POPULARITY
RSAC 2025 comes to an end. Canadian power company hit by cyberattack. Ascension Health discloses another breach. UK luxury department store Harrods discloses attempted cyberattack. Microsoft fixes bug flagging Gmail as spam. An unofficial version of the Signal app shared in photo. EU fines TikTok for violating GDPR with China data transfer. US Treasury to cut off Southeast Asian cybercrime key player. Passwordless by default coming your way. Our guest is Kevin Magee, from Microsoft, sharing a medley of interviews he gathered on the show floor of RSAC 2025. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Kevin on the Street Joining us this week from RSAC 2025, we have our partner Kevin Magee, Global Director of Cybersecurity Startups at Microsoft for Startups. Kevin closes out RSAC 2025 with a high-energy medley of interviews straight from the show floor, packed with sharp insights and bold ideas from some of cybersecurity's standout voices. It's a dynamic and fast-paced finale to our RSAC coverage—and you can find links to all of the guests featured in the show notes. In this segment, you'll hear from Christopher Simm, CTO at Bulletproof; Dr. Chase Cunningham (aka Dr. Zero Trust), Chief Strategy Officer at Ericom Software; Helen Patton, cybersecurity advisor at Cisco; Jeremy Vaughan, CEO and co-founder of Start Left Security; and Tzvika Shneider, CEO of Pynt. You can also catch Kevin on our Microsoft for Startups Spotlight, brought to you by N2K CyberWire and Microsoft, where we shine a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. Kevin and Dave talk with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur, then speak with three Microsoft for Startups members: Matthew Chiodi of Cerby, Travis Howerton of RegScale, and Karl Mattson of Endor Labs. Whether you are building your own startup or just love a good innovation story, listen and learn more here. Selected Reading Day 4 Recap: Closing Celebration with Alicia Keys, RSAC College Day, and What's Ahead for 2025 (RSAC Conference) Canadian Electric Utility Hit by Cyberattack (SecurityWeek) Ascension discloses second major cyber attack in a year (The Register) Harrods latest retailer to be hit by cyber attack (BBC) Microsoft fixes Exchange Online bug flagging Gmail emails as spam (Bleeping Computer) Mike Waltz Accidentally Reveals Obscure App the Government Is Using to Archive Signal Messages (404 Media) TikTok hit with 530 million euro privacy fine in investigation into China data transfer (AP News) Ukrainian extradited to US for alleged Nefilim ransomware attack spree (CyberScoop) US wants to cut off key player in Southeast Asian cybercrime industry (The Record) Microsoft makes all new accounts passwordless by default (Bleeping Computer) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Live on-location from Infosecurity Europe 2023, Sean Martin connects with Ravi Pather from Ericom Software to discuss the importance of security architecture and isolation to prevent zero-day exploits from reaching networks and applications.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-storyGuest: Ravi Pather, VP EME, Ericom Software [@Ericom_Software], Cybersecurity Business Unit at Cradlepoint [@cradlepoint]On Linkedin | https://www.linkedin.com/in/ravi-pather-21b20710/ResourcesLearn more about Ericom and their offering: https://itspm.ag/ericom-software-gtzfBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6BAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:
Live on-location from Infosecurity Europe 2023, Sean Martin connects with Ravi Pather from Ericom Software to discuss the importance of security architecture and isolation to prevent zero-day exploits from reaching networks and applications.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-storyGuest: Ravi Pather, VP EME, Ericom Software [@Ericom_Software], Cybersecurity Business Unit at Cradlepoint [@cradlepoint]On Linkedin | https://www.linkedin.com/in/ravi-pather-21b20710/ResourcesLearn more about Ericom and their offering: https://itspm.ag/ericom-software-gtzfBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6BAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:
When a concept or strategy gains enough traction, marketing and sales jump in to capitalize on it, and eventually, it becomes a poisoned well from which people draw. This happens not because the strategy itself lacks merit, but because we, as humans, get saturated with information, and anything that everyone is talking about begins to seem like BS. However, just because there's a lot of noise around a particular concept doesn't mean that there isn't something valuable at the core. Brutally honest insights from Aaron Brongersma, Leader of the Cloud Center of Excellence at Checkpoint and Chase Cunningham Chief Strategy Officer (CSO) at Ericom Software. In this episode, Dani Woolf had a conversation with Aaron and Chase about: The real deal with all the stigma around Zero Trust How vendors can prescriptively and successfully map solutions to the Zero Trust eXtended framework Ways vendors can better understand their buyers How the Zero Trust eXtended framework is shifting given the dynamic nature of the market Ways cybersecurity vendors and the folks working for the vendors can quickly and authentically establish trust with buyers Where Zero Trust heading in the next 3 to 5 years This episode was sponsored by Check Point Technologies, a leading provider of cybersecurity solutions to over 100,000 corporate enterprises and governments globally. Check Point Infinity's portfolio of solutions, protects enterprises and public organizations from fifth generation cyber attacks with an industry leading catch rate of malware, ransomware, and other threats. To learn more about checkpoint and its infinity portfolio. Visit checkpoint.com. Join Audience 1st Newsletter Today Join 1300+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter
As the Chief Strategy Officer at Ericom Software, Dr. Chase Cunningham is a leading voice in cybersecurity. With his extensive experience in enterprise security and his nickname "Dr. Zero Trust," Dr. Cunningham is well-positioned to offer insights and advice to organizations looking to protect themselves from advanced security threats. One of the key points that Dr. Cunningham stresses is the importance of Zero Trust security. Zero Trust security is not just a "nice to have," but an essential component of modern cybersecurity. With businesses becoming increasingly digital and connected, their security threats are also growing. Dr. Cunningham explains that implementing Zero Trust security is a proactive way to reduce risk and ensure that sensitive information is protected from cyberattacks. Cybersecurity Threats and Vulnerabilities are also key areas of concern for Dr. Cunningham. He is currently seeing an increase in the use of ransomware and other cyberattacks, and he believes this trend will only continue in the future. As a result, businesses need to be proactive in their approach to cybersecurity, and they need to make sure that they are using the latest technologies and strategies to protect their assets. Another topic that Dr. Cunningham discusses is the recent rapid growth of ChatGPT. ChatGPT has gained 100 million users in just three months, a trend that will likely continue. However, with this growth comes an increased risk of cyberattacks, and Dr. Cunningham believes that organizations must be prepared for these challenges. Finally, Dr. Cunningham touches on the growing threat of Cyber Warfare. With so much global conflict and political tension, he believes that it's only a matter of time before we see an increase in cyberattacks carried out maliciously. This is why he stresses the importance of Cyber Forensic and Analytic Operations, which can help businesses understand the root causes of these attacks and take steps to prevent them in the future.
