Podcasts about noname security

This week, Adrian and Tyler discuss some crazy rumors - is it really possible that a cloud security startup valued at over $8 billion in November 2021 just got bought for $200 million??? Some healthy funding for Cyera and Cohesity ($300m and $150m, respectively) Onum, Alethea, Sprinto, Andesite AI, StrikeReady, YL-Backed Miggo, Nymiz, Salvador Technologies, and Simbian all raise smaller seed, A, or B rounds. Akamai picks up API security startup, Noname Security, Zscaler picks up Airgap networks, and it's rumored that Armis will acquire Silk Security for $150M. LimaCharlie seems to be doing some vertical growth, adding its own response and automation capabilities (what they call "bi-directional" capabilities). CISA releases a malware analysis system to the general public. Boostsecurity.io releases "poutine", an open source CI/CD pipeline vulnerability scanner. Some great essays this week, with Phil Venables' Letter from the Future, Ben Hawkes' Robots Dream of Root Shells, and Aileen Lee's 10 year Unicorn anniversary piece. We briefly discuss the 3rd party breach that affected Cisco Duo customers, and the financial impact of Change Healthcare's highly disruptive ransomware incident. Finally, we talk about the latest research on the security of LLMs and the apps using them. It's not looking great. For more details, check out the show notes here: https://www.scmagazine.com/podcast-episode/3188-enterprise-security-weekly-358 Show Notes: https://securityweekly.com/esw-358

This week, Adrian and Tyler discuss some crazy rumors - is it really possible that a cloud security startup valued at over $8 billion in November 2021 just got bought for $200 million??? Some healthy funding for Cyera and Cohesity ($300m and $150m, respectively) Onum, Alethea, Sprinto, Andesite AI, StrikeReady, YL-Backed Miggo, Nymiz, Salvador Technologies, and Simbian all raise smaller seed, A, or B rounds. Akamai picks up API security startup, Noname Security, Zscaler picks up Airgap networks, and it's rumored that Armis will acquire Silk Security for $150M. LimaCharlie seems to be doing some vertical growth, adding its own response and automation capabilities (what they call "bi-directional" capabilities). CISA releases a malware analysis system to the general public. Boostsecurity.io releases "poutine", an open source CI/CD pipeline vulnerability scanner. Some great essays this week, with Phil Venables' Letter from the Future, Ben Hawkes' Robots Dream of Root Shells, and Aileen Lee's 10 year Unicorn anniversary piece. We briefly discuss the 3rd party breach that affected Cisco Duo customers, and the financial impact of Change Healthcare's highly disruptive ransomware incident. Finally, we talk about the latest research on the security of LLMs and the apps using them. It's not looking great. For more details, check out the show notes here: https://www.scmagazine.com/podcast-episode/3188-enterprise-security-weekly-358 Show Notes: https://securityweekly.com/esw-358

