Shows
CyberBytes: The PodcastThe Ups and Downs of Leading a Security Vendor with Erkang ZhengToday on CyberBytes: The Podcast, I’m joined by Erkang, Zheng, CEO & Founder of JupiterOne.JupiterOne was initially born during Erkang’s time as CISO at LifeOmic, and Erkang has always found numerous similarities between medicine and cybersecurity. He talks me through the process of spinning JupiterOne into its own entity and the journey over the past 7 years.Importantly, Erkang gives the raw insight into life as a tech founder not always being the sunshine and rainbows that social media can portray. He had to make hard decisions in 2023, and believes it’s important to talk a...2024-03-1935 min
CyberBytes: The PodcastThe Ups and Downs of Leading a Security Vendor with Erkang ZhengToday on CyberBytes: The Podcast, I’m joined by Erkang, Zheng, CEO & Founder of JupiterOne.JupiterOne was initially born during Erkang’s time as CISO at LifeOmic, and Erkang has always found numerous similarities between medicine and cybersecurity. He talks me through the process of spinning JupiterOne into its own entity and the journey over the past 7 years.Importantly, Erkang gives the raw insight into life as a tech founder not always being the sunshine and rainbows that social media can portray. He had to make hard decisions in 2023, and believes it’s important to talk a...2024-03-1935 min
TechSpective PodcastVisibility Without Context Is Just NoiseTechSpective Podcast Episode 118
"You can't protect what you can't see."
The first time someone said that, I am sure it was very profound. It is an obvious statement, but also very powerful in the context of cybersecurity. If you aren't even aware of the hardware assets connected to your network, or the software applications they are running, how can you possibly be aware of any vulnerabilities or weaknesses they may contain, and how could you take meaningful steps to reduce your exposure to risk?
Short answer: You can't.
That is why the mantra "You can't protect what you can't see" r...2023-10-0346 min
Office Hours with David MeltzerCara Macklin, Erkang Zheng, Jack KudaleCara MacklinShe worked as the director of her family business for 15 years. An award-winning multi-million-pound healthcare & hospitality group, which grew from 3 businesses with 250 staff to 7 businesses & 600 staff. She received a scholarship to study for her MBA at Cass Business School in London, Cara gained experience in Iceland, South Africa, China, and with the International Doyle Hotel Group. Cara has been awarded top 40 under 40, Women in Business Young Businesswoman of the Year, and Women in Business Outstanding Innovation.Erkang ZhengErkang Zheng is the Founder-CEO of JupiterOne, with 20 years of experience in all...2023-09-1841 min
The Tech TrekAdapting Management Styles to a New EnvironmentIn this episode of Tech Trek, Amir Bormand interviews Andy Foglia, the Director of Engineering at JupiterOne, to discuss adjusting management styles after joining a new company. Andy talks about his experience of transitioning from a big company to a startup and gives insights on how to adapt to new management styles. He also sheds light on the Jupiter One product that helps security practitioners understand what assets they have within their enterprise and identify potential vulnerabilities.
Highlights:
[00:01:15] Adjusting your management style.
[00:03:05] Transitioning to a new challenge.
[00:06:36] Taking risks in management.2023-07-1218 min
The Tech TrekTailoring Cybersecurity Strategies for Startups and Enterprise CompaniesOn this episode of Tech Trek, Lisa Hall, Chief Information Security Officer, talks about her experiences building a security program at the genetic testing company. The program covers infrastructure security, application security, product security, governance, risk, and compliance. Lisa discusses the challenges and strategies in building and maintaining a security program in a constantly evolving landscape.
Highlights
[00:02:29] Building security strategies.
[00:03:42] Adapting to different company cultures.
[00:07:16] Engineering first organizations.
[00:11:16] Finding security champions.
[00:14:30] Celebrating quick wins.
[00:17:25] Finding the right leadership voice.
[00:20:49] Cybersecurity and Business Impact.2023-05-1728 min
科技開麥拉【新創微開箱 EP33】雲端資產攻擊管理JupiterOne國內外資安攻擊事件層出不窮,防止駭客攻擊,甚至癱瘓系統的做法成為企業維持營運必須優先思考的課題。特別是近來在公/私有雲運用持續增加,如何有效防止雲端資產攻擊,也成為關注焦點之一。本集為大家說明何謂雲端資產,為何需要關注攻擊面管理?JupiterOne又是如何協助企業防止這類的攻擊?歡迎收聽本集分享! 本集講者:主持人 楊淳安/產業分析師 與談嘉賓:郭思偉/產業分析師 推薦產業研究資料庫:創新事業營運模式 延伸閱讀:JupiterOne:雲端資產攻擊面管理 留言告訴我你對這一集的想法: https://open.firstory.me/user/cl0bwfpls02rt0847zq8ru6js/comments Powered by Firstory Hosting2023-05-0309 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #122 - Selling Surveillance, New Era Security, Chatty Hacker, $50M Safe SecurityHey,It's 5:05. Glad you can be here on Tuesday, April 18th, 2023 from the Sourced Podcast Network in Camp Hill, Pennsylvania. This is your host, Bob Bannon. Stories in today's episode come from Mark Miller in New York City, Katy Craig in San Diego, California, Shannon Leitz, in San Diego, California, Edwin Kwan in Sydney, Australia. Ian Garrett in Arlington, Virginia. and Marcel Brown in St. Louis, Missouri. Pokes on vacation. I have the controls. Let's get to it.2023 State of Cyber Assets Report🇺🇸 Mark Miller, New York City ↗JupiterOne, 2023 State of...2023-04-1814 min
Release.Patch.Repeat.DRPR00004: Neue Schwachstellen, ein Fax und Threat IntelligenceDie Auswahl der Schwachstellen der letzten Woche:Fortinet hat 15 Sicherheitslücken behoben, darunter eine kritische Schwachstelle in FortiOS und FortiProxy: CVE-2023-25610Schwachstelle in der Komponente Veeam Backup & Replication: CVE-2023-27532IBM Spectrum Symphony 7.3 ist anfällig für HTTP-Header-Injection: CVE-2023-24975Diverse Schwachstellen in NETGEAR Nighthawk WiFi6 Routern In HashiCorp Vault und Vault Enterprise können authentifizierte Benutzer die geheime ID einer beliebigen anderen Rolle zerstören: CVE-2023-24999Diverse Schwachstellen in AvantFAX: CVE-2023-2332 bis CVE-2023-23328 👉🏼 Link zur aktuellen Version. Threat Intelligence für bessere Entscheidungen in der CybersicherheitDer Mandiant Global Perspectives on Threat Intelligence Report kommt zu dem E...2023-03-1312 min
State of Identity Podcast Series by LiminalThe Unknown Unknowns: Cyber Asset Attack Surface ManagementHow can you protect a cybersecurity perimeter that you can’t define? Join host Cameron D’Ambrosi and JupiterOne Founder & CEO Erkang Zheng as they discuss the value of cyber asset attack surface management (CAASM) and the role identity must play in bolstering an organization’s cybersecurity posture.2023-02-2330 min
Unsupervised LearningErkang Zheng of JupiterOne | SPONSORED INTERVIEW SERIESIn this standalone episode we’re doing a sponsored interview with Erkang Zheng of Jupiter One. So JupiterOne is a special company to me. I just built a vuln management program at Robinhood based around them, and I believe so much in their vision that I’m looking to actually become an advisor. I mention this because when I fanboy for something, like Apple, or whoever, I want you to know that I’m fanboying and/or have a relationship with them. Or that I want to. The interview here talks mostly about concepts, however, and no...2022-12-0327 minUnsupervised LearningErkang Zheng of JupiterOne | SPONSORED INTERVIEW SERIESIn this standalone episode we’re doing a sponsored interview with Erkang Zheng of Jupiter One. So JupiterOne is a special company to me. I just built a vuln management program at Robinhood based around them, and I believe so much in their vision that I’m looking to actually become an advisor. I mention this because when I fanboy for something, like Apple, or whoever, I want you to know that I’m fanboying and/or have a relationship with them. Or that I want to. The interview here talks mostly about concepts, however, and no...2022-12-0327 minUnsupervised LearningErkang Zheng of JupiterOne | SPONSORED INTERVIEW SERIESIn this standalone episode we’re doing a sponsored interview with Erkang Zheng of Jupiter One.
So Jupiter One is a special company to me. I just built a vuln management program at Robinhood based around them, and I believe so much in their vision that I’m looking to actually become an advisor. I mention this because when I fanboy for something, like Apple, or whoever, I want you to know that I’m fanboying and/or have a relationship with them. Or that I want to.