In this episode, our two hosts talk to Dr. Chase Cunningham, Chief Strategy Officer for Ericom Software, retired Navy Chief Cryptologist, and host of the DrZeroTrust podcast. In their conversation the trio discuss the role that Zero Trust plays in modern security operations, share thoughts on how organizations can improve their overall security posture, and pontificate on interesting future cybersecurity technologies.
Joshua Behar is CEO of Mobile2CRM, which solves an organizational blind spot by capturing business communications (Voice, Text, WhatsApp) conducted via cellular devices without violating users' privacy. -The core problem Mobile2CRM solves is customer-facing employees' usage of mobile phones to do business, whether managing customer data in their own personal excel rather than the CRM, or the common high turnover and customer poaching amongst salespeople. -The core product records and documents business mobile calls and SMS records in the CRM without infringing on the privacy of employees' personal mobile devices. -Compliance can allow people to use a single phone to run both personal and business communication with a clear separation between the two, whether W2 or 1099 employees during peak seasonality. -Mobile2CRM is seeking strategic investment and distribution partners in the US. Previously, Joshua was CEO of Ericom Software, GM of Time To Know Inc and COO at Amdocs. Follow the Insurtech Leadership Podcast airing weekly hosted by Joshua R. Hollander. We give you up-close access and personal insights from the leaders of the fastest-growing #insurtechs and most innovative #insurance carriers and brokers.
We host Chase Cunningham with his casual demeanor and his incredible expertise in cybersecurity. Chase is currently the chief strategy officer at Ericom Software. He was a former Navy and NSA cryptologic technician. And he's also done some amazing work in zero trust, having been a principal analyst at Forrester and shaped the ASD Essential 8 Framework here in Australia. Chase is now a strategic advisor to board-level stakeholders and offers up impressive insights into cyber security and his ability to turn everything into eyebrow-raising analogies! With that, we zero-trust that you really enjoy this episode! Chase's book here: https://www.amazon.com/Cyber-Warfare-Strategies-organization-battleground/dp/1839216999 02:00 - Chase's background at Ericom, Forrester, NSA, Navy 06:01 - Conversations with boards and CEOs 11:54 - Chase's golden advice for security practitioners 15:27 - The best examples of helping CISOs 21:23 - History and application of Zero Trust 23:19 - Explaining Zero Trust at two extreme levels 31:29 - The prediction for Zero Trust in the next 5 years 36:54 - Network, security, cloud, development teams 41:07 - Developers, developers, developers, developers 44:28 - Two types of organisations in the world 45:17 - Feedback on Australia's security maturity 50:54 - Chase's Dark Mode story Dark Mode Socials:
Most individuals and businesses know they need to address cybersecurity, but they don't know where to start. That's understandable because the digital world is like a sieve with thousands of holes. You may patch most of them but there are always a few for criminals to slip through. The question is, what are the most important holes to plug. The Zero Trust approach is proving to be the most comprehensive solution to security, but even then there are dozens of ways and companies dedicated to achieving a Zero Trust paradigm. Where should you look? Well, Dr. Chase Cunningham, Chief Strategy Officer (CSO) at Ericom Software, has created something that might help. It's an online market map listing the applications and solution providers for Zero Trust. We spent some time talking about how he developed it and how it can help people and organizations navigate the Zero Trust rapids. --- Send in a voice message: https://anchor.fm/crucialtech/message Support this podcast: https://anchor.fm/crucialtech/support
Dr. Chase Cunningham, also known as the 'doctor of Zero Trust, is the current chief strategy officer at Ericom Software. In this episode of Cybersecurity Unplugged, Dr. Cunningham discusses getting a bigger and better view of the Zero Trust model in cyber warfare, his book, Cyber Warfare - Truth, Tactics and Strategies: How different things are used to crawl through the applications of artificial intelligence and machine learning for threat, and looking into the future of Zero Trust and turning up the heat in the market.
Dr. Chase Cunningham is the Chief Security Strategy Officer (CSO) at Ericom Software. Previously he was Principal Analyst at Forrester serving Security and Risk professionals. Prior to Forrester Research, Chase was the director of cyber threat intelligence with Armor, where he designed and managed the cloud security and intelligence engine for their enterprise customers. A retired US Navy chief with more than 20 years' experience in cyber forensics and cyber analytic operations, Chase has past operations experience, stemming from time spent in work centers within the NSA, CIA, FBI, and other government agencies. In those roles, he helped clients operationalize security controls; install and leverage encryption and analytic systems; and grow and optimize their security operations command systems and centers. LinkedIn: https://www.linkedin.com/in/dr-chase-cunningham/ Twitter: https://twitter.com/CynjaChaseC Author of Cybersecurity Books for kids and adults: https://www.amazon.com/Chase-Cunningham/e/B00I2PHD3W?ref=sr_ntt_srch_lnk_2&qid=1643855110&sr=1-2 DrZeroTrust Podcast: https://podcasts.apple.com/us/podcast/drzerotrust/id1570251081
The first episode of the Beltway Black Box series was a timely conversation on whether zero trust thinking represents a breakthrough in cyber-security, the hidden risks associated with it and how it is likely to impact companies and the government. Participating were an exceptional group of experts including: Dmitri Alperovitch, Co-Founder of CrowdStrike and Executive Chairman of the Silverado Policy Accelerator; Chase Cunningham, Chief Strategy Officer at Ericom Software;Juliette Kayyem, Chair of the Homeland Security and Security and Global Health Projects at Harvard's Kennedy School of Government;and David Sanger, Author of The Perfect Weapon and White House and National Security correspondent at the New York Times.The conversation covers the genesis of ZTA adoption following cyber-attacks on critical infrastructure and the Biden Administration and congressional response to this change in security paradigm. The experts define ZTA in practical terms, frankly assess implementation hurdles in the private sector - including early adopter vs. laggard industries - and give actionable advice for private business and policy makers.Support this show http://supporter.acast.com/deepstateradio. See acast.com/privacy for privacy and opt-out information.
The first episode of the Beltway Black Box series was a timely conversation on whether zero trust thinking represents a breakthrough in cyber-security, the hidden risks associated with it and how it is likely to impact companies and the government. Participating were an exceptional group of experts including: Dmitri Alperovitch, Co-Founder of CrowdStrike and Executive Chairman of the Silverado Policy Accelerator; Chase Cunningham, Chief Strategy Officer at Ericom Software;Juliette Kayyem, Chair of the Homeland Security and Security and Global Health Projects at Harvard's Kennedy School of Government;and David Sanger, Author of The Perfect Weapon and White House and National Security correspondent at the New York Times.The conversation covers the genesis of ZTA adoption following cyber-attacks on critical infrastructure and the Biden Administration and congressional response to this change in security paradigm. The experts define ZTA in practical terms, frankly assess implementation hurdles in the private sector - including early adopter vs. laggard industries - and give actionable advice for private business and policy makers.Support this show http://supporter.acast.com/deepstateradio. See acast.com/privacy for privacy and opt-out information.
Dr. Chase Cunningham, CSO of Ericom Software released a techno-thriller book during Cyber Awareness Month titled "C:>_gAbrIel." This book draws on Chase's real-world experience as a technologist and how cyber warfare, cybersecurity, and artificial intelligence (AI) can be leveraged by bad actors. Although fiction, the information in this book offers a glimpse at what can potentially happen in the future if these technologies remain unchecked. Chase's background includes interacting with national security and intelligence communities, countering cybercriminal actions, and building and deploying secure systems to counter malicious cyber threats. About Chase Dr. Chase Cunningham primarily guides client initiatives related to security operations center (SOC) planning and optimization, counter-threat operations, encryption, network security, and strategic concepts and implementation. In addition, he helps senior technology executives with their plans to leverage comprehensive security controls and the use of a variety of standards, frameworks, and tools to enable secure business operations. Chase has served as a director of cyber threat intelligence operations at Armor. He was the computer network exploitation lead for Telecommunication Systems and the chief of cyber analytics for Decisive Analytics. Dr. Cunningham is also a retired U.S. Navy Chief with more than 20 years' experience in cyber forensic and cyber analytic operations. He has past operations experience, stemming from time spent in work centers within the NSA, CIA, FBI, and other government agencies.
Our guest this week is Dr Chase Cunningham, retired Navy Chief Cryptologist and currently the Chief Strategy Officer with Ericom Software. He has experience across a range of the three-letter agencies in the US and over 20 years experience in cyber forensics and analytic operations. He also has a PhD in isolating insider threats through combining technical precursors with human behaviour modelling. His deep technical expertise has also fed into his work as an author, with his 2020 title “Cyber Warfare: Truth, Tactics and Strategies” and more recently his move into fiction with gAbrIel. Chase and Gar dive into digital forensics in this episode along with Chase's insights into ransomware, the misrepresentation and misunderstanding of AI, deepfakes, the machine learning and deepfakes being used for MasterPrints, and influence attacks. For the latest cyber news and insights head to www.getcyberresilient.com
Ericom Software recently announced the release of ZTEdge, an all-in-one zero trust cloud security platform designed specifically for midsize enterprises, a market underserved yet highly vulnerable to cyberattacks. Ericom's CSO, Chase Cunningham joins me on the Tech Talks Daily Podcast to discusses the market, positioning, and why this product is an industry-first for midsize enterprises. Large enterprises have accelerated their adoption of zero-trust security in response to the increased levels of cyberattacks experienced during the pandemic. Equally vulnerable, midsized enterprises and small businesses have the same need for zero-trust security protection. Still, existing solutions are too complex, too expensive, and too resource-intensive for many of them to adopt. ZTEdge provides a solution that is right-sized for the needs of this market. It offers a comprehensive solution that reduces cyber risk, cuts complexity, and improves performance, all at price points dramatically lower than competitive offerings. We explore the following key areas: Identifying Users and Authenticating Devices: connects the right people and devices to the right apps and resources by using password-based or passwordless authorization and multi-factor authentication. Secure Web and Internet Access: protect users as they interact with the web and email by leveraging URL filtering, anti-virus scanning, anti-phishing protection, remote browser isolation (RBI), and more. Secure Remote Private Application Access: provides a simple way to connect remote workers with private cloud or on-premises applications, using Zero Trust Network Access (ZTNA) capabilities. SaaS Application Access Control: offers dedicated ZTEdge tenant IP addresses allowing organizations to enforce IP-based access policies to secure apps like Office 365 or Salesforce, thereby eliminating credential theft risks. Network Protection and Monitoring: segments and monitors networks using machine learning-powered micro-segmentation and granular network traffic analysis – stopping threats from spreading. User-Branch-Internet Connectivity: integrated SD-WAN capabilities allow an organization to securely connect users and offices and securely route branch traffic directly to the ZTEdge cloud and internet, eliminating the need to backhaul branch traffic over costly MPLS circuits.
"Trust is a human emotion. Computers don't have emotions. They don't need that trust, inherently" – that's the heart of Zero Trust cybersecurity, and SASE is how to make it happen. Forcepoint's Nico Fischbach, global CTO and VPE of SASE, and Chase Cunningham, chief strategy officer at Ericom Software, on using SASE to make Zero Trust a reality.
I was honored to have Dr. Chase Cunningham, Chief Strategy Officer of Ericom Software on this week's podcast. Dr. Cunningham is also the host of the Dr. Zero Trust Podcast, a former NSA Cryptologist and a leader in the cybersecurity field. We talk a range of topics to include insider threat, proactive cybersecurity, and what the cyber future holds. If you have questions about the podcast, the FBI, or any other topic, email me at darren@thecyburguy.com or connect/follow me at www.linkedin.com/in/darrenmott. Thanks for listening. #knowledgeisprotection
Digital Shadows CISO Rick hosts this edition of ShadowTalk. He’s joined by special guest Dr. Chase Cunningham, author, Retired Navy Chief Cryptologist, and Chief Strategy Officer at Ericom Software. They discuss: -Dr. Chase's origin story -How to use Zero Trust to take back initiative from the adversary -How the VPN is the Palm Pilot of your network infrastructure -Why there is no Zero Trust easy button -Chase's romance novel on cyber warfare -Threat modeling vacations ***Resources from this week’s podcast*** Find Dr. Chase Cunningham on LinkedIn: https://www.linkedin.com/in/dr-chase-cunningham-54b26243/ Find Dr. Chase Cunningham on Twitter: https://twitter.com/CynjaChaseC Cyber Warfare – Truth, Tactics, and Strategies: Strategic concepts and truths to help you and your organization survive on the battleground of cyber warfare: https://www.amazon.com/gp/product/B084ZN2HBD/ref=dbs_a_def_rwt_bibl_vppi_i0 Ericom Software: https://www.ericom.com/r/dr-zero-trust/ ZT Edge: https://www.zerotrustedge.com/
During this episode, Dr. Chase Cunningham discusses the evolving nature of cyber. He asserts that cyber is a key component of national policy, national capability, and warfare. We touch on the concept of a perimeter and why he asserts the “perimeter is dead.” Additionally, Chase recounts examples of COVID-related disinformation and deepfake technologies which have ramifications both in national security and corporate security. The conversation shifts gears into a discussion about Cynja, which is a program designed to educate and protect children from cyber-related threats--including polymorphic malware, DDOS command and control, antiviral signatures, and cognitive overload. See this link for full show notes and links to resources. Bio: Dr. Chase Cunningham is the Chief Strategy Officer at Ericom Software. Chase is the creator of the Zero Trust eXtended framework and a cybersecurity expert with decades of operational experience with the National Security Agency, US Navy, FBI Cyber Division, and other government mission groups. Chase is responsible for Ericom’s overall strategy and technology alignment. Chase was previously VP and Principal Analyst at Forrester Research; Director of Threat Intelligence for Armor; Director of Cyber Analytics for Decisive Analytics; and Chief Cryptologic Technician, US Navy. He’s author of the Cynja series and Cyber Warfare: Truth, Tactics, and Strategies. IPA is a non-profit organization dedicated to exploring the role of information activities, such as influence and cognitive security, within the national security sector and helping to bridge the divide between operations and research. Its goal is to increase interdisciplinary collaboration between scholars and practitioners and policymakers with an interest in this domain. For more information, please contact us at communications@information-professionals.org Or, connect directly with The Cognitive Crucible podcast host, John Bicknell, on LinkedIn. Disclosure: As an Amazon Associate, 1) IPA earns from qualifying purchases, 2) IPA gets commissions for purchases made through links in this post
Jim and Jeff talk with Dr. Chase Cunningham, Chief Strategy Officer (CSO) at Ericom Software, about Zero Trust in the real world. Connect with Chase on LinkedIn: https://www.linkedin.com/in/dr-chase-cunningham-54b26243/ Read Chase's book: https://www.amazon.com/dp/B084ZN2HBD/ref=dp-kindle-redirect?_encoding=UTF8&btkr=1 Learn more about Ericom Software: https://www.ericom.com/ Google BeyondCorp: https://cloud.google.com/beyondcorp Google BeyondCorp explainer video: Getting started with BeyondCorp: A deeper look into IAP Microsoft ZeroTrust: https://www.microsoft.com/en-us/security/business/zero-trust George Finney "Well Aware" (Book): https://www.amazon.com/dp/B08JHPNJ58/ref=dp-kindle-redirect?_encoding=UTF8&btkr=1 Connect with Jim and Jeff on LinkedIn here: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show at www.IdentityAtTheCenter.comand follow @IDACPodcast on Twitter. --- Send in a voice message: https://anchor.fm/identity-at-the-center/message
Ericom Software is a leading provider of Zero Trust secure access solutions that protect organizations from advanced cybersecurity threats. Leveraging innovative isolation capabilities and multiple secure remote access technologies, Ericom solutions enable secure policy-driven access to mission-critical cloud and on-premises business systems and resources, including the public Internet, without impacting end-user productivity. John Peterson joins me on the podcast to talk about the Application Isolator. I learn how it provides enterprise organizations with the capability to add zero-trust network access and micro-segmentation controls to their existing VPN infrastructure, offering an alternative to costly software-defined perimeter technology. John is a Michigan bred, 30-year serial entrepreneur, executive leader, technology evangelist, and innovator with small, medium, and large company experience. I have worked in numerous capacities that have included efforts in Research & Development, Technical Support, Sales Engineering, Product Management, Marketing and Product Marketing. I specialize in assisting companies in their growth efforts to go IPO. Throughout his 30-year career, Peterson has held leadership positions at multiple security companies, including a number of startups that he helped to scale and guide toward successful acquisitions or initial-public-offerings. Most recently, he was founding Chief Product Officer at cybersecurity innovator Stellar Cyber. Before Stellar Cyber, he was General Manager of Cybersecurity Products for Comodo and VP of Enterprise Technology at Barracuda. Earlier in his career, John held product and go-to-market roles at Juniper Networks, Fortinet, Websense (now Forcepoint), Montego Networks, and Netscreen.
Ericom Software is a leading provider of Zero Trust secure access solutions that protect organizations from advanced cybersecurity threats. Leveraging innovative isolation technology and software-defined perimeter principles, Ericom solutions enable simple, secure policy-driven access to mission-critical cloud and on-premises business systems and resources, including the public Internet, without impacting end-user productivity. John Peterson, Chief Product Officer of Ericom Software, joins me on Tech Talks Daily. He is responsible for product strategy and helping to define and support Ericom’s go-to-market activity. Most recently, he was founding Chief Product Officer at Stellar Cyber. In his 30-year career, John has held executive positions at Comodo, Barracuda, Juniper, Fortinet, Websense, Montego Networks, and Netscreen. He was a key member of four companies that went public and three that were acquired. John served as a United States Marine and holds multiple patents. We talk about Secure Access Service Edge (SASE) and how this new security concept can co-exist with Zero Trust. SASE can be thought of as a unified vision on how an organization can achieve Zero Trust for their network, and based on the fact that networks have changed, the security that protects them must change as well. This integration streamlines processing simplifies access and reduces latency while enforcing security. It also requires a network and network security architectures to be rethought and rebuilt from the ground up. I also learn how SASE can greatly improve network security without burdening the user.
Recorded Future - Inside Threat Intelligence for Cyber Security
As many organizations accelerate their move to the cloud — thanks in no small part to the global pandemic and the shift to working from home — the adoption of SASE protocols is proving attractive. SASE stands for Secure Access Service Edge, but as with most of these technologies, there’s more to it than that. Joining us this week to help our understanding of SASE is John Peterson, chief product officer at Ericom Software. We discuss the motivations for the industry’s move toward SASE, the potential pros and cons, as well as what kinds of businesses it is best suited for. In addition, John shares his views on leadership and what he looks for when hiring members of his team.
As many organizations accelerate their move to the cloud — thanks in no small part to the global pandemic and the shift to working from home — the adoption of SASE protocols is proving attractive. SASE stands for Secure Access Service Edge, but as with most of these technologies, there's more to it than that. Joining us this week to help our understanding of SASE is John Peterson, chief product officer at Ericom Software. We discuss the motivations for the industry's move toward SASE, the potential pros and cons, as well as what kinds of businesses it is best suited for. In addition, John shares his views on leadership and what he looks for when hiring members of his team.
Recorded Future - Inside Threat Intelligence for Cyber Security
Our guest today is Nick Kael. He’s chief technology officer at Ericom Software, a company that provides secure web isolation and remote application access software and cloud services. In our conversation, Nick shares his professional journey, including the important lessons his experience in the U.S. military have provided. We’ll learn about his leadership style, his take on threat intelligence, what he looks for when hiring, and his approach to his day-to-day responsibilities.
Our guest today is Nick Kael. He's chief technology officer at Ericom Software, a company that provides secure web isolation and remote application access software and cloud services. In our conversation, Nick shares his professional journey, including the important lessons his experience in the U.S. military have provided. We'll learn about his leadership style, his take on threat intelligence, what he looks for when hiring, and his approach to his day-to-day responsibilities.
This week, we interview Gururaj Pandurangi, Founder and CEO at Cloudneeti, to discuss Continuous Cloud Assurance! Gururaj Pandurangi is a founder and CEO of Cloudneeti, a software-as-a-service company focused on continuous cloud security, data privacy and compliance assurance. Gururaj has 20 years of professional experience, a good portion of it as an early adopter of cloud technologies and building global scale cloud products like Windows Live, Bing platform, Consumer Identity and Federations. Paul Asadoorian and Matt Alderman recorded interviews with the following vendors at RSA Conference 2019: - Venafi - XM Cyber - Onapsis Paul Asadoorian and Matt Alderman recap RSA Conference 2019, including their briefings with: - 42Crunch - Baffle - CyberInt - Eclypsium - Ericom Software - Lacework - Radware - RiskRecon and More! To learn more about Cloudneeti, visit: https://securityweekly.com/cloudneeti Full Show Notes: https://wiki.securityweekly.com/ES_Episode129 Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we interview Gururaj Pandurangi, Founder and CEO at Cloudneeti, to discuss Continuous Cloud Assurance! Gururaj Pandurangi is a founder and CEO of Cloudneeti, a software-as-a-service company focused on continuous cloud security, data privacy and compliance assurance. Gururaj has 20 years of professional experience, a good portion of it as an early adopter of cloud technologies and building global scale cloud products like Windows Live, Bing platform, Consumer Identity and Federations. Paul Asadoorian and Matt Alderman recorded interviews with the following vendors at RSA Conference 2019: - Venafi - XM Cyber - Onapsis Paul Asadoorian and Matt Alderman recap RSA Conference 2019, including their briefings with: - 42Crunch - Baffle - CyberInt - Eclypsium - Ericom Software - Lacework - Radware - RiskRecon and More! To learn more about Cloudneeti, visit: https://securityweekly.com/cloudneeti Full Show Notes: https://wiki.securityweekly.com/ES_Episode129 Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Paul Asadoorian and Matt Alderman recap RSA Conference 2019, including their briefings with: - 42Crunch - Baffle - CyberInt - Eclypsium - Ericom Software - Lacework - Radware - RiskRecon and More! Full Show Notes: https://wiki.securityweekly.com/ES_Episode129 Visit http://securityweekly.com/esw for all the latest episodes!
Paul Asadoorian and Matt Alderman recap RSA Conference 2019, including their briefings with: - 42Crunch - Baffle - CyberInt - Eclypsium - Ericom Software - Lacework - Radware - RiskRecon and More! Full Show Notes: https://wiki.securityweekly.com/ES_Episode129 Visit http://securityweekly.com/esw for all the latest episodes!
Panel: Aimee Knight Charles Max Wood Christopher Ferdinandi (Boston) Special Guests: Dan Shappir (Tel Aviv) In this episode, the panel talks with Dan Shappir who is a computer software developer and performance specialist at Wix.com. As Dan states, his job is to make 100 million websites (hosted on the Wix platform) load and execute faster! Past employment includes working for companies, such as: Ericom, Ericom Software, and BackWeb. He studied at Technion Institute of Management and currently lives in Tel Aviv, Israel. The panel talks about web performance API among other things. Check it out! Show Topics: 1:29 – Charles: Let us know who you are and why you’re famous! 1:39 – “Hello!” from Dan Shappir. 2:25 – Charles: You should say that you go to EACH site EVERY day out of the millions of sites out there. 2:53 – Charles: My mom mentioned Wix to me at first. My mom teaches High School Math. 3:16 – Dan: Yes that is our mission statement. That everyone can get a website without the knowledge of how to build a website. 3:52 – Aimee makes her comments. 3:59 – Dan: On our platform we try to offer people flexibility. There are bounds and limits, but people can do their very own thing, though. To make Wix faster because as we add more features and functionality that is our goal. 4:40 – Chuck: Okay, I know how to make X perform a little bit better. You are looking at a platform that controls TONS of sites, how do you even go about that? 4:58 – Dan: It is more difficult then that. We have millions of users leveraging the platform but there are a lot of developers in Wix who are developing the platform. I don’t think anyone at Wix has a total grasp of the complexity of the platform that we built. We have hundreds of frontend people working on our platform. All of them have pieces to the kingdom. We have processes in place with code reviews and whatnot, but there is so much going on. There is a change every 2 minutes, 24/7. We need to make sure progressing instead of regressing. 6:54 – Aimee: I think it was interesting in one of the links you sent over. Because you know when something is getting worse you consider that a bug. 7:15 – Dan: It is more than a bug because if we see regression in performance then that is a problem. I can literally see any part of the organization and say, “stop” if it will 7:57 – Chuck: We are talking about performance, but what does that mean? What measures are there? 8:15: Dan: We are looking at performance can mean different things in different contents. User sites, for example, most important aspect is load time. How quickly the page loads and gets open to the viewer to that specific site. When they click something they want it instantly and no drag time. It does change in different contexts. 9:58 – Chuck: People do talk about load time. People have different definitions of it. 10:12: Dan: Excellent question. When you look at the different sites through Wix. Different people who build sites – load time can mean something else to everybody. It can mean when you see the MAIN text or the MAIN image. If it’s on an ECON site then how soon can they purchase or on a booking site, how long can the person book X product. I heard someone at a conference say that load time is when: HERO TEXT And HERO IMAGE are displayed. 12:14 – Chuck: What is faster React or Vue? 12:21 – NEW HOST: Not sure. It all depends. 12:34 – Dan: We are big into React. We are one of the big React users outside of Facebook. I joined Wix four years ago, and even back then we were rebuilding our framework using React. One of our main modifications is because we wanted to do server-side rendered. 13:27 – Christopher asks Dan a question. 14:16 – Dan: We are in transition in this regard. Before we were totally client-site rendered, and that was the case until middle of last year. Then we deployed... Dan: We are 100% server-side rendered now. Some things we are still using JavaScript. We have another project going on now and it’s fully CSS, and little JavaScript as possible. What you might want to do with that site is... You might get in a few months every Wix site will be visible even if JavaScript is disabled. 16:26 – Aimee adds in her comments and observations to this topic. 16:55 – Dan: We don’t want things displayed incorrectly before it lays out. We hide the content while it’s downloading then make it visible. They lay-outing are done faster, because... 17:44 – Christopher asks Dan a question. 18:04 – Dan: I got into API... Either you are moving forward or are you moving back. AKA – You are either progressing or regressing. Different stages: 1.) Development stage 2.) Pre-Production (automated tools that check the performance with specific use cases) 3.) Check it out! It’s beneficial to use these APIs. 21:11 – Christopher: What is performance APIs? 21:38 – Dan: There is a working group – Todd from Microsoft and others who are exposing the information (that is available in the browser) out into the browser. When the browser downloads a certain source (image, font, etc.) it can measure the various stages of downloading that feature. You have these different sages of downloading this resource. The browser can measure each of these stages and then expose them to you. Basically it’s for the browser to expose this information to you and in a way that is coherent and uniform. It essentially maintains this buffer that puts performance entries sequentially. Dan continues explaining this topic in detail. 25:55 – Dan: You have this internal buffer... 28:45 – Advertisement – Sentry – They support opensource. 29:39 – Christopher: everything you are saying seems that I can use this or that tab right now... Why would I prefer the API to something visual, hypothetically? 30:03 – Dan: Three Different Stages. (See above.) This information is very, very helpful during the developmental stage. Say you got a link from someone... Dan mentions: Performance.mark 34:04 – Aimee: When you were talking about resource-ends. Many people don’t know what this is. Can you spend 2-3 minutes about how you guys are using these? Are there people can add for big bang for their buck? 34:41 – Dan: This might want to be a topic for its own podcast show. Dan gives a definition of what a resource-end means. Go back to fonts as an example. Pre-connect for example, too. 39:03 – Dan: Like I said, it’s a huge topic. You have to exercise some care. Bandwidth is limited. Make sure you aren’t blocking other resources that you do need right now. 40:02 – Aimee: Sounds like a lot of great things to tap into. Another question I have is about bundling. 40:27 – Dan: One of the things that we try to do (given that we are depending on the JavaScript we are downloading) we need to download JavaScript content to the client side. It has been shown often that JS is the most impactful resources that you need to download. You really want to be as smart as possible with that. What is even more challenging is the network protocols are changing. Dan continues to go in-depth about this topic. Dan: What we have found is that you want to strive to bundle resources together. 44:10 – Aimee: Makes sense. 44:15 – Dan continues talking about this topic. 45:23 – Chuck asks two questions. (First question is now and second question is at 51:32.) 2 Questions: 1. You gather information from web performance AI - What system is that? 45:42 – Dan: I am not the expert in that. I will try not to give misleading information. Actually let me phrase it different. There are 3rd party tools that you can use leverage in your website. IF you are building for commercial reasons I highly recommend that you use performance-monitoring solution. I am not going to advertise one because there are tons out there. We ended up rolling out our own infrastructure because our use case is different than most. At a conference I talked with a vendor and we talked about... 51:32 – 2nd Question from Charles to Dan: Now you’ve gathered this information now what to you do? What patterns? What do you look for? And how do you decide to optimize things? 54:23 – Chuck: Back to that question, Dan. How should they react to it and what are they looking for 54:41 – Dan: Three main ways: 1.) Generate alerts 2.) See trends over long period of time 3.) Looking at real-time graphs. Frontend developer pro is that likely being woken up in the middle of the night is lower. We might be looking at the real time graph after we deployed... 57:31 – Advertisement – Get a Coder Job! 58:10 – Picks! Links: JavaScript jQuery React Elixir Elm Vue Wix Window Performance Web Performance Terra Genesis Terra Genesis: Space Colony The One Thing DevChat TV – YouTube GitHub: Off Side HBO: Insecure Wix: Engineering JavaScript Riddle JavaScript Riddles for Fun and for Profit Dan Shappir’s Twitter Dan Shappir’s LinkedIn Dan Shappir’s Crunch Base Dan Shappir’s GitHub Dan Shappir’s Talk through Fluent Dan Shappir’s Medium Dan Shappir’s YouTube Talk: JavaScript riddles for fun and profit Sponsors: Code Badges Kendo UI Sentry Digital Ocean Cache Fly Picks: Aimee: Waking up early! How to Deal with Dirty Side Effects in Your Pure Functional JavaScript Chris: Offside - Toomuchdesign Insecure TV Show Charles: Terraform - Game “The One Thing" Code Badge DevChat on YouTube Dan Wix Engineering JavaScript Riddle
Panel: Aimee Knight Charles Max Wood Christopher Ferdinandi (Boston) Special Guests: Dan Shappir (Tel Aviv) In this episode, the panel talks with Dan Shappir who is a computer software developer and performance specialist at Wix.com. As Dan states, his job is to make 100 million websites (hosted on the Wix platform) load and execute faster! Past employment includes working for companies, such as: Ericom, Ericom Software, and BackWeb. He studied at Technion Institute of Management and currently lives in Tel Aviv, Israel. The panel talks about web performance API among other things. Check it out! Show Topics: 1:29 – Charles: Let us know who you are and why you’re famous! 1:39 – “Hello!” from Dan Shappir. 2:25 – Charles: You should say that you go to EACH site EVERY day out of the millions of sites out there. 2:53 – Charles: My mom mentioned Wix to me at first. My mom teaches High School Math. 3:16 – Dan: Yes that is our mission statement. That everyone can get a website without the knowledge of how to build a website. 3:52 – Aimee makes her comments. 3:59 – Dan: On our platform we try to offer people flexibility. There are bounds and limits, but people can do their very own thing, though. To make Wix faster because as we add more features and functionality that is our goal. 4:40 – Chuck: Okay, I know how to make X perform a little bit better. You are looking at a platform that controls TONS of sites, how do you even go about that? 4:58 – Dan: It is more difficult then that. We have millions of users leveraging the platform but there are a lot of developers in Wix who are developing the platform. I don’t think anyone at Wix has a total grasp of the complexity of the platform that we built. We have hundreds of frontend people working on our platform. All of them have pieces to the kingdom. We have processes in place with code reviews and whatnot, but there is so much going on. There is a change every 2 minutes, 24/7. We need to make sure progressing instead of regressing. 6:54 – Aimee: I think it was interesting in one of the links you sent over. Because you know when something is getting worse you consider that a bug. 7:15 – Dan: It is more than a bug because if we see regression in performance then that is a problem. I can literally see any part of the organization and say, “stop” if it will 7:57 – Chuck: We are talking about performance, but what does that mean? What measures are there? 8:15: Dan: We are looking at performance can mean different things in different contents. User sites, for example, most important aspect is load time. How quickly the page loads and gets open to the viewer to that specific site. When they click something they want it instantly and no drag time. It does change in different contexts. 9:58 – Chuck: People do talk about load time. People have different definitions of it. 10:12: Dan: Excellent question. When you look at the different sites through Wix. Different people who build sites – load time can mean something else to everybody. It can mean when you see the MAIN text or the MAIN image. If it’s on an ECON site then how soon can they purchase or on a booking site, how long can the person book X product. I heard someone at a conference say that load time is when: HERO TEXT And HERO IMAGE are displayed. 12:14 – Chuck: What is faster React or Vue? 12:21 – NEW HOST: Not sure. It all depends. 12:34 – Dan: We are big into React. We are one of the big React users outside of Facebook. I joined Wix four years ago, and even back then we were rebuilding our framework using React. One of our main modifications is because we wanted to do server-side rendered. 13:27 – Christopher asks Dan a question. 14:16 – Dan: We are in transition in this regard. Before we were totally client-site rendered, and that was the case until middle of last year. Then we deployed... Dan: We are 100% server-side rendered now. Some things we are still using JavaScript. We have another project going on now and it’s fully CSS, and little JavaScript as possible. What you might want to do with that site is... You might get in a few months every Wix site will be visible even if JavaScript is disabled. 16:26 – Aimee adds in her comments and observations to this topic. 16:55 – Dan: We don’t want things displayed incorrectly before it lays out. We hide the content while it’s downloading then make it visible. They lay-outing are done faster, because... 17:44 – Christopher asks Dan a question. 18:04 – Dan: I got into API... Either you are moving forward or are you moving back. AKA – You are either progressing or regressing. Different stages: 1.) Development stage 2.) Pre-Production (automated tools that check the performance with specific use cases) 3.) Check it out! It’s beneficial to use these APIs. 21:11 – Christopher: What is performance APIs? 21:38 – Dan: There is a working group – Todd from Microsoft and others who are exposing the information (that is available in the browser) out into the browser. When the browser downloads a certain source (image, font, etc.) it can measure the various stages of downloading that feature. You have these different sages of downloading this resource. The browser can measure each of these stages and then expose them to you. Basically it’s for the browser to expose this information to you and in a way that is coherent and uniform. It essentially maintains this buffer that puts performance entries sequentially. Dan continues explaining this topic in detail. 25:55 – Dan: You have this internal buffer... 28:45 – Advertisement – Sentry – They support opensource. 29:39 – Christopher: everything you are saying seems that I can use this or that tab right now... Why would I prefer the API to something visual, hypothetically? 30:03 – Dan: Three Different Stages. (See above.) This information is very, very helpful during the developmental stage. Say you got a link from someone... Dan mentions: Performance.mark 34:04 – Aimee: When you were talking about resource-ends. Many people don’t know what this is. Can you spend 2-3 minutes about how you guys are using these? Are there people can add for big bang for their buck? 34:41 – Dan: This might want to be a topic for its own podcast show. Dan gives a definition of what a resource-end means. Go back to fonts as an example. Pre-connect for example, too. 39:03 – Dan: Like I said, it’s a huge topic. You have to exercise some care. Bandwidth is limited. Make sure you aren’t blocking other resources that you do need right now. 40:02 – Aimee: Sounds like a lot of great things to tap into. Another question I have is about bundling. 40:27 – Dan: One of the things that we try to do (given that we are depending on the JavaScript we are downloading) we need to download JavaScript content to the client side. It has been shown often that JS is the most impactful resources that you need to download. You really want to be as smart as possible with that. What is even more challenging is the network protocols are changing. Dan continues to go in-depth about this topic. Dan: What we have found is that you want to strive to bundle resources together. 44:10 – Aimee: Makes sense. 44:15 – Dan continues talking about this topic. 45:23 – Chuck asks two questions. (First question is now and second question is at 51:32.) 2 Questions: 1. You gather information from web performance AI - What system is that? 45:42 – Dan: I am not the expert in that. I will try not to give misleading information. Actually let me phrase it different. There are 3rd party tools that you can use leverage in your website. IF you are building for commercial reasons I highly recommend that you use performance-monitoring solution. I am not going to advertise one because there are tons out there. We ended up rolling out our own infrastructure because our use case is different than most. At a conference I talked with a vendor and we talked about... 51:32 – 2nd Question from Charles to Dan: Now you’ve gathered this information now what to you do? What patterns? What do you look for? And how do you decide to optimize things? 54:23 – Chuck: Back to that question, Dan. How should they react to it and what are they looking for 54:41 – Dan: Three main ways: 1.) Generate alerts 2.) See trends over long period of time 3.) Looking at real-time graphs. Frontend developer pro is that likely being woken up in the middle of the night is lower. We might be looking at the real time graph after we deployed... 57:31 – Advertisement – Get a Coder Job! 58:10 – Picks! Links: JavaScript jQuery React Elixir Elm Vue Wix Window Performance Web Performance Terra Genesis Terra Genesis: Space Colony The One Thing DevChat TV – YouTube GitHub: Off Side HBO: Insecure Wix: Engineering JavaScript Riddle JavaScript Riddles for Fun and for Profit Dan Shappir’s Twitter Dan Shappir’s LinkedIn Dan Shappir’s Crunch Base Dan Shappir’s GitHub Dan Shappir’s Talk through Fluent Dan Shappir’s Medium Dan Shappir’s YouTube Talk: JavaScript riddles for fun and profit Sponsors: Code Badges Kendo UI Sentry Digital Ocean Cache Fly Picks: Aimee: Waking up early! How to Deal with Dirty Side Effects in Your Pure Functional JavaScript Chris: Offside - Toomuchdesign Insecure TV Show Charles: Terraform - Game “The One Thing" Code Badge DevChat on YouTube Dan Wix Engineering JavaScript Riddle
Panel: Aimee Knight Charles Max Wood Christopher Ferdinandi (Boston) Special Guests: Dan Shappir (Tel Aviv) In this episode, the panel talks with Dan Shappir who is a computer software developer and performance specialist at Wix.com. As Dan states, his job is to make 100 million websites (hosted on the Wix platform) load and execute faster! Past employment includes working for companies, such as: Ericom, Ericom Software, and BackWeb. He studied at Technion Institute of Management and currently lives in Tel Aviv, Israel. The panel talks about web performance API among other things. Check it out! Show Topics: 1:29 – Charles: Let us know who you are and why you’re famous! 1:39 – “Hello!” from Dan Shappir. 2:25 – Charles: You should say that you go to EACH site EVERY day out of the millions of sites out there. 2:53 – Charles: My mom mentioned Wix to me at first. My mom teaches High School Math. 3:16 – Dan: Yes that is our mission statement. That everyone can get a website without the knowledge of how to build a website. 3:52 – Aimee makes her comments. 3:59 – Dan: On our platform we try to offer people flexibility. There are bounds and limits, but people can do their very own thing, though. To make Wix faster because as we add more features and functionality that is our goal. 4:40 – Chuck: Okay, I know how to make X perform a little bit better. You are looking at a platform that controls TONS of sites, how do you even go about that? 4:58 – Dan: It is more difficult then that. We have millions of users leveraging the platform but there are a lot of developers in Wix who are developing the platform. I don’t think anyone at Wix has a total grasp of the complexity of the platform that we built. We have hundreds of frontend people working on our platform. All of them have pieces to the kingdom. We have processes in place with code reviews and whatnot, but there is so much going on. There is a change every 2 minutes, 24/7. We need to make sure progressing instead of regressing. 6:54 – Aimee: I think it was interesting in one of the links you sent over. Because you know when something is getting worse you consider that a bug. 7:15 – Dan: It is more than a bug because if we see regression in performance then that is a problem. I can literally see any part of the organization and say, “stop” if it will 7:57 – Chuck: We are talking about performance, but what does that mean? What measures are there? 8:15: Dan: We are looking at performance can mean different things in different contents. User sites, for example, most important aspect is load time. How quickly the page loads and gets open to the viewer to that specific site. When they click something they want it instantly and no drag time. It does change in different contexts. 9:58 – Chuck: People do talk about load time. People have different definitions of it. 10:12: Dan: Excellent question. When you look at the different sites through Wix. Different people who build sites – load time can mean something else to everybody. It can mean when you see the MAIN text or the MAIN image. If it’s on an ECON site then how soon can they purchase or on a booking site, how long can the person book X product. I heard someone at a conference say that load time is when: HERO TEXT And HERO IMAGE are displayed. 12:14 – Chuck: What is faster React or Vue? 12:21 – NEW HOST: Not sure. It all depends. 12:34 – Dan: We are big into React. We are one of the big React users outside of Facebook. I joined Wix four years ago, and even back then we were rebuilding our framework using React. One of our main modifications is because we wanted to do server-side rendered. 13:27 – Christopher asks Dan a question. 14:16 – Dan: We are in transition in this regard. Before we were totally client-site rendered, and that was the case until middle of last year. Then we deployed... Dan: We are 100% server-side rendered now. Some things we are still using JavaScript. We have another project going on now and it’s fully CSS, and little JavaScript as possible. What you might want to do with that site is... You might get in a few months every Wix site will be visible even if JavaScript is disabled. 16:26 – Aimee adds in her comments and observations to this topic. 16:55 – Dan: We don’t want things displayed incorrectly before it lays out. We hide the content while it’s downloading then make it visible. They lay-outing are done faster, because... 17:44 – Christopher asks Dan a question. 18:04 – Dan: I got into API... Either you are moving forward or are you moving back. AKA – You are either progressing or regressing. Different stages: 1.) Development stage 2.) Pre-Production (automated tools that check the performance with specific use cases) 3.) Check it out! It’s beneficial to use these APIs. 21:11 – Christopher: What is performance APIs? 21:38 – Dan: There is a working group – Todd from Microsoft and others who are exposing the information (that is available in the browser) out into the browser. When the browser downloads a certain source (image, font, etc.) it can measure the various stages of downloading that feature. You have these different sages of downloading this resource. The browser can measure each of these stages and then expose them to you. Basically it’s for the browser to expose this information to you and in a way that is coherent and uniform. It essentially maintains this buffer that puts performance entries sequentially. Dan continues explaining this topic in detail. 25:55 – Dan: You have this internal buffer... 28:45 – Advertisement – Sentry – They support opensource. 29:39 – Christopher: everything you are saying seems that I can use this or that tab right now... Why would I prefer the API to something visual, hypothetically? 30:03 – Dan: Three Different Stages. (See above.) This information is very, very helpful during the developmental stage. Say you got a link from someone... Dan mentions: Performance.mark 34:04 – Aimee: When you were talking about resource-ends. Many people don’t know what this is. Can you spend 2-3 minutes about how you guys are using these? Are there people can add for big bang for their buck? 34:41 – Dan: This might want to be a topic for its own podcast show. Dan gives a definition of what a resource-end means. Go back to fonts as an example. Pre-connect for example, too. 39:03 – Dan: Like I said, it’s a huge topic. You have to exercise some care. Bandwidth is limited. Make sure you aren’t blocking other resources that you do need right now. 40:02 – Aimee: Sounds like a lot of great things to tap into. Another question I have is about bundling. 40:27 – Dan: One of the things that we try to do (given that we are depending on the JavaScript we are downloading) we need to download JavaScript content to the client side. It has been shown often that JS is the most impactful resources that you need to download. You really want to be as smart as possible with that. What is even more challenging is the network protocols are changing. Dan continues to go in-depth about this topic. Dan: What we have found is that you want to strive to bundle resources together. 44:10 – Aimee: Makes sense. 44:15 – Dan continues talking about this topic. 45:23 – Chuck asks two questions. (First question is now and second question is at 51:32.) 2 Questions: 1. You gather information from web performance AI - What system is that? 45:42 – Dan: I am not the expert in that. I will try not to give misleading information. Actually let me phrase it different. There are 3rd party tools that you can use leverage in your website. IF you are building for commercial reasons I highly recommend that you use performance-monitoring solution. I am not going to advertise one because there are tons out there. We ended up rolling out our own infrastructure because our use case is different than most. At a conference I talked with a vendor and we talked about... 51:32 – 2nd Question from Charles to Dan: Now you’ve gathered this information now what to you do? What patterns? What do you look for? And how do you decide to optimize things? 54:23 – Chuck: Back to that question, Dan. How should they react to it and what are they looking for 54:41 – Dan: Three main ways: 1.) Generate alerts 2.) See trends over long period of time 3.) Looking at real-time graphs. Frontend developer pro is that likely being woken up in the middle of the night is lower. We might be looking at the real time graph after we deployed... 57:31 – Advertisement – Get a Coder Job! 58:10 – Picks! Links: JavaScript jQuery React Elixir Elm Vue Wix Window Performance Web Performance Terra Genesis Terra Genesis: Space Colony The One Thing DevChat TV – YouTube GitHub: Off Side HBO: Insecure Wix: Engineering JavaScript Riddle JavaScript Riddles for Fun and for Profit Dan Shappir’s Twitter Dan Shappir’s LinkedIn Dan Shappir’s Crunch Base Dan Shappir’s GitHub Dan Shappir’s Talk through Fluent Dan Shappir’s Medium Dan Shappir’s YouTube Talk: JavaScript riddles for fun and profit Sponsors: Code Badges Kendo UI Sentry Digital Ocean Cache Fly Picks: Aimee: Waking up early! How to Deal with Dirty Side Effects in Your Pure Functional JavaScript Chris: Offside - Toomuchdesign Insecure TV Show Charles: Terraform - Game “The One Thing" Code Badge DevChat on YouTube Dan Wix Engineering JavaScript Riddle
Danny Miller, the Director of Product Marketing at Ericom Software, joins us to discuss how enterprises can protect themselves by utilizing isolated browsing and other techniques! Full Show Notes: https://wiki.securityweekly.com/Episode524 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly
Danny Miller, the Director of Product Marketing at Ericom Software, joins us to discuss how enterprises can protect themselves by utilizing isolated browsing and other techniques! Full Show Notes: https://wiki.securityweekly.com/Episode524 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly
Danny Miller of Ericom Software joins us, Larry and his intern Galen Alderson exfiltrate data from networks with inexpensive hardware, and we discuss the latest security news! Full Show Notes: https://wiki.securityweekly.com/Episode524 Visit https://www.securityweekly.com for all the latest episodes!
Danny Miller of Ericom Software joins us, Larry and his intern Galen Alderson exfiltrate data from networks with inexpensive hardware, and we discuss the latest security news! Full Show Notes: https://wiki.securityweekly.com/Episode524 Visit https://www.securityweekly.com for all the latest episodes!