This week, we discuss OpenTofu's response to Hashicorp, Salesforce potentially acquiring Informatica and the latest Kubernetes Market Size from IDC. Plus, when will Enterprise A.I. improve the DMV experience? Watch the YouTube Live Recording of Episode (https://www.youtube.com/watch?v=P7Yvt-NtjVc) 463 (https://www.youtube.com/watch?v=P7Yvt-NtjVc) Runner-up Titles The fun run was fun. You don't have to pay for this, just glue it together with a couple of bash scripts. The Phish are biting Everything's cool zone Words that rhyme with “acquisation” Maybe AI can find it The market for products that start with “K” I like hotdogs Don't do the values, just the fun facts Rundown An Interview with Google Cloud CEO Thomas Kurian About Google's Enterprise AI Strategy (https://stratechery.com/2024/an-interview-with-google-cloud-ceo-thomas-kurian-about-googles-enterprise-ai-strategy/) OpenTofu responds to Hashicorp Our Response to Hashicorp's Cease and Desist Letter | OpenTofu (https://opentofu.org/blog/our-response-to-hashicorps-cease-and-desist/) Matt Asay response Tweet (https://twitter.com/mjasay/status/1778454498664690108) Adam Jacob take (https://twitter.com/adamhjk/status/1778470920094691625) Salesforce in Advanced Talks to Buy Informatica (https://www.wsj.com/tech/salesforce-in-advanced-talks-to-buy-informatica-ba9ec09c?mod=tech_lead_story&utm_source=newsletter&utm_medium=email&utm_campaign=newsletter_axiosprorata&stream=top) 451 Research's kubernetes market-sizing ($2.85 billion in 2028) (https://clients.451research.com/reportaction/203924/Toc?ref=PCN%20email) Exclusive: API startup Noname Security nears $500M deal to sell itself to Akamai (https://techcrunch.com/2024/04/12/akamai-acquisition-talks-noname-security/) Relevant to your Interests Introducing Our Next Generation Infrastructure for AI | Meta (https://about.fb.com/news/2024/04/introducing-our-next-generation-infrastructure-for-ai/?utm_campaign=%5BREBRAND%5D+%5BTI-AM%5D+Th&utm_content=1095&utm_medium=email&utm_source=cio&utm_term=124) ISPs roll out mandatory broadband 'nutrition' labels that show speeds, fees and data allowances (https://www.engadget.com/isps-roll-out-mandatory-broadband-nutrition-labels-that-show-speeds-fees-and-data-allowances-103832369.html) How ZIRP benefited hyperscaler revenue (https://twitter.com/treiner5/status/1778403310871179678) Platformonomics - Follow the CAPEX: The Clown Car Race Checkered Flag (https://platformonomics.com/2024/04/follow-the-capex-the-clown-car-race-checkered-flag/) Splunk vs Cribl Lawsuit of Terms Violating Enterprise License (https://cybersecuritynews.com/splunk-vs-cribl-lawsuit/) It's easy to bash tech, but I've started taking robotaxis — and they're awesome (https://www.businessinsider.com/waymo-self-driving-robotaxi-cars-without-drivers-amazing-tech-review-2024-4) Citi slashes 110 apps: Next up... Data transformation (https://www.thestack.technology/citi-data-transformation-2024/) Microsoft Makes High-Stakes Play in Tech Cold War With Emirati A.I. Deal (https://www.nytimes.com/2024/04/16/technology/microsoft-g42-uae-ai.html?utm_source=newsletter&utm_medium=email&utm_campaign=newsletter_axiosprorata&stream=top) Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack (https://thehackernews.com/2024/04/widely-used-putty-ssh-client-found.html) Meta's Oversight Board probes explicit AI-generated images posted on Instagram and Facebook | TechCrunch (https://techcrunch.com/2024/04/16/metas-oversight-board-probes-explicit-ai-generated-images-posted-on-instagram-and-facebook/?_hsmi=302971940) New UK law targets “despicable individuals” who create AI sex deepfakes (https://arstechnica.com/information-technology/2024/04/uk-seeks-to-criminalize-creation-of-sexually-explicit-ai-deepfake-images-without-consent/?_hsmi=302971940) Third-party iPhone app store AltStore PAL is now live in Europe (https://www.theverge.com/24100464/altstore-pal-dma-eu-launch-delta-nintendo-emulator-clip-clipboard-manager) Linux Foundation leads the fight against fauxpen source (https://www.theregister.com/2024/04/12/linux_foundation_opinion/) Enterprise Nonsense How to setup your own Database as a Service (DBaaS) for RabbitMQ, MySQL, Postgres, Redis (https://youtu.be/FBvQRpZYSXw?si=BAtYDg4ImZDgYxea) Listener Feedback Amazon.com: Sink Soap Dispenser (https://www.amazon.com/dp/B07SJ8SQ6Q?ref=ppx_pop_mob_ap_share) Grip Case for Nintendo Switch Lite (https://www.amazon.com/gp/product/B08DVCCWXH/ref=ppx_yo_dt_b_search_asin_title?ie=UTF8&th=1) Andrew Shafer owns an All American Burger? (http://All> American Burger - Tucson, AZ) Conferences Open Source Summit North America (https://events.linuxfoundation.org/open-source-summit-north-america/), Seattle April 16-18. Matt's speaking. NDC Oslo (https://substack.com/redirect/8de3819c-db2b-47c8-bd7a-f0a40103de9e?j=eyJ1IjoiMmQ0byJ9.QKaKsDzwnXK5ipYhX0mLOvRP3vpk_3o2b5dd3FXmAkw), Coté speaking (https://substack.com/redirect/41e821af-36ba-4dbb-993c-20755d5f040a?j=eyJ1IjoiMmQ0byJ9.QKaKsDzwnXK5ipYhX0mLOvRP3vpk_3o2b5dd3FXmAkw), June 12th. DevOpsDays Amsterdam (https://devopsdays.org/events/2024-amsterdam/welcome/), June 19-21, 2024, Coté speaking. DevOpsDays Birmingham, August 19–21, 2024 (https://devopsdays.org/events/2024-birmingham-al/welcome/). SDT news & hype Join us in Slack (http://www.softwaredefinedtalk.com/slack). Get a SDT Sticker! Send your postal address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) and we will send you free laptop stickers! Follow us: Twitch (https://www.twitch.tv/sdtpodcast), Twitter (https://twitter.com/softwaredeftalk), Instagram (https://www.instagram.com/softwaredefinedtalk/), Mastodon (https://hachyderm.io/@softwaredefinedtalk), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk), Threads (https://www.threads.net/@softwaredefinedtalk) and YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured). Use the code SDT to get $20 off Coté's book, Digital WTF (https://leanpub.com/digitalwtf/c/sdt), so $5 total. Become a sponsor of Software Defined Talk (https://www.softwaredefinedtalk.com/ads)! Recommendations Brandon: Discovering the XZ Backdoor with Andres Freund / Oxide (https://oxide.computer/podcasts/oxide-and-friends/1843393) Civil War (https://www.rottentomatoes.com/m/civil_war_2024) Matt: Ostrich travel pillow (https://amzn.to/3Jm4ixF) H (https://www.heb.com/product-detail/optic-shop-pro-sleep-blindfold-sleeping-mask-each/6176002)- (https://www.heb.com/product-detail/optic-shop-pro-sleep-blindfold-sleeping-mask-each/6176002)E (https://www.heb.com/product-detail/optic-shop-pro-sleep-blindfold-sleeping-mask-each/6176002)- (https://www.heb.com/product-detail/optic-shop-pro-sleep-blindfold-sleeping-mask-each/6176002)B Pro-Sleep Mask (https://www.heb.com/product-detail/optic-shop-pro-sleep-blindfold-sleeping-mask-each/6176002) Coté: Continuity Camera (https://support.apple.com/en-us/102546), kibbeling (https://en.wikipedia.org/wiki/Kibbeling). Photo Credits Header (https://unsplash.com/photos/six-black-and-yellow-fishing-rod-in-boat-UivGzIDhVyw) Artwork (https://opentofu.org/blog/our-response-to-hashicorps-cease-and-desist/)

Protecting a normal enterprise environment is already difficult. What must it be like protecting a sports team? From the stadium to merch sales to protecting team strategies and even the players - securing an professional sports team and its brand is a cybersecurity challenge on a whole different level. In this interview, we'll talk to Joe McMann about how Binary Defense helps to protect the Cleveland Browns and other professional sports teams. This week, Adrian and Tyler discuss some crazy rumors - is it really possible that a cloud security startup valued at over $8 billion in November 2021 just got bought for $200 million??? Some healthy funding for Cyera and Cohesity ($300m and $150m, respectively) Onum, Alethea, Sprinto, Andesite AI, StrikeReady, YL-Backed Miggo, Nymiz, Salvador Technologies, and Simbian all raise smaller seed, A, or B rounds. Akamai picks up API security startup, Noname Security, Zscaler picks up Airgap networks, and it's rumored that Armis will acquire Silk Security for $150M. LimaCharlie seems to be doing some vertical growth, adding its own response and automation capabilities (what they call "bi-directional" capabilities). CISA releases a malware analysis system to the general public. Boostsecurity.io releases "poutine", an open source CI/CD pipeline vulnerability scanner. Some great essays this week, with Phil Venables' Letter from the Future, Ben Hawkes' Robots Dream of Root Shells, and Aileen Lee's 10 year Unicorn anniversary piece. We briefly discuss the 3rd party breach that affected Cisco Duo customers, and the financial impact of Change Healthcare's highly disruptive ransomware incident. Finally, we talk about the latest research on the security of LLMs and the apps using them. It's not looking great. For more details, check out the show notes here: https://www.scmagazine.com/podcast-episode/3188-enterprise-security-weekly-358 Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-358

Protecting a normal enterprise environment is already difficult. What must it be like protecting a sports team? From the stadium to merch sales to protecting team strategies and even the players - securing an professional sports team and its brand is a cybersecurity challenge on a whole different level. In this interview, we'll talk to Joe McMann about how Binary Defense helps to protect the Cleveland Browns and other professional sports teams. This week, Adrian and Tyler discuss some crazy rumors - is it really possible that a cloud security startup valued at over $8 billion in November 2021 just got bought for $200 million??? Some healthy funding for Cyera and Cohesity ($300m and $150m, respectively) Onum, Alethea, Sprinto, Andesite AI, StrikeReady, YL-Backed Miggo, Nymiz, Salvador Technologies, and Simbian all raise smaller seed, A, or B rounds. Akamai picks up API security startup, Noname Security, Zscaler picks up Airgap networks, and it's rumored that Armis will acquire Silk Security for $150M. LimaCharlie seems to be doing some vertical growth, adding its own response and automation capabilities (what they call "bi-directional" capabilities). CISA releases a malware analysis system to the general public. Boostsecurity.io releases "poutine", an open source CI/CD pipeline vulnerability scanner. Some great essays this week, with Phil Venables' Letter from the Future, Ben Hawkes' Robots Dream of Root Shells, and Aileen Lee's 10 year Unicorn anniversary piece. We briefly discuss the 3rd party breach that affected Cisco Duo customers, and the financial impact of Change Healthcare's highly disruptive ransomware incident. Finally, we talk about the latest research on the security of LLMs and the apps using them. It's not looking great. For more details, check out the show notes here: https://www.scmagazine.com/podcast-episode/3188-enterprise-security-weekly-358 Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-358

Karl Mattson, CISO at Noname Security, joins us to share his story. Having started out as a "military brat," traveling the world as the child of a Marine, Karl later joined the Army not long after high school. In the Army, Karl was assigned the career field of intelligence analyst and started working with the NSA. He says that was a real career break. Following the Army, Karl worked in the financial services world as a CISO. At Noname, Karl began by building out internal risk and IT functions into a strong, what he calls spectacular team. Karl recommends "deferring gratification as long as possible" when building your career. He says, "People early in their career, looking at government service, those positions don't, you know, make anybody rich overnight, but they are amazing career cornerstones to build on." He closes sharing the importance of relationships. We thank Karl for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

Karl Mattson, CISO at Noname Security, joins us to share his story. Having started out as a "military brat," traveling the world as the child of a Marine, Karl later joined the Army not long after high school. In the Army, Karl was assigned the career field of intelligence analyst and started working with the NSA. He says that was a real career break. Following the Army, Karl worked in the financial services world as a CISO. At Noname, Karl began by building out internal risk and IT functions into a strong, what he calls spectacular team. Karl recommends "deferring gratification as long as possible" when building your career. He says, "People early in their career, looking at government service, those positions don't, you know, make anybody rich overnight, but they are amazing career cornerstones to build on." He closes sharing the importance of relationships. We thank Karl for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

API attacks are on the rise and Noname Security is now there to help eliminate API problems and vulnerabilities. Michele Shear, Director of Channels and Filip Verloy, Field CTO speak with Don Witt of The Channel Daily News to discuss their technology and their commitment to the channel. Filip Verloy First, Filip provides a solid overview of the company's technology and then Michele discusses their channel-led channel-first company philosophy. Noname Security woks with their partners to both educate and enable them to show the Noname strategic value to their current and prospective customers. Listen in to Michele and Filip as they discuss the many features of the technology and then provide insight into how those features will enable companies to stay ahead of the API attackers. About: Noname data classification capabilities provide visibility into the types of data that traverse your APIs. Quickly identify how many APIs can access credit card data, phone numbers, SSNs, and other sensitive data. Research from IBM X-Force indicates that two-thirds of API security incidents are due to misconfigured APIs. By gaining a complete view of your APIs, infrastructure, and vulnerabilities, you can act first and stay ahead of attackers. API inventory is more than just the number. Gain visibility into which gateway the API passes through, when the API was last updated, the data type being accessed, and the number of users accessing the API. For more information, go to: https://nonamesecurity.com/  or call  1-312-375-4716

API-security is in korte tijd enorm belangrijk geworden. Toch zijn nog maar weinig organisaties bezig met het beveiligen van hun API's. Dit terwijl de datalekken door slecht beveiligde API's enorm zijn. Tijd voor een update met Filip Verloy, Field CTO bij Noname Security.Cybersecurity staat inmiddels hoog op de agenda bij veel organisaties. Dit is echter een zeer breed begrip. Als organisatie moet je rekening houden met zero-days, ransomware, security awareness onder het personeel, maar ook het beveiligen van edge-apparaten en cloudoplossingen. API-security hoort daar ook zeker tussen, maar veel organisaties zijn nog niet bezig met het beschermen van hun API's.Het is algemeen bekend dat grote organisaties enorm veel applicaties in productie hebben draaien. Gemiddeld zo'n 800 tot 1000 applicaties. Vaak is dit een mix van legacy en nieuwe cloud based applicaties. Veel organisaties zijn druk met innovatie en het vervangen van de legacy-applicaties door nieuwe moderne applicaties. Hierin spelen API's een grote rol, want steeds meer applicaties moeten ook met elkaar kunnen communiceren of data uitwisselen. Dat gebeurt via API's. Maar hoe veilig zijn die API's en hoe beveilig je die? Te weinig organisaties beschermen zich nog tegen API aanvallen, terwijl de dreiging alsmaar groter wordt. Als een hacker toegang weet te krijgen tot een API, heeft die vaak onbeperkt toegang tot enorme datasets met grote datalekken tot gevolg. 

As possibly today's most misunderstood cybersecurity threat factor, this special shines a light on a growing API Economy - but equally a growing API Security disconnect too. Issues range from API drift, sprawl and lack of visibility, through to misconfiguration, monitoring gaps and challenges applying risk controls from pre-production to live. No wonder perhaps, that this has catalyzed much needed dedicated research such as the recent Noname API Security Report freely available here: https://bit.ly/APIDisconnectWith complete and proactive API protection clearly an absolute imperative for organizations of any size, it could not be more timely to discuss this and the latest cybersecurity trends, expectations and behaviours including differences across both regions and verticals with two superb guests from Noname Security: Karl Mattson CI-SO and Filip Verloy, Field CTO EMEA. We also explore the technology, testing, change management, DevOps best practices, developer empowerment and educational support that can help address the rapidly evolving requirements in this space. And if you or someone you know is curious around a future career in Cyber Security, please look out for the many courses and examples shared in this episode! And we would love your thoughts on the show too - thanks for listening! Sally, Karl, Filip and the #TTT TeamAnd please join us on Twitter to continue the conversation! @techradiotttToday's guests Karl and Filip on LinkedIn:http://www.linkedin.com/in/karlmattson1http://www.linkedin.com/in/verloy AND @filipv on Twitter And our host Prof. Sally Eaves on Twitter @sallyeavesAnd LinkedIn http://www.linkedin.com/in/sally-eaves

A We Hack Purple Live Stream with Matt Tesauro of Defect Dojo Inc (https://www.defectdojo.com/). Join We Hack Purple Community to be invited to awesome events like one! https://community.wehackpurple.com Description: You're tasked with ‘doing DevSecOps' for your company and you've got more apps and issues than you know how to deal with. How do you make sense of the different tools outputs for all your different apps? DefectDojo is an open source platform that can be your single pane of glass by aggregating, distilling, and automating your AppSec and DevSecOps tools. DefectDojo was created by DevSecOps people for DevSecOps people. In this talk, you'll learn about DefectDojo and how to make the most of the many features it offers including its REST-based API. DefectDojo can be your single pane of glass for discovered security vulnerabilities, report generation, aggregation of over 150+ different security tools, inventory of applications, tracking testing efforts / metrics on your AppSec program. DefectDojo was the heart of an AppSec automation effort that saw an increase in assessments from 44 to 414 in two years. Don't you want 9.4 times more output from your AppSec program? It's time to ditch spreadsheets and get DefectDojo. About Matt: Matt Tesauro is a DevSecOps and application security (AppSec) guru with specialization in creating security programs, leveraging automation to maximize team velocity and training emerging and senior professionals. When not writing automation code in Go, Matt is pushing for DevSecOps everywhere via his involvement in open-source projects, presentations, trainings and new technology innovation. Matt thrives on tackling technical problems, but his economics background gives him a unique understanding of business constraints and incentives around security initiatives. As a versatile engineer, Matt's background spans software development (primarily web development), Linux system administration, penetration testing and application / cloud security. Additionally, he offers more than 13 years of experience with the internationally recognized AppSec and open-source nonprofit OWASP Foundation. At OWASP, Matt has served on the global board of directors and conducted several highly successful open-source projects, including a web testing environment with 300,000+ downloads in a single year and the OWASP DefectDojo vulnerability management platform with 10 million+ downloads. As a recognized thought leader, Matt has presented at conferences multiple times per year since 2009 and has facilitated training around the world. Some of his noteworthy speaking engagements include a DHS Software Assurance Workshop; OpenStack Summit; SANS AppSec Summit; and AppSec US, EU and LATAM. He has also taught computer security courses at Texas A&M and the University of Texas at the undergraduate and graduate level. Matt leads by example and rolls up his sleeves to help teams reach their goals. He is a supportive and collaborative leader who mentors and motivates others to realize their potential. Colleagues note that Matt is fiendishly clever when solving problems and refreshingly honest in his work. In 2021, Matt was recruited for the role of Distinguished Engineer at Noname Security. His priority is to evangelize Noname's ground-breaking API security platform and API security in general. He works closely with the product team to ensure that Noname's platform addresses the application and product security issues that impact customers. Before joining Noname, Matt rolled out AppSec automation at USAA and founded 10Security. His early career includes tenures as Director of Community and Operations at the OWASP Foundation, Senior AppSec Engineer at Duo Security, Senior Software Security Engineer at Pearson and Senior Product Security Engineer at Rackspace. Matt received a master's degree in management information systems and a bachelor's degree in economics from Texas A&M Univers

In the second of our cybersecurity mini-series, Dave sits down with Mike O'Malley, seasoned tech marketing executive and recently-appointed CMO of API security specialists Noname Security.Mike joined Noname in the summer of 2022 to lead its marketing team into the next phase of the company's rapid and impressive growth. Prior to that, he was Senior VP, Global Marketing at CyberArk, another pioneering cybersecurity firm. Mike's career has also taken in senior marketing roles at VMware, CA Technologies and a number of other leading technology firms.As Mike tells Dave, he'd been fascinated by the challenges, innovation and fast pace of cybersecurity long before he moved into it - as well as the opportunity to play a pivotal role in the fight against the scourge of cybercrime.So now he's immersed himself into the cyber world, what are Mike's top tips on making a positive impression on one of the most under-pressure and vendor-bombarded technology buyers of all: the cybersecurity professional?No spoilers of course, but tune in and you'll find out:why security marketers must understand their buyers much faster than in other tech categorieshow to go beyond your customers' basic pains and really get inside their heads on an emotional levelhow to flip cybersecurity's obsession with fear, uncertainty and doubt into honest, positive and benefit-driven messaginghow to use data and research to highlight genuine and immediate security problems, and position your solutions as the answerthe challenges of API security, and why addressing them is so important right nowEnjoy the chat, and leave us a review if you liked it!If you enjoy the chats then there are more ways to quench your thirst for creative inspiration in the world of B2B tech.

In this episode I talk with Filip Verloy the CTO of NoName Security. We talk about how he got into security and how the NoName platform sets themselves apart in API security. If you enjoy this episode please leave a review and share it!Filip's Links:LinkedIn: https://www.linkedin.com/in/verloy/Website: https://nonamesecurity.com/Dev InterruptedWhat the smartest minds in engineering are thinking about, working on and investing in.Listen on: Apple Podcasts SpotifySupport the showFollow the Podcast on Social Media!Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcastPatreon: https://www.patreon.com/SecurityUnfilteredPodcastTiktok: https://www.tiktok.com/@secunfpodcast

In this episode of the RH-ISAC podcast, Matt Tesauro, distinguished engineer at Noname Security, discusses API vulnerabilities and how API testing is shifting left. Then, Kelsey Helms, principal analyst, and Ryan Miller, senior director, cybersecurity, at Target share how they're taking ransomware resiliency beyond the basics and collaborating across their organization.  Thank you to Fortinet for their sponsorship of the RH-ISAC podcast. 

