Aspect of computer network security
POPULARITY
NVIDIA has reported impressive fourth-quarter earnings, with a revenue of $39.3 billion, marking a 78% increase from the previous year. The company's net income also surged to $22.1 billion, reflecting an 80% year-over-year growth, driven by strong demand for its latest GPU architecture, Blackwell. Despite these positive results, NVIDIA's stock experienced fluctuations in after-hours trading due to a decline in gross margins linked to a transition to more complex systems. In contrast, Salesforce has forecasted disappointing revenue for fiscal 2026, projecting figures below Wall Street expectations, primarily due to slower adoption of its AgentForce platform.The challenges faced by Salesforce highlight the broader issue of AI monetization, as businesses remain hesitant to invest in generative AI technologies without clear, tangible returns on investment. This cautious spending trend is exacerbated by high interest rates and economic uncertainty, indicating that many enterprises are still in a wait-and-see mode regarding AI adoption. The struggles of a major player like Salesforce serve as a cautionary tale, emphasizing that AI hype alone is insufficient to drive sales; clients are demanding proof of effectiveness.In the realm of cybersecurity, Enable has committed to achieving Cybersecurity Maturity Model Certification 2.0 readiness for its nCentral platform by the second half of 2025, while Kaseya has partnered with SafeLogic to enhance its encryption capabilities. Acronis has launched a new security and compliance platform aimed at protecting Microsoft 365 environments for managed service providers. Additionally, Amazon has introduced Alexa Plus, a generative AI-powered upgrade to its virtual assistant, aiming to enhance user experience and expand its capabilities.Private equity firms have acquired a majority stake in Ignite, a cloud content collaboration company, signaling a potential shift in the competitive landscape for managed service providers. As Ignite seeks to expand its market presence, MSPs may face increased competition but also new opportunities for partnerships. The episode concludes with a discussion on the importance of scalable, proactive security-first device management strategies, particularly in light of the growing threat posed by unmanaged devices in the workplace. Organizations are urged to adopt automation-first solutions to enhance their security posture and prepare for the future of IT operations. Four things to know today 00:00 Nvidia Wins Big on AI, But Salesforce's Struggles Show the Hype Isn't Enough03:40 Kaseya, N-Able, and Acronis Ramp Up Security—MSPs Must Track Certification Progress07:04 Egnyte Gets a Private Equity Boost—Will MSPs Benefit or Face More Competition?08:47 From Unmanaged Chaos to AI-Controlled Security—The Future of Endpoint Protection Supported by: https://getflexpoint.com/msp-radio/ Event: : https://www.nerdiocon.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech
Zero Trust World 2025, hosted by ThreatLocker, is fast approaching (February 19-21), bringing together security professionals, IT leaders, and business executives to discuss the principles and implementation of Zero Trust. Hosted by ThreatLocker, this event offers a unique opportunity to explore real-world security challenges and solutions.In a special On Location with Sean and Marco episode recorded ahead of the event, Ryan Bowman, VP of Solutions Engineering at ThreatLocker, shares insights into his upcoming session, The Dangers of Shadow IT. Shadow IT—the use of unauthorized applications and systems within an organization—poses a significant risk to security, operations, and compliance. Bowman's session aims to shed light on this issue and equip attendees with strategies to address it effectively.Understanding Shadow IT and Its RisksBowman explains that Shadow IT is more than just an inconvenience—it's a growing challenge for businesses of all sizes. Employees often turn to unauthorized tools and services because they perceive them as more efficient, cost-effective, or user-friendly than the official solutions provided by IT teams. While this may seem harmless, the reality is that these unsanctioned applications create serious security vulnerabilities, increase operational risk, and complicate compliance efforts.One of the most pressing concerns is data security. Employees using unauthorized platforms for communication, file sharing, or project management may unknowingly expose sensitive company data to external risks. When employees leave the organization or access is revoked, data stored in these unofficial systems can remain accessible, increasing the risk of breaches or data loss.Procurement issues also play a role in the Shadow IT problem. Bowman highlights cases where organizations unknowingly pay for redundant software services, such as using both Teams and Slack for communication, leading to unnecessary expenses. A lack of centralized oversight results in wasted resources and fragmented security controls.Zero Trust as a MindsetA recurring theme throughout the discussion is that Zero Trust is not just a technology or a product—it's a mindset. Bowman emphasizes that implementing Zero Trust requires organizations to reassess their approach to security at every level. Instead of inherently trusting employees or systems, organizations must critically evaluate every access request, application, and data exchange.This mindset shift extends beyond security teams. IT leaders must work closely with employees to understand why Shadow IT is being used and find secure, approved alternatives that still support productivity. By fostering open communication and making security a shared responsibility, organizations can reduce the temptation for employees to bypass official IT policies.Practical Strategies to Combat Shadow ITBowman's session will not only highlight the risks associated with Shadow IT but also provide actionable strategies to mitigate them. Attendees can expect insights into:• Identifying and monitoring unauthorized applications within their organization• Implementing policies and security controls that balance security with user needs• Enhancing employee engagement and education to prevent unauthorized technology use• Leveraging solutions like ThreatLocker to enforce security policies while maintaining operational efficiencyBowman also stresses the importance of rethinking traditional IT stereotypes. While security teams often impose strict policies to minimize risk, they must also ensure that these policies do not create unnecessary obstacles for employees. The key is to strike a balance between control and usability.Why This Session MattersWith organizations constantly facing new security threats, understanding the implications of Shadow IT is critical. Bowman's session at Zero Trust World 2025 will provide a practical, real-world perspective on how organizations can protect themselves without stifling innovation and efficiency.Beyond the technical discussions, the conference itself offers a unique chance to engage with industry leaders, network with peers, and gain firsthand experience with security tools in hands-on labs. With high-energy sessions, interactive learning opportunities, and keynotes from industry leaders like ThreatLocker CEO Danny Jenkins and Dr. Zero Trust, Chase Cunningham, Zero Trust World 2025 is shaping up to be an essential event for anyone serious about cybersecurity.For those interested in staying ahead of security challenges, attending Bowman's session on The Dangers of Shadow IT is a must.Guest: Ryan Bowman, VP of Solutions Engineering, ThreatLocker [@ThreatLocker | On LinkedIn: https://www.linkedin.com/in/ryan-bowman-3358a71b/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine: https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More
Zero Trust World 2025, hosted by ThreatLocker, is fast approaching (February 19-21), bringing together security professionals, IT leaders, and business executives to discuss the principles and implementation of Zero Trust. Hosted by ThreatLocker, this event offers a unique opportunity to explore real-world security challenges and solutions.In a special On Location with Sean and Marco episode recorded ahead of the event, Ryan Bowman, VP of Solutions Engineering at ThreatLocker, shares insights into his upcoming session, The Dangers of Shadow IT. Shadow IT—the use of unauthorized applications and systems within an organization—poses a significant risk to security, operations, and compliance. Bowman's session aims to shed light on this issue and equip attendees with strategies to address it effectively.Understanding Shadow IT and Its RisksBowman explains that Shadow IT is more than just an inconvenience—it's a growing challenge for businesses of all sizes. Employees often turn to unauthorized tools and services because they perceive them as more efficient, cost-effective, or user-friendly than the official solutions provided by IT teams. While this may seem harmless, the reality is that these unsanctioned applications create serious security vulnerabilities, increase operational risk, and complicate compliance efforts.One of the most pressing concerns is data security. Employees using unauthorized platforms for communication, file sharing, or project management may unknowingly expose sensitive company data to external risks. When employees leave the organization or access is revoked, data stored in these unofficial systems can remain accessible, increasing the risk of breaches or data loss.Procurement issues also play a role in the Shadow IT problem. Bowman highlights cases where organizations unknowingly pay for redundant software services, such as using both Teams and Slack for communication, leading to unnecessary expenses. A lack of centralized oversight results in wasted resources and fragmented security controls.Zero Trust as a MindsetA recurring theme throughout the discussion is that Zero Trust is not just a technology or a product—it's a mindset. Bowman emphasizes that implementing Zero Trust requires organizations to reassess their approach to security at every level. Instead of inherently trusting employees or systems, organizations must critically evaluate every access request, application, and data exchange.This mindset shift extends beyond security teams. IT leaders must work closely with employees to understand why Shadow IT is being used and find secure, approved alternatives that still support productivity. By fostering open communication and making security a shared responsibility, organizations can reduce the temptation for employees to bypass official IT policies.Practical Strategies to Combat Shadow ITBowman's session will not only highlight the risks associated with Shadow IT but also provide actionable strategies to mitigate them. Attendees can expect insights into:• Identifying and monitoring unauthorized applications within their organization• Implementing policies and security controls that balance security with user needs• Enhancing employee engagement and education to prevent unauthorized technology use• Leveraging solutions like ThreatLocker to enforce security policies while maintaining operational efficiencyBowman also stresses the importance of rethinking traditional IT stereotypes. While security teams often impose strict policies to minimize risk, they must also ensure that these policies do not create unnecessary obstacles for employees. The key is to strike a balance between control and usability.Why This Session MattersWith organizations constantly facing new security threats, understanding the implications of Shadow IT is critical. Bowman's session at Zero Trust World 2025 will provide a practical, real-world perspective on how organizations can protect themselves without stifling innovation and efficiency.Beyond the technical discussions, the conference itself offers a unique chance to engage with industry leaders, network with peers, and gain firsthand experience with security tools in hands-on labs. With high-energy sessions, interactive learning opportunities, and keynotes from industry leaders like ThreatLocker CEO Danny Jenkins and Dr. Zero Trust, Chase Cunningham, Zero Trust World 2025 is shaping up to be an essential event for anyone serious about cybersecurity.For those interested in staying ahead of security challenges, attending Bowman's session on The Dangers of Shadow IT is a must.Guest: Ryan Bowman, VP of Solutions Engineering, ThreatLocker [@ThreatLocker | On LinkedIn: https://www.linkedin.com/in/ryan-bowman-3358a71b/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine: https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More
