Podcasts about salt security

In a perfect world, every marketing dollar would be easy to track and justify. In reality, proving impact is a constant battle In this episode, Drew Neisser brings together Julie Kaplan, Michael Callahan of Salt Security, and Bindu Chellappan of Corpay to explore the metrics that matter—and how to make sure they resonate in the boardroom. In This Episode:  Julie Kaplan shares why marketing-driven pipeline is the metric that truly resonates with the C-suite—and how simplifying the conversation makes it easier to prove marketing's value to the CFO.  Michael Callahan reveals why broad pipeline metrics don't resonate with sales—and how shifting to territory-level goals helped drive alignment and better results.  Bindu Chellappan expands the conversation beyond pipeline, sharing how Corpay is tackling the challenge of measuring brand awareness, retention, and upsell impact—and why long-term marketing influence is just as important as net-new pipeline.   Key Takeaways: The #1 metric that makes marketing's impact undeniable.  Why marketing-influenced revenue deserves more credit—and how to make the case for it.  How to align marketing with sales—without the usual friction.  Why brand awareness is more measurable than you think—and how to track it.  Marketing's value isn't simple to prove—but the right numbers get the C-suite's attention. Tune in to learn which ones matter most.  For full show notes and transcripts, visit https://renegademarketing.com/podcasts/ To learn more about CMO Huddles, visit https://cmohuddles.com/

How do you build a channel strategy that drives growth without sacrificing trust? In this episode of Partnerships Unraveled, Sunil Dutt, EMEA Partnerships Leader at DevRev, joins the show to share his journey from startup veteran to channel visionary.With insights shaped by his experience at companies like Symantec, Nutanix, and Salt Security, Sunil reveals how DevRev is transforming the way startups navigate fragmented ecosystems, balance innovation with disruption, and foster partnerships built on trust.Whether you're scaling a new business or rethinking your channel strategy, this conversation is packed with actionable insights for channel leaders.Tune in to discover how DevRev is shaping the future of channel partnerships and what it takes to build a winning strategy in a competitive landscape.Connect with Sunil: https://www.linkedin.com/in/sunildutt/_________________________Learn more about Channext

CFO Kfir Lippmann began his career at Ernst & Young in Tel Aviv, auditing high-growth tech clients and navigating the intricacies of IPO-bound businesses. The experience gave him a deep understanding of strategic finance early on, Lippmann tells us. Later, he joined Monday.com when it was still a small startup, helping scale the organization through multiple investment rounds and significant secondary transactions. These transactions, which allow employees to sell shares prior to an IPO, can be tricky to manage from a morale standpoint. “It's about maintaining fairness and long-term vision,” Lippmann tells us.By educating employees about responsible wealth management, Lippmann tellsus he was able to preserve the company's collaborative culture and harness momentum for broader strategic goals. His approach to finance leadership emphasizes transparency and data-driven decisions across all functions, not simply “being the bad guy,” Lippmann tells us. Now as CFO of Salt Security, he applies the same philosophy of aligning metrics with execution to drive both rapid expansion and operational discipline.From orchestrating multi-million-dollar funding efforts to shaping sustainable corporate cultures, Lippmann's journey underscores how secondary transactions—appropriately handled—can spark innovative thinking and sustainable growth.

This is a Tuesday Tips episode where you will hear host Drew Neisser, CMOs, and other B2B experts share their hard-earned wisdom and fresh marketing insights in a bitesize format. Featuring: Lauren Wagner Boyman of KPMG US, Michael Callahan of Salt Security, and Grant Johnson of Billtrust To see the video versions, follow Drew Neisser on LinkedIn or visit our YouTube channel—The Renegade Marketing Hub! And if you're a B2B CMO, check out our thriving community: https://cmohuddles.com/

Omer Sadika | Co-Founder of dWallet Network, CEO of dWallet Labs Omer Sadika is the founder and CEO of dWallet Labs, dWallet Labs is a cybersecurity company specializing in blockchain technology and the builder of dWallet Network. He's a former cybersecurity expert for Israeli Defense and YCombinator alumni. Previously he was the co-founder and CEO of the first API Security company, Salt Security, which is now a unicorn. Together with his team, Omer built the dWallet Network - a composable modular signature network. They introduced a new blockchain primitive, dWallets, expanding the capabilities of smart contract networks with multi-chain, noncollusive and massively decentralized MPC. --- Support this podcast: https://podcasters.spotify.com/pod/show/crypto-hipster-podcast/support

Bad bots, security breaches, and deceptive phishing schemes—oh my? That's right! There are a lot of dangers out there in the often-murky waters of cybersecurity, and marketers need to be ready. That's why we brought 3 cybersecurity CMOs on the podcast. Tune in as Dan Lowden of BLACKBIRD.AI (previously HUMAN Security), Laura MacGregor of CIS, and Michael Callahan of Salt Security (formerly Acronis) shed light on these digital threats and share how B2B marketers can stay ahead of them. We cover things like how to develop a crisis playbook for security breaches, how to protect your tech stack, and why CAPTCHA isn't all that effective anymore. Don't miss it!   For full show notes and transcripts, visit https://renegade.com/podcasts/ To learn more about CMO Huddles, visit https://cmohuddles.com/

Samedi 23 septembre, Frédéric Simottel a reçu Sergio Colella, président de Sita Europe, Pierre-Eric Leibovici, cofondateur de Daphni, Adriana Gogonel, présidente de la société Statinf, Wilfried Lauber, RSSI d'Amundi et président du groupe de travail cybersécurité de l'AFG, Elimane Prud'hom, directeur France de Salt Security, et Francis Bergey, RSSI de SNCF Connect & Tech, dans l'émission Tech&Co Business sur BFM Business. Retrouvez l'émission le samedi et réécoutez la en podcast.

Application programming interfaces, or APIs, have become an integral part of maintaining an online business, and are often indispensable for cross-functionality and user experience.However, the increased use of APIs has led to a rise in attacks against them. This can in turn cause breaches of company data or even full account takeovers. Improperly-managed APIs are a key attack surface and firms would do well to treat this seriously as threat actors step up their efforts at exploitation.Today, we spoke to Yaniv Balmas, VP of security research at Salt Security, to discuss the risks that come with using APIs and how to mitigate against them.

Application Programming Interfaces (APIs)Why is Gartner predicting that API-based attacks will become the most frequent attack vector for applications? Although APIs deserve the credit for a lot of digital transformation and innovation, they're also an attractive target for bad actors. To explain how APIs are being used these days, and why they are getting more attention as an attack vector, Robby has invited Sunil Dutt from Salt Security.Sunil talks about the evolution of APIs, the techniques the attackers are using, as well as Salt's approach to addressing the problem.

Salt Security recently released the findings of their latest API Security Report, Q3 2022, which the company conducts every six months in line with the shifting currents of the market. In this episode of Let's Talk, Michelle McLean, VP of Marketing at Salt Security, joins me to deep dive into the report. When she looks back at previous reports, she finds that one thing remains consistent — “We are still seeing a fairly high percentage of folks getting impacted or having at least some form of API security incident in the past 12 months.” Over 94% of companies experienced security incidents in production APIs, even though nothing catastrophic happened to them, with over 20% of companies reporting some sort of data breach as a result of security gaps in APIs.

עוד פודקאסט לסטארטאפים בפרק מיוחד שכולל שיתוף פעולה עם סדרת אירועי "היוניקורנס" - במסגרתם נראיין את היזמים שהקימו יוניקורנים ומשקיעי הסיד הראשונים שלהם, שיגללו את סיפור ההצלחה והדרך אליה. במפגש אירחנו את רועי אליהו, מנכ"ל חברת הסייבר Salt Security, חברת יוניקורן שגייסה 271 מיליון דולר והגיעה לשווי של 1.4 מיליארד דולר לפי סבב הגיוס האחרון. ביחד עם איה פטרבורג מייסדת ושותפה בקרן S Capital, שהובילה את סבב הסיד בחברה וגם המשיכה ללוות אותה בסבבים העוקבים. בתחילת הדרך רועי אליהו הצליח לשרוד מספר אתגרים במקביל, שכל אחד מהאתגרים ידוע כמחסל סטארט-אפים; החל מפיתוח החברה ללא כסף בכלל, חיפוש אחר השותף הנכון, ניסיון לחזות נכון איך ייראה השוק בעוד מספר שנים קדימה ואתגרים נוספים עליהם התגברו עד לשווי המרשים כיום.   (*) ללינקדאין שלי: https://www.linkedin.com/in/guykatsovich/ (*) לאינסטגרם שלי: https://www.instagram.com/guykatsovich/ (*) עקבו אחרינו ב"עוד פודקאסט לסטארטאפים" וקבלו פרק מדי שבוע: ספוטיפיי:https://open.spotify.com/show/0dTqS27ynvNmMnA5x4ObKQ אפל פודקאסט:https://podcasts.apple.com/podcast/id1252035397 גוגל פודקאסט:https://bit.ly/3rTldwq עוד פודקאסט - האתר שלנו:https://omny.fm/shows/odpodcast ה-RSS פיד שלנו:https://www.omnycontent.com/.../f059ccb3-e0c5.../podcast.rssSee omnystudio.com/listener for privacy information.

How do we secure API's? On this week's State of Identity podcast host, Cameron D'Ambrosi sits down with Roey Eliyahu, Co-Founder & CEO at Salt Security to discuss the difference between authentication and authorization, particularly as it applies to APIs, API attacks, and the limits of applying identity-based controls to API security.

Finally, in the Enterprise Security News, Securonix raises $1B in Vista-led round (it's like they ate a unicorn!), Salt Security becomes a Unicorn, has not been eaten (yet), Legit Security raises a totally legit $26.5M Series A, Vicarius and Calamu raise Series As ,Permit.io, KSOC, Titaniam, Canonic Security, Allure Security, and SecureThings all pick up seed funding! We look at Big Tech's cybersecurity funding and acquisitions, The rumor mill goes nuts over a Cisco/Splunk deal that's probably not happening (maybe?) Why are cybersecurity asset management startups so hot right now? New products, unhelpful legislation, a major acquisition, & of course a few squirrel stories!    Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw261

Finally, in the Enterprise Security News, Securonix raises $1B in Vista-led round (it's like they ate a unicorn!), Salt Security becomes a Unicorn, has not been eaten (yet), Legit Security raises a totally legit $26.5M Series A, Vicarius and Calamu raise Series As ,Permit.io, KSOC, Titaniam, Canonic Security, Allure Security, and SecureThings all pick up seed funding! We look at Big Tech's cybersecurity funding and acquisitions, The rumor mill goes nuts over a Cisco/Splunk deal that's probably not happening (maybe?) Why are cybersecurity asset management startups so hot right now? New products, unhelpful legislation, a major acquisition, & of course a few squirrel stories!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw261

This week, we welcome Mitja Kolsek, Founder, CEO at ACROS Security, to talk about 0patch - Security Patching That Doesn't Make Your Life Miserable! In the next segment, we welcome Vikram Asnani, Sr Director Solution Architecture at CyberGRX, to discuss Changing the TPCRM Game W/ Cyber Risk Intelligence Tools! In the Enterprise Security News, Securonix raises $1B in Vista-led round (it's like they ate a unicorn!), Salt Security becomes a Unicorn, has not been eaten (yet), Legit Security raises a totally legit $26.5M Series A, Vicarius and Calamu raise Series As,Permit.io, KSOC, Titaniam, Canonic Security, Allure Security, and SecureThings all pick up seed funding! We look at Big Tech's cybersecurity funding and acquisitions, The rumor mill goes nuts over a Cisco/Splunk deal that's probably not happening (maybe?) Why are cybersecurity asset management startups so hot right now? New products, unhelpful legislation, a major acquisition, & of course a few squirrel stories!   Show Notes: https://securityweekly.com/esw261 Segment Resources: 0patch Blog with many posts on vulnerabilities and patches we make https://blog.0patch.com/ 0patch FAQ https://0patch.zendesk.com/hc/en-us/categories/200441471 https://www.cybergrx.com/resources/research-and-insights/blog/beyond-risk-management-how-cyber-risk-intelligence-tools-are-changing-the-tpcrm-game Visit https://securityweekly.com/cybergrx to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Mitja Kolsek, Founder, CEO at ACROS Security, to talk about 0patch - Security Patching That Doesn't Make Your Life Miserable! In the next segment, we welcome Vikram Asnani, Sr Director Solution Architecture at CyberGRX, to discuss Changing the TPCRM Game W/ Cyber Risk Intelligence Tools! In the Enterprise Security News, Securonix raises $1B in Vista-led round (it's like they ate a unicorn!), Salt Security becomes a Unicorn, has not been eaten (yet), Legit Security raises a totally legit $26.5M Series A, Vicarius and Calamu raise Series As,Permit.io, KSOC, Titaniam, Canonic Security, Allure Security, and SecureThings all pick up seed funding! We look at Big Tech's cybersecurity funding and acquisitions, The rumor mill goes nuts over a Cisco/Splunk deal that's probably not happening (maybe?) Why are cybersecurity asset management startups so hot right now? New products, unhelpful legislation, a major acquisition, & of course a few squirrel stories!   Show Notes: https://securityweekly.com/esw261 Segment Resources: 0patch Blog with many posts on vulnerabilities and patches we make https://blog.0patch.com/ 0patch FAQ https://0patch.zendesk.com/hc/en-us/categories/200441471 https://www.cybergrx.com/resources/research-and-insights/blog/beyond-risk-management-how-cyber-risk-intelligence-tools-are-changing-the-tpcrm-game Visit https://securityweekly.com/cybergrx to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Salt Labs was created in 2021 to help the industry with tackling the increase in API threats. The research division of Salt Security focuses on not only finding API vulnerabilities, but also increasing awareness about API security and offering solutions to help mitigate such risks.

Congratulations to Salt Security for their win in the 2021 CISO Choice Awards in the Application Security category. In this interview, leading analyst Richard Stiennon talks with Roey Eliyahu, CEO of Salt Security, about Salt's API Protection Platform which is lauded by the CISOs for helping to protect organizations and their assets in an increasingly digitized information world. Stay tuned for more interviews from the CISO Choice Awards and for more value-added content, request complimentary access to CISOs Connect today: https://CISOsConnect.com

This week, In the first segment, we welcome Nathan Hunstad, Principal Security Engineer & Researcher, at Code42, for an interview discussing SIEM and SOAR! Next up, In the Enterprise Security News: Secure and monitor AWS Lamba with new, not related, features from Datadog and Imperva, ServiceNow integrates with Microsoft solutions, SentinelOne wins two awards, Reducing risk with IAM, Kemp lanches Zero Trust, AWS launches another contianer product, Zscaler acquires Smokescreen, Sumo Logic acquires DF Labs, Uptycs, Salt Security and Spec Trust secure funding... and more! Then we close out the show with two pre-recorded RSAC 2021 interviews featuring Drew Rose, from Living Security, & Ganesh Pai of Uptycs!   Show Notes: https://securityweekly.com/esw229 Segment Resources: https://www.code42.com/blog/is-soar-the-new-siem/ Visit https://securityweekly.com/code42 to learn more about them! Visit https://securityweekly.com/livingsecurity to learn more about them! Visit https://securityweekly.com/uptycs to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week in the Enterprise News, Paul and the Crew talk: Secure and monitor AWS Lamba with new, not related, features from Datadog and Imperva, ServiceNow integrates with Microsoft solutions, SentinelOne wins two awards, Reducing risk with IAM, Kemp lanches Zero Trust, AWS launches another contianer product, Zscaler acquires Smokescreen, Sumo Logic acquires DF Labs, Uptycs, Salt Security and Spec Trust secure funding... & more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw229

