us, Ping Identity, Red Canary, Coalfire and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Colorado's biggest corporations are investing in saving bees Iconic toy brand that went bankrupt making comeback in Colorado Macy's These 11 tech products will be tested in Colorado cities How Colorado's first blockchain architect wants to optimize government This Denver suburb to become the first Colorado city with Google Fiber Colorado state website hit with cyberattack Ping Identity Scores a Hat Trick: Named Leader in KuppingerCole CIAM Leadership Compass Three Consecutive Times Persistent pests: A taxonomy of computer worms - Red Canary FAQ: Transitioning to the highly anticipated new revision of ISO 27001 Job Openings: Uplight - Product Security Engineer Ball Aerospace - Deputy CISO Sovrn - Privacy System Engineer Common Spirit Health - IT Cybersecurity Engineer RTD - Analyst, Information Systems Risk FirstBank - Info Security Analyst, Application Security VISA - Cybersecurity Attorney, Director Charles Schwab - Senior Manager, Technology Risk Management Senior Red Robin - VP, CISO University of Colorado - Security Analyst Upcoming Events: This Week and Next: ISSA Denver - November Chapter Meeting - 11/9 C.Springs ISSA - November Mini Seminar - 11/12 C.Springs ISSA - November Chapter Meeting - 11/15 ISSA Denver - Bank of America Networking Event - 11/15 CSA Colorado - November Meeting - 11/15 ISC2 Pikes Peak - November Meeting - 11/16 ISACA Denver - 5 Reasons You're Thinking About Breaking Up with Your Service Provider (Virtual) - 11/17 ISC2 Pikes Peak - Annual Chapter Meeting - 12/9 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

News from Lightning eMotors, Twilio, Randori, StackHawk, Red Canary, Coalfire and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Seven Colorado Sites Make List of 150 Best Things to Do in the US This Summer Jared Polis signs law to make daylight saving time year-round in Colorado — but here's what has to happen first Colorado electric vehicle maker partners to offer autonomous passenger vans Twilio to shed downtown Denver office space as company goes remote Colorado has had a shortage of cybersecurity professionals for years. Here's how that's going.  IBM acquires offensive security startup Randori to bolster its cybersecurity toolkit National Cybersecurity Center Participates in UCCS Ribbon Cutting to Open New Cybersecurity Building, Housing Newly Formed Space ISAC Application Security Firm StackHawk Bags $20.7 Million in Series B Funding Microsoft recognizes Red Canary with its Security Trailblazer award A survey of FedRAMP's new supply chain requirements CSA Fall Summit Call for Papers is open Job Openings: Uplight - Cloud Security Engineer Uplight - Junior Security Analyst Spectrum - Director – Risk and Threat Management Granicus - Senior Director, Governance, Risk, and Compliance (GRC) Gates Corporation - Senior Manager of Cyber Security Operations Western Union - Information Security Engineer, Risk Assessment ULA - Chief Information Security Officer (CISO) Leader 6 Square - Embedded Security Engineer KP - Principal IT Engineer Infrastructure Security UCAR - Cybersecurity Risk & Compliance Analyst CoBank - Information Technology Security Architect Upcoming Events: This Week and Next: Let's Talk Software Security - Are Bug Bounty Programs Worth It? - 6/17 CSA Colorado - June Meeting - 6/21 ISC2 Pikes Peak - June Meeting - 6/22 DC303 - June Meeting - 6/24 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

On this episode of CISO Tradecraft, John Hellickson from Coalfire talks about his career as a CISO.  Listen and learn about: The evolving role of the CISO How John got started as a CISO Whis is a Field CISO and how does it differ from a traditional CISO role Tips on getting your career to the next level by attending the right conferences and getting an executive coach How to get Business Alignment How the Security Advisor Alliance is helping the next generation of cyber talent  

Kim Kennedy, Founder of EMPIRE of WE is our feature interview this week. News from Hotel Engine, Pax8, Forensic Pursuit, Coalfire, Red Canary, JumpCloud, Stackhawk and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Denver just lost population after a decade-plus of growth. Is a rebound coming? Denver's Hotel Engine is adding 400 workers this year. Here's why and how. Colorado tech company hits unicorn status with $1.7B valuation Military considers three states for permanent Space Force training HQ Colorado names Texas agency CISO as new cyber chief ForensicPursuit acquired Research reveals cyber risk is the best language for a C-suite audience Trust issues: The two sides of Say:Do Jumpcloud: Why Assess Your Zero Trust Maturity? 2022 Colorado Inno Madness: And the winner is... Job Openings: Uplight - Cloud Security Engineer Red Canary - Program Manager, Resiliency Colorado School of Mines - SOC Manager Legislative Branch of the State of Colorado - Information Security Analyst Kaiser Permanente - Senior Analyst ITRM CAAS Pulte Mortgage - Security Operations Engineer Terumo BCT - Medical Device Security Analyst DataDog - Security Engineer - Incident Response Engineering Facebook - Network Security Detection Engineer DISH - Director, Information Security Upcoming Events: This Week and Next: ASIS - Golf Tourney - 5/10 Denver ISACA - The Evolution of Cyber Risk: Raising Awareness Across The Business - 5/19 CSA Colorado - May meeting - 5/19 Let's Talk Software Security - AppSec in the Cloud - 5/20 C.Springs ISSA - May 2022 Mini Seminar - 5/21 ISC2 Pikes Peak - May Meeting - 5/25 DC303 - May Meeting - 5/27 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

