POPULARITY
In Episode 25 of Tattoos, Code, and Data Flows, Matt Rose interviews , Paul Asadoorian, Firmware Security Evangelist at Eclypsium. Paul Asadoorian spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. He is the founder of the Security Weekly podcast network, offering freely available shows on the topics of information security and hacking. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones. Paul and Matt talk about: ↳ The lack of updates from firmware ↳ Building a management interface into your device ↳ Most common security issues with firmware ↳ Supply chain risk vs firmware risk And so much more. Be sure to listen to this episode, and so many of our other great episodes by hitting the follow button. Make sure to like and subscribe to the episode. We hope you enjoy it!
Ron is President at Gula Tech Adventures, which focuses on cyber technology, cyber policy and recruiting more people to the cyber workforce. Since 2017, GTA has invested in dozens of cyber start-ups and funds and supported multiple cyber nonprofits and projects. From 2002 to 2016, Ron was the co-founder and CEO of Tenable Network Security. He helped grow the company to 20,000 customers, raise $300m in venture capital and grow revenues to $100m, setting up the company for an IPO in 2018. Prior to Tenable, Ron was a cyber industry pioneer and developed one of the first commercial network intrusion detection systems called Dragon, ran risk mitigation for the first cloud company, was deploying network honeypots in the mid 90s for the DOD and was a penetration tester for the NSA and got to participate in some of the nation's first cyber exercises. Ron was also a captain in the Air Force. LinkedIn: https://www.linkedin.com/in/rongula/ Gula Tech Adventures: https://www.gula.tech Cybrary, Free Cybersecurity Training and Career Development: https://www.cybrary.it/ SANS Institute: https://www.sans.org
In this OODAcast, we interview Ron Gula, co-founder and CEO of the highly successful Tenable Security(NASDAQ:TENB) and currently President of Gula Tech Adventures. Ron has a long history in the cybersecurity field that includes starting his career as an NSA hacker and then transitioning into an entrepreneur responsible for multiple innovations in the market and several successful companies. Ron remains a hacker at heart, and currently focuses his energy on investing in and mentoring emerging companies, improving public awareness on cybersecurity, and engaging in philanthropic efforts. In our conversation with Ron, we explore his career history, the state of cybersecurity, where we should focus our innovation investments, and how cybersecurity professionals can help solve not just global problems, but get engaged in local solutions at scale. Ron is President at Gula Tech Adventures which focuses on cyber technology, cyber policy and recruiting more people to the cyber workforce. Since 2017, GTA has invested in dozens of cyber start-ups and funds and supported multiple cyber nonprofits and projects. Ron started his cybersecurity career as a network penetration tester for the NSA. At BBN, he developed network honeypots to lure hackers and he ran US Internetworking's team of penetration testers and incident responders. As CTO of Network Security Wizards, Ron pioneered the art of network security monitoring and produced the Dragon Intrusion Detection System which was recognized as a market leader by Gartner in 2001. As CEO and co-founder of Tenable Network Security, Ron led the company's rapid growth and product vision from 2002 through 2016. He helped them scale to more than 20,000 customers worldwide, raise $300m in venture capital and achieve revenues in excess of $100m annually. Ron is President at Gula Tech Adventures which focuses on investing and advisement of two dozen cyber-security companies. Ron was honored and humbled to receive the 2017 Betamore BETA award, be named a 2016 Baltimore Tech 10 leader and a 2013 Maryland entrepreneur of the year by Ernst and Young. Additional Resources: Gula Tech Adventures Ron on Twitter Book recommendations: Shards of Earth A Big Ship at the Edge of the Universe
This week, Tessian's Tim Sadler is joined by Dave Cole, CEO and co-founder of Open Raven - a company whose mission is to reinvent data security for a modern era and put an end to data exposure. A well-known figure in the security industry, Dave has previously worked as the Chief Product Officer at Tenable Network Security, CrowdStrike and he also held multiple senior positions at Symantec. Tim and Dave discuss why data security needs reinventing, how the rise of ransomware has changed security teams' attitudes to data protection, and also what makes a good security product. And if you want more Human Layer Security insights, you can sign up to the Tessian newsletter and stay up to date.
This month, Chris Hadnagy and Ryan MacDougall are joined by Paul Asadoorian. Paul is the founder of Security Weekly, a security podcast network. Paul spends time “in the trenches” coding in Python, testing security products and evaluating and implementing open-source software. Paul's career began by implementing security programs for a lottery company and then a large university. As Product Evangelist for Tenable Network Security, Paul also built a library of materials on the topic of vulnerability management. When not hacking IoT devices, web applications or Linux, Paul can be found researching his next set of headphones, devices for smoking meat, and e-bikes. November 15, 2021. 00:00 – Intro Social-Engineer.com Managed Voice Phishing Managed Email Phishing Adversarial Simulations Social-Engineer channel on SLACK CLUTCH innocentlivesfoundation.org Human Behavior Conference 03:34 – Paul Asadoorian Intro 05:08 – How did you get started in infosec? 13:19 – When did you decide you were going to start a podcast? 24:26 – What have you learned from the guests you've had on your podcasts over all of these years? 27:00 – What is your perspective on the shifting of hacking culture in the community? 34:53 – What are the best qualities someone could have to be attractive to a potential employer in this industry? 37:14 – How do we get the younger generation to have the qualities we are not seeing? 41:38 – Who is your greatest mentor? Laurie Baker Stephen Northcutt @ SANS Ed Skoudis @ SANS 46:00 – Book Recommendations Code Girls The Phoenix Project The Unicorn Project Countdown to Zero Day The Cuckoo's Egg Cyberpunk 51:00 – Guest Wrap Up https://securityweekly.com www.twitter.com/securityweekly 53:31 – Outro innocentlivesfoundation.org
Ivan is an Senior Sales leaders with over 20 years of Sales Management and Leadership experience, he has grown Inside Sales teams from the ground up in various world class companies, from Fortune 1000 companies to small start-up companies from VC to IPO. He has cultivated top-performing teams with leading technology companies, growing markets, and penetrating new territories in both the United States and abroad. Currently his is the Global Sr. Director for Sales Development at Tenable Network Security. The Leading Cyber Exposure Company in the world. He leads the global responsibilities from strategy to execution and is focused on implementing, optimizing Sales Development / Inside Sales teams. Contact Ivan: Website LinkedIn Twitter
Podcast: The Secure Communications Podcast (LS 25 · TOP 10% what is this?)Episode: Ron Gula: The Future of Quantum CryptographyPub date: 2020-07-09Quantum computing isn't a reality yet, but most experts concede it is not far away. When that day comes, threat actors will have the ability to decrypt data they've stolen years before -- unless that data is protected by quantum-resistant cryptography. On this week's episode of The Secure Communications Podcast, we talk with cybersecurity investor and policy expert Ron Gula about the promises of and challenges associated with quantum cryptography. In this episode Ron is President at Gula Tech Adventures, which focuses on cybersecurity technology, strategy and policy. Since 2017, GTA has invested in dozens of cyber start-ups and supported multiple cyber funds. From 2002 to 2016, Ron was the co-founder and CEO of Tenable Network Security. He helped grow the company to 20,000 customers, raise $300m in venture capital and grow revenues to $100m, setting up the company for an IPO in 2018. Prior to Tenable, Ron was a cyber industry pioneer and developed one of the first commercial network intrusion detection systems called Dragon, ran risk mitigation for the first cloud company, was deploying network honeypots in the mid 90s for the DOD and was a penetration tester for the NSA where he got to participate in some of the nation's first cyber exercises. Ron is involved in a variety of cyber nonprofits and think tanks including Defending Digital Campaigns, the Cyber Moonshot, the National Security Institute and the Wilson Center. Quick links Check out the Gula Tech Adventures website Follow Ron on LinkedIn Read Kathleen (00:08): Thank you for joining today's episode of The Secure Communications Podcast. I'm your host Kathleen Booth. And today my guest is Ron Gula. Ron was the founder, cofounder, I should say, and CEO of Tenable. Today he is the president and cofounder of Gula Tech Adventures. Ron, you have an unbelievable bio. You know, you've been on the board of so many different cybersecurity companies. You're an active investor. You are, have served as a global fellow at the Wilson center, an advisory board member for George Mason University's National Security Institute. You have such a fascinating perspective on the cybersecurity industry, you know, too much to name. If I went through your whole bio, we could spend the entire podcast on that. But, but I'm really excited to have you here and, and get your perspective on a topic that I think is really interesting, which is quantum cryptography. Ron (01:00): Thank you very much for the the kind introduction and thank you very much for having me on the podcast today. So quantum cryptography, I, I it's, that's a topic that people should be very, very afraid of. But unfortunately we're really not doing a whole lot about it right now. So you know, assuming your users know a good bit about cryptography already, I kind of look at this problem as if somebody's collecting all of your encrypted traffic. Can they use a quantum computer at some point in the future to somehow break that traffic? And you would think that because of that threat, perhaps from quantum computers, you know, that there'd be more investment here and more awareness, but there really hasn't been. Kathleen (01:43): So let's start out by talking about the timeline, because I think this is something that, well, it's certainly something that I find fascinating. And I don't know if, if everybody understands it and maybe this is one of the reasons for a lack of investment in it, you know? We don't have quantum computing yet. What is, what is your opinion as far as when you think that it will actually be usable? Ron (02:07): So it's, it's interesting. I, I've, I've gotten a chance to spend some time with quantum computing companies and I ask them, so, you know, I ask them, so when can we break crypto? You know, when can we solve certain kinds of other problems and whatnot? And typically there's not a good answer there. And, and, and I said, well, do you think anybody else has done it? And they typically say no, because as soon as somebody has figured out how to do it, all these people are going to disappear and go work for the CIA or the NSA or a bank or, or, or, or something like that. So I think it's really difficult to put a number on, is this like a next year thing or next decade thing? And the problem kind of also overlooks the fact that you've got to collect all this traffic. Ron (02:48): Now, if you think about, if you imagine that the NSA and our adversaries have an infinite amount of storage and have infinite points to collect our data, then, then this is a problem. But, you know, the reality is that we live in a world based on physics, and, you know, a lot of these things need to be stored and kept in places. And I don't think the average person's having, they're, they're, they're having more stuff stored on them in social media, then perhaps an adversary is going to, you know, kind of come after them and collect on them Kathleen (03:17): Now, and, and, you know, I'm not a highly technical cybersecurity expert. And so my understanding of quantum the risk associated with quantum computing is that, you know, we don't have to worry right now that somebody could use it to, you know, crack, crack into some of the most protected information we have, but someday it's going to be a possibility. And I think, you know, the average person might think, well, who cares? So someday we'll deal with it then. But I guess my understanding is it's, it's more, you know, we can have that data stolen now and it can be held and eventually compromised in the future when that capability does come online. Is that right? Ron (03:57): It is a good, a good application of that is imagine you have something today that a crypt, cryptography that we all use - the TLS, SSL TLS you know, basically the, the S in your HTTPS. Technically you should be able to go and, you know, go to a coffee shop and go visit your favorite, you know, Facebook website, that's got, that's protected by that kind of, of crypto. And even if it was collected, it's going to be hard to break. But if at some point in the future, you know, somebody does come along and have an easy to use quantum computing, you might be able to do that. Now it starts getting a little far fetched. Is there a coffee shop somewhere, of course, pre COVID or whatever, you know, but it's some place that we're all using, you know, publicly collectible traffic that we could then say, well, the one day Ron Gula came in and happened to check his bank account. Ron (04:49): I have those packets that are in there and all, all set to go, you know? It's, it's just, it's when you think of all the things you have to do to protect yourself online, you know, patch, two factor authentication. This, it's just not the top of list for most people. And if they want to, they can just use their own, you know, a VPN, a product that you guys offer, right? Where I've done my key exchange ahead of time. You know, granted, you might be able to collect those packets and, and do it, but now you're, you're still a much harder target than people who are just relying on the cryptography from the web applications that they're using. Kathleen (05:26): Yeah. And it seems like for the average person, the notion that somebody could steal my data now, and, you know, 10 years from now, they could crack into it, I would think, so what? Like, my credit card numbers will have changed by that point. Who knows if I'll be at the same bank? Like, it almost, it doesn't seem like much of a risk to me, but where I think it gets really scary is when you think about data leakage from a place like the NSA, which, which has been compromised, you know, and there has been information stolen out of there, and maybe somebody can't process it and get into it right now. But, but if 10 from now, they're able to discover the identities of certain people or, you know, different programs that the U S government has, that then becomes a truly frightening prospect it seems. Ron (06:08): It is. And again, it's hard to be a, you know, a cybersecurity pro, cyber security person and say like, this is just not that big of a deal. But for me, I used to be like, Hey, look, this is a big problem, right? Computer's gonna be a lot faster, whether they're quantum or not. And, but at the coffee shop, you know, with using your quantum resistant cryptography, chances are the, the, the 20 dollar lock on your house that you bought from Home Depot, somebody can bust through that and put, you know, sniffers in your house you know, but little bugs that can get the same kind of information that you're trying to protect. So the question is really is, you know, when you bring that over to a large enterprise, it's, it gets, it gets interesting. It's just not the number one thing that people are working on. Kathleen (06:53): So given that the differences in the kind of, the level of risk and the implications of a compromise, do you think that, where, where do you see most of the work coming from on, on quantum resistant cryptography? Is it, do you see a lot of it coming out of the government or being funded by the government, or do you see more of it coming out of the private sector? Ron (07:15): So, so the biggest innovation I've seen in quantum resistant sort of security is, is this concept of, of multipath communications or shredding. So if I'm going to go from point A to point B, and you're assuming that your adversary is collecting on you between those things, if you can take a thousand different routes, every second, you're going to minimize the amount of data that they can collect on you. And of course, they're on your computer. Your computer is compromised. It's not going to help you, but neither will quantum resistant cryptography. And similarly, you know, if you're worried about data at rest, and you've got a one MB file, if you had a, like a hashing algorithm or a way to just physically separate that file into many, many different places - a little bit on Amazon, a little bit on Google, a little bit on your USB drive - you know, whatever, whatever that combination is, an adversary would then not only have to be able to break, your crypto, like get access to all of that, that data, that data. So the strange thing is, I've been pitched a bunch of companies like this, and there's pretty cool things. And I just, haven't seen a lot of people jump on this because they're on this mindset that the future is basically endpoint cryptography, or endpoint computing and cloud computing. You know, there'll be no CASBs in the middle. There's no, it's just about that secure access between where I need to go and where I need to go. And they're not worried about, you know, making sure that it's crypto or quantum resistant at that point. Okay. Kathleen (08:37): What do you think is, needs to happen to change that? Ron (08:42): There's gotta be a little bit more, I think, demonstration of this. And unfortunately, you know, the demonstrations we are getting is that when we break crypto, it's usually a software bug, right? Someone's figured out a way that they can see the CPU, change a crypto algorithm, extract keys, extract that, that type of stuff. But the problem is, is that, you know, just doing basic cryptography is so hard. You really have to understand who has access to your keys. You have to rotate keys, you have to do all those things. And I always like to point out that a lot of people got into cybersecurity came out of the military. They were key custodians, right? They were the people who would re-key the point to point bulk encrypters. They would, they would do things like change the codes for, you know, for duress, the duties got protocols for changing these different things. And the commercial world, private citizens, they have no concept of that. Ron (09:29): Right? I mean, I, I know people who have bad passwords to get into their password manager, you know? It's like, that's not the point, you know? So, so that's my concern is that, you know, we've really got to level up, a lot of basic hygiene things before we go tackle this. Now don't get me wrong. If, if tomorrow you know, Facebook or, or, or, or Amazon, or, you know, whoever has got more advanced, you know, ways for us to authenticate and, you know, encrypt as we, as we connect to them, you know, I'm, I'm, I'm happy with that. But in the meantime, you know, I still recommend people, like, if you're concerned about this, you should be buying products like Attila. You should be buying products that where you control your own infrastructure and then make use of what you control, because you can't just control everything else. Kathleen (10:17): So who's, who's doing really interesting work in the field of quantum cryptography? Who's out there kind of at the cutting edge? Ron (10:26): So there's, it's a little bit like the supercomputers, right? And so they, they every, every month or so you hear, Oh, the Japanese have got the world's largest supercomputer or the Russians do, or the Chinese do. Right? So the quantum folks are doing, doing interesting things. So the quantum computing folks, you've got here in Maryland, you've got that. Everybody's got a project because there's such interesting things. And, you know, I get to watch a lot of science fiction and, and play a lot of science fiction. You know, like World Builders. I'm playing Expanding Universe 2 right now. And it's kind of like Civilization, right? And quantum computing is usually one of the things you unlock that gives your, your race or your species, you know, magical powers. The problem is that the promise of what the quantum community just hasn't, it hasn't delivered yet. I think if anybody has broken it, you know, or they haven't done a lot of a lot of practical things with it just yet, that we've, that we've seen. Kathleen (11:19): So do you think it will be broken at the nation state level or in the private sector? Ron (11:22): Yeah. These are very, these are it's um, so without trying to sound too negative, so venture capital people talk to each other and you know, why would you invest in this company? Why would you not invest in this company? And it really tracks, the quantum computing, it's really tracking like healthcare research, where it takes a long time. There's a lot of PhDs in involved. A lot of universities involved. A lot of research. I mean, this is not true trivial stuff that you're going to do in your, or your, your garage. You're talking, moving atoms your, and then getting them to do things, things, and compute. And it sounded like wasn't that what a chip is? Like, Oh, the science is a lot different. Ron (12:07): I was very lucky. One day I got to visit one of these, these super computing, quantum computing companies. And there was another visiting fellow and, and this person had been to like nine other places. I got to hear about all the different kinds of, I'm dated because it's only two years ago. But at the same time, this could be a 20 year journey before we have a practical computer that you can buy in your, your you know, in your house. And it reminds me of when you, when you go and you see these, these quantum computers, you, you're like, where's the computer? They don't look like computers. It's telling you, there's a couple of these organizations. Ron (12:50): They show basic things like, show me how to code the traveling salesman problems. And I'll, I'll get the look like, no, we're not, you know, we're not really there yet. It's something I think is, is worthwhile to do. And if we're going to talk, talk a bit about quantum encryption and a bit about, there's this third area about quantum communications, where you can basically encode you know, the photons, the wave lengths in a certain way. Possibly you can, you can change a quantum object here. Maybe you can, you can stimulate it moving on the other side of the universe as a form of communications. I would love to see that. Everything I've seen has been snake oil. So, you know, I'm all for that kind of stuff, but it's, it's, it's not ready for commoditization in prime time just yet. Kathleen (13:37): Yeah. Now how accessible, if, if somebody is concerned about this and they do want to take steps now to try and protect their data, how accessible is quantum resistant cryptography now? Ron (13:51): Well, one of the reasons, so it's very accessible. You know, one of the reasons that the venture capital community has not jumped on this, it's because the cryptography becomes an OEM type of type of market. And before, you know, I get jumped on for, not from you, but know my business model. There's nothing fundamentally wrong with that. Ron (14:20): I have to do similar things. I probably have been pitched the last three, four years, probably about maybe 10 or 11 different quantum crypto library companies, where they actually don't sell anything to a direct customer. They sell it as a third party. Like a you know, w which is the believer that it's the right thing, because, you know, photography is hard. What you want is you want a team of really, really smart people who that's, all they've done. They focused on the cryptography has been vetted by the U S government. You know, that, that that sort of approach, the problem is that if they're out there selling well, licensing a library, it's not a huge, a huge thing. Back in the late nineties, early two thousands, I remember that you know, ISS, for the product that they were doing, they switched to elliptic curve cryptography to you know, communicate with their agents. And it was more resistant and that kind of stuff. Didn't really make a lot of difference I think for, for, for people that were like, okay, that's cool. That's, that's, that's better crypto, but, you know, does that really make you a better, a better security? And you would think it would be, especially since people do break into security products, but the market didn't, the market could have cared less. They want easier to use products. They don't really want, you know, that kind of stuff, but that's kind of where we're at right now. Kathleen (15:31): That's so fascinating. I mean, I think it's, it kind of applies to a lot of security, the sense that, you know, while we know there are risks out there, we just choose not to protect against them. It's, you know, it's like buying insurance, it's the same principle. It'll never happen to me. It's not going to happen anytime soon. That sort of thing. So I'm, I'm curious to see, what's going to take place that will prompt more of an interest in this. Ron (15:54): Yeah, what's going to happen, in the United States, it's NIST. N I S T is the group that does that. You've probably heard of it. DES encryption and triple DES, and then there was AES encryption and, and NIST does bake offs the same way that the air force does bakeoffs, like we have the F22 Raptor aircraft. But, but what do we really want? And this has got a lot of input from the NSA. They got a lot of very, very smart mathematicians and they're baking off these algorithms. And you know, I haven't gotten a recent update, but almost every pitch I get is like, Oh, we're part of the bake off for NIST. We were, we won this, this, this part of it. That's great. That's awesome. Kathleen (16:45): Yeah. Demand just needs to follow, I guess. Ron (16:49): It is. It's, it's one of those things where you, you know, like, let's say I got a tip from somebody who had a breakthrough in, in cryptography. You almost don't want to touch that because historically, that's where, you know, something's wrong and you, you miss a leak, you miss some sort of entropy sort of, sort of where you can actually decrypt it. And now crypto is the NSA because they have enough people to do the peer review and, and literally red team it and attack it. And I think that's very apt in these kinds of things. If you're a small company, a 10 person company, and you're coming up with the next generation, you know, quantum resistant, crypto, great prov it. You know? Go to NIST. Go to all that stuff. And, and then even after that, what's your business model? Like, why is your crypto going to be that much better than, than, than everybody else? Kathleen (17:44): Yeah. Well, it sounds like the U S government will lead the way, at least in creating demand if, you know, for it to protect itself. And then, and then it sounds as though that that could roll out a form of standards or regulations that would eventually bleed into the private sector. Is that accurate? Ron (18:00): Yeah. It's, it's, it's, it's very accurate. Ron (18:12): There's like satellites, if you've did right. It's, it's there. But when you're, when you're in space and when you're, you're there, know that's, that's weight on that device. So, so there's believe it or not, you know, there's a really a need for just encrypting in general. And it can even be bad encryption, but there's a lot of stuff that's, un-encrypted, that's, that's, that's still going on today. Actually, we have more encryption everywhere that you know, we have a lot of other things that were, that are in the clear now, that are not so much in the clear. Kathleen (18:42): Yeah, yeah. It's fascinating. I was talking to somebody the other day about IOT and it sounds like that's one area that, that is incredibly vulnerable for that same reason. Ron (18:52): So not only with IOT, do we have an issue where the device itself might have not been coded securely, but the protocols that'd be an inline when, if you look at something like SMB version three, which is very enterprise ready and has all sorts of which of levels of, of cryptography, you know, kind of built into it, you know, you just don't see that, you know, and, and talk to the cloud and we're going to give you a web interface, or a mobile app to talk to that cloud, you're hardly ever, so we need to reverse engineer it. With like one of your portfolio companies, you know, Refirm Labs from DataTribe there, you know, they find tons of stuff in IOT devices, all, all the day. Encrypt, you know, can, can you encrypt that better? Can you keep it, what's being collected half the time? So, so that's kinda where I'm seeing that market at right now. Kathleen (19:53): Yeah. Now, switching gears, you are an investor, you, as you mentioned, you get pitched by a lot of companies. You see a lot of technology. Is there a particular cybersecurity technology that you're really excited about right now? Ron (20:12): My friend's at DataTribe have some of my favorite companies. So way, the way I like to talk about it, is that, you know, I've done two companies. I've done Network Security Wizards, which was a network intrusion detection company. We did Tenable Network Security, which is cyber, you know? Ron (20:36): And swim lane. And after I left Tenable as an investor, I really got to explore. There's Huntress Labs. Huntress Labs is really focused on the SMB and finding malware, or finding back doors, finding, you know, phishing, phishing targets, you know? I find that very exciting. It's not about just their detection is it better than, you know, a Crowdstrike or a Sentinel One. It does it. Cause when, when you're dealing with a dentist office, it's a such a different mindset than, you know, dealing with like a bank, you know? Where we're, where they've got, you know, so I'm enjoying stuff like that. I'm, I'm really enjoying a lot of the different ways we can solve some of these problems. Some of the things that, that we've invested in is like cyber education. So if you look at the work that we're doing with Cybrary and you extend that to people like Catalyte, you know, that's, that's really interesting. The ability to use AI and, and, and create, you know, developers and IT teams, or in Cybrary's case, you know, the development or the ability to really, you know, pull people either from you know, inner city, retiring veterans, just anybody who's got a, access to the, to the internet, you know, into the cyber you know, career is, is just, is just really, really fun stuff. Ron (22:05): So it's, I think my biggest frustration sometimes is I'll, we'll invest in a certain category and somebody will solve it a certain way. And then another company will come along and solve it almost completely differently. Then we're sort of like, okay, well, do we want to invest in both of these companies, because they're going after the same dollars. Kathleen (22:27): Yeah. Ron (22:34): On the cloud, like Cloud Flare, or are you going to be in like a contrast, you know, and those two completely different businesses, well, security, it gets, it gets in there. That's the world I get to live in. And I really enjoy helping people think through that. And you know, hopefully we're making a difference and invest in the second and third tier here. Kathleen (23:02): Well, I love that you're involved in so many different education organizations and, and trying to kind of bring up the next, the next generation of cybersecurity professionals. I also love that you've been in business with your wife for so many years. Fun fact, I owned a company for 11 years with my husband. And so I feel like we could have an entirely separate podcast episode just on, just on working with your spouse, but I think that's, that's fantastic. And I love that story about what you guys are doing. Ron (23:30): So it's, it's funny you know, a lot of people know our story. You know, Cindy didn't get sort of the cofounder or on the web sort of, sort of u, you know, I had it explained to me, if you look at the, just for example, the divorce rate, you know, that kind of stuff, there's just, there's a, there's a 50% chance one of you is going to get divorced and leave the company and it, and that's a real risk. I get it. I get it. Having said that though, now that we've been a lot more public about it, I'm finding like you, you, you did business with your husband. I'll find a, to a brother's team, you know, that, that, that are working together. Now, brothers don't get divorced, but you can have fallings out with your families and stuff like that. I find that if you can make it work, it can be a very, very strong thing. But whenever we do sort of like off the cuff marriage counseling or anything like that, it's not like, Hey, why don't you, you guys go start a business. That'll solve all your, you know, all your things. But, but yeah, no, glad that, glad you brought that up. Kathleen (24:35): Yeah. I think going into business with anyone is kind of like getting married. Like, you have to be a phenomenal communicator and you've got to talk about everything to make it work. I always say that my greatest accomplishment in life is that I'm still married after 11 years of business partnership. So you're right. It's, it's, it's great. You have a level of trust you can't get with somebody you know, somebody else, who's not your family, so fantastic. Well, I really appreciate you joining me for this episode. It was, it was fascinating. If somebody wants to learn more about you and some of the work you're doing, where should they look online? Ron (25:12): So we maintain a webpage at gula.tech. We have a list of all the portfolio companies, including the DataTribe companies like you guys. And you know, we blog a good bit about podcasts. I'll be putting this on our blog eventually. And then you know, if they want, I do, I do post pretty pro, a good bit on LinkedIn, a little bit, you know, business. You gotta keep it on LinkedIn, but I appreciate anybody that wants to look us up. So let us know. Kathleen (25:48): Fantastic. Well, I'll put those links in the show notes. And if you're listening and you enjoyed this episode, please consider leaving the podcast a review on Apple Podcasts or wherever you choose to listen. And we want to hear from you. If you have an idea for a future episode, tweet us at @Attilasecurity. Thanks for listening. And thank you, Ron. Ron (26:06): Thank you.The podcast and artwork embedded on this page are from Attila Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
In this episode explore the impacts of COVID-19 on cyber security startups and funding. Hear from Ron Gula, the former co-founder and CEO of Tenable Network Security, and now the co-founder of Gula Tech Adventures, a cyber security venture capital firm.
During this episode of Tech Qualified, Justin Brown chats with Ivan Gomez, Senior Director of Global Sales Development at Tenable Network Security. Ivan Gomez walks us through some of his major lessons learned from his 25-year experience in sales development and inside sales. He discusses what it’s like to establish, launch and grow a global organization using a very strong sales cycle process. Episode Highlights Ivan talks about his past work experience prior to joining Tenable - he’s worked for startups and large companies. Tenable’s mission is to empower organizations to understand and reduce their cyber risk. Tenable provides solutions to small, medium, and larger organizations to help mitigate their cyber risk. The sales development team has a very clear mission on what their objectives are - to drive pipeline with qualified sales opportunities. In order to drive opportunities, the sales and marketing teams must be closely aligned. At Tenable, sales development reports to the sales team versus the marketing team...however, it’s important to recognize that they work closely with marketing. When a company grows, Ivan talks about the importance of having sales development report to sales versus marketing. Tenable has a strong focus on human capital development with the young professionals who are a part of the sales development team. Ivan talks about the importance of a “full funnel approach” with sales development and how it’s crucial for sales to have a complete understanding of the industry and specific pain points of customers. Ivan discusses the importance of understanding the entire buying committee - not just the CISO...but project managers, network security professionals and more. When launching campaigns at Tenable, Ivan discusses the approach of a “campaign in a box” and how the organization aligns marketing and sales together from the beginning. With outbound sales, you go after the prospects that you definitely want to work with versus those who engage with webinars or other inbound marketing efforts. Ivan discusses Tenable’s focus on its website and the resources available (i.e., podcast about cybersecurity). Episode Key Points When discussing outbound sales, Ivan mentioned “...when you go outbound, you get what you want. There are some individuals that despite our best marketing efforts, they just don't raise their hands for a webinar. They don't attend a particular trade show. They don't download the information. These are individuals that are extremely busy. So consequently, we have to go in a very targeted approach and implement what we call our account based marketing strategies…” Ivan spoke a bit about intent data and how it’s important to combine intent data with a very specific ABM strategy to ensure sales is focused on the right accounts. Resources Ivan Gomez: LinkedIn Tenable: Website Motion: Ultimate Thought Leadership Course for B2B Tech Companies
Jack Huffard is the President and CEO of Tenable Network Security, a $2 billion cyber security corporation. Jack co-founded Tenable in 2002. Before Tenable, Jack was the Director of Corporate Development for Enterasys Networks. In 2013, he received the Ernst and Young Entrepreneur of the Year Award for defense and security.
Nessus (https://www.tenable.com/products/nessus) , celebrated its 15th anniversary in 2013 and is considered the de facto standard for vulnerability scanning worldwide. Renaud co-founded Tenable Network Security (https://www.tenable.com/) in 2002. As Chief Technology Officer, he drives product strategy and development. Before Tenable, Renaud was the primary author of the Nessus vulnerability scanner – releasing the first version of Nessus when he was 17. Renaud continues to contribute to the global security community; he is the author of three patents related to network scanning and security and has published his work in books and magazines. In this episode, we discuss building the first version of Nessus when he was a teenager, getting the basics right, challenges with the cloud, IoT and embedded devices security, responsible vulnerability disclosure, and so much more. Where you can find Renaud: LinkedIn (https://www.linkedin.com/in/renaud-deraison-26051982/) Tenable (https://www.tenable.com/profile/renaud-deraison) Dark Reading: The Argument for Risk-Based Security (https://www.darkreading.com/attacks-breaches/the-argument-for-risk-based-security/a/d-id/1330687?)
Ron Gula is an old friend of Don and Peter’s, having interviewed him back in 2016 at RSA when he was with Tenable Network Security. In this episode, we hear all about his successful IPO, as well as his new investment firm, Gula Tech Adventures. Daniel Lowrie also joins to help recaps the week’s top tech stories.
Ron Gula is an old friend of Don and Peter’s, having interviewed him back in 2016 at RSA when he was with Tenable Network Security. In this episode, we hear all about his successful IPO, as well as his new investment firm, Gula Tech Adventures. Daniel Lowrie also joins to help recaps the week’s top tech stories.
Ron Gula is an old friend of Don and Peter’s, having interviewed him back in 2016 at RSA when he was with Tenable Network Security. In this episode, we hear all about his successful IPO, as well as his new investment firm, Gula Tech Adventures. Daniel Lowrie also joins to help recaps the week’s top tech stories.
Ron Gula is an old friend of Don and Peter’s, having interviewed him back in 2016 at RSA when he was with Tenable Network Security. In this episode, we hear all about his successful IPO, as well as his new investment firm, Gula Tech Adventures. Daniel Lowrie also joins to help recaps the week’s top tech stories.
Ron Gula is an old friend of Don and Peter’s, having interviewed him back in 2016 at RSA when he was with Tenable Network Security. In this episode, we hear all about his successful IPO, as well as his new investment firm, Gula Tech Adventures. Daniel Lowrie also joins to help recaps the week’s top tech stories.
Ron Gula is an old friend of Don and Peter’s, having interviewed him back in 2016 at RSA when he was with Tenable Network Security. In this episode, we hear all about his successful IPO, as well as his new investment firm, Gula Tech Adventures. Daniel Lowrie also joins to help recaps the week’s top tech stories.
In today's podcast we hear that Magecart has achieved another library infestation as Feedify is hit. An evil cursor attack is a variant of a familiar tech support scam. The Ramnit banking Trojan seems to be spiking during the summer, and there are various theories as to why this might be so. More Novichok disinformation is out. Safari url spoofing seems more nuisance than serious menace. North Korea denounces the US for a "smear campaign" against the Lazarus Group, which doesn’t exist, either. Joe Carrigan from JHU ISI shares his frustrations with his bank’s insufficient password practices. Guest is Ron Gula, former CEO and co-founder of Tenable Network Security, currently President at Gula Tech Adventures which focuses on investing and advisement of two dozen cyber-security companies. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/September/CyberWire_2018_09_14.html
Ron Gula, president of Gula Tech Adventures and co-founder of Tenable Network Security, talks about the evolution of cybersecurity and security awareness, his career shift from the NSA to growing Tenable to funding other cybersecurity startups, and a variety of other topics. Learn more about security awareness: https://www2.infosecinstitute.com/security-awareness See the latest offers for our podcast listeners: http://infosecinstitute.com/podcast
This week, Dr. Doug interviews Ron Gula, Founder of Tenable Network Security and Founder of Gula Tech Adventures! Full Show Notes: https://wiki.securityweekly.com/SDL_Episode74 →Visit our website: http://securedigitallife.com →Follow us on Twitter: https://www.twitter.com/SecureDigLife →Like us on Facebook: https://www.facebook.com/SecureDigLife
Gula Tech Adventures (http://www.gula.tech/) . Ron started his cybersecurity career as a network penetration tester for the NSA. At BBN, he developed network honeypots to lure hackers and he ran US Internetworking's team of penetration testers and incident responders. As CTO of Network Security Wizards, Ron pioneered the art of network security monitoring and produced the Dragon Intrusion Detection System which was recognized as a market leader by Gartner in 2001. As CEO and co-founder of Tenable Network Security, Ron led the company's rapid growth and product vision from 2002 through 2016. He helped them scale to more than 20,000 customers worldwide, raise $300m in venture capital and achieve revenues in excess of $100m annually. Currently, Ron is President at Gula Tech Adventures which focuses on investing and advisement of cyber-security companies. In this episode we discuss starting in security in the 1990's at the NSA, starting Tenable and its growth to IPO, different start-up spaces, where he gets involved in start-ups, advice he gives to founders, what he looks for to invest in, where he sees the cyber security market going, and so much more. Where you can find Ron: LinkedIn (https://www.linkedin.com/in/rongula/) Twitter (https://twitter.com/rongula) Blog (https://medium.com/gula-tech-adventures)
Ron is a Serial Cyber Security Entrepreneur. He founded Tenable Network Security and Network Security Wizards, and has 15+ years experience as CEO in cyber security industry. He joins Paul and the crew this week for an interview! Full Show Notes: https://wiki.securityweekly.com/Episode555 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly
Ron is a Serial Cyber Security Entrepreneur. He founded Tenable Network Security and Network Security Wizards, and has 15+ years experience as CEO in cyber security industry. He joins Paul and the crew this week for an interview! Full Show Notes: https://wiki.securityweekly.com/Episode555 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly
Welcome to Episode 17 of the Digital Guardian Podcast! Our hosts Will Gragido and Chris Brook chat with Ron Gula, President of Gula Tech Adventures - a cybersecurity investment fund he founded with his wife - about how he got his start in information security, lessons companies can learn from breaches, his tenure at Tenable Network Security, whether or not firms are practicing holistic security, and the concept of "the fail mentality" in the security industry.
It’s the year of video... again. No, really… video is seriously the channel to use for employer brand campaigns. I mean I like a podcast, but when considering a new job opportunity you will want to see what the offices look like, get a feel for company culture what and most importantly you want to see what people you’d be working alongside. We've spoken to Audra Knight, Employment Brand Boundary Breaker at Tenable Network Security, to learn more about her approach to employer brand and how it's activated with the help of video. Read the full show-notes: https://employerbrandingpodcast.com Find Audra on LinkedIn: https://www.linkedin.com/in/audraknight/ The Employer Brand Management conference in London on 12 Dec 2017: http://www.transformmagazine.net/conferences/2017-employer-brand-management-conference/ (Use promo code LINKHUMANS for 15% discount) 12 Essentials of Employer Branding (eBook): https://linkhumans.com/ebook Join us on LinkedIn: https://linkedin.com/groups/3984352 Follow on Twitter: https://twitter.com/employerbranduk
In this episode, Matt Alder talks to Audra Knight from Tenable Network Security about Content Led Recruitment Marketing
A vulnerability comes out and you need to know if you are vulnerableso you open up your vulnerability scanner and scan your systems tounderstand what you need to patch but what is that scanner doing todetermine you are vulnerable. This talk will describe what thatvulnerability scanner is doing and how we at Tenable write local,remote, and malware checks. About the speaker: My name is Tony Huffman, I work at Tenable Network Security as a Sr.Reverse Engineer on the Threat Automation team. I have been working inthe the computer security for over 10 years doing research intomalware threat, exploit development, software development and more.
The RSA Conference (https://www.rsaconference.com/) (or "RSAC") held annually in San Francisco, CA has become one of the largest information security conferences. I was able to get a press pass to the event this year and was pitched heavily for product focused interviews. Most I kindly declined, but there were a few people I did connect with and recorded some great conversations which I will post in the coming weeks. I recorded episodes with: Tenable Network Security (http://www.tenable.com/) BluVector (http://bluvector.io/) And my first two person interview with Cavirin Systems (https://www.cavirin.com/) I really enjoyed my conversations with each of them and look forward to your feedback. Please make sure you are subscribed here (https://cybersecurityinterviews.com/email-sign-up/) so you don't miss any episodes. In the interim, please listen to this short episode on my take of the event. Thanks!
Getting hired is a numbers game. The more jobs you apply for, the more likely you are to find a match. But there are creative ways to make yourself stand out during the application process. Audra Knight, a recruitment marketing strategist at Tenable Network Security, returns to Everything Speaks to share her three step process for landing a job. She covers how to find the job, how to apply for the job, and what to do when you get called in for an interview.
Duration: 50:28 We made it to Episode 2! Our guest is Gurjeet Clair, who lives in Nova Scotia while working remotely for Tenable Network Security. Disclaimer: Thoughts and opinions expressed in this podcast are our own and do not represent those of our employers.
Lee Caraher sits down with Audra Knight, a #recruitment marketing strategist at Tenable Network Security. Together they talk about talk about how to control your #online profile to reflect the job you want, not the job you have. Plus, Audra shares some tricks of the trade including how scan for keywords on #LinkedIn and how to searching through someone's #Twitter account to find their strengths and interests.
Episode 43 of Livestream Stars with Ross Brand of Livestream Universe. Subscribe to the podcast: https://rossbrandrecordings.com/ (https://rossbrandrecordings.com). Audra Knight is the Recruitment Marketing Strategist for Tenable Network Security and a LinkedIn Certified Recruiter. She's the co-host of the #SocialRecruiting Show with Katrina Collier on Fridays at 10am ET. Audra was named to the “Employer Branding: 16 Top Influencers for 2016” list by Clinch and writes about employment branding, social media and recruitment for Blogging4Jobs. She recently wrote about Recruitment Marketing on Facebook for http://blog.shrm.org/blog/how-hr-can-use-facebook-for-recruitment-marketing (The SHRM Blog). Audra is also a musician and the bassist for The Filth. Find Audra on Twitter and Instagram: @media2knight.
This week, we interview Matt Duren who is a technical recruiter for Tenable Network Security. Always looking for talented security engineers, C/C++ engineers, front-end / back-end devs, and security sales folks. If you dig JavaScript, PHP, Linux, or low-level programming, then he wants to hear from you.
This week Gavin Millard from Tenable Network Security joins us to shine a light on Shadow IT, talk about how to get things done in security, and several more topics related to information security. Gavin is also the husband of Mehreen, who you all may know from the popular Security Weekly meme "wake up Mehreen". Gavin is a trained, ethical hacker who works with medium and large enterprises to address their cybersecurity challenges. With a deep understanding of how attackers plot a breach, he helps bring these companies to a trusted state of IT infrastructure. He previously worked as the Europe, Middle East and Africa (EMEA) technical director for Tripwire. He has also spoken frequently on data integrity, hacking and other key security topics. Current Position: As Technical Director, EMEA, Gavin is involved with the major clients in the EMEA region, helping to manage and reduce their attack surface.
This week we interview Gavin Millard from Tenable Network Security, put an end to the "wake up Mehreen" meme, and talk about jamming logs in our stories of the week.
A great deal of discussion about privacy focuses on the technicaldetails of metadata, data in motion, data at rest, etc -- details which are designed to obscure the basic discussion rather than to illuminate.In this talk we'll look at some of the philosophical questions regarding privacy and what they may mean in modern terms. About the speaker: Marcus J. Ranum, Senior Strategist at Tenable Network Security, Inc., is a world-renowned expert on security system design and implementation. He has been involved in every level of operations of a security product business, from developer, to founder and CEO.
In this episode Ron gives us a brief history of Tenable and TVM for the enterprise Ron answers "How do you make network security obtainable and defendable?" We discuss TVM as a fundamental principle to many other security program items Ron tells us what the modern definition of "policy" is We discuss some hurdles and challenges of TVM programs in an enterprise We note that security scanning can always break stuff - so how do you get around that? Ron tells us why TVM is so much more than scanning Michael asks "Why are so many companies stuck in a Prince song (1999)?" We attempt to tackle - compliance, risk, and managing to a goal Ron answers the question - "Are we getting any better?" Guest Ron Gula ( @RonGula ) - CEO and CTO at Tenable Ron co-founded Tenable Network Security, Inc. in 2002 and serves as its Chief Executive Officer and Chief Technology Officer. Mr. Gula served as the President of Tenable Network Security, Inc. He served as the Chief Technology Officer of Network Security Wizards which was acquired by Enterasys Networks. Mr. Gula served as Vice President of IDS Products and worked with many top financial, government, security service providers and commercial companies to help deploy and monitor large IDS installations. Mr. Gula served as Director of Risk Mitigation for US Internetworking and was responsible for intrusion detection and vulnerability detection for one of the first application service providers. Mr. Gula worked at BBN and GTE Internetworking where he conducted security assessments as a consultant, helped to develop one of the first commercial network honeypots and helped develop security policies for large carrier-class networks. Mr. Gula began his career in information security while working at the National Security Agency conducting penetration tests of government networks and performing advanced vulnerability research. He was the original author of the Dragon IDS. Mr. Gula has a BS from Clarkson University and a MSEE from University of Southern Illinois.
On this week's show we've got a cracking interview with ANU Professor and former prime ministerial advisor Hugh White about the charges brought against alleged Chinese military hackers by the US Department of Justice. That one's coming up after the news. This week's show is brought to you by Tenable Network Security. Jack Daniel of Tenable stops by in this week's sponsor interview to talk about password managers in light of the eBay breach. Is it time we really started encouraging people to use them? Show notes Hackers raid eBay in historic breach, access 145 million records | Reuters http://uk.reuters.com/article/2014/05/22/uk-ebay-password-idUKKBN0E10ZL2... Expert: Fake eBay Customer List is Bitcoin Bait - Krebs on Security http://krebsonsecurity.com/2014/05/expert-fake-ebay-customer-list-is-bit... 'Blackshades' Trojan Users Had It Coming - Krebs on Security http://krebsonsecurity.com/2014/05/blackshades-trojan-users-had-it-coming/ U.S. Indictment of Chinese Hackers Could Be Awkward for the NSA | Enterprise | WIRED http://www.wired.com/2014/05/us-indictments-of-chinese-military-hackers-... USDOJ: U.S. Charges Five Chinese Military Hackers for Cyber Espionage Against U.S. Corporations and a Labor Organization for Commercial Advantage http://www.justice.gov/opa/pr/2014/May/14-ag-528.html NSA reportedly installing spyware on US-made hardware - CNET http://www.cnet.com/au/news/nsa-reportedly-installing-spyware-on-us-made... China ups security checks on tech suppliers as US tensions mount - CNET http://www.cnet.com/au/news/china-ups-security-checks-on-tech-suppliers-... Why did China ban Windows 8? - Security - Technology - News - iTnews.com.au http://www.itnews.com.au/News/386140,why-did-china-ban-windows-8.aspx Cisco CEO asks Obama to control NSA surveillance - CNET http://www.cnet.com/au/news/cisco-ceo-asks-obama-to-control-nsa-surveill... NSA Reform Bill Passes the House-With a Gaping Loophole | Threat Level | WIRED http://www.wired.com/2014/05/usa-freedom-act-2/ Free App Lets the Next Snowden Send Big Files Securely and Anonymously | Threat Level | WIRED http://www.wired.com/2014/05/onionshare/ Pro-Privacy Blackphone Pulls $30M Into Silent Circle | TechCrunch http://techcrunch.com/2014/05/21/silent-circle-funding/ Whistleblowers Beware: Apps Like Whisper and Secret Will Rat You Out | Business | WIRED http://www.wired.com/2014/05/whistleblowers-beware/ Secrets, lies and Snowden's email: why I was forced to shut down Lavabit | Comment is free | theguardian.com http://www.theguardian.com/commentisfree/2014/may/20/why-did-lavabit-shu... Darkcoin, the Shadowy Cousin of Bitcoin, Is Booming | Threat Level | WIRED http://www.wired.com/2014/05/darkcoin-is-booming/ AFP arrests man over Melbourne IT hack - Security - Technology - News - iTnews.com.au http://www.itnews.com.au/News/386200,afp-arrests-man-over-melbourne-it-h... SNMP DDoS Attacks Spike http://www.darkreading.com/attacks-breaches/snmp-ddos-attacks-spike/d/d-...? SNMP Public Community String Zero Day in Routers Disclosed | Threatpost | The first stop for security news http://threatpost.com/embedded-devices-leak-authentication-data-via-snmp... XMPP Mandating Encryption on Messaging Service Operators | Threatpost | The first stop for security news http://threatpost.com/xmpp-mandating-encryption-on-messaging-service-ope... Remove metadata from Office files, PDFs, and images - CNET http://www.cnet.com/au/how-to/remove-metadata-from-office-files-pdfs-and... Chip and PIN EMV Protocol security vulnerabilities found | Threatpost | The first stop for security news http://threatpost.com/researchers-find-serious-problems-in-chip-and-pin-... Privileged User Access Lacking Trust But Verify | Threatpost | The first stop for security news http://threatpost.com/enterprises-still-lax-on-privileged-user-access-co... ICS-CERT Confirms Public Utility Compromised Recently | Threatpost | The first stop for security news http://threatpost.com/ics-cert-confirms-public-utility-compromised-recen... Samsung Eyeing Iris Recognition for New Phones | Threatpost | The first stop for security news http://threatpost.com/samsung-eyeing-iris-recognition-for-new-phones/106222 Why You Should Ditch Adobe Shockwave - Krebs on Security http://krebsonsecurity.com/2014/05/why-you-should-ditch-adobe-shockwave/ Malvertising Redirecting to Angler EK, Silverlight Exploits | Threatpost | The first stop for security news http://threatpost.com/malvertising-redirecting-to-microsoft-silverlight-... Android Outlook App Could Expose Emails, Attachments | Threatpost | The first stop for security news http://threatpost.com/android-outlook-app-could-expose-emails-attachment... Microsoft Working on Patch for IE 8 Zero Day | Threatpost | The first stop for security news http://threatpost.com/microsoft-working-on-patch-for-ie-8-zero-day/106247 Chrome 35 Fixes 23 Security Flaws | Threatpost | The first stop for security news http://threatpost.com/chrome-35-fixes-23-security-flaws/106188 Professor Hugh White - Researchers - ANU https://researchers.anu.edu.au/researchers/white-hj 02 - Mammal - Think - YouTube https://www.youtube.com/watch?v=mCQXqHr9CwE&feature=kp
Panelists: Ron Gula, Tenable Network Security Mandeep Khera, Cenzic Martin McKeay, Network Security Podcast Rich Mogull, Network Security Podcast/Securosis Anton Chuvakin, Qualys Sponsored by Core Security, listen for the new customer discount code at the end of the show Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more. Want to register for any SANS conference? Please visit http://www.securityweekly.com/sans/ for our referral program Be sure to check out "Maltego" from Paterva, try the community edition for free! Quench your thirst for knowledge at www.syngress.com and use the discount code to save 20% of all security book titles! Don't forget to sign up for our Mailing List, Forums, and log into our IRC Channel! Full Show Notes Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand, Mick Douglas Audio Feeds:
Special guest Tom Eston From Security Justice Podcast, SQmap tech segment. Sponsored by Core Security, listen for the new customer discount code at the end of the show Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more. Want to register for any SANS conference? Please visit http://www.securityweekly.com/sans/ for our referral program Be sure to check out "Maltego" from Paterva, try the community edition for free! Quench your thirst for knowledge at www.syngress.com and use the discount code to save 20% of all security book titles! Don't forget to sign up for our Mailing List, Forums, and log into our IRC Channel! Full Show Notes Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand, Mick Douglas
Special guest Harlan Carvey talks Windows forensics, W3af Part II. Sponsored by Core Security, listen for the new customer discount code at the end of the show Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more. Want to register for any SANS conference? Please visit http://www.securityweekly.com/sans/ for our referral program Be sure to check out "Maltego" from Paterva, try the community edition for free! Quench your thirst for knowledge at www.syngress.com and use the discount code to save 20% of all security book titles! Don't forget to sign up for our Mailing List, Forums, and log into our IRC Channel! Full Show Notes "Security Weekly Foresics Exam" Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand, Mick Douglas
The Security Weekly crew are over 9 hours into the 12 hour marathon and talking to Stephen Northcutt! We also have a great segment on Google Hacking. This is just the "show" portion of the episode, look for the other segments in the coming weeks. Sponsored by Core Security, listen for the new customer discount code at the end of the show Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more. Want to register for any SANS conference? Please visit http://www.securityweekly.com/sans/ for our referral program Be sure to check out "Maltego" from Paterva, try the community edition for free! Quench your thirst for knowledge at www.syngress.com and use the discount code to save 20% of all security book titles! Don't forget to sign up for our Mailing List, Forums, and log into our IRC Channel! Full Show Notes Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand, Mick Douglas
The Security Weekly crew drink, hack, and get merry with our new sponsor Cenzic, we teach you about Argus and UPnP Nmap hacking, and announce our 12 Hour podcast! Sponsored by Core Security, listen for the new customer discount code at the end of the show Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more. Want to register for any SANS conference? Please visit http://www.securityweekly.com/sans/ for our referral program Be sure to check out "Maltego" from Paterva, try the community edition for free! Don't forget to sign up for our Mailing List, Forums, and log into our IRC Channel! Full Show Notes Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand
Paul's laptop lives, but the soundboard doesn't, talking shop about MQ series and security FAIL, sniff wireless on all 14 channels AT THE SAME TIME! All brought to you by the fine acoustic sound of the McDonald's drive-thru. Sponsored by Core Security, listen for the new customer discount code at the end of the show Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more. Want to register for any SANS conference? Please visit http://www.securityweekly.com/sans/ for our referral program Be sure to check out "Maltego" from Paterva, try the community edition for free! Don't forget to sign up for our Mailing List, Forums, and log into our IRC Channel! Full Show Notes Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand Email: psw@securityweekly.com Direct Audio Download Audio Feeds:
This week we have special guests from www.i-hacked.com, the show gets hijacked, Paul's laptop gets thirsty, one crazy show! Sponsored by Core Security, listen for the new customer discount code at the end of the show Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more. Want to register for any SANS conference? Please visit http://www.securityweekly.com/sans/ for our referral program Be sure to check out "Maltego" from Paterva, try the community edition for free! Don't forget to sign up for our Mailing List, Forums, and log into our IRC Channel! Full Show Notes Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand
This week we have special guests, Hal Pomeranz and Ed Skoudis will be joining us to talk about the Command Line Kung Fu blog! Sponsored by Core Security, listen for the new customer discount code at the end of the show Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more. Want to register for any SANS conference? Please visit http://www.securityweekly.com/sans/ for our referral program Be sure to check out "Maltego" from Paterva, try the community edition for free! Don't forget to sign up for our Mailing List, Forums, and log into our IRC Channel! Full Show Notes Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand
Paul, Larry, and John welcome special guests, Jonathan Ham, SANS instructor/owner of Jham Corp and Sherri Davidoff, blogger at philosecurity.org/owner of Davidoff Information Security Consulting! Sponsored by Core Security, listen for the new customer discount code at the end of the show Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more. Want to register for any SANS conference? Please visit http://www.securityweekly.com/sans/ for our referral program Be sure to check out "Maltego" from Paterva, try the community edition for free! Don't forget to sign up for our Mailing List, Forums, and log into our IRC Channel! Full Show Notes Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand
Paul, Larry, and John are together in the same room for the first time podcasting live from SANS Orlando 2009! Sponsored by Core Security, listen for the new customer discount code at the end of the show Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more. Want to register for any SANS conference? Please visit http://www.securityweekly.com/sans/ for our referral program Be sure to check out "Maltego" from Paterva, try the community edition for free! Don't forget to sign up for our Mailing List, Forums, and log into our IRC Channel! Full Show Notes Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand