Podcasts about ueba

Welcome back, Identity Jedi Family! We're kicking off Season 3 with a brand new setup, fresh format, and some heavy-hitting guests lined up just for you!

In a conversation that sets the tone for this year's RSA Conference, Steve Wilson, shares a candid look at how AI is intersecting with cybersecurity in real and measurable ways. Wilson, who also leads the OWASP Top 10 for Large Language Models project and recently authored a book published by O'Reilly on the topic, brings a multi-layered perspective to a discussion that blends strategy, technology, and organizational behavior.Wilson's session title at RSA Conference—“Are the Machines Learning, or Are We?”—asks a timely question. Security teams are inundated with data, but without meaningful visibility—defined not just as seeing, but understanding and acting on what you see—confidence in defense capabilities may be misplaced. Wilson references a study conducted with IDC that highlights this very disconnect: organizations feel secure, yet admit they can't see enough of their environment to justify that confidence.This episode tackles one of the core paradoxes of AI in cybersecurity: it offers the promise of enhanced detection, speed, and insight, but only if applied thoughtfully. Generative AI and large language models (LLMs) aren't magical fixes, and they struggle with large datasets. But when layered atop refined systems like user and entity behavior analytics (UEBA), they can help junior analysts punch above their weight—or even automate early-stage investigations.Wilson doesn't stop at the tools. He zooms out to the business implications, where visibility, talent shortages, and tech complexity converge. He challenges security leaders to rethink what visibility truly means and to recognize the mounting noise problem. The industry is chasing 40% more CVEs year over year—an unsustainable growth curve that demands better signal-to-noise filtering.At its heart, the episode raises important strategic questions: Are businesses merely offloading thinking to machines? Or are they learning how to apply these technologies to think more clearly, act more decisively, and structure teams differently?Whether you're building a SOC strategy, rethinking tooling, or just navigating the AI hype cycle, this conversation with Steve Wilson offers grounded insights with real implications for today—and tomorrow.

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining us is Steve Zalewski, co-host, Defense in Depth. Recorded live at BSidesSF. In this episode: Are companies taking the air out of the open source balloon? What's broken about cybersecurity hiring? Do we need minimum requirements for cybersecurity knowledge in sales? Thanks to our podcast sponsors, Devo, Eclypsium & NetSPI Devo replaces traditional SIEMs with a real-time security data platform. Devo's integrated platform serves as the foundation of your security operations and includes data-powered SIEM, SOAR, and UEBA. AI and intelligent automation help your SOC work faster and smarter so you can make the right decisions in real-time. Eclypsium is helping enterprises and government agencies mitigate risks to their infrastructure from complex technology supply chains. Our cloud-based and on-premises platform provides digital supply chain security for software, firmware and hardware in enterprise infrastructure. Get started today at eclypsium.com/spark. NetSPI ASM continuously scans your external perimeter to identify, inventory, and reduce risk to both known and unknown assets. It blends scanning methodology with our consultants' human intelligence to identify previously undiscovered data sources and vulnerabilities so you can remediate what matters most.

Guest: Payal Chakravarty, Director of Product Management, Google SecOps, Google Cloud Topics: What are the different use cases for GenAI in security operations and how can organizations  prioritize them for maximum impact to their organization? We've heard a lot of worries from people that GenAI will replace junior team members–how do you see GenAI enabling more people to be part of the security mission? What are the challenges and risks associated with using GenAI in security operations? We've been down the road of automation for SOCs before–UEBA and SOAR both claimed it–and AI looks a lot like those but with way more matrix math-what are we going to get right this time that we didn't quite live up to last time(s) around? Imagine a SOC or a D&R team of 2029. What AI-based magic is routine at this time? What new things are done by AI? What do humans do? Resources: Live video (LinkedIn, YouTube) [live audio is not great in these] Practical use cases for AI in security operations, Cloud Next 2024 session by Payal EP168 Beyond Regular LLMs: How SecLM Enhances Security and What Teams Can Do With It EP169 Google Cloud Next 2024 Recap: Is Cloud an Island, So Much AI, Bots in SecOps 15 must-attend security sessions at Next '24  

Summary In this episode, Henrik Wojcik, a Microsoft MVP, joins the hosts to discuss Microsoft Sentinel and provide a deep dive into its deployment and usage. They cover topics such as data residency and compliance considerations, separating operational logs and security logs, connectors for data ingestion, analytics rules and alert fatigue, scheduled queries and user and entity behavior analytics (UEBA), playbooks and automation, workbooks and data visualization, and advanced hunting with KQL queries. Takeaways Consider data residency and compliance requirements when deploying Microsoft Sentinel. Separate operational logs and security logs to optimize cost and focus on relevant data. Use connectors to ingest data from various sources into Microsoft Sentinel. Tune analytics rules to avoid alert fatigue and focus on valuable alerts. Utilize scheduled queries and UEBA to identify suspicious behavior and automate investigations. Leverage playbooks and automation to streamline incident response and reduce manual effort. Create workbooks for data visualization and customize them to display relevant information. Explore advanced hunting with KQL queries to proactively search for threats and investigate incidents. ------------------------------------------- Youtube Video Link: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://youtu.be/n9dDfmX-A9Q⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ------------------------------------------- Documentation: https://learn.microsoft.com/en-us/azure/sentinel/data-connectors-reference https://learn.microsoft.com/en-us/azure/sentinel/create-custom-connector https://learn.microsoft.com/en-us/azure/sentinel/billing?tabs=simplified%2Ccommitment-tiers#free-data-sources Henrik Wojcik: https://www.linkedin.com/in/henrikfrandswojcik/ https://twitter.com/henrikwojcik ---------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Threads: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.threads.net/@bluesecuritypodcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Linkedin: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Youtube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitch: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.twitch.tv/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ------------------------------------------- Andy Jaw Mastodon: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://infosec.exchange/@ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/message