Welcome to Security Breach.Today we're going to discus a vulnerability within the industrial sector that is essentially a product of progress. The enhanced data sharing capabilities and operational efficiencies that have been realized in establishing an estimated 20 billion device connections in manufacturing enterprises around the globe have come at a price for some.In the sector's zeal to push forward with digital transformation plans and realize the benefits of automation, software and data-driven production schemes, all of these connection points offer a soft spot for hackers to probe and pinpoint in launching various types of attacks.Joining us to discuss this evolving situation and offer some in-depth analysis from his company's recent report – The API Security Disconnect - is Filip Verloy, Technical Evangelist at Noname Security.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.

Polonium APT targets Israel with a new custom backdoor dubbed PapaCreep RSA Conference reveals CISO-Board relationships UK government urges action to enhance supply chain security Thanks to today's episode sponsor, Noname Security Prevent API attacks in real-time with automated AI and ML-based detection from Noname Security. Monitor API traffic for data leakage, data tampering, data policy violations, suspicious behavior, and API security attacks. Integrate with your existing IT workflow management system like Jira, ServiceNow, or Slack for seamless remediation. Learn more at nonamesecurity.com/runtime-protection For the stories behind the headlines, head to CISOseries.com.

Npm timing attack could impact supply chain Legit software used to spread malicious WhatsApp mod Mango Markets hit by $100 million hack Thanks to today's episode sponsor, Noname Security Are you sure your APIs are secure? Noname Security discovers all the APIs running on your network and analyzes them to spot design flaws, misconfigurations, and vulnerabilities. You can even catalog sensitive data and quickly see how many APIs are able to access credit card data, phone numbers, SSNs, and other sensitive PII data. Learn more at nonamesecurity.com/posture-management

UK warns of Chinese global security threat Toyota data leak impacts 300,000 customers CISOs at risk of being overworked Thanks to today's episode sponsor, Noname Security Stop API vulnerabilities before production with Noname Security. Automatically run over 100 dynamic tests that simulate malicious traffic, including the OWASP API Top Ten. Integrate with your existing CI/CD pipelines and tools, such as Jenkins and Postman, as well as all your ticketing and workflow tools such as ServiceNow, Slack, and Jira. Learn more at nonamesecurity.com/active-testing For the stories behind the headlines, head to CISOseries.com

Finger heat can leak your password US airport sites targeted by KillNet Intel confirms UEFI leak Thanks to today's episode sponsor, Noname Security Prevent API attacks in real-time with automated AI and ML-based detection from Noname Security. Monitor API traffic for data leakage, data tampering, data policy violations, suspicious behavior, and API security attacks. Integrate with your existing IT workflow management system like Jira, ServiceNow, or Slack for seamless remediation. Learn more at nonamesecurity.com/runtime-protection

All links and images for this episode can be found on CISO Series After every breach, you hear the same mantra from the attacked company: "We take security and privacy seriously." It's lost all its meaning. But what if you truly ARE serious about how you handle security and privacy? Should you say "seriously" twice? This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Geoff Belknap (@geoffbelknap), CISO, LinkedIn and co-host of Defense in Depth. It was recorded in front of a live audience at Microsoft's Silicon Valley Campus in Mountain View, California as part of a regular ISSA-SV and ISSA-SF meeting. Check out all the fantastic photos from the event here. Thanks to our podcast sponsor, SafeBreach and Noname Security SafeBreach provides continuous security control validation powered by our breach and attack simulation (BAS) platform. We enable security leaders to proactively prioritize remediation efforts and drive ROI quickly by consolidating technology costs around what truly enhances your security posture. Real-world attacks. Real-time results. Prevent API attacks in real-time with automated AI and ML-based detection from Noname Security. Monitor API traffic for data leakage, data tampering, data policy violations, suspicious behavior, and API security attacks. Integrate with your existing IT workflow management system like Jira, ServiceNow, or Slack for seamless remediation. Learn more at nonamesecurity.com/runtime-protection In this episode: If you truly ARE serious about how you handle security and privacy, should you say "seriously" twice? Given the immense complexity not just on integration but also training, are we going to see more consolidation of point solutions into suites? When would it make sense for a company to completely dump their security team and completely outsource it? And if you were to outsource it, what the heck would that look like?

Fortinet warns admins to patch critical auth bypass bug immediately Windows 11 22H2 errors break provisioning Security chiefs fear ‘CISO scapegoating' following Uber-Sullivan verdict Thanks to today's episode sponsor, Noname Security Are you sure your APIs are secure? Noname Security discovers all the APIs running on your network and analyzes them to spot design flaws, misconfigurations, and vulnerabilities. You can even catalog sensitive data and quickly see how many APIs are able to access credit card data, phone numbers, SSNs, and other sensitive PII data. Learn more at nonamesecurity.com/posture-management For the stories behind the headlines, head to CISOseries.com.

Karl Mattson is the CISO at Noname Security, a graduate of the FBI CISO Academy, and a CISSP. Karl explains the importance of API security and how the design of the code, and the configuration and management of API all affect API security. Noname Security https://nonamesecurity.com/ Noname Security's 4-Hour API Workshop https://nonamesecurity.com/workshop Secure Talk Podcast https://securetalkpodcast.com/

Anjali Hansen, a Senior Privacy Counselor from Noname Security shares her story as she climbed through the ranks to get to where she is today. When Anjali started, she wanted to do international law. She started working for the International Trade Commission after law school, where she was able to gain most of her experience and real world abilities. Working with online fraud and abuse, she shares, concerned her, because it felt like governments could not protect organizations from threats occurring, which is how she got interested in cybercrime. From there, she moved to Noname Security, and in working there, she found that she is working with every group in the organization, creating a cross team collaboration, saying how much she admires that type of model. She says "We have to help other departments protect the data because the data's throughout an organization, it's in HR, it's in sales and marketing, it's in IT, it's in finance. So you have to be able to work with all these teams." We thank Anjali for sharing her story.

Anjali Hansen, a senior privacy counselor from Noname Security shares her story as she climbed through the ranks to get to where she is toady. When Anjali started she wanted to do international law. She started working for the International Trade Commission after law school which is where she was able to gain most of her experience and gain real world abilities. Working with online fraud and abuse, she shares, concerned her because it felt like governments could not protect organizations from threats occurring, which is how she got interested in cyber crime. From there, she moved to Noname Security and working there she found that she is working with every group in the organization, creating a cross team collaboration and how much she admires that type of model. She says "We have to help other departments protect the data because the data's throughout an organization, it's in HR, it's in sales and marketing, it's in IT, it's in finance. So you have to be able to work with all these teams." We thank Anjali for sharing her story.

Noname Security CISO Karl Mattson talks about API sprawl, API security, and the market trends.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome to the first of our three-part ‘Women in Creative Leadership' special. This mini-series aims to gauge the temperature of gender equality and diversity within the creative and marketing sides of the B2B tech industry. Where are we in the fight for true equality? What more can be done, and how can we as an industry make sure that every talented female has the opportunity to climb the ranks into senior leadership positions? Our first guest to discuss these crucial issues is Larissa Schneider, Head of Marketing at Noname Security - leaders in API security. We first met Larissa during her time with our client, cloud computing firm Nutanix, whom she joined after they acquired her previous firm PernixData. The PernixData/Nutanix journey was a wild ride for Larissa, encompassing stints in Silicon Valley and her native Germany, an IPO, and a fairly rapid ascent up the leadership ranks. Now Larissa is a creatively driven leader at a company that is truly making waves achieving “unicorn” status only one year out of stealth. As you'll hear, she is inspirational, wise and well worth listening to. Timestamps: (08:51) – Larissa's background and career (12:48) – What inspired Larissa to get into marketing and the tech scene (15:30) – Thoughts on where the tech industry is in terms of equality and opportunities for female marketers (18:13) – How COVID enabled more opportunities for diversity through flexibility in remote working (23:18) – The hiring process and how a change in approach can reap rewards (27:09) – The role of mentors in her career Follow Larissa on LinkedIn: https://www.linkedin.com/in/schneiderlarissa/ Don't forget to subscribe and rate our show!

I invite Val Dobrushkin, Director of Risk & Compliance at Noname Security, into the studio this week to tap into his openness and transparency around his role as a security leader and his personal mental health journey. As compliance professionals, Val and I cover the technical side of his career, including his opinions and experiences with SOC 2, ISO, and GRC. As friends, Val and I dive deep into the difficult topics of workplace stress, labor shortages, career burnout, and mindfulness. Timecoded Guide: [00:00] Framework preferences & the benefits of SOC 2 vs ISO [07:06] Compliance & security from a business perspective [13:52] Cybersecurity labor shortages & tech skill gaps [16:50] Workplace stress & the struggle of cyber career burnout [21:15] Mental health advice for security practitioners    Do you think GRC is a good entry point for cybersecurity?  Much like myself, Val is a firm believer in GRC as a solid entry point in the cyber security industry. Junior security practitioners need an area where they're exposed to a variety of positions and functions, and Val sees endless training opportunities for a young professional looking to get their start in GRC. Repeatable processes and teachable functions show entry-level cyber employees the value of compliance and how what we do as cyber professionals impacts the businesses we work with. “When you rise up the ladder, you may feel like those standard beginning steps are tiring from having done them for many years, but it's those things that are easy to pick up. They're easily repeatable, and a very quick intro to say, ‘Hey, this is what this does for the business. There's some value in it.'”    How do we solve the cybersecurity labor shortages and skill gaps?  Anyone working in the industry understands the stress of the cyber workforce gap and how it has impacted both understaffed tech companies and overworked cybersecurity practitioners, especially in the wake of the covid-19 pandemic. With so much conversation around cybersecurity talent shortages, I asked Val where he saw potential for solutions. His advice fell on the shoulders of cyber industry leaders, urging them to acknowledge the security skills gap and the staffing issues taking place. Without acknowledgement, Val warns that leaders will not set themselves up for success when welcoming new security professionals to the workforce or training industry outsiders in new positions.  “When we hire somebody, we can give them a set title, a set function. At the same time, we also have to leave them room so they can grow and do something more, something better, something different.”   Why do you think we're seeing cybersecurity professionals burning out? Not only are cyber staffing shortages weighing on us, but cybersecurity professionals are burning out at rapid rates. The great resignation feels far from over for many companies, and I have seen security personnel quickly burn out and leave the industry entirely. Considering Val's vulnerability about mental health, he is quick to sympathize with those skilled workers feeling too exhausted to continue their roles. Security practitioners are often undervalued when businesses see cybersecurity as an expense, not something that can potentially save their business. Undervaluing combined with a lack of cohesiveness in teams and a lack of new opportunities, we are looking at a potential mental health crisis in cyber. “Security is not usually appreciated. Things go wrong and then, security is often blamed for not fixing things beforehand, or not building these things right. There's always a lot of pressure…It's really hard to compete.”   Can you tell me about your personal mental health journey and how it has impacted your cyber career and company? Immigrating to America at a young age and pushing himself hard in his career led to Val learning his lesson about mental health the hard way. After struggling with depression throughout his adulthood and managing his mental health through mindfulness and spirituality, Val focuses more of his energy now on showing others the value of lifting yourself up. While focusing too hard on societal and career expectations led to Val's personal burn out, he's come out the other side of many of his mental health struggles with clarity and consciousness about what others are going through, as well as a motivation to guide others on a healthier mental health journey. “I learned early on in my career, when I had my first subordinates, that when people were underperforming, it wasn't because they were bad or they weren't skilled, there was something else going on. Once we were able to figure out what that something else was, they performed well above my expectations.” --------- Links: Keep up with our guest, Val Dobrushkin, on LinkedIn Learn more about Noname Security on their website and LinkedIn. Connect with AJ Yawn on LinkedIn and Twitter Follow ByteChek on LinkedIn and Twitter, or learn more about ByteChek on their website Listen to more from the Hacker Valley Studio and To Comply or Not to Comply

Shai Levy, was born in Ramat Gan, and from a very young age he learnt to adapt to challenging life situations. He paved the way for the 8200 after studying physics and computers in high school and hurried to finish his matriculation in physics in tenth grade. From the Sisyphean classifications to the specific section to which he was admitted in the army which lasted 7 months he no longer recoiled. There he met Oz and even then they had signed together on a project that won them a 'Source of Life' award after they managed to convince their commander to promote a project that initially encountered opposition - and gained recognition for thinking outside the box. After military service he moved between start-ups and large companies when his last job was on Facebook. About a 2 years ago, he took part in the establishment of a Noname Security company that provides cyber solutions for APIs.

Filip Verloy, Technical Evangelist at Noname Security discusses the difference between IT infrastructure API usage and business API usage, some of the challenges associated with cyber security, and the link between API security and ransomware.

Noname Security's surge in adoption can be attributed to its proactive approach to API security throughout the full software development lifecycle. Unlike most solutions in the market today that rely solely on traffic analysis to pinpoint active attacks, Noname Security analyzes configuration, traffic and code to identify the broadest set of API vulnerabilities — including misconfigurations and design flaws. We speak with NoName's CISO, Karl Mattson, a cybersecurity leader and innovator with over 25 years' experience leading innovative and diverse teams of technology and security professionals in financial services, retail and federal government. Previously, Karl served as the Chief Information Security Officer (CISO) for PennyMac Financial Services and City National Bank. He has a track record of providing CEOs, CTO and investors in cybersecurity on strategies for product, market and customer success. Recorded 13 April 2022 #APIsecurity #noname #cybersecurity #AppSec

Mike Baker, CRO at Noname Security, joins me today to talk about his experience (and success) in the cybersecurity sales world and how he tends to go the opposite way of where the masses head…because that's where the gold is. Bluebird anyone?!?!Mike joined Noname Security in October 2020 as its first employee in the US and first in the sales team.  Now, just 16 months later, the go-to-market team has over 100 people, with most of them in sales. Mike talks about the decisions he made during that period, the type of people that do well, the first hires he made, and what's coming up in 2022.If you are a sales leader at a startup, or you're in the sales team, and you're searching for your repeatable scalable sales process to grow sales faster, then please get in touch with me at andrew@unstoppable.do or you can also go to my site at www.unstoppable.do.Sign up for our newsletter (https://www.salesbluebird.com)Support the show (http://www.unstoppable.do)

This episode features guest Alissa Knight, former hacker and partner at Knight Ink, along with Karl Mattson, CISO from Noname Security, discussing findings on severe API vulnerabilities in U.S. banking applications research that was conducted by Alissa and funded by Noname Security. The research, “Scorched Earth: Hacking Bank APIs,” unveils a number of vulnerabilities in the banking, cryptocurrency exchange, and FinTech industries. In her Money 20/20 keynote presentation entitled “Scorched Earth: Hacking Bank APIs”. In her presentation, Alissa revealed that she was able to gain access to 55 different banks and change PIN codes and move money in and out of accounts. Three lessons learned include: API security vulnerabilities affect all enterprises, API security needs to be operationalized across the enterprise, and API security requires posture management, runtime security, and active testing. Details can be found here: White paper: Hacking Banks and Cryptocurrency Exchanges Through Their APIs Blog post: 3 API Security Lessons from “Scorched Earth: Hacking Bank APIs” Press release: New Research Shows Vulnerabilities in Banking, Cryptocurrency Exchange, and FinTech APIs Allow Unauthorized Transactions and PIN Code Changes of Customers Alissa's presentation at Money 20/20.

This episode features guest Alissa Knight, former hacker and partner at Knight Ink, along with Karl Mattson, CISO from Noname Security, discussing findings on severe API vulnerabilities in U.S. banking applications research that was conducted by Alissa and funded by Noname Security. The research, “Scorched Earth: Hacking Bank APIs,” unveils a number of vulnerabilities in the banking, cryptocurrency exchange, and FinTech industries. In her Money 20/20 keynote presentation entitled “Scorched Earth: Hacking Bank APIs”. In her presentation, Alissa revealed that she was able to gain access to 55 different banks and change PIN codes and move money in and out of accounts. Three lessons learned include: API security vulnerabilities affect all enterprises, API security needs to be operationalized across the enterprise, and API security requires posture management, runtime security, and active testing. Details can be found here: White paper: Hacking Banks and Cryptocurrency Exchanges Through Their APIs Blog post: 3 API Security Lessons from “Scorched Earth: Hacking Bank APIs” Press release: New Research Shows Vulnerabilities in Banking, Cryptocurrency Exchange, and FinTech APIs Allow Unauthorized Transactions and PIN Code Changes of Customers Alissa's presentation at Money 20/20.

This week in the Enterprise News: Is the art of VC valuations a lie?, Noname Security hits unicorn status, Dazz sounds like an 80's cartoon character and is the latest to join the CSPM category with a mega Series A, LogMeIn spins out Lastpass, We'll talk about Log4Shell for a little bit, but not too much, Everyone forgot that AWS had an outage last week, at least, until they had an outage this week, 83% of IT professionals can't guarantee infrastructure is safe from ex-employees, & Senate approves cyber-loaded defense bill but stripped out incident reporting! All that and more, on this episode of Enterprise Security Weekly!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw254

This week, we welcome Shoshana Gourdin, to discuss how Morale Is a Safety Control! Up next, we welcome Scott Crawford, Research Director at 451 Research / S&P Global Market Intelligence, to talk about The Evolution & Future of XDR & the SOC! In the Enterprise News: Is the art of VC valuations a lie?, Noname Security hits unicorn status, Dazz sounds like an 80's cartoon character and is the latest to join the CSPM category with a mega Series A, LogMeIn spins out Lastpass, We'll talk about Log4Shell for a little bit, but not too much, Everyone forgot that AWS had an outage last week, at least, until they had an outage this week, 83% of IT professionals can't guarantee infrastructure is safe from ex-employees, & Senate approves cyber-loaded defense bill but stripped out incident reporting! All that and more, on this episode of Enterprise Security Weekly!   Show Notes: https://securityweekly.com/esw254 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Shoshana Gourdin, to discuss how Morale Is a Safety Control! Up next, we welcome Scott Crawford, Research Director at 451 Research / S&P Global Market Intelligence, to talk about The Evolution & Future of XDR & the SOC! In the Enterprise News: Is the art of VC valuations a lie?, Noname Security hits unicorn status, Dazz sounds like an 80's cartoon character and is the latest to join the CSPM category with a mega Series A, LogMeIn spins out Lastpass, We'll talk about Log4Shell for a little bit, but not too much, Everyone forgot that AWS had an outage last week, at least, until they had an outage this week, 83% of IT professionals can't guarantee infrastructure is safe from ex-employees, & Senate approves cyber-loaded defense bill but stripped out incident reporting! All that and more, on this episode of Enterprise Security Weekly!   Show Notes: https://securityweekly.com/esw254 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week in the Enterprise News: Is the art of VC valuations a lie?, Noname Security hits unicorn status, Dazz sounds like an 80's cartoon character and is the latest to join the CSPM category with a mega Series A, LogMeIn spins out Lastpass, We'll talk about Log4Shell for a little bit, but not too much, Everyone forgot that AWS had an outage last week, at least, until they had an outage this week, 83% of IT professionals can't guarantee infrastructure is safe from ex-employees, & Senate approves cyber-loaded defense bill but stripped out incident reporting! All that and more, on this episode of Enterprise Security Weekly!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw254

This week, In the Enterprise News, Atos launches thinkAI, AWS welcomes Wickr to the team, U.S. DoD approves two (ISC)² certifications as requirements for staff, JFrog to acquire Vdoo, & more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw233

Detect Technologies, a company specializing in industrial AI, has raised $12 million in a round led by Accel Partners and Elevation Capital. According to the company's statement, the money will be used to enhance worldwide industrial efficiency and extend the company's position as a leader in industrial digitalization. The firm provides a wide range of AI and IoT solutions for the industrial sector.BMW i Ventures announce their second sustainability-focused fund for early to mid-stage startups in the industries of transportation, manufacturing, supply chain and others. Previously, investments of the VC firm's first fund, BMW i Ventures Fund 1, had helped companies in their journey to public.ServiceTitan, a software company built to accelerate the home and commercial service industries, has entered a definitive agreement to acquire Aspire Software, a landscaping business management software provider. Alongside the acquisition, the company announced its $200 million Series G funding from Thoma Bravo at a valuation of $9.5 billion. This acquisition marks ServiceTitan's second investment in the last twelve months (previously ServicePro) and its largest to date.Slack launches Huddles, a feature to encourage casual conversations that get missed out due to remote working, and new video sharing and recording capabilities to help users share their thoughts ahead of a scheduled meeting, as per their convenience. These features would be rolled out for paid teams.Device42 has developed a new solution that analyses your infrastructure and provides recommendations for cost-effective cloud migration. The program uses machine learning to assist in the discovery of the optimum configuration. Device42 is a software business founded in 2012 that specializes in hybrid IT discovery and application dependency mapping.Ably, a synchronized digital experience platform provider has announced that it has raised $70 million in a Series B funding round led by Insight Partners and Dawn Capital LLP. Other participants include Digital Horizon, Forward Partners, and MMC Ventures, Triple Point. The new funds will help Ably continue developing and innovating its platform, giving businesses a comprehensive solution for offloading the rising complexity of real-time data synchronization at scale for distributed applications, devices, and hybrid cloud environments.A pan-European venture capital firm, Nauta Capital, has announced ambitions to invest in pre-seed deeptech businesses across Europe. The specialized venture program will provide funding to pre-seed B2B deeptech businesses in order to help them develop and thrive. Nauta Funding's new initiative, motivated by a shortage of capital available for pre-seed and pre-revenue B2B deeptech enterprises, will support 12-16 startups for the next 12 months to close the gap and propel Europe's next generation of deeptech entrepreneurs.Shogun has raised $67.5 million in a $575 million Series C funding round led by Insight Partners. The cash will improve the company's two major products, Shogun Frontend and Page Builder. Frontend, Shogun's newest offering, is a “headless” solution aimed at web designers and others who want to create more personalized experiences. It caters to the midmarket to the corporate consumers and has hundreds of clients.   ARIADNEXT, French remote identity verification, and digital identity creation company, has been bought by IDnow, a German identity verification startup. As a result of the acquisition, IDNow is now on a level with OnFido, Europe's other major participant. IDnow will keep ARIADNEXT's offices in Rennes, Paris, Madrid, Bucharest, Iasi, Warsaw, and its approximately 125 employees. Mandolin, a concert live stream platform to help artists, venues, and fans connect through live music, has raised $12 million in its Series A fundraise in an oversubscribed round co-led by 645 Ventures and Foundry Group. Existing investors, High Alpha and TIME Ventures, participated in the round.Pietra, a platform providing Creators business-building tools, has announced its Series A fundraise of $15 million in a round led by Founders Fund with participation from its existing investor, Andreessen Horowitz (a16z), TQ Ventures, Abstract Ventures and other strategic investors.Nodes & Links, a startup offering AI and cloud tools for engineering projects to be delivered on time and budget, has announced its Series A fundraise of €9.3 million ($11 million roughly). The round was led by urban sustainability-focused fund 2150, alongside Zigg Capital and Westerly Winds.FloLive, an IoT company, has raised an additional $15.5 million in a Series B investment round led by Intel Capital. The additional money will be used to improve the company's service and invest in and develop the company's technology stack and upgrade its network to 5G. Rather than creating new infrastructure, FloLive's approach is to stitch together networks from several places and run them as a single network.Gusto, a unicorn company developing web-based payroll solutions for small and medium-sized businesses, has announced the launch of its new product, Gusto Embedded Payroll (GEP), which facilitates software developers to embed and customize payroll directly into their software. Noname Security, an enterprise API security business, raised $60M in a Series B funding round headed by Insight Partners. The company offers a security platform that uses artificial intelligence and machine learning to assist businesses in monitoring and securing both managed and uncontrolled APIs. Since its launch, the firm has recruited 40 technical, reseller, and channel partners in six months.Hyperexponential (hx), a mathematical software provider for the insurance sector, raised $18 million in a funding round headed by Highland Europe. According to the company, actuaries, data scientists, and underwriters may use Hx's Renew SaaS platform to create, deploy, and update insurance pricing models more quickly.

This week, In the Enterprise News, Atos launches thinkAI, AWS welcomes Wickr to the team, U.S. DoD approves two (ISC)² certifications as requirements for staff, JFrog to acquire Vdoo, & more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw233