Episode 9 – Our first quartet

Containers with Ali Golshan and Michelle McLean of StackRox

We covered a huge range of topics. Here’s a taste:

  • WTF is a container and how is this different than virtualization?
  • How does this fit into the threat landscape?
  • How do I approach this if it’s in my organization already and I don’t know how to secure it?
  • Protection, Visibility, detection and enforcement
  • How does this actually play out, because I hear this a lot these days but in my experience most of the implementations just fall down and I’ve got more alerts to ignore… I mean deal with? People are tired of alerts
  • How does this fit in in a mixed environment? It’s not like everyone has ALL containers
  • Adversarial intent model

Containers aren’t just another IT environment to secure. To StackRox, containers are a vehicle for establishing fundamentally better security across the entire enterprise.

Episode 8 – You can’t keep everything in the fort anyway

Controlling Risk with Cosmo Romero

Super Man at Forcepoint

In this week’s espisode we talk with Cosmo about realistic expectactions in security. Do we enable employees or get in their way? We spent all this time building a fort and it turns out you can’t even keep everything in it, so why did you build your security as a fort?

There is hope. Listen.

 

 

 

 

Episode 7 – Email is, well…

Email security with Robert Holmes

VP of Products, Proofpoint

With over 15 years’ experience in brand and fraud protection, Robert Holmes currently drives the strategy at Proofpoint for email fraud defence to help businesses implement solutions to protect their brands, customers and employees from advanced cyber threats.

 

Episode 5 – Why be vulnerable to known threats?

Guest today is Cristian Rodriguez of CrowdStrike

Today we chat about why it’s important to utilize both free and paid for tools to help keep yourself from being vulnerable to known threats. No sense in getting caught with your pants around your ankles about something we already knew was a problem.

Cristian Rodriguez is a Sr. Sales Engineer with CrowdStrike, working with some of the largest global enterprise clients. His background includes the implementation and consultation of a variety of security tools, such as Endpoint Security, DLP Platforms, Mobile Security, Proxy and IDS/IPS technologies. Before working with CrowdStrike, Cristian worked with the likes of security resellers, NH&A & FishNet Security (now Optiv) and technology vendors such as Forcepoint, & Zimperium.

Cristian lives in Northern VA, with his wife and 3 kids, and loves playing the piano and the guitar.

 

 

 

 

 

 

Episode 4 – Cyber defense from the Air Force to the Enterprise

Guest today is Jared Phipps of SentinelOne

Jared has been involved in cybersecurity professionally since 2001 and is passionate not only about technology but also with the practical use of technology to solve real problems. Jared is the Vice President of Worldwide Sales Engineering at SentinelOne, where he gets to use his passion for technology and experience in cybersecurity daily as he advises various prospects and clients through security projects. He spent the prior 6 years leading the sales engineering, professional services and incident response teams at Fidelis Cybersecurity. Prior to joining Fidelis, he worked for MITRE supporting NSA Cryptographic Modernization Programs for the United States Air Force. Jared is a veteran of the United States Air Force where he worked in cyber defense and offensive cyber operations.

 

 

 

 

Episode 3 – Security starts with being curious

Guest today is Chris Mitzlaff of Packetsled

In this episode: A behind the scenes interview with Security Engineer Chris Mitzlaff from PacketSled where we investigate the common challenges in today’s Enterprises… IOT, BCS, BYOD, adversaries… we cover it all in this episode about visibility on the wire.

Show notes:

 

 

Episode 2 – You forgot to configure Active Directory

Guest today is Clayton Fields of Javelin Networks.

As a security specialist, Clayton has helped clients improve security programs across the world. A thorough understanding of business drivers coupled with the ability to diagnose risk has allowed Clayton to help companies avoid being a headline. Also with this unique skill set, Clayton has helped executives understand the breakdown that exists between the business executives and cybersecurity professionals regarding risk assignment and prioritization that has caused so many newsworthy events. Experiences with incident response and threat hunting have also allowed Clayton to help companies choose unique solutions to mitigate risk.

Show notes:

The Microsoft KB Numbers mentioned are:  KB4103721 and KB100403