Podcasts about rapid7

In this episode of the Cyber Uncut podcast, Raj Samani, senior vice president and chief scientist at Rapid 7, joins host Liam Garman to unpack how nation-state threats are actively targeting Australian organisations – and how we can proactively prepare for future attacks. They begin the podcast by looking at those groups that are most actively targeting Australian organisations and how their strategies are different from traditional cyber crime. Samani then unpacks some of the most common mistakes he sees from Australian organisations that are leaving them vulnerable to ransomware, before diving into the operating models of these threat actors, from negotiations and double extortion tactics. The pair then wrap up the podcast by looking at how companies can improve their post-breach response and resilience and the actionable steps they must take to stay ahead of emerging risks. To listen to Samani's previous appearance on the Cyber Uncut podcast, click here. Enjoy the podcast, The Cyber Uncut team.

In this episode of the Cyber Uncut podcast, Raj Samani, senior vice president and chief scientist at Rapid7, joins host Liam Garman to unpack how nation-state threats are actively targeting Australian organisations - and how we can proactively prepare for future attacks. They begin the podcast by looking at those groups that are most actively targeting Australian organisations and how their strategies are different from traditional cyber crime. Samani then unpacks some of the most common mistakes he sees from Australian organisations that are leaving them vulnerable to ransomware, before diving into the operating models of these threat actors, from negotiations to double extortion tactics. The pair then wrap up the podcast by looking at how companies can improve their post-breach response and resilience and the actionable steps they must take to stay ahead of emerging risks. To listen to Samani's previous appearance on the Cyber Uncut podcast, click here. Enjoy the podcast, The Cyber Uncut team.

My Very Personal Guidance and Strategies to Protect Network Edge Devices A quick summary to help you secure edge devices. This may be a bit opinionated, but these are the strategies that I find work and are actionable. https://isc.sans.edu/diary/My%20Very%20Personal%20Guidance%20and%20Strategies%20to%20Protect%20Network%20Edge%20Devices/31660 PostgreSQL SQL Injection A followup to yesterday's segment about the PostgreSQL vulnerability. Rapid7 released a Metasploit module to exploit the vulnerability. https://github.com/rapid7/metasploit-framework/pull/19877 Ivanti Connect Secure Exploited The Japanese CERT observed exploitation of January's Connect Secure vulnerability https://blogs.jpcert.or.jp/ja/2025/02/spawnchimera.html WinZip Vulnerability WinZip patched a buffer overflow vulenrability that may be triggered by malicious 7Z files https://www.zerodayinitiative.com/advisories/ZDI-25-047/ Xerox Printer Patch Xerox patched two vulnerabililites in its enterprise multifunction printers that may be exploited for lateral movement. https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox-VersaLinkPhaser-and-WorkCentre.pdf

Three Buddy Problem - Episode 34: We dig into the latest exploited Apple iPhone zero-day (USB Restricted Mode bypass), an AMD microcode flaw so serious it's not being fully disclosed, a barrage of Patch Tuesday updates, the helpless nature of trying to defend corporate networks, Russian threat actor movements, and fresh intel from Rapid7, Volexity, and Microsoft. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine).

Pete is CEO and co-founder of Realm Security, which is building a security data fabric to help companies manage their disparate log sources for monitoring tools. For companies spending millions of dollars every year on contracts with Splunk, Realm is the light at the end of the tunnel that can help them move to a cheaper SIEM tool. Pete started his career at Rapid7 after dropping out of college, and he worked his way through a variety of cybersecurity sales leadership roles since, including companies acquired by CarbonBlack and Cisco. In the episode we talk about his emphasis on moving roles for new learning opportunities, his obsession with customer problems rather than potential solutions, and how Realm's message is unique in a cyber ecosystem where vendors are always asking for CISOs to grow their budget. Website Sponsor: VulnCheck

In this holiday episode special, we're joined by Hamza Fodderwala, Executive Director at Morgan Stanley, where he leads cybersecurity equity coverage. He joined Morgan Stanley's software research team in early 2016 and leads coverage for public cybersecurity companies like Palo Alto Networks, CrowdStrike, Fortinet, SentinelOne, Okta, Zscaler, Cloudflare, Rapid7, Check Point, Qualys, Varonis and Tenable. Before Morgan Stanley, Hamza was an equity research associate at Susquehanna International Group covering the financial technology sector. Hamza graduated from New York University, with a Bachelor of Arts in Economics.We dive into Hamza's insights on the major customer buying patterns in cybersecurity throughout 2024 and what might shift in 2025. Hamza shares his observations on how the Generative AI boom is influencing product adoption in the industry, and whether enterprises are currently adopting AI security solutions. Additionally, we explore key trends from cybersecurity resellers, discuss what might unlock public equity markets for new IPOs, and which private cyber companies could go public next.Our discussion covers the cybersecurity M&A landscape, highlighting over $50B in deal volume this year with companies like Juniper, Darktrace, Recorded Future, Synopsys, Venafi, and more all getting acquired. Finally, Hamza shares lessons for founders, offering advice on identifying areas ripe for disruption, navigating the venture funding landscape, and building resilience in a competitive industry.

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: Rapid7's Approach to ICS and OT Security: Lessons from the FieldPub date: 2024-12-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationJoin Derek Harp and his guests from Rapid7—Lonnie Best, William Price, and Nicholas Butcher—as they delve into the critical challenges and exciting opportunities within the Operational Technology (OT) and Industrial Control Systems (ICS) cybersecurity landscape. Recorded live at Hack the Capitol 7.0, this episode highlights the growing demand for OT cybersecurity, innovative approaches to managing threats, and the evolving dynamics between IT and OT professionals.In this episode, the panel discusses real-world examples of managing ICS threats, the nuances of integrating OT into traditional IT security frameworks, and the importance of trust and communication in bridging gaps between teams. Learn how managed security services are adapting to meet the unique demands of OT environments and why collaboration across roles and expertise is essential.Whether you're a seasoned professional or new to the field, this episode offers actionable insights and inspiring stories that highlight the importance of securing critical infrastructure in today's evolving threat landscape. Visit cs2ai.org to learn more about resources, events, and professional development opportunities in OT and ICS cybersecurity.The podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Join Derek Harp and his guests from Rapid7—Lonnie Best, William Price, and Nicholas Butcher—as they delve into the critical challenges and exciting opportunities within the Operational Technology (OT) and Industrial Control Systems (ICS) cybersecurity landscape. Recorded live at Hack the Capitol 7.0, this episode highlights the growing demand for OT cybersecurity, innovative approaches to managing threats, and the evolving dynamics between IT and OT professionals.In this episode, the panel discusses real-world examples of managing ICS threats, the nuances of integrating OT into traditional IT security frameworks, and the importance of trust and communication in bridging gaps between teams. Learn how managed security services are adapting to meet the unique demands of OT environments and why collaboration across roles and expertise is essential.Whether you're a seasoned professional or new to the field, this episode offers actionable insights and inspiring stories that highlight the importance of securing critical infrastructure in today's evolving threat landscape. Visit cs2ai.org to learn more about resources, events, and professional development opportunities in OT and ICS cybersecurity.

Unredacted court filings from WhatsApp's 2019 lawsuit against NSO Group reveal the scope of spyware infections. Glove Stealer can bypass App-Bound Encryption in Chromium-based browsers. Researchers uncover a new zero-day vulnerability in Fortinet's FortiManager. Rapid7 detects an updated version of LodaRAT. CISA warns of active exploitation of Palo Alto Networks' Expedition tool. Misconfigured Microsoft Power Pages accounts expose sensitive data. Iranian state hackers mimic North Koreans in fake job scams. Australia warns its critical infrastructure providers about state sponsored embedded malware. An especially cruel cybercriminal gets ten years in the slammer. Guest Ambuj Kumar, Co-founder and CEO of Simbian, joins us to discuss how AI Agents may change the cyber landscape. We're countin' down the top ten least secure passwords.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Ambuj Kumar, Co-founder and CEO of Simbian, joins us to discuss how AI Agents are going to change the cyber landscape. Selected Reading 1,400 Pegasus spyware infections detailed in WhatsApp's lawsuit filings (The Record) Glove Stealer Malware Bypasses Chrome's App-Bound Encryption (SecurityWeek) watchTowr Finds New Zero-Day Vulnerability in Fortinet Products ( Infosecurity Magazine) LodaRAT: Established malware, new victim patterns (Rapid7 Blog) CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks (SecurityWeek) Microsoft Power Pages misconfigs exposing sensitive data (The Register) Iranian Threat Actors Mimic North Korean Job Scam Techniques (BankInfo Security) Hackers Lurking in Critical Infrastructure to Wage Attacks (BankInfo Security) Cybercriminal devoid of boundaries gets 10-year prison sentence (The Register) Top 200 Most Common Passwords (NordPass) Special voting request.  Just when you thought voting was over for this year…It's time to vote…again! The N2K CyberWire hosting team of Dave Bittner, Maria Varmazis, and Joseph Carrigan have been nominated for the Creator of the Year category in the Baltimore region's 2024 Technical.ly Awards for their incredible work on the Hacking Humans podcast! If you're a fan of Hacking Humans, we'd be thrilled to have your support! Please cast your vote here. (Make sure you select the “Baltimore” region). Thanks for your vote! Voting ends Monday, November 18th, so don't delay! Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts wit h us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Drex shares timely updates including potential changes to HIPAA regulations aimed at clarifying security rules, Rapid7's possible sale exploration and its implications, and the importance of updating Apple devices to address critical security vulnerabilities. Remember, Stay a Little Paranoid Subscribe: This Week Health Twitter: This Week Health LinkedIn: Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer

In dieser Folge spricht Milena mit Andreas Belkner, Channel Account Manager DACH bei Rapid7 über Threat Intelligence. Unser heutiger Werbepartner: Rapid7 https://www.infinigate.com/ch/Hersteller/rapid7/Hast du Themenwünsche für den Podcast oder Fragen zu den Lösungen von Rapid7? Du erreichst uns untercyberheroes@infinigate.ch. Dies ist ein Podcast der Infinigate (Schweiz) AG.

Con Manuel Fernández, director regional para España, Portugal y Latam de Integrity 360; José Badía, Country Manager Iberia en Darktrace; Rocío Vaquero, Partner Business Manager en Armis; Jonathan Rendal, Consulting SE de Trellix; Marlene Santos, Senior Customer Sucess Manager en Rapid7; Asterio Fernández, arquitecto de Soluciones de Integrity 360; Jerome Chapolard, Enterprise de Orca; y Raúl Pérez, Sales Engineer en XMCyber.

In this episode, J.R. Lowry sits down with former CEO Mike Tuchen, who shares invaluable lessons from tech CEOs. Mike discusses his journey leading tech companies like Rapid7, Talend, and Onfido, reflecting on the leadership challenges and strategies that helped him succeed. With candid insights on building teams, executing strategies, and navigating market trends, this conversation offers a wealth of knowledge for aspiring leaders and tech enthusiasts. Tune in to hear Mike's experiences and practical advice from his impressive career.Check out the full series of “Career Sessions, Career Lessons” podcasts here or visit pathwise.io/podcast/. A full written transcript of this episode is also available at https://pathwise.io/podcast/mike-tuchenBecome a PathWise member today! Join at https://pathwise.io/join-now

Host Karl Palachuk caught up with Dor Eisner, CEO of Guardz. Right off the bat, Eisner points out the reason enterprise cybersecurity attacks are different from those focused on small business. Like it or not, most of the attacks that work against SMB clients will not work against larger enterprises. Eisner discusses the toolsets that are built specifically to attack small businesses, and marketed that way on the dark web. Assuming you don't want to spend time browsing the dark web, it's good to have a partner who is willing to. Guardz is focused completely on securing small businesses, and helping them to secure their networks in a way that helps them lower their insurance premiums. Think about what that means for your clients: A dashboard that benchmarks a network against the requirements and checklists used by cybersecurity insurance companies to set rates. A secure network AND lower insurance rates: That's a great combination! You can connect with Guardz at: https://guardz.com Request a Guardz Demo at https://guardz.com/schedule-a-meeting/ Karl asked about pricing and was pleased to find a very transparent, friendly pricing structure. Dor gives the pricing in the podcast, and it's posted clearly on the web site. In addition, you are not locked into longterm, inflexible contracts. Scale up and down as you need. Also check out the free internal-use licensing for MSPs. Learn it. Use it. And integrate Guardz into your solution. You get your free demo, free license, and some great sales tools at https://guardz.com. Check out the full podcast to hear Dor's advice on sales techniques and the response options for various clients and attack alerts. Connect with Guardz on social media at: YouTube -    https://www.youtube.com/@Guardz_com LinkedIn -    https://www.linkedin.com/company/guardz/ Twitter -    https://x.com/GuardzCyber Instagram -    https://www.instagram.com/guardz_cyber/ Facebook -    https://www.facebook.com/guardzcom/    About Dor Eisner Dor Eisner is the CEO and Co-Founder of Guardz, working to create a safer digital world for SMBs. Dor has over 20 years of experience in the field of cybersecurity. Prior to founding Guardz, Dor worked at IntSights, a Rapid7 company, as their VP of Business Development, as well as at Alarum Technologies as Director of Sales.  Dor began his career in cybersecurity in the Israeli Defense Force's 8200 Unit as Cyber Security Team Lead.  About Guardz Guardz distinguishes itself in the cybersecurity market with the first AI-Native MDR solution that redefines security management for Managed Service Providers (MSPs) with an automated detection and response platform. It simplifies and strengthens security operations, enabling MSPs to protect their SMB customers against the ever-evolving cyber threat landscape. Guardz's MDR empowers MSPs by integrating fragmented security controls into a cohesive, unified security ecosystem. By leveraging advanced artificial intelligence, the platform correlates data across multiple sources – such as dark web monitoring, email security, and cloud services – to detect threats at their earliest stages. This capability ensures that all security components, from user profiles to endpoint protection, work harmoniously, reducing the risk of overlooked vulnerabilities. Guardz's cost-effective pricing reduces cybersecurity expenses by up to 75% compared to traditional solutions, making it accessible for businesses with lean IT teams. The platform also supports MSPs through the MSP Growth Hub, offering tools for business development, including ROI reports and AI-powered risk assessments. By combining innovation, affordability, and comprehensive protection, Guardz positions itself as a leader in the cybersecurity industry, empowering MSPs and their SMB clients to thrive in a safer digital world. Learn more at https://guardz.com. -- -- -- Thank you to Guardz for sponsoring this interview. :-)

Veracode's CRO Andre Cuenin joins CXO Conversations and shares his journey from sales to the C suite. He doesn't like the title Chief Revenue Officer as it puts the focus on him versus the customer. Andre moved from presales to sales by having a post presentation conversation with a customer; he casually asked for the signature. During the conversation, Andre shares his three core management philosophies: Authenticity; be more authentic, gain and share experiences and value wisdom Importance of having a plan; don't chase the money- chase the dream  Go the extra mile; there's no traffic jam there Andre discusses the value and importance of always being curious and learning. Key take aways from the conversation with Andre: Be who you are and be truthful to yourself Go outside your comfort zone Passion gives you confidence In addition to Veracode, Andre has served in C level roles for Rapid7, Cherwell Software and President for the Americas and Europe for IR. Andre also led worldwide sales for StrataVia until it was acquired by HP and held many leadership roles for CA in both Europe and the US. He earned his BSC in Computer Science from the University of Applied Sciences and Arts Northwestern Switzerland.

Michael Belton, founder and CISO at 23P, is a well-respected provider of services including cybersecurity training, offensive assessment, simulation, and more. Michael has over 25 years of information security experience. He previously served as vice president of research and development at Optiv, and manager, global penetration testing services at Rapid7. He is also featured on our list of Cybersecurity Pundits. In this episode, he joins host Heather Engel to discuss a report that manufacturing is number one in cyberattacks, as well as what can be done. • For more on cybersecurity, visit us at https://cybersecurityventures.com

I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone backwards a bit, with the addition of cloud SaaS, mobile devices, and shadow IT. Identity is one of the most common entry points for attacks, so we've got to do better as an industry here. We'll cover a variety of topics in this interview, including: Why Henrique chose to go to Saviynt from Gartner Vendor risk concentration in identity Resilience in identity, especially when depending on a SaaS IdP Identity attack evolution (and the creation of the ITDR category) What's working in identity to move things forward, and what is holding us back This segment is sponsored by Saviynt. Visit https://securityweekly.com/saviynt to learn more about them! In this week's enterprise security news, Seed rounds are getting huge Lots of funding for niche security vendors Rapid7 acquires Noetic Cyber but Rapid7 is also rumored to sell itself! Slack battles infostealers The loss of Chevron deference impacts cyber Should cybersecurity put up a no vacancy sign? Figma and Google both make some embarrassing mistakes The RockYou2024 file does NOT contain 10 billion passwords I introduce a new news category: AI indegestion All that and more, on this episode of Enterprise Security Weekly! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-367

I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone backwards a bit, with the addition of cloud SaaS, mobile devices, and shadow IT. Identity is one of the most common entry points for attacks, so we've got to do better as an industry here. We'll cover a variety of topics in this interview, including: Why Henrique chose to go to Saviynt from Gartner Vendor risk concentration in identity Resilience in identity, especially when depending on a SaaS IdP Identity attack evolution (and the creation of the ITDR category) What's working in identity to move things forward, and what is holding us back This segment is sponsored by Saviynt. Visit https://securityweekly.com/saviynt to learn more about them! In this week's enterprise security news, Seed rounds are getting huge Lots of funding for niche security vendors Rapid7 acquires Noetic Cyber but Rapid7 is also rumored to sell itself! Slack battles infostealers The loss of Chevron deference impacts cyber Should cybersecurity put up a no vacancy sign? Figma and Google both make some embarrassing mistakes The RockYou2024 file does NOT contain 10 billion passwords I introduce a new news category: AI indegestion All that and more, on this episode of Enterprise Security Weekly! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-367

In this week's enterprise security news, Seed rounds are getting huge Lots of funding for niche security vendors Rapid7 acquires Noetic Cyber but Rapid7 is also rumored to sell itself! Slack battles infostealers The loss of Chevron deference impacts cyber Should cybersecurity put up a no vacancy sign? Figma and Google both make some embarrassing mistakes The RockYou2024 file does NOT contain 10 billion passwords I introduce a new news category: AI indegestion All that and more, on this episode of Enterprise Security Weekly! Show Notes: https://securityweekly.com/esw-367

In this week's enterprise security news, Seed rounds are getting huge Lots of funding for niche security vendors Rapid7 acquires Noetic Cyber but Rapid7 is also rumored to sell itself! Slack battles infostealers The loss of Chevron deference impacts cyber Should cybersecurity put up a no vacancy sign? Figma and Google both make some embarrassing mistakes The RockYou2024 file does NOT contain 10 billion passwords I introduce a new news category: AI indegestion All that and more, on this episode of Enterprise Security Weekly! Show Notes: https://securityweekly.com/esw-367

In this week's episode of The Conference Room, host Simon Lader sits down with Alon Arvatz, former co-founder of Insights, a cybersecurity vendor acquired by Rapid7 for $350 million. Alon shares his journey from childhood inspiration through his father's tech career to becoming a successful entrepreneur and investor in Israeli cybersecurity startups. He discusses the factors driving Israel's dominance in the cybersecurity industry, the challenges of starting and scaling a tech company, and the story behind the acquisition of Insights.      02:30 - Alon's initial experiences with tech through his father's work.  03:50 - Transition from nonprofit to for-profit ventures in cybersecurity.  07:44 - Alon explains Israel's defense-driven tech advancements.  11:36 - Factors contributing to Israel's tech success and entrepreneurial culture.  13:20 - The need for diversification beyond cybersecurity in Israel's tech sector.  17:36 - Alon's journey with Insights, from clueless beginnings to rapid growth.  19:00 - Challenges and strategies in achieving product-market fit.  21:42 - Insights' go-to-market strategy and organizational alignment.  21:43 - The acquisition of Insights by Rapid7 and how it came about.  26:58 - Where to find Eleanor's book on Amazon.  27:19 - Three key tips for tech entrepreneurs.  27:48 - The importance of understanding technology for tech entrepreneurs.  29:16 - Taking small steps towards big goals in tech entrepreneurship.  30:03 - Introduction to Point Five and its mission to manage lab cost efficiency for engineers.      To learn more about Alon Arvatz please visit his Linkedin Profile   To learn more about PointFive please visit their website               YOUR HOST - SIMON LADER            Simon Lader is the host of The Conference Room, Co-Founder of global executive search firm Salisi Human Capital, and lead generation consultancy Flow and Scale. Since 1997, Simon has helped cybersecurity vendors to build highly effective teams, and since 2022 he has helped people create consistent revenue through consistent lead generation.                Get to know more about Simon at:            Website: https://simonlader.com/    Twitter: https://twitter.com/simonlader    LinkedIn: https://www.linkedin.com/in/headhuntersimonlader/            The Conference Room is available on    Spotify Apple podcasts Amazon Music IHeartRadio 

Juniper issues an emergency patch for its routers. A compromised helpdesk portal sends out phishing emails. Prudential updates the victim count in their February data breach. Rapid7 finds trojanized software installers in apps from a popular developer in India. Australian authorities arrest a man for running a fake mile-high WiFi network. Florida Man's Violent Bid for Bitcoin Ends Behind Bars. N2K's CSO Rick Howard for a preview of his latest CSO Perspectives podcast episode on The Current State of Identity and Access Management (IAM). A scholarship scammer gets a one-way ticket home. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CSO Perspectives preview N2K's CSO Rick Howard for a preview of his latest CSO Perspectives podcast episode on The Current State of Identity and Access Management (IAM): A Rick-the-Toolman episode. N2K CyberWire Pro members can find the full episode here. Rick's accompanying essay can be found here. If you are not yet an N2K CyberWire Pro member, you can get a preview of the episode here.  Selected Reading Juniper Networks Warns of Critical Authentication Bypass Vulnerability (SecurityWeek) Router maker's support portal hacked, replies with MetaMask phishing (Bleeping Computer) Prudential Financial Data Breach Impacts 2.5 Million (SecurityWeek) Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz (Rapid7 Blog) Police allege ‘evil twin' in-flight Wi-Fi used to steal info (The Register) Inside a violent gang's ruthless crypto-stealing home invasion spree (ARS Technica) Cyber insurance costs finally stabilising, says Howden (Tech Monitor) AI Transcript, Fake School Website: Student's US Scholarship Scam Exposed on Reddit (Hackread) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Plus, activist investor Jana Partners plans to push cybersecurity firm Rapid7 to sell itself. And HP appoints a new finance chief. Zoe Thomas hosts. Learn more about your ad choices. Visit megaphone.fm/adchoices

Rapid7 recently announced a new security research partnership with CSIT at Queen's University Belfast. The new partnership will be with CSIT's AI hub and will research into threats facing the cloud by utilising AI and machine learning techniques. The partnership will be another avenue for CSIT students into the cybersecurity industry and Rapid7. With NCSC recently reporting that any cybercriminal will be able to leverage AI and access cloud services, the partnership comes at a critical time. It will also continue the strong relationship seen between the cybersecurity industry and academia in Belfast. After the partnership announcement Ronan spoke to Dr Stuart Millar, Principal AI Engineer at Rapid7.  Dr Miller talks about his background, AI and music, the new partnership between Rapid7 and CSIT, the Cyber AI hub and more. More about the Cyber AI hub: The Cyber-AI Hub, hosted by CSIT, presents an exciting opportunity to develop exceptional research, skills and innovation across a range of cyber related themes and develop a talent pipeline of cyber security professionals with strong industry links. This new initiative, funded by the UK Government from the New Deal for Northern Ireland, will see a new Doctoral Training Programme, a hub for industry collaboration and skills development, bursaries for students to join Queen's MSc in Applied Cyber Security or Artificial Intelligence, as well as a report mapping the growth and development of the cyber industry in the region. 

Rapid7 recently announced a new security research partnership with CSIT at Queen's University Belfast. The new partnership will be with CSIT's AI hub and will research into threats facing the cloud by utilising AI and machine learning techniques. The partnership will be another avenue for CSIT students into the cybersecurity industry and Rapid7. With NCSC recently reporting that any cybercriminal will be able to leverage AI and access cloud services, the partnership comes at a critical time. It will also continue the strong relationship seen between the cybersecurity industry and academia in Belfast. After the partnership announcement Ronan spoke to Dr Stuart Millar, Principal AI Engineer at Rapid7. Dr Miller talks about his background, AI and music, the new partnership between Rapid7 and CSIT, the Cyber AI hub and more. More about the Cyber AI hub: The Cyber-AI Hub, hosted by CSIT, presents an exciting opportunity to develop exceptional research, skills and innovation across a range of cyber related themes and develop a talent pipeline of cyber security professionals with strong industry links. This new initiative, funded by the UK Government from the New Deal for Northern Ireland, will see a new Doctoral Training Programme, a hub for industry collaboration and skills development, bursaries for students to join Queen's MSc in Applied Cyber Security or Artificial Intelligence, as well as a report mapping the growth and development of the cyber industry in the region.

What free must attend the vendor agnostic Browser Automation Conference is happening this week? Have you explored the practicality of the open-source LLM evaluation framework that can significantly enhance your testing capabilities? Do you want to know how to Upskill your Testing Team with AI and Navigate the Future of Quality Assurance? Find out in this episode of the Test Guild New Shows for the week of Jun 16th.  So, grab your favorite cup of coffee or tea, and let's do this. Time News Title Link 0:24 The Browser Conference  https://testguild.me/browsercon 1:22 Running Test in Java https://testguild.me/prbxc0 2:09 ortoni-report https://testguild.me/q0mcld 2:54 Turbocharge Playwright https://testguild.me/kubeweb 3:15 BlinqIO 5 million https://testguild.me/s96rj4 3:49 AI Upskill Your Testing Team https://testguild.me/blinqweb 4:05 Generative AI Not Replacing You https://testguild.me/6g9d15 5:07 Panaya AI-Codeless I11 https://testguild.me/wla6pr 5:56 DeepEval https://testguild.me/11xbsh 7:01 Windows Recall rollout https://testguild.me/bmljit 8:05 Rapid7's AI Engine https://testguild.me/606pmh

In der heutigen Folge von “Alles auf Aktien” sprechen die Finanzjournalisten Anja Ettel und Holger Zschäpitz über einen enttäuschenden Ausblick bei Bath&Body Works, die bittere Indien-Überraschung und ein attraktives Nordlicht fürs Depot. Außerdem geht es um Hewlett Packard, Bavarian Nordic, Novo Nordisk, Sanofi, Wisdomtree Cybersecurity (A2QGAH), IBM, Booz Allen Hamilton, Bechtle, Gen Digital, Trend Micro, Check Point Software, Fastly, Cloudflare, Zscaler, Fortinet, Cisco Systems, Palo Alto Networks, Microsoft, IBM, Sentinel One, Rapid7, Zscaler, Okta, Datadog, Cyberark Software, iShares Digital Security ETF (WKN: A2JMGE), Rize Cybersecurity & Data Privacy (A2PX6V), L&G Cyber Security ETF (WKN: A14WU5), und First Trust Nasdaq Cybersecurity (WKN: A2P4HV). Eure Sprachnachrichten für die 1000. Folge schickt ihr bitte an die Nummer: 0170/3753558. Wir freuen uns an Feedback über aaa@welt.de. Ab sofort gibt es noch mehr "Alles auf Aktien" bei WELTplus und Apple Podcasts – inklusive aller Artikel der Hosts und AAA-Newsletter. Hier bei WELT: https://www.welt.de/podcasts/alles-auf-aktien/plus247399208/Boersen-Podcast-AAA-Bonus-Folgen-Jede-Woche-noch-mehr-Antworten-auf-Eure-Boersen-Fragen.html. Disclaimer: Die im Podcast besprochenen Aktien und Fonds stellen keine spezifischen Kauf- oder Anlage-Empfehlungen dar. Die Moderatoren und der Verlag haften nicht für etwaige Verluste, die aufgrund der Umsetzung der Gedanken oder Ideen entstehen. Hörtipps: Für alle, die noch mehr wissen wollen: Holger Zschäpitz können Sie jede Woche im Finanz- und Wirtschaftspodcast "Deffner&Zschäpitz" hören. Außerdem bei WELT: Im werktäglichen Podcast „Das bringt der Tag“ geben wir Ihnen im Gespräch mit WELT-Experten die wichtigsten Hintergrundinformationen zu einem politischen Top-Thema des Tages. +++ Werbung +++ Du möchtest mehr über unsere Werbepartner erfahren? Hier findest du alle Infos & Rabatte! https://linktr.ee/alles_auf_aktien Impressum: https://www.welt.de/services/article7893735/Impressum.html Datenschutz: https://www.welt.de/services/article157550705/Datenschutzerklaerung-WELT-DIGITAL.html

Spyware is discovered on U.S. hotel check in systems. A Microsoft outage affects multiple services. Bitdefender uncovers Unfading Sea Haze. University of Maryland researchers find flaws in Apple's Wi-Fi positioning system. Scotland's NRS reveals a sensitive data leak. Rapid7 tracks the rise in zero-day exploits and mass compromise events. The SEC hits the operator of the New York Stock Exchange with a ten million dollar fine. Operation Diplomatic Specter targets political entities in the Middle East, Africa, and Asia. The FCC considers AI disclosure rules for political ads. N2K T-Minus Space Daily podcast host Maria Varmazis speaks with guests Brianna Bace and Unal Tatar PhD sharing their work on Legal Perspectives on Cyberattacks Targeting Space Systems. Tone-blasting underwater data centers.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest N2K T-Minus Space Daily podcast host Maria Varmazis speaks with guests Brianna Bace and Unal Tatar PhD sharing their work on their paper: Law in Orbit: International Legal Perspectives on Cyberattacks Targeting Space Systems. You can learn more about their work in this post. Check out T-Minus Space Daily for your daily space intelligence.  Selected Reading Spyware found on US hotel check-in computers ( TechCrunch) Microsoft outage affects Bing, Copilot, DuckDuckGo and ChatGPT internet search (Bleeping Computer) Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea (Bitdefender)  Apple's Wi-Fi Positioning Can Be System Abused To Track Users (GB Hackers)  National Records of Scotland Data Breached in NHS Cyber-Attack (Infosecurity Magazine) Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report (SecurityWeek) NYSE Operator Intercontinental Exchange Gets $10M SEC Fine Over 2021 Hack (SecurityWeek) Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia (Palo Alto Networks Unit 42 Intel) FCC chair proposes requirement for political ads to disclose when AI content is used (The Record) Acoustic attacks could be a serious threat to the future of underwater data centers (TechSpot) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Caitlin Condon of Rapid7 joins Dennis Fisher to dive into the juicy tidbits from the Rapid7 Attack iNtelligence Report, including the rise in attacks on zero days, ransomware proliferation, and why network edge devices remain a major problem. Read the report here: https://www.rapid7.com/c/fr-2024-attack-intelligence-report-TY/1/

Join us for an enlightening episode of "How I Met Your Data" as hosts Sandy Estrada and Anjali Bansal explore the dynamic world of artificial intelligence with Laura Grace Ellis, Vice President of Data and AI at Rapid7. Laura shares her journey and expertise, discussing the challenges and strategies of AI implementation in organizations, with a focus on efficiency, scalability, and enablement. Discover how Laura's role has evolved to lead both data and AI operations at Rapid7, and learn about her involvement with Women Leaders in Data and AI. She offers valuable insights into prioritizing AI projects for real business value, navigating the 'buy vs. build' decision, and the creative aspects of engineering. You'll also hear about surprising wins, the importance of organizational alignment, and the rapid evolution of AI. This episode is packed with practical advice and thought-provoking discussions that will inspire anyone interested in the future of AI. 

עמית בן דב ייסד את Gong ב-2015 יחד עם היזם אילון רשף, CPO לפני הקמת גונג כיהן בן דב בשורה של תפקידי ניהול בכירים בחברות הייטק מובילות. בתפקידו האחרון לפני גונג שימש כמנכ"ל SiSense, ולפני כן תפקידי ניהול בכירים בחברת ClickSoftware ו-Panaya.  בהובלת בן דב ורשף פיתחה גונג פלטפורמת בינה עסקית עבור אנשי מכירות הממנפת טכנולוגיות בינה מלאכותית לשדרוג היכולות של צוותי מכירות. פלטפורמת הבינה העסקית עטורת הפטנטים של גונג לוכדת ומבינה כל אינטראקציה עם הלקוח ומספקת תובנות המעצימות את יכולת צוותי המכירות לקבל החלטות המבוססות על נתונים בעזרת בינה מלאכותית ולא על דעה סובייקטיבית. למעלה מ-4,000 חברות מובילות ברחבי העולם ובישראל, בהן: Monday, Zillow, LinkedIn, Github, Spotify,  Walkme, Rapid7, Checkpoint, Bottomline, הטמיעו את הפתרון וחווים שיפור בשיעור העסקאות שנסגרות, עסקאות בהיקף כספי גדול יותר והאצה של תהליך ההכשרה של עובדים חדשים. גונג גייסה עד היום 583 מיליון דולר ב-7 סבבים. גיוס E האחרון בהיקף של 250 מיליון דולר התבצע לפי שווי של 7.2 מיליארד דולר. מטה החברה נמצא בסן פרנסיסקו, ארה"ב, ומרכזי המחקר והפיתוח שלה ברמת גן, ישראל וכן באירלנד ובארה"ב. החברה מעסיקה  למעלה מ-1,000 עובדים ברחבי העולם ובהם 360 עובדים ברמת גן.   (*) ללינקדאין שלי: https://www.linkedin.com/in/guykatsovich/ (*) לאינסטגרם שלי: https://www.instagram.com/guykatsovich/ (*) עקבו אחרינו ב"עוד פודקאסט לסטארטאפים" וקבלו פרק מדי שבוע: ספוטיפיי:https://open.spotify.com/show/0dTqS27ynvNmMnA5x4ObKQ אפל פודקאסט:https://podcasts.apple.com/podcast/id1252035397 גוגל פודקאסט:https://bit.ly/3rTldwq עוד פודקאסט - האתר שלנו:https://omny.fm/shows/odpodcast ה-RSS פיד שלנו:https://www.omnycontent.com/.../f059ccb3-e0c5.../podcast.rssSee omnystudio.com/listener for privacy information.

Corey Thomas is the CEO and Chairman of Rapid7, a leading public cybersecurity software company valued around $3.5B. He is also an angel investor in several tech companies, a member of the Council on Foreign Relations, a director and deputy chair of the Federal Reserve Bank of Boston, and a member of the Blue Cross Blue Shield of Massachusetts board of directors, among other honors. Before Rapid7, Corey worked extensively at companies such as Microsoft, Deloitte, and AT&T. Corey joined host Robert Glazer on the Elevate Podcast to talk about his leadership approach, how he rose through the ranks at Fortune 500 companies, and much more. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of the Cyber Uncut podcast, Sabeen Malik, vice-president of global government affairs and public policy at Rapid7, joins Liam Garman to discuss the changing nature of global tech policy – applauding Australia's stringent cyber security legislation. The pair begin the podcast by discussing Malik's time developing tech policy within the Obama administration and how there is a hesitancy among policymakers to acknowledge the nefarious application of popular new technologies. Malik then applauds Australia as a world leader in cyber security and recommends that Australia could strengthen its frameworks yet further with privacy regulations that make cyber personally relevant to all individuals and organisations. They then discuss the necessity of public-private partnerships for cyber security, given the expertise of the private sector. The podcast wraps up with some tips for businesses to get ahead of the curb and prepare for future regulations in the sector, including developing bespoke processes based on unique risk profiles. Enjoy the podcast, The Cyber Uncut team

Register here for The AWS for Software Companies "Generative AI and Business Applications Executive Forum", Wednesday May 15, The Sofitel, New York City---------Ep035: Today's podcast features panel discussion from the "AWS for Software Companies Generative AI and Data Executive Forum" featuring leaders from Anyscale, Qlik and Rapid7 sharing insights on data models, policies and optimization for Generative AI applications.Panelists:Zhe Zang, Head of Open Source Engineering, AnyscaleBrendan Grady, EVP & GM, Analytics Business Unit, QlikLaura Ellis, VP - Data Engineering and Platform Analytics, Rapid7Sherry Marcus Ph.D., Director, Applied Science, AWSTopics Include:Introductions of the panelWhat big bets are you making with your companies and why?What have the learnings been with data preparation?Balancing present needs with the future of AI – growing data literacyCost optimization for AI and Data platformsConstraints of hardware and growing expenseWhat models and solutions have customers been asking for?High stakes risks for AI and DataHow customers are reacting to different compute modelsGuardrails, filters and risk-mitigation best practicesData and AI pain pointsNew global policies challenging data and AI developmentChallenges with data qualityHow has AI changed and evolved with digital natives?Open and closed models in the marketMetrics and selection for modelsBiggest lessons learned in the AI and data spaceSession conclusion

The Supreme Court is getting a heavy serving of first amendment social media cases. Gus Hurwitz covers two that made the news last week. In the first, Justice Barrett spoke for a unanimous court in spelling out the very factbound rules that determine when a public official may use a platform's tools to suppress critics posting on his or her social media page.  Gus and I agree that this might mean a lot of litigation, unless public officials wise up and simply follow the Court's broad hint: If you don't want your page to be treated as official, simply say up top that it isn't official. The second social media case making news was being argued as we recorded. Murthy v. Missouri appealed a broad injunction against the US government pressuring social media companies to take down posts the government disagrees with.  The Court was plainly struggling with a host of justiciability issues and a factual record that the government challenged vigorously. If the Court reaches the merits, it will likely address the question of when encouraging the suppression of particular speech slides into coerced censorship.  Gus and Jeffrey Atik review the week's biggest news – the House has passed a bill to force the divestment of TikTok, despite the outcry of millions of influencers.  Whether the Senate will be quick to follow suit is deeply uncertain. Melanie Teplinsky covers the news that data about Americans' driving habits is increasingly being sent to insurance companies to help them adjust their rates. Melanie also describes the FCC's new Cyber Trust Mark for IOT devices.  Like the Commission, our commentators think this is a good idea. Gus takes us back to more contest territory: What should be done about the use of technology to generate fake pictures, especially nude fake pictures. We also touch on a UK debate about a snippet of audio that many believe is a fake meant to embarrass a British Labour politician.    Gus tells us the latest news from the SVR's compromise of a Microsoft network. This leads us to a meditation on the unintended consequences of the SEC's new cyber incident reporting requirements. Jeffrey explains the bitter conflict over app store sales between  Apple and Epic games. Melanie outlines a possible solution to the lack of cybersecurity standards (not to mention a lack of cybersecurity) in water systems. It's interesting but it's too early to judge its chances of being adopted. Melanie also tells us why  JetBrains and Rapid7 have been fighting over “silent patching.” Finally, Gus and I dig into Meta's high-stakes fight with the FTC, and the rough reception it got from a DC district court.  

The Supreme Court is getting a heavy serving of first amendment social media cases. Gus Hurwitz covers two that made the news last week. In the first, Justice Barrett spoke for a unanimous court in spelling out the very factbound rules that determine when a public official may use a platform's tools to suppress critics posting on his or her social media page.  Gus and I agree that this might mean a lot of litigation, unless public officials wise up and simply follow the Court's broad hint: If you don't want your page to be treated as official, simply say up top that it isn't official. The second social media case making news was being argued as we recorded. Murthy v. Missouri appealed a broad injunction against the US government pressuring social media companies to take down posts the government disagrees with.  The Court was plainly struggling with a host of justiciability issues and a factual record that the government challenged vigorously. If the Court reaches the merits, it will likely address the question of when encouraging the suppression of particular speech slides into coerced censorship.  Gus and Jeffrey Atik review the week's biggest news – the House has passed a bill to force the divestment of TikTok, despite the outcry of millions of influencers.  Whether the Senate will be quick to follow suit is deeply uncertain. Melanie Teplinsky covers the news that data about Americans' driving habits is increasingly being sent to insurance companies to help them adjust their rates. Melanie also describes the FCC's new Cyber Trust Mark for IOT devices.  Like the Commission, our commentators think this is a good idea. Gus takes us back to more contest territory: What should be done about the use of technology to generate fake pictures, especially nude fake pictures. We also touch on a UK debate about a snippet of audio that many believe is a fake meant to embarrass a British Labour politician.    Gus tells us the latest news from the SVR's compromise of a Microsoft network. This leads us to a meditation on the unintended consequences of the SEC's new cyber incident reporting requirements. Jeffrey explains the bitter conflict over app store sales between  Apple and Epic games. Melanie outlines a possible solution to the lack of cybersecurity standards (not to mention a lack of cybersecurity) in water systems. It's interesting but it's too early to judge its chances of being adopted. Melanie also tells us why  JetBrains and Rapid7 have been fighting over “silent patching.” Finally, Gus and I dig into Meta's high-stakes fight with the FTC, and the rough reception it got from a DC district court.  

Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Alexandra Landegger, Executive Director and CISO Collins Aerospace Thanks to our show sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo. All links and the video of this episode can be found on CISO Series.com

In the latest episode of GreyNoise Labs Storm⚡️Watch, we delve into a meta-discussion that stems from an escalating feud between cybersecurity firm Rapid7 and software development company JetBrains over the disclosure of two critical vulnerabilities in JetBrains' TeamCity CI/CD platform.   The contention stems from differing approaches to vulnerability disclosure, leading to public disagreements and a series of attacks exploiting these vulnerabilities, identified as CVE-2024-27198 and CVE-2024-27199. On February 20, 2024, Rapid7 disclosed these vulnerabilities to JetBrains, highlighting the severity of CVE-2024-27198, which allows for a complete authentication bypass, potentially enabling attackers to perform administrative actions on the server and its host environment.   JetBrains criticized Rapid7 for what it perceived as an uncoordinated disclosure, arguing that Rapid7's immediate release of exploit examples enabled attackers of any skill level to quickly exploit the vulnerabilities. This dispute has led to a "land-rush like assault" from threat groups, with ransomware attacks exploiting these flaws for initial access. Despite the contention, JetBrains remains committed to its Coordinated Disclosure Policy, emphasizing the importance of collaboration and ethical responsibility in addressing vulnerabilities. Meanwhile, Rapid7 insists on following its disclosure policy, emphasizing the importance of public disclosure to prevent silent patching and ensure that patches are thoroughly vetted.   Joining us for a cyberside chat is GreyNoise's own Matthew Remacle, who shifts the focus from the feud to discuss silent patching, patch diffing, coordinated disclosure, and offers advice for budding cybersecurity professionals. For a comprehensive understanding of this issue, we reference discussions and analyses from various sources, including The Register, TechTarget, JetBrains' official blog, and Rapid7's blog, which provide insights into the vulnerabilities, the dispute, and the broader implications for cybersecurity practices and policies. Citations: https://www.techtarget.com/searchsecurity/news/366572432/Critical-JetBrains-TeamCity-vulnerabilities-under-attack https://blog.jetbrains.com/teamcity/2024/03/preventing-exploits-jetbrains-ethical-approach-to-vulnerability-disclosure/ https://blog.jetbrains.com/teamcity/2024/03/additional-critical-security-issues-affecting-teamcity-on-premises-cve-2024-27198-and-cve-2024-27199-update-to-2023-11-4-now/ https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/ https://news.ycombinator.com/item?id=39603074 https://www.splunk.com/en_us/blog/security/security-insights-jetbrains-teamcity-cve-2024-27198-and-cve-2024-27199.html https://therecord.media/jet-brains-advisory-teamcity-vulnerabilities https://forums.theregister.com/forum/all/2024/03/12/jetbrains_is_still_mad_at/ https://www.tenable.com/blog/cve-2024-27198-cve-2024-27199-two-authentication-bypass-vulnerabilities-in-jetbrains-teamcity https://www.theregister.com/2024/03/05/rapid7_jetbrains_vuln_disclosure_dispute/ https://thecyberexpress.com/jetbrains-vs-rapid7-vulnerability-disclosure/amp/ https://arcticwolf.com/resources/blog/2024-27198-and-cve-2024-27199/ https://securityaffairs.com/159995/security/jetbrains-teamcity-flaws.html https://securityboulevard.com/2024/03/jetbrains-says-rapid7s-fast-release-of-flaw-details-harmed-users/ https://socprime.com/blog/cve-2024-27198-and-cve-2024-27199-detection-critical-vulnerabilities-in-jetbrains-teamcity-pose-escalating-risks-with-exploits-underway/ https://www.cybersecuritydive.com/news/jetbrains-teamcity-vulnerabilities/709329/ https://www.cybersecuritydive.com/news/jetbrains-teamcity-exploited-disclosure/710017/ https://www.bankinfosecurity.com/jetbrains-teamcity-bugs-could-lead-to-server-takeover-a-24520 https://vulnera.com/newswire/critical-vulnerabilities-in-teamcity-pose-threat-to-software-supply-chain/

In today's cybersecurity landscape, where does the true threat of ransomware lie? I explore this critical question with Raj Samani, SVP and Chief Scientist at Rapid7, in a revealing episode of Tech Talks Daily. With ransomware attacks making headlines and disrupting operations for both public and private organizations, the conversation shifts from the frequency of these incidents to the evolving capabilities of ransomware actors. Raj, who has extensive experience assisting law enforcement agencies and serves as a special advisor to the European Cybercrime Centre (EC3), brings a wealth of knowledge on dark web trends and the tactics employed by these malicious actors. The discussion opens with Raj's perspective on how the cybersecurity community has been addressing ransomware threats, suggesting a need to refocus our attention on the capabilities and strategies of ransomware groups rather than the sheer number of attacks. He highlights recent campaigns, such as MOVEit and SysAid, to illustrate how ransomware actors are moving beyond traditional methods like exploiting the Remote Desktop Protocol (RDP) to leveraging zero-day vulnerabilities. Raj explains how the dark web facilitates a marketplace for skills, allowing individuals with minimal expertise to launch sophisticated ransomware attacks. This shift emphasizes the importance of understanding and mitigating the threat landscape's dynamic nature. Listeners will gain insight into the implications of these trends for cybersecurity strategies and the measures organizations can take to protect against these evolving threats. Raj also shares his journey in cybersecurity, acknowledging the support and mentorship that have been pivotal in his career. As the episode concludes, Neil and Raj discuss where listeners can connect with them online to continue the conversation and learn more about combating ransomware effectively. This episode is not just an exploration of the technicalities of ransomware but a call to action for the cybersecurity community to rethink our approach to one of the most pressing challenges of our time.    

Host Amy and Host James catch up and catch a tan.    1.) MSP Question of The Week   What is the best business structure for new MSPs?   See: https://www.toptal.com/finance/interim-cfos/c-corp-vs-s-corp#:~:text=Compared%20to%20traditional%20S%20or,it's%20taxed%20as%20a%20corporation   ---   2.) More Tech Layoffs?   EY Announces Layoffs in Response to Economic Struggles   See: https://www.channele2e.com/news/ey-announces-layoffs-in-response-to-economic-struggles   "Less than a week after Broadcom finalized its $61 billion acquisition of VMware, layoffs began. This is a familiar pattern for the company, which followed a similar playbook with its acquisition of CA Technologies in 2018. Overall, it's estimated Broadcom will cut about 2,000 employees post-acquisition.   Google, Amazon, Snap, Splunk, LinkedIn, Cisco, MariaDB and SecureWorks all recently announced layoffs. Other mass layoffs recently included Intel, Wish and LinkedIn in the San Francisco Bay area. At the beginning of September, Rapid7 announced a restructuring plan following disappointing second-quarter results, resulting in the layoffs of about 18% of the company's workforce. Similarly, AppSec firm Snyk laid off 128 people in April. Cloud security vendor Zscaler announced layoffs after what it called a rough fiscal second quarter. Software tools giant Atlassian laid off 5% of its workforce as it “shifted priorities.”    ----   Our upcoming events: AUSTIN TX – MASTERMIND LIVE (March 28-29th) http://bit.ly/kernanmastermind https://kernanconsulting-mastermind.mykajabi.com/mastermind-event Use “EARLYBIRD” as the coupon code to save $200! Irvine CA – SMB Techfest (Feb 8th-9th) Make sure you catch Amy at SMB Techfest! https://www.smbtechfest.com/events.asp   Our Social Links: https://www.linkedin.com/in/james-kernan-varcoach/ https://www.facebook.com/james.kernan https://www.facebook.com/karlpalachuk/ https://www.linkedin.com/in/karlpalachuk/ https://www.linkedin.com/in/amybabinchak/ https://www.facebook.com/amy.babinchak/  

We feature a panel discussion from the AWS for Software Companies Executive Forum at re:Invent, featuring software leaders from Appen, Coinbase, Rapid7 and AWS sharing strategies and best practices to optimize their businesses to free up budgets and enable further software innovations. Panelists:Bobby Smith, Vice President of IT and Engineering, AppenSumanth Sukumar, Vice President Engineering, CoinbaseElaine Hardwick, Director of Engineering, Rapid7Sree Ratnasinghe, Director, NAMER Tech, Amazon Web ServicesTopics Include:Potential future market and impact of driving optimizationHow optimization drove innovationUsing optimization to free up budget & time for growth programsOptimization becomes part of the organizational cultureLessons learned through optimizationRunning internal competitions to drive innovation and modernizationAWS' “Experience Based Accelerator” 3 day hackathon-style optimization programLeveraging AWS to help optimize to invest in generative AIInvestment returns in Bedrock and Code WhispererEnsuring team alignment for optimization focusMaking roadmap trade-offs – features v optimizationFinal thoughts, panel wrap up

Recent Highspot research of more than 500 global organizations revealed that by having a systematic approach to behavior change, you are 34% more likely to have enablement activities that are aligned with key business priorities. So how can you create a systematic approach to drive results through enablement? Shawnna Sumaoang: Hi and welcome to the Win Win Podcast. I'm your host, Shawnna Sumaoang. Join us as we dive into changing trends in the workplace and how to navigate them successfully. Here to discuss this topic is Alexa Barden, growth enablement at Rapid7. Thanks for joining, Alexa! I'd love for you to tell us about yourself, your background, and your role. Alexa Barden: Thank you so much, I am happy to be here. My name is Alexa Barden. I’ve served in a few different roles and fields post-college. I started out my career more in the special education realm. I’ve always had that knack for learning and enablement. Then I moved into various kinds of support, and account management roles, followed by training and development, and then finally where I am now, sales enablement. From my educational background and my current enablement role, as I said, I’ve always had that deep passion and interest in the learner’s journey and their experience from start to finish. Being able to implement programs and see that full circle and full spectrum of the learners really being able to grasp that material and the content and the concepts behind it is all really super rewarding to me. Specifically, my role at Rapid7 has also seen a few different faces, similar to my career. I began having a hand more so in our onboarding. through new hire facilitation, really helping to build out a global sales institute program, and then it moved into more of an ongoing project and program management type of role, where I’ll work with different stakeholders across the business to help better understand their needs across their segments and help to bring those to life. Then the third part of my role which is kind of where Highspot really comes into play is focused around our enablement tooling and also a lot of the data in analytics that kind of live in those. I hope to extract that data from various sources and distill that down into a more digestible format for our leadership for my boss, for our team as a whole, to help kind of paint that full picture into, whatever that initiative is and how it’s doing and making sure it’s successful. SS: I love that. You talked about the key components of your enablement strategy at Rapid7 and you talked a little bit about how Highspot helps you bring some of that to life, but are there other ways that Highspot helps you bring that strategy to life? AB: Yeah, definitely. I would say beyond just being a content repository, and I think we’ll probably get into this as well, we are new customers of the Training and Coaching portion. Using now for a learning management system as well as content management, our reps are fully equipped and enabled and able to see everything in that single pane of glass view. They’re able to now have training mixed in with the everyday content that they’re looking at. They can dive in and learn more about whatever that given topic might be pertaining to our products or our solutions. It’s really cool that our sellers are able to have that full integrative experience. SS: Let’s talk about your own journey in enablement at Rapid7, because you touched on it again in your introduction, but you became the solution owner of Highspot about a year ago. Can you share a little bit about your journey over the past year? AB: Yeah, definitely. I would say it wasn’t necessarily planned, but Highspot sort of fell in my lap and I am very happy about it. It was previously under another team member who was handling different aspects of onboarding and our commercial segment. Really having a dedicated and focused owner has been great since we specialize in specifically the needs within Highspot, enhancing the experience for our sellers, and really cleaning up that system. No one had historically had the time to focus on it, so that became my focus. It’s really led me to form a passion and almost craft now for all things Highspot. I work with everything from the UX design, the spot and tagging structure, and doing deep dives into that analytics piece, so getting really detailed information on how our sellers are doing, what they’re looking at, what they’re clicking on, what they’re sending to prospects and customers, it’s been a huge help to our team to have a dedicated person really taking the time to focus on that. SS: As a solution owner, you’ve made a lot of significant changes, including, as you mentioned a moment ago, implementing Training and Coaching and really reorganizing your Highspot instance. Can you tell us more about this evolution of your enablement journey with Highspot? AB: It all started out with a lot of issues being surfaced when I moved over to really owning the system. One of the biggest ones I was seeing amongst our sellers was content findability, and to be candid, our system was a little messy. There were a lot of outdated materials in there. There was just a surplus of spots. There were a whole bunch of tags that weren’t necessarily being used. There weren’t really any governance policies in place. It did make it difficult for sellers to find what they needed both quickly and efficiently. On top of this, there wasn’t necessarily a consistent look and feel across our spots, across our landing pages. It made it a little messy looking and overwhelming almost as if a little on our homepage and like I said, there wasn’t a lot of consistency there. All the banners looked a little bit different, headers and things like that. I would say the cohesion was also a little bit lacking. That was kind of what started me on my journey. How do we address some of these things to make the system, first of all, make us use it to its full potential and also make it a more pivotal and critical part of our seller’s day-to-day duties? The first steps that I determined were needed was starting with essentially from a blank slate and doing a complete revamp of the system, meaning starting out with finding all of that outdated, low-value content that a lot of people weren’t looking at, and working to clear that out, get that clutter out of the way. That was the first step there, and then from there, it was a phased approach in terms of once everything was cleaned up making sure that we condensed it down, so it reduced the amount of spots, tags, and so on and so forth. SS: Just to drill in a little bit on how you revamped your instance, I know that you guys went from having, as you mentioned, a substantial number of spots to a select few, which helped to improve findability. In fact, I think you guys now have 87% content findability, which is fantastic. How did this transformation help you improve the efficiency of your team? AB: That reduction was a huge help because now it really comes down to three core areas that our sellers can go to find content, which are content related to any of our solution offerings, content related to our people and our processes, so the teams that our sales organization might interface with, and then also our latest kind of news, updates, recordings from our all hands sessions. If you’re looking for anything now, it’s only going to be in one of those three sections. That really helped to eliminate that trial and error, that guessing. It’s making our reps less reliant on that aimless searching, just popping in any kind of word and seeing what comes up. Now that we’ve implemented those simple three spots, we’ve reduced our tags significantly. We’re seeing that our reps are actually using those tags more if they’re looking for a specific product, they can just go click into that product tag and either go to a certain curated landing page or overview page for that tag, or they can just see that generic content view of everything pertaining to that specific tag. We’re seeing a lot less aimless or doom-searching, whatever you kind of want to call it, which is exactly what we were looking for. That’s one of the biggest improvements we’ve seen. SS: That’s fantastic. We’ve talked about this a few times. I know that you recently implemented Highspot’s Training and Coaching capabilities. How are you planning on incorporating Highspot Training and Coaching into your onboarding and ongoing training programs? AB: This is something we’re super excited about. We’re moving past that transitional phase of moving all of our content over and building out all of those learning pathways in the Training and Coaching instance. One of the drivers and things we’re most excited about is what I mentioned a little bit earlier, that full integrative experience and being able to surface key training right next to whatever collateral or sales deck or one pager it might be. They can easily go from learning about X in this one-pager to letting me go ahead and take this learning path about this as well to further my knowledge on the topic. We’re also excited about the level of visibility we’ll be able to get now using Training and Coaching. With things like, scorecards coming up on the horizon, completion rates, progress, and things like that, we’re really looking forward to getting that full picture in one of everything together where you can see things like completion rates click volume, things like that on any particular page or piece of content to digital selling metrics, all in one single space. We can really help to focus our managers and train them so they can use this information with their sellers to help them with coaching, and also so our team can make more informed decisions about what training is good and what we should issue more of, and maybe what training isn’t so great and we could cut back on. It’s really kind of a double-edged sword there where we can help out from a manager coaching standpoint and also as an enablement team to better inform our strategy moving forward. That’s what we’re most excited about in terms of Training and Coaching and then specifically with our onboarding as well. One of the things that we’ve been working on specifically is to create learning paths for each of our roles now because the scope of enablement includes not only sellers but customer success, our support organization, and our sales engineers. Helping to build out those more individualized or personalized pathways for all of those people in one unified, easily accessible location. That’s also what we’re really excited about to have that learning page and you can just jump quickly into your role-specific learning path, and I think that’s something we’re really excited to start building out in terms of our onboarding. SS: Sounds amazing. You all already have an 89% recurring usage rate of the platform, which is incredible, and it shows that you guys are already seeing great results from all of the work that you’re doing to optimize your use of Highspot. Can you share some best practices for how you’ve driven adoption? AB: I would say kind of the biggest driver for us at Rapid7 has been having very clear and concise communication with our go-to customer team kind of throughout the process from start to finish. Working to keep sellers in the loop about changes and also taking that time to educate and train on these changes and best practices really goes a long way, I found, as opposed to kind of just putting out an announcement in a newsletter or an email maybe having some breakout sessions or segment based sections to train up our users and make sure they’re also using the system most efficiently. Another aspect I found that’s huge is having that executive buy-in from our leadership and having that trickle down and having them also really explain the why behind the importance of a tool such as Highspot. In our case, we’ve been getting our teams super excited about all of the AI capabilities coming out with Highspot, and we’ve been coining it as ‘technology as our teammate’. What that means to us is getting the tools to work for you, which is exactly what Highspot does. This allows us to free up time, free up resources, and as more capabilities come out with Highspot Copilot, we know there’s a huge opportunity to get managers more intertwined in their team’s day-to-day. Also potentially strengthen the relationships between not only manager to seller, but also enablement to the sellers as well. In a long-winded answer that’s kind of how we work to drive adoption in those three areas is having that clear, concise communication having that executive buy-in, and then also phrasing it as something that’s new and exciting. Let’s talk about all of the new AI capabilities. Let’s talk about digital selling. Let’s talk about auto-generating descriptions and Highspot being able to answer your questions. I think helping to build that excitement is super important also. SS: Technology as a teammate, that is perfect. What business results have you seen since implementing Highspot? AB: We’ve touched on a couple of those, but as you mentioned, we’ve seen tremendous improvements in findability rates, as you noted, but just overall better user experience. Thinking about how our reps are actually going into the system, finding things and because our spots and our tags were narrowed down so significantly, this just left little room for guessing in terms of where something might live in the system. Our click paths are super simple. As I said, if you’re looking for something pertaining to one of those three topics, our solution offerings, our people in our process, or our latest news, there are only three areas you can go to. It leaves little room for interpretation, for guessing and I found that limiting down in our instance and for our company and creating simplicity has been what’s driven those results the most. Keeping it simple, keeping it concise, making sure that we have a consistent governance policy in place, so there’s always stakeholders that we’re working with that are going in and reviewing things on a certain cadence to make sure that they’re still being used, that they’re still valuable, and if they’re outdated, making sure that they’re kind of just getting rid of them so they’re not cluttering up the system. SS: Tell me, Alexa, what is next for you and your team as you continue to evolve your enablement journey with Highspot? AB: Next for us is working pretty closely with our product marketers and what we’re really working to do is help to create almost a book or a specific area where we can have a ton of digital selling templates. Regarding both our products and parts of our sales process. There are easily accessible quick templates that our sellers can just grab at the ready and pop in whatever they need to customize to make the customer or prospect feel seen, feel heard, and make it a real curated experience for them while also still having those templates in the back end. It’s just a quick grab-and-go. If we’re in the discovery phase, let me go ahead and grab that discovery template. That’s kind of where we’re headed. We’ll be doing a full launch of all of this together, so Training and Coaching best practices use cases. We already have some smaller cohorts in there right now, and we’re seeing great success with that, but when we roll out to the broader organization coming up at our sales kickoff, we’re really excited to do that in tandem with our new digital selling templates and also best practices with those. It can be kind of a big bundle all at once where we can create the hype for it and get people ready for this new age of digital selling. SS: I love that, Alexa. Just because you brought up your SKO, how are you guys leveraging Highspot to support your sales kickoff? AB: We always have a dedicated and curated landing page experience. Our kickoff so not only for scheduling, to have that outlined for folks because we are a global organization knowing when everything is going to be happening is super important, but also as a resource for everything kickoff. It is where all of our recordings can live. We can create different pathways for each type of topic that’s discussed or for each day, rather, and we’ve organized it in different ways in the past, but we always like to have that be our hub for all things kickoff and Highspot. That’s just where our sellers know to go, where our stakeholders know to go. and it really creates that ease of use just for our users to feel confident in knowing what’s going to be discussed, getting that recording if they weren’t able to attend and also kind of additional resources as well, and kind of what’s up next, what’s to come. Having that all outlined in a curated hub has been super helpful for us and we’re looking to continue that moving forward as well. SS: I know SKO is top of mind for a lot of folks right now. AB: It’s that time of year for sure. SS: Last question for you, Alexa, what advice do you have for others who are looking to enhance their enablement maturity journey with Highspot? AB: I would say the biggest thing is to keep asking questions. I’m sure my account team, I’ve driven them nuts a handful of times, but that’s okay. Just keep asking. The more you know, the more you’re going to be able to improve the experience. Whether that be about reporting, best practices, using the system, about the visual user experience whatever you and your team are hoping to learn more about, don’t be afraid to ask. The more you learn about the system and the more equipped you are, the better you’ll be at training your own teams on it as well. I can’t necessarily speak for all of the Highspot staff, as I mentioned, but my specific account team has been absolutely incredible throughout our Training and Coaching implementation. We’ve been meeting twice weekly, sometimes three times weekly, whatever it takes to kind of get the questions answered. They’re always there for us, and they’re awesome. If they don’t know the answer, they’re finding it for us within a very short time window, which is great. That’s really what it is. It always just keeps asking questions because there’s never going to be too much knowledge you can have. It’s always going to help better prepare you. So always be learning. SS: Thank you so much for joining us. I really appreciate it. AB: Thank you so much for taking the time to speak with me. I love talking about Highspot. I could do it all day, so anytime you let me know. SS: Thank you for listening to this episode of the Win Win podcast. Be sure to tune in next time for more insights on how you can maximize enablement success with Highspot.

Seek the stress. Scale with soul. Embrace your uniqueness. These are just a few of the pearls of wisdom flying fast and furious when Christina Luconi, Chief People Officer at Rapid7, visits with Host Chris Schembra on this episode of Gratitude Through Hard Times. Her self-awareness, strength and positive vision have not only been central to building out staff for some amazing startup companies (from inception through IPO). These are also the traits that have defined her full and fascinating life – whether taking her teen-aged daughters on a transformational trip to Tanzania or snatching life-giving lessons from a life-changing cancer diagnosis. This is a woman who brings her whole, authentic self to every interaction and in the process offers connection and empathy to others. You'll learn about how Christina expresses gratitude and the powerful benefits it confers, rippling out in how she frames “negative autobiographical experiences.” Where did she find the courage to reinvent herself at the age of 14 without erasing who she was before? When did she realize that she held within her the ability to embrace things in tension and turn them into opportunity? Christina shares her journey and explains how she has been able to bridge her reality as the lone woman in many C-suites by staying true to her core values: “If you work hard enough, there aren't a lot of boundaries you can't overcome. IF you're committed and drive towards that!” Tune in to find out why this Bostonian dynamo hopped in her car to pay Chris a visit. It's a very special episode chalk full of “news you can use” and that you won't want to miss!Interested in hearing more from Christina? She offers a treasure trove of interesting perspectives in more than 200 LinkedIn posts you can find at this link.Check out this brand new website to learn about the keynote topics and workplace leadership trends that are top of mind for Chris these days! And if you're interested in having a 7:47 Virtual Gratitude Experience or subscribing to our newsletter, please visit this link.Click hereto hear more fascinating conversations with Fortune 500 CEOs, professional athletes and entertainerswho have shared their human stories on Gratitude Through Hard Times. KEY TOPICS:If you could give credit or thanks to one person in your life that you don't give enough credit or thanks to – that you've never thought to thank – who would that be and why? Although she's always been very intentional about sharing her appreciation, she still feels she couldn't possibly have thanked her parents – whom she so admires – enough.Using the Right Words: About the power of expressing gratitude in language that resonates with the recipient.Breaking Rules: How Christina reinvented herself at the age of 14, figuring out how to expand her world and thinking in ways that have served her well ever since. Three Options for Managing Through a “Negative Autobiographical Experience”:Ignore it, pretend it didn't happen and just move on.Talk it out with a therapist or by journaling and then move on.Specifically assign positive benefits that have occurred as a result and give thanks to it for becoming a beneficial part of your life story, a practice known as "grateful processing."Why Not Me? What Christina has come to understand about our ability to challenge our self-imposed limitations through humility, determination and drive.Breaking the Ceiling: How Christina figured out ways to leverage being the only woman in the room to break boundaries and elicit vulnerability in C-suites full of male entrepreneurs. A superpower!Buck the Statistics: Why it's important not to get trapped by what is and surrender to a victim mentality rather than pushing the envelope and making change!Leading With Empathy: About the importance of understanding other people's experiences and perspectives when navigating corporate culture and decision-making.Be the Change: When living with unresolved conflict impacts others with forms of entitlement and hearts at war.How Trauma Lands: Why every person's threshold is different.Scaling With Soul: How to stay authentic under even the most stressful circumstances, like taking Rapid7 from being a startup with 75 employees to a publicly traded company with more than 2,000 global personnel.Christina's World View: About the role of challenge and seeking while also keeping balance through life experiences that promote openness and awareness.Observing Versus Engaging; Empathy Versus Sympathy: It's all in the perspective!Hope & Healing: How an attitude of gratitude – not found in comparison – yields very real mental, emotional and physical rewards. 365 Days: About Christina's decision to write – and post publicly – her thoughts and experiences by pretending no one was reading them! It was about seeking connection with others and by putting herself out there, she did exactly that.When In Rome: How pasta and all its associations creates magic for Chris and Christina!Three Things From the Conversation:The power of Mudita, the dharmic concept of joy that comes from delighting in other people's well-being (as Christina experienced in her chemo encounter).Christina lives life in a dialectic posture, embracing black and white as well as the gray. She is able to hold things in tension.While she's open to therapy, what Christina finds most helpful and healing is candid conversations like this one with Chris!Timing Is Everything: How, when and why Chris and Christina connected.Honor the Moose: About the concept of aligning individual and team collaboration as part of the core corporate ethic at Rapid7.The 3C Model of Collaborative Leadership: Connect, Collaborate and Champion.In Parting: What it was that inspired Christina to get in her car and drive 3.5 hours from Boston to NYC in order to connect and share meaningful conversation with Chris!Closing the Gratitude Loop: Christina's message for her parents and daughters. QUOTABLE“Life is about connections … For me what has made the work that I've done or my life interesting is the connections I've made with people. It makes my world expand.” (Christina) “There's something beautiful about (not) turning your back on the past but looking for the positive benefits in it and keeping it as part of your life story.” (Chris) “Everything I have lived through is an opportunity. There are things that I've screwed up or am not proud of, but I don't dwell on them. I look at what I can take away from that moment and do better.” (Christina) “If you work hard enough, there aren't a lot of boundaries you can't overcome. IF you're committed and drive towards that!” (Christina) “Life is not about avoiding bad things happening to you. Life is about avoiding a negative mental attitude when those things occur.” (Chris) “Scaling with soul is about how you keep the essence of your value set and what you're trying to be … You can still be a really great place!” (Christina) “You can observe or you can engage. And those are two really different things.” (Christina) “There's good in everybody. You just have to be open to finding it and open-hearted to know that just because someone is different from you doesn't make them better or worse. We're all just humans.” (Christina) “Hard times don't have to create loneliness. Hard times can create meaningful moments of connection.” (Chris) “All the best things in my life have happened when I've said ‘yes,' versus ‘no.' ” (Christina) LINKS/FURTHER RESOURCES:Click here to learn more about “Taking Care of Business? Grateful Processing of Unpleasant Memories,” the study conducted by researchers at Eastern Washington University."The Anatomy of Peace: Resolving the Heart of Conflict," by The Arbinger Institute.More about the many benefits of an attitude of gratitude available at this link."No One Wins Alone," by Mark “the Moose” Messier. ABOUT OUR GUEST:Christina Luconi leads Rapid7's strategic people initiatives as its Chief People Officer. She is responsible for the entire employee lifecycle, with critical focus on recruiting stellar talent, building and inspiring corporate culture, acquisition integration, and “scaling with soul.” Prior to joining Rapid7, Christina was the owner of People Innovations, an independent consulting firm focused on the creation of innovative people strategies for startups and high-growth companies, primarily in the high technology industry. Christina also served as Chief People Officer at @stake, a professional services security firm that she helped build from the launch through its acquisition by Symantec. She also played the role of Vice President of People Strategy at Sapient Corporation. Joining the company prior to its public offering, she was responsible for building the people-focused side of the company from the ground up, aligning business strategy with people needs. Christina also played a critical role as a member of the senior management team, focusing on the strategic and operational direction of the company as well as executing acquisitions, from due diligence through integration. FOLLOW OUR GUEST:WEBSITE | LINKEDIN ABOUT OUR HOST:Chris Schembra is a philosopher, question asker and facilitator. He's a columnist at Rolling Stone magazine, USA Today calls him their "Gratitude Guru" and he's spent the last six years traveling around the world helping people connect in meaningful ways. As the offshoot of his #1 Wall Street Journal bestselling book, "Gratitude Through Hard Times: Finding Positive Benefits Through Our Darkest Hours,"he uses this podcast to blend ancient stoic philosophy and modern-day science to teach how the principles of gratitude can be used to help people get through their hard times. FOLLOW CHRIS:WEBSITE | INSTAGRAM | LINKEDIN| BOOKS

Jeremy Snyder, Founder of FireTail, joins Corey on Screaming in the Cloud to discuss his career journey and what led him to start FireTail. Jeremy reveals what's changed in cloud since he was an AE and AWS, and walks through how the need for customization in cloud security has led to a boom in the number of security companies out there. Corey and Jeremy also discuss the costs of cloud security, and Jeremy points out some of his observations in the world of cloud security pricing and packaging. About JeremyJeremy is the founder and CEO of FireTail.io, an end-to-end API security startup. Prior to FireTail, Jeremy worked in M&A at Rapid7, a global cyber leader, where he worked on the acquisitions of 3 companies during the pandemic. Jeremy previously led sales at DivvyCloud, one of the earliest cloud security posture management companies, and also led AWS sales in southeast Asia. Jeremy started his career with 13 years in cyber and IT operations. Jeremy has an MBA from Mason, a BA in computational linguistics from UNC, and has completed additional studies in Finland at Aalto University. Jeremy speaks 5 languages and has lived in 5 countries. Once, Jeremy went 5 days without seeing another human, but saw plenty of reindeer.Links Referenced: Firetail: https://firetail.io Email: jeremy@firetail.io TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. My guest today is Jeremy Snyder, who's the founder at Firetail. Jeremy, thank you for joining me today. I appreciate you taking the time from your day to suffer my slings and arrows.Jeremy: My pleasure, Corey. I'm really happy to be here.Corey: So, we'll get to a point where we talk about what you're up to these days, but first, I want to dive into the jobs of yesteryear because over a decade ago, you did a stint at AWS doing sales. And not to besmirch your hard work, but it feels like at the time, that must have been a very easy job. Because back then it really felt across the board like the sales motion was basically responding to, “Well, why should we do business with you?” And the response is, “Oh, you misunderstand. You have 87 different accounts scattered throughout your organization. I'm just here to give you visibility, governance, and possibly some discounting over that.” It feels like times have changed in a lot of ways since then. Is that accurate?Jeremy: Well, yeah, but I will correct a couple of things in there. In my days—Corey: Oh, please.Jeremy: —almost nobody had more than one account. I was in the one account, no VPCs, you know, you only separate your workloads by tagging days of AWS. So, our job was a lot, actually, harder at the time because people couldn't wrap their heads around the lack of subnetting, the lack of workload segregation. All of that was really, like, brand new to people, and so you were trying to tell them like, “Hey, you're going to be launching something on an EC2 instance that's in the same subnet as everybody else's EC2 instance.” And people were really worried about lateral traffic and sniffing and what could their neighbors or other customers on AWS see. And by the way, I mean, this was the customers who even believed it was real. You know, a lot of the conversations we went into with people was, “Oh, so Amazon bought too many servers and you're trying to sell us excess capacity.”Corey: That legend refuses to die.Jeremy: And, you know, it is a legend. That is not at all the genesis of AWS. And you know, the genesis is pretty well publicized at this point; you can go just google, “how did AWS started?” You can find accurate stuff around that.Corey: I did it a few years ago with multiple Amazon execs and published it, and they said definitively that that story was not true. And you can say a lot about AWS folks, and I assure you, I do, but I also do not catch them lying to my face, ever. And as soon as that changes, well, now we're going to have a different series of [laugh] conversations that are a lot more pointed. But they've earned some trust there.Jeremy: Yeah, I would agree. And I mean, look, I saw it internally, the way that Amazon built stuff was at such a breakneck pace, that challenge that they had that was, you know, the published version of events for why AWS got created, developers needed a place to test code. And that was something that they could not get until they got EC2, or could not get in a reasonably enough timeframe for it to be, you know, real-time valid or relevant for what was going on with the company. So, you know, that really is the genesis of things, and you know, the early services, SQS, S3, EC2, they all really came out of that journey. But yeah, in our days at AWS, there was a lot of ease, in the sense that lots of customers had pent-up frustrations with their data center providers or their colo providers and lots of customers would experience bursts and they would have capacity constraints and they would need a lot of the features that AWS offered, but we had to overcome a lot of technical misunderstandings and trust issues and, you know, oh, hey, Amazon just wants to sniff our data and they want to see what we're up to, and explain to them how encryption works and why they have their own keys and all these things. You know, we had to go through a lot of that. So, it wasn't super easy, but there was some element of it where, you know, just demand actually did make some aspects easy.Corey: What have you seen change since, well I guess ten years ago and change now? And let's be clear, you don't work in AWS sales, but you also are not oblivious to what the market is doing.Jeremy: For sure. For sure. I left AWS in 2011 and I've stayed in the cloud ecosystem pretty much ever since. I did spend some time working for a system integrator where all we did was migrate customers to AWS. And then I spent about five, six years working on cloud security primarily focused on AWS, a lot of GCP, a little bit of Azure.So yeah, I mean, I certainly stay up to date with what's going on in the state of cloud. I mean, look, Cloud has evolved from this kind of, you know, developer-centric, very easy-to-launch type of platform into a fully-fledged enterprise IT platform and all of the management structures and all of the kind of bells and whistles that you would want that you probably wanted from your old VMware networks but never really got, they're all there now. It is a very different ballgame in terms of what the platform actually enables you to do, but fundamentally, a lot of the core building block constructs and the primitives are still kind of driving the heart of it. It's just a lot of nicer packaging.What I think is really interesting is actually how customers' usage of cloud platforms has changed over time. And I always think of it and kind of like the, going back to my days, what did I see from my customers? And it was kind of like the month zero, “I just don't believe you.” Like, “This thing can't be real, I don't trust it, et cetera.” Month one is, I'm going to assign some developer to work on some very low-priority, low-risk workload. In my days, that was SharePoint, by the way. Like, nine times out of ten, the first workload that customers stood up was a SharePoint instance that they had to share across multiple locations.Corey: That thing falls over all the time anyway. May as well put it in the cloud where it can do so without taking too much else down with it. Was that the thinking or?Jeremy: Well, and the other thing about it at the time, Corey, was that, like, so many customers worked in this, like, remote-first world, right? And so, SharePoint was inevitably hosted at somebody's office. And so, the workers at that office were so privileged over the workers everywhere else. The performance gap between consuming SharePoint in one location versus another was like, night and day. So, you know, employees in headquarters were like, “Yeah, SharePoint's great.” Employees in branch offices were like, “This thing is terrible,” you know? “It's so slow. I hate it, I hate it, I hate it.”And so, Cloud actually became, like, this neutral location to move SharePoint to that kind of had an equal performance for every office. And so, that was, I think, one of the reasons and it was also, you know, it had capacity problems, and customers were right at that point, uploading tons of static documents to it, like Word documents, Office attachments, et cetera, and so they were starting to have some of these, like, real disk sprawl problems with SharePoint. So, that was kind of the month one problem. And only after they get through kind of month two, three, and four, and they go through, “I don't understand my bill,” and, “Help me understand security implications,” then they think about, like, “Hey, should we go back and look at how we're running that SharePoint stuff and maybe do it more efficiently and, like, move those static Office documents onto S3?” And so on, and so on.And that's kind of one of the big things that I've changed that I would say is very different from, like, 2011 to now, is there's enough sophistication around understanding that, like, you don't just translate what you're doing in your office or in your data center to what you're doing on cloud. Or if you do, you're not getting the most out of your investment.Corey: I'm curious to get your take on how you have seen cloud adoption patterns differ, specifically tied to geo. I mean, I tend to see it from a world where there's a bifurcation of between born-in-the-cloud SaaS-type companies where one workload is 80% of their bill or whatnot, and of the big enterprises where the largest single component is 3%. So, it's a very different slice there. But I'm curious what you would see from a sales perspective, looking across a lot of different geographic boundaries because we're all, on some level, biased based upon where we tend to spend our time doing business. I'm in San Francisco, which is its very own strange universe that has a certain perspective about itself that is occasionally accurate, but not usually. But it's a big world out there.Jeremy: It is. One thing that I would say it's interesting. I spent my AWS days based in Singapore, living in Singapore at the time, and I was working with customers across Southeast Asia. And to your point, Corey, one of the most interesting things was this little bit of a leapfrog effect. Data centers in Asia-Pac, especially in places like the Philippines, were just terrible.You know, the Philippines had, like, the second highest electricity rates in Asia at the time, only behind Japan, even though the GDP per capita gap between those two countries is really large. And yet you're paying, like, these super-high electricity rates. Secondarily, data centers in the Philippines were prone to flooding. And so, a lot of companies in the Philippines never went the data center route. You know, they just hosted servers in their offices, you know, they had a bunch of desktop machines in a cubicle, that kind of situation because, like, data centers themselves were cost prohibitive.So, you saw this effect a little bit like cell phones in a lot of the developing world. Landline infrastructure was too expensive or never got done for whatever reason, and people went straight to cell phones. So actually, what I saw in a lot of emerging markets in Asia was, screw the data center; we're going to go straight to cloud. So, I saw a lot of Asia-Pac get a little bit ahead of places like Europe where you had, for instance, a lot of long-term data center contracts and you had customers really locked in. And we saw this over the next, let's say between, like, say, 2014 and 2018 when I was working with a systems integrator, and then started working on cloud security.We saw that US customers and Asia-Pac customers didn't have these obligations; European customers, a lot of them were still working off their lease, and still, you know, I'm locked into let's just say Equinix Frankfurt for another five years before I can think about cloud migration. So, that's definitely one aspect that I observed. Second thing I think is, like, the earlier you started, the earlier you reached the point where you realize that actually there is value in a lot of managed services and there actually is value in getting away from the kind of server mindset around EC2.Corey: It feels like there's a lot of, I want to call it legacy thinking, in some ways, except that's unfair because legacy remains a condescending engineering term for something that makes money. The problem that you have is that you get bound by choices you didn't necessarily realize you were making, and then something becomes revenue-bearing. And now there's a different way to do it, or you learn more about the platform, or the platform itself evolves, and, “Oh, I'm going to rewrite everything to take advantage of this,” isn't happening. So, it winds up feeling like, yeah, we're treating the cloud like a data center. And sometimes that's right; sometimes that's a problem, but ultimately, it still becomes a significant challenge. I mean, there's no way around it. And I don't know what the right answer is, I don't know what the fix is going to be, but it always feels like I'm doing something wrong somewhere.Jeremy: I think a lot of customers go through that same set of feelings and they realize that they have the active runway problem, where you know, how do you do maintenance on an active runway? You kind of can't because you've got flights going in and out. And I think you're seeing this in your part of the world at SFO with a lot of the work that got done in, like, 2018, 2019 where they kind of had to close down a runway and had, like, near misses because they consolidated all flights onto the one active runway, right? It is a challenge. And I actually think that some of the evolution that I've seen our customers go through over the last, like, two, three years, is starting to get away from that challenge.So, to your point, when you have revenue-bearing workloads that you can't really modify and things are pretty tightly coupled, it is very hard to make change. But when you start to have it where things are broken down into more microservices, it makes it a lot easier to cycle out Service A for Service B, or let's say more accurately, Service A1 with Service A2 where you can kind of just, like, plug and play different APIs, and maybe, you know, repoint services at the new stuff as they come online. But getting to that point is definitely a painful process. It does require architectural changes and often those architectural changes aren't at the infrastructure level; they're actually inside the application or they're between things like applications and third-party dependencies where the customers may not have full control over the dependencies, and that does become a real challenge for people to break down and start to attack. You've heard of the Strangler Methodology?Corey: Oh, yes. Both in terms of the Boston Strangler, as well—Jeremy: [laugh]. Right.Corey: As the Strangler design pattern.Jeremy: Yeah, yeah. But I think, like, getting to that is challenging until, like, once you understand that you want to do that, it makes a lot of sense. But getting to the starting point for that journey can be really challenging for a lot of customers because it involves stakeholders that are often not involved on infrastructure conversations, and organizational dysfunction can really creep in there, where you have teams that don't necessarily play nice together, not for any particular reason, but just because historically they haven't had to. So, that's something that I've seen and definitely takes a little bit of cultural work to overcome.Corey: When you take a look across the board of cloud adoption, it's interesting to have seen the patterns that wound up unfolding. Your career path, though, seem to have gotten away from the selling cloud and into some strange directions leading up to what you're doing now, where you founded Firetail. What do you folks do?Jeremy: We do API security. And it really is kind of the culmination of, like, the last several years and what we saw. I mean, to your point, we saw customers going through kind of Phase One, Two, Three of cloud adoption. Phase One, the, you know, for lack of a better phrase, lift-and-shift and Phase Two, the kind of first step on the path towards quote-unquote, “Enlightenment,” where they start to see that, like, actually, we can get better operational efficiency if we, you know, move our databases off of EC2 and on to RDS and we move our static content onto S3.And then Phase Three, where they realize actually EC2 kind of sucks, and it's a lot of management overhead, it's a lot of attack surface, I hate having to bake AMIs. What I really want to do is just drop some code on a platform and run my application. And that might be serverless. That might be containerized, et cetera. But one path or the other, where we pretty much always see customers ending up is with an API sitting on a network.And that API is doing two things. It front-ends a data set and at front-ends a set of functionality, and most cases. And so, what that really means is that the thing that sits on the network that does represent the attack surface, both in terms of accessing data or in terms of let's say, like, abusing an application is an API. And that's what led us to where I am today, what led me and my co-founder Riley to, you know, start the company and try to make it easier for customers to build more secure APIs. So yeah, that's kind of the change that I've observed over the last few years that really, as you said, lead to what I'm doing now.Corey: There is a lot of, I guess, challenge in the entire space when we bound that to—even API security, though as soon as you going down the security path it starts seeming like there's a massive problem, just in terms of proliferation of companies that each do different things, that each focus on different parts of the story. It feels like everything winds up spitting out huge amounts of security-focused, or at least security-adjacent telemetry. Everything has findings on top of that, and at least in the AWS universe, “Oh, we have a service that spits out a lot of that stuff. We're going to launch another service on top of it that, of course, cost more money that then winds up organizing it for you. And then another service on top of that that does the same thing yet again.” And it feels like we're building a tower of these things that are just… shouldn't just be a feature in the original underlying thing that turns down the noise? “Well, yes, but then we couldn't sell you three more things around it.”Jeremy: Yeah, I mean—Corey: Agree? Disagree?Jeremy: I don't entirely disagree. I think there is a lot of validity on what you just said there. I mean, if you look at like the proliferation of even the security services, and you see GuardDuty and Config and Security Hub, or things like log analysis with Athena or log analysis with an ELK stack, or OpenSearch, et cetera, I mean, you see all these proliferation of services around that. I do think the thing to bear in mind is that for most customers, like, security is not a one size fits all. Security is fundamentally kind of a risk management exercise, right? If it wasn't a risk management exercise, then all security would really be about is, like, keeping your data off of networks and making sure that, like, none of your data could ever leave.But that's not how companies work. They do interact with the outside world and so then you kind of always have this decision and this trade-off to make about how much data you expose. And so, when you have that decision, then it leads you down a path of determining what data is important to your organization and what would be most critical if it were breached. And so, the point of all of that is honestly that, like, security is not the same for you as it is for me, right? And so, to that end, you might be all about Security Hub, and Config instead of basic checks across all your accounts and all your active regions, and I might be much more about, let's say I'm quote-unquote, “Digital-native, cloud-native,” blah, blah, blah, I really care about detection and response on top of events.And so, I only care about log aggregation and, let's say, GuardDuty or Athena analysis on top of that because I feel like I've got all of my security configurations in Infrastructure as Code. So, there's not a right and wrong answer and I do think that's part of why there are a gazillion security services out there.Corey: On some level, I've been of the opinion for a while now that the cloud providers themselves should not necessarily be selling security services directly because, on some level, that becomes an inherent conflict of interest. Why make the underlying platform more secure or easier to use from a security standpoint when you can now turn that into a revenue source? I used to make comments that Microsoft Defender was a classic example of getting this right because they didn't charge for it and a bunch of antivirus companies screamed and whined about it. And then of course, Microsoft's like, “Oh, Corey saying nice things about us. We can't have that.” And they started charging for it. So okay, that more or less completely subverts my entire point. But it still feels squicky.Jeremy: I mean, I kind of doubt that's why they started charging for it. But—Corey: Oh, I refuse to accept that I'm not that influential. There we are.Jeremy: [laugh]. Fair enough.Corey: Yeah, I just can't get away from the idea that it feels squicky when the company providing the infrastructure now makes doing the secure thing on top of it into an investment decision.Jeremy: Yeah.Corey: “Do you want the crappy, insecure version of what we build or do you want the top-of-the-line secure version?” That shouldn't be a choice people have to make. Because people don't care about security until right after they really should have cared about security.Jeremy: Yeah. Look, and I think the changes to S3 configuration, for instance, kind of bear out your point. Like, it shouldn't be the case that you have to go through a lot of extra steps to not make your S3 data public, it should always be the case that, like, you have to go through a lot of steps if you want to expose your data. And then you have explicitly made a set of choices on your own to make some data public, right? So, I kind of agree with the underlying logic. I think the counterargument, if there is one to be made, is that it's not up to them to define what is and is not right for your organization.Because again, going back to my example, what is secure for you may not be secure for me because we might have very different modes of operation, we might have very different modes of building our infrastructure, deploying our infrastructure, et cetera. And I think every cloud provider would tell you, “Hey, we're just here to enable customers.” Now, do I think that they could be doing more? Do I think that they could have more secure defaults? You know, in general, yes, of course, they could. And really, like, the fundamentals of what I worry about are people building insecure applications, not so much people deploying infrastructure with bad configurations.Corey: It's funny, we talk about this now. Earlier today, I was lamenting some of the detritus from some of my earlier builds, where I've been running some of these things in my old legacy single account for a while now. And the build service is dramatically overscoped, just because trying to get the security permissions right, was an exercise in frustration at the time. It was, “Nope, that's not it. Nope, blocked again.”So, I finally said to hell with it, overscope it massively, and then with a, “Todo: fix this later,” which of course, never happened. And if there's ever a breach on something like that, I know that I'll have AWS wagging its finger at me and talking about the shared responsibility model, but it's really kind of a disaster plan of their own making because there's not a great way to say easily and explicitly—or honestly, by default the way Google Cloud does—of okay, by default, everything in this project can talk to everything in this project, but the outside world can't talk to any of it, which I think is where a lot of people start off. And the security purists love to say, “That's terrible. That won't work at a bank.” You're right, it won't, but a bank has a dedicated security apparatus, internally. They can address those things, whereas your individual student learner does not. And that's how you wind up with open S3 bucket monstrosities left and right.Jeremy: I think a lot of security fundamentalists would say that what you just described about that Google project structure, defeats zero trust, and you know, that on its own is actually a bad thing. I might counterargue and say that, like, hey, you can have a GCP project as a zero trust, like, first principle, you know? That can be the building block of zero trust for your organization and then it's up to you to explicitly create these trust relationships to other projects, and so on. But the thing that I think in what you said that really kind of does resonate with me in particular as an area that AWS—and really this case, just AWS—should have done better or should do better, is IAM permissions. Because every developer in the world that I know has had that exact experience that you described, which is, they get to a point where they're like, “Okay, this thing isn't working. It's probably something with IAM.”And then they try one thing, two things, and usually on the third or fourth try, they end up with a star permission, and maybe a comment in that IAM policy or maybe a Jira ticket that, you know, gets filed into backlog of, “Review those permissions at some point in the future,” which pretty much never happens. So, IAM in particular, I think, is one where, like, Amazon should do better, or should at least make it, like, easy for us to kind of graphically build an IAM policy that is scoped to least permissions required, et cetera. That one, I'll a hundred percent agree with your comments and your statement.Corey: As you take a look across the largest, I guess, environments you see, and as well as some of the folks who are just getting started in this space, it feels like, on some level, it's two different universes. Do you see points of commonality? Do you see that there is an opportunity to get the individual learner who's just starting on their cloud journey to do things that make sense without breaking the bank that they then can basically have instilled in them as they start scaling up as they enter corporate environments where security budgets are different orders of magnitude? Because it seems to me that my options for everything that I've looked at start at tens of thousands of dollars a year, or are a bunch of crappy things I find on GitHub somewhere. And it feels like there should be something between those two.Jeremy: In terms of training, or in terms of, like, tooling to build—Corey: In terms of security software across the board, which I know—Jeremy: Yeah.Corey: —is sort of a vague term. Like, I first discovered this when trying to find something to make sense of CloudTrail logs. It was a bunch of sketchy things off GitHub or a bunch of very expensive products. Same thing with VPC flow logs, same thing with trying to parse other security alerting and aggregate things in a sensible way. Like, very often it's, oh, there's a few very damning log lines surrounded by a million lines of nonsense that no one's going to look through. It's the needle in a haystack problem.Jeremy: Yeah, well, I'm really sorry if you spent much time trying to analyze VPC flow logs because that is just an exercise in futility. First of all, the level of information that's in them is pretty useless, and the SLA on actually, like, log delivery, A, whether it'll actually happen, and B, whether it will happen in a timely fashion is just pretty much non-existent. So—Corey: Oh, from a security perspective I agree wholeheartedly, but remember, I'm coming from a billing perspective, where it's—Jeremy: Ah, fair enough.Corey: —huh, we're taking a petabyte in and moving 300 petabytes between availability zones. It's great. It's a fun game called find whatever is chatty because, on some level, it's like, run two of whatever that is—or three—rather than having it replicate. What is the deal here? And just try to identify, especially in the godforsaken hellscape that is Kubernetes, what is that thing that's talking? And sometimes flow logs are the only real tool you've got, other than oral freaking tradition.Jeremy: But God forbid you forgot to tag your [ENI 00:24:53] so that the flow log can actually be attributed to, you know, what workload is responsible for it behind the scenes. And so yeah, I mean, I think that's a—boy that's a case study and, like, a miserable job that I don't think anybody would really want to have in this day and age.Corey: The timing of this is apt. I sent out my newsletter for the week a couple hours before this recording, and in the bottom section, I asked anyone who's got an interesting solution for solving what's talking to what with VPC flow logs, please let me know because I found this original thing that AWS put up as part of their workshops and a lab to figure this out, but other than that, it's more or less guess-and-check. What is the hotness? It's been a while since I explored the landscape. And now we see if the audience is helpful or disappoints me. It's all on you folks.Jeremy: Isn't the hotness to segregate every microservice into an account and run it through a load balancer so that it's like much more properly tagged and it's also consumable on an account-by-account basis for better attribution?Corey: And then everything you see winds up incurring a direct fee when passing through that load balancer, instead of the same thing within the same subnet being able to talk to one another for free.Jeremy: Yeah, yeah.Corey: So, at scale—so yes, for visibility, you're absolutely right. From a, I would like to spend less money giving it directly to Amazon, not so much.Jeremy: [unintelligible 00:26:08] spend more money for the joy of attribution of workload?Corey: Not to mention as well that coming into an environment that exists and is scaled out—which is sort of a prerequisite for me going in on a consulting project—and saying, “Oh, you should rebuild everything using serverless and microservice principles,” is a great way to get thrown out of the engagement in the first 20 minutes. Because yes, in theory, anyone can design something great, that works, that solves a problem on a whiteboard, but most of us don't get to throw the old thing away and build fresh. And when we do great, I'm greenfielding something; there's always constraints and challenges down the road that you don't see coming. So, you finally wind up building the most extensible thing in the universe that can handle all these things, and your business dies before you get to MVP because that takes time, energy and effort. There are many more companies that have died due to failure to find product-market fit than have died because, “Oh hey, your software architecture was terrible.” If you hit the market correctly, there is budget to fix these things down the road, whereas your code could be pristine and your company's still dead.Jeremy: Yeah. I don't really have a solution for you on that one, Corey [laugh].Corey: [laugh].Jeremy: I will come back to your one question—Corey: I was hoping you did.Jeremy: Yeah, sorry. I will come back to the question about, you know, how should people kind of get started in thinking about assessing security. And you know, to your point, look, I mean, I think Config is a low-ish cost, but should it cost anything? Probably not, at least for, like, basic CIS foundation benchmark checks. I mean, like, if the best practice that Amazon tells everybody is, “Turn on these 40-ish checks at last count,” you know, maybe those 40-ish checks should just be free and included and on in everybody's account for any account that you tag as production, right?Like, I will wholeheartedly agree with that sentiment, and it would be a trivial thing for Amazon to do, with one kind of caveat—and this is something that I think a lot of people don't necessarily understand—collecting all the required data for security is actually really expensive. Security is an extremely data-intensive thing at this day and age. And I have a former coworker who used to hate the expression that security is data science, but there is some truth in it at this point, other than the kind of the magic around it is not actually that big because there's not a lot of, let's say, heuristic analysis or magic that goes into what queries, et cetera. A lot of security is very rule-based. It's a lot of, you know, just binary checks: is this bit set to zero or one?And some of those things are like relatively simple, but what ends up inevitably happening is that customers want more out of it. They don't just want to know, is my security good or bad? They want to know things like is it good or bad now relative to last week? Has it gotten better or worse over time? And so, then you start accumulating lots of data and time series data, and that becomes really expensive.And secondarily, the thing that's really starting to happen more and more in the security world is correlation of multiple layers of data, infrastructure with applications, infrastructure with operating system, infrastructure with OS and app vulnerabilities, infrastructure plus vulnerabilities plus Kubernetes configurations plus API sitting at the edge of that. Because realistically, like, so many organizations that are built out at scale, the truth of the matter is, is just like on their operating system vulnerabilities, they're going to have tens of thousands, if not millions of individual items to deal with and no human can realistically prioritize those without some context around it. And that is where the data, kind of, management becomes really expensive.Corey: I hear you. Particularly the complaints about AWS Config, which many things like Control Tower setup for you. And on some level, it is a tax on using the cloud as the cloud should be used because it charges for evaluation of changes to your environment. So, if you're spinning things up all the time and then turning them down when they're not in use, that incurs a bunch of Config charges, whereas if you've treat it like a big dumb version of your data center where you just spin [unintelligible 00:30:13] things forever, your Config charge is nice and low. When you start seeing it entering the top ten of your spend on services, something is very wrong somewhere.Jeremy: Yeah. I would actually say, like, a good compromise in my mind would be that we should be included with something like business support. If you pay for support with AWS, why not include Config, or some level of Config, for all the accounts that are in scope for your production support? That would seem like a very reasonable compromise.Corey: For a lot of folks that have it enabled but they don't see any direct value from it either, so it's one of those things where not knowing how to turn it off becomes a tax on what you're doing, in some cases. In SCPs, but often with Control Tower don't allow you to do that. So, it's your training people who are learning this in their test environments to avoid it, but you want them to be using it at scale in an enterprise environment. So, I agree with you, there has to be a better way to deliver that value to customers. Because, yeah, this thing is now, you know, 3 or 4% of your cloud bill, it's not adding that much value, folks.Jeremy: Yeah, one thing I will say just on that point, and, like, it's a super small semantic nitpick that I have, I hate when people talk about security as a tax because I think it tends to kind of engender the wrong types of relationships to security. Because if you think about taxes, two things about them, I mean, one is that they're kind of prescribed for you, and so in some sense, this kind of Control Tower implementation is similar because, like you know, it's hard for you to turn off, et cetera, but on the other hand, like, you don't get to choose how that tax money is spent. And really, like, you get to set your security budget as an organization. Maybe this Control Tower Config scenario is a slight outlier on that side, but you know, there are ways to turn it off, et cetera.The other thing, though, is that, like, people tend to relate to tax, like, this thing that they really, really hate. It comes once a year, you should really do everything you can to minimize it and to, like, not spend any time on it or on getting it right. And in fact, like, there's a lot of people who kind of like to cheat on taxes, right? And so, like, you don't really want people to have that kind of mindset of, like, pay as little as possible, spend as little time as possible, and yes, let's cheat on it. Like, that's not how I hope people are addressing security in their cloud environments.Corey: I agree wholeheartedly, but if you have a service like Config, for example—that's what we're talking about—and it isn't adding value to you, and you just you don't know what it does, how it works, than it [unintelligible 00:32:37]—or more or less how to turn it off, then it does effectively become directly in line of a tax, regardless of how people want to view the principle of taxation. It's a—yeah, security should not be a tax. I agree with you wholeheartedly. The problem is, is it is—Jeremy: It should be an enabler.Corey: —unclea—yeah, the relationship between Config and security in many cases is fairly attenuated in a lot of people's minds.Jeremy: Yeah. I mean, I think if you don't have, kind of, ideas in mind for how you want to use it or consume it, or how you want to use it, let's say as an assessment against your own environment, then it's particularly vexing. So, if you don't know, like, “Hey, I'm going to use Config. I'm going to use Config for this set of rules. This is how I'm going to consume that data and how I'm going to then, like, pass the results on to people to make change in the organization,” then it's particularly useless.Corey: Yeah. I really want to thank you for taking the time to speak with me. If people want to learn more, where's the best place for them to find you?Jeremy: Easy, breezy. We are just firetail.io. That's ‘fire' like the, you know, flaming substance, and ‘tail' like the tail of an animal, not like a story. But yeah, just firetail.io.And if you come now, we've actually got, like, a white paper that we just put out around API security and kind of analyzing ten years of API-based data breaches and trying to understand what actually went wrong in most of those cases. And you're more than welcome to grab that off of our website. And if you have any questions, just reach out to me. I'm just jeremy@firetail.io.Corey: And we'll put links to all of that in the [show notes 00:34:03]. Thank you so much for your time. I appreciate it.Jeremy: My pleasure, Corey. Thanks so much for having me.Corey: Jeremy Snyder, founder and CEO at Firetail. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice, along with an angry comment pointing out that listening to my nonsense is a tax on you going about your day.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.

All links and images for this episode can be found on CISO Series. When cybersecurity needs to cut budget, first move is to look where you have redundancy. That way you're not actually reducing the security effort. But after that, the CFO needs to know what are the most important areas of the business to protect. Where will they be willing to take on more risk? Because, with less security, the chances of failure increase. This show was recorded in front of a live audience in New Orleans as part of the BSidesNOLA 2023 reboot conference. The episode features me, David Spark (@dspark), host and producer of CISO Series. My guest co-host is my former co-host, Allan Alford (@allanalfordintx), CISO for Precedent and host of The Cyber Ranch Podcast. Our guest is Mike Woods, corporate CISO for GE. Thanks to our podcast sponsors: Conveyor, Nightfall AI, Rapid7 Love security questionnaires? Then you're going to hate Conveyor: the end-to-end trust platform built to eliminate questionnaires. Infosec teams reduce the volume of questionnaires with a customer-facing trust portal and for any remaining questionnaires, our GPT-Questionnaire Eliminator response tool or white-glove questionnaire completion service will knock them off your to-do list. www.conveyor.com Nightfall is the leader in cloud data leak prevention. Integrate in minutes with cloud apps such as Slack and Jira to instantly protect data (PII, PHI, Secrets and Keys, PCI) and prevent breaches. Stay compliant with frameworks such as ISO 27001 and more — all powered by Nightfall's industry-leading ML detection. Rapid7 is the only connected, cloud to on-prem cybersecurity partner with unlimited incident response, unlimited automated workflows, unlimited vulnerability management, unlimited app security, you get the idea. Add it up – with Rapid7's decades of practitioner-first problem solving – and there's unlimited opportunity for you. See for yourself at Rapid7.com/ciso-series. In this episode:  We always say, “trust but verify,” but how do you actually verify? When it comes to cut budget, make sure you're already in the mind of the CFO. What's the difference between a good cybersecurity professional and a great one?

Guests: Sherron Burgess, Senior Vice President and Chief Information Security Officer at BCD Travel [@BCDTravel]On LinkedIn | https://www.linkedin.com/in/sherronburgess/At RSAC | https://www.rsaconference.com/experts/sherron%20burgessLarry Whiteside Jr., Chief Information Security OfficerChief Information Security Officer at RegScale [@RegScale]On LinkedIn | https://www.linkedin.com/in/larrywhitesidejr/On Twitter | https://twitter.com/LarryWhitesideAt RSAC | https://www.rsaconference.com/Experts/larry-whitesideJulian Waits, SVP & Executive in ResidenceSVP & Executive in Residence at Rapid7 [@rapid7]On LinkedIn | https://www.linkedin.com/in/julianwaits/On Twitter | https://twitter.com/JulianWaits____________________________Host: MK Palmore, Host of The Leadership Student PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/mk-palmore____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesA discussion with senior cybersecurity executives about the challenges of identifying and developing diverse talent and subsequently grooming them to become the cybersecurity leaders of the future. This panel will cover:There is limited diverse leadership at executive levels in cyberHelping young mid-career cybersecurity leaders with career pathingChallenges faced by diverse leaders in getting the roles where their skills and competencies can be highlighted____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

The CI/CD pipeline is the backbone of the software development process, so it's critical to ensure you are meeting and exceeding the most critical security measures. Throughout this podcast, Tal Morgenstern, Co-founder and CSO of Vulcan Cyber, will break down the process of how organizations can properly secure a CI/CD pipeline into a checklist of four key steps, as well as offer a handful of tools and tactics security leadership can use to bake risk-based vulnerability management into their CI/CD pipelines. He will explain how securing your CI/CD pipelines alone is not enough to reduce the chances of cyber attacks and the importance for organizations to not only maintain security at speed and scale, but quality at speed and scale. Finally, Tal will dive into how Vulcan Cyber helps organizations to streamline security tasks in every stage of the cyber-risk management process, integrating with their existing tools for true end-to-end risk management. Segment Resources: https://vulcan.io/ https://vulcan.io/platform/ https://vulcan.io/blog/ci-cd-security-5-best-practices/  https://www.youtube.com/watch?v=nosAxWc-4dc   Tap, tap - is this thing on? Why do defenders still struggle to detect attacks and attacker activities? Why do so many tools struggle to detect attacks? Today, we've got an expert on detection engineering to help us answer these questions. Thinkst's Canary and Canarytokens make in catching penetration testers and attackers stupidly simple. Thinkst Labs aims to push these tools even further. Casey will share some of the latest research coming out of labs, and we'll ponder why using deception for detection isn't yet a de facto best practice. Segment Resources:  https://canary.tools https://canarytokens.org https://blog.thinkst.com   Finally, in the enterprise security news, We quickly explain the SVB collapse, A few interesting fundings, Rapid7 acquires Minerva who? We'll explain. GPT-4 - what's new? Detect text written by an AI! Then, produce text that can't be detected as written by an AI! The K-Shaped recovery of the cybersecurity industry, Software Security is More than Vulnerabilities, Microsoft Outlook hacks itself, Robert Downey Jr. gets into teh cyberz, & Reversing intoxication!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly  Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw309

As businesses face an ever-growing number of cyber threats, it's no surprise that cybersecurity spending is rising. However, despite all this spending, cyberattacks and data breaches are still occurring at an alarming rate. So what is going wrong? According to Jason Hart, CTO EMEA at Rapid7, the missing piece of the puzzle is often the failure to operationalize cybersecurity. In other words, businesses need to embed security into their culture and make it a part of their everyday business processes. Instead, they rely solely on technology solutions to detect and respond to threats. In this podcast interview, Jason outlines the core elements businesses need to have to guarantee a solid foundation for a secure business. One of the critical components is culture and accountability. Companies need to create a culture where security is seen as a shared responsibility across the entire organization, from the boardroom to the front lines. This means providing regular training and education to all employees and ensuring that security is embedded into all business processes and decisions. Another essential step is identifying what risk is and what isn't. Only some threats are created equal, and businesses need to be able to distinguish between high-risk and low-risk threats. This allows them to focus their resources on the most critical areas and ensure they are adequately protected. Finally, operationalizing cybersecurity means making it a business process. This involves setting clear metrics and outcomes for security and measuring and reporting on these regularly. This not only helps businesses to track their progress and identify areas for improvement, but it also ensures that security becomes a part of the fabric of the business. In today's fast-paced, digital world, cybersecurity is no longer an optional extra - it's an essential part of doing business. By following the steps outlined by Jason Hart, companies can ensure that they are taking a proactive approach to security, embedding it in their culture and making it a part of their everyday business processes. This, in turn, will help them better protect their customers, reputation, and bottom line. Sponsored VPN Offer https://www.piavpn.com/techtalksdaily

With cyber threats and ransomware on the rise globally, the Biden administration has enlisted America's tech titans to help blunt their effects. Amazon, Microsoft, and Google, are all in discussions with Washington over how to strengthen the nation's critical infrastructure defenses against a growing array of both private and state-sponsored attacks. Skeptics question just how much can be achieved, given how connected U.S. society has become. But solutions are emerging, from lifting the veil of cryptocurrencies, a favored transaction among hackers, to making the paying of ransoms illegal. In this special edition of Intelligence Squared's Agree-to-Disagree series, John Donvan sits down with David Sanger of The New York Times for a closer examination of these attacks before launching into a much more specific debate with two cyber security experts. The debate: Should paying hacker ransoms be illegal? Cyber Threat Alliance president and chief executive Michael Daniel and Rapid7 vice-president Jen Ellis square off in light of recent high-profile hackings.  Learn more about your ad choices. Visit megaphone.fm/adchoices