The interview here talks mostly about concepts, howeve...2022-11-2727 min
Revenue RehabMy Journey with Tyler Shields: Analyst, Investor, CMOThis week our host Brandi Starr is joined by Tyler Shields, CMO at JupiterOne. Tyler advises, guides, and operates high tech start-ups primarily in the B2B cyber security space. As a former market analyst, engineer, product manager, marketing leader, and partnership manager, Tyler builds and grows businesses – in all aspects. He is a board advisor or board member at multiple firms and an investment advisor for multiple venture capital and debt firms and his experience includes starting, leading, and growing companies including JupiterOne, CA Technologies, Sonatype, Signal Sciences, Veracode, Symantec, LURHQ, Secureworks, and @Stake. As...2022-11-2334 min
Enterprise Security Weekly (Video)The Joe Sullivan Case: Anomaly or Precedent? Part 2 - ESW #296In this panel discussion, we'll discuss the polarizing case of Joe Sullivan that has rattled the CISO community. Was the Sullivan case a rare anomaly? Were his actions in this scenario typical or unconscionable for the average CISO? Is it okay for Sullivan to take the fall while the rest of Uber and involved parties plead out with little to no punishment? We'll tackle all these questions and more with our excellent panel, comprised of: Sounil Yu, CISO and Head of Research at JupiterOne Brian Markham, CISO at EAB Rich Friedburg...2022-11-1142 min
Enterprise Security Weekly (Audio)ESW #296 - Travis Spencer, Sounil Yu, Brian Markham, Robert Graham, Rich FriedbergDon’t leave the door open. Modern systems are complex and require you to consider many aspects. Here are some aspects we consider critical: - APIs are the dominant software development direction/trend. Traditional/legacy ways to grant access is not fit for purpose of protecting this new way of delivering products and services. - Customers are demanding better digital experiences. To maintain a competitive edge and drive brand loyalty businesses need to provide great online experiences. - Standards (such as OAuth and OpenID Connect) are important to ensure high-security levels. Also enables sc...2022-11-112h 10
Enterprise Security Weekly (Video)The Joe Sullivan Case: Anomaly or Precedent? Part 1 - ESW #296In this panel discussion, we'll discuss the polarizing case of Joe Sullivan that has rattled the CISO community. Was the Sullivan case a rare anomaly? Were his actions in this scenario typical or unconscionable for the average CISO? Is it okay for Sullivan to take the fall while the rest of Uber and involved parties plead out with little to no punishment? We'll tackle all these questions and more with our excellent panel, comprised of: Sounil Yu, CISO and Head of Research at JupiterOne Brian Markham, CISO at EAB Rich Friedburg...2022-11-1147 minUnsupervised LearningNO. 356 | NEWS, ANALYSIS & DISCOVERY SERIESSponsored by JupiterOne: jupiterone.com/unsupervisedlearning Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.2022-11-0711 minUnsupervised LearningNO. 356 | NEWS, ANALYSIS & DISCOVERY SERIESSponsored by JupiterOne: jupiterone.com/unsupervisedlearning Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.2022-11-0711 minUnsupervised LearningNews & Analysis | NO. 352CISA Assets, Contractor Hack, China CVEs… Sponsored by: Jupiter One @ jupiterone.com/unsupervisedlearning Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.2022-10-1213 min
Afternoon Cyber Tea with Ann JohnsonCyber Resiliency with Sounil YuSounil Yu, Chief Information Security Officer and Head of Research at JupiterOne, joins Ann on this week's episode of Afternoon Cyber Tea. Ann and Sounil discuss the importance and evolution of cyber resilience and what organizations can do today to build resilience for the future. Sounil is a security innovator with over 30 years of experience creating, breaking, and fixing computer and network systems. He is the creator of the Cyber Defense Matrix and the DIE Resiliency Framework, teaches security as an Adjunct Professor, co-chairs Art into Science: A Conference on Defense, and advises many startups. In T...2022-10-0435 min
100x Engineering100x Engineering | E14: Why does everything I ship turn to garbage??This episode is joined by special guest David Osborn. We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-09-1446 minUnsupervised LearningNews & Analysis | NO. 348 | Spearmishing, Patreon Security, and Triple-Threat RansomwareSpearmishing, Patreon Security, and Triple-Threat Ransomware Sponsored by JupiterOne: https://www.jupiterone.com/unsupervisedlearningBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.2022-09-1223 minUnsupervised LearningNews & Analysis | NO. 348 | Spearmishing, Patreon Security, and Triple-Threat RansomwareSpearmishing, Patreon Security, and Triple-Threat Ransomware Sponsored by JupiterOne: https://www.jupiterone.com/unsupervisedlearningBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.2022-09-1223 min100x Engineering100x Engineering | E13: Do Data Analysts use Notepad++ like the rest of us?This episode is joined by special guest Billy Caughey. We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-08-2348 minUnsupervised LearningNews & Analysis | NO. 344Blackhat/DEFCON, TikTok Lockdown, MailChimp Breach… Sponsor: JupiterOne https://www.jupiterone.com/unsupervisedlearning Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.2022-08-1713 minUnsupervised LearningNews & Analysis | NO. 344Blackhat/DEFCON, TikTok Lockdown, MailChimp Breach… Sponsor: JupiterOne https://www.jupiterone.com/unsupervisedlearning Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.2022-08-1713 min
Redefining CyberSecurityBook | Reinventing Cybersecurity | A Conversation With Authors Jasmine Henry, Dr. Meg Layton, And Angela Marafino | Redefining CyberSecurity With Sean MartinThe book, Reinventing Cybersecurity, is the first cybersecurity book written entirely by women and non-binary experts and is a game-changing guidebook for cybersecurity practitioners at all career stages, from analyst to C-Suite. That's a lot. Yet, it is so much more than this.About The BookWritten by Latha Maripuri, Jasmine Henry, Aubrey Stearn, Carla Sun, Lonye Ford, Dr. Meg Layton, Tracy Bannon, Breanne Boland, Alison Gianotto, Carlota Sage, Lisa Hall, Rin Oliver, Joyous Huggins, Yvie Djieya, Angela Marafino, Coleen Shane, Rachel Harpley, Ashleigh Lee, and Amy Devers.Reinventing Cybersecurity is the first cybersecurity...2022-08-1046 min100x Engineering100x Engineering | E12: How do I Ted Lasso an Engineering Team?This episode is joined by special guest Andy Foglia. We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-08-0947 min100x Engineering100x Engineering | E11: How do I know if I'm actually a Designer disguised as an Engineer?This episode is joined by special guest Patrick Morgan. We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-07-2648 min100x Engineering100x Engineering | E10: Who would win in a fight, a Senior or a Staff Engineer?This episode is joined by special guest Cody Poll. We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-07-1247 min
Cyber TherapyWhat’s “valuable” to cybersecurity professionals, validating the market for podcasts, and thoughts on influencer marketingMeet David Spark, Producer, Managing Editor and Co-Host of the CISO Series. What attracted this tech journalist to cybersecurity? How did the CISO Series come into existence? What tips does David have for the budding podcaster/influencer/content creator? Listen to this episode to learn all that and more!
In this episode:
Check out the CISO Series, a media network for cybersecurity professionals. They currently host 5 shows:
CISO Series Podcast
Cyber Security Headlines
Defense in Depth
Super Cyber Friday
Capture the CISO
Follow David Spark on LinkedIn and Twitter.
...2022-07-0658 min
Enterprise Security Weekly (Audio)ESW #276 - Matt McGuirk & Ian GlazerThis episode, in the first segment Matt McGuirk, Solution Architect at Source Defense, joins to discuss Understanding Web Application Client-Side Risk! Then, we are joined by Ian Glazer, the SVP of Product Management, Identity at Salesforce, to talk about Salesforce's Journey Towards Complete Customer MFA! Finally, in the Enterprise Security News, Funding is back, in preparation for RSA! Devo raises $100M and becomes our 56th unicorn, JupiterOne raises $70M and becomes our 57th unicorn! Open source projects get some security funding, 10 more funding announcements, Mimecast has been taken private and is now delisted from the NASDAQ, ReliaQuest acquires Digital...2022-07-051h 59100x Engineering100x Engineering | E09: read && (shadow || do) && repeat === engineeringLevel += 1This episode is joined by special guest Matthew Zember. We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-06-2847 minCyber TherapyThe discipline of documenting thought, opinions on gatekeeping knowledge, and the beauty of developing interdisciplinary knowledgeMeet Daniel Miessler, creator of Unsupervised Learning, a community of 50k members consuming and contributing across various topics including infosec, technology, philosophy, creativity, and more!
In this episode:
Subscribe to the Unsupervised Learning newsletter for free or get exclusive access to the Unsupervised Learning Slack community among other member-only content as part of the paid subscription. Get more info here.
Follow Daniel Miessler on LinkedIn and Twitter.
Follow Ashleigh Lee on LinkedIn.
Follow Tyler Shields on LinkedIn.2022-06-2256 min100x Engineering100x Engineering | E08: Hackathons + OnsitesThis episode is joined by special guest Karson Kalt. We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-06-1447 minCyber TherapyReal technologists, technical communication, and gnome gardensMeet Tracy Bannon, Senior Principal at MITRE and passionate software architect. Learn about the hardest part for digital transformation projects of any size, valuable tips for technical communication, and what she means by "real technologist".
In this episode:
Get a copy of "Reinventing Cybersecurity" on Amazon or download the ebook here.
Follow Tracy Bannon on LinkedIn and Twitter.
Follow Jasmine Henry on LinkedIn and Twitter.
Follow Ashleigh Lee on LinkedIn.2022-06-081h 00
Enterprise Security Weekly (Video)ReliaQuest, Mimecast Delisted, 57th Unicorn, Expired Certs, & CyberSec Skill Crisis - ESW #276Finally, in the Enterprise Security News, Funding is back, in preparation for RSA! Devo raises $100M and becomes our 56th unicorn, JupiterOne raises $70M and becomes our 57th unicorn! Open source projects get some security funding, 10 more funding announcements, Mimecast has been taken private and is now delisted from the NASDAQ, ReliaQuest acquires Digital Shadows, We talk about public and private market performance, The cybersecurity skills crisis gets worse, Expired certs + IoT devices = PAIN! All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest e...2022-06-031h 03
Cloud Security Podcast by GoogleEP67 Cyber Defense Matrix and Does Cloud Security Have to DIE to Win?Guest: Sounil Yu, CISO and Head of Research at JupiterOne Topics: How does your Cyber Defense Matrix apply to cloud security? Are things easier or harder? Cloud (at least the cloudy-cloud, also called cloud native) definitely supports “Distributed Immutable Ephemeral” (DIE) - your new creation, how does that change security and CDM? Cyber resilience generates a lot of confusion, how do you define and describe it? BTW, is the cloud more or less cyber resilient based on your definition? Is invisible security a good thing? Can we ever have it? When should security be visible? Intuitively, securi...2022-05-3125 min
The Pair ProgramThe Keys to Scaling a Product Team from Seed to Series A (and beyond) | The Pair Program Ep09Join us as our hosts, Tim and Mike, talk to startup leaders Anne Neilsen and Rajesh Nerlikar. Anne is the Executive Director of Product Management at cybersecurity startup JupiterOne. Throughout her career, she has developed a specialty in the security space working in both product strategy and marketing at various companies (including Veracode, IANS, and Rapid7). Rajesh is a Co-Founder and Principal Product Advisor at Prodify and co-author of the bestselling product book, Build What Matters. Over the past 4 years, he’s advised and coached nearly 40 companies on product strategy and team development, from startup founders to growth stage pr...2022-05-3151 min
People AnalyticsPrioritising People and Creating a Culture of Respect with JupiterOne’s Amy DeversAmy Devers is the Chief of Staff and Executive Director of People and Culture at JupiterOne, a cloud-native SaaS security company.Amy has worked in HR and talent acquisition experience for over 10 years with particular expertise in Strategic Workforce Planning, Effective Employee Relations & Engagement, Talent Development for Top Performance, and Sourcing/Talent Acquisition. Here are a few of the topics we’ll discuss on this episode of People Analytics:
How working in customer service can help you better understand people.
Which HR certifications are the most important.
How to know wh...2022-05-3035 min100x Engineering100x Engineering | E07: Akash GanapathiThis episode is joined by special guest Akash Ganapathi. We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-05-2445 min100x Engineering100x Engineering | E06: The impact of OSS in a comapnyThis episode is joined by special guest Austin Kelleher. We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-05-1945 min
data://expressDXPRS0029: Security Reports, Festplatten und Data Processing UnitsDie Bitkuh KuhbitUnsere Bitkuh Kuhbit kam Ende April zu uns. Das Designerstück ist ein Teil der CowParade Gefunden hat sie Wolfgang auf dem VCFe. Seitdem ist Kuhbit unser Maskottchen.Bitkuh KuhbitKuhbit ist ein Cowputer und verkörpert viel von unserer Kultur bzw. unseren Werten. Kuhbit steht für Natur und Fortschritt, unser Leben auf dem Land und die vielen damit verbundenen Möglichkeiten, für Digitalisierung und Tradition.Reports, Reports, ReportsVon Splunk gibt es den State of Security 2022. Die Ergebnisse untermauern die Data Security Predictions für 2022 – Supply Chain Hacks, Ransomware, DevSecOps, Threat Intellig...2022-05-1844 minCyber TherapyFinding community in InfoSec, using your voice on social media, and making conferences more inclusive and safeMeet Coleen Shane, Network Security Engineer at Quick Quack Car Wash. Tune in to hear Coