Podcasts about signal sciences

Follow me @samirkaji for my thoughts on the venture market, with a focus on the continued evolution of the VC landscape.We have a conversation with Mitchell Green, Founder and Managing Partner at Lead Edge Capital. With offices in New York and Santa Barbara, the firm has over $5B in Assets under management and specializes in helping growth-stage companies scale.The firm has an interesting model that combines elements of PE, growth, and an active network of over 700 LPs to build a very powerful moat.I was really interested in several business components, especially the LP base's strategic nature and the programmatic way they evaluate companies. A word from our sponsor:Invest in innovation. Allocate allows investors to access top-tier private funds and co-investment opportunities within the technology sector.Despite the enormous growth of the private markets and the rapid increase of retail demand for private alternatives, investing in the highest quality private assets within the innovation sector still remains limited to institutions and ultra-connected high net worth individuals.With Allocate, wealth advisors, banks, family offices, and other qualified investors can have a streamlined way to responsibly invest with confidence.Go to allocate.co to find out more and please sign up to the waitlist to learn more and get early access to the platform.About Mitchell Green:Mitchell Green is the Founder and Managing Partner at Lead Edge Capital, a $5B growth equity firm investing in software, internet, and tech-enabled services businesses globally. Mitchell oversees the fund's global activities and has led several of the fund's largest investments, including Alibaba Group, Asana, Bumble, FIGS, Grafana, SignalSciences, Spotify, Toast, Uber, and Wise. His career began with roles on the investment teams at Bessemer Venture Partners and Eastern Advisors. Mitchell is a former nationally ranked alpine ski racer and currently serves on the boards of the U.S. Ski & Snowboard Foundation and the Laguna Blanca School in Santa Barbara, CA.Mitchell holds a B.A. in Economics from Williams College and an M.B.A. in Marketing from the Wharton School at the University of Pennsylvania.In this episode, we discuss:(01:38) Shares the origin story of Lead Edge Capital, reflecting on the early experiences before 2009, and the influence of Bessemer's deal-sourcing approach of cold calling and direct outreach.(09:57) The value of being his own boss and learning from failures(12:35) Building a team for outbound cold calling to find unique investment opportunities.(15:27) Leveraging LPs in the due diligence process for valuable insights and validation of potential investments(17:21) Creating a community among LPs where engagement and assistance are core expectations(20:55) The resilience and opportunistic nature of high-net-worth individuals during market downturns(21:59) The "moneyball" approach to investment criteria, prioritizing revenue, growth, gross margins, and capital efficiency(26:00) A success story of investing in a rapidly growing, COVID-enabled electronic signatures company(30:32) Many companies raising venture capital should not exist(36:09) The need for persistence to get into the best companies(38:57) Trusting your instincts and the strategic advantage of being contrarian in investmentI'd love to know what you took away from this conversation with Mitchell. Follow me @SamirKaji and give me your insights and questions with the hashtag #ventureunlocked. If you'd like to be considered as a guest or have someone you'd like to hear from (GP or LP), drop me a direct message on Twitter.Podcast Production support provided by Agent Bee This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit ventureunlocked.substack.com

A special episode with Brian Joe (brianwjoe on LinkedIn), head of product and co-founder of Impart Security (impart.security). Brian has a background with Signal Sciences, Fastly, and Verizon. He posts regularly on infosec, API and application security, among other topics at Security Boulevard.

Organizations that are highly effective at managing ongoing training report win rate improvements of 10 percentage points, according to research from Sales Enablement PRO. So, what does “highly effective” training look like? Shawnna Sumaoang: Hi and welcome to the Win Win Podcast. I'm your host, Shawnna Sumaoang. Join us as we dive into changing trends in the workplace and how to navigate them successfully. Here to discuss this topic is Stephanie Aylward, the manager of revenue enablement at Fastly. Thanks for joining, Stephanie! I'd love for you to tell us about yourself, your background, and your role. Stephanie Aylward: I manage the revenue enablement team at Fastly. If you aren’t familiar with Fastly, we serve about 20% of all internet traffic. For the revenue enablement team, we are a mighty team of two, and we support about 250 reps across sales, SDR, account management, and sales engineering. I’ve formally been in the enablement space for about four years, and prior to that, I spent about 10 years in various sales and sales management roles. SS: I’m excited to have you join us here today. Now, you actually spoke at our annual conference, Spark ‘22, last year in the fall on a panel around developing future-focused training programs. Stephanie, I’d love to hear from you directly for our audience. In your opinion, what does it mean to have training that is built for the future? SA: I think it really takes into consideration a global workforce and a variety of learning styles. With traditional live “training”, it’s hard to tailor it to different types of learners if you’re talking to someone, and with a global workforce, it’s hard to find presenters that can speak for all the time zones, plus not everyone can join at certain times because they may have customer meetings. From my perspective, training for the future would be self-paced, so a rep can absorb it on their own time. It would have a variety of different learning mediums, like texts, short videos, knowledge checks, Gong snippets, and infographics, and in a perfect world, it would have manager reinforcement, like a rubric for a stand and deliver. SS: I love those. I think those are really straightforward. Now, from your perspective and your experience, what does good sales training look like? SA: I think it really looks like everything I mentioned above, which is what we’re striving for. We are not perfect. It’s definitely a journey, but that is really what we are striving for. The only thing I’d add to what I said is that like when you do it, it shouldn’t just be one and done. After launch, you have to take careful consideration of how you’re going to fold it into ever-boarding so that content that you work so hard to curate does not get buried in a course. You want it to be extracted and to be very findable later so that existing reps can go back to it. You also need to consider how it gets folded into onboarding and if it gets folded into onboarding. With everything I mentioned, there’s also just being careful that you’re not including items like long videos, names, pricing, or anything that can get dated quickly because that can be difficult to maintain. SS: Absolutely. You guys leverage, at Fastly, Highspot Training, and Coaching. I’d love to understand how you leveraged that to implement what good looks like as you’ve just described it. SA: First I want to say I’m very lucky to have someone on my team with a background in instructional design. She’s very creative and very good at incorporating a lot of those items that I mentioned. She also has a background in teaching, so really understands the importance of catering to all different kinds of learners. She uses Training and Coaching, and I can kind of give you an example if that helps. We purchased a security company a few years ago called Signal Sciences. At that time, none of our reps had a background in selling security, so we had to bring them all up to speed on the security landscape, our buyers, how the solution solved buyers’ problems, and a high-level elevator pitch. We used Training and Coaching for that. That was our first really big initiative that we used it for because it really allowed reps to absorb new information on their own time in their own way, and then kind of have a capstone at the end where they were delivering their pitch or their manager and getting signed off. It was an enormous cross-functional project and we did all of that with Training and Coaching. SS: That is a very impressive example. Now, from your experience, how can training boost productivity and what are some of the best practices that you’ve really found success with? SA: I think from my perspective in terms of boosting productivity, training can absolutely shorten the ramp of achieving a really big behavior change. Going back to my Signal Sciences example, we have something completely new, like how are we going to achieve this big behavior change of getting reps to sell security? When we do have those big initiatives, training can close the time it takes to achieve that big shift in the sales organization, and from my experience, to do it well, you really have to connect all the dots for reps. So why are we doing this? What are our customers’ problems? How does this solution address them? But, also, by the way, here are actionable things you can use. Here are email templates, and talk tracks, here’s external-facing collateral you can use. In some sense, it can’t just be training, it's more of let’s package everything all together and just hand them a toolkit on a silver platter that they can use to get up and running quickly and put all of this education into action. I think that is, collectively, what can boost productivity. SS: I love that. Now, one best practice that you also mentioned in your panel discussion is the use of a readiness council to gather feedback on training. Can you share with our audience more about what this council is and how it’s helped you optimize your training? SA: Every quarter I have a small group of about five sellers, SDRs, AMs, and SEs, and I lean on them to help us build content or to review a dry run of training before it goes live. While I mentioned that Training and Coaching are ideally what we use for everything, we still do some of our training live if it’s a time-sensitive initiative. For example, for training we’re working on right now for a new product line, we use the Sales Readiness Council to give input on the training outline before our subject matter experts build it. We also had them sit in on the dry run and interject with questions, comments, concerns, suggestions, and things like that as the presenters went through it. We purposefully select people who like to participate in these big company initiatives and people that will speak up with candid feedback, because we don’t want to just hear, oh, you know, oh, this is great, we love it. We really are looking for constructive criticism so that we can fine-tune the training, we can make sure we didn’t miss anything, and ultimately deliver a better outcome. In some cases, we’ve done the dry run and it’s gone a little bit rogue and it was in those moments that we realized we needed to slow down and revisit the outline and what we were trying to achieve. It has been effective in either fine-tuning something that’s almost there or in some cases making us rethink how we approach something. SS: In addition to the feedback that you’re gathering, how else do you measure the success of training at your organization and how do you leverage Highspot to assess impact? SA: At the moment we are really big on survey feedback and completion. We use SurveyMonkey for surveys. We have that embedded into the Highspot Training and Coaching learning paths, and then we leverage Highspot to track completion. Where we’re headed for our next phase is we want to be looking at the same pane of glass that sales are looking at in order to drive decisions on what we focus on. Ideally use the exact same metrics they’d be using, like opportunities created, pipeline created, conversion rate, closed-won deals by product line, and things like that. As a company, we are still young so I know our analytics folks are working hard to build that dashboard, and once we have it, we are excited to be able to leverage that along with many other teams at Fastly. SS: Well that sounds like fantastic progress. Now, what are some of the business results that you’ve achieved through the training programs that you’ve created and delivered? SA: If I take a step back, I think it’s sometimes hard in our space to make a direct correlation between training programs only and business results, but that said, and from my experience, I think when your company has a big strategic initiative and everyone is all in on it, so you have the backing of your CRO, marketing is involved, sales operations is involved in many different functions, you can have an incredible impact. If I go back to that security example and the acquisition, when we first bought that company, everyone doubled down. All of those teams that I mentioned and then all of their efforts combined with our enablement efforts I think is what really produces very effective business results. Now the security side of our business is doing very well post-acquisition. A more recent example is we are currently rolling out force management, which is our sales methodology. Our sales cycles are long. We are less than a year in, so it’s a little early to report on business results, but we are getting good feedback and traction there. SS: Those are still very impressive results. Now to close, I’d love to learn more about your predictions for the future of training at your organization. How will your training programs evolve in the next year, and how do you envision leveraging Highspot training and coaching throughout that evolution? SA: Great question. I think for us it’s going to become more about ‘less is more' which I think ties nicely to our current economic climate and the current state of the tech industry. Our company is evolving rapidly, so we have many initiatives and there are many requests to get in front of sales. This year we’re really going to force our sales leaders to prioritize what gets attention and what doesn’t so that we can spend 80% of our time on the 20% of things that matter and then we’ll actually move the needle. That would be what my prediction is. As teams get smaller you really do have to be very careful about what you say yes to and what you say no to, because that way when you do say yes to the most important things, you can really double down and create programs that mirror what I spoke about earlier of what we’re striving for where we are using Training and Coaching, we’re including tons of different learning mediums. We’re careful not to include content that could get dated and really build out like very powerful programs versus if when you try to do it all, you have to be light in many areas and you can’t make as big of an impact. SS: Thank you so much for joining us, Stephanie. I really appreciate you sharing your insights. SA: Thank you. SS: To our audience, thanks for listening to this episode of the Win Win podcast. Be sure to tune in next time for more insights on how you can maximize enablement success with Highspot.

This week our host Brandi Starr is joined by Tyler Shields, CMO at JupiterOne. Tyler advises, guides, and operates high tech start-ups primarily in the B2B cyber security space. As a former market analyst, engineer, product manager, marketing leader, and partnership manager, Tyler builds and grows businesses – in all aspects. He is a board advisor or board member at multiple firms and an investment advisor for multiple venture capital and debt firms and his experience includes starting, leading, and growing companies including JupiterOne, CA Technologies, Sonatype, Signal Sciences, Veracode, Symantec, LURHQ, Secureworks, and @Stake. As a well-known leader in entrepreneurship and innovation in the cyber security market, and having spoken at many major industry conferences, his expert commentary has been referenced online and in print by publishers such as Rolling Stone, Bloomberg, Forbes, Reuters, and the LA Times. In this week's episode, the first of Revenue Rehab's my journey series, Brandi and Tyler discuss his unique path to the present in My Journey with Tyler Shields: Analyst, Investor, CMO. Links: Get in touch with Tyler Shields on: LinkedIn Twitter JupiterOne Cyber Therapy Podcast Enterprise Security Podcast Subscribe, listen, and rate/review Revenue Rehab Podcast on Apple Podcasts, Spotify, Google Podcasts , Amazon Music, or iHeart Radio and find more episodes on our website RevenueRehab.live

Andrew Peterson is the CEO and co-founder of Signal Sciences, a security monitoring platform. Andrew helped pioneer this industry-defining web platform, that protects websites, mobile apps and APIs which then lead to an 825million sale in less than 8 years. Andrew talks to Ryan all about his entrepreneurial journey and the biggest lessons he has learnt along the way, including the importance of perseverance as well as always continuing to be engaged with your team and processes. Andrew also opens-up about where he thinks the future of tech lies. KEY TAKEAWAYS It's important to note that when you grow as a company, each time you double the number of members on your team you are transforming dramatically, particularly in the way you manage and operate. Deciding whether to take venture capital or not isn't a simple process. It's important to weigh up whether you are happy for the company to be made public, to be sold or even go bust. These are the three main outcomes for backed businesses. Ultimately, you need to decide whether you are more focused on growth or your own control over a business. Perseverance is essential to any entrepreneur and business owner, you have to understand that the journey is long, Andrew states that it is a marathon that feels like a sprint the whole time. Make sure you are thinking about your go-to-market strategy as early on as possible. As you grow and hire, you still need to be involved in the day-to-day of the business, to help lead these teams and to continue to be engaged. BEST MOMENTS  “Every time you are doubling the number of people on the team things actually change dramatically” “Are you trying to optimise a business around growth or are you trying to optimise around control, controlling a business” “Every time that you raise funding, you're selling percentage ownership of your company to them” “Building a business is not just about building technology, it's about building all the pieces” Do You Want The Closing Secrets That Helped Close Over $125 Million in New Business for Free?"  Grab them HERE: https://www.whalesellingsystem.com/closingsecrets Ryan Staley Founder and CEO Whale Boss 312-848-7443 ryan@whalesellingsystem.com www.ryanstaley.io   EPISODE RESOURCES https://www.linkedin.com/in/andrewmarshallpeterson/ ABOUT THE SHOW How do you grow like a VC-backed company without taking on investors? Do you want to create a lifestyle business, a performance business or an empire? How do you scale to an exit without losing your freedom?Join the host Ryan Staley every Monday and Wednesday for conversations with the brightest and best Founders, CEO and Entrepreneurs to crack the code on repeatable revenue growth, leadership, lifestyle freedom and mindset.This show has featured Startup and Billion Dollar Founders, Best Selling Authors, and the World's Top Sales and Marketing Experts like Terry Jones (Founder of Travelocity and Chairman of Kayak), Andrew Gazdecki (Founder of Micro Acquire), Harpal Sambhi (Founder of Magical with a previous exit to Linkedin) and many more. This is where Scaling and Sales are made simple in 25 minutes or less.Saas, Saas growth, Scale, Business Growth, B2b Saas, Saas Sales, Enterprise Saas, Business growth strategy, founder, ceo: https://www.whalesellingsystem.com/closingsecretsSee omnystudio.com/listener for privacy information.

Andrew Peterson is the Co-Founder and CEO of Signal Sciences, the fastest growing web application security company in the world. On today's episode, Jon Sakoda speaks with Andrew Peterson about why he calls Anthony Bourdain his career role model and how he ended up in Tanzania working without running water or power near the beginning of his career.  Hire People Smarter Than You [5:38-6:06] - Andrew was always surrounded by incredibly talented people at every company he worked at. As a founder, Andrew believes you should focus on  hiring people better and smarter than you. Listen to learn why the mark of a good leader is being able to keep up with your employees.Don't Be Afraid To Challenge Yourself [6:06-11:12] - Before founding Signal Sciences, Andrew took a leap and moved to Tanzania for over a year. During his years at Google, he turned down promotions because he didn't feel challenged anymore before leaving at the height of its success. Listen to learn why constantly challenging yourself makes you a better founder. Build Your Network Early [27:59-29:23] - As Andrew moved from company to company, he built meaningful relationships with his team members and managers. These relationships eventually led him to founding Signal Sciences with his former coworkers at Etsy. As a founder, he prioritizes building relationships with potential buyers instead of letting them come to him. Listen to learn why the relationships you make now could help you in the future. Instill Confidence In Your Company [36:08-38:04] - As a founder, it can be easy to get caught up in raising as much money as you can but Andrew does the opposite. He often leaves money on the table to protect the ownership of the company and focus on sustainable growth. Listen to learn why having confidence in your company could actually mean raising less money. 

Zane Lackey is a Co-founder and the Chief Security Officer at Signal Sciences, a web-application security company acquired by Fastly. Zane shares what his career has taught him about security, founding teams, and what the future holds for digital transformations. The time Zane was hacked in 30 seconds (1:07)Moving from @Etsy to founding Signal Sciences (5:57)What to look for in founding teams (8:50)Biggest lessons learned from co-founding (10:28)Zane's advice on learning from others (18:37)

Snake Oilers: Get Signal Sciences in your CDN, automate canary generation and cloud your SIEM! Three solid pitches in this edition… In this edition of the Snake Oilers we'll hear pitches from three vendors: Brian Joe from Fastly talks about its integration of the Signal Sciences WAF into its CDN Ben Whitham and Dan Holman talk about HoneyTrace, a canary creation and monitoring automation play Anton Chuvakin from Google Cloud talks about cloud native SIEMs Links to everything we talked about are in the show notes. Show notes Web Application and API Protection | Fastly HoneyTrace- Detect and Track Data Thieves Chronicle Security - Chronicle Security Analytics Platform

On this week's show Patrick Gray and Adam Boileau discuss recent security news, including: USA and friends send a sternly worded letter NSO group in the news, but parts of the coverage don't add up Google TAG drops another great post We unveil the details of the earth shattering Kaseya 0day cyberweapon MORE This week's show is brought to you by Signal Sciences, which is now a part of Fastly. Instead of booking an interview with one of their staff, they suggested we interview one of their customers – so this week's sponsor guest is J J Agha, the CISO of Compass, the American real estate website. He'll be joining us to talk about his general approach, and yes, Signal Sciences is a part of that, but he'll speak to automation and orchestration and a bunch of other stuff too. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes The United States, Joined by Allies and Partners, Attributes Malicious Cyber Activity and Irresponsible State Behavior to the People's Republic of China | The White House Mircrosoft hack: U.S., allies accuse China of Exchange breach and condoning other cyberattacks - The Washington Post US says Chinese hackers breached 13 pipeline operators between 2011 and 2013 - The Record by Recorded Future U.S. accuses China of abetting ransomware attack Microsoft links Serv-U zero-day attacks to Chinese hacking group - The Record by Recorded Future Pegasus: NSO clients spying disclosures prompt political rows across world | India | The Guardian Pegasus spyware: NSO Group's cloud infrastructure shut down by Amazon, says Vice Saudis behind NSO spyware attack on Jamal Khashoggi's family, leak suggests | Jamal Khashoggi | The Guardian Response from NSO and governments | World news | The Guardian This tool tells you if NSO's Pegasus spyware targeted your phone | TechCrunch Windows spyware and zero-days linked to prodigious Israeli hack-for-hire company - The Record by Recorded Future Google: Three recent zero-days have been used against Armenian targets - The Record by Recorded Future The SolarWinds Hackers Used an iOS Flaw to Compromise iPhones | WIRED How we protect users from 0-day attacks Google patches Chrome zero-day, eighth one in 2021 - The Record by Recorded Future That iPhone WiFi crash bug is far worse than initially thought - The Record by Recorded Future Brian in Pittsburgh on Twitter: "The vulnerabilities exploited to accomplish the Kaseya customer intrusions were as dumb as you were probably expecting: https://t.co/eOnManp6ar" / Twitter Ransomware incident at major cloud provider disrupts real estate, title industry - The Record by Recorded Future Lawmakers Look to Improve Cyber Workforce, Especially for Acquisitions - Nextgov GSA blocks senator from reviewing documents used to approve Zoom for government use | TechCrunch TSA pushes more cybersecurity mandates on critical pipeline owners, emphasizing ransomware US offers $10 million reward for info on state-sponsored hackers disrupting critical infrastructure - The Record by Recorded Future US government launches plans to cut cybercriminals off from cryptocurrency Microsoft takes control of 17 domains used by West African BEC gang - The Record by Recorded Future Momentum builds on federal oversight of facial recognition tech after reported abuses Amnesty sues NYPD, seeking details about facial recognition technology and arrest data Windows Hello bypassed using infrared image - The Record by Recorded Future Inside the Industry That Unmasks People at Scale Instagram rolls out new tool to help users secure hacked accounts - The Record by Recorded Future Facebook says Iranian hackers used it to lure defense company employees Annoying LinkedIn Networkers Actually Russian Hackers Spreading Zero-Days, Google Says DevSecAI: GitHub Copilot prone to writing security flaws | The Daily Swig Hackers Move to Extort Gaming Giant EA RCE vulnerability in Cloudflare CDN could have allowed complete compromise of websites | The Daily Swig Patrick Gray on Twitter: "Good to know!" / Twitter Kevin Beaumont on Twitter: "Oh dear. I need to validate this myself, but it seems like MS may have goofed up and made the SAM database (user passwords) accessible to non-admin users in Win 10." / Twitter Vortimo [www] – Pro browser extension Demand More from Your WAF - Signal Sciences

GuruGanesha Khalsa, Executive Chairman and Co-Founder of Conscious Selling Inc. is considered by many to be the most sought-after sales trainer in the global tech universe.  Tens of thousands of successful high-tech sales professionals worldwide consider their days spent in training with Ganesh as seminal. His extensive client list is a who's who of the top tech companies in the world including Salesforce, LinkedIn, Slack, Dropbox, Elastic, BMC, Dell, Oracle, Cisco and Signal Sciences.   https://www.linkedin.com/in/guruganesha-khalsa-65987848/  https://consciousselling.com/ 

On this episode of Startup Foundations, we talked to Andrew Peterson, CEO & co-founder of Signal Sciences, an edge security solutions company that just sold to Fastly for almost $1B.Andrew and Greg discuss the impact that the acquisition had on him and his employees. Andrew also shares his insights on what it takes to build a strong company culture and the challenges he faced as a first-time founder. Andrew chats about the specific challenges of building a startup into a trusted brand in the security industry.The episode wraps up with Andrew sharing his experience fundraising for Signal Sciences and how he raised his first investor check for his startup from Michael Dearing at Harrison Metal. Finally, Andrew offers advice for early-stage founders and discusses the importance of building a great team from day 1.CREDITS:Host: Greg Miaskiewicz, co-founder of Capbasehttps://twitter.com/miaskiewiczGuest: Andrew Peterson - Founder & CEO of Signal Scienceshttps://twitter.com/ampeters06Signal Scienceshttps://www.signalsciences.com/

In this episode of the Virtual Coffee with Ashish edition, we spoke with Zane Lackey, CISO & Co-Founder Signal Sciences, which is now owned by Fastly. Host: Ashish Rajan - Twitter @hashishrajan Guest: Zane Lackey - Linkedin In this episode, Zane & Ashish spoke about What was your path to your current CyberSecurity Role? DevOps movement between East Coast and West Coast in 2010 - Etsy (Biggie) & Netflix (2Pac) Was the change to 30 production deployments a day, good thing for security? What was action plan as a CISO to tackle 30 deployments a day? Has the viewpoint on Security and thing that kept CISO awake at night changed due to Pandemic? Post Pandemic CISOs have 100s of single pane of glass Scale is the problem that is facing every security team. And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

GuruGanesha Khalsa is the Executive Chairman and Co-Founder of Conscious Selling. He is considered by many to be the most sought-after sales trainer in the global tech universe. ‘Ganesh' blends savvy New York street smarts, Eastern metaphysical insight, and mastery of Conscious Selling's consultative, trust-building sales methodology in an electrifying training style. His unique brand of “Sales Edu-tainment” is generously spiced with hilarious, uplifting stories garnered during a colorful 45-year sales, sales management, and sales training career. Tens of thousands of successful high-tech sales professionals worldwide consider their days spent in training with Ganesh as seminal. His extensive client list is a who's who of the top tech companies in the world including Salesforce, LinkedIn, Slack, Dropbox, Elastic, BMC, Dell, Oracle, Cisco and Signal Sciences. In this episode 1) How did you Ganesh get into sales and become a sales trainer? 2) We Discuss the birth of Conscious Selling and the vision behind it 3) How to sell from a place of fulness and integrity 4) Conscious Selling Messaging and Methodology.

On this week’s show, Patrick Gray talks to Joe Slowik and Dmitri Alperovitch about the APT campaign that impacted the US government and FireEye via SolarWinds’ supply chain. Alex Stamos also joins the show to chime in more generally on supply chain interference before discussing some other news, like: Apple losing (most of) its case against Corellium Assange won’t be extradited… yet Adobe has finally killed Flash, and killed it good This week’s show is brought to you by Signal Sciences. In this week’s sponsor interview we’ll be talking to a Signal Sciences customer, Doug DePerry. He heads product security at the Gemini cryptocurrency exchange. We’ll be talking to him about what that’s like because those sort of outfits tend to attract decent attackers. Links to everything that we discussed are below and you can follow Patrick on Twitter if that’s your thing. Show notes Apple loses copyright battle against security start-up Corellium - The Washington Post Microsoft, Google, Cisco, and others file amicus brief in support of Facebook's NSO lawsuit | ZDNet Zero-click iOS zero-day found deployed against Al Jazeera employees | ZDNet Apple, Google, Microsoft, and Mozilla ban Kazakhstan's MitM HTTPS certificate | ZDNet Adobe to block Flash content from running on January 12, 2021 | ZDNet Zodiac Killer cipher is cracked after eluding sleuths for 51 years | Ars Technica

This week, we welcome Alfred Chung, Sr. Product Manager at Signal Sciences, to discuss Azure App Service & Cloud-Native Signal Sciences Deployments! In the Application Security News, Lax IoT security exposes smart-irrigation systems, Adobe Flash goes truly end of line in one last update, confidential computing gets a turbo boost with Nitro, link previews show security and privacy problems, and security theatre gets an encore!   Show Notes: https://wiki.securityweekly.com/asw128 Visit https://securityweekly.com/signalsciences to learn more about them!   Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Alfred Chung, Sr. Product Manager at Signal Sciences, to discuss Azure App Service & Cloud-Native Signal Sciences Deployments! In the Application Security News, Lax IoT security exposes smart-irrigation systems, Adobe Flash goes truly end of line in one last update, confidential computing gets a turbo boost with Nitro, link previews show security and privacy problems, and security theatre gets an encore!   Show Notes: https://wiki.securityweekly.com/asw128 Visit https://securityweekly.com/signalsciences to learn more about them!   Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Discussing what enterprises have to do while adapting legacy apps in to Azure, while doing in a secure, steady way without leaving any gaps. Signal Sciences site extension makes sure your apps are covered across the board, and will protect any app in Azure.   This segment is sponsored by Signal Sciences. Visit https://securityweekly.com/signalsciences to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw128

Discussing what enterprises have to do while adapting legacy apps in to Azure, while doing in a secure, steady way without leaving any gaps. Signal Sciences site extension makes sure your apps are covered across the board, and will protect any app in Azure.   This segment is sponsored by Signal Sciences. Visit https://securityweekly.com/signalsciences to learn more about them!   Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw128

In this episode I talk with Zane Lackey about Web Application Security. Zane is the Co-Founder and Chief Security Officer for Signal Sciences. Talking Points and Listener Submitted Questions:What kinds of 'Real World' attacks are people dealing with against web applications?How do you detect an attack against a web application?How do you measure the effectiveness of your technical web app security controls (WAF, API, Authentication, Business Logic, etc.)?How do can you ensure that your companies web application API's cannot be abused to access data that the user is unauthorized to access?Do bug bounty programs work?Should all SMBs have a web application vulnerability disclosure program?This episode is sponsored by Signal Sciences. Signal Sciences is a web application security company based out of Culver City, California.

On this week’s show Patrick and Adam discuss the week’s security news, including: Yep, it was Cyber Command Also Microsoft, Symantec, Lumen and others Norwegian parliament hack pinned on Russia We finally talk about “ethics in OST” More Netflix senior security engineer Scott Behrens also joins the show this week. This week’s episode if brought to you by Signal Sciences – which is now a part of Fastly – and they suggested we talk to Scott for their sponsor slot this week. So, Scott joins the show to talk through how Netflix handles appsec. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Report: U.S. Cyber Command Behind Trickbot Tricks — Krebs on Security Persistently Engaging TrickBot: USCYBERCOM Takes on a Notorious Botnet - Lawfare (1) Ciaran Martin on Twitter: "Fascinating account from ⁦@BobbyChesney⁩ on new adaptation of persistent engagement: the hounds released against #ransomware. https://t.co/Dk5Spcjkmy" / Twitter Trickbot and the Context of Cyber Warfare – Stranded on Pylos TrickBot botnet survives takedown attempt, but Microsoft sets new legal precedent | ZDNet The Man Who Speaks Softly—and Commands a Big Cyber Army | WIRED FBI/DHS: Government election systems face threat from active Zerologon exploits | Ars Technica DHS warns that Emotet malware is one of the most prevalent threats today | Ars Technica Norway says Russian hackers carried out breach at parliament Russian-speaking hackers target Russian organizations with industrial spying tools Chinese hackers suspected in cyber-espionage operation against Russia, India 'Mercenary' hacker group runs rampant in Middle East, cybersecurity research shows | Reuters Lined up in the sights of Vietnamese hackers Five Eyes governments, India, and Japan make new call for encryption backdoors | ZDNet Cyber Command and Microsoft pile in on TrickBot - Risky Business Top reason to apply October, 2020’s Microsoft patches: Ping of Death Redux – Sophos News German tech giant Software AG down after ransomware attack | ZDNet Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work — Krebs on Security Malware gangs love open source offensive hacking tools | ZDNet Researchers map threat actors’ use of open source offensive security tools | The Daily Swig Researchers Found 55 Flaws in Apple's Corporate Network | WIRED Swiss Post releases bug bounty safe harbor wording under Creative Commons license | The Daily Swig

Our special guest today is Jim Manico. He is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also the co-founder of the LocoMoco Security Conference in Hawaii as well as an investor and advisor for BitDiscovery and Signal Sciences. Jim is a frequent speaker on secure software practices and is a member of the JavaOne rockstar speaker community. He is the author of Iron-Clad Java: Building Secure Web Applications from McGraw-Hill. https://www.linkedin.com/in/jmanicohttps://locomocosec.com/https://bitdiscovery.com/https://www.signalsciences.com/http://www.amazon.com/Iron-Clad-Java-Building-Secure-Applications/dp/0071835881Jim Manico is interviewed by David Quisenberry and John L. Whiteman.Follow us:HomepageTwitterMeetupLinkedInYouTube- Become an OWASP member - Donate to our OWASP PDX chapterSupport the show (https://owasp.org/supporters/)

相澤さん自己紹介 CDNとの関わり Fastlyとの出会い Fastlyについて 提供しているソリューション Edge Cloud (vs. Central Cloud) 代表的なユースケース＝コンテンツ配信からマルチクラウドまで Fastly Edge Cloudについて Edge Cloudが提供するバリュー (キャッシングとパフォーマンス) Fastlyの特徴：集中型。ワンネットワーク。最新のハードウェア。 インスタントパージ、ほぼリアルタイムの設定変更 ユースケース: メルカリ (マルチクラウド対応、WAF、Image Optimizerなど) 今後の技術革新 Compute@Edge : AWS Lambda or Lambda Edge ライクなサーバーレス製品 (beta) Secure@Edge: Fastly WAF の進化版、統合型セキュリティースイート。10月初旬に完了したSignal Sciences 買収による技術も統合される予定。

The drivers behind transformation, or roadbloacks, come in different forms. Mergers and acquisitions present both security challenges and opportunities for growth. Legacy technology always presents unique challenges, especially when it comes to security. Of course, everyone wants to be cloud native, but just how far along are you on the journey? Join us for a discussion on these topics with Jimmy Mesta from Signal Sciences!   This segment is sponsored by Signal Sciences. Visit https://securityweekly.com/signalsciences to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw199

This week, first we talk Enterprise News, discussing Acunetix new data retention policies, 5 things you should ask your web app pen test provider, Microsoft's open source tool for sniffing out Windows 10 bugs, Datadog unveils support for distributed tracing for AWS Step Functions via AWS X-Ray, and Gravwell's Data Fusion platform breaks the mold of legacy data ingestion engines! In our second segment, we welcome Ferruh Mavituna, CEO of Netsparker, to discuss Current Security Needs Of Modern Enterprise Companies! In our final segment, we welcome Jimmy Mesta, Director of Security Research at Signal Sciences, to discuss Securing Enterprise Digital Transformations!   Show Notes: https://securityweekly.com/esw199 Visit https://securityweekly.com/netsparker to learn more about them! Visit https://securityweekly.com/signalsciences to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, first we talk Enterprise News, discussing Acunetix new data retention policies, 5 things you should ask your web app pen test provider, Microsoft's open source tool for sniffing out Windows 10 bugs, Datadog unveils support for distributed tracing for AWS Step Functions via AWS X-Ray, and Gravwell's Data Fusion platform breaks the mold of legacy data ingestion engines! In our second segment, we welcome Ferruh Mavituna, CEO of Netsparker, to discuss Current Security Needs Of Modern Enterprise Companies! In our final segment, we welcome Jimmy Mesta, Director of Security Research at Signal Sciences, to discuss Securing Enterprise Digital Transformations!   Show Notes: https://securityweekly.com/esw199 Visit https://securityweekly.com/netsparker to learn more about them! Visit https://securityweekly.com/signalsciences to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

The drivers behind transformation, or roadbloacks, come in different forms. Mergers and acquisitions present both security challenges and opportunities for growth. Legacy technology always presents unique challenges, especially when it comes to security. Of course, everyone wants to be cloud native, but just how far along are you on the journey? Join us for a discussion on these topics with Jimmy Mesta from Signal Sciences!   This segment is sponsored by Signal Sciences. Visit https://securityweekly.com/signalsciences to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw199

  In this episode, we explore the application security programme and the human element that lead to a successful programme in ETSI marketplace We have the honour to have Andrew Peterson Co-Founder and CEO of Signal Science The podcast is in collaboration with the cloud security alliance UK Chapter and NSC42 Ltd (for more episode visit www.nsc42.co.uk/cscp)   Bio: Andrew Peterson is the CEO and Co-Founder of Signal Sciences. Prior to co-founding Signal Sciences, Andrew has been building leading-edge, highly performing product and sales teams across five continents for +15 years with such companies as Etsy, Google, and the Clinton Foundation. In 2016, O'Reilly published his book Cracking Security Misconceptions to encourage non-security professionals to take part in organizational security. He graduated from Stanford University with a BA in Science, Technology, and Society.   Host Bio - Francesco Cipollone I'm Francesco, a Cybersecurity Executive/Chief Information Security Officer (CISO) who specializes in strategy and cloud security. Fueled with passion, curiosity and dissatisfaction for the status quo, I believe in protecting identities in cyberspace and creating a safer, more connected world for future generations. I'm the director of the Cyber Security Consultancy NSC42 www.nsc42.co.uk In my spare time, I'd love to give back to the cybersecurity community and I'm a keen contributor. I'm the co-author of several books on network and security and collaborate with a As part of that, I've Director of Events for the Cloud security alliance UK and active member of ISC2. I've launched the #MentoringMonday community together with the support of Jane Frankland and Tanya Janca. The mentorship community is inclusive with a focus to empower women in cybersecurity as well as young minds. I am a mentor and coach in the community and I've launched the activity in order to help the future generation of cybersecurity expert.  I've delivered effective cybersecurity transformation for my client in Financial services such as Nationwide, Charles Taylor, Capita Asset Management, Link Asset Management. I've also delivered a cybersecurity improvement programme for different sectors, amongst my clients: United Nations (WFP and FAO), National Lottery (Camelot), Vodafone, BT, Telecom Italia.

Zane Lackey joins us once again to talk about Zero Trust, Cloud Security, and the impact of COVID-19 on Digital Transformation! This segment is sponsored by Signal Sciences.   Visit https://securityweekly.com/signalsciences to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw659

This week, we welcome back Zane Lackey, Chief Security Officer at Signal Sciences, to talk about the Affects Of COVID-19 On Web Applications! In our second segment, we welcome back Sumedh Thakar, President and Chief Product Officer at Qualys, to discuss The Power of the Cloud Platform, One Single Agent, One Global View! In the Security News, Vulnerable Cellular Routers Targeted in Latest Attacks on Israel Water Facilities, Fugitive Wirecard Executive Jan Marsalek Was Involved In Attempt to Purchase Hacking Team Spyware, 8 Cybersecurity Themes to Expect at Black Hat USA 2020, Twitter says hackers viewed 36 accounts' private messages, and how Thieves Are Emptying ATMs Using a New Form of Jackpotting!   Show Notes: https://wiki.securityweekly.com/psw659 Visit https://securityweekly.com/signalsciences to learn more about them! Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome back Zane Lackey, Chief Security Officer at Signal Sciences, to talk about the Affects Of COVID-19 On Web Applications! In our second segment, we welcome back Sumedh Thakar, President and Chief Product Officer at Qualys, to discuss The Power of the Cloud Platform, One Single Agent, One Global View! In the Security News, Vulnerable Cellular Routers Targeted in Latest Attacks on Israel Water Facilities, Fugitive Wirecard Executive Jan Marsalek Was Involved In Attempt to Purchase Hacking Team Spyware, 8 Cybersecurity Themes to Expect at Black Hat USA 2020, Twitter says hackers viewed 36 accounts' private messages, and how Thieves Are Emptying ATMs Using a New Form of Jackpotting!   Show Notes: https://wiki.securityweekly.com/psw659 Visit https://securityweekly.com/signalsciences to learn more about them! Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Zane Lackey joins us once again to talk about Zero Trust, Cloud Security, and the impact of COVID-19 on Digital Transformation! This segment is sponsored by Signal Sciences.   Visit https://securityweekly.com/signalsciences to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw659

Why You Need Recorded Futures Ultimate Security Intelligence Kit, Securing the Multi-Cloud Environment through CSPM and SSPM, CyberKnight joins forces with Armis to bring agentless EDR to OT, IoT and ICS environments, Attivo Networks' enhanced EDN solution prevents attackers from seeing or exploiting production data, Check Point Infinity SOC is launched, and more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode190

Why You Need Recorded Futures Ultimate Security Intelligence Kit, Securing the Multi-Cloud Environment through CSPM and SSPM, CyberKnight joins forces with Armis to bring agentless EDR to OT, IoT and ICS environments, Attivo Networks' enhanced EDN solution prevents attackers from seeing or exploiting production data, Check Point Infinity SOC is launched, and more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode190

Today's episode of The Secure Developer features some fantastic content from a panel at DevSecCon London. Clint Gibler, Research Director at the NCC Group is joined by Doug DePerry, Director of Defense at Datadog, Tash Norris, Head of Product Security at Moonpig, Jesse Endahl, CSO at Fleetsmith, and Zane Lackey, CSO at Signal Sciences. The discussion begins with a dive into building a good security culture within a company and ways to get other members of an organization interested in security. Some of the strategies explored include cross-departmental relationship building, incentivizing conversations with the security team through swag and food, and embedding security within development teams. We then turn our attention to metrics. There are often competing priorities between developers and security, which can cause tension. The panel shares some of the security metrics that have and have not worked for them, and we also hear different takes on the often-divisive bug count metric. Next up is a dive into working with limited personnel and financial resources, one of the most common constraints security teams face. We hear how the panel approaches prioritization, adding value to the organization as a whole, and the importance of making the security capabilities digestible to the developers. After this, the panel explores risk quantification and subsequent communication. While it's difficult to quantify risk precisely, there are some effective strategies such as risk forecasting. Along with this, techniques on communicating with executives in resonant ways to convey the severity of potential threats are also shared. Other topics covered include policy-driven vs technical-driven security and skilling up less technical teams, how to know when security is ‘done,' and incentives for upholding security protocols!

On this week’s show Patrick and Adam discuss the week’s security news, including: Facebook commissioned custom 0day to de-cloak child sex predator IP stack bugs to plague IoT, ICS for years Sandworm was doxxed by the NSA and hardly anyone noticed Congress demands answers on 2015 Juniper NetScreen back door investigation Amazon, Microsoft join moratorium on sale of facial recognition to police Much, much more This week’s show is brought to you by Signal Sciences. And instead of having one of their staff on the show, they nominated one of their customers to appear instead. So in this week’s sponsored segment we’re going to hear from Keith Hoodlet. Keith is currently the Senior Manager of Application Experience at Thermo Fisher Scientific, a $137 billion company. He built their appsec program and he’ll be along later on to talk through all of that. It’s a rapid-fire interview about how he was able to get started and make a dent quickly. Keith used to co-host the Application Security Weekly podcast and he’s worked for Bugcrowd and Veracode. He’s a cool guy, it’s a great interview, make sure you stick around for that one. You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here. You can subscribe to our new YouTube channel here. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Facebook Helped the FBI Hack a Child Predator - VICE gov.uscourts.insd.77308.131.0.pdf Ripple20 vulnerabilities will haunt the IoT landscape for years to come | ZDNet Exclusive: Sandworm's Exim hacks reveal wider Russian activity - Risky Business Driving Discord through Disinformation and Disruption – Stranded on Pylos Wyden seeks details on spies' data protection after scathing CIA audit on Vault 7 leaks wyden-cybersecurity-lapses-letter-to-dni.pdf Congress asks Juniper for the results of its 2015 NSA backdoor investigation | ZDNet Wyden House Juniper Letter Juniper 'fesses up to TWO attacks from 'unauthorised code' • The Register Amazon Won’t Let Police Use Its Facial-Recognition Tech for One Year | WIRED Microsoft Won’t Sell Facial Recognition To American Cops After Protests (5) Richard Grenell on Twitter: "They should now be barred from federal government contracts - there should be consequences for not selling technology to police departments. @realDonaldTrump" / Twitter Research shows human rights activists in India were targeted with spyware Italian company exposed as a front for malware operations | ZDNet US intelligence bill takes aim at commercial spyware makers | TechCrunch Text - S.3905 - 116th Congress (2019-2020): Intelligence Authorization Act for Fiscal Year 2021 | Congress.gov | Library of Congress Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More | WIRED South African bank to replace 12m cards after employees stole master key | ZDNet Intel will soon bake anti-malware defenses directly into its CPUs | Ars Technica Arm CPUs impacted by rare side-channel attack | ZDNet Twitter bans 32k accounts pushing Chinese, Russian, and Turkish propaganda | ZDNet COVID-19 Tracking Apps ‘A Privacy Trash Fire’ As Norway Nixes Its Own Zoom Promises To Do Better After Banning Tiananmen Square Protests—Then Builds Tech To Help China’s Censorship Chinese users saw Zoom as a window through the 'Great Firewall' - Reuters Coder-Turned-Kingpin Paul Le Roux Gets His Comeuppance | WIRED Stalkerware detection rates are improving across antivirus products | ZDNet Lamphone attack lets threat actors recover conversations from your light bulb | ZDNet Hackers breached A1 Telekom, Austria's largest ISP | ZDNet Google email domains spoofed by SMTP exploit in G Suite | The Daily Swig Former eBay Employees Sent Cockroaches, Bloody Pig Mask to Mass. Couple In Harassment Campaign: US Attorney – NBC Boston

This week, we welcome Phillip Maddux, Sr. Technical Account Manager at Signal Sciences, to talk about The Future State of AppSec! In the Application Security News, Two vulnerabilities in Zoom could lead to code execution, Zero-day in Sign in with Apple, Focus on Speed Doesn t Mean Focus on Automation, Apple pushes fix across ALL devices for unc0ver jailbreak flaw, and more!   Show Notes: https://wiki.securityweekly.com/ASWEpisode110 To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences   Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Phillip Maddux, Sr. Technical Account Manager at Signal Sciences, to talk about The Future State of AppSec! In the Application Security News, Two vulnerabilities in Zoom could lead to code execution, Zero-day in Sign in with Apple, Focus on Speed Doesn t Mean Focus on Automation, Apple pushes fix across ALL devices for unc0ver jailbreak flaw, and more!   Show Notes: https://wiki.securityweekly.com/ASWEpisode110 To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences   Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Application Security is changing rapidly, and with changes to automation and tooling will look vastly different 5 years from now than it does today. Discuss what those changes will look like, including what we're already seeing today.   To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode110

Application Security is changing rapidly, and with changes to automation and tooling will look vastly different 5 years from now than it does today. Discuss what those changes will look like, including what we're already seeing today.   To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode110

This week, we welcome Jack Zarris, Senior Sales Engineer at Signal Sciences, to talk about Using Rate Limiting to Protect Web Apps and APIs! In our second segment, we welcome Tim Mackey, Principal Security Strategist at Synopsys, to discuss the Highlights From the New Open Source Security and Risk Analysis Report!   Show Notes: https://wiki.securityweekly.com/ASWEpisode108 To learn more about Synopsys, visit: https://securityweekly.com/synopsys To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences   Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Rate limiting can be used to protect against a number of modern web application and API attacks. We’ll discuss some of those attacks, including Object ID enumeration, in detail, will demo an attack and will show how using rate limiting in our solution can protect against these attacks.   To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode108

Rate limiting can be used to protect against a number of modern web application and API attacks. We’ll discuss some of those attacks, including Object ID enumeration, in detail, will demo an attack and will show how using rate limiting in our solution can protect against these attacks.   To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode108

This week, we welcome Jack Zarris, Senior Sales Engineer at Signal Sciences, to talk about Using Rate Limiting to Protect Web Apps and APIs! In our second segment, we welcome Tim Mackey, Principal Security Strategist at Synopsys, to discuss the Highlights From the New Open Source Security and Risk Analysis Report!   Show Notes: https://wiki.securityweekly.com/ASWEpisode108 To learn more about Synopsys, visit: https://securityweekly.com/synopsys To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences   Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

On this week’s show Patrick and Adam discuss the week’s security news, including: KSA uses SS7 to track its citizens in USA Governments begin virus tracking through personal devices FBI warns of Iran-linked crew in yer supply chains Voatz gets booted from HackerOne All the cloud and Zoom drama (PLEASE NOTE: This is a re-post. Looks like our CDN mangled the initial mp3 for some regions. Should work ok now. - Pat) This week’s show is brought to you by Signal Sciences. Instead of interviewing one of their people, they suggested we interview Andrew Becherer in this week’s sponsor interview. Andrew runs security for Iterable, but before that he ran the security program at DataDog. He’ll be along after this week’s news to talk about how much easier it is to stand up a security program in 2020 as opposed to the last time he did it five or so years ago You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here. You can subscribe to our new YouTube channel here. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Revealed: Saudis suspected of phone spying campaign in US | World news | The Guardian SS7map: SS7 Networks Exposure Government Tracking How People Move Around in Coronavirus Pandemic FBI re-sends alert about supply chain attacks for the third time in three months | ZDNet HackerOne cuts ties with mobile voting firm Voatz after it clashed with researchers Houseparty app offers $1m reward to unmask entity behind hacking smear campaign | ZDNet Marriott discloses new data breach impacting 5.2 million hotel guests | ZDNet FCC tells US telcos to implement caller ID authentication by June 30, 2021 | ZDNet Memento Labs, the Reborn Hacking Team, Is Struggling - VICE RDP and VPN use skyrocketed since coronavirus onset | ZDNet Update #2 on Microsoft cloud services continuity | Azure blog and updates | Microsoft Azure Zoom hit with class-action lawsuit for sharing user data with Facebook FBI Warns of Teleconferencing and Online Classroom Hijacking During COVID-19 Pandemic — FBI A Norwegian school quit using video calls after a naked man ‘guessed’ the meeting link | TechCrunch FBI warns Zoom, teleconference meetings vulnerable to hijacking - CyberScoop Zoom Removes Code That Sends Data to Facebook - VICE FBI turns to insurers to grasp the full reach of ransomware - CyberScoop Cyber insurer Chubb had data stolen in Maze ransomware attack | TechCrunch Medical and military contractor Kimchuk hit by data-stealing ransomware | TechCrunch Microsoft announces new 'Hardware-enforced Stack Protection' feature | ZDNet Android lets advertisers get a list of all your apps -- and this API feature is broadly used | ZDNet Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics | ZDNet Risky Business Live, March 31, 2020 - YouTube Risky Business Live #3 -- Booz Allen Hamilton's Russia report, Azure getting creaky and more - Risky Business Network of fake QR code generators will steal your Bitcoin | ZDNet A mysterious hacker group is eavesdropping on corporate email and FTP traffic | ZDNet Malware from notorious FIN7 group is being delivered by snail mail Rare BadUSB attack detected in the wild against US hospitality provider | ZDNet Google to resume Chrome updates it paused last week due to COVID-19 | ZDNet Google says no APP users have been phished to date | ZDNet Russians Shut Down Huge Card Fraud Ring — Krebs on Security U.S. cybersecurity experts see recent spike in Chinese digital espionage - Reuters Dark web hosting provider hacked again -- 7,600 sites down | ZDNet OpenWRT code-execution bug puts millions of devices at risk | Ars Technica Seriously Risky Business

This week, Doug White brings you the latest news for this week, including Zoombombing, Zero Days at Microsoft, AI Takes charge at Facebook, and COVID-19! In the Expert Commentary, we welcome Daniel Hampton, Sr. Technical Account Manager at Signal Sciences, to talk Working Smarter and Not Harder!   To learn more about Signal Sciences or to request a demo, visit: https://securityweekly.com/signalsciences Show Notes: https://wiki.securityweekly.com/SWNEpisode21   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Doug White brings you the latest news for this week, including Zoombombing, Zero Days at Microsoft, AI Takes charge at Facebook, and COVID-19! In the Expert Commentary, we welcome Daniel Hampton, Sr. Technical Account Manager at Signal Sciences, to talk Working Smarter and Not Harder!   To learn more about Signal Sciences or to request a demo, visit: https://securityweekly.com/signalsciences Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SWNEpisode21

This week, Doug White brings you the latest news for this week, including Zoombombing, Zero Days at Microsoft, AI Takes charge at Facebook, and COVID-19! In the Expert Commentary, we welcome Daniel Hampton, Sr. Technical Account Manager at Signal Sciences, to talk Working Smarter and Not Harder!   To learn more about Signal Sciences or to request a demo, visit: https://securityweekly.com/signalsciences Show Notes: https://wiki.securityweekly.com/SWNEpisode21   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly  

US prosecutors begin to follow through on their announced determination to pay close attention to coronavirus fraud. Data stolen from Chinese social network Weibo is now for sale on the black market--at a discount. The pandemic affects scheduled software updates and sunsets at Google and Microsoft. A new Mirai variant is out in the wild. And a DDoS attack in Australia turns out to be just a lot of Australians in need of government services. Mike Benjamin from CenturyLink on threat actors using 3rd party file hosting, guest is Andrew Peterson from Signal Sciences on top application security attacks. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/March/CyberWire_2020_03_23.html Support our show

This week, we welcome Brendon Macaraeg, Sr. Director of Product Marketing at Signal Sciences, to discuss how to develop an effective AppSec security program! In the Leadership and Communications segment, The CIO role, from IT operator to business strategist, 5 questions with Cisco's CISO, Gartner's strategic tech trends for 2020, and more!   Show Notes: https://wiki.securityweekly.com/BSWEpisode151 To learn more about Signal Sciences, visit: https://signalsciences.com/psw   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly  

Intello, the New York City-based Saas management platform, announced a $2.5 million extended seed round today, along with some product enhancements. The round was led by Resolute Ventures . Harrison Metal and Magnetico Ventures also participated along with various individual angel investors including Zane Lackey from Signal Sciences, Chris Smoak from Atrium and Zach Sherman from Timber. Today's investment brings the total raised to $4 million, according the company.