Rank #1: ATT&CK™ your adversaries
4 open-source ATT&CK tools analyzed:
Jul 13 2018
Rank #2: Threat intel in 5 steps
If you're new to security threat intelligence or want to get the latest details on tools and techniques, Allan Liska from Recorded Future, Tim Gallo from FireEye and Wadeed Mian from ISA are here to help.
May 16 2018
Rank #3: DevSecOps: Developers play security offense
We look for the balance between developers' security responsibility and the security team. Maya Kaczorowski from Google, Shannon Lietz from Intuit and Larry Maccherone from Comcast help weigh the options.
Jun 27 2018
Rank #4: Smarter AI Ransomware: Your 5 Best Chances
Ransomware, like any other attack, is not inevitable if you can stop the attacker at even one step along a kill chain. We look specifically at the 5 steps of a ransomware as an example of how to improve your odds of avoiding a breach. Stewart Cawthray from Thomson Reuters, Allan Liska from Recorded Future, Tim Gallo from FireEye and Birat Niraula from CapitalOne provide lots of great advice!
Jun 13 2018
Rank #5: Securing microservices
Join the discussion:
Jun 20 2018
Rank #6: Your container security strategy
Containers like Docker offer new automation awesomeness, portability and predictability. But traditional security tools and ops are only the start of reducing your risks. John Morello from Twistlock, Alfredo Hickman from Rackspace and Kellman Meghu from Sycomp pull the container stack apart to reveal security gaps.
Please read NIST Application Container Security Guide co-authored by John Morello
And read Container Intrusions: Assessing the Efficacy of Intrusion Detection and Analysis Methods for Linux by Alfredo Hickman
May 23 2018
Rank #7: Choosing a DDoS provider
Learn how to decide which DDoS provider to select, what operational issues may come up and how to handle them. My guests: Laurent Gil co-founded a leader in DDoS solutions (Oracle Dyn formerly Zenedge) and Stewart Cawthray helped set up a DDoS service for a major telco and is now Senior Director Security at Thomson Reuters in Toronto, Canada. We delve into the difference between several different kinds of attacks with most time spent at the application layer (OSI layer 7).
May 09 2018
Rank #8: Rethinking identity: Securing users, apps and the cloud
idpro.org/join to connect and share with others on identity
aporeto.com/blog for the latest on app identity vs. user identity and many other resources
Jun 06 2018
Rank #9: Your cloud security roadmap
Cloud ushers in new security challenges, while alleviating others. My guests Stu Solomon CTO at Optiv and Allan Liska senior analyst at Recorded Future apply the NIST Cybersecurity Framework to draw out key elements of consideration for your security in the cloud.
If you're using Amazon AWS, Microsoft Azure, Google Cloud Platform or myriad other IaaS, PaaS and SaaS offerings, we hope you'll find this episode of value.
May 30 2018