POPULARITY
21 episodes with Endpoint
10 episodes with Endpoint
13 episodes with Endpoint
8 episodes with Endpoint
13 episodes with Endpoint
25 episodes with Endpoint
6 episodes with Endpoint
6 episodes with Endpoint
4 episodes with Endpoint
5 episodes with Endpoint
4 episodes with Endpoint
10 episodes with Endpoint
15 episodes with Endpoint
3 episodes with Endpoint
2 episodes with Endpoint
6 episodes with Endpoint
4 episodes with Endpoint
3 episodes with Endpoint
As InfoSecurity Europe prepares to welcome cybersecurity professionals from across the globe, Rob Allen, Chief Product Officer at ThreatLocker, shares why this moment—and this location—matters. Allen doesn't frame the conversation around hype or headlines. Instead, he focuses on a universal truth: organizations want to sleep better at night knowing their environments are secure.ThreatLocker's mission is grounded in achieving Zero Trust in a simple, operationally feasible way. But more than that, Allen emphasizes their value as enablers of peace of mind. Whether helping customers prevent ransomware attacks or meet regional regulatory requirements like GDPR or Australia's Essential Eight, the company is working toward real-world solutions that reduce complexity without sacrificing security. Their presence at events like InfoSecurity Europe is key—not just for outreach, but to hear directly from customers and partners about what's working and where they need help.Why Being There MattersDifferent regions have different pressures. In Australia, adoption surged without any local team initially on the ground—driven purely by alignment with the Essential Eight framework. In the UK, it's conversations about Cyber Essentials that shape booth discussions. Regulations aren't just compliance checklists; they're also conversation starters that change how organizations prioritize security.The ThreatLocker team doesn't rely on generic demos or vague promises. They bring targeted examples to the booth—like asking attendees if they know what software can be run on their machines without alerting anyone. If tools like remote desktop applications or archive utilities can be freely executed, attackers can use them too. This is where ThreatLocker steps in: controlling what runs, identifying what's necessary, and blocking what isn't.Booth D90 and BeyondRob Allen invites anyone—whether they're new to ThreatLocker or longtime users—to visit booth D90. The team, built with a mix of technical skill and humor (ask about the “second-best beard” in the company), is there to listen and help. It's not just about showcasing technology; it's about building relationships and reinforcing a shared goal: practical, proactive cybersecurity that makes a measurable difference.If you're at InfoSecurity Europe, stop by. If you're not, this episode offers a meaningful glimpse into why showing up—both physically and philosophically—matters in cybersecurity.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Rob Allen, Chief Product Officer, ThreatLocker | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerCyber Essentials Guide: https://threatlocker.kb.help/threatlocker-and-cyber-essentials-compliance/?utm_source=itsp&utm_medium=sponsor&utm_campaign=infosec_europe_pre_interview_rob_q2_25&utm_content=infosec_europe_pre_interview_rob&utm_term=podcastAustralia's Essential Eight Guide: https://www.threatlocker.com/whitepaper/australia-essential-eight?utm_source=itsp&utm_medium=sponsor&utm_campaign=infosec_europe_pre_interview_rob_q2_25&utm_content=infosec_europe_pre_interviLearn more and catch more event coverage stories from Infosecurity Europe 2025 in London: https://www.itspmagazine.com/infosec25 ______________________Keywords:sean martin, marco ciappelli, rob allen, cybersecurity, zero trust, infosec, compliance, ransomware, endpoint, regulation, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
Despite missing the primary endpoint, the treatment improved vision for some patients.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft Patch Tuesday Microsoft patched 70-78 vulnerabilities (depending on how you count them). Five of these vulnerabilities are already being exploited. In particular, a remote code execution vulnerability in the scripting engine should be taken seriously. It requires the Microsoft Edge browser to run in Internet Explorer mode. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%3A%20May%202025/31946 Security Advisory Ivanti Endpoint Manager Mobile (EPMM) May 2025 (CVE-2025-4427 and CVE-2025-4428) Ivanti patched an authentication bypass vulnerability and a remote code execution vulnerability. The authentication bypass can exploit the remote code execution vulnerability without authenticating first. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US Fortinet Patches Exploited Vulnerability in API (CVE-2025-32756) Fortinet patched an already exploited stack-based buffer overflow vulnerability in the API of multiple Fortinet products. The vulnerability is exploited via crafted HTTP requests. https://fortiguard.fortinet.com/psirt/FG-IR-25-254
Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-405
Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-405
Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Show Notes: https://securityweekly.com/esw-405
The Navy has spent the last several years standing up technical solutions and designating them as intended for use across the fleet. Officials say the next step is extending that approach to the end point devices that sailors use every day, both ashore and afloat. For more on the unified endpoint initiative, Federal News Network's Jared Serbu talked with the Navy's Justin Finelli, Brandon Weller and Matthew Rambo.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
Take a Network Break! We start with a Red Alert for SAP NetWeaver's Visual Composer Metadata Uploader, and then dive into a new endpoint discovery feature from Forward Networks, and Ericsson adding clientless ZTNA to its SASE offering. Aviatrix adds a Secure NAT Gateway for Microsoft Azure as a way to help Azure customers navigate... Read more »
Take a Network Break! We start with a Red Alert for SAP NetWeaver's Visual Composer Metadata Uploader, and then dive into a new endpoint discovery feature from Forward Networks, and Ericsson adding clientless ZTNA to its SASE offering. Aviatrix adds a Secure NAT Gateway for Microsoft Azure as a way to help Azure customers navigate... Read more »
Take a Network Break! We start with a Red Alert for SAP NetWeaver's Visual Composer Metadata Uploader, and then dive into a new endpoint discovery feature from Forward Networks, and Ericsson adding clientless ZTNA to its SASE offering. Aviatrix adds a Secure NAT Gateway for Microsoft Azure as a way to help Azure customers navigate... Read more »
Product Manager Bar Yassure discusses what we did to improve performance and stability in the E88.70 release of Harmony Endpoint.
Pfizer ends danuglipron clinical program for obesity; FDA warns about counterfeit Ozempic; daily pill shows promise in reducing HbA1c; mavacamten misses in nonobstructive HCM trial and the FDA clears smart belt device reduce fall injury.
Endpoint security tools worked, but the hackers worked harder for their payday.While everyone likes to know how someone else might have screwed up and what the fallout looks like, the more import elements of episodes like this one come from the in-depth conversations about new tactics and strategies that are being used by the bad guys, and simultaneously, the insight on new best practices for the good guys.So while I did enjoy diving into how the ransomware group Akira was able to use webcam access to infiltrate an organization, it was also great to discuss the evolution of these hacking groups, EDR tools, dark web monitoring and the need for better credential security with Steve Ross. He's the director of cybersecurity at S-RM, a leading provider or cyber intelligence and solutions.Watch/listen as we also discuss:Endpoint Detection and Response (EDR) tools.The rise of Akira, and the evolving symbiotic strategies used by this and other RaaS groups.Patching challenges.The growing need for dark web monitoring.The continued rise in login/credential harvesting.As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor.Promoguy Talk PillsAgency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama...Listen on: Apple Podcasts SpotifyTo catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com. To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the integration of Microsoft Security Solutions with third-party security tools. They explore how organizations can leverage Microsoft Defender for Endpoint, Defender for Office, Entra, Intune, and Cloud Access Security Broker solutions to enhance their security posture. The conversation emphasizes the importance of utilizing existing tools to gain additional insights and telemetry, ensuring a more robust security framework without conflicts or performance degradation.----------------------------------------------------YouTube Video Link: https://youtu.be/kE2cVwjPzYs----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-antivirus-compatibilityhttps://learn.microsoft.com/en-us/intune/intune-service/protect/device-compliance-partners#supported-device-compliance-partnershttps://learn.microsoft.com/en-us/defender-cloud-apps/zscaler-integrationhttps://learn.microsoft.com/en-us/defender-cloud-apps/additional-integrations----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube:https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
Default deny is an old, and very recognizable term in security. Most folks that have been in the industry for a long time will associate the concept with firewall rules. The old network firewalls, positioned between the public Internet and private data centers, however, were relatively uncomplicated and static. Most businesses had a few hundred firewall rules at most. The idea of implementing default deny principles elsewhere were attempted, but without much success. Internal networks (NAC), and endpoints (application control 1.0) were too dynamic for the default deny approach to be feasible. Vendors built solutions, and enterprises tried to implement them, but most gave up. Default deny is still an ideal approach to protecting assets and data against attacks - what it needed was a better approach. An approach that could be implemented at scale, with less overhead. This is what we'll be talking to Threatlocker's CEO and co-founder, Danny Jenkins, about on this episode. They seemed to have cracked the code here and are eager to share how they did it. This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! We wanted security data? We got it! Now, what the heck do we DO with all of it? The core challenge of security operations, incident response, and even compliance is still a data management and analysis problem. Which is why we're seeing companies like Abstract Security pop up to address some of these challenges. Abstract just released a comprehensive eBook on security data strategy, linked below, and you don't even need to give up an email address to read it! In this interview, we'll talk through some of the highlights: Challenges Myths Pillars of a data security strategy Understanding the tools available Segment Resources A Leader's Guide to Security Data Strategy eBook In the enterprise security news, new startup funding what happened to the cybersecurity skills shortage? tools for playing with local GenAI models CVE assignment drama a SIEM-agnostic approach to detection engineering pitch for charity a lost dog that doesn't want to be found All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-402
Default deny is an old, and very recognizable term in security. Most folks that have been in the industry for a long time will associate the concept with firewall rules. The old network firewalls, positioned between the public Internet and private data centers, however, were relatively uncomplicated and static. Most businesses had a few hundred firewall rules at most. The idea of implementing default deny principles elsewhere were attempted, but without much success. Internal networks (NAC), and endpoints (application control 1.0) were too dynamic for the default deny approach to be feasible. Vendors built solutions, and enterprises tried to implement them, but most gave up. Default deny is still an ideal approach to protecting assets and data against attacks - what it needed was a better approach. An approach that could be implemented at scale, with less overhead. This is what we'll be talking to Threatlocker's CEO and co-founder, Danny Jenkins, about on this episode. They seemed to have cracked the code here and are eager to share how they did it. This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! We wanted security data? We got it! Now, what the heck do we DO with all of it? The core challenge of security operations, incident response, and even compliance is still a data management and analysis problem. Which is why we're seeing companies like Abstract Security pop up to address some of these challenges. Abstract just released a comprehensive eBook on security data strategy, linked below, and you don't even need to give up an email address to read it! In this interview, we'll talk through some of the highlights: Challenges Myths Pillars of a data security strategy Understanding the tools available Segment Resources A Leader's Guide to Security Data Strategy eBook In the enterprise security news, new startup funding what happened to the cybersecurity skills shortage? tools for playing with local GenAI models CVE assignment drama a SIEM-agnostic approach to detection engineering pitch for charity a lost dog that doesn't want to be found All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-402
Default deny is an old, and very recognizable term in security. Most folks that have been in the industry for a long time will associate the concept with firewall rules. The old network firewalls, positioned between the public Internet and private data centers, however, were relatively uncomplicated and static. Most businesses had a few hundred firewall rules at most. The idea of implementing default deny principles elsewhere were attempted, but without much success. Internal networks (NAC), and endpoints (application control 1.0) were too dynamic for the default deny approach to be feasible. Vendors built solutions, and enterprises tried to implement them, but most gave up. Default deny is still an ideal approach to protecting assets and data against attacks - what it needed was a better approach. An approach that could be implemented at scale, with less overhead. This is what we'll be talking to Threatlocker's CEO and co-founder, Danny Jenkins, about on this episode. They seemed to have cracked the code here and are eager to share how they did it. This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/esw-402
Default deny is an old, and very recognizable term in security. Most folks that have been in the industry for a long time will associate the concept with firewall rules. The old network firewalls, positioned between the public Internet and private data centers, however, were relatively uncomplicated and static. Most businesses had a few hundred firewall rules at most. The idea of implementing default deny principles elsewhere were attempted, but without much success. Internal networks (NAC), and endpoints (application control 1.0) were too dynamic for the default deny approach to be feasible. Vendors built solutions, and enterprises tried to implement them, but most gave up. Default deny is still an ideal approach to protecting assets and data against attacks - what it needed was a better approach. An approach that could be implemented at scale, with less overhead. This is what we'll be talking to Threatlocker's CEO and co-founder, Danny Jenkins, about on this episode. They seemed to have cracked the code here and are eager to share how they did it. This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/esw-402
Can We Rely on KCCQ as a Primary Endpoint for Medical Devices?
As energy systems become more decentralized, the complexity of managing trusted devices and other components connected to the grid continues to grow. According to the U.S. Department of Energy's Distributed Energy Resource Interconnection Roadmap (January 2025), utilities across the country are experiencing increased interconnection requests for distributed energy resources (DERs), such as solar, battery storage, and EV charging systems. This shift brings a mounting challenge: securing and authenticating an expanding web of edge devices without compromising system integrity.How do we ensure trust across a sprawling, multi-vendor energy infrastructure that is increasingly targeted by cyber threats?In this episode of Pro AV Today, host Ben Thomas welcomes Julian Durand, the Chief Security Officer & SVP of Product Management, and Ali Hodjat, the VP of Product Marketing at Intertrust. They discuss how energy providers can manage and secure trusted devices across complex grid networks. The conversation focuses on the intersection of cybersecurity, device authentication, and the evolving expectations of both energy providers and consumers.Key Takeaways from the Episode:Zero trust architecture is essential to securing distributed energy networks, which are increasingly vulnerable due to the proliferation of unvetted, third-party hardware.Endpoint protection is lagging in many operational technology (OT) environments, with legacy protocols and air-gapped systems often failing to meet modern cybersecurity expectations.A universal trust model, such as the Trusted Energy Interoperability Alliance (TEIA), is being developed to help align OEMs, utilities, and consumers around a common framework for device certification and data governance.Julian Durand is a cybersecurity and product management executive with over two decades of experience launching and scaling technologies across mobile, IoT, SaaS, and PaaS platforms. He has led global teams at Nokia, Qualcomm, and Intertrust, where he spearheaded innovations in eSIM, embedded security, telematics, and decentralized trust systems—holding ten patents with several more pending. Durand is CISSP-ISSAP certified, has held multiple P&L leadership roles, and is a recognized thought leader and frequent speaker on cybersecurity and product strategy.Ali Hodjat is a senior product marketing leader with over 17 years of experience driving go-to-market strategies, product positioning, and sales enablement across broadcast, streaming, and media technology sectors. In addition to leading initiatives at companies like Intertrust, Telestream, and Verimatrix, he has deep expertise in content protection, DRM, and video security technologies, including forensic watermarking and authentication systems. Hodjat combines strong technical knowledge in media cybersecurity with proven leadership in cross-functional collaboration, competitive analysis, and strategic content development to deliver measurable business impact.
What does it really take to reimagine the future of endpoint computing? In this special episode recorded live from IGEL's Now and Next 2025 event in Miami, I sit down with Klaus Oestermann, CEO of IGEL, to explore how cybersecurity, digital workspaces, and user experience are being transformed at the edge. Klaus is no stranger to innovation, having spent decades in high-assurance security across critical industries, and now leading IGEL's mission to simplify, secure, and modernize how enterprises manage endpoints. Our conversation starts by unpacking the shift from traditional perimeter-based security models to a new way of thinking rooted in prevention. Klaus explains how IGEL's Preventative Security Model addresses modern threats by dramatically reducing the attack surface at the endpoint and flipping the conversation from detection and response to control and containment. With more organizations relying on hybrid work and SaaS-based applications, the endpoint has never been more critical—or more vulnerable. Klaus also outlines how IGEL OS is supporting everything from virtual desktop infrastructure to secure browsing, while enabling consistent user experiences across cloud, on-prem, and edge environments. But this episode isn't just about technology. It's about strategy. Klaus shares how IGEL is creating meaningful impact by extending device life cycles, cutting hardware replacement costs, and supporting sustainability goals. With Windows 11 upgrades looming and endpoint refresh cycles under pressure, IGEL presents a compelling alternative that balances performance with responsibility. We also dive into the role of AI, how it's reshaping device requirements, and what it means for endpoint security moving forward. And as IGEL expands its ecosystem and reveals over 20 new announcements at this year's event, Klaus offers a candid look into what's resonating with customers—and where the industry is headed next. So what will define your endpoint strategy in 2025? And is your organization ready to lead from the edge?
On this episode of NCS Chris and Mark talked to Rob Pennington of the bands Endpoint, By The Grace of God, Black Cross, Jupiter Hearts amongst others. We talked to Rob about getting into hardcore his experiences visiting buffalo, his many different bands and life in general! If you are a fan of any of his bands definitely check this out.Episode music is Sand Pulpit by Jupiter Hearts
On this episode of NCS Chris and Mark talked to Rob Pennington of the bands Endpoint, By The Grace of God, Black Cross, Jupiter Hearts amongst others. We talked to Rob about getting into hardcore his experiences visiting buffalo, his many different bands and life in general! If you are a fan of any of his bands definitely check this out.Episode music is Sand Pulpit by Jupiter Hearts
Sponsor by SEC Playground
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Using ES|QL In Kibana to Query DShield Honeypot Logs Using the "Elastic Search Piped Query Language" to query DShield honeypot logs https://isc.sans.edu/diary/Using%20ES%7CQL%20in%20Kibana%20to%20Queries%20DShield%20Honeypot%20Logs/31704 Mongoose Flaws Put MongoDB at risk The Object Direct Mapping library Mongoose suffers from an injection vulnerability leading to the potenitial of remote code exeuction in MongoDB https://www.theregister.com/2025/02/20/mongoose_flaws_mongodb/ U-Boot Vulnerabilities The open source boot loader U-Boot does suffer from a number of issues allowing the bypass of its integrity checks. This may lead to the execution of malicious code on boot. https://www.openwall.com/lists/oss-security/2025/02/17/2 Unifi Protect Camera Update https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f
In this episode of Logistics with Purpose®, hosts Enrique Alvarez and Kristi Porter interview Roosevelt Giles, Founder and CEO of Endpoint Ventures and Chairman at Stakeholder Impact Foundation. Giles shares his journey from a humble beginning as the son of sharecroppers to becoming a tech expert, conscious capitalist, and marathon runner. He discusses the importance of conscious capitalism, the role of technology in business, and the need for diversity and authenticity in board leadership. Giles also emphasizes the significance of investing in employees and communities for long-term business success. Listen in to discover insights into the evolving landscape of corporate governance, the impact of AI on supply chains, and the importance of purpose-driven leadership.Additional Links & Resources:Connect with Roosevelt: https://www.linkedin.com/in/roosevelt-giles-53a4956/Learn more about the Stakeholder Impact Foundation: https://stakeholdergoveranceinstitute.com/Learn more about Logistics with Purpose: https://supplychainnow.com/program/logistics-with-purposeLearn more about Vector Global Logistics: https://vectorgl.com/Subscribe to Logistics with Purpose: https://logistics-with-purpose.captivate.fm/listenThis episode was hosted by Enrique Alvarez and Kristi Porter. For additional information, please visit our dedicated show page at: https://supplychainnow.com/tech-leadership-conscious-capitalism-endpoint-ventures-lwp123
Check out Logan's new project: https://thestratbook.gg
Rob Allen and Doug talk about Endpoint security and how important it is to secure your endpoints going into the new year. Show Notes: https://securityweekly.com/vault-swn-26
Rob Allen and Doug talk about Endpoint security and how important it is to secure your endpoints going into the new year. Show Notes: https://securityweekly.com/vault-swn-26
Rob Allen and Doug talk about Endpoint security and how important it is to secure your endpoints going into the new year. Show Notes: https://securityweekly.com/vault-swn-26
Rob Allen and Doug talk about Endpoint security and how important it is to secure your endpoints going into the new year. Show Notes: https://securityweekly.com/vault-swn-26
This week on the Revenue Insights Podcast, Guy Rubin, CEO of Ebsta, speaks with Dan Drees, Global Vice President of Sales at Endpoint Protector, part of Netbricks. In this episode, Guy and Dan explore the evolution from philosophy graduate to global sales leader, the importance of strategic career planning, and the challenges of leading teams through acquisitions. Dan Drees is the Global Vice President of Sales at Endpoint Protector, where he leads a team of 20 employees across multiple regions. With a unique background starting in philosophy before transitioning to tech sales, Dan brings a strategic approach to sales leadership and team development.
At IGEL DISRUPT 2024 in Munich this week, Lenovo presented its vision of how generative AI's next advancement will involve personalizing end-user devices. This means that computers, phones, tablets, and other devices will soon be able to understand the context of our activities and adapt to how we prefer to work.Overall, the concept of adding AI at the endpoint is gaining a lot of traction. In 2023, Adobe reported that 77% of all devices use some form of AI. Lenovo sees the future of AI moving to a background-running service, first appearing locally in high-end and then consumer devices and eventually becoming ubiquitous across all environments, allowing incredibly high-power models to function at low-power demand.Lenovo, in partnership with IGEL, has already taken steps to implement these innovative features.Host: Andy WhitesideCo-host: Chris Feeney
Podcast: PrOTect It All (LS 24 · TOP 10% what is this?)Episode: Enhancing OT Cybersecurity: From Legacy Systems to Cloud Solutions with Paul ShaverPub date: 2024-11-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Aaron is joined by Paul Shaver, an experienced OT security consultant from Mandiant, part of Google Cloud. Together, they navigate the nuanced landscape of operational technology (OT) cybersecurity. The episode begins with Aaron recalling a critical incident at a power plant that underscores the potential pitfalls in OT environments. This sets the stage for a rich discussion on the evolution of OT technology, with Aaron and Paul reminiscing about primary domain controllers and early NT workstations. The conversation shifts to the future of OT in the cloud, where Paul highlights the benefits of cloud solutions, including enhanced resiliency, security, and data optimization through AI. A compelling customer case study illustrates modern technology adoption with web-based HMIs and Chromeboxes. Paul offers a detailed analysis of the current OT cybersecurity landscape, addressing the persistent legacy system challenges and the need for a cohesive IT-OT security strategy. He discusses the evolving threat landscape influenced by global geopolitical tensions and the rise of zero-day vulnerabilities. Listeners will gain practical insights into foundational cybersecurity measures, such as network segmentation, asset inventory management, and robust access control.. Key Moments: 04:14 Connecting IT and OT optimizes processes securely. 09:54 Lost production severely impacts manufacturing revenue recovery. 14:06 Ensure network notifications; control access, separate credentials. 17:10 Engineers need secure access to adjust parameters. 21:55 Endpoint detection on older systems is critical. 28:47 Resilience is crucial in CrowdStrike incident response effectiveness. 32:11 Limited resources for global incident response efforts.= 39:22 Rebuilt domain controller caused authentication issues. 42:37 Focus on resiliency and cloud opportunities, leveraging multi-cloud. 44:59 Improve grid operations using cloud and hyper-converged technology. 48:38 Local cloud provides redundancy for remote sites. 51:15 Critical for acquisition process and problem-solving. About the guest : Paul Shaver has dedicated more than two decades to various roles in Operational Technology (OT), primarily within the oil and gas industry. His expertise spans OT architecture, design, and build, along with run and maintaining responsibilities as an asset owner. Before transitioning into cybersecurity, Paul served as a Technology Director for an oil and gas company in California. Driven by a burgeoning interest in security, he joined Mandiant nearly five years ago. At Mandiant, now part of Google, Paul relishes the mission of enhancing security postures in OT and critical infrastructure, contributing to significant advancements in the field. How to connect Paul: https://www.linkedin.com/in/pbshaver/ Connect With Aaron Crow: Website: www.corvosec.com LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co Website: https://protectitall.co/ X: https://twitter.com/protectitall YouTube: https://www.youtube.com/@PrOTectITAll FaceBook: https://facebook.com/protectitallpodcast To be a guest or suggest a guest/episode, please email us at info@protectitall.coThe podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
In response to new questions asked by the annual study, sponsored by Adobe—which showcases the feedback of more than 1,800 global cybersecurity professionals on topics related to the cybersecurity workforce and threat landscape—security teams in Oceania noted they are primarily using AI for:Automating threat detection/response (36 percent vs 28 percent globally)Endpoint security (33 percent vs 27 percent globally)Automating routine security tasks (22 percent vs 24 percent globally)Fraud detection (6 percent vs 13 percent globally)Sixty-four percent of cybersecurity professionals in Australia say their role is more stressful now than it was five years ago, according to the newly released 2024 State of Cybersecurity survey report from ISACA, a global professional association advancing trust in technology. The annual study, sponsored by Adobe, showcases the feedback of more than 1,800 cybersecurity professionals globally on topics related to the cybersecurity workforce and threat landscape. According to the data, Australian cybersecurity professionals are feeling the stress at slightly higher rates than their global peers for reasons including: An increasingly complex threat landscape (85 percent vs 81 percent globally) Low budget (48 percent vs 45 percent globally) Worsening hiring/retention challenges (50 percent vs 45 percent globally) Lack of prioritisation of cybersecurity risks (35 percent vs 34 percent globally) Global cybersecurity professionals are feeling the strain of insufficiently trained staff at a higher rate than in Australia, at 45 percent compared to 37 percent locally. We speak with ISACA's Jon Brandt, Jenai Marinkovic and Jo Stewart-Rattray on the outcomes of the latest report.Read more: https://australiancybersecuritymagazine.com.au/isaca-research-reveals-cyber-professionals-are-feeling-the-strain/Get a copy of the report here: https://www.isaca.org/resources/reports/state-of-cybersecurity-2024
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss critical cybersecurity insights, focusing on Active Directory security techniques, the implications of recent incidents involving Microsoft Defender for Endpoint, and the introduction of passwordless solutions for Apple devices. They emphasize the importance of foundational knowledge in cybersecurity, the need for robust security practices, and the evolution of identity management solutions in enterprise environments. ---------------------------------------------------- YouTube Video Link: https://youtu.be/ySylj7V0AY8 ---------------------------------------------------- Documentation: https://www.cyber.gov.au/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-hardening/detecting-and-mitigating-active-directory-compromises https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-s-safe-deployment-practices/ba-p/4220342 https://learn.microsoft.com/en-us/entra/identity-platform/apple-sso-plugin ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com
There are many exciting announcements that are happening at this year's annual IGEL DISRUPT event in Munich, one of which was the addition of the Island Enterprise Browser to the IGEL App Portal. In case you missed it, here is everything you need to know about the partnership between IGEL and Island and what it means for end-user computing. IGEL's partnership with Island offers a uniquely agile workspace with unmatched security and optimized workflows. Here are six key benefits users will experience: Zero trust access for applications to protect data Frictionless onboarding and administration Easy app installation and updates Familiar browser interface options Increased enterprise performance Reduced power consumption Adding the Island Enterprise Browser offers a secure alternative to desktop virtualization for organizations already using IGEL OS. When paired with the Island Enterprise Browser, IGEL's Preventative Security Model is a proven solution that provides simplified endpoint management and a familiar browsing experience. Host: Andy WhitesideCo-host: Chris Feeney
In this episode, we'll discuss some new features in Harmony Endpoint as well as best practices for deployment. These are excerpts from recent TechTalks:Harmony Endpoint: Packing a PunchMastering Endpoint Security
On this episode of the Six Five On the Road, hosts Daniel Newman and Patrick Moorhead are joined by Intel's Novin Kaihani, Sr. Director, GM Client Software Products, and GoTo's Dave Campbell, VP of Products, for a conversation on the latest trends and innovations in endpoint manageability, from virtual remediation to AI-enhanced PCs. Their discussion covers: The evolving landscape of endpoint manageability The role of AI in modern PCs and its impact on manageability Challenges and solutions for virtual remediation in the current IT environment Intel and GoTo's collaborative efforts and their vision for the future of work Key insights on how businesses can prepare for the next wave of technological advancements
In this episode, we sit down with Santiago, a Senior Security Engineer at Canva, to talk about the complexities of building and managing an incident response team, especially in high-growth companies. Santiago shares his experience transitioning from penetration testing to incident response and highlights the unique challenges that come with protecting a rapidly expanding organization. We explore the differences between incident response in high-growth versus established companies, the importance of having the right personnel, and the critical skills needed for effective incident response. Guest Socials: Santiago's Linkedin Podcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - Cloud Security Podcast- Youtube - Cloud Security Newsletter - Cloud Security BootCamp Questions asked: (00:00) Introduction (01:58) A word from our sponsor - SentinelOne (02:48) A bit about Santiago (03:18) What is Incident Response? (04:06) How IR differs in different organisations? (04:48) Red Team vs Incident Response Team (06:17) Challenges for Incident Response in Cloud (07:16) Incident Response in a High Growth Company (07:56) Skillsets required for high growth (09:14) Cloud vs On Prem Incident Response (10:03) Building Incident Response in High Growth Company (11:39) Responding to incidents that are not high risk (14:41) Transition from pentesting to incident responder (17:20) Endpoint vulnerability management at scale (25:32) The Fun Section Resources from the episode: Endpoint Vulnerability Management at Scale
Google's AI overviews in search results have significantly decreased due to user complaints about incorrect answers, prompting the company to refine its implementation. MIT launched the AI Risk Repository, a database cataloging over 700 unique risks associated with AI systems to assist organizations in assessing and mitigating AI risks. Additionally, Dashlane's Passkey report showcased the rapid adoption of Passkeys as a password replacement, driven by consumer demand in various sectors.The episode also covered significant developments in cybersecurity and government initiatives. CISA is analyzing the impact of a recent Supreme Court ruling on its new cyber incident reporting rule, while the White House is collaborating with the Department of Treasury and CISA to develop a cyber insurance policy proposal for catastrophic incidents. The FCC unveiled a $200 million cybersecurity program for schools and libraries to enhance their cybersecurity measures against increasing cyberattacks, separate from the existing E-Rate program.In response to scraping allegations, SOCRadar confirmed that their internal systems were not breached, and they are enhancing security measures to prevent future incidents. A security researcher revealed two zero-day vulnerabilities in Windows that allow downgrade attacks, compromising critical OS components. The episode also highlighted various cybersecurity developments from DEF CON and Black Hat, including the hacking of EvoVac robots and the development of a laser microphone for keystroke surveillance.Lastly, Syncro launched an AI-powered smart ticket management solution for managed services providers and IT operations to enhance efficiency and ticket resolution. SAS Alerts integrated Microsoft Defender for Endpoint into its security platform for MSPs, offering centralized monitoring of Microsoft 365 applications and Endpoint security. These developments reflect a trend towards leveraging AI in ticket resolution and enhancing cybersecurity measures in the tech industry. Four things to know today00:00 Google Scales Back AI Overviews Amid User Complaints as MIT Releases Comprehensive AI Risk Tool04:10 CISA Analyzes Supreme Court Ruling Impact as FCC Unveils $200M Cybersecurity Program for Schools06:50 SOCRadar Responds to Scraping Allegations, Confirms No Breach of Internal Systems08:53 Syncro Launches AI-Driven Smart Ticket Management to Streamline MSP Operations Supported by: https://getthread.com/https://www.coreview.com/msp/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social
Last month, Sevco unveiled new capabilities in the Sevco platform to help manage and remediate risks for a new asset class – software vulnerabilities (think CVEs) and environmental vulnerabilities (think missing security tools, EOL systems, and IT hygiene issues). Sevco's exposure management capabilities centralize known and surface previously unknown vulnerabilities in one place, prioritize the most critical issues across the environment (based on technical severity and nearly unlimited business context derived from Sevco's asset intelligence), automate the remediation to fix priority issues and validate that remediation efforts are completed. With the help of these new capabilities in the Sevco platform, CISOs gain quantifiable insights to manage remediation programs, highlighting where efforts are working and where they aren't.Why does this matter: The systems that typically track and report CVEs, don't report on vulnerabilities in categories such as cloud, identity, system misconfigurations, and more. Those have to be uncovered from data found within different (typically siloed) tools. This visibility issue has caused CISOs to drown in vulnerabilities without the ability to identify the ones that present the highest risk to an organization. With asset intelligence as the foundation, the Sevco platform's exposure management capabilities help CISOs and security teams solve this challenge by proactively prioritizing, automating, and validating the remediation of all types of exposures, including software and environmental vulnerabilities. Additionally, the Sevco platform validates the successful completion of vulnerability remediation when it's observed on the asset itself, not just when a ticket is closed. This enables Sevco to highlight actionable metrics that allow CISOs to see what's working and what's not working in their remediation programs and break down cross-department silos that can cause visibility issues in the first place.How does it work: Sevco's approach to vulnerability prioritization differs from existing tools because the Sevco platform integrates with existing security tools to aggregate, correlate, and deduplicate the data in those sources to surface important context and assess the risk and business impact for each asset. With this knowledge, Sevco can automatically detect and proactively alert an organization's security team to vulnerabilities in their environment, including software vulnerabilities (CVEs), missing or misconfigured security controls (security gaps), and IT hygiene issues (unpatched devices and shadow IT). Additionally, Sevco helps to prioritize the CVEs, missing endpoint agents, and other IT hygiene vulnerabilities so our customers are always working on the highest risk issues first based on their specific business needs. Sevco's remediation management workflow helps to reduce risk dramatically with automation, key integrations that allow for collaboration and visibility across IT and security teams, and validation that remediation happened -- no matter the ticket status. Additionally, Sevco provides reports on remediation metrics that arm CISOs with the knowledge needed to understand the utilization of specific IT and security teams.Learn more about Sevco: https://itspm.ag/sevco250d8eNote: This story contains promotional content. Learn more.Guest: J.J. Guy, CEO and Co-Founder, SevcoOn LinkedIn | https://www.linkedin.com/in/jjguy/On Twitter | https://x.com/jjguy?lang=enResourcesState of the Cybersecurity Attack Surface (June 2024 Report): https://itspm.ag/sevco-l9blLearn more and catch more stories from Sevco: https://www.itspmagazine.com/directory/sevcoView all of our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
It makes perfect sense – study what your adversaries are doing and plan your defenses accordingly. If they're coming in the windows every time, perhaps you don't need to keep adding locks to the door. And studies have been done in healthcare showing there is a typical attack profile that often entails moving from a […] Source: Q&A with Intermountain Health VP/CISO Erik Decker & Director of Endpoint Data & Application Security Shawn Anderson: “Active Directory Revamp Can Help Slow Intruders Drive to Domian Dominance” on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.
Earlier this year, the NSA released updated zero-trust guidance in which microsegmentation is listed as a daunting, advanced endeavor, only suitable to the most mature organizations. Zero Networks is committed to challenging this sentiment. While some may hesitate, thinking microsegmentation is beyond their reach, we urge organizations to reconsider. Waiting is not an option when it comes to securing your network against evolving threats. By prioritizing microsegmentation, you're taking a proactive stance against unauthorized lateral movement, thwarting advanced attacks, and effectively blocking ransomware. Zero Networks has helped organizations of all sizes, maturity, and complexity levels to deploy our radically simple microsegmentation solution in a click, without breaking anything, and with little to no effort.As ransomware attacks double, microsegmentation has been hailed by Gartner, Forrester, the NSA, and leading security trade media outlets, as the most promising solution for halting lateral movement and satisfying zero trust guidelines. You can't have a zero trust architecture without microsegmentation – but you also need to implement a solution quickly, without breaking anything, and without extensive costs and complexities. Zero Networks offers exactly this solution. Zero Networks' microsegmentation solution locks down lateral movement, effectively stranding hackers and preventing them from spreading ransomware. For an added layer of security, we apply MFA authentication to the network layer, allowing organizations to protect assets that could not be easily protected by MFA before: legacy applications, databases, OT/IoT devices, mainframes, on-prem VMs, and IaaS VMs. Our just-in-time MFA also applies an additional layer of security to privileged remote admin protocols like RDP, SSH, and WinRM – commonly exploited by attackers. This also supports organizations with compliance needs. “Never trust, always verify” comes automatically with Zero Networks.Zero Networks' microsegmentation solution provides agentless, automated, and multi-factor authentication (MFA) powered architecture. By monitoring and learning all network connections over a 30-day period, Zero Networks creates precise firewall rules that are centrally applied to all assets. This agentless architecture ensures that every asset, whether on-premises or in the cloud, including OT/IoT devices, is segmented without disrupting normal operations. One of the key challenges with traditional microsegmentation solutions is their complexity and associated costs. Forrester highlights the difficulty in quantifying the business benefits of microsegmentation due to its indirect impact on productivity and user experience. A global independent investment bank, Evercore, was undergoing the major challenge of effectively responding to an incident when a workstation was compromised, and a threat actor was able to gain access to their network to move laterally. They had firewalls, whitelists, blacklists and other measures that could slow them down but nothing that could immediately shut them down. Chris Turek, CIO of Evercore, said “Zero Networks is creating a new sphere of security capabilities.See the platform for yourself - reach out to us at zeronetworks.com for a demo.Learn more about Zero Networks: https://itspm.ag/zeronet-al2d2Note: This story contains promotional content. Learn more.Guest: Benny Lakunishok, Co-Founder and CEO, Zero Networks [@ZeroNetworks]On LinkedIn | https://www.linkedin.com/in/bennyl/On Twitter | https://x.com/lakunishokResourcesLearn more and catch more stories from Zero Networks: www.itspmagazine.com/directory/zero-networksLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
SMBs and Mid Market companies make up 63% of the GDP, and over 70% of employment - making them the backbone of the economy. The entire cybersecurity industry is focused on the enterprise market, paying lip service to the SMB SME segments, leaving them vulnerable to cyber attacks. Coro decided to change the status quo and built a platform that was designed from day one for the overlooked SMB and SME segments - because we believe they deserve the best protection there is so they can focus on growing their businesses, and not cyber threats.There were three barriers to SMBs getting adequate protection: The need for multiple tools to get end to end protection, the extreme labor intensiveness of managing these platforms, and the overall cost. What Coro did was create a platform that removes all three barriers. 1) It's a single platform with one dashboard and one endpoint agent that covered all of the cybersecurity needs. 2) The platform uses smart automation to offload workloads from people to machines, dramatically reducing the need to chase and remediate security events manually, and 3) Provide all of that for a price point that any SMB could easily afford.Visit the Coro website and schedule a call with our Cyber Experts to see how we can help.Learn more about CORO: https://itspm.ag/coronet-30deNote: This story contains promotional content. Learn more.Guest: Dror Liwer, Co-Founder at Coro [@coro_cyber]On LinkedIn | https://www.linkedin.com/in/drorliwer/ResourcesLearn more and catch more stories from CORO: https://www.itspmagazine.com/directory/coro2024 SME Security Workload Impact Report -- https://www.coro.net/sme-security-workload-impact-reportLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
A device connected to a network that accepts communications from other endpoints like laptops, mobile devices, IoT equipment, routers, switches, and any tool on the security stack.
A device connected to a network that accepts communications from other endpoints like laptops, mobile devices, IoT equipment, routers, switches, and any tool on the security stack. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this episode of the Blue Security Podcast, Andy and Adam discuss Microsoft Entra Private Access and Endpoint Privilege Management. Entra Private Access is a modern secure edge solution that allows remote users to access on-premise applications in a micro-segmented manner. It enables granular app segmentation, MFA, and privileged access to domain controllers for on-premise users. Endpoint Privilege Management, part of the Intune Suite, allows administrators to set policies for standard users to perform privileged actions without giving them complete local admin access. It also supports approved elevations, where users can request support approval for elevated permissions directly from the application context menu. Takeaways -Microsoft Entra Private Access is a modern secure edge solution for remote users to access on-premise applications in a micro-segmented manner. -Entra Private Access enables granular app segmentation, MFA, and privileged access to domain controllers for on-premise users. -Endpoint Privilege Management, part of the Intune Suite, allows administrators to set policies for standard users to perform privileged actions without complete local admin access. -Endpoint Privilege Management now supports approved elevations, where users can request support approval for elevated permissions directly from the application context menu. ----------------------------------------------------------- YouTube Video Link: https://youtu.be/ye3s2SNhqao ----------------------------------------------------------- Documentation: https://techcommunity.microsoft.com/t5/microsoft-entra-blog/microsoft-entra-private-access-for-on-prem-users/ba-p/3905450 https://techcommunity.microsoft.com/t5/microsoft-intune-blog/endpoint-privilege-management-adds-support-approved-elevations/ba-p/4101196 ----------------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ----------------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/message
In this episode, Andy and Adam discuss the growing threat of mobile device threats. They highlight the recent mass password reset and account lockout of Apple IDs and the potential for a mobile wormable event. They explore the conditions necessary for a mobile wormable attack, including the development of zero-click exploits, the abuse of contact lists for further spread, and the lack of clear mitigations from telecommunications and mobile device companies. They also discuss the limitations of lockdown mode and the importance of endpoint protection for mobile devices. Takeaways -Mobile devices have become ubiquitous in corporate environments and are vital for both security and operations. -The conditions necessary for a mobile wormable attack are already in place, including the development of zero-click exploits and the abuse of contact lists for further spread. -Lockdown mode and mobile threat detection (MTD) solutions can provide some risk mitigation for mobile devices, but they have limitations and limited visibility. -Endpoint protection for mobile devices, including mobile device management (MDM) and MTD, should be part of an organization's risk mitigation strategy. -Enterprises should consider implementing baseline security measures for mobile devices, such as a minimum six-digit passcode and keeping the operating system up to date. ----------------------------------------------------------- YouTube Video Link: ----------------------------------------------------------- Documentation: https://www.macrumors.com/2024/04/27/apple-id-accounts-logging-out-users/ https://go.recordedfuture.com/hubfs/reports/CTA-2024-0416.pdf https://www.wired.com/story/apple-lockdown-mode-hands-on/ ----------------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ----------------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/message
Get ready for a SPECIAL episode! Ron Eddings will take you on an inside look at Threatlocker's rapidly growing event, Zero Trust World, and will talk with Rob Allen, Chief Product Officer at Threatlocker, to discuss what you can find out from your endpoints (hint: it's more than remote access tools you didn't know were running!) Impactful Moments: 00:00 - Welcome 01:24 - Zero Trust World Sneak Peek! 02:21 - From our Sponsor, Threatlocker 03:50 - Introducing guest, Rob Allen 05:03 - What's Zero Trust World 10:40 - Technical Executive Leaders 16:24 - Managing from the Top Down 20:33 - More Than Allow Listing 24:38 - Rubber Ducky, You're the One… 26:59 - Assume Breach 29:30 - Some Interesting Finds 35:55 - Where Most of the Action Happens 26:30 - One Step Better… Links: Connect with our guest, Rob Allen: https://www.linkedin.com/in/threatlockerrob/ Check out https://www.threatlocker.com/ to learn more! See the Zero Trust World recap portion here on our YouTube Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord
© 2020-2025 Ivy Podcast Discovery LLC