In this Brand Story episode, Sean Martin and Marco Ciappelli explore how Guardz is transforming cybersecurity for Managed Service Providers (MSPs) and small to medium-sized businesses (SMBs). The discussion features insights from Sarah Lampert, Customer Success Manager, and William Barr, Account Executive at Guardz, who shed light on the company's innovative approach to simplifying and optimizing cybersecurity solutions.Bridging the Gap for SMBsSmall to medium-sized businesses often lack dedicated IT or security teams, leaving them vulnerable to cyber threats. William Barr emphasizes how Guardz fills this gap by providing MSPs with tools tailored for SMBs. These tools simplify security management, offering MSPs a unified platform that addresses complex needs without requiring a patchwork of expensive, disparate solutions.Ease of Use and FlexibilityGuardz stands out by offering a user-friendly, AI-powered platform that integrates seamlessly into MSPs' existing workflows. Sarah Lampert highlights the platform's simplicity, enabling even small MSPs to onboard quickly and manage cybersecurity effectively. The product's flexibility allows MSPs to scale their offerings, catering to clients with varying security needs while keeping costs manageable.Key features include:Unified detection and response capabilities.Customizable security controls for different client environments.User-based pricing models that eliminate device-based cost complexities.Support Beyond TechnologyGuardz doesn't stop at providing a robust platform—it empowers MSPs through comprehensive support. Sarah Lampert explains how the Customer Success team aids MSPs with onboarding, marketing materials, and strategic advice, ensuring they position Guardz as a core component of their service stack. The company also facilitates continued learning through webinars, hands-on trials, and direct communication channels.Innovative AI IntegrationAI plays a pivotal role in Guardz's ability to streamline cybersecurity. By analyzing patterns and predicting risks, the platform helps MSPs preempt threats and respond efficiently. William Barr underscores AI's potential to reduce manual effort while enhancing security accuracy, making advanced protection accessible to smaller organizations.Cyber Insurance: A Competitive EdgeGuardz takes its commitment a step further by integrating cyber insurance into its offerings. Qualified clients can access affordable coverage directly through Guardz, ensuring SMBs meet evolving security and compliance standards. This feature not only protects businesses but also equips MSPs with a unique selling point.The Future of GuardzAs Guardz continues to evolve, its focus remains on simplifying cybersecurity for MSPs while providing scalable, cost-effective solutions for SMBs. The team's proactive approach, coupled with constant feedback integration, ensures the platform stays relevant in a dynamic cybersecurity landscape.MSPs looking to streamline their operations and enhance client security are encouraged to explore how Guardz can help achieve these goals. For more information, connect with the Guardz team or visit their platform for a trial.Learn more about Guardz: https://itspm.ag/guardzrgigNote: This story contains promotional content. Learn more.Guests:Sarah Lampert, Customer Success Manager, Guardz [@GuardzCyber]On LinkedIn | https://www.linkedin.com/in/sarlampert/William Barr, Account Executive, Guardz [@GuardzCyber]On LinkedIn | https://www.linkedin.com/in/william-barr-a447541ab/ResourcesLearn more and catch more stories from Guardz: https://www.itspmagazine.com/directory/guardzFor a free 14 day trial of Guardz's platform please visit https://itspm.ag/guardzgvu3 .Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
In this episode of CISO Tradecraft, host G Mark Hardy discusses the history and evolution of endpoint protection with guest Kieran Human from ThreatLocker. Starting from the inception of antivirus software by John McAfee in the late 1980s, the episode delves into the advancements through Endpoint Detection and Response (EDR) and introduces the latest in endpoint security: allowlisting and ring fencing. The conversation highlights the limitations of traditional antivirus and EDR solutions in today's threat landscape, emphasizing the necessity of default-deny approaches to enhance cybersecurity. Kieran explains how ThreatLocker's allowlisting and ring-fencing capabilities can block unauthorized applications and actions, thus significantly reducing the risk of malware and ransomware attacks. Practical insights, war stories, and deployment strategies are shared to help cybersecurity leaders implement these next-generation tools effectively. Thank you to our sponsor ThreatLocker https://hubs.ly/Q02_HRGK0 Transcripts: https://docs.google.com/document/d/1UMrK44ysBjltNkddCkwx9ly6GJ14tIbC Chapters 00:00 Introduction to Endpoint Protection 00:41 Upcoming Event: CruiseCon 2025 01:18 History of Endpoint Protection 03:34 Evolution of Antivirus to EDR 05:25 Next-Gen Endpoint Protection: Allowlisting 06:44 Guest Introduction: Kieran Human from ThreatLocker 08:06 Benefits of Allowlisting and Ring Fencing 17:14 Challenges and Best Practices 26:19 Conclusion and Call to Action
- For those not familiar with you and ThreatLocker, can you tell us a bit about yourself and the ThreatLocker team?- When we look out at the endpoint protection landscape, what do you feel some of the most pressing threats and risks are?- There of course has been a big push for Zero Trust in the industry being led by CISA, NIST, and industry. How does ThreatLocker approach Zero Trust when it comes to the Endpoint Protection Platform?- Another thing that caught my eye is the ThreatLocker Allowlisting capability. We know Applications remain one of the top attack vectors per sources such as the DBIR. Can you tell us about the ThreatLocker Allowlisting capability and blocking malicious app activity on endpoints?- Taking that a step further, you all often speak about your Ringfencing capability that deals with Zero Day vulnerabilities. As we know, traditional vulnerability management tools can't stop Zero Day exploits. How does the ThreatLocker platform handle Zero Day protection?- I saw you all recently had a webinar focused on CMMC and NIST 800-171, which applies to the Defense Industrial Base. Obviously endpoint threats are a big concern there for the DoD and the DIB. Can you talk about how ThreatLocker is working with that community?- For folks wanting to learn more about ThreatLocker, where should they go, and what are some things to keep an eye out for?Find out more about ThreatLocker!
In today's episode, we explore the latest cybersecurity issues, including Sophos' discovery of the new EDRKillShifter utility used in RansomHub ransomware attacks, vulnerabilities in Microsoft's Azure Health Bot Service, and the implications of the recent CrowdStrike outage. We also discuss the White House's $11M plan to enhance open-source security, emphasizing the importance of robust protective measures and collaboration. Tune in to stay informed on the evolving landscape of cybersecurity threats and defenses. Video Episode: https://youtu.be/-BIB59LxVpQ 00:00 - Intro 01:14 - Ransomware attackers introduce new EDR killer to their arsenal 02:30 - White House details $11M plan to help secure open source 04:42 - Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service 07:01 - Misguided lessons from CrowdStrike outage could be disastrous Article URLs: https://news.sophos.com/en-us/2024/08/14/edr-kill-shifter/ https://www.cybersecuritydive.com/news/white-house-11-million-secure-open-source/724223/ https://thehackernews.com/2024/08/researchers-uncover-vulnerabilities-in_0471960302.html https://www.cybersecuritydive.com/news/misguided-lessons-crowdstrike-outage/723991/ Sign up for digestible cyber news delivered to your inbox: https://news.thedailydecrypt.com Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: Sophos, EDRKillShifter, ransomware, endpoint protection, cybersecurity, Biden administration, open source software, infrastructure, Azure Health Bot Service, patient data, breaches, CrowdStrike, automated patching, cyber resilience Search Phrases: What are today's top cybersecurity news stories? Newest threats in cybersecurity today How to protect against ransomware in 2023 Effective endpoint protection strategies Latest updates on the Open Source Software Prevalence Initiative How to secure open source software Cybersecurity measures for healthcare organizations Preventing breaches in AI-powered healthcare bots Benefits of automated patching versus manual updates Ensuring cyber resilience with automated patching
An Endpoint Protection Platform (EPP) is a comprehensive security solution that is installed on endpoint devices to protect them from vulnerabilities. EPP solutions are often maintained in the cloud and leverage cloud data to facilitate sophisticated monitoring and remote repair. EPP solutions utilize a variety of security features.
Guests: Jules Okafor, BISO and CEO and Founder of RevolutionCyberOn LinkedIn | https://www.linkedin.com/in/julesmgmt/David Meece, SOC Analyst, also known as Cyber Tech Dave on LinkedInOn LinkedIn | https://www.linkedin.com/in/david-meece-cybertech-dave/Jay Jay Davey, Global Security Operations Centre Lead, Marks and SpencerOn LinkedIn | https://www.linkedin.com/in/secopsjay/?originalSubdomain=uk____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesHello to all our listeners out there! Marco and Sean here, and we are thrilled to bring you a special episode today. For the third consecutive year, we've been invited to host a panel for an event that's become a cornerstone for the infosec community. And guess what? We've been involved right from its inception. That's right! We are talking about the SOC Analyst Appreciation Day™, a day designed to shed light on the unsung heroes of the cybersecurity world.Now, for those new to this, let us dive a bit deeper. The life of a SOC analyst isn't always glamorous. They often find themselves caught in the whirlwind of immense workload, sometimes feeling like the weight of the entire digital universe rests on their shoulders. Overworked and, sadly, often underappreciated, these analysts face challenges that can lead to burnout and, ultimately, a high turnover rate.Enter Devo, the brilliant minds behind the establishment of the SOC Analyst Appreciation Day™. Their mission? To offer a hearty shoutout to these hardworking individuals and to prompt organizations globally to step up, recognizing the importance of their analysts' satisfaction and mental well-being.If you've been following the event, you know that this year was jam-packed with on-demand content that was nothing short of enlightening. With presentations from some of the most influential thought leaders in the infosec community, topics ranged from real-life use cases to the intricacies of SOC automation and the critical importance of managing mental well-being in such high-pressure roles.But, listeners, we have a treat for you. Today, we're going to dive deep into one of the event's highlights. We had the privilege of moderating a panel that, trust us, you won't want to miss. So, whether you're a budding SOC analyst, a seasoned pro, or just someone with a keen interest in the world of infosec, sit back, relax, and let's delve into some insightful discussions.This panel will take a look at the ins and outs of SOC life. From the tier one analyst role to leadership positions to everything in between, the day-to-day in each type of SOC can look very different — and this panel will cover all perspectives. Moderated by Sean Martin and Marco Ciappelli from ITSP MagazineJules Okafor, BISO and CEO and Founder of RevolutionCyberDavid Meece, SOC Analyst, also known as Cyber Tech Dave on LinkedInJay Jay Davey, Global Security Operations Centre Lead, Marks and SpencerThanks for tuning in to this special episode. Let's get started!____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
Guests: Jules Okafor, BISO and CEO and Founder of RevolutionCyberOn LinkedIn | https://www.linkedin.com/in/julesmgmt/David Meece, SOC Analyst, also known as Cyber Tech Dave on LinkedInOn LinkedIn | https://www.linkedin.com/in/david-meece-cybertech-dave/Jay Jay Davey, Global Security Operations Centre Lead, Marks and SpencerOn LinkedIn | https://www.linkedin.com/in/secopsjay/?originalSubdomain=uk____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesHello to all our listeners out there! Marco and Sean here, and we are thrilled to bring you a special episode today. For the third consecutive year, we've been invited to host a panel for an event that's become a cornerstone for the infosec community. And guess what? We've been involved right from its inception. That's right! We are talking about the SOC Analyst Appreciation Day™, a day designed to shed light on the unsung heroes of the cybersecurity world.Now, for those new to this, let us dive a bit deeper. The life of a SOC analyst isn't always glamorous. They often find themselves caught in the whirlwind of immense workload, sometimes feeling like the weight of the entire digital universe rests on their shoulders. Overworked and, sadly, often underappreciated, these analysts face challenges that can lead to burnout and, ultimately, a high turnover rate.Enter Devo, the brilliant minds behind the establishment of the SOC Analyst Appreciation Day™. Their mission? To offer a hearty shoutout to these hardworking individuals and to prompt organizations globally to step up, recognizing the importance of their analysts' satisfaction and mental well-being.If you've been following the event, you know that this year was jam-packed with on-demand content that was nothing short of enlightening. With presentations from some of the most influential thought leaders in the infosec community, topics ranged from real-life use cases to the intricacies of SOC automation and the critical importance of managing mental well-being in such high-pressure roles.But, listeners, we have a treat for you. Today, we're going to dive deep into one of the event's highlights. We had the privilege of moderating a panel that, trust us, you won't want to miss. So, whether you're a budding SOC analyst, a seasoned pro, or just someone with a keen interest in the world of infosec, sit back, relax, and let's delve into some insightful discussions.This panel will take a look at the ins and outs of SOC life. From the tier one analyst role to leadership positions to everything in between, the day-to-day in each type of SOC can look very different — and this panel will cover all perspectives. Moderated by Sean Martin and Marco Ciappelli from ITSP MagazineJules Okafor, BISO and CEO and Founder of RevolutionCyberDavid Meece, SOC Analyst, also known as Cyber Tech Dave on LinkedInJay Jay Davey, Global Security Operations Centre Lead, Marks and SpencerThanks for tuning in to this special episode. Let's get started!____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
All systems red is only fun in sci-fi novels; when it happens to your business network... err, it's time to call the experts. Magna Cyber (754-209-2552) can help. Learn more at https://magnacyber.com/ Magna Cyber City: Miramar Address: 3350 Southwest 148th Avenue Website https://www.magnacyber.com Phone +1 754 209 2552 Email sales@magnacyber.com
Welcome to another exciting episode of our podcast, where we dive into the fascinating world of cybersecurity and explore the challenges faced by businesses and individuals alike. Today, we have an extraordinary story to share, one that sheds light on the ever-evolving landscape of cyber threats and the innovative solutions being developed to protect us. We're talking about BlackCloak, a cutting-edge cybersecurity company that's changing the game when it comes to digital executive protection. So buckle up, sit back, and prepare to be amazed as we unravel the incredible story of BlackCloak and its mission to safeguard the digital lives of corporate executives and high-profile individuals. And don't forget to subscribe and share our show so that you and your network can stay ahead of the curve in this rapidly changing world of cybersecurity.In today's episode, we're joined by BlackCloak's co-founder, Dr. Chris Pierson, and their Chief Information Security Officer, Daniel Floyd. Both of these experts bring decades of experience in system architecture, security operations, and cybersecurity strategy to the table. As they discuss the unique challenges faced by executives and their families in the age of remote work, it becomes apparent that traditional cybersecurity measures are no longer enough.The conversation delves into the critical need for digital executive protection that extends beyond the four walls of a company. This is where BlackCloak steps in, providing comprehensive protection for executives and their families in their personal lives without infringing on their privacy. The aim is to create a hardened target around these high-profile individuals and their loved ones, safeguarding their homes, devices, and personal data from malicious cybercriminals.As our guests share real-world examples of high-profile breaches, such as Twilio and Uber, it becomes evident that the personal lives of executives are increasingly becoming the soft underbelly of companies' cybersecurity defenses. By targeting executives through phishing attacks and exploiting their personal devices, cybercriminals are finding ways to bypass corporate security measures and access sensitive information.In response to these evolving threats, BlackCloak offers an innovative solution that bridges the gap between corporate and personal cybersecurity. By taking a proactive approach and addressing the unique challenges faced by executives and their families, BlackCloak is redefining digital protection and shaping the future of cybersecurity as we know it.Don't miss out on this thrilling episode as we delve into the cutting-edge world of BlackCloak and learn how they're revolutionizing the way we think about cybersecurity. Remember to subscribe to our show and share it with your friends and colleagues so that everyone can stay informed and protected in this ever-changing digital landscape.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuests:Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]On Linkedin | https://www.linkedin.com/in/drchristopherpierson/On Twitter | https://twitter.com/drchrispiersonDaniel Floyd, CISO of BlackCloak [@BlackCloakCyber]On Linkedin | https://www.linkedin.com/in/daniel-n-floyd/ResourcesLearn more about BlackCloak and their offering: https://itspm.ag/itspbcwebConnect with BlackCloak during RSA Conference: https://itspm.ag/blackcvnk8For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
Welcome to another exciting episode of our podcast, where we dive into the fascinating world of cybersecurity and explore the challenges faced by businesses and individuals alike. Today, we have an extraordinary story to share, one that sheds light on the ever-evolving landscape of cyber threats and the innovative solutions being developed to protect us. We're talking about BlackCloak, a cutting-edge cybersecurity company that's changing the game when it comes to digital executive protection. So buckle up, sit back, and prepare to be amazed as we unravel the incredible story of BlackCloak and its mission to safeguard the digital lives of corporate executives and high-profile individuals. And don't forget to subscribe and share our show so that you and your network can stay ahead of the curve in this rapidly changing world of cybersecurity.In today's episode, we're joined by BlackCloak's co-founder, Dr. Chris Pierson, and their Chief Information Security Officer, Daniel Floyd. Both of these experts bring decades of experience in system architecture, security operations, and cybersecurity strategy to the table. As they discuss the unique challenges faced by executives and their families in the age of remote work, it becomes apparent that traditional cybersecurity measures are no longer enough.The conversation delves into the critical need for digital executive protection that extends beyond the four walls of a company. This is where BlackCloak steps in, providing comprehensive protection for executives and their families in their personal lives without infringing on their privacy. The aim is to create a hardened target around these high-profile individuals and their loved ones, safeguarding their homes, devices, and personal data from malicious cybercriminals.As our guests share real-world examples of high-profile breaches, such as Twilio and Uber, it becomes evident that the personal lives of executives are increasingly becoming the soft underbelly of companies' cybersecurity defenses. By targeting executives through phishing attacks and exploiting their personal devices, cybercriminals are finding ways to bypass corporate security measures and access sensitive information.In response to these evolving threats, BlackCloak offers an innovative solution that bridges the gap between corporate and personal cybersecurity. By taking a proactive approach and addressing the unique challenges faced by executives and their families, BlackCloak is redefining digital protection and shaping the future of cybersecurity as we know it.Don't miss out on this thrilling episode as we delve into the cutting-edge world of BlackCloak and learn how they're revolutionizing the way we think about cybersecurity. Remember to subscribe to our show and share it with your friends and colleagues so that everyone can stay informed and protected in this ever-changing digital landscape.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuests:Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]On Linkedin | https://www.linkedin.com/in/drchristopherpierson/On Twitter | https://twitter.com/drchrispiersonDaniel Floyd, CISO of BlackCloak [@BlackCloakCyber]On Linkedin | https://www.linkedin.com/in/daniel-n-floyd/ResourcesLearn more about BlackCloak and their offering: https://itspm.ag/itspbcwebConnect with BlackCloak during RSA Conference: https://itspm.ag/blackcvnk8For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
GuestsSteve Luczynski, Senior Manager / Critical Infrastructure Security, Accenture Federal Services [@Accenture] and Chairman of the Board for the Aerospace Village [@secureaerospace]On LinkedIn | https://www.linkedin.com/in/steveluczynski/On Twitter | https://twitter.com/cyberpilot22Henry Danielson, Adjunct Professor/Lecturer, Cal Poly College of Liberal Arts [@CalPolyCLA], Technical Advisor, California Polytechnic State University California Cybersecurity Institute [@CalPolyCCI], and Volunteer at Aerospace Village [@secureaerospace]On LinkedIn | https://www.linkedin.com/in/henry-danielson-43a61213/On Twitter | https://twitter.com/hdanielsonAt Cal Poly | https://cci.calpoly.edu/about-cci/staff____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcweb____________________________Episode Notes"Discover the exciting world of the Aerospace Village at RSA Conference 2023, and dive into hands-on experiences with cybersecurity experts and cutting-edge technology." Welcome to ITSPmagazine's RSA Conference 2023 coverage, where we dive into the world of cybersecurity and engage with experts in a week full of fun and exciting activities. We're on the road to RSA Conference 2023 in San Francisco, and one event we can't miss is the Sandbox, specifically the Aerospace Village. In this podcast episode, we're joined by our good friends Steve Luczynski and Henry Danielson from the Aerospace Village to discuss what's in store for us at this year's conference.The Aerospace Village is a small nonprofit run by volunteers from around the world, aiming to build relationships between government, industry, security researchers, and hackers, inspire people to join the cybersecurity workforce, and promote awareness in the aviation and space sectors. This year, RSA Conference 2023 features a Sandbox where attendees can interact with the latest technical hands-on experiences, learn from experts, and explore what's happening in the cybersecurity world.In this episode, our guests discuss the various partners and activities in the Aerospace Village, such as CT Cubed's drone quadcopter simulation in AR and VR experience, IntelleGenesis's runway lighting scenario demonstration, and Boeing's continuous security level maintenance activity. You'll also get a chance to try out a real Airbus simulator, courtesy of pen test partners, to understand the potential vulnerabilities in electronic flight bags and their impact on pilot operations.Join us for an exciting, fun-filled week at RSA Conference 2023, where you can learn, network, and discover the latest trends in cybersecurity. Don't miss out on this unique opportunity to interact with experts, explore cutting-edge technologies, and immerse yourself in the world of aerospace cybersecurity. Be sure to listen, share, and subscribe to ITSPmagazine's podcast for more exciting episodes and insights from the RSA Conference 2023!____________________________ResourcesLearn more, explore the agenda, and register for RSA Conference: https://itspm.ag/rsa-cordbw____________________________Catch the video here: https://www.youtube.com/watch?v=Htvn7AkCJSsFor more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?
Alleine geht es nicht (mehr) – gemeinsam sind wir stärker! Zusammen mit unseren Lösungspartnern nehmen wir euch mit zurück auf die it-sa 2022, Europas führende IT-Security-Fachmesse, und damit zur Home of IT Security. In den nächsten Folgen gibt es unseren speziellen Rückblick zu unserem Messebesuch. Dafür haben wir uns mit den Experten der IT Security und Datenschutz Branche ausgetauscht. Mit einem Dashboard für alles und somit ein paar mehr Möglichkeiten als nur dem reinen Windows Defender erläutert uns Thomas Kloth, Channel Manager DACH, die Security Plattform der Bitdefender GmbH. Ein Abriss von Endpoint Detection Response (EDR) und Xtended Detection Response (XDR) bishin zum Gesamtbild der Infrastruktur für einen vernünftigen Schutz auch für KRITIS-verpflichtende Betriebe. Unsere Highlights aus diesem Gespräch: Klassischer Antivirus ist toll – aber da braucht es mehr, um den Endpoint abzusichern Aus der Windows-Welt: Event Logs benötigen viel eigene Recherche Du fühlst dich angesprochen? Dann sollten wir uns unterhalten: Hier geht es zum kostenfreien Beratungsgespräch: https://connectingmedia.de/kontakt
With cyberattacks on the rise, it's not enough to simply have malware-prevention and endpoint security in place—organizations need omnipresent detection and real-time response for threats that make it past protective barriers. Keypoint Intelligence's Jamie Bsales and Nazar Tymoshyk, Founder and CEO of UnderDefense, close out Cybersecurity Awareness Month with a discussion about his company's MDR-as-a-Service offering and how it can augment traditional cybersecurity tools.
Technology across every industry is adapting to the work-from-anywhere model. With those evolutions comes the need for tighter security in not only “bring your own device” circumstances, but company-issued equipment as well. What does that look like at a base level, and how can customers take steps to ensure their devices are as secure as possible? Shelby Skrhak speaks with Patrick Smith, technology consultant at Ingram Micro, about: - Security challenges with the work-from-anywhere model - The Trilux endpoint protection platform - How customers can elevate their security To join the discussion, follow us on Twitter @IngramTechSol #B2BTechTalk Listen to this episode and more like it by subscribing to B2B Tech Talk on Spotify, Apple Podcasts or Stitcher. Or, tune in on our website.
Brent has been on a bug-finding marathon. We review what he's discovered and share some hard-learned lessons.
Endpoints stehen im Fokus der meisten Cyberattacken, nicht nur im Home-Office und bei mobiler Arbeit. Ein einfacher Endpoint-Schutz mit Anti-Malware und Firewall reicht nicht mehr aus. Wie kann die Cloud bei der Erkennung und Abwehr der Endpoint-Angriffe helfen? Das Interview von Oliver Schonschek, News-Analyst Insider Research, mit Martin Mangold von DriveLock SE liefert Antworten.
The previously distinct but now converged fields and product lines of Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) are covered in the brand new KuppingerCole Analysts Leadership Compass on EPDR (Endpoint Protection Detection & Response). Lead Analyst John Tolbert joins Matthias to give a sneak peek into this market segment and shares some results of the evaluation as well.
The previously distinct but now converged fields and product lines of Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) are covered in the brand new KuppingerCole Analysts Leadership Compass on EPDR (Endpoint Protection Detection & Response). Lead Analyst John Tolbert joins Matthias to give a sneak peek into this market segment and shares some results of the evaluation as well.
In this episode, we are joined by Jeffrey Simms as we discuss the evolution of EndPoint Protection technology and all of the acronyms that surround it.
On today's episode of The Daily Scoop Podcast, the fifth generation of a key military cyber training program is under development. The Joint All-Domain Command and Control (JADC2) operation will get a new leader at the Department of Defense, Lt. Gen. Mary O'Brien. Lt. Gen. Jack Shanahan (USAF-ret.), former director of DOD's Joint Artificial Intelligence Center (JAIC) and former leader of Project Maven, discusses the role of the JADC2 leader in coordinating all the pieces of the operation across the department. Okta Federal Chief Security Officer Sean Frazier discusses how organizations need to keep their cybersecurity posture flexible and agile even as employees begin returning to the office. This interview is underwritten by Okta. Rear Adm. Michael Ryan, commander of Coast Guard Cyber Command, discusses the threat landscape facing USCG today, explains how they are reducing cyber risk and outlines the three lines of effort in the Coast Guard Cyber Strategic Outlook. The Daily Scoop Podcast is available every weekday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast on Apple Podcasts, Google Podcasts, Spotify and Stitcher. And if you like what you hear, please let us know in the comments.
In this episode we are going to look at Endpoint Security.We will be discussing Network Attacks Today, Network Security Devices, Endpoint Protection, Cisco Email Security Appliance, and Cisco Web Security Appliance,.Thank you so much for listening to this episode of my series on Switching, Routing, and Wireless Essentials for the Cisco Certified Network Associate (CCNA).Once again, I'm Kevin and this is KevTechify. Let's get this adventure started.All my details and contact information can be found on my website, https://KevTechify.com-------------------------------------------------------Cisco Certified Network Associate (CCNA)Switching, Routing, and Wireless Essentials v2 (SRWE)Episode 10 - LAN Security ConceptsPart A - Endpoint SecurityPodcast Number: 32-------------------------------------------------------Equipment I like.Home Lab ►► https://kit.co/KevTechify/home-labNetworking Tools ►► https://kit.co/KevTechify/networking-toolsStudio Equipment ►► https://kit.co/KevTechify/studio-equipment
Jennifer Czaplewski is the Senior Director on the Cyber Security team at Target. In this role, she is responsible for leading DevSecOps, Vulnerability Management, and Endpoint Protection. Among holding several leadership roles within the information security industry throughout her career, Jennifer is also the 2021 co-chair of the Cyber Security Summit and authored a chapter of Modern Cybersecurity.
Nikki - What does EDR look like right now and where is it going?Nikki - What are the differences between typical A/V and EDR?Chris - What role do you see EDR playing in the push for Zero Trust? Nikki - How do you integrate EDR into your environments and how do you feel about using EDR with SIEMs?Chris - Do you feel that the boon for working from home has impacted the EDR space?Nikki - Can you talk a little bit about what DLP is and how it relates to EDR roll outs?Chris - Building on EDR, what is XDR and how is it different?Nikki - What would you say are some of the biggest challenges around deploying EDR and some of the pitfalls admins/engineers should be aware of?Chris - Do you have some resources for anyone thinking about deploying EDR?Nikki - How do you feel about container-based deployments of EDR?Chris - What does cyber resiliency mean to you?
You ever envision updating the firmware of a weapons system on your fighter jet while you're flying it? No? That makes sense. But for the people trying to evolve our military's ossified bureaucracies and systems, that vision is indeed a reality. Your hosts of this Data Center Therapy episode, Matt ‘I've got a lock on the target' Yette and Alec ‘It's a UNIX system! I know this!' Taylor welcome the United States of America's very first Chief Software Officer, Nicolas M. Chaillan to the DCT virtual studios. Nicolas shares his background, how his career at the DoD evolved, and what he sees in the future of cyber-warfare and security for both the military and American enterprise. It's a fascinating look inside the inner workings of some quite large organizations, our own U.S. Air Force and Space Force branches. During this show, you'll also gain some understanding of: How agility differs in the private sector versus the military, and how Nicolas attempted the impossible by both steering his organizations and by letting his contributors grow and explore their own technology skills and practices. How politics plays a role in the development of software systems, and how challenges with egos and inertia clash with evolving the processes in that development. Nicolas' thoughts on Hypersonic weapons systems, Quantum Computing, Artificial Intelligence, and how some of those have already impacted us and caused great concern in the Air Force and Space Force. You, our business and enterprise-oriented listeners will also get a great overview of the practices (some of them simple or less difficult to implement than you might think!) that you could be doing today to secure your critical data and systems, like implementing Single Sign On, Zero Trust, and Endpoint Protection solutions. As always, if you enjoy this episode, please like, share and subscribe wherever quality podcasts like Data Center Therapy can be found. Thanks for listening, stay safe and soar high, DCT friends!
In this podcast, we have VENYU's Jared Caramouche to join the discussion on end-point protection AND MOREhttps://www.venyu.com/podcastshttps://www.venyu.com/cybercornerhttps://www.venyu.com/resources
This week, Simon Jelley, Vice President of Product for Backup Exec, Endpoint Protection, and SaaS Backup at Veritas, joins "The Holtz Story" to discuss data's role in ransomware. Simon starts us out by discussing how ransomware has evolved to become more enterprise targeted. Protecting data in-flight with encryption, multi-factor authentication, etc., continues to be critical, and now customers are learning they must also protect their backups. Simon introduces his 3, 2, 1 rule to protect data: Keep 3 versions of backups2 of which are nearline accessible, and one off the networkRehearse recovery Simon and Tracy step back and discuss how the attack surface has evolved and its impact on Veritas products. Veritas has doubled down on secondary data copies being a potential attack surface, recognizing ransomware as a threat, and building resiliency into their solutions. Veritas has also focused on supporting new types of workloads, specifically Cloud SaaS. The rapid shift towards work-from-home and multi-cloud added complexity and changed the customer's and Veritas' focus. Customers assumed backup and recovery was built into cloud SaaS solutions and have learned they need to take more responsibility for their data. Customers are also learning there are new compliance and privacy considerations to manage.Looking forward, Simon discusses how Veritas ensures customers can evolve with no impediment, building ransomware resiliency using AI and ML to spot threat patterns and introducing privacy protection into backups.We hope you enjoy the show. If you do, please share it with colleagues and remember to subscribe using your favorite podcast platform (I.e., iTunes, Stitcher, Spotify, Google Play, etc.).
We speak with Evan Davidson, Vice-President, Asia Pacific & Japan and Kelvin Wee, Director for Security Engineering, APJ for SentinelOne and discuss how AI-driven innovations are disrupting the Top Right Quadrant for Endpoint Protection. We also discuss what the Mitre Att&ck evaluation is, their methodology and why it has become one of the best sources for CISOs to choose their cybersecurity solutions. SentinelOne scored 100% for visibility in the evaluation and we cover the critical importance visibility has in providing extended detection and response capability. Linked to the Mitre Att&ck evaluation is available via https://attackevals.mitre-engenuity.org/enterprise/participants/sentinelone/?adversary=carbanak_fin7 Recorded courtesy of SentinelOne, 27 May 2021 - MySec.TV version is available here.
Yammer and Defender for Endpoint Rants in a quick Midlife Crisis episode of Hope This Helps! Extended show notes available at https://hthpc.com Boot Up MS Ignite Part 2 Look up CVEs faster with MsrcSecurityUpdates PowerShell Module https://aventistech.com/kb/get-latest-cve-from-msrc-with-powershell/ February patches were bad KB4601392 bad Microsoft said that the erroneous servicing-stack update (KB4601392) froze installations for the “Cumulative Update” from the recent Windows Update. This resulted in the installation for the update halting at 24 percent. KB5001078 good Hear annoying children better in an upcoming Teams "Satin" audio update New PowerShell blog coming Yammer Where is my #YearOfYammer? MS Defender for Sanity's Endpoint Defender for Endpoint (Formerly ATP) Onboarding documentation Let's start with the good: Microsoft Monitoring Agent (MMA) documentation is actually pretty good/straightforward. But after that, the info on antivirus becomes much less clear Why is there little to mention of the SCEP setup? Configure Endpoint Protection on a standalone client So I need SCCM no matter what? Even though I can install SCEP with no policies? What if I don't have/want/need SCCM? I thought the web console was the central management! "Configure the SCEP client Cloud Protection Service membership to the Advanced setting" but the SCEP client has no such settings. There's "send file samples automatically when further analysis is required" and advanced Microsoft Active Protection Service (MAPS) membership options. Are these the same…?? MS MVP Joe Stocker explains it better than MS in terms of what OS needs what in fewer words and links January 2017 anti-malware platform update for Endpoint Protection clients Why do I need to view the source code to see the KB number? (KB3209361) Why is the KB not available on the Update catalog? Why do I need to use freakin PSWindowsUpdate to install this? That is Accurate PSWindowsUpdate lets you pick and choose which updates to install on Windows 10, Server 2016/2019. --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app
Beskrivelse:I episode 5 går Olav og Karim gjennom domene 8, Secure Configuration, og domene 9, Endpoint Protection.Under domene 8 går vi blant annet gjennom hardening, security baselines, CIS benchmark, applikasjonshvitlisting, Applocker, Application Control, Oddvar Moe sine 4 easy wins, prosesser, patch og vulnerability management, med mer.Under domene 9 dekker vi blant annet, AV, NextGen AV,
SentinelOne-Security-Glossar: "A" wie "APT" bis "E" wie "Endpoint Protection"
Due to the recent ransomware attacks, Adam and Andy use this episode to kick off a series on how to protect your company from ransomware. We started with how security professionals need to have soft skills in order to be successful at any organization. We followed up with a deep dive on why we believe Microsoft Defender for Endpoint is the most cost effective solution you can deploy. Documentation: Microsoft Defender in a Sandbox: https://www.microsoft.com/security/blog/2018/10/26/windows-defender-antivirus-can-now-run-in-a-sandbox/ Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ --- Send in a voice message: https://anchor.fm/blue-security-podcast/message
Discussion surrounding critical defensive actions all information security users must utilize. I talk about managing and maintaining personal devices and how this directly relates to professions involving cyber security. Network security, system administration, endpoint protection, identity and access management as well as other jobs deal with daily work we should all do on our personal devices.To comment, ask questions or give suggestions for future episodes reach out at cybergreybeard@gmail.comNotes: Thank you Populum for sponsoring this episode: https://populum.com/. I appreciate the support in this episode from Cloud Academy: https://cloudacademy.com/ Tools/Products Mentioned in this Episode: Privacy related web browser: https://duckduckgo.com/Host Intrusion Freeware: https://ossec.netLinux Log Monitoring: https://kde.org/applications/en/ksystemlogWindows Event Viewer: Search in WindowsDefault Router Passwords: https://bestvpn.org/default-router-passwords/Software and Driver Updates: https://www.kcsoftwares.com/?download (SUMO and DUMO)Identity and Access Management: https://www.okta.com/Cloud File Storage – Dropbox https://www.dropbox.com/Cloud File Storage – Box https://www.box.com
In dieser Episode sprechen Timo Jobst von Palo Alto Networks und Maria Tillmann von Westcon über Cortex XDR Prevent, welche verschiedenen Funktionen die Endpoint Protection bietet und wie sie sich von anderen AV Lösungen unterscheidet.
Show Notes Anexinet Infrastructure Modernization Podcast: Modern Endpoint Protection with Cisco Part 2 Episode 55 Shannon, Nick, Nick, Dave and I continue our discussion about Modern Endpoint protection. In this […] The post Episode 55: Modern Endpoint Protection with Cisco Part 2 appeared first on Anexinet.
3Eye joins Bob Weber, CRO of DefendEdge, for a conversation about DefendEdge's groundbreaking threat defense solution, SiON. Hosted by:Reid Estreicher, Director of Solutions Engineering, 3Eye TechnologiesGuest:Bob Weber, CRO, DefendEdge
Show Notes Anexinet Infrastructure Modernization Podcast: Modern Endpoint Protection with Cisco Episode 54 Shannon, Nick, and Nick join the podcast to discuss Cisco security products and philosophies. We talk how […] The post Episode 54: Modern Endpoint Protection with Cisco appeared first on Anexinet.
Dez Blanchfield gets up close & personal with Janet Giesen, Vice President of Operations and Programs for Metallic, a Commvault venture, to talk about SaaS Data Protection and considerations for remote workers. This conversation begins with a quick 30,000 foot point of view introduction to Metallic, what it is, where it fits with data protection & what drove the decision for Commvault to develop & launch Metallic. Also covered are the three key market focused offerings Metallic was launched with, and insights into why those three initial service offerings in particular, which included: 1 - Metallic Office 365 Backup & Recovery, to protect SaaS office automation tools & data 2 - Metallic Core Backup & Recovery, focused on Virtual Machines & their data 3 - Metallic Endpoint Backup & Recovery, focused on laptop & desktop backups Janet outlines their strategy regarding the global roll out, from Metallic initially being launched within the American market in the USA, and which regions will follow with great insights into the challenges of deploying any SaaS offering, esp. one where data protection is the key offering, and how data privacy, encryption etc play into this. Another key highlight from this conversation is a walk through what the first six months so far has been like, since Metallic.io was first launched at the Commvault GO event in Denver in the USA late 2019, and some of the key highlights and learnings from those exciting first six months. An interesting key insight also discussed is that as with the ever important issue of Endpoint Protection, the current COVID19 global pandemic, and the huge increase in remote work and "work from home", the trend of mission critical data moving to the edge has become even more critical now that we have seen people, our human resource, literally "moving to the edge" as it were - in effect tipping the traditional Enterprise data protection model on its head. Janet talks about how she and the team at Metallic have seen the Business & IT community react to the dramatic changes brought about by the COVID19 global pandemic, and whether or not organisations were fully prepared to handle the broad challenge of remote data protection for laptops, and what organisations should they be thinking about as they continue to address this challenge, and how Metallic is supporting organisations in meeting this critical business & technology challenge. Also discussed is the topic of security, which is always front and centre in any conversation around Data Protection - Janet shares how and why this has been a key consideration from day #1 for Metallic, and how security is built into Metallic across the portfolio - from encryption, security certificates, access controls & data policies, to anomaly detection and more. Another key insight discussed is a remarkable finding that more than two thirds ( 66% )of I.T. security professionals say their company experienced one or more endpoint attacks which compromised their critical data assets or IT infrastructure in 2019. Janet shares insights into what Metallic is doing to support companies to avoid this happening to them. Janet also highlights that when Metallic was launched they offered a free trial period, and that now, as part of their response to supporting organisations through the COVID19 global pandemic, they have extended the Endpoint Protection offer, and shares details of how organisations can now take up this amazing free offer. The conversation wraps up with views on what the next 12 to 18 months might look like regarding key challenges around data & endpoint protection, in particular the next big challenge we’re about to face - the transition from a global pandemic “lockdown” WFH model, back to “normal”, and what that new “normal” might look like. For more information visit => http://j.mp/metallic-io .
Many companies are responding to the large number of people working from home as a result of the public health situation. Today Qualys rolled out a totally free 60 day version of their cloud-based security and compliance solution at no charge. We spoke with Sumedh Thakar about the free release and how Qualys is helping enterprises with their remote workforce.
Sponsor by SEC Playground Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support
Dies ist die zwölfte Folge unseres Avanet Podcasts rund ums Thema Sophos. In dieser Episode sprechen wir unter anderem über das Übernahmeangebot von Toma Bravo, informieren über den neuen MTR Service, weisen auf das neuste EAP für Endpoint hin und stellen zwei unschlagbare Sophos-Promos vor. Gleich zu Beginn sprechen wir über das Übernahmeangebot von Thoma Bravo und was sich dadurch ändern könnte. Für den Moment muss man sich allerdings nicht vor zu grossen Änderungen fürchten. ## XG Firewall Da bis jetzt noch zu wenig Zeit vergangen ist, um über die Tests mit der kommenden V18 Firmware zu berichten, verschieben wir ein Zwischenfazit auf die nächste Folge. Stattdessen bietet es sich perfekt an, noch kurz über die zwei neuen Firewall-Promos von Sophos zu sprechen, die bis am 31. März 2020 angewendet werden können. Alle Informationen zu den zwei Angeboten findet ihr in unserem Blog: - Sophos Promo: 50% auf SG/XG Firewalls bei Renewals - Sophos Promo: 100% auf SG/XG Firewalls für Neukunden ## Sophos Central Sophos hat einen neuen Service mit der Bezeichnung **MTR** gestartet. MTR steht für **Managed Threat Response** und ist das Ergebnis der beiden Unternehmen "Rook Security" und "DarkBytes", die Sophos vor kurzer Zeit übernommen hat. Was genau hinter diesem Service steckt und für wen dieser interessant sein könnte, erfahrt ihr im Podcast. Es gibt ein neues Early Access Program, welches zwei zusätzliche Funktionen zu **Endpoint Protection**, **Intercept X Advanced** und **Intercept X Advanced mit EDR** hinzufügt. Die beiden Funktionen heissen **Anti-Malware Scanning Interface** (AMSI) und **Malicious Network Traffic Protection**, oder auch bekannt unter der Bezeichnung **Intrusion Prevention System** (IPS). Was sich hinter diesen beiden Features versteckt, erfahrt ihr im Podcast. Für Server werden die Funktionen zu einem späteren Zeitpunkt implementiert. Sophos versucht gerade, Kunden von **Symantec** zu einem Wechsel zu Sophos zu bewegen. Dafür haben sie extra eine Landingpage erstellt und stellen die beiden Produkte zum Vergleich gegenüber. Wer sich angesprochen fühlt und ein Eintauschangebot braucht, kann sich gerne bei uns melden. Zum Schluss sprechen wir noch kurz über **Sophos Central Mobile 9.5** und **Central Mobile Security**, welches kürzlich in **Intercept X for Mobile** umbenannt wurde. Die wichtigsten Neuerungen zu diesem Update gibt es aber erst in der nächsten Folge.
Data management and protecting your data isn't about "stuff" – it's about being right. Point products still haven’t solved the ongoing evolution of threats. The reality is that your most valuable asset—your data—is still at risk. In this podcast recorded at Arrow Technology Summit 2019, Davitt Potter and guest Simon Jelley sit down to re-cap everything discussed on the main stage during the “Protecting Your Data Is About Being Right" session. SPEAKERS: Davitt Potter Global Practice Leader, Arrow Davitt Potter's early real-world education began at the South Dakota School of Mines and Technology, where he was a field engineer, systems architect and security/infrastructure consultant. Potter joined Arrow in 2010 and currently leads the two of our global practice areas, assisting with global go-to-market strategies, emerging technology incubation, CTO/CISO consulting, and helping customers and their end-users with IT strategy planning and management. Simon Jelley VP of Product for Backup Exec, Endpoint Protection and SaaS Backup, Veritas Simon Jelley has over 20 years of experience in data protection and information management. Having originally joined through the KVS acquisition, Jelley has led teams within Veritas' Enterprise & SMB-focused Backup & Archiving solutions over the years. With Veritas’ mission to help organizations "find the truth in their information," Jelley is currently driving the Backup Exec, Endpoint Protection and SaaS backup solutions as GM & VP of Product.
Data at Rest - Episode 01x02: Endpoint Protection What is a virus? Is there a difference between a virus and "malware"? And what can you do to protect your systems and your data? Join us for a discussion about endpoint protection, antivirus, and the good and bad behaviors that can influence your odds of getting infected and being hurt by it. Special guest: Brian Penders. John von Neumann at Wikipedia The Creeper at Wikipedia
Dies ist die zehnte Folge unseres Avanet Podcasts rund ums Thema Sophos. In dieser Episode sprechen wir unter anderem über den kommenden APX Support in UTM 9.7, die SFOS MR5 und MR6 Releases, informieren über neue Funktionen in Sophos Central Email und berichten über "benutzerdefinierte Rollen" in Sophos Central Enterprise. ## XG Firewall In dieser Folge erfahrt ihr 7 Gründe, warum die XG Firewall (SFOS) besser ist als die UTM . Passend zu diesem Thema sprechen wir auch gleich über den überraschenden APX Support in der kommenden UTM 9.7 Version und die RED 50 Probleme, die in der letzten Zeit vermehrt bei unseren Kunden aufgetreten sind. Den Fokus lenken wir aber schnell wieder auf die XG Firewall, denn dort wurden seit der letzten Podcastfolge die Versionen 17.5 MR7 und MR8 veröffentlicht. Zum Schluss geben wir euch einen Ausblick auf das neue SFOS v18, welches im Q1 2020 der Öffentlichkeit zur Verfügung gestellt werden soll. ## Sophos Central Sophos ist erneut Leader im Gartner Magic Quadrant für Endpoint Protection. Dies ist zuletzt sicher auch den verbesserten EDR-Funktionalitäten zuzuschreiben. Wer bisher nicht wusste, wo er bei EDR überhaupt anfangen soll, kann die neue Funktion "Bedrohungsindikatoren" ausprobieren, die sich im Moment aber noch in der Betaphase befindet. Bei Sophos Central Email kann man nun die "Smart Banners" individuell anpassen. Wer sich Sorgen macht, dass sensible Firmendaten per E-Mail verschickt werden, sollte zudem unbedingt am EAP für "Data Loss Prevention" teilnehmen. Nicht nur die Module von Central werden stetig weiterentwickelt, auch das Management in Sophos Central Enterprise wurde durch "benutzerdefinierte Rollen" vereinfacht.
Dies ist die sechste Folge unseres Avanet Podcasts rund ums Thema Sophos. In dieser Episode befassen wir uns mit den verschiedenen Endpoint und Server Produkten von Sophos. Dabei gehen wir auf einzelne Funktionen kurz ein und zeigen euch die Unterschiede zwischen den verschiedenen Produkten. ## Überblick über die verschiedenen Central Endpoint Produkte Sophos bietet in Ihrem Portfolio zurzeit folgende Produkte für eure Endpoints an: - Central Endpoint Protection - Intercept X - Intercept X Advanced - Intercept X Advanced mit EDR Diese Produkte laufen alle auf Windows (7+) und macOS (10.10+) und werden alle pro User lizenziert. ## Central Endpoint Produkte Die Central Endpoint Protection bietet den ganzen Basisschutz vor Bedrohungen. Der Basisschutz setzt sich zusammen aus einem klassischen Anti-Virus, der gegen signaturbasierte Viren schützt, einem Host Intrusion Prevention System und der Sophos Live Protection. Darüber hinaus werden aber auch zusätzliche Funktionen wie Application Control, Device Control oder Web Control geboten. Ausführlichere Informationen dazu liefern wir dir in dieser Folge. Um sich gegen moderne Bedrohungen zu schützen, braucht es Intercept X. Dabei ist dieses Produkt keine Alternative zur Endpoint Protection, sondern eher als Ergänzung gedacht. Welche Technologien hier zusätzlich geboten werden und wer Intercept X Advanced mit EDR wirklich braucht, erfährst du im Podcast. ## Central Server Produkte Die Produktpalette, um Windows- und Linux-Server zu schützen, ist ähnlich aufgebaut, wie bei der Endpoint-Sparte. Es gibt die Central Server Protection für den Basisschutz und Intercept X Advanced for Server gegen moderne Bedrohungen. Auch hier wird es in Zukunft noch eine EDR Variante geben, die sich im Moment noch in der Betaphase befindet.
Endpoint protection has been the trusted backbone of many companies' security. But with stories about data breaches and successful cyber attacks constantly in the news, people are beginning to think endpoint security is dead. Whether or not you agree, you might be wondering if there's any truth to this statement. F-Secure's Principal Security Consultant Antti Tuomi joins us this episode to talk about endpoint protection, its strengths and limitations, and when detection and response is needed. Links Episode 16 transcript
A cybercrime is the only crime where the victim is also part of the attack. Think about it, it was YOUR computer that was used. Jay Ryerse and Barb Paluszkiewicz talk about what and where the important data is in your computer network. Learn who is getting hacked these days and what you can do to make sure its not you or your computer or your employees or your company.
Google said they would not be reading your email. Good News. Listen in as I tell you what you probably don't want to know about Gmail's dirty little secret. There is a new report out from SANS. Today, I will discuss what it said about Anti-Virus. Can you believe the Military is using home grade routers and then not even changing the default password? We will discuss what led to some very important military documents showing up on the Dark Web and how it could have been prevented. There is so much to talk about that I ran out of time so be sure to check out the related articles below. Craig is putting up a new membership site (Yes, it is free, but you have to sign up) On it will have all his special reports that he puts out and you will be the first to get them. These and more tech tips, news, and updates visit - CraigPeterson.com --- Transcript: Below is a rush transcript of this segment, it might contain errors. Airing date: 07/28/2018 Gmail's dirty little secret. Anti-Virus is now ineffective - SANS report. Stolen military drone document. Craig Peterson: [00:00:00] Hi everybody. Craig Peterson here. Thanks for joining us today. I don't know if you can hear that little Roomba going in the background here, she's cleaning up the room. We have we have a few things to talk about. This one is going to be kind of interesting. How well do the global warming predictions stand up? Because we've heard that. Of course, our whole world is about to fall apart. We're going to drown if we live in Florida, and everything is over with. You probably remember some of this, we'll talk a little bit about that. This is very, very cool article from the Cato Institute. We're going to talk about app developers, here when it comes to Google. They have committed to not reading your e-mails, but the same is not true. Yes, the app developer, so what are they doing. Did you realize thi?. Yeah, Hey, we have lots going on there. [00:00:52] Yeah. [00:00:53] Half of cyber attacks are, well, more than half, are undetected via antivirus software. Talk about that. A new report, a new study coming out of SANS, the SANS Institute. We've got military documents stolen. Some plans here, about the drone the number one, in fact, drone, in the U.S. military the MQ9 Reaper drone, and it's all because of something I warned you about here on this show a few months ago if the military had been listening in. I know they do. But, if these guys have been listening in the military, we wouldn't have lost those secret documents. Google. We're going to talk about how they now have had no phishing incidents. More than eighty-nine thousand employees. How did they do that? Well, we'll talk about that the top voting machine vendor has admitted something that I suspected for a very long time. Yeah, how can you trust vendors of software, and make sure they don't install backdoors. How can you do that? Yeah. Well, we'll talk about that a little bit. You know I'm thinking about it we're not going to get all of these today. You ought to check them out on my Web site Inside Facebook and Twitter. The artificial intelligence battle going on over our social lives, and Data, as a fingerprint, in fact, data is a fingerprint. We'll talk about what that means to you, as well. Because you're not a safe and private online as you might think you are. All right, let's see how far we can get today. [00:02:36] All right. We're going to start here with tech's dirty little secret. Now, we know about Facebook. Do you see their stock this week? Wild ride. I think that Facebook stock was down 25 percent at one point. The way Facebook has been treating its users is just abysmal, frankly. You do remember a few years ago we talked about this, on the show here, but a few years ago when Facebook decided that if you liked somebody's page, so let's say I had a page, which I did, online and a lot of celebrities had a page on Facebook, as well. And they would post stuff for their audience, the people that liked them, Right. So, you could follow any kind of celebrity you wanted on Facebook. You could follow somebody that was a musician because you enjoyed their music and there's a couple of them out there that I really enjoy, some new guys. Anyhow, you could have the musician you could have someone like me or maybe another radio personality, whomever so you follow them, you like their page on Facebook, and when they posted something it would show up in your feed. So, you would see what they had to say, and that was the idea, Right. You followed them, you like them because you wanted to see what they had to say. It is that simple enough for you. And, what's happened now is Facebook says, ok well you have a million followers I'm going to show your post to maybe 500 if you want your post to be seen by more people. You have to pay. And, they do that to me all of the time which is why, I'm not a, you know big Facebook user. Well, one of the reasons, about a big Facebook user but I do post stuff up there and they say "hey pay five bucks, and we'll go ahead, and we will show your post to more people." [00:04:27] Well, wait a minute these people said that they wanted to follow me. They wanted to hear from me. Why do you not show them my information? So, a lot of the big celebrities just said forget it. Some of the people that had more than a million likes on their Facebook fan pages said forget it, I'm gone. They deleted the whole account. They left. Now, this is a few years ago. Fast forward to today. We've got Facebook doing, even more, deciding because they're the Decider, more deciding about what it is you might want to see. What you don't want to see. Doesn't matter what you say, doesn't matter that you like the page, doesn't matter that they're a family member. If it says congratulations. OK great. They give high your ranking and you're more likely to see it. But, I want to know what my family members are saying. I want to know what the people I'm following are saying. Is that too difficult? Is that something that Facebook can't do for me? Right, I think that's a really, really, big deal, frankly, because that's why I was on Facebook in the first place. To find out what these people had to say. But no, Facebook is busy trying to gain you to get you to click on something to feed you stuff. And particularly those people who are libertarian like myself or maybe they're conservative. And Facebook has been using academics to come in and spend some serious time helping them develop their algorithms. And you know the academics know better than you do. So, they're going to give you what they think you should see which does not include anything that isn't on the Socialist Left, Right. [00:06:13] That's kind of the bottom line on this. [00:06:16] Obviously they're not going to feed anything from the hard right. But the question is? Where's that line? And, so just a regular moderate conservative person who's out there, middle of the road, is considered to be too far to the right by many of the algorithms. So your information is put out there. So, there's a lot of reasons people aren't using Facebook, the way they used to. Their profit forecast was down. So, their stock went way, way, down. And, they've been penalized, Right. The free market at work. Well, Google is getting into, say it has gotten into, and it's continuing to get into some trouble as well. [00:06:59] What's been going on on the Google front is kind of interesting, because Google was going through all of your mail. If you had Gmail Google went through it. They were looking for things and showing you ads based on what was in your e-mail. So, you know people kind of got upset because all of a sudden Google would be sending out a message about your bereavement. Because there was an e-mail about some uncle Dying or something and you would wonder about those ads. What are those ads all about what's Google doing here? And so Google, committed this was what, two or three years ago. [00:07:32] Committed to not going through e-mail and while the dirty secret is that they may not be going through it, but a wall street journal examination found that app developers, software developers, who are using Google's API's are going through your e-mails. One of the companies that they had a look at and this is from an article from Douglas Macmillan over at the Wall Street Journal. One of those companies does Return Path Inc. Now they collect data from marketers, they scan the inboxes of more than 2 million people who signed up for, one of the free apps and Return Paths partner network, using a Gmail, Microsoft or Yahoo email address, so, think about this. Think about the that what was that silly game, that people used to play over on Facebook where you are planting things you know you're a farmer. What is the name of that? If you know the name. Go ahead and text me 8 5 5 3 8 5 55 53 8 5 5 3 8 5 55 53. I can't think of it, anyway. [00:08:41] Those games when you sign up for them the app developers now gain access to certain of your information, and they don't have to be a game. They can be a tool, and you might remember of course that's what Cambridge Analytica was doing, yeah take our survey and now they've gained access to all kinds of Facebook information about you and your friends and their profiles. Right, then that's why they got into so much trouble. That's why Facebook, also this week, got this huge fine from the European Union. The maximum fine possible under this new G.D.P.R which is the new data protection policy. So, they levied the maximum fine possible which really, Facebook's not going to notice, from a financial standpoint, because it's Facebook just makes so much money. [00:09:29] So, Google is giving that information away. You've got to be careful. Oh, yea Farmville. That's what it was. Thanks, guys. Farmville. There are a few of them I guess but that's when I was thinking I was Farmville. [00:09:43] So, Return Path is one of them. [00:09:46] They're analyzing about 100 million emails a day, apparently, and at one point two years ago Return Path employees were reading about 8000 unredacted emails, employees. Okay, real people reading your emails per day eight thousand a day, while they're training their software. So, in another case, we've got Edison software which is another Gmail developer. They make this mobile app for reading and organizing your email. They personally reviewed the emails of hundreds of users to build a new feature and that's according to the company's CEO. So, letting users, employees read private potentially private right not necessarily all e-mails private but you know you consider e-mail private, don't you. That's a reasonable expectation, isn't it? You'd be upset if you found out people were reading your e-mails, Right. So, in this case, it's become common practice, for employees to read your e-mail. And frankly, it's a dirty little secret. Now neither Return Path or Edison asked users specifically if it could read their e-mails. They were just granted access to it. Really, really, bad news here. Now Facebook has allowed outside developers to gain access to the user's data, we know about that because of the Cambridge Analytica breach. Facebook says it stopped it in 2015. We're not going to go into all of that, but it's it's really kind of interesting to look at all of this, but remember, your data is not your data. Again, you are the product, right? We keep having to say that but a lot of people seem to forget about it. You are the product, you are not the customer? So, keep that in mind as you are going online and use your free e-mail and your free Facebook site to your free ecetera. Right. It isn't free. There is a cost [00:11:55] All right, it is cyber attack time here, with Craig Petersen. You know, that's what I do for a living. I don't attack people I protect them from attacks. In fact most of the time I get involved with a company when they have already been attacked. I picked up three or four new clients, this week alone, that have been attacked. One, of them, basically lost all of their finances. This is a small family owned business and they made, really kind of a cool little device, and wow, things things are bad when your bank account information is used or when your payments are redirected from you when the hackers get into your computers now, gain access to your bank accounts and just wire the money out, it's gone in 90 seconds. it's just nuts what happens out there while SANs came out, the SANS Institute. [00:12:53] Now, these are great guys and gals, obviously, but the great guys and they put together a number of training courses that you might want to check out, online at SANS dot org. Now one of the things they do is obviously they keep track of the exploits, and they just came out with their 2018 survey on Endpoint Protection and Response. So, they polled almost 300 I.T. information technology professionals. They asked about endpoint security concerns and practices. This year's survey. I want you guys to think about this for yourself. How do you measure up? Where do you fall in? In this survey, if you were asked OK. 42 percent of respondents reported and point exploits. So, that's pretty darn high. That's almost half as getting close to half of the respondents. These are information technology professionals, so, these are people who know the bottom line here of whether or not they're hacked, at least they're supposed to. And, almost half of them said that they did have exploits on endpoints. Now what the endpoint? Those are your computers. Basically, it's your Windows machines for the most part. Maybe your Mac? your Linux machine? Etcetera. Now, what's good about this is they're saying that's down from 53 percent last year, but the number of those who reported that they didn't know that they'd been breached, jumped from 10 percent to 20 percent. [00:14:36] So, maybe we're getting a little less honest, in some regards, this year with the tools, now. [00:14:43] You know I've talked about this before, in fact, if you attend one of my webinars I'll go through these stats but what is being reported right now, from our friends over at SANs is, that your traditional antivirus software, just doesn't work anymore. Antivirus systems, according to the survey. Now, these are professionals right. This isn't me. This isn't some marketer, right. Do you believe these guys? Do you believe these I.T. professionals? Well, they're saying that the antivirus systems, the traditional antivirus stuff, only detected endpoint compromise 47 percent of the time, 47 percent. Other attacks were caught through various types of automated alerts end point detection and response platforms, 32 to 26 percent. OK, so the most important attacks are intended to exploit the users. More than 50 percent of respondents reported drive-by incidents on the web. Now, all of this stuff is preventable and I think the industry, the security industry is doing everyone a huge disservice because they're all tooting their horns about how great they are and yet they are not great. None of the standard antivirus software companies you can think of, none of the standard firewall firms you can think of, None of these guys are actually anywhere near as good as they need to be or should be. And, I've I've said this before, right. [00:16:27] And so how can you believe their marketing. You've got John McAfee out there the founder of McAfee anti-virus saying McAfee antivirus is the worst. You've got Symantec senior executive saying yeah, antivirus is dead, don't use Symantec because it's just not worth it. And, then by the way somehow leaving his position the next day, it's just amazing. So, it goes on and on but, credential theft was used in many of these compromises. So, keep an eye on that. Keep an eye on phishing make sure you know what's happening. You want to use a really, really, good stack. You're not going to find that frankly from anybody, right now except Cisco. And unfortunately, it's not just antivirus software, anymore. It's what we're doing now. And what you're going to see most of the really good security professionals doing is a layered approach. I mean layered, layers, upon layers, there's multiple layers, on the endpoint on the multiple layers, on your computer. There's multiple layers on the network, and there's multiple layers of the network edge, where you might find a firewall. Okay. So, keep an eye out for that. And while it's disappointing but somehow this SANs survey is not surprising. Things are getting worse in Anti-Virus Software it's effective in less than half of the cases. [00:18:04] Speaking of antivirus and hacks, we talked on the show before, and it was all over the news about what the FBI had to say. Now, you know I worked with the FBI pretty closely I run their, national webinars for the entire InfraGard program which is the infrastructure Guardian stuff. Check it out online infragard dot org if you're involved with protecting your company's physical facilities or maybe your data facilities networks and stuff check it out, infragard dot Org. There are chapters, everywhere, there's like 80 chapters I think eighty plus nationwide and there is every state even here in New England. We have these chapters, so join your chapter. Keep up to date know what's going on, it's so important to have that information, in fact, you got to the webinar, I'm doing, again. We bring in experts, right. But in a few weeks and we're going to be talking with FRSecure, about this very issue here of how do you do security because you know you mentioned before the break in the last segment here how we have multiple layers on every part of the whole infrastructure. Well, he goes into some more detail where he's talking about the employees and the physical infrastructure. It's all well and good if you got the best of you know firewalled and anti-malware prevention and protection software and IDS and IPS, and all this stuff. But what if someone walks out the door with your server? And that's part of the HIPAA regulations. By the way, if you are involved with a medical practice, you've got to make sure all of your devices are physically locked down. All right, So, there's a lot to know, a lot to remember, a lot to learn. [00:19:52] So we'll be we'll be having him on. I just recorded the Web an hour with him yesterday, in fact, we're having him on soon. So. FBI warned and I brought it up here on the radio show too before the FBI warning came out warned globally that there are hackers who have hacked many of our routers. If you're using a router that has not had a software update a firmware update in a while? Particularly if you're using a lower-end router like a small business router or a personal router for your home. That device has been used, to send all of your data to Russia where important information is harvested out of it, and then it is sent back to you. So, you don't even know it's happened. It's really bad. Some of the stuff is crazy complex that they're doing. So, if you have not updated your router yet, I've got an article about that up on my Web site that leads you through, gives you step by step depending on who the manufacturer is. Some of the older ones you will not be able to update or upgrade. If you have a true business class router, a higher end router, and firewall something you pay north of two-thousand to five-thousand dollars for. And, by the way, you should be paying around five grand for a decent firewall, nowadays. But if you have one of these you're probably OK, at least for now. This article and I mentioned this is the beginning of this show is mind-blowing, because it's our number 1 drone out there, the MQ 9 Reaper drone. This is the number one drone, the top in the world. This thing can send missiles and can just do all kind of stuff. [00:21:46] Well we found online in the dark web and by the way, I hope you're doing Dark Web scans for yourself and your family. But we found or having them done, we found out there, the plans not for the reaper itself, but the entire maintenance manual, manual on the MQ 9 a reaper, wow, ok. This is the maintenance. This is Delta training is included in this where it's showing how to use the reaper to attack and to blow up IED's that might be on the road. How to hit a convoy, OK. All of this information and it is being sold for, drum roll please 150 and 200 dollars, for the lot. [00:22:39] Isn't that something. How did they get the information? [00:22:44] Well, turns out, that apparently, and this is according to bleeping computer, here, Kaitlynn but apparently the military bases I.T. team had not changed their routers default F.T.P. credentials. In other words, the default credentials now they're using a Netgear [00:23:08] router. WHAT???? That is a personal home router, it is not military grade, it's not business grade. What the heck are they doing, using the Netgear Router or are they NUTS? And for two years give or take we've known that these Netgear routers have a default set of FTP credentials. [00:23:34] So, the hacker also bragged about accessing footage of the MQ 1 Predator. My gosh what's going on? [00:23:44] So, if you're a business don't use these things! If you're the military, what the heck are you doing using these things? And if you're just a listener wondering what's going on, Appreciate you joining us today. Craig Peterson, of course, you can visit me online, all of today's articles including the ones we didn't get to like, 30 years on how well did global warming prediction stand up. Quick answer. They didn't. [00:24:08] And Google's 90000 employees how did they stop phishing. I'm going to have to do a special on that one. Top voting machine vendor admits it Restall installed remote access software on voting machines, that were sold to states. Your data is a fingerprint. And Facebook, Google, Twitter, they're all using AI to battle over your content. It's kind of interesting lots of stuff. Of course, you don't have time to get to it today. But, I appreciate you guys joining me. Visit me online Craig Peterson dot com. Make sure you get my alerts. The only way to do that is to text me. [00:24:47] You can ask any question, you can sign up for alerts, whatever you want. 8 5 5 3 8 5 55 53 8 5 5 3 8 5 5 5 5 3. Have a great week. Thanks for joining us. Bye-bye. --- Related articles: --- Gmail app developers have been reading your emails Inside Facebook, Twitter and Google’s AI battle over your social lives A Hacker Sold U.S. Military Drone Documents On The Dark Web For Just $200 Top Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States Google’s 89,000+ employees have had zero phishing incidents since switching to hardware security keys in 2017 Thirty Years On, How Well Do Global Warming Predictions Stand Up? ‘Data is a fingerprint’: why you aren’t as anonymous as you think online --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Message Input: Message #techtalk Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553
Endpoint protection continues to be an ever challenging security issue for organizations, with new threats coming forward on a regular basis. WWT’s Matt Berry and Palo Alto Network’s Danny Milrad discuss how companies must deal with these new threats. They discuss the changes in the threat landscape in the past year, approaches companies should take in protecting their data from these new threats that have moved beyond just malware and how WWT works with partners like Palo Alto to help customers meet these security challenges. For further information on these topics, click on the links below. https://www2.wwt.com/endpoint-protection/ https://www.paloaltonetworks.com/products/secure-the-endpoint/traps.html
Endpoint Protection - The new and improved antivirus! You may think that you have Antivirus software, and you may remember installing it or paying for it to be installed… but when was the last time you updated your Antivirus software subscription? Today Brian Coffey chats with Barb Paluszkiewicz about threat intelligence, and how antivirus has evolved to keep up with the latest virus' and malware.
Today is part two of evaluating endpoint solutions, where I primarily focus on Caldera which is an adversary simulation system that's really awesome! You can essentially setup a virtual attacker and cut it loose on some test machines, which is what I did as part of an endpoint protection evaluation project. The attacks simulated are from Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) project. So the big question is...did any of these endpoint solutions catch some of the simulated ATT&CKs? Check out today's podcast to find out! Oh, and I wrote up my quick install guide for Caldera here.
I'm working on a fun project right now where I'm evaluating endpoint protection solutions for a client. They're faced with a choice of either refreshing endpoints to the latest gen of their current product, or doing a rip and replace with something else. I've spun up a standalone AD environment with ~5 Win 10 VMs and nothing on 'em except a current set of patches. The idea is I can assign each workstation VM an install of INSERT_NAME_OF_POPULAR_AV_VENDOR_HERE and have somewhat of a "bake off." Now what I'm finding is there are great sites like [AV Test](AV Test) or AV-Comparatives do a nice job of breaking down what kind of performance, features, and management offerings a given vendor has. But what I haven't found is some structured testing for "act like a bad guy" actions. I'm thinking things like: Mimikatz tomfoolery Lateral attacks with Metasploit shells Egress port scanning (to find an acceptable outbound port for C2 or data exfil) Jacking around with various PowerShell scripts and commands However, thanks to some awesome friends on Slack they pointed me to what looks to be a nice set of scripts/tests - many of which could be used to see what kind of behaviors the endpoint protection will catch. So coming up in part #2 of this series, I'll do a deeper dive into: RTA Atomic Red Team
The Year in Security and looking forward to 2018. 2017 was an eventful year in Cybersecurity. Breaches. Exposed files. More election mischief. Two of WWT’s Security experts, Chris Konrad and Kent Noyes, look back at 2017. They also look forward to 2018, focusing on key topics including Segmentation, Security Automation and Endpoint Protection. For a deeper dive into all things Security from WWT, click on the link below. Security Solutions
Host Cameron D’Ambrosi joins AppGuard President and COO Mike Fumai to discuss the distinctions between endpoint protection and anti-virus software, the changing cybersecurity landscape, and the future of IoT and medical device cybersecurity.
Matt and Michael discuss JASK, Automox, and more vendors that have stood out to them in the realms of security operations and endpoint protection! Full Show Notes: https://wiki.securityweekly.com/ES_Episode59 Visit http://securityweekly.com/esw for all the latest episodes!
Matt and Michael discuss JASK, Automox, and more vendors that have stood out to them in the realms of security operations and endpoint protection! Full Show Notes: https://wiki.securityweekly.com/ES_Episode59 Visit http://securityweekly.com/esw for all the latest episodes!
The Prosiliency Podcast, aka DR in a Bar, is an irreverent, profane and always real look at life and technology from both inside and outside the data center. The Prosiliency Strategy is a Proactive Strategy to enable your Data Center to be the most resilient in case of Disaster. Prosiliency is the interesection between art and science where your data is never lost . . . and your business is never down. In this, our 9th episode, we look at automation trends that affect our daily lives through the lens of Disaster Recovery and bring light to questions that will be addressed in the wake of automation and the evolution of the automobile. And of course we enjoy a little beer along the way . . . Vince's Beer: The Torn Label Monk and Honey - Rating: 9.15 (!) Eddie's Beer: Founder's Rubaeus Nitro - 6.77 (with a line over it . . . whatever that means) Larry Page invests in the Flying Car http://www.businessinsider.com/ceo-google-invested-flying-car-larry-page-kitty-hawk-2017-4 Kevin Smith's The Flying Car https://www.youtube.com/watch?v=YsSCBxzlDbU Travis Kalenic of Uber predicts self driving automobile Fleet by 2020 https://www.usatoday.com/story/tech/news/2017/04/25/uber-targets-2020-demo-flying-ride-hailing-network/100857374/ How to contact us: Eddie Perez: https://www.linkedin.com/in/eperez507/ Vince Vaughan: https://www.linkedin.com/in/vincevaughan/ http://www.prosiliency.com Remember to Back that Sh!t up!
Security Current podcast - for IT security, networking, risk, compliance and privacy professionals
Is there room for yet another endpoint protection product in a market crowded with alternatives? SentinelOne says there is and that they are reinventing endpoint protection with an aim to replace antivirus within the enterprise. In this sponsored podcast SentinelOne explains its approach to protecting against advanced persistent threats (APTs) and zero-day attacks while also providing forensics. Tomer Weingarten, co-founder and CEO of SentinelOne, explains to Security Current's Vic Wheatman just how the startup combines behavior detection with cloud intelligence and whitelisting to block, detect and predict attacks.
Reimagining Windows: An In-Depth Look at Windows 8 for the Enterprise (Audio) - Channel 9
In today’s episode, Technical Evangelist Kevin Remde welcomes Sr. Technical Product Manager Martin Booth to the show as they discuss enterprise management and how System Center 2012 SP1 Configuration Manager can help deploy, work with, manage and secure Windows 8. In Part 1 of their discussion Kevin and Martin chat about the latest improvements made to System Center 2012 and how it relates to Windows 8.[2:11] What is System Center Configuration Manager and what can it do for business IT? [3:00] Why is SP1 important for System Center 2012 and ultimately Windows 8? [3:55] Can Configuration Manager handle Windows 8 application deployment? [5:28] How does Endpoint Protection work for Windows 8? [7:40] What are my options for deploying and managing Windows 8 with Configuration Manager 2007? [9:13] What are some of the new features in Windows 8, that System Center 2012 SP1 Configuration Manager can help with? Download the Windows 8 Enterprise Evaluation today and test your applications, hardware and deployment strategies with Windows 8.Resources:Windows 8 Enterprise Windows 8 Licensing The Springboard Series Blog Windows 8 Resources for IT Pros on Springboard Resources for Developers to Build Windows 8 Apps Windows 8 resources for partners on Microsoft Partner Network
Reimagining Windows: An In-Depth Look at Windows 8 for the Enterprise (HD) - Channel 9
In today’s episode, Technical Evangelist Kevin Remde welcomes Sr. Technical Product Manager Martin Booth to the show as they discuss enterprise management and how System Center 2012 SP1 Configuration Manager can help deploy, work with, manage and secure Windows 8. In Part 1 of their discussion Kevin and Martin chat about the latest improvements made to System Center 2012 and how it relates to Windows 8.[2:11] What is System Center Configuration Manager and what can it do for business IT? [3:00] Why is SP1 important for System Center 2012 and ultimately Windows 8? [3:55] Can Configuration Manager handle Windows 8 application deployment? [5:28] How does Endpoint Protection work for Windows 8? [7:40] What are my options for deploying and managing Windows 8 with Configuration Manager 2007? [9:13] What are some of the new features in Windows 8, that System Center 2012 SP1 Configuration Manager can help with? Download the Windows 8 Enterprise Evaluation today and test your applications, hardware and deployment strategies with Windows 8.Resources:Windows 8 Enterprise Windows 8 Licensing The Springboard Series Blog Windows 8 Resources for IT Pros on Springboard Resources for Developers to Build Windows 8 Apps Windows 8 resources for partners on Microsoft Partner Network
Reimagining Windows: An In-Depth Look at Windows 8 for the Enterprise (MP4) - Channel 9
In today’s episode, Technical Evangelist Kevin Remde welcomes Sr. Technical Product Manager Martin Booth to the show as they discuss enterprise management and how System Center 2012 SP1 Configuration Manager can help deploy, work with, manage and secure Windows 8. In Part 1 of their discussion Kevin and Martin chat about the latest improvements made to System Center 2012 and how it relates to Windows 8.[2:11] What is System Center Configuration Manager and what can it do for business IT? [3:00] Why is SP1 important for System Center 2012 and ultimately Windows 8? [3:55] Can Configuration Manager handle Windows 8 application deployment? [5:28] How does Endpoint Protection work for Windows 8? [7:40] What are my options for deploying and managing Windows 8 with Configuration Manager 2007? [9:13] What are some of the new features in Windows 8, that System Center 2012 SP1 Configuration Manager can help with? Download the Windows 8 Enterprise Evaluation today and test your applications, hardware and deployment strategies with Windows 8.Resources:Windows 8 Enterprise Windows 8 Licensing The Springboard Series Blog Windows 8 Resources for IT Pros on Springboard Resources for Developers to Build Windows 8 Apps Windows 8 resources for partners on Microsoft Partner Network
I dropped by the Symantec booth at IT Nation and had some fun horsing around with Anne Stobaugh and Dal Gemmell. They brought me up to speed with some of the latest programs at Syamantec. Anne made a point that Symantec is trying to be very MSP friendly. They offer a monthly subscription buying program AND promised that you don’t have to worry about Symantec contacting end users! The monthly program is a buy-what-you-need model and great for cash flow. A few products are available in this program either on-premise or in the Cloud, including End Point Protection and Backup Exec. Dal focuses on that Endpoint Protection piece and says Symantec is totally supporting Windows 8 devices at this time. As he says, “In this business, if you don’t adapt quickly to change, you’re not going to be in business for very long.” Symantec is also a big supporter of HTG. They support some groups directly and try to have a tight relationship. Their goal her is to stay tuned to what MSPs are looking for. Symantec has an “MSP Specialist” team that focuses completely on MSP products and issues. You can contact the MSP team at … msp@symantec.com or call 855-210-1101. Download the Interview with Anne Stobaugh and Dal Gemmell from Symantec here. For more information on Symantec, visit www.symatec.com. For more information on IT Nation, visit www.TheITNation.com. For more information on ConnectWise, visit www.ConnectWise.com.
There's no denying that virtualization has transformed our datacentres and redefined how we do IT, giving us more capacity and savings. Now, private cloud capabilities take us one step further providing the agility IT needs to truly provide IT as a service.The beauty of a private cloud is that it takes characteristics of a public cloud (resource pooling, elasticity, self-service, and pay per use) and combines those characteristics with management and security built on dedicated resources to provide services to a select group. System Center 2012 brings you that single pane of glass you need to manage your applications and services across your public, private, hybrid or traditional infrastructure. Within the System Center suite, Endpoint Protection provides give you control and security while Windows Server 2008 R2 SP1 provides world-class virtualization through Hyper-V.In this Tech Talk, we're joined by Islam Gomaa, IT Manager for E-Academy, Inc., and William Bressette, Network Architect for Horn IT Solutions, to discuss the challenges of managing a private cloud and the capabilities of System Center 2012, an integral part of Microsoft's Private Cloud solution. ResourcesDownload Private Cloud evaluation software (System Center 2012 + Window Server 2008 R2) https://aka.ms/sceval Find free online training modules on Private Cloud https://aka.ms/mvacademy Islam GomaaIslam Gomaa is a Data Protection Manager MVP from Ottawa, Canada, specializing in System Center Products, disaster recovery and system infrastructure running on the Microsoft server technology stack. Islam brings over 12 years of expertise in helping organizations align their business goals using Microsoft technology and deploying Microsoft-based solutions for the private and public sector. He is also a member of the Windows Springboard Technical Expert Panel [STEP] for Windows 7 and Windows Server 2008 R2 having delivered STEP presentations in Ottawa.He has authored several webcasts on Data Protection Manager 2007& 2010 including "Protecting Applications with DPM2007" and "DPM and Opalis Automation for Disaster Recovery". Islam presented at TechEd 2011 in Atlanta Georgia, and the I365 Worldwide summit in Salt Lake City. He is a frequent presenter for both OWSUG in Ottawa and MITPRO in Montreal.Islam has a B.Sc. in computer science from Montreal University, and holds several Microsoft technical designations. He is an active member of the IT community. Islam enjoys sharing his adventures and ideas about system administration through his blog at http://owsug.ca/blogs/islamGomaa.William BressetteWith Horn IT Solutions since 2007, William is an award-winning member of their team (2010 Microsoft Most Valuable Professional Award and of the "Impact Award 2008" for Infrastructure Design). William is responsible for implementing and managing Horn IT Solutions participation in the Microsoft Partner Program and for Horn achieving Gold Certified membership Level with 5 competencies: Advance Infrastructure, Network Infrastructure, Infrastructure Worker, Licensing and Security solutions along with Small Business Specialist.As Network Architect William performs Network and Data Center Design for medium sized organizations across Canada, implements network monitoring tools for customer sites and creates and manages IT Policy for customer locations. His excellent project management skills are applied to small and large customer projects as he manages technical services as well as development and management of the Microsoft Packages Service Program at Horn IT.He graduated from Georgian College in Barrie in 1996 with a major in mathematics.PodcastThis episode is also available as a podcast.Listen Now >>Download as MP3 >> Subscribe with Zune >> Subscribe with RSS Feed >>Subscribe with iTunes >>About AlignIT Manager Tech TalkThe AlignIT Manager Talk is a monthly live streamed video series hosted by Ruth Morton (LinkedIn) and Jonathan Rozenblit (LinkedIn). Each Tech Talk episode airs on the 2nd Thursday of the month from 12:00pm to 12:30pm EST. The show focuses on a range of topics for both infrastructure and development managers and is interactive, taking questions via a live chat and providing answers on airAbout AlignITThe AlignIT program is dedicated to keeping IT leaders informed about what really matters in business and technology. We do that through in-person events, web casts, our blog and of course, this podcast series. You can find more information about the Align IT program at www.alignit.ca. If you have comments, suggestions, and ideas for future topics please let us know by connecting with us via email, Twitter, or LinkedIn.Visit the AlignIT site >> Follow AlignIT on Twitter >> Join the conversation on LinkedIn >>
Richard talks to Rory McCaw of Infront Consulting about the System Center 2012 suite. The conversation starts with the starting point of System Center - Configuration Manager or Operations Manager, depending on the focus of your organization. From there, the entire suite is explored, including Virtual Machine Manager, Orchestrator, Service Manager, Data Protection Manager, Endpoint Protection and App Controller. Rory explains how the different parts of System Center fit together and why you want to slowly add each product to your organization. This is about getting to preventative IT rather than constantly battling the crises!