This week, In the first segment, we welcome Nathan Hunstad, Principal Security Engineer & Researcher, at Code42, for an interview discussing SIEM and SOAR! Next up, In the Enterprise Security News: Secure and monitor AWS Lamba with new, not related, features from Datadog and Imperva, ServiceNow integrates with Microsoft solutions, SentinelOne wins two awards, Reducing risk with IAM, Kemp lanches Zero Trust, AWS launches another contianer product, Zscaler acquires Smokescreen, Sumo Logic acquires DF Labs, Uptycs, Salt Security and Spec Trust secure funding... and more! Then we close out the show with two pre-recorded RSAC 2021 interviews featuring Drew Rose, from Living Security, & Ganesh Pai of Uptycs!   Show Notes: https://securityweekly.com/esw229 Segment Resources: https://www.code42.com/blog/is-soar-the-new-siem/ Visit https://securityweekly.com/code42 to learn more about them! Visit https://securityweekly.com/livingsecurity to learn more about them! Visit https://securityweekly.com/uptycs to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week in the Enterprise News, Paul and the Crew talk: Secure and monitor AWS Lamba with new, not related, features from Datadog and Imperva, ServiceNow integrates with Microsoft solutions, SentinelOne wins two awards, Reducing risk with IAM, Kemp lanches Zero Trust, AWS launches another contianer product, Zscaler acquires Smokescreen, Sumo Logic acquires DF Labs, Uptycs, Salt Security and Spec Trust secure funding... & more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw229

Spot-On, raises $125M in Series D. The round triples the company's valuation to $1.875 billion, compared to its $625 million valuation, at the time of its Series C raise, last September. It also marks San Francisco-based Spot-On's third funding event since March 2020, and brings the startup's total funding to $328 million, since its 2017 inception.Lightrun, a start-up that helps developers debug their live production code, raises $23 million in Series A round, led by Insight Partners. The company doubled its employee count, over the course of the last year. It will continue to use the new funding, to expand its developer community, and hire across functions. The company also plans to expand its U.S. presence. Uptycs, a Boston-area start-up that uses data to help understand, and prevent security attacks, raises $50 million in Series C today. Norwest Venture Partners led the round. Rewatch raises $20M to index, transcribe, and store enterprise video content. This latest round is a Series A, and is being led by Andreessen Horowitz. Rewatch has built a system that plugs into Zoom, and Google Meet, two of the most-used video tools in the workplace, and automatically imports all of your office's, or team's video chats into a system. Open AI is launching a $100 million start-up fund, which it calls, the Open AI Start-up Fund, through which it, and its partners will invest in early-stage AI companies, tackling major problems. They will be looking for companies that are taking on serious issues, like healthcare, climate change, and education, where AI-powered applications or approaches, could benefit all of humanity. Italy's Commerce Layer, raises $16M, led by Coatue, for its headless commerce platform. The firm provides a set of APIs for businesses to build e-commerce apps, with their own customized front ends. The funding money will be used to continue expanding its business, and adding more commerce tools into its API library.Parametrix Insurance raises $17.5 million, to offer cloud downtime insurance. First Mark Capital, and F2 Venture Capital led this round.  The firm offers insurance policies for companies, that rely on third-party cloud providers, e-commerce services, payment gateways, and CRM systems.Salt Security lands $70M, for tech to protect APIs, from malicious abuse. The funding is being led by Advent International. The firm is building a network of services, to help companies using, and producing APIs to identify and eradicate risks.Indonesian crypto exchange, Pintu, gets $6M Series A, led by Pantera, Intudo, and Coinbase Ventures.  According to Pintu's internal estimates, last year Indonesia processed $10 billion USD, in crypto-assets transactions, mostly through retail investors. Pintu's new funding will be used on marketing, hiring, and product development.Software-as-a-service bot protection start-up Data-Dome, announced a raise of $35 million, in new funding, to allow it to scale up its global sales, marketing, delivery, and research and development teams. The Series B round was led by Elephant, and included ISAI.Bengaluru-based electric mobility start-up, Lithium Urban Technologies, buys out employment transportation software platform, Smart Commute, for an unknown sum. With the acquisition, Lithium would be able to provide a full range of transportation solutions, across all vehicle categories including, the conventional internal combustion engine vehicles.

Roey is a former elite cybersecurity unit veteran that led the development of high-end security systems, to protect the largest network in Israel of the Israel Defense Forces (IDF) and the government. He went to lead the development of security system projects at Cigol Digital Systems, a military-grade security systems company (Acquired by Mellanox). After Cigol Digital Systems, Roey founded the cybersecurity college that trains the next generation of leaders and prepares them for serving in the IDF’s elite security units. 

Salt Security’s Roey Eliyahu joined Technado to discuss one of the most vulnerable things security teams often overlook: APIs. They dissected an API issue at Uber that left accounts open to attack. Then, in the news, the guys covered Vint Cerf’s plan for Internet in space, Microsoft throttling availability of their October 2020 Windows 10 update, Ubuntu’s Groovy Gorilla, and a group of hackers stealing from the rich and giving just a little to the poor. Finally, in the run-up to the US elections, they discussed a largely unsuccessful hack from China masquerading as McAfee Antivirus as well as a successful ransomware attack that affected a Georgia county’s election database.

Salt Security’s Roey Eliyahu joined Technado to discuss one of the most vulnerable things security teams often overlook: APIs. They dissected an API issue at Uber that left accounts open to attack. Then, in the news, the guys covered Vint Cerf’s plan for Internet in space, Microsoft throttling availability of their October 2020 Windows 10 update, Ubuntu’s Groovy Gorilla, and a group of hackers stealing from the rich and giving just a little to the poor. Finally, in the run-up to the US elections, they discussed a largely unsuccessful hack from China masquerading as McAfee Antivirus as well as a successful ransomware attack that affected a Georgia county’s election database.

Salt Security’s Roey Eliyahu joined Technado to discuss one of the most vulnerable things security teams often overlook: APIs. They dissected an API issue at Uber that left accounts open to attack. Then, in the news, the guys covered Vint Cerf’s plan for Internet in space, Microsoft throttling availability of their October 2020 Windows 10 update, Ubuntu’s Groovy Gorilla, and a group of hackers stealing from the rich and giving just a little to the poor. Finally, in the run-up to the US elections, they discussed a largely unsuccessful hack from China masquerading as McAfee Antivirus as well as a successful ransomware attack that affected a Georgia county’s election database.

Salt Security’s Roey Eliyahu joined Technado to discuss one of the most vulnerable things security teams often overlook: APIs. They dissected an API issue at Uber that left accounts open to attack. Then, in the news, the guys covered Vint Cerf’s plan for Internet in space, Microsoft throttling availability of their October 2020 Windows 10 update, Ubuntu’s Groovy Gorilla, and a group of hackers stealing from the rich and giving just a little to the poor. Finally, in the run-up to the US elections, they discussed a largely unsuccessful hack from China masquerading as McAfee Antivirus as well as a successful ransomware attack that affected a Georgia county’s election database.

Salt Security’s Roey Eliyahu joined Technado to discuss one of the most vulnerable things security teams often overlook: APIs. They dissected an API issue at Uber that left accounts open to attack. Then, in the news, the guys covered Vint Cerf’s plan for Internet in space, Microsoft throttling availability of their October 2020 Windows 10 update, Ubuntu’s Groovy Gorilla, and a group of hackers stealing from the rich and giving just a little to the poor. Finally, in the run-up to the US elections, they discussed a largely unsuccessful hack from China masquerading as McAfee Antivirus as well as a successful ransomware attack that affected a Georgia county’s election database.

Salt Security’s Roey Eliyahu joined Technado to discuss one of the most vulnerable things security teams often overlook: APIs. They dissected an API issue at Uber that left accounts open to attack. Then, in the news, the guys covered Vint Cerf’s plan for Internet in space, Microsoft throttling availability of their October 2020 Windows 10 update, Ubuntu’s Groovy Gorilla, and a group of hackers stealing from the rich and giving just a little to the poor. Finally, in the run-up to the US elections, they discussed a largely unsuccessful hack from China masquerading as McAfee Antivirus as well as a successful ransomware attack that affected a Georgia county’s election database.

From financial services to education, nearly every industry relies on API feeds to remain competitive and generate revenue. In S2E11 former team leader of an elite Israeli Defense Forces (IDF) cyber unit and current CEO of Salt Security, Roey Eliyahu, cautions that API security must be part of an organization's business continuity strategy. If left unprotected, a breach could have catastrophic repercussions for both revenue and brand reputation. Listen to this episode to hear Roey explain how attackers choose which APIs to target, how they execute attacks, and how to protect against these threats. --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app

All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-what-cyber-pro-are-you-trying-to-hire/) Do companies hiring cybersecurity talent even know what they want? More and more we see management jobs asking for engineering skills, and even CISO jobs with coding requirements. What's breaking down? Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and our guest Liam Connolly, CISO, Seek. Thanks to this week's podcast sponsor, Salt Security. Salt Security protects the APIs at the core of SaaS, web, and mobile applications. By using patented behavioral protection Salt Security automatically and continuously discovers and learns the granular behavior of each unique API and stops attacks. In 2020 Salt Security was named a Gartner Cool Vendor in API Strategy. On this episode of Defense in Depth, you’ll learn: The poor focus of cybersecurity job listings often exposes either the poor understanding or lack of maturity of a company's information security program. We often see management cyber jobs asking for engineering skills and vice versa. Job listings can also portray the "last guy" syndrome. Those are the job listings that tack on desired skills the last person did not have. When you see too many requirements it comes off as a wish list. It's not what is required, it's more of a question as to how many boxes can a candidate check off. There can be serious harm to a company's ability to hire if they throw down too many requirements or even optional items. People who are truly required for the position you want may never apply because they'll be scared off by the other skills required or desired. CISOs are often hired by non security people and as a result they don't have a full understanding of what type of CISO they want. As a result it's often hard to find two similar CISO job listings. While CISO technical competencies are desired, it's clear that once hired a CISO will not be showing off their technical expertise. As a result, there's a lot of debate as to how much technical skill a CISO really needs. The job requires management, influencing, and communications. Many hiring teams have a hard time parsing out the types of security people they need to build out a security team. That's why you get a single job listing that appears to want to hire five different types of security people. If a CISO isn't given the budget and authority to hire a staff to fill all the necessary gaps for the company's security program, they will become fed up and leave. That starts the whole process again. Many debate that job titles in job listings are just there to massage the ego. But if compensation doesn't match the title, then they realize the title is just for show.

All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-junior-cyber-people/) There are so few jobs available for junior cybersecurity professionals. Are these cyber beginners not valued? Or are we as managers not creating the right roles for them to improve our own security? Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and guest Naomi Buckwalter (@ineedmorecyber), director of information security & privacy at Energage. Thanks to this week's podcast sponsor, Salt Security. Salt Security protects the APIs at the core of SaaS, web, and mobile applications. By using patented behavioral protection Salt Security automatically and continuously discovers and learns the granular behavior of each unique API and stops attacks. In 2020 Salt Security was named a Gartner Cool Vendor in API Strategy. On this episode of Defense in Depth, you’ll learn: There are tons of newbies eager to work in cybersecurity. The shortcoming is not the available pipeline, but a lack of headcount and managers' willingness to train and find appropriate assignments. Because headcount is often the limitation to hiring, leaders will opt to hire the most senior person they can get. Common feeling is hire one experienced person and stress them out rather than hire three junior people and train them. Problem with the former is if you stress that experienced person they will leave and tell others not to work there. There is plenty of good junior-level cybersecurity work, such as asset management cleanup, PII discovery, procedure documentation, filling out security questionnaires, scrubbing and tuning out false positives from alerting systems, reviewing vendor contracts, patch verification, following up on vulnerability management with other teams, launching and managing vulnerability scans, interviewing for shadow IT installations, working with help desk for user account remediation, and scanning logs for anomalies.

All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-api-security/) APIs are gateways in and out of our kingdom and thus they're also great access points for malicious hackers. How the heck do we secure them without overwhelming ourselves? Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and sponsored guest, Roey Eliyahu, CEO, Salt Security. Salt Security protects the APIs at the core of SaaS, web, and mobile applications. By using patented behavioral protection Salt Security automatically and continuously discovers and learns the granular behavior of each unique API and stops attacks. In 2020 Salt Security was named a Gartner Cool Vendor in API Strategy. On this episode of Defense in Depth, you’ll learn: The skill set needed to secure APIs is different than web security. The move towards the cloud, DevOps, and the need to have security tools talk to each other has brought a lot more attention to the need for API security. Like in all areas of security, just knowing what you've got is a struggle. Same is true with APIs. Just knowing what APIs you have is not enough. You must know their functionality. Map your APIs to the systems and the data their transmitting. How aware are your developers of the pitfalls of API misuse? There's a myriad of security options but start with strong authenticate using hash-based message authentication. Much of the advice we got was simply shrinking the API attack surface. This can be done by either limiting the functionality of the API or removing unused APIs. The "review the code" advice that we heard often is sadly not realistic. APIs are resistant to both automatic and manual code review. API security seems like a 300 or 400 level security effort. Smaller companies that don't have a security operations center (SOC) may simply not be able to handle it and will need to outsource their API security and SOC needs to a third party or managed security service.

Everyone loves APIs. They can simplify app development while saving time and money. Yet, like all technology, hackers can find holes in APIs that can lead to enterprises having to deal with the loss of their crown jewels. So, in turn, there are startups entering the marketplace that aim to secure APIs, no matter what type of business is putting them to use. In this episode, Greg talks to Roey Eliyahu, CEO of Salt Security, about API security and how important it is for enterprises to consider.

In the Enterprise Security News, we will discuss how Cynets Platform approach tames cyber security issues, Salt Security launches API protection platform, Yubicos 2019 state of password and authentication security report, and we have some acquisition and funding updates from ReSec, Medigate, Cato Networks, Sophos, and DarkBytes! Full Show Notes: https://wiki.securityweekly.com/ES_Episode124 Visit http://securityweekly.com/esw for all the latest episodes!

In the Enterprise Security News, we will discuss how Cynets Platform approach tames cyber security issues, Salt Security launches API protection platform, Yubicos 2019 state of password and authentication security report, and we have some acquisition and funding updates from ReSec, Medigate, Cato Networks, Sophos, and DarkBytes! Full Show Notes: https://wiki.securityweekly.com/ES_Episode124 Visit http://securityweekly.com/esw for all the latest episodes!

This week, I am joined by Matt Alderman and John Strand to interview Andrew Peterson, Founder and CEO of Signal Sciences, to talk about prioritizing bugs, functionality, and security fixes! In the Enterprise Security News, we will discuss how Cynets Platform approach tames cyber security issues, Salt Security launches API protection platform, Yubicos 2019 state of password and authentication security report, and we have some acquisition and funding updates from ReSec, Medigate, Cato Networks, Sophos, and DarkBytes!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode124 Visit https://www.securityweekly.com/esw for all the latest episodes! If you want to learn more about Signal Sciences, visit: https://www.signalsciences.com/psw   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly  

This week, I am joined by Matt Alderman and John Strand to interview Andrew Peterson, Founder and CEO of Signal Sciences, to talk about prioritizing bugs, functionality, and security fixes! In the Enterprise Security News, we will discuss how Cynets Platform approach tames cyber security issues, Salt Security launches API protection platform, Yubicos 2019 state of password and authentication security report, and we have some acquisition and funding updates from ReSec, Medigate, Cato Networks, Sophos, and DarkBytes!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode124 Visit https://www.securityweekly.com/esw for all the latest episodes! If you want to learn more about Signal Sciences, visit: https://www.signalsciences.com/psw   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly