Podcasts about Endpoint

In this episode of The New Warehouse Podcast, Kevin chats with Kayvon Nazarian, CEO and Founder of ZonPrep. Together, they explore how Amazon FBA Prep Services are evolving, and why sellers need specialized partners. Nazarian began as a seller, giving him a firsthand view of Amazon's rapid operational shifts. ZonPrep now supports brands with kitting, bundling, labeling, and inbound consolidation tailored to Amazon's strict requirements. As Amazon phases out internal prep options, sellers must rethink how they manage compliance, routing, and speed. This conversation shows how ZonPrep's high-velocity model helps brands adapt and why infrastructure built for fast processing is becoming essential for modern growth.Learn more about Brecham Group here. Learn more about Endpoint and give Gary a break here. Follow us on LinkedIn and YouTube.Support the show

Kevin chats with John McClymont, Founder of Operational Innovations, about how shifting consumer expectations and delivery realities are reshaping warehouse fulfillment strategy today. John brings deep experience across e-commerce, DTC, and final-mile logistics, giving listeners a practical look at where warehouse operations need to evolve and why. He explains how fulfillment success increasingly depends on reliability, density, carrier mix, and the experience customers have from checkout to doorstep. Throughout the conversation, John breaks down how inconsistent carriers, messy data, and rising expectations influence every operational decision. His insights help operators rethink the role their warehouses play in brand experience and customer retention, especially as fast delivery is expected rather than exceptional.Learn more about Brecham Group here. Learn more about Endpoint and give Gary a break here. Follow us on LinkedIn and YouTube.Support the show

Welcome to Episode 416 of the Microsoft Cloud IT Pro Podcast. In this week’s episode, Ben finally has a chance to sit down with Henrik Wojcik. Henrik has been a long-time listener as well as a fellow Microsoft MVP in Security and we finally had the chance to sit down and record an episode together, something we’ve talked about doing for years. As they sit down and enjoy a sunny afternoon in at Microsoft Ignite in San Francisco they discuss security in the financial sector, EU regulations (N2 and DORA), integrating Data Lake with Sentinel, optimizing log analytics, and the latest on Security Copilot and E5 licensing. They also spend some time chatting about some of their conference highlights, assisting as proctors in the hands-on labs, and the unique experience of Ignite in San Francisco. Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options. Show Notes Microsoft Ignite (with sessions on demand) Microsoft Ignite Book of News Catch up on Microsoft Security sessions and announcements from Ignite 2025 Microsoft Sentinel benefit for Microsoft 365 E5, A5, F5, and G5 customers Learn about Security Copilot inclusion in Microsoft 365 E5 subscription Microsoft Sentinel data lake: Unify signals, cut costs, and power agentic AI What is Microsoft Sentinel data lake? KQL and the Microsoft Sentinel data lake Henrik F. Wojcik Henrik has worked in the IT industry since 2003. He’s always had a passion for learning new technologies and expanding his knowledge through various means such as online courses, webinars, and reading up on the latest developments in the industry. Throughout his career, he’s gained experience in various areas of IT, making him a true jack of all trades. However, his latest interests lie in the security space, modern workplace and management in Azure, with a particular focus on cyber security. He has experience working with products such as Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Defender for Office 365, Conditional Access, Microsoft Sentinel, and Microsof t Entra ID. His primary focus is on security on Azure workloads and identity (Entra ID). He prioritizes security awareness and believe that learning never stops, which is why He’s always eager to expand my knowledge and skillset. In the past, He’s also worked with various tools and technologies such as Cisco, Citrix, Dynamics AX, Exchange, ITIL, Azure, SCCM & SCOM, Scrum & Kanban, VMware, Windows Servers, and Windows Desktops. About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!

Kevin chats with attorneys Faith Miros and Mark Wendaur of Offit Kurman to break down the legal realities shaping warehouse and logistics operations today. Offit Kurman is a national full-service law firm with more than 300 attorneys advising business owners across the full lifecycle of their organizations. In the warehouse sector, Faith focuses on real estate, zoning, environmental compliance, and industrial leasing. Meanwhile, Mark concentrates on transactional work, contracts, financing, and governance. Together, they unpack how operators can protect themselves from legal risks in warehousing. Their insights reveal how legal strategy increasingly influences location decisions, customer relationships, and the long-term stability of warehousing operations.Learn more about Brecham Group here. Learn more about Endpoint and give Gary a break here. Follow us on LinkedIn and YouTube.Support the show

Parce que… c'est l'épisode 0x673! Shameless plug 25 et 26 février 2026 - SéQCure 2026 CfP 14 au 17 avril 2026 - Botconf 2026 28 et 29 avril 2026 - Cybereco Cyberconférence 2026 9 au 17 mai 2026 - NorthSec 2026 3 au 5 juin 2025 - SSTIC 2026 Description Introduction Dans cet épisode technique du podcast, Yoan Schinck, directeur de la pratique de cyber réponse chez KPMG Canada, partage son expertise sur le threat hunting utilisant le Kusto Query Language (KQL). Fort de 12 ans d'expérience en technologies de l'information, dont 6 ans chez KPMG et la moitié en cybersécurité, Schinck se spécialise dans la réponse aux incidents, particulièrement les ransomwares et les compromissions de courriels d'affaires (business email compromise). Le workshop de threat hunting Lors de l'événement DeathC, dédié au detection engineering et au threat hunting, Schinck a conçu un workshop intitulé “Threat hunting en KQL 101”. Ce workshop vise à démontrer comment effectuer du threat hunting dans l'environnement Microsoft Sentinel en utilisant le KQL, le langage de requête pour explorer les données dans l'univers Microsoft. L'accent est mis particulièrement sur la télémétrie de Microsoft Defender for Endpoint, un choix stratégique reflétant la réalité du terrain où les organisations utilisant Sentinel travaillent généralement avec la suite de produits Microsoft Defender. Infrastructure et méthodologie Pour créer un environnement d'apprentissage réaliste, Schinck a mis en place une infrastructure comprenant deux machines virtuelles : un client Windows et un serveur Windows. Sur ces machines, il a exécuté une attaque complète simulée, couvrant toutes les étapes depuis l'accès initial jusqu'à l'exfiltration de données. Cette approche synthétique permet aux participants d'explorer des artefacts d'attaque authentiques dans un environnement contrôlé. L'infrastructure incluait également des politiques d'audit avancées Windows pour capturer des événements spécifiques dans le Security Event Log, notamment pour les processus, la gestion des utilisateurs et la création de comptes. Un déploiement de Sysmon avec une configuration étendue complétait le dispositif de collecte de données. Tous ces événements étaient ensuite envoyés vers Microsoft Sentinel, créant ainsi un environnement réaliste de threat hunting. Les organisateurs de DeathC ont fourni l'infrastructure on-premise, incluant le contrôleur de domaine, l'Active Directory, le Windows Event Collector et la configuration des Group Policies pour le transfert des événements Windows. Schinck s'est chargé de créer les deux machines virtuelles localement, de les joindre au domaine et d'installer Microsoft Defender for Endpoint avant d'exécuter son scénario d'attaque. Contenu pédagogique du workshop Le workshop est structuré en quatre catégories principales de threat hunting. La première se concentre sur les vecteurs d'accès initial, explorant différentes techniques pour identifier comment un accès a été obtenu. La deuxième catégorie examine les services Windows, analysant leur création, exécution et configuration pour détecter les abus potentiels par des attaquants. La troisième catégorie explore les tâches planifiées (scheduled tasks), un concept similaire aux services Windows en termes d'opportunités de hunting. Schinck souligne que la maîtrise de l'une de ces techniques facilite l'apprentissage de l'autre en raison de leurs similarités conceptuelles. Enfin, la quatrième catégorie aborde le hunting au niveau réseau en utilisant l'enrichissement de sources externes, notamment le projet Living Off Trusted Sites (LOTS) de Mr. D0x, qui répertorie les sites et domaines internet pouvant être abusés par des attaquants. Pour les participants plus expérimentés, Schinck propose un défi bonus : effectuer les mêmes analyses en utilisant la télémétrie Sysmon ou les Windows Event Logs plutôt que les données de Microsoft Defender for Endpoint. Cette approche alternative permet d'explorer différentes sources de données et de développer une compréhension plus complète du threat hunting. Expérience terrain et cas pratiques L'expertise de Schinck en réponse aux incidents enrichit considérablement le workshop. Il partage des observations concrètes issues de ses interventions, notamment l'abus fréquent des comptes de service par les attaquants. Ces comptes, souvent configurés comme des comptes utilisateurs normaux dans Active Directory avec simplement le préfixe “SVC”, peuvent être exploités pour des connexions RDP sur des systèmes où ils ne devraient pas avoir accès. Schinck recommande de chasser activement ces anomalies en surveillant les connexions de comptes de service entre serveurs, particulièrement celles survenant en dehors des heures normales de travail. Un autre pattern récurrent concerne l'emplacement des fichiers malveillants. Les attaquants déposent fréquemment leurs binaires ou scripts dans des emplacements moins surveillés comme la racine de Program Data, le dossier Users Public, ou divers répertoires AppData. Lors d'une intervention récente sur un cas de ransomware, Schinck a identifié rapidement un fichier DLL suspect dans le dossier Users Public, qui s'est révélé être un backdoor Cobalt Strike. Méthodologie de hunting et conseils pratiques Schinck insiste sur l'importance de filtrer le bruit dans les données de threat hunting. Une technique qu'il privilégie consiste à utiliser la fonction “distinct” pour regrouper les résultats uniques. Par exemple, lors de l'analyse de commandes PowerShell, plutôt que de parcourir 15 000 exécutions individuelles, le regroupement par lignes de commande distinctes peut réduire le jeu de données à 500 entrées, rendant l'analyse visuelle beaucoup plus efficace. Il souligne également que l'œil humain possède une capacité remarquable à détecter des anomalies. En parcourant lentement 50 lignes de commande PowerShell sans filtres additionnels, un analyste expérimenté peut souvent repérer des éléments suspects. Cette capacité repose sur deux piliers : la connaissance approfondie de son environnement et l'expérience accumulée à travers de multiples incidents. Accessibilité et reproductibilité Un aspect important du workshop est son accessibilité. Schinck démontre qu'il est possible de créer un environnement de threat hunting fonctionnel avec seulement deux machines virtuelles, un Windows Event Collector et Microsoft Sentinel. Cette simplicité rend l'apprentissage accessible à quiconque souhaite créer un homelab, même sur un ordinateur personnel ou portable. Il note qu'au Québec, le stack Microsoft (Sentinel et Defender) est devenu très populaire ces dernières années, rendant ces compétences particulièrement pertinentes. Paradoxalement, il observe que très peu d'organisations déploient Sysmon ou collectent les Security Event Logs dans Sentinel, malgré la gratuité de ces outils et leur valeur considérable en cas d'incident. Conclusion Le workshop de Yoan Schinck offre une approche pragmatique et réaliste du threat hunting en KQL, combinant expertise technique et expérience terrain. En se concentrant sur des scénarios d'attaque concrets et des outils largement déployés en entreprise, il prépare efficacement les participants aux défis réels de la cybersécurité moderne. Sa philosophie est claire : une fois les concepts de threat hunting maîtrisés, ils peuvent s'appliquer à n'importe quel produit ou langage de requête, seule la syntaxe change. Collaborateurs Nicolas-Loïc Fortin Yoan Schinck Crédits Montage par Intrasecure inc Locaux réels par DEATHcon Montréal

Is your warehouse SOP doing what you need it to? Kevin chats with Tim Regnier, CEO and Founder of Smart Access, about how warehouses can revive their SOPs. Oftentimes, standard operating procedures get written, approved, stored, and then forgotten or remain misunderstood. In this episode, Tim explains how Smart Access turns warehouse SOP into a living system. The platform guides training, boosts accuracy, and improves productivity. It uses AI-driven observations, automated skill-building, and the new Ops Navigator intelligence layer. The conversation shows how operations can finally align leadership expectations with real work on the floor.Learn more about Brecham Group here. Learn more about Endpoint and give Gary a break here. Follow us on LinkedIn and YouTube.Support the show

When it comes to warehouse talent recruitment, few understand the shifting dynamics better than Charlie Saffro, CEO and Founder of CS Recruiting. In this episode of The New Warehouse Podcast, Kevin chats with Charlie about warehouse hiring trends, logistics recruiting, and how culture-driven leadership shapes retention. With 15 years of experience matching supply chain talent to employers across North America, Charlie shares her perspective on the changing labor landscape. Her insights reveal that the future of supply chain talent acquisition depends as much on human connection as it does on technology.Learn more about Brecham Group here. Learn more about Endpoint and give Gary a break here. Follow us on LinkedIn and YouTube.Support the show

In this episode of The New Warehouse Podcast, Kevin chats with Paul Lukehart, Managing Principal of PL Programs, a consultancy specializing in warehouse startup project management and operational improvement. Paul draws from his background in the military, as well as his experience at Target, Amazon, and XPO Logistics. He shares how his hands-on experience shaped his approach to warehouse improvement—especially when launching new facilities, integrating technology, or navigating complex site moves. From startup lessons to leadership insights, Paul offers a grounded perspective on what it takes to make warehouse operations run more efficiently.Learn more about Brecham Group here. Learn more about Endpoint and give Gary a break here. Follow us on LinkedIn and YouTube.Support the show

Why do entire organisations invest millions building resilient data centres yet leave their endpoints exposed to outages that can last days? That question kept coming back to me during my conversation with James Millington of IGEL at the Now and Next event, because it highlights a gap that most IT leaders still underestimate. James walked me through the reality he sees every day. Companies have high availability strategies for their servers, cloud platforms, and networks, yet the devices workers rely on remain the weakest point. When ransomware or system failure hits, the response often involves scrambling for spare laptops, calling suppliers, and hoping inventory exists. As James pointed out in our chat, many firms quietly rely on a handful of unused machines sitting in a cupboard. That approach might have worked a decade ago, but today's threat landscape exposes every delay. Our discussion centred on IGEL's dual boot approach, a fresh way to recover access within minutes by placing IGEL OS alongside Windows on the same device. Instead of waiting hours or even weeks to rebuild machines, organisations can simply switch to a secure environment that restores access to cloud apps, collaboration tools, and virtual desktops. James shared stories of analysts admitting no comparable solution exists, and of customers having light bulb moments as they calculated the true cost of endpoint recovery. The theme running underneath it all was simple. You cannot coordinate your crisis response unless your people have a working device in their hands. Everything else depends on that. This episode also reflects a wider shift in how organisations think about resilience. Leaders are beginning to question old assumptions about failover, preparation, and what it takes to keep people productive when attacks or outages strike. The conversations I heard throughout Now and Next showed that businesses are realising the endpoint is no longer a peripheral concern. It is the gateway to every service that keeps a company running. When that gateway fails, everything slows. James also shared lighter moments from his journey. His career began as a DJ, something he has circled back to at IGEL events, and it was fascinating hearing how skills from that era still show up in his approach to communication and timing. It reminded me how varied experiences shape the leaders driving today's conversations around security, SaaS evolution, Zero Trust, and the growing overlap between IT and operational technology. So here is my question for you. As cyber risks rise and downtime becomes harder to tolerate, how ready do you feel for the disruption that begins at the endpoint? I would love to hear your thoughts. Tech Talks Daily is Sponsored by NordLayer: Get the exclusive Black Friday offer: 28% off NordLayer yearly plans with the coupon code: techdaily-28. Valid until December 10th, 2025. Try it risk-free with a 14-day money-back guarantee.

Have you ever wondered what happens when the browser stops being a simple window to the web and starts becoming the control point for how AI touches every part of enterprise life? That was the starting point for my conversation with Michael Shieh, founder and CEO of Mammoth Cyber. What followed was a detailed look at why the browser is turning into the foundation of enterprise AI and why the shift is arriving faster than many expect. Michael shared why employees already spend most of their working lives inside a browser and how this makes it the natural place for AI to support decisions, speed up routine work, and act as the interface between people, applications, and data. But we also spoke about the uncomfortable reality behind that convenience.  When consumer AI browsers rush ahead with features that harvest data or request wide-reaching permissions, the trade off between speed and governance becomes harder to ignore. Michael explained how this gap leaves security teams unable to see where sensitive data is being sent or how shadow AI creeps into daily workflows without oversight. During our conversation he broke down what makes an enterprise AI browser different. We talked about policy controlled access, device trust, identity federation, and the safeguards that protect AI from hazards like indirect prompt injection. Michael also described how the Mammoth team built a multi layer security model that monitors what the AI can view, what it cannot view, and how data moves across applications in real time. His examples of DLP at the point of use, low friction controls for workers, and granular visibility for security teams showed how the browser is becoming the new enforcement boundary for zero trust. We also covered the growing tension between traditional access models like VPNs or VDI and the faster, lightweight deployment Mammoth is offering to large enterprises. Hearing Michael explain how some customers replaced heavy remote access stacks in weeks made it clear that this is more than a new product category. It hints at an early move toward AI shaped workflows running directly at the endpoint rather than through centralised infrastructure. As he looked ahead to the next few years, Michael shared why he expects the browser to operate as a kind of operating system for enterprise AI, blending native AI agents, web apps, and policy controls into a single environment. This episode raises an important question. If the browser becomes the place where AI reads, writes, and interprets information, how should enterprises think about identity, trust, and control when the pace of AI adoption accelerates again next year? I would love to hear your thoughts.

When it comes to connecting warehouse systems, few companies are tackling the challenge as directly as TrackStar. In this episode of The New Warehouse Podcast, Kevin chats with Jeremy Schneck and Daniel Langer, Co-Founders of TrackStar, about how they're simplifying integrations across the fragmented WMS landscape. The discussion explores TrackStar's journey from a startup pivot to a Y Combinator-backed company, the growing role of APIs in supply chain connectivity, and how universal APIs are driving the next wave of warehouse innovation.Learn more about Endpoint and give Gary a break here. Get your free ID Label sample right here. Follow us on LinkedIn and YouTube.Support the show

When it comes to optimizing warehouse operations, few companies offer a truly end-to-end solution. In this episode of The New Warehouse Podcast, Kevin chats with Bob Hutson, Senior Vice President of Supply Chain and Real Estate at The Beacon Group, about how his team guides clients through the process from concept to implementation. The discussion highlights how The Beacon Group integrates real estate, technology, and financial modeling to help companies make smarter, faster decisions. As Hutson explains, warehouse network optimization requires foresight and alignment between operations and finance.Learn more about Endpoint and give Gary a break here. Get your free ID Label sample right here. Follow us on LinkedIn and YouTube.Support the show

What really goes into a 3PL quote? Does it ever feel like the final number comes out of thin air?For e-commerce brands and 3PL providers alike, fulfillment pricing can be a complex web. With no industry-wide standard and costs broken into multiple categories, understanding how a proposal is built is critical for a successful partnership.In this previously live session, Kevin was joined by a multi-disciplinary team from Barrett Distribution Centers to pull back the curtain. They went beyond a simple sales pitch to show you how multiple parts of a 3PL organization collaborate to develop pricing that creates a win-win for both the client and the provider.This is a rare opportunity to see how a price is constructed from the ground up and to understand the "why" behind every line item.Learn more about Endpoint and give Gary a break here. Follow us on LinkedIn and YouTube.Support the show

In this episode of The New Warehouse Podcast, Kevin chats with Kurt Heusner, CEO of Endpoint Automation Solutions, about how mid-market warehouses can modernize through digital transformation. Endpoint Automation Solutions helps companies bridge the gap between their ERP systems and the realities of warehouse operations. Kurt explains how modular, human-centered automation empowers smaller operators to stay competitive, improve visibility, and scale intelligently without overwhelming their teams or budgets. Together, they explore warehouse digital transformation for mid-market companies—balancing technology with people, outcomes, and agility.Learn more about Endpoint and give Gary a break here. Follow us on LinkedIn and YouTube.Support the show

What if the real weakness in enterprise cybersecurity isn't the cloud or the network, but the endpoint sitting on every desk? In this episode, Klaus Oestermann, CEO of IGEL Technology, joins me at the Now and Next event in Frankfurt to discuss why he calls the endpoint the forgotten link in digital transformation. Klaus explains how decades of detect and mitigate thinking have left enterprises vulnerable, and why it is time to move toward a prevention-first security model that stops attacks before they start. He shares how IGEL's dual boot architecture allows organizations to recover thousands of devices in minutes, and why prevention-first design can deliver measurable ROI with an average 62 percent reduction in endpoint IT costs and more than 900,000 dollars in annual savings. During our conversation, Klaus also reflects on the surge in ransomware across critical sectors and why governments and enterprises alike are rethinking their endpoint strategies. He talks about how IGEL has become an essential part of modern Zero Trust frameworks, protecting sectors like healthcare, manufacturing, and public services, while partnering with leading technology providers to build stronger, integrated defenses. We also explore how those savings can be reinvested into Zero Trust, AI innovation, and new layers of defense, as well as how IGEL is helping secure critical national sectors from healthcare to manufacturing. From Audi's factory floors to government agencies, Klaus outlines a future where resilience begins at the endpoint, not the data center. Do you think enterprises are ready to make that shift? I would love to hear your thoughts after the episode. Useful Links Connect with Klaus Oestermann on LinkedIn Learn more about IGEL Follow on LinkedIn, Twitter and YouTube Tech Talks Daily is Sponsored by NordLayer: Get the exclusive Black Friday offer: 28% off NordLayer yearly plans with the coupon code: techdaily-28. Valid until December 10th, 2025. Try it risk-free with a 14-day money-back guarantee.

When it comes to improving warehouse performance, Chris Hamley, Managing Partner of The Brecham Group, believes in keeping things simple: make operations suck less. In this episode of The New Warehouse Podcast, Kevin chats with both Chris Hamley and Pete Allen, a returning guest and now one of the newest members of The Brecham Group. Together, they explore what that mantra truly means and how it shapes the firm's approach to operational turnarounds in warehousing. This episode blends real-world lessons, cultural insight, and practical advice from two leaders who have spent their careers on the warehouse floor.Learn more about Endpoint and give Gary a break here. Learn more about The Brecham Group here. Follow us on LinkedIn and YouTube.Support the show

The warehouse of today is already transforming, but what will it truly look like in 2026? We are moving beyond isolated automation to a fully integrated, intelligent ecosystem. This is where AI-driven robotics, augmented-reality workflows, and hyper-flexible software converge to create a warehouse that is not just faster, but more predictive, accurate, and resilient than ever before.Tune in for a panel discussion with leaders from Addverb, Snapfulfil, Centric Packaging, and Vuzix. We'll cut through the hype to reveal the practical technologies shaping the next wave of warehouse efficiency. See them all at the upcoming Element Logic Tradeshow in NJ on 11/13!Learn more about Endpoint and give Gary a break here. Learn more about The Brecham Group here. Follow us on LinkedIn and YouTube.Support the show

When most people think about warehouse efficiency, they picture automation, robotics, or faster picking speeds. But for James Malley, Co-founder and CEO of Paccurate, the real opportunity lies in something far less flashy—how we pack boxes. In this episode, Kevin chats with James about Paccurate's milestone of processing one billion packs and how the company is redefining packaging optimization through cartonization.What began as a side project tackling dimensional weight challenges has evolved into a new layer of warehouse intelligence: the Packing Control System (PCS). As James explains, sometimes the smallest adjustments have the biggest ripple effects.Learn more about Endpoint and give Gary a break here. Learn more about The Brecham Group here. Follow us on LinkedIn and YouTube.Support the show

Kevin chats with Rick McDonald, CEO and Founder of Rick McDonald Supply Chain Advisory, who spent over three decades at Clorox, including four years as Chief Supply Chain Officer. Drawing from his deep experience leading transformation across manufacturing, procurement, and logistics, Rick shares supply chain advice on how the industry evolved from grease pencils and overhead projectors to digital roadmaps, AI-driven planning, and consumer-obsessed supply chains. The conversation touches on leadership, change management, and what the future of warehousing will look like as technology and people continue to adapt.Learn more about Endpoint and give Gary a break here. Learn more about The Brecham Group here. Follow us on LinkedIn and YouTube.Support the show

With Black Friday just weeks away, the window for final peak season preparation is closing. Are your operations and your systems truly ready for the surge?Join your host, Kevin, for a crucial live discussion with Brian Kirst of Snapfulfil. Drawing on his unique dual experience as both a WMS expert and a former 3PL owner, Brian offers battle-tested strategies from both sides of the operation.In this session, you will discover:The Operator's Playbook: Go beyond theory with practical, on-the-floor tips Brian used to navigate high-volume seasons in his own 3PL.The Pre-Peak Systems Audit: Uncover the critical checks you need to run on your system now to prevent crashes and costly "hiccups" on your busiest days.Fortifying Your Fulfillment Engine: Learn how to align your people, processes, and technology to ensure your operation can handle the pressure without breaking.This is a must-attend event for 3PL owners, warehouse managers, and operations leaders. Bring your questions for a live Q&A!Learn more about Snapfulfil here: https://snapfulfil.com/Learn more about Endpoint and give Gary a break here. Learn more about The Brecham Group here. Follow us on LinkedIn and YouTube.Support the show

Ken, Senior Solutions Engineer at LimaCharlie, dives into the incredibly confusing licensing tiers, pricing models and feature sets for Microsoft Defender for Endpoint. Today we discuss: The difference between tiersWays to solve Defender visibility issues and increase operational transparencyHow its capabilities can be customized and expanded for better flexibility and scalability for service providersJoin the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.A big picture thinker, Ken ferrets out trends, seeking to understand what happens when businesses are breached and the methods behind the attacks. Then he figures out how to protect customers before they're hit.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastruture for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode, Eric Hardter and guest Kelsey Lenoch discuss recent US FDA developments, including leadership changes at CBER and CDER, staffing impacts on orphan product reviews, and the new Rare Disease Evidence Principles aimed at accelerating approvals for rare and ultra-rare conditions. They also explore evolving trial endpoints in oncology (including surrogate measures and ctDNA), transparency moves such as the public release of Complete Response Letters and the industry's reactions, updates on the National Priority Voucher Program, and the FDA Pre-Check initiative to boost domestic drug manufacturing. Tune in for an in-depth discussion offering timely updates and expert perspectives on what may be ahead for drug development stakeholders.

In this episode of IGEL Weekly, Andy Whiteside sits down with Chris Feeney from IGEL's Office of the CTO to explore a critical, often overlooked element of disaster recovery—endpoint resilience. They unpack how IGEL is addressing business continuity challenges with innovative solutions like IGEL Dual Boot and USB Recovery, enabling organizations to recover in minutes rather than days.Chris shares insights into the growing importance of securing endpoints amid rising ransomware threats and operational disruptions like the recent CrowdStrike incident. The conversation dives into:Why most organizations fail to plan for endpoint-level recoveryHow IGEL's dual-boot architecture bridges the gap between prevention and recoveryReal-world examples of minimizing downtime during breaches and outagesThe future of endpoint strategy as SaaS, browsers, and cloud PCs reshape IT infrastructureTune in to learn how IGEL is redefining endpoint continuity and setting a new standard for security and business resilience.

AI at the endpoint gets yet another boost from EMASS, a fabless semiconductor company that recently emerged from stealth mode. Having your processing at the endpoint presents a few significant challenges, namely the amount of processing that can be made available and the ability to run from a battery. EMASS has come up with a way to do this a little differently from what's been done previously. They can attach their RISC-V processing element to any sensor, making the device an AI accelerator. It's a little difficult for me to put into words here, so check out this week's Embedded Executives podcast, where I spent some time with Mark Goranson, EMASS's CEO, who explains it in detail.

In this week's episode, LaDarius recaps Week Four of the NFL and looks ahead to Week Five. Next, Minnesota Lynx star Napheesa Collier's comments on WNBA Commissioner Cathy Engelbert. Lastly, Brown's Big Bets, MLB Playoffs, and more! Follow LaDarius on Social Media:Twitter (X): ⁠⁠⁠⁠⁠⁠⁠@ladarius_brown⁠⁠⁠⁠⁠ ⁠⁠⁠⁠Instagram: ⁠⁠⁠⁠⁠⁠⁠@ladarius__brown⁠⁠⁠⁠⁠ ⁠⁠TikTok: ⁠⁠⁠⁠⁠⁠⁠@ladarius_brown

AI is a technology that generally requires a significant amount of power and high compute performance. Hence, it's typically relegated to the Cloud or to an Edge-based computer.Performing AI at the endpoint has not been feasible for those reasons. With ambiq's Sub-threshold Power Optimized technology (SPOT), performing AI at the endpoint is a reality. And the doors/applications that it opens are extremely cool. Hear more about it in this week's Embedded Executives podcast, where I spoke to Ambiq's Vice President of AI, Carlos Morales. Note that Ambiq just recently released the latest version of neuralSPOT, which now includes key performance enhancements specific to the company's Apollo5 family, amongst other features, some of which are specific to AI development.

I'm reposting episodes that were taken down from Spotify. Keith sits down with Rob Pennington to discuss growing up and going to shows in Louisville, the history of Endpoint and By The Grace of God, touring the world, Rob's PhD and the work he does in Behavioral Science, Black Widows/Black Cross, Rob's latest band Jupiter Hearts and more.

The American Academy of Pediatrics release their own immunization schedule; The American Heart Association update 2017 guidelines for the prevention of high blood pressure; weight loss drug gains indication to treat noncirrhotic MASH; FDA approve a new fibromyalgia treatment; investigational SCD Tx to meet trial endpoint.

Event Recap: Kieran Human at Black Hat USA 2025 — ThreatLocker Unveils Configuration Defense, Achieves FedRAMP Status & MoreThreatLocker introduced DAC configuration monitoring and achieved FedRAMP certification at Black Hat 2025, strengthening zero trust capabilities while expanding government market access through practical security solutions.Zero trust security continues evolving beyond theoretical frameworks into practical business solutions, as demonstrated by ThreatLocker's latest announcements at Black Hat USA 2025. The company introduced Defense Against Configuration (DAC), a monitoring tool addressing a critical gap in zero trust implementations.Kieran Human, Special Projects Engineer at ThreatLocker, explained the challenge driving DAC's development. Organizations implementing zero trust often struggle with configuration management, potentially leaving systems vulnerable despite security investments. DAC monitors configurations continuously, alerting administrators to potential security issues and mapping findings to compliance frameworks including Essential 8.The tool addresses human factors in security implementation. Technical staff sometimes create overly permissive rules to minimize user complaints, compromising security posture. DAC provides weekly reports to executives, ensuring oversight of configuration decisions and maintaining security standards across the organization.ThreatLocker's approach distinguishes itself through "denied by default, allowed by exception" methodology, contrasting with traditional endpoint detection and response solutions that permit by default and block threats reactively. This fundamental difference requires careful implementation to avoid business disruption.The company's learning mode capabilities address deployment concerns. With over 10,000 built-in application profiles, ThreatLocker automates policy creation while learning organizational workflows. This reduces manual configuration requirements that previously made zero trust implementations tedious and time-intensive.FedRAMP certification represents another significant milestone, opening government sector opportunities. Federal compliance requirements previously excluded ThreatLocker from certain contracts, despite strong customer demand for their zero trust capabilities. This certification enables expansion into highly regulated environments requiring stringent security controls.Customer testimonials continue validating the approach. One user reported preventing three breaches after implementing ThreatLocker's zero trust solution, demonstrating measurable security improvements. Such feedback reinforces the practical value of properly implemented zero trust architecture.The balance between security and business functionality remains crucial. Organizations need security solutions that protect assets without hampering productivity. ThreatLocker's principle of least privilege implementation focuses on enabling business requirements with minimal necessary permissions rather than creating restrictive environments that impede operations.Human described working closely with CEO Danny Jenkins, emphasizing the collaborative environment that drives product innovation. His engineering perspective provides valuable insights into customer needs while maintaining focus on practical security solutions that work in real-world environments.As zero trust adoption accelerates across industries, tools like DAC become essential for maintaining security posture while meeting business demands. The combination of automated learning, configuration monitoring, and compliance mapping addresses practical implementation challenges facing security teams today.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Kieran Human, Special Project Engineer at ThreatLocker | On LinkedIn | https://www.linkedin.com/in/kieran-human-5495ab170/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

In Episode 103 of IGEL Weekly, host Andy Whiteside and Chris Feeney dive deep into what it means to truly rethink endpoint strategy in 2025. Using James Millington's recent blog as a guide, they explore IGEL's Preventive Security Model — a lightweight, adaptive, and policy-aligned approach that moves beyond the bloated, reactive stacks of the past.From Zero Trust architecture and business continuity planning to repurposing hardware for sustainability and simplifying mergers and acquisitions, Andy and Chris share how IGEL unifies hardware, applications, and security into a failsafe foundation for any organization. Whether you're managing thousands of endpoints or just a few dozen, this conversation reveals why it's time to break from the status quo and design for a secure, flexible, and future-ready digital workspace.

At Black Hat USA 2025, Danny Jenkins, CEO of ThreatLocker, shares how his team is proving that effective cybersecurity doesn't have to be overly complex. The conversation centers on a straightforward yet powerful principle: security should be simple enough to implement quickly and consistently, while still addressing the evolving needs of diverse organizations.Jenkins emphasizes that the industry has moved beyond selling “magic” solutions that promise to find every threat. Instead, customers are demanding tangible results—tools that block threats by default, simplify approvals, and make exceptions easy to manage. ThreatLocker's platform is built on this premise, enabling over 54,000 organizations worldwide to maintain a secure environment without slowing business operations.A highlight from the event is ThreatLocker's Defense Against Configurations (DAC) module. This feature performs 170 daily checks on every endpoint, aligning them with compliance frameworks like NIST and FedRAMP. It not only detects misconfigurations but also explains why they matter and how to fix them. Jenkins admits the tool even revealed gaps in ThreatLocker's own environment—issues that were resolved in minutes—proving its practical value.The discussion also touches on the company's recent FedRAMP authorization process, a rigorous journey that validates both the product's and the company's security maturity. For federal agencies and contractors, this means faster compliance with CMMC and NIST requirements. For commercial clients, it's an assurance that they're working with a partner whose internal security practices meet some of the highest standards in the industry.As ThreatLocker expands its integrations and modules, Jenkins stresses that simplicity remains the guiding principle. This is achieved through constant engagement with customers—at trade shows, in the field, and within the company's own managed services operations. By actively using their own products at scale, the team identifies friction points and smooths them out before customers encounter them.In short, the message from the booth at Black Hat is clear: effective security comes from strong fundamentals, simplified management, and a relentless focus on the user experience.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Danny Jenkins, CEO of ThreatLocker | On LinkedIn | https://www.linkedin.com/in/dannyjenkinscyber/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Special Virtual Episodes with ISACA Leaders: State of Cyber (Part 1) - Maintaining readiness in a complex threat environmentSpeakers:Jamie Norton - ISACA Board Member Chirag Joshi - Sydney Chapter Board Member Abby Zhang - Auckland Chapter Board Member Jason Wood - Auckland Chapter former PresidentBharat Bajaj - ISACA Melbourne Board DirectorFor the full series visit: https://mysecuritymarketplace.com/security-amp-risk-professional-insight-series-2025/#mysecuritytv #isaca #cybersecurity OVERVIEWAccording to ISACA research, almost half of companies exclude cybersecurity teams when developing, onboarding, and implementing AI solutions.Only around a quarter (26%) of cybersecurity professionals or teams in Oceania are involved in developing policy governing the use of AI technology in their enterprise, and nearly half (45%) report no involvement in the development, onboarding, or implementation of AI solutions, according to the recently released 2024 State of Cybersecurity survey report from global IT professional association ISACA.Key Report Findings Security teams in Oceania noted they are primarily using AI for: Automating threat detection/response (36% vs 28% globally); Endpoint security (33% vs 27% globally); Automating routine security tasks (22% vs 24% globally); and Fraud detection (6% vs 13% globally).Additional AI resources to help cybersecurity and other digital trust professionalso EU AI Act white papero Examining Authentication in the Deepfake EraSYNOPSISISACA's 2024 State of Cybersecurity report reveals that stress levels are on the rise for cybersecurity professionals, largely due to an increasingly challenging threat landscape. The annual ISACA research also identifies key skills gaps in cybersecurity, how artificial intelligence is impacting the field, the role of risk assessments and cyber insurance in enterprises' security programs, and more.The demand for cybersecurity talent has been consistently high, yet efforts to increase supply are not reflected in the global ISACA IS/IT-community workforce. The current cybersecurity practitioners are aging, and the efforts to increase staffing with younger professionals are making little progress. Left unchecked, this situation will create business continuity issues in the future. Shrinking budgets and employee compensation carry the potential to adversely affect cybersecurity readiness much sooner than the aging workforce, when the Big Stay passes. Declines in vacant positions across all reporting categories may lead some enterprises to believe that the pendulum of power will swing back to employers, but the increasingly complex threat environment is greatly increasing stress in cybersecurity teams; therefore, the concern is not if, but when, employees will reach their tipping point to vacate current positions.

Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Each week, we bring you a different expert guest who will share their invaluable insights on topics ranging from threat hunting and incident response to security operations and detection engineering. What makes these sessions special is their informal and interactive nature, allowing for an engaging dialogue between our guests, hosts, and the audience.You can sign up to join us for the live sessions at limacharlie.io/defender-fridays

Darshan H. Brahmbhatt, Podcast Editor of JACC: Advances, discusses a recently published original research paper on Preserving Trial Endpoint Specificity and Cause of Death Attribution in Cardiovascular Trials: Insights From MARINE.

In this episode of TCAST, host Alexander McCaig welcomes Shirish Nimgaonkar, founder of EBLISS AI, to unpack how endpoint automation is redefining enterprise IT. With devices multiplying across industries, traditional support models—manual, reactive, and costly—no longer scale. EBLISS AI addresses this gap through an AI-powered platform that dynamically learns, predicts, and resolves endpoint issues with precision. Shirish explains how the platform integrates classic machine learning and proprietary small language models to build agentic AI—intelligent agents capable of real-time remediation and proactive diagnostics. They delve into the importance of synthetic data, human-in-the-loop safety mechanisms, and why productivity and risk management must co-evolve. The conversation also touches on the ethical implications of automation and the need for vision-led tech adoption that enhances quality of life, not just profits. Whether you're a data strategist, IT leader, or AI ethicist, this episode delivers actionable insights on how to future-proof your digital infrastructure. Timestamps [00:03] – Introduction: Shirish Nimgaonkar joins to talk AI-powered endpoint automation. [00:47] – Device Explosion: Why legacy IT support can't scale with modern device fleets. [03:11] – Enter EBLISS AI: A platform for prediction, remediation, and self-healing. [04:28] – Personalized Intelligence: How EBLISS tailors responses based on personas and use cases. [06:05] – Hybrid AI Models: Mixing ML, LLMs, and synthetic data for scalable solutions. [10:22] – Risk vs. Efficacy: Managing synthetic data and human oversight. [12:18] – Scaling Insight: Monitoring drift across millions of endpoints. [17:00] – Ethics of Adoption: Why vision, governance, and user empowerment matter. Quotes “You're not just shifting the risk—you're minimizing it.” – Shirish Nimgaonkar “Autonomy must be in service of human quality of life.” – Shirish Nimgaonkar “The ratio of productivity to risk defines solution effectiveness.” – Shirish Nimgaonkar Resources

As InfoSecurity Europe prepares to welcome cybersecurity professionals from across the globe, Rob Allen, Chief Product Officer at ThreatLocker, shares why this moment—and this location—matters. Allen doesn't frame the conversation around hype or headlines. Instead, he focuses on a universal truth: organizations want to sleep better at night knowing their environments are secure.ThreatLocker's mission is grounded in achieving Zero Trust in a simple, operationally feasible way. But more than that, Allen emphasizes their value as enablers of peace of mind. Whether helping customers prevent ransomware attacks or meet regional regulatory requirements like GDPR or Australia's Essential Eight, the company is working toward real-world solutions that reduce complexity without sacrificing security. Their presence at events like InfoSecurity Europe is key—not just for outreach, but to hear directly from customers and partners about what's working and where they need help.Why Being There MattersDifferent regions have different pressures. In Australia, adoption surged without any local team initially on the ground—driven purely by alignment with the Essential Eight framework. In the UK, it's conversations about Cyber Essentials that shape booth discussions. Regulations aren't just compliance checklists; they're also conversation starters that change how organizations prioritize security.The ThreatLocker team doesn't rely on generic demos or vague promises. They bring targeted examples to the booth—like asking attendees if they know what software can be run on their machines without alerting anyone. If tools like remote desktop applications or archive utilities can be freely executed, attackers can use them too. This is where ThreatLocker steps in: controlling what runs, identifying what's necessary, and blocking what isn't.Booth D90 and BeyondRob Allen invites anyone—whether they're new to ThreatLocker or longtime users—to visit booth D90. The team, built with a mix of technical skill and humor (ask about the “second-best beard” in the company), is there to listen and help. It's not just about showcasing technology; it's about building relationships and reinforcing a shared goal: practical, proactive cybersecurity that makes a measurable difference.If you're at InfoSecurity Europe, stop by. If you're not, this episode offers a meaningful glimpse into why showing up—both physically and philosophically—matters in cybersecurity.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Rob Allen, Chief Product Officer, ThreatLocker | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerCyber Essentials Guide: https://threatlocker.kb.help/threatlocker-and-cyber-essentials-compliance/?utm_source=itsp&utm_medium=sponsor&utm_campaign=infosec_europe_pre_interview_rob_q2_25&utm_content=infosec_europe_pre_interview_rob&utm_term=podcastAustralia's Essential Eight Guide: https://www.threatlocker.com/whitepaper/australia-essential-eight?utm_source=itsp&utm_medium=sponsor&utm_campaign=infosec_europe_pre_interview_rob_q2_25&utm_content=infosec_europe_pre_interviLearn more and catch more event coverage stories from Infosecurity Europe 2025 in London: https://www.itspmagazine.com/infosec25 ______________________Keywords:sean martin, marco ciappelli, rob allen, cybersecurity, zero trust, infosec, compliance, ransomware, endpoint, regulation, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

In this episode of Hands-On IT, Landon Miles shares 3 tactical tips to help you make smarter decisions with your endpoint data. Learn how to cut through alert fatigue, streamline your reporting, and use historical insights to predict and prevent future issues. Whether you're managing a few hundred devices or thousands across mixed OS environments, these strategies will help you reduce noise, boost visibility, and run a more secure, efficient operation.

In this episode of Automox Insiders, host Maddie Regis sits down with Peter Pflaster and Kelly Carlson from Automox's product marketing team to explore how data transforms endpoint management. From mean time to remediate (MTTR) to device compliance and unexpected user activity trends, they break down the metrics IT pros should watch — and why clear, actionable reporting is critical for both security and executive buy-in. Plus, the trio wraps up with a round of data trivia to prove that yes, data can be fun.

Despite missing the primary endpoint, the treatment improved vision for some patients.

Microsoft Patch Tuesday Microsoft patched 70-78 vulnerabilities (depending on how you count them). Five of these vulnerabilities are already being exploited. In particular, a remote code execution vulnerability in the scripting engine should be taken seriously. It requires the Microsoft Edge browser to run in Internet Explorer mode. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%3A%20May%202025/31946 Security Advisory Ivanti Endpoint Manager Mobile (EPMM) May 2025 (CVE-2025-4427 and CVE-2025-4428) Ivanti patched an authentication bypass vulnerability and a remote code execution vulnerability. The authentication bypass can exploit the remote code execution vulnerability without authenticating first. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US Fortinet Patches Exploited Vulnerability in API (CVE-2025-32756) Fortinet patched an already exploited stack-based buffer overflow vulnerability in the API of multiple Fortinet products. The vulnerability is exploited via crafted HTTP requests. https://fortiguard.fortinet.com/psirt/FG-IR-25-254

Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-405

Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-405

Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Show Notes: https://securityweekly.com/esw-405

Take a Network Break! We start with a Red Alert for SAP NetWeaver's Visual Composer Metadata Uploader, and then dive into a new endpoint discovery feature from Forward Networks, and Ericsson adding clientless ZTNA to its SASE offering. Aviatrix adds a Secure NAT Gateway for Microsoft Azure as a way to help Azure customers navigate... Read more »

Take a Network Break! We start with a Red Alert for SAP NetWeaver's Visual Composer Metadata Uploader, and then dive into a new endpoint discovery feature from Forward Networks, and Ericsson adding clientless ZTNA to its SASE offering. Aviatrix adds a Secure NAT Gateway for Microsoft Azure as a way to help Azure customers navigate... Read more »

Take a Network Break! We start with a Red Alert for SAP NetWeaver's Visual Composer Metadata Uploader, and then dive into a new endpoint discovery feature from Forward Networks, and Ericsson adding clientless ZTNA to its SASE offering. Aviatrix adds a Secure NAT Gateway for Microsoft Azure as a way to help Azure customers navigate... Read more »

Product Manager Bar Yassure discusses what we did to improve performance and stability in the E88.70 release of Harmony Endpoint.

Default deny is an old, and very recognizable term in security. Most folks that have been in the industry for a long time will associate the concept with firewall rules. The old network firewalls, positioned between the public Internet and private data centers, however, were relatively uncomplicated and static. Most businesses had a few hundred firewall rules at most. The idea of implementing default deny principles elsewhere were attempted, but without much success. Internal networks (NAC), and endpoints (application control 1.0) were too dynamic for the default deny approach to be feasible. Vendors built solutions, and enterprises tried to implement them, but most gave up. Default deny is still an ideal approach to protecting assets and data against attacks - what it needed was a better approach. An approach that could be implemented at scale, with less overhead. This is what we'll be talking to Threatlocker's CEO and co-founder, Danny Jenkins, about on this episode. They seemed to have cracked the code here and are eager to share how they did it. This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! We wanted security data? We got it! Now, what the heck do we DO with all of it? The core challenge of security operations, incident response, and even compliance is still a data management and analysis problem. Which is why we're seeing companies like Abstract Security pop up to address some of these challenges. Abstract just released a comprehensive eBook on security data strategy, linked below, and you don't even need to give up an email address to read it! In this interview, we'll talk through some of the highlights: Challenges Myths Pillars of a data security strategy Understanding the tools available Segment Resources A Leader's Guide to Security Data Strategy eBook In the enterprise security news, new startup funding what happened to the cybersecurity skills shortage? tools for playing with local GenAI models CVE assignment drama a SIEM-agnostic approach to detection engineering pitch for charity a lost dog that doesn't want to be found All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-402

What does it really take to reimagine the future of endpoint computing? In this special episode recorded live from IGEL's Now and Next 2025 event in Miami, I sit down with Klaus Oestermann, CEO of IGEL, to explore how cybersecurity, digital workspaces, and user experience are being transformed at the edge. Klaus is no stranger to innovation, having spent decades in high-assurance security across critical industries, and now leading IGEL's mission to simplify, secure, and modernize how enterprises manage endpoints. Our conversation starts by unpacking the shift from traditional perimeter-based security models to a new way of thinking rooted in prevention. Klaus explains how IGEL's Preventative Security Model addresses modern threats by dramatically reducing the attack surface at the endpoint and flipping the conversation from detection and response to control and containment. With more organizations relying on hybrid work and SaaS-based applications, the endpoint has never been more critical—or more vulnerable. Klaus also outlines how IGEL OS is supporting everything from virtual desktop infrastructure to secure browsing, while enabling consistent user experiences across cloud, on-prem, and edge environments. But this episode isn't just about technology. It's about strategy. Klaus shares how IGEL is creating meaningful impact by extending device life cycles, cutting hardware replacement costs, and supporting sustainability goals. With Windows 11 upgrades looming and endpoint refresh cycles under pressure, IGEL presents a compelling alternative that balances performance with responsibility. We also dive into the role of AI, how it's reshaping device requirements, and what it means for endpoint security moving forward. And as IGEL expands its ecosystem and reveals over 20 new announcements at this year's event, Klaus offers a candid look into what's resonating with customers—and where the industry is headed next. So what will define your endpoint strategy in 2025? And is your organization ready to lead from the edge?

Using ES|QL In Kibana to Query DShield Honeypot Logs Using the "Elastic Search Piped Query Language" to query DShield honeypot logs https://isc.sans.edu/diary/Using%20ES%7CQL%20in%20Kibana%20to%20Queries%20DShield%20Honeypot%20Logs/31704 Mongoose Flaws Put MongoDB at risk The Object Direct Mapping library Mongoose suffers from an injection vulnerability leading to the potenitial of remote code exeuction in MongoDB https://www.theregister.com/2025/02/20/mongoose_flaws_mongodb/ U-Boot Vulnerabilities The open source boot loader U-Boot does suffer from a number of issues allowing the bypass of its integrity checks. This may lead to the execution of malicious code on boot. https://www.openwall.com/lists/oss-security/2025/02/17/2 Unifi Protect Camera Update https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f