"The story of the RMS Titanic has served as a grim reminder that regulatory compliance does not guarantee safety or security. The ship was carrying 2,224 passengers and crew when it sank one April night in 1912, killing over 1,500 people. The designers of Titanic had followed the British Board of Trade by equipping it with 20 lifeboats, and even threw in four more than the regulations required." (securicon.com) https://www.linkedin.com/in/dixon-wright-aab68321/ (Dixon Wright, Vice President, Vice President, Compliance Management and Automation Platform, Coalfire), speaks to the importance of moving beyond the check-the-box approach and engaging in substantive information security compliance efforts. He recommends the judicious adoption and use of appropriate compliance management and automation platforms. Time Stamps 01:55 Yeah, let's talk about your passion. What gets you passionate about information security compliance? 03:15 For the benefit of the listeners, please provide an overview of information security compliance and the current state of affairs. 06:16 Trying to stay on top of all these different compliance requirements can be an extremely challenging proposition. What do you think? 09:15 How do we ensure that check-the-box behavior is not encouraged? 12:46 I feel this discussion on compliance needs to be coupled with the discussion on governance mechanisms, and measures, which ensure that the tools that are being leveraged effectively and essentially, people are doing the right thing. Your thoughts, your reactions? 16:33 What does it take to create a robust cyber secure cybersecurity compliance program? In other words, if you could highlight some of the key elements of a robust compliance program? 22:24 So going back to automation and compliance, I know your organization has developed a platform to provide those services. When an organization is considering investing in such tools and capabilities, what guidance or recommendations do you have for them? 31:25 What else do you think listeners could benefit from learning about compliance management from an information security standpoint? Or anything else that you think is pertinent to this discussion that we haven't talked about yet? 37:05 Let's conclude with a few final words that you may have for our listeners. Memorable Dixon Wright Quotes "We hire really expensive, technical people. And 60 to 70% of their job is being a technical writer." "All these different kinds of industries and sectors have created their own types of standards, and now all these organizations have to comply with them." "There's a challenge of getting compliant, and then there's an even greater challenge of actually maintaining it." "I think, in many cases, compliance is just sales. You're just doing it so that you can sell to other companies, it's not actually used as a mechanism to secure things internally." "We need better assurance that what is being automated is legitimate." Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks. Connect with Dr. Chatterjee on these platforms: LinkedIn: https://www.linkedin.com/in/dchatte/ (https://www.linkedin.com/in/dchatte/ ) Website: https://dchatte.com/ (https://dchatte.com/) Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338 (https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338)

Dan Moore, Head of Developer Relations at FusionAuth is our feature interview this week. News from Frontier Airlines, Whataburger, Evolve, Lares, Coalfire, Ping Identity, Red Canary and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Survey finds Denver neighbors rank among the best in the country for being the least annoying Frontier merger could bring around 1,000 high-paying Spirit jobs to Colorado Colorado's first Whataburger will open next week Denver vacation rental company raises $100M round after busiest year yet Introducing the Colorado Inno Madness Bracket Matthew Sharp of Logicworks and "Rock" Lambros of RockCyber on "The CISO Evolution." New Defensive Guidance from the NSA COALFIRE LAUNCHES APPLICATION SECURITY SOLUTIONS POWERED BY THREADFIX PLATFORM How Can Your Enterprise Grow Securely in the Metaverse? | Ping Identity Take MDR beyond the endpoint with Red Canary Threat Investigation CISO of the Year Winner is... Job Openings: Red Canary - GRC Analyst Elevations Credit Union - VP Information Security (Broomfield Basecamp) SSR Mining - Manager, Cyber Security Operations RTD - Senior Cybersecurity Engineer DispatchHealth - Information Security Manager Global Medical Response - Sr Cyber Security Engineer Air Methods - Cyber Security Analyst Ball Aerospace - Cyber Security Professional II Trustwave - Information Security Advisor Couchbase - IT & Cyber Security Auditor Upcoming Events: This Week and Next: ISSA Denver - March Chapter Meeting - 3/9 ASIS - Happy Hour FOCOWYO - 3/10 Denver CSA - March Meeting - 3/15 Denver ISACA - March: Security and Controls in Amazon Web Services (AWS) - 3/17 Let's Talk Software Security! - Hiring, Developing, and Retaining Software Security Talent - 3/18 ISSA C.Springs - 9th Annual ISSA-COS Cyber Focus Forum - 3/22 ISC2 Pikes Peak - March Meeting - 3/23 Denver ISSA - DEFCON Cloud Hacking Village CTF - 3/23 ASIS Denver - WIS BRUNCH : SOLDIER'S IN PETTICOATS - 3/31 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

#shamrockshakeszn starts on the 21st, when is Katy finally marrying Orlando, Coalfire in Chicago made the yelp list of top 100 pizzas in the country

Happy new year to you all from your favorite podcast hosts. News from MoonBike, Delta-Montrose Electric Association, CyberUp, Lares, Red Canary, Coalfire, Swimlane and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Colorado pay equity law is 1 year old. Here's how many complaints it's produced. French 'snowbike' startup opens Boulder HQ to expand US access Colorado ranked top state for women-led startups for the second consecutive year Colorado energy company loses 25 years of data after cyberattack while still rebuilding network | ZDNet Nonprofit that provides cybersecurity apprenticeships expands to Denver area The Top 3 Security Program Tasks to Tackle in the New Year Trust Issues: Proactive transparency drives good business The Secure Development Lifecycle Introducing Atomic Operator: a cross-platform Atomic Red Team execution framework Kubernetes Hunting & Visibility Job Openings: Red Canary - Business Solutions Analyst State of Colorado - CISO Bonusly - IT Security Engineer City of Colorado Springs - Cyber Security Analyst II Yugabyte - Senior Security Program Manager DISH - Wireless CI/CD Engineer The Trade Desk - Information Security Analyst Prologis - Senior Analyst, IT Governance, Risk, and Compliance (GRC) Woodward - Manager - Information Security & Compliance DenverWater - IT Security Architecture and Operations Manager Upcoming Events: This Week and Next: ISSA C.Springs - Open House at Whirlyball - 1/11 Denver ISSA - January Chapter Meeting: Annual CISO Panel - 1/12 ASIS Denver - Coffee Chat with Kami Dukes - 1/13 Denver ISACA - January Meeting: The Intersection of Cyber Insurance, Breaches, and the Colorado Privacy Act - 1/13 ISSA C.Springs - January Meeting - 1/18 CSA Colorado - January Meeting In Person - 1/18 Let's Talk Software Security! - Software Security Program Strategy - 1/21 ISSA C.Springs - January Mini Seminar - 1/22 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

NEW WORLD ORDER

Jason Hicks, who recently joined Coalfire as a Field CISO and cybersecurity executive advisor, sat down with the Technado team to talk about his new role. He also shared his predictions for the AppSec industry in 2022. Then, the guys discussed last week's AWS US-EAST-1 outage, mouse movers for sneaky remote workers, SIP phones adding Microsoft Teams support, and the Log4j Log4Shell zero-day. Finally, in WTF, they talked about the racist blockchain record tied to McDonald's McRib NFT.

Jason Hicks, who recently joined Coalfire as a Field CISO and cybersecurity executive advisor, sat down with the Technado team to talk about his new role. He also shared his predictions for the AppSec industry in 2022. Then, the guys discussed last week's AWS US-EAST-1 outage, mouse movers for sneaky remote workers, SIP phones adding Microsoft Teams support, and the Log4j Log4Shell zero-day. Finally, in WTF, they talked about the racist blockchain record tied to 'McDonalds McRib NFT.

Diego Silva, CIO at Gates Corp, is our feature interview this week, recorded live at Evanta's Denver CIO/CISO event this week. News from Casa Bonita, Banksy, Wedfuly, Wad-Free, Welltok, Stackhouse, Red Canary, RADICL, Ping Identity, Coalfire, CyberGRX and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Just not the sopapillas: Casa Bonita hires a big-name chef to upgrade its menu A Banksy exhibit with 100+ original artworks is coming to Denver 2 Denver startups land deals on ABC's Shark Tank Acquisition closes for Denver digital health startup Welltok Colfax container condo project scrapped 9 Colorado companies rank on Deloitte's list of fastest-growing tech businesses RADICL Defense announces 3m seed Ping Identity Achieves FedRAMP ‘In Process' Designation for its Cloud Identity and Access Management Solution Survey Reveals Expanding CISO Influence - Coalfire CyberGRX Applies Machine Learning to Transform Third Party Cyber Risk Management Job Openings: Red Canary - Director, GRC Red Canary - Sr. Corporate Security Engineer Red Canary - Sr GRC Analyst Upcoming Events: This Week and Next: ASIS - Holiday Happy Hour - 12/1 ISSA C.Springs - Annual STAR Awards - 12/3 ISSA / ISACA Holiday Event - 12/8 ISC2 Pike's Peak - Annual Chapter Meeting - 12/9 Let's Talk Software Security! - Software Vulnerability Management - 12/10 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Dan Garlick, CISO at Gates Corp, is our feature interview this week, interviewed by Frank Victory. News from Aspen, CO, Sunday, Cabinet, Optiv, Trace3, Coalfire, Ping Identity, Red Canary and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Massive fireball over the Front Range prompts more than 50 witness reports 3 Colorado hotels — 2 in Denver — ranked among 50 best in world (Slideshow) $50M Series C to help Boulder startup create the future of nontoxic lawn care Denver startup Cabinet is building software for executive assistants Optiv Rebrands as Cyber Advisory & Solutions Leader American Securities to Acquire Technology Consultancy and Solutions Provider Trace3 Coalfire FedRAMP 360 Delivers Simpler, Faster Path To Certification Ping Identity Adds New Online Fraud Detection and API Intelligence Tools to PingOne Cloud Platform Trust issues: Building a strong foundation in an ever-changing field Job Openings: Red Canary - Director, GRC Red Canary - Product Security Engineer Red Canary - IT Support Manager Imagine Communications - Sr. Director Information Security Guild Education - Information Security Engineer (Remote) Uplight - Security Engineer Richey May - Security Administrator Berkshire Hathaway Homestate Companies - Senior Cyber Security Engineer Hitachi ABB Power Grids - Cyber Defense Incident Responder Colorado Judicial Branch - System Security Engineer Upcoming Events: This Week and Next: Spectrum / Charter Job Fair - 10/13-14 Application Security Testing (AST) Tools - 10/15 CSA Colorado - October | Zero Trust and Cyber Resilience - 10/19 ISSA C.Springs - October Meeting - 10/19 Secure Set - Intro to Cybersecurity Certifications [Virtual Event] - 10/20 ASIS - Security Innovation Tour - 10/20 ISACA Denver - October "API Risk Management" - 10/21 ISSA C.Springs - Mini Seminar: Configuring RHEL 8.4 Server for Ansible Control Node Role - 10/23 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

News from Casa Bonita, AgentSync, zvelo, Ping Identity, Red Canary, Coalfire, Absio and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel South Park Creators Agree to Buy Casa Bonita for $3.1 Million DIA inks $84 million in contracts to start major planning for 7th runway Meet 50 local startups making waves in 2021's Colorado Inno on Fire Fast-growing insurtech startup opens new office in Denver Cyber Threat Intelligence for Secure Access Service Edge (SASE) Ping Identity Acquires Singular Key | citybiz So you're thinking of starting a cyber threat intelligence team Staying current with HITRUST advisory changes The Physicality of Data And the Road to Inherently Safer Computing Job Openings: Red Canary - Product Security Engineer Red Canary - IT Support Manager Lumen - Vice President Security Development - Nationwide Fluid Truck - Application Security Engineer AXS - Security Engineer Zayo - Sr Manager, Corporate Cyber Security Gates Corporation - Sr Security Threat Hunter Regis University - Director Infrastructure Operations and Security DISH - AWS Security Engineer Alteryx - Application Security Engineer Upcoming Events: This Week and Next: Spectrum / Charter Job Fair - 10/13-14 Application Security Testing (AST) Tools - 10/15 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

News from DEN, Grange Hall, Guild Education, Boom, TTEC, Coalfire, Red Canary, Ping Identity, LogRhythm and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Denver International Airport's security lines have been bananas lately. Here's why. $233 million Colorado Convention Center expansion finally underway Grange Hall Opens in Greenwood Village Two Denver companies land on LinkedIn's list of top 50 US startups TTEC Resolves Cyber Attack On Technology Systems | Nasdaq Coalfire Appoints Michael J. Sullivan to Board Intelligence Insights: September 2021 Ping Identity Survey Finds Greater Appetite for Password Alternatives That Make Login Easy and Prioritize Privacy Detecting AWS Unauthenticated Cross-Account Attacks Job Openings: Red Canary - Product Security Engineer Red Canary - IT Support Manager Graebel - Chief Information Security and Privacy Officer Splunk - Director of Risk Management Color - Director of Information Security & GRC Western Union - Manager, Information Security Western Governors University - Manager, IT Security Operations Ping Identity - Senior GRC Specialist Prologis - Cloud Security Engineer Grand Rounds Health - Privacy Manager Upcoming Events: This Week and Next: SecureSet - [Virtual] Intro to Social Engineering - 9/28 ISSA Denver - DISH Job Fair - 9/30 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Michelle Wilson, CISO at Celebrity Financial is our guest this week, interviewed by Jason Jaques. News from Palantir, Swimlane, Ping Identity, Thinkst, VirtualArmour, Coalfire and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel 169 Colorado laws went into effect Tuesday. A state parks pass with your vehicle registration is one of them. An Innovative Solution to Denver's Housing Woes is Taking Shape on West Colfax Here's what Palantir's been up to since quietly moving to Denver one year ago Colorado County Clerk Charged with Cybercrime The Unbundling of Authentication vs Authorization - What You Need to Know Executive Order on Zero Trust — What it Means for Federal Agencies Good attacks make good detections make good attacks make.. The Risks of Public WiFi (& How to Protect Yourself) Rumors of an upcoming, major change to ISO 27002 Job Openings: Red Canary - Director, Corporate Security Red Canary - Product Security Engineer Red Canary - IT Support Manager State of Colorado - Director of Cyber - Security & Investigations Crocs - Sr. Manager, IT Security Red Robin - Manager of IT Security Operations CoBank - Security Manager- Threat Management TriState Generation - Cyber Security Engineer Computershare - Security Monitoring Analyst Guild Education - Information Security Analyst Upcoming Events: This Week and Next: ASIS - Coffee Chat with DEN - 9/14 ISSA C.Springs - 11th Annual Peak Cyber Symposium - 9/14-16 ISSA Denver - Women in Security September Meeting - 9/15 ISACA Denver - September "Imagine a World Without Passwords & IT Fraud Investigations" - 9/16 CSA Colorado - September Meeting | Protecting Ephemeral Workloads" - 9/20 OWASP Denver/Boulder - September | Cover your ass(ets) - 9/21 ISC2 Pike's Peak - September Hybrid Meeting - 9/22 SecureSet - [Virtual] Intro to Machine Learning for Cybersecurity - 9/23 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Jacob Torrey, Head of Labs at Thinkst Applied Research is our guest this week. News from Orbit Fab, Edifice2120, Secure64, Coalfire, Webroot, Red Canary and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Big Boy No. 4014 steam engine locomotive chugs into Denver for Labor Day display Space 'gas station' startup makes Denver metro its headquarters Denver's Sports Castle building has sold for the first time in 50 years. Here's what's planned next. New Denver coworking venture creates space for women in construction Secure64 DNS Proxy Puts Service Providers Back In Control Of HTTPS DNS Traffic National Cybersecurity Center Statement on White House Cybersecurity Summit Crypto vulnerability management - Coalfire NIST's ransomware guidelines look a lot like cyber resilience | Webroot Red Canary blog - Incident response planning: When to call in the lawyers Job Openings: Red Canary - Program Manager, Trust Red Canary - Product Security Engineer Red Canary - IT Support Manager DAT Freight & Analytics - Director of Information Security Frontier Airlines - Director, Cybersecurity Red Robin - Manager of IT Security Operations Visa - Sr. Cybersecurity Engineer, Cybersecurity Access Management - Enterprise Systems Empower - Legal Specialist - Privacy Coalfire - Vice President, Customer Success Upcoming Events: This Week and Next: ISSA Denver - September Chapter Meeting - 9/8 WICYS 2021 - 9/8-10 SecureSet - [Virtual] Cybersecurity 101 - 9/9 What Is Your Software Security Purpose? - 9/10 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Our feature interview this week is with Chris Stolley, Chief Revenue Officer at SecurityAdvisor, interviewed by Janelle Hsia. News from Swimply, SolarAPP+, Endeavour Capital, Palantir, National Cybersecurity Center, CyberGRX, Coalfire, Red Canary and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel A growing number of the Denver metro's backyard pools are available to rent Coors and Chipotle, sure, but did you know these other national brands started in Colorado? Can tech born in a Colorado lab solve rooftop solar's biggest headache? Why this private equity firm is hyperfocused on the West, including Denver Denver's Palantir launches new initiative to support early-stage startups New Adult Education Class Starting in September EY winner CyberGRX scales cybersecurity for business Thinking about data privacy strategically: four key questions Debbi Blyth leaves CISO position Red Canary Adds Chief Trust Officer to Enhance Customer Security Job Openings: Red Canary - Director, Product Security Red Canary - Program Manager, Trust Red Canary - Product Security Engineer Coalfire - Director Strategy, Privacy and Risk Advisory - Healthcare Western Governors University - Application Security Engineer Trimble - Cyber Security Risk Analyst Western Union - Cloud Cyber Security Senior Engineer Premier Members Credit Union - AVP Information Security IHS Markit - Compliance Manager Crocs - Sr. Manager, IT Security Guild Education - Senior Security Engineer Upcoming Events: This Week and Next: ISSA Denver - August Chapter Meeting - 8/11 SecureSet - Hacking the Cybersecurity Job Market | In-Person - 8/11 Measuring your Software Security Program - 8/13 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Kennet Westby and Christian Hyatt talk about what it's like to build a cybersecurity firm and where the industry is headed. Kennet Westby is the co-founder of Coalfire, serial entrepreneur and investor, and cybersecurity expert. Since 2001 he has helped build and assess security programs from start-up, fortune 500 organizations, and government entities. In this episode of Tuesday Morning Grind, Kennet and Christian talk about what it's like to build a cybersecurity firm and where the industry is headed. About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.

Our feature interview this week is Cody Cornell, co-founder & Chief Strategy Officer at Swimlane. News from Hershey, Lily Sweets, Intueat, EverCommerce, FileInvite, Cloudrise, Swimlane, Coalfire, LogRhythm and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Hershey's spends $425 million buying Colorado snack company Colorado has the third-most popular convention center in U.S., according to new ranking Personal chef platform grows as Denverites host dinner parties again Denver-based EverCommerce announces pricing of IPO, begins trading on Nasdaq Why this New Zealand tech startup chose Denver for its US HQ Cloudrise Closes Seed Round of Funding Swimlane : Becomes System of Record for Cybersecurity with Latest Release What is FedRAMP+? Cybersecurity and the water supply: managing a growing risk worldwide Job Openings: Kaiser Permanente - Sr. Program Manager, Cyber Security, Vulnerability Management Cobalt.io - Security Program Manager Xerox - vCISO/Fractional CISO Denver Water - IT Security Analyst Centura Health - Security Engineer Senior Sigma Computing - Head of Information Security Ibotta - Security Architect JumpCloud - Security Engineer Incident Response Dish Network - Wireless Security Architect Upcoming Events: This Week and Next: Cyber Mountain C.Springs - Hybrid First Friday - 7/9 ISSA Denver - July meeting - 7/14 Secure Software Development Lifecycles [SSDLC] - 7/16 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Sheri Ricardo, CISO at NREL is our guest this week, interviewed by Courtney Chenault. News from DISH, Nylas, Scythe Robotics, ThreatX, Ping Identity, CyberGRX, Coalfire and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel This Colorado home is a “slice of hell” and could be yours at $590,000 Dish launches sign-ups for its 5G wireless network Early plans revealed for Greyhound Station block in downtown Denver API platform Nylas to grow in Denver after $120M Series C funding round Boulder autonomous mower startup Scythe Robotics emerges from stealth with $14M raise CISO Challenges as Hybrid Working Leads Top Concerns | Nasdaq Colorado application security startup raises capital to triple headcount in next 18 months Zero Trust - A Complete Guide to Zero Trust Security | Ping Identity Veteran Executives John Mayhall, Kerry Nagle, and Peter Finter Join CyberGRX to Support Company's Continued Growth Nefkens Joins Coalfire Board - Coalfire Job Openings: American AgCredit - Director of Cybersecurity DISH - Manager, Information Security Risk Management (Risk Manager Alteryx - Analyst, Cyber Security Operations KPMG - Manager, Cyber Security - FAANG Ball Aerospace - Governance, Risk, and Compliance- Cyber Security Professional I Dice - Manager of Information Security Elastic - Information Security - Product Security Lead eBacon - Security Engineer Coinbase - Enterprise Security Engineer Spectrum - Sr. Manager, Security Upcoming Events: This Week and Next: ISC2 Pikes Peak - June Hybrid Meeting - 6/23 Denver Splunk Meetup - Increasing value and managing costs with Splunk DSP and Workload pricing - 6/23 (at Wynkoop!) View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Stuart Itkin, vice president of CMMC and FedRAMP Assurance for Coalfire joins host John Gilroy on this week's Federal Tech Talk to talk about the CMMC initiative from the DoD.

Travis Good, CEO & Founder at Haekka is our guest this week. News from Opopop, DISH, Newmont, System76, LogRhythm, Coalfire, Red Canary, and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Stealthy Denver popcorn startup emerges with $5M funding and first product Denver worker burnout at all time high Denver startup building 'Postmates for staging' homes raises $3M seed round 2 Colorado companies make big jumps in Fortune 500 rankings Colorado Legislature Passes Colorado Privacy Act Launch Configurable Keyboard | System76 Top 8 Benefits of a Remote Internship at LogRhythm What you need to know: Transitioning CSA STAR for Cloud Controls Matrix 4.0 Testing Linux runtime threat detection tools Job Openings: Vail Resorts - Dir - IT - Security CoBank - Security Manager- Threat Management Charles Schwab - Senior Manager, Security Premier Members Credit Union - Information Security Manager Oracle - Development Security Manager Netskope - Sr. Product Security Engineer SCL Health - IT Risk Analyst Coinbase - Product Manager, Security Engineering Guild Education - Senior Information Security Analyst Boulder Valley School District - Information Technology Security Specialist Upcoming Events: This Week and Next: C=S Poker Night - 6/15 CSA Colorado - June Meeting - 6/15 ASIS - PROPAGANDA AND EXTREMISM TODAY - 6/17 Denver IAM User Group - Embracing Disruption & Identity Proofing - 6/17 ISC2 Pikes Peak - June Hybrid Meeting - 6/23 Denver Splunk Meetup - Increasing value and managing costs with Splunk DSP and Workload pricing - 6/23 (at Wynkoop!) View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Teressa Gehrke, Founder at PopCykol is our guest this week. Check out the PopCykol website for more information. News from United Airlines, Boom Supersonic, Datadog, JBS, Guild Education, Coalfire, Swimlane, Lares, Randori, Husch Blackwell, Red Canary, and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Denver metro is getting a new area code next spring United Airlines buys 15 supersonic planes from Colorado-based jet startup Ransomware attack on Colorado-based JBS USA rattles beef industry, White House gets involved New York-based Datadog plans to bring 400 high-paying tech jobs to Denver Denver unicorn raises $150M Series E funding that values company at $3.75B Nearly 200 companies with Colorado customers reported data breaches in past 16 months Significantly Amended (Again) Colorado Privacy Act Passes Senate Coalfire acquires Denim Group Swimlane announces Key Additions to Leadership Team Introducing Sysmon Config Pusher Biden's Cybersecurity EO: The Wrong Issues What the White House Ransomware Memo Got Wrong What is normal? Profiling System32 binaries to detect DLL Search Order Hijacking European Commission Adopts New Standard Contractual Clauses Job Openings: Platform.sh - Security Engineer (Remote) Spectrust - SENIOR DEVSECOPS ENGINEER RxRevu - Senior DevSecOps Engineer The Trade Desk - Information Security Engineer Opentext - Senior Research Engineer - Network Security 1 Department of Energy - Information Technology Auditor (Recent Graduate) PayPal - Senior Product Security Engineer Jeffco Public Schools - Senior Information Security Analyst Oracle - Development Security Manager Ball Aerospace - Security Architect Senior Upcoming Events: This Week and Next: NCC - Cyber Patriot Camps - 6/7-25 RMISC - 6/8-10 What is Threat Modeling and why should I care? - 6/11 ASIS - PROPAGANDA AND EXTREMISM TODAY - 6/17 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Kim Decker, Privacy Program Manager at Ping Identity, interviewed by Janelle Hsai. News from The Last Gameboard, Coalfire, Swimlane, CyberGRX, Webroot and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week’s news: Join the Colorado = Security Slack channel Is Denver the most dog-friendly city in the country? This new study says yes. Colorado restaurants, hotels greet Covid restriction changes with relief and confusion Denver gaming startup raises $4M to bring tabletop platform to life Front Range Passenger Rail plan zooms through Colorado Senate Significantly Amended Colorado Privacy Act Passes out of Senate Committee Coalfire Establishes Chief Product Officer Position Swimlane and Elastic Partner to Deliver an Extensible Framework for Security Operations Teams CyberGRX Attack Scenario Analytics to Provide Critical Cyber Defense Insights Another NFT explainer, with a bonus look at the data security implications Job Openings: Upcoming Events: This Week and Next: ISSA C.Springs - May Meeting - 5/18 CSA - May Meeting - 5/18 OWASP - May Meeting - 5/19 ISACA Denver - May Meeting - 5/20 ISSA C.Springs - Mini seminar - 5/22 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Desiree Robinson, Sr Information Security Manager @ Smarsh, is our feature guest this week and is interviewed by Janelle Hsia and they discuss Bitsbox (https://bitsbox.com). News from Whataburger, Air France, PopSockets, Vizio, Swimlane, Coalfire, Optiv and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week’s news: Join the Colorado = Security Slack channel Whataburger unveils plans for return to Colorado DIA lands new direct flights to Paris via new-to-Denver airline Major network television series shooting pilot in Denver and Durango area In push for increased sustainability, PopSockets launches plant-based phone grip Publicly traded entertainment giant to open Denver office Hackers try to extort University of Colorado in cyberattack Swimlane Expansion Into Six New APAC Countries Leads to 500% Year Over Year Regional Growth Coalfire ramps up for StateRAMP — What you need to know… Improving the Digital Identity Act of 2020 Job Openings: UCCS - Director of IT Security and Compliance and Information Secuirty Officer Arrow - Identity and Access Management Audit Assurance Analyst Lumen - Splunk Enterprise Security Architect Zayo - Cyber Security Analyst III SWIMLANE INC - Professional Services Engineer/Consultant (US West) Centura Health - Security Engineer Terumo BCT - Product Security Analyst RTD - Manager, Cybersecurity Operations Colorado Judicial Branch - Lead Security Architect Paladina Health - Manager, IT Security (Remote) Upcoming Events: This Week and Next: ISSA C.Springs - April Meeting - 4/20 ASIS - A CASE STUDY: WORKFORCE INCLUSION PRESENTED BY DEN - 4/20 CSA - April Meeting - 4/20 ISSA COS Cyberfocus Days - 4/20-22 OWASP - April Meeting - 4/21 ISACA Denver - April General Meeting - 4/21-23 ASIS - YP : HAPPY HOUR WITH TONY YORK - 4/27 ISCs Pikes Peak - April Meeting - 4/28 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Josh Datko, Founder of Cryptotronix, is our feature guest this week and are interviewed by Jason Jaques. News from Outrider, Velocity Global, Cloudrise, Red Canary, Coalfire, Lares and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week’s news: Join the Colorado = Security Slack channel Denver's Coors Field will host MLB All-Star game Colorado is on track to take its most significant step toward a Front Range passenger train system Outrider and Rite-Hite partner to accelerate the adoption of yard automation With $100M funding and acquisition, Denver's Velocity Global prepares to hit $1B in revenue Cloudrise moves HQ to Grand Junction Data privacy bill could affect consumer-facing companies across Colorado Meet the Winners of AFCEA’s Rocky Mountain Cyberspace Symposium Capture the Flag Automatically block IPs and domains with Red Canary + Microsoft Waking up to the new realities of privacy risk and the need for focused expertise Emails and Malicious Macros - What Can Go Wrong? Job Openings: Holland & Hart - CISO Lunchbox - VP of Infrastructure and Security Alteryx - Manager, Cyber Security Operations Nutanix - Manager, Security Engineering CommonSpirit Health - Privacy Info Security Analyst II Workiva - Cyber Security Compliance Engineer RingCentral - Security Engineer Red Canary - Information Security Specialist Redwood Trust - Information Security Analyst McAfee - Sales Engineer - West Upcoming Events: This Week and Next: CTA - COLORADO PRIVACY ACT WEBINAR - 4/13 ISSA Denver - April Chapter Meeting - 4/14 ASIS - WIS : COFFEE CHAT WITH KATIE JUMP - 4/15 Put the "Sec" in DevOps - Security's role in Software Quality - 4/16 ISSA C.Springs - April Meeting - 4/20 CSA - April Meeting - 4/20 ISSA COS Cyberfocus Days - 4/20-22 OWASP - April Meeting - 4/21 ISACA Denver - April General Meeting - 4/21-23 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

James Brown, Director of Infrastructure and Security at Invoca is our feature guest this week and is interviewed by Jason Jaques. News from DISH, Convercent, Cloud Elements, Stack Hawk, F5, Ping Identity, Coalfire and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week’s news: Join the Colorado = Security Slack channel New Colorado billionaire tops Forbes' list of state's richest Atlanta’s OneTrust acquires Denver company to enhance ‘whistleblowing’ software UiPath Acquires Cloud Elements to Deliver Expanded API-Based Automation Capabilities Introducing the 2021 Colorado Inno Tech Madness Bracket Colorado Privacy Act Introduced Government Technology's Top 25 honors innovators in the public sector F5 Appoints Two Senior Executives as It Sharpens Its Customer Focus How Ping Acknowledges Women's Contributions Not Just in March but All Year Long Coalfire Awarded First UKAS ISO 27701 Accreditation Job Openings: The Broadmoor - Information Systems Network Administrator Github - Chief of Staff - Security Forensic Discovery - Senior Digital Forensics Investigator Alterra Mountain Company - IT Application Security Analyst Alchemy Security - Systems Administrator Alteryx - Cyber Security Operations Intern (Summer 2021) Ping Identity - Cyber Security Intern Rule4 - 2021 Summer Internship State of Colorado - Legislative IT Audit Intern FireEye, Inc. - Incident Response & Red Team Internship - Remote Summer 2021 Upcoming Events: This Week and Next: NO EVENTS COMING IN NEXT TWO WEEKS View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Robb and Alex celebrate 200 episodes, looking back and answering questions from the community. News from In-N-Out, Pulte, Dish Network, Tilled, Intelisecure, Ping Identity, Coalfire, Red Canary, LogRhythm and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week’s news: Join the Colorado = Security Slack channel Third Colorado In-N-Out location opening Monday Two more southern Colorado roads designated as scenic byways National homebuilder plans 200 homes in Denver suburb, relaunching Colorado presence Dish Network is out to prove its skeptics wrong, promises first 5G city in Q3 - Denver Business Journal This Boulder startup wants to help other software companies process payments Proofpoint Enters into Definitive Agreement to Acquire InteliSecure, Expands People-Centric Managed Services Offering | Proofpoint US Ping Identity Named as Leader in Three KuppingerCole Leadership Compass Reports Success stories in cybersecurity and information technology - Coalfire Silver Sparrow macOS malware with M1 compatibility Zero Trust Framework: A Guide to Implementation | LogRhythm Job Openings: Ping Identity - Security Program Manager Ping Identity - Product Security Engineer Connect for Health Colorado - Security Analyst I MYR Group - Security Engineer City and County of Denver - Identity and Access Security Engineer – Technology Services Air Methods Corporation - Sr IT Security Analyst AWS - Program Security Officer Bellco Credit Union - OTS Security Analyst Four Winds Interactive - Associate Security Analyst Denver Public Schools - SECURITY SYSTEMS ADMINISTRATOR I Upcoming Events: This Week and Next: Colorado Springs - First Friday Cybersecurity Social & Mixer - 3/5 ISSA C.Springs - Sec+ Review - 3/6 ZAPCon - 3/9 Denver ISSA - "Zero to One: Building a Security & Privacy Program From the Ground Up" - 3/10 ASIS - YOUR PERSONAL BRAND MATTERS - 3/11 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

When an Iowa Sheriff arrested Coalfire pentesters Gary DeMercurio and Justin Wynn on the job, it sent shockwaves through the cybersecurity community. The two InfoSec professionals faced felony charges, jail time, and the possibility of a criminal record for doing what they were hired to do. And information security professionals faced a possible chilling effect around a common strategy for testing defenses. Now, Gary and Justin tell their story to the SecureWorld audience during a candid interview. They will take us through what happened to them and share what they learned in the process. Resource Links: •  Trend Micro, "15 Years of the Zero Day Initiative": http://bit.ly/TM_ZDI_15 •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

Tony Galzin is a proud South Sider from Chicago. His wife hails from Alabama, but the two met while working at mk restaurant in Chicago. Tony worked pastry, Caroline in the front of the house. The two fell hard for each other, as well as the coal fired pies at D'Amato's and Coalfire in West Town, just a few blocks apart. When they moved to Nashville in 2013, they started looking for their own place. By 2016, they had opened Nicky's Coal Fired, a restaurant featuring a large coal-fired oven, where they bake a lot more than just pizzas.

A recent incident occurred in central Iowa where security vendor, Coalfire, employees were arrested for breaking/entering and robbery of a county government building. After the arrest it was determined this was part of a contract the vendor had with a Federal agency in a neighboring county. This incident brought a wide range of online discussions about white hat hacking, facility break-in tests, and associated responsibilities and related ethical considerations. • What are some lessons from the Coalfire security vendor arrests? • What are some recommendations for contracting an outside entity to perform hacking and/or break-in activities? • What activities need to be confirmed for such activities? • What should related contracts contain for such activities? Tune in to hear Rebecca discuss these topics and more with Dr. Mich Kabay.