This week on Dark Rhiino Security's Security Confidential podcast, Host Manoj Tandon talks to Chandra Pandey. Chandra is an expert with 20+ years of experience in the cybersecurity and networking domain. Chandra has been associated with multiple disruptive innovations for cybersecurity and networking domains. Current innovations at Seceon is already used by 6000+ customers around the globe and make industry's best cybersecurity affordable to organizations of any size and eliminate the need for customers to buy 15+ products like SIEM, SOAR, NBAD, UEBA, MDR, Cloud Security, Container Security, IDS etc. 00:00 Introduction00:16 Our Guest06:57 The Culture at Seceon09:32 The culture one comes from or the culture that one finds oneself in, What's more important?11:23 Transitioning from a technical engineer to a business leader12:45 Adapting to changes in the industry13:34 How to get the most out of Ai21:46 Will we ever be able to get rid of the human in the SOC and have the SIEM be automated by AI?23:40 Why develop a SIEM?27:35 Motivation from Chandra ---------------------------------------------------------------------- To learn more about Chandra visit Seceon.com To learn more about Dark Rhiino Security visit https://www.darkrhiinosecurity.com ---------------------------------------------------------------------- SOCIAL MEDIA: Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio! Instagram: @securityconfidential and @Darkrhiinosecurity Facebook: @Dark-Rhiino-Security-Inc Twitter: @darkrhiinosec LinkedIn: @dark-rhiino-security Youtube: @DarkRhiinoSecurity ​

In this Livestream conversation, I spoke with John Alves from CyberOne Security about the struggles teams face in modernizing a SIEM, controlling costs, and extracting optimal value from their systems. We delve into the issues around single system-of-analysis solutions that attempt to solve detection and analytics use cases within the same tool. We explored the strategic limitations of this type of security architecture, presenting alternative options for effectively mixing and matching data platforms. Be sure to watch the full conversation to get on the path toward achieving the optimal combination of data management and cost control capabilities. If your security architecture is centered around a SIEM that houses all your security and operational data, it's time for an upgrade. Data quantities, cyber attacks, and regulatory requirements are all on the rise, so having a single destination for your data leaves too much room for vulnerabilities. Until recently, buying a SIEM meant deploying its agents, putting all your data into it, and going on your merry way. You were almost 100% confined to that one framework — if you wanted to use UEBA, your vendor or one of their partners provided it. Operating outside your SIEM or bringing in third-party vendors was very limited. Observability Pipelines to the Rescue About five years ago, the concept of an observability pipeline emerged, allowing organizations to funnel their observability and security data through a consistent data plane. The idea of controlling where your data gets stored was born, and vendor-neutral considerations began gaining popularity. Admins can now make copies of events for their SIEM, data lake, UEBA solution, or someone else's data lake — easily turning one event into four events that power different parts of their security stack. By moving data into a data lake instead, admins can analyze data and build dashboards for operations teams without bloating their ingest. Teams have more choice and control over their data than ever before, so they can consider their specific needs when building out their infrastructure. The Benefits of a Data Security Lake During our discussion, John mentioned how this flexibility is no longer a wish-list item for his clients, but a necessity. As the industry transitions to cloud infrastructure and cloud-based computing, organizations require vendor-neutral data that supports their scalability efforts. There are a host of benefits you get from modernizing your security architecture. Reduced License Costs Routing data that isn't needed for security to object storage is one of the best ways to reduce SIEM license costs. Ingest costs go down, and you avoid the upsell for archive data — around a 4- 8x markup — as opposed to using your own object storage or your SIEM cloud platforms archive. You can also store it in a vendor-neutral format, giving you enormous flexibility that you wouldn't get otherwise. We recently worked with a developer team and their debug logs, routing them to a lower-cost S3 bucket instead of their SIEM. All we had to do was create a rule in Cribl Stream to route them to the data lake, and now they're available to be restored whenever necessary. This is just one example of many where we can set customers up to meet their simultaneous need for availability but lower cost and overhead. Increasing Security While Decreasing Engineering Time When you can reduce your SIEM license costs, you no longer have to choose which data sources you can afford to collect. By removing the constraints for engineers that come from not having the raw data when needed, security teams can focus on security and not just moving data around. No more time spent on tasks like going out to a server to manually zip up and pull in logs. The result? Better detections, analytics, and security. Shared Data Within the Organization Each team has a different use case for the data the organization collects — having different pipelines to transform and send data to different sources is invaluable. Putting firewall, threat, traffic, and systems logs into a single destination is a great way to bloat your ingest. And not all logs from a single data source are security relevant. Routing some of them into a storage account or data lake will not only save on ingestion costs and create less noise for security teams, but you can also give access to relevant logs to your infrastructure, firewall, and other teams. Route your threat logs straight into the SIM, but send traffic and other logs straight into the data lake for your infrastructure network team. Compliance With Retention Requirements Another benefit of keeping raw copies of data is complying with retention requirements. If you're manipulating data before it goes into your SIEM, then you're not adhering to some necessary standards. Transform events to get what you need for your SIEM, but keep unmanipulated, raw copies in your data lake. Your IR or legal counsel can control forensic copies. Meet Cyber Insurance Requirements As insurance companies get more sophisticated and start hiring engineers as auditors, they'll dive deeper into your architecture than before. They'll ensure you have a SIEM in place but also check to see if you're putting the right data in and using it appropriately. Government auditors will want to see all your data sources and detections. They'll be ready to write findings if you're not following best practices. The prevalence of bad data or an overwhelming amount of data leads to various issues with detection, and drives costs higher and higher. It is extremely common to witness a year-over-year cost increase of up to 35%, which is clearly unsustainable. Watch the full livestream to hear John and I talk about alternative options for your SIEM platform, so you can be empowered to re-architect your data strategy. With the right strategies, SIEM platform challenges can be overcome, and we're here to help as you embark on this transformative journey.  

Guest: David Swift, Security Strategist at Netenrich Topics: Which old Security Information and Event Management (SIEM) lessons apply today? Which old SIEM lessons absolutely do not apply today and will harm you? What are the benefits and costs of SIEM in 2023? What are the top cloud security use cases for SIEM in 2023? What are your favorite challenges with SIEM in 2023 special in the cloud? Are they different from, say, 2013 or perhaps 2003? Do you think SIEM can ever die?   Resources: Live video (LinkedIn, YouTube) “Debating SIEM in 2023, Part 1” and  “Debating SIEM in 2023, Part 2” blogs “Detection as Code? No, Detection as COOKING!” blog “A Process for Continuous Security Improvement Using Log Analysis” (old but good) “UEBA, It's Just a Use Case” blog “Situational Awareness Is Key to Faster, Better Threat Detection” blog and other SIEM reading MITRE 15 detection techniques paper  

TechSpective Podcast Episode 107   IT security teams have a tough job–made more challenging by the growing complexity of the attack surface and technology landscape and the overwhelming volume of information. They need to be able to accelerate the processing … Streamlining Incident Detection with UEBA (User and Entity Behavior Analytics) Read More » The post Streamlining Incident Detection with UEBA (User and Entity Behavior Analytics) appeared first on TechSpective.

Show Topic Summary (less than 300 words) Insider threat still exists, Lynsey Wolf talks with us about HR's role in insider threat, how prevalent investigations are in the post-pandemic work from home environment.   Questions and potential sub-topics (5 minimum): What is the difference between insider threat and insider risk? Motivators of insider threat (not much different than espionage,IMO -bryan)  (MICE: Money, Ideology, Compromise, and Ego.) https://thestack.technology/pentagon-leaks-insider-threat-sysadmin/  75% of all insider threats are being kicked off by HR departments. In short, it's proactive. “How did HR figure that out?” How are investigations normally initiated? What tools are they implementing to check users or predicting a disgruntled employee?” UEBA? CASB? Employee surveys that are ‘anonymous'? Someone who reported others and it was dismissed? What if HR ‘gets it wrong' or ‘it's a hunt to find people no into ‘groupthink' or ‘not a culture fit'? https://www.cbsnews.com/news/french-worker-fired-for-not-being-fun-at-work-wins-lawsuit-cubik-responds/ How can organizations be mindful of how and what data is collected to mitigate risk without affecting employee trust? And who watches the watchers to ensure data is handled responsibly? Are there any privacy guidelines companies need to understand before they implement such a system? (GDPR? CCPA? Privacy notices? Consent to monitoring on login? https://securiti.ai/blog/hr-employee-data-protection/ ) Are companies causing the thing they are protecting against? (making an insider threat because they've become repressive?) (hoping there's an ‘everything in moderation idea here… finding the happy medium between responsible ‘observability' and ‘surveillance') Lots of ‘insider threat' tools, including from EDR companies. Do companies do a good job of explaining to employees why you need EDR? Quiet Quitting - latest term for companies to use to describe “employee has a side gig”. How does this figure into insider threat? Is it assumed that people only have one ‘thing' they do, or did the lack of a commute give people more time during the pandemic to diversify? Solutions for employees? Separate their work and private/side gig? Learn what their contract states to keep conflicts of interest or your current/past employer from taking your cool side project/start-up idea away from you? Solutions for companies?   Additional information / pertinent Links (would you like to know more?): (contact info for people to reach out later): https://www.cisa.gov/detecting-and-identifying-insider-threats  https://venturebeat.com/data-infrastructure/how-observability-has-changed-in-recent-years-and-whats-coming-next/  https://ccdcoe.org/library/publications/insider-threat-detection-study/  https://resources.sei.cmu.edu/asset_files/TechnicalReport/2016_005_001_454627.pdf (insider threat ontology) https://www.intelligentcio.com/apac/2022/08/01/survey-reveals-organizations-see-malicious-insiders-as-a-route-for-ransomware/  https://www.helpnetsecurity.com/2022/04/08/organizations-insider-threats-issue/  https://www.fortinet.com/resources/cyberglossary/what-is-ueba  https://www.gartner.com/en/information-technology/glossary/cloud-access-security-brokers-casbs  https://thecyberwire.com/glossary/mice https://qohash.com/the-high-price-of-trust-the-true-cost-of-insider-threats/  https://abc7chicago.com/classified-documents-jack-teixeira-air-national-guard-arrest/13126206/ (Air National Guardsman accused in military records leak makes 1st court appearance - story still developing as of 16 April 2023) https://www.theverge.com/2020/8/4/21354906/anthony-levandowski-waymo-uber-lawsuit-sentence-18-months-prison-lawsuit    Show Points of Contact: Amanda Berlin: @infosystir @hackershealth  Brian Boettcher: @boettcherpwned Bryan Brake: @bryanbrake @bryanbrake@mastodon.social Website: https://www.brakeingsecurity.com Twitch: https://twitch.tv/brakesec  Youtube: https://youtube.com/c/BDSPodcast 

Ransomware not covered by cyber insurance, cyberattacks may be impossible to insure without some changes, whatever happened to UEBA, 100,000 students have their data exposed, six tips for hiring cybersecurity talent, and my predictions for 2023. https://www.jurist.org/news/2022/12/ohio-supreme-court-says-insurance-policy-does-not-cover-ransomware-attack-on-software/ https://www.techspot.com/news/97118-cyberattacks-could-soon-become-impossible-insure.html https://www.darkreading.com/dr-tech/how-to-get-the-most-out-of-ueba? https://www.bitdefender.com/blog/hotforsecurity/renowned-education-platform-leaks-personal-data-of-100-000-students-online/ https://www.forbes.com/sites/forbestechcouncil/2022/12/22/six-ways-to-pivot-hiring-strategies-to-attract-cybersecurity-talent/?sh=2b3a54af742e --- Send in a voice message: https://anchor.fm/virtual-ciso-moment/message

Em celebração aos 20 anos da ManageEngine, recebemos Harish Sekar, Global speaker e Head-Business Development  da ManageEngine um dos maiores especialistas em segurança da informação e Zero Trust do Mundo. The book is on the table em um episódio totalmente em inglês, com a presença ilustre do presidente da ACSoftware, Emanuel Celestino que se uniu ao time para um bate-papo super bacana sobre gestão do Active Directory e desafios da segurança. E pra você que não desenrola no inglês, em breve lançaremos a versão Herbert Richards totalmente em português!Dá o clique e não perca esse episódio especial do Podcafé da TIHarish Sekar: Global speaker, ManageEngine Evangelist Dyogo Junqueira; VP da ACSoftware Guilherme Gomes: Diretor de New Salles da ACSoftware Anderson Fonseca: Diretor de Costumer Experience da ACSoftware Links:Linkedin Harish Sekar: https://www.linkedin.com/in/harish-sekar-42398a17/Soluções ManageEngine: https://www.acsoftware.com.br/manageenginePodCafé da TI é um podcast da ACSoftware seu parceiro ManageEngine no Brasil.https://www.acsoftware.com.br/manageengineInstagram: https://www.instagram.com/acsoftwarebr/Linkedin: https://www.linkedin.com/company/acsoftware

In episode 81 of The Cyber5, we are joined by the Head of Insider Threat at Uber and CEO of Vaillance Group, Shawnee Delaney.  In this episode, we provide an overview of different functions within an insider threat program. We also discuss the support open source intelligence provides to such programs and how to change company culture to care about insider threats. We also discuss the ROI metrics that are important to different stakeholders when implementing an insider threat program.  Three Takeaways: Departments and Functions within Insider Threat  Insider threat programs are relatively new in enterprise security and often change from company to company. Open source intelligence can be a standalone role or be cross functional among all departments. Common departments and functions can be: Open source intelligence.  Forensics monitoring. Training and awareness (steering committees for stakeholders, benchmarking). Technical and behavioral monitoring (UEBA or DLP). Supplier due diligence. Global investigations. Global intelligence analysis. 2) Common Problems Faced by Insider Threat Teams Common challenges faced by insider threat teams: Privacy to ensure employee confidentiality is not violated. Tooling to have visibility into malicious events from normal behavior. Finding practitioners that can do the technical monitoring and open source intelligence. Shifting culture to be more security conscious. Focus on physical security issues, like active shooter situations, just as much as data exfiltration and other cyber concerns. 3) Role of Open Source intelligence in Insider Threat Programs An Insider threat program is a key stakeholder for a threat intelligence program, not the individual buyer. Three key areas where open source intelligence (OSINT) supports insider threat programs: Employee lifecycle management: ensuring employees, former employees, and prospects are not an insider threat based on what they post on the internet.  Validating red flag indicators with OSINT. Investigations into vendors.

In this month's Investing in Identity series, we dive into notable deals that are shaking up the summer and take a look at what July's stock rally implies for market performance this fall. This month's agenda features: HUMAN, a global leader in safeguarding against bot attacks and fraud has merged with PerimeterX. On the surface, these companies pose competitive threats to one another; however, the use of UEBA to support bot detection, account abuse detection, and fraud prevention, make for an attractive merger We watched the NASDAQ and S&P make a rebound in July. Is this a bear market rally? Hear our predictions moving into the fall for digital identity deal activity and deal count

Congratulations to RackTop Systems for their recognition in the 2021 CISO Choice Awards. In this interview, leading analyst Richard Stiennon talks with Jonathan Halstuch, CTO and Co-Founder of RackTop Systems, to discuss their BrickStor SP solution which was recognized in the Data Security category. BrickStor SP helps to protect data from malicious actors and potential ransomware attacks through integrated UEBA and SOAR technologies. Stay tuned for more interviews from the CISO Choice Awards and for more value-added professional development and technology content, request complimentary access to CISOs Connect today: https://CISOsConnect.com

Los especialistas de Netskope nos acercaron la Píldora SASE. Ese nuevo paradigma que proveyendo de seguridad desde la nube, esta revolucionando la forma de entender la seguridad para los usuarios y empresas. En esta ocasión nos acompañó Nacho Franzoni, Senior Sales Manager de Netskope. Nacho compartió con todos un termino del que seguro empezaremos a oír hablar cada día un poco más. UEBA, acrónimo de User and Entity Behavior Analytics. Gracias a esta tecnología se pueden detectar de forma automatizada comportamientos anómalos que afecten tanto a los usuarios como a los datos de una corporación. Twitter: @ciberafterwork Instagram @ciberafterwork +info: https://psaneme.com/ https://bitlifemedia.com/ Píldora SASE: https://www.netskope.com/

En este programa volvemos a contar con la visita de un gran especialista del Centro Criptológico Nacional. Álvaro, responsable del equipo de Respuesta a Incidentes. Álvaro es un gran conocedor de los ataques y cómo se debe responder ante los mismos. Además también nos habló de una de las iniciativas formativas más interesantes que lleva a cabo el CCN. En nuestro apartado de noticias hablamos de dos noticias muy interesantes. La primera está relacionada con los problemas que siguen atravesando profesores, alumnos y personal administrativo y técnico de la Universidad Autónoma de Barcelona después del ataque sufrido en Octubre y del que todavía no han logrado recuperarse. Se prevé que hasta Diciembre no puedan recuperar la normalidad. La segunda noticia esta relacionada con el bloqueo que están sufriendo más de mil gasolineras en Irán por culpa de un ataque que ha bloqueado las tarjetas que se utilizan para repostar combustible y pagar de forma electrónica. Además, como en anteriores programas, los especialistas de Netskope nos acercaron la Píldora SASE. Ese nuevo paradigma que proveyendo de seguridad desde la nube, esta revolucionando la forma de entender la seguridad para los usuarios y empresas. En esta ocasión nos acompañó Nacho Franzoni, Senior Sales Manager de Netskope. Nacho compartió con todos un termino del que seguro empezaremos a oír hablar cada día un poco más. UEBA, acrónimo de User and Entity Behavior Analytics. Gracias a esta tecnología se pueden detectar de forma automatizada comportamientos anómalos que afecten tanto a los usuarios como a los datos de una corporación. También nos acompañó Ruth Velasco, Senior Marketing Manager para el Sur de EMEA en Sophos, quien nos adelantó algunos de los temas que se podrán disfrutar en el Sophos Day que tendrá lugar el próximo 18 de Noviembre de forma virtual. Durante la entrevista con Álvaro pudimos hablar de muchos temas relacionados con la formación y la captación de talento. El CCN desarrolló en 2018 un portal en el que las personas que quieran formarse en ciberseguridad pueden acceder y resolver retos de hacking que ayudan para mejorar y afianzar conocimientos. Además los 10 primeros clasificados en la plataforma, participarán en las próximas Jornadas STIC en una de las actividades más llamativas, consistente en un concurso en directo de hacking. Twitter: @ciberafterwork Instagram @ciberafterwork +info: https://psaneme.com/ https://bitlifemedia.com/ https://www.ccn-cert.cni.es/soluciones-seguridad/atenea.html Píldora SASE: https://www.netskope.com/ Noticias: https://www.xataka.com/seguridad/ciberataque-a-uab-afectara-finales-ano-dificil-gestion-universidad-acceso-a-su-sistema-informatico-durante-meses https://unaaldia.hispasec.com/2021/11/un-ciberataque-deja-sin-servicio-a-las-gasolineras-en-iran.html

We speak to Eva-Maria Elya, Senior Director World-Wide Channel Sales with Lookout on the market opportunities for MSPs and MSSPs who choose to partner with Lookout.To get the most of your countless cloud apps without risking your data, you need to know exactly what's going on. You also need to be able to detect and respond to threats and have the ability to dynamically control access. Lookout Cloud Access Security Broker (CASB) provides full visibility into the interactions between users, endpoints, cloud apps and your data. It also enables you to dynamically dial in Zero Trust access controls.With continuous monitoring of user and entity behaviour analytics (UEBA), you can detect and respond to insider threats and advanced cyberattacks. Lookout provides advanced data loss prevention that can classify, encrypt and restrict sharing of your data on the fly so that only authorized users have access. They also perform automated assessments of all your cloud apps and infrastructure to ensure they are properly configured.Visit www.lookout.com for more details or visit https://learnsecurity.mysecuritymarketplace.com/course/endpoint-to-cloud-security to deep dive with Don Tan, Regional Director for APJ For the MySec.TV interview - visit https://mysecuritymarketplace.com/av-media/zero-trust-approach-us13-billion-market-opportunity/#lookout #endpoint #casb #ueba #cybersecurity #channelpartners

What began as a tool for helping organizations achieve and maintain compliance, security information and event management , SIEM rapidly evolved into an advanced threat detection practice. SIEM has empowered incident response and security operations centers (Soc) analysts as well as a myriad of other security teams to detect and respond to security incidents. While there may be talk about SIEM joining the line of legacy technologies that are proclaimed "dead", SIEM has been a core system for many security teams, and in different capacities. Furthermore, SIEM (along with its evolution) has been intertwined with relevant threats in the ecosystem as well as the market in which it is used. Systems and infrastructures that security professionals must secure in 2021 are vastly different from the systems in use when SIEM first came to the scene. But even if many have decided that SIEM is a thing of the past, its underlying principles and technology remain visible in many new systems such as SOAR, XDR, MDR and other solutions that integrate SIEM capabilities. Vendors and reimaginations come and go, but SIEM prevails as a technology that should be recognized. There will always be a need for experienced individuals to work with SIEM and know how to apply it to the appropriate business touchpoints. We've put together an overview of the history, definition, use cases as well as benefits and limitations of SIEM to provide a greater understanding of its continued usefulness in any security team's toolstack. What is SIEM? SIEM stands for security information and event management. It provides organizations with detection, analysis and response capabilities for dealing with security events. Initially evolving from log management, SIEM has now existed for over a decade and combines security event management (SEM) and security information management (SIM) to offer real-time monitoring and analysis of security events as well as logging of data. SIEM solutions are basically a single system, a single point that offers teams full visibility into network activity and allows for timely threat response. It collects data from a wide range of sources: user devices, servers, network equipment and security controls such as antivirus, firewalls, IPSs and IDSs. That data is then analysed to find and alert analysts toward unusual behavior in mere seconds, letting them respond to internal and external threats as quickly as possible. SIEM also stores log data to provide a record of activities in a given IT environment, helping to maintain compliance with industry regulations. In the past, SIEM platforms were mostly used by organizations to achieve and maintain compliance with industry-specific and regulatory requirements. What brought about its adoption across many organizations was the Payment Card Industry Data Security Standard (PCI DSS) and similar regulations (HIPAA). As advanced persistent threats (APTs) became a concern for other, smaller organizations, the adoption of SIEM has expanded to include a wide array of infrastructures. Today's SIEM solutions have evolved to address the constantly shifting threat landscape, and is now one of the core technologies used in security operations centers (Soc). Advancements in the SIEM field are bringing forward solutions that unify detection, analysis and response; implement and correlate threat intelligence feeds to provide added intelligence to Socs; and include or converge with user and entity behaviour analytics (UEBA) as well as security orchestration, automation and response (SOAR). How does a SIEM solution work? A SIEM solution works by collecting security event-related logs and data from various sources within a network. These include end-user devices, web, mail, proxy and other servers, network devices, security devices such as IDS and IPS, firewalls, antivirus solutions, cloud environments and assets, as well as all applications on devices. All of the data is collected and analyzed in a centralized loca...

No guests. We interviewed each other! Topics: What would you say are the most things that Chronicle is trying to address today? What are the good ways to use threat intel to detect threats that do not ruin your SOC? What does “autonomic” security mean, anyway? Is this a fancy way of saying “automatic” or something more? For sure, “the Cloud is not JUST someone else's computer“ - but how does this apply to threat detection? What makes threat detection “cloud-native”? What kinds of ML magic does your mini UEBA inside SCC use? Can you really do automated remediation in the cloud? Resources: Google Cloud Security Summit “Making Invisible Security a Reality with Google” keynote “Security Analytics at Google Speed and Scale” presentation by Anton “Managing Your Security Posture on Google Cloud” presentation by Tim “Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait…” blog Chronicle main site Threat Detection in Logs in Google Cloud SCC video “Modern Threat Detection at Google” (episode 17)  “Automate and/or Die?” (episode 3)

This was recorded live on 06/28/2021 Join us as #Fortinet Field CISOs for EMEA Joe Robertson and Alain Sanchez as they discuss the state of securing #5G—including the need for a holistic security strategy that includes #ZeroTrust, #UEBA, and more. Watch the recording on YouTube: https://youtu.be/mhOv6848Tg4

Il tema dell'episodio numero 14 di Jump to the Next è il più attuale nel contesto dell’Information Technology: la sicurezza.Il momento è tra i più delicati; in realtà è un momento che ormai dura da un anno, cioè da quando l’emergenza sanitaria dovuta alla pandemia ha costretto i reparti IT di tutto il mondo a correre ai ripari da un aumento degli attacchi. Ma al di là della contingenza pandemica le superfici di attacco si erano già espanse, poiché cloud e mobilità avevano portato praticamente ovunque la presenza di persone, dati e business. Come affrontare questa situazione?A questa domanda cerchiamo di rispondere proprio con i nostri ospiti scoprendo un approccio innovativo alla cybersecurity, che lascia da parte le regole e si concentra sui risultati specifici dei casi d'uso. Buon ascolto!LE VOCI DI QUESTO EPISODIOElena Semplici - Vendor Manager Exclusive NetworksPaolo Cecchi - Regional Sales Director per Italia, Malta e Iberia ExabeamIgor - Responsabile editoriale Radio IT

Il tema dell'episodio numero 14 di Jump to the Next è il più attuale nel contesto dell'Information Technology: la sicurezza. Il momento è tra i più delicati; in realtà è un momento che ormai dura da un anno, cioè da quando l'emergenza sanitaria dovuta alla pandemia ha costretto i reparti IT di tutto il mondo a correre ai ripari da un aumento degli attacchi. Ma al di là della contingenza pandemica le superfici di attacco si erano già espanse, poiché cloud e mobilità avevano portato praticamente ovunque la presenza di persone, dati e business. Come affrontare questa situazione? A questa domanda cerchiamo di rispondere proprio con i nostri ospiti scoprendo un approccio innovativo alla cybersecurity, che lascia da parte le regole e si concentra sui risultati specifici dei casi d'uso. Buon ascolto!LE VOCI DI QUESTO EPISODIOElena Semplici - Vendor Manager Exclusive Networks Paolo Cecchi - Regional Sales Director per Italia, Malta e Iberia ExabeamIgor - Responsabile editoriale Radio IT

SIEM - vart är vi på väg?I dagens avsnitt av CyberTalks träffar Rolf Niklas Blomquist från Splunk. I avsnittet pratar de om SIEMs roll idag men också hur teknologin fortsatt kommer vara en viktig komponent och hur den passar in i UEBA, SOAR och XDR trenderna. Det blir också en diskussion om hur man kan nå threat sharing på riktigt. See acast.com/privacy for privacy and opt-out information.

In this episode, our cybersecurity expert explains how to equip your organization to deal with advanced persistent threats (APTs). You'll also learn about the four important capabilities a SIEM solution must have to detect and neutralize advanced persistent threats in your network.

Google publishes cross-site leaks wiki NSA warns of state-sponsored attacks on remote-work systems Greater Baltimore Medical Center hit with ransomware attack Thanks to our sponsor, Code42. Organizations are moving faster than ever before and security tools like DLP, UEBA and CASB can’t keep up. Code42 Incydr takes a Zero Trust approach to managing and mitigating data risk from insider threats. Learn more about Code42 Incydr, the insider risk platform that offers insider risk detection and response. For the stories behind the headlines, go to CISOseries.com.

De samtalar hur security operation utvecklas och hur både automation och orchestration blir viktigare komponenter i ett modernt arbete. De pratar också om hur nextGen SIEM och UEBA ökar effekten i en SOC. See acast.com/privacy for privacy and opt-out information.

Os 80 anos de Lennon, Barbie no Movimento Negro, Pix, LGPD e outras siglas que você precisa saber...

How can advancements in technology support security in the workplace? Join us as we discuss how AI and User Behavior Analytics can help with Insider Threats.

Netzpalaver sprach via Remote-Session mit Daniel Döring, Technical Director Security and Strategic Alliances bei Matrix42, über den Schutz des digitalen Workspace, über User- and Entity-Behavior-Analytics, kurz UEBA, und ob, die Analyse des Nutzerverhaltens ausreicht, um den digitalen Workspace zu schützen, bzw. was noch aus Matrix42-Sicht, zu einer umfassenden Endpoint-Security gehört.

Matthias Reinwarth and Alexei Balaganski discuss the plethora of acronyms for security analytics solutions: from SOC and SIEM to UEBA and SOAR.

Matthias Reinwarth and Alexei Balaganski discuss the plethora of acronyms for security analytics solutions: from SOC and SIEM to UEBA and SOAR.

Neste episódio do Podcafé convidamos o Professor Doutor Anderson Soares para falar um pouco sobre inteligência artificial, os avanços da área em solo tupiniquim e nos contar como eles deram uma surra de I.A. em Stanford! Embarque neste papo descontraído e descubra que os robôs já tomam conta da sua vida e você nem sabia.https://podcafeti.com.br/PodCafé da TI é um podcast da ACSoftware seu parceiro ManageEngine no Brasil.https://www.acsoftware.com.br/manageengine

Welcome to Inuit TechTalk where we invite interesting guests to discuss current and important topics for you working with IT. Erik Tjärnqvist, Product Manager at Inuit, discusses new innovative technology in Active Directory and related areas with Derek Melber, Active Directory MVP.Topics discussed include: user and entity behavior analytics (UEBA), artificial intelligence (AI), passwords and multi factor authentication (MFA).

Perkembangan metode penyerangan cyber attack yang tidak pernah berhenti melakukan inovasi seakan membuat perangkat CyberSecurity yang kita miliki menjadi semakin kurang menunjukkan kegunaan. Di tambah, sebuah kenyataan bahwa tidak seluruhnya ancaman bersumber dari vulnerability pada software dan aplikasi, ada juga yang bersumber dari pengguna baik di sengaja maupun sebagai akibat dari kelalaian. Kita ambil contoh... The post UEBA sebagai Solusi CyberSecurity – E7 written by Faisal Yahya appeared first on Bincang Cyber.

In this podcast, Sid explains the growing importance of User and Entity Behavior Analytics (UEBA) in today's rapidly changing security landscape. Understand how UEBA powered by machine learning assists in securing your IT infrastructure from sophisticated attacks by monitoring the risk score of users and entities in your network. 

Brian Coulson is a Senior Security Research Engineer in the Threat Research Group of LogRhythm Labs in Boulder, CO. His primary focus is the Threat Detection Modules such as UEBA, and NTBA. →Full Show Notes: https://wiki.securityweekly.com/Episode575 →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

Brian Coulson is a Senior Security Research Engineer in the Threat Research Group of LogRhythm Labs in Boulder, CO. His primary focus is the Threat Detection Modules such as UEBA, and NTBA. →Full Show Notes: https://wiki.securityweekly.com/Episode575 →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

How the Department of Defense is using Open Source, BitSight launches forecasting capability, SentinelOne teams up with Sumo Logic, Swimlane supports McAfees advanced security operation, Fortinet releases new IoT security controller, and Secureworks opens up proprietary UEBA through partner programme. Full Show Notes: https://wiki.securityweekly.com/ES_Episode105 Visit http://securityweekly.com/esw for all the latest episodes!

How the Department of Defense is using Open Source, BitSight launches forecasting capability, SentinelOne teams up with Sumo Logic, Swimlane supports McAfee's advanced security operation, Fortinet releases new IoT security controller, and Secureworks opens up proprietary UEBA through partner programme. Full Show Notes: https://wiki.securityweekly.com/ES_Episode105 Visit http://securityweekly.com/esw for all the latest episodes!

Organizations are suffering from cyber fatigue with too many alerts, too many technologies, and not enough people. This makes it difficult to streamline operations, and decrease the time it takes to detect and remediate security incidents. Companies that rely heavily on security information and event management (SIEM) to support threat detection efforts are increasingly complementing deployments with solutions that advance their analytics capabilities, effectively taking SIEM to the next level. Listen to this episode to learn: How to ensure you have the right building blocks in place for advanced analytics How to identify use cases and build out strategies to support them The positive impact user and entity behavior analytics (UEBA) can have on visibility How threat intelligence can arm you with the insights you need to understand how you are being targeted HowSOCs and IR teams are leveragingendpoint detection and response (EDR) tools and network security analytics for additional capabilities Listen to the podcast recording above or subscribe via iTunes,Stitcher, Google Play, and TuneIn.

Splunk goes shopping, ForeScout joins forces with an endpoint vendor, Carbon Black makes an announcement, ManageEngine has some new integrations, Microsoft is announcing some new security features, and ZoneFox launches a new UEBA platform in the cloud. Matt Alderman joins us for this episode and our topic is how to secure your Cloud services AKA SaaS offerings on this episode of Enterprise Security Weekly!Full Show Notes: https://wiki.securityweekly.com/ES_Episode65 Visit https://www.securityweekly.com/esw for all the latest episodes!   →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

Splunk goes shopping, ForeScout joins forces with an endpoint vendor, Carbon Black makes an announcement, ManageEngine has some new integrations, Microsoft is announcing some new security features, and ZoneFox launches a new UEBA platform in the cloud. Matt Alderman joins us for this episode and our topic is how to secure your Cloud services AKA SaaS offerings on this episode of Enterprise Security Weekly!Full Show Notes: https://wiki.securityweekly.com/ES_Episode65 Visit https://www.securityweekly.com/esw for all the latest episodes!   →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

UCSfm - Café com Notícias - Entrevista 09/02/17 - Artistas Aline Zilli e Jonas Picolli - Grupo Ueba - Espetáculo 'As aventuras do Fusca a Vela' (Moby Dick)

On this week's episode of Security Nation, host Kyle Flaherty welcomes in Matt Hathaway and Eric Sun to break down the alphabet soup that is UBA, UEBA, SOAPA...you get the point. The conversation quickly turns to the Gartner Market Guide, the evolution of SIEM, the integral nature of endpoint agents, and oh so much more. Tune in and learn about: The perils of "portal fatigue" and how to recognize its symptoms. How to get the most out of the Gartner UEBA Market Guide and understand the vendor segmentation. How the creation of UBA helped move the SIEM market and motivate us all to understand how important time is in both detection and investigation. Why InsightIPA should be a beer at some point, but don't tell Nate. How to properly use the "f-word" in the title of a blog post. Security Nation is a podcast dedicated to covering all things infosec – from what’s making headlines to practical tips for organizations looking to improve their own security programs. Host Kyle Flaherty (@KyleFlaherty) has been knee-deep in the security sector for nearly two decades. At Rapid7 he leads a team of technical marketers with the mission of providing impactful content that helps security professionals do their jobs.

Infoblog 003 - Bloghits - Novo sr. Cabeca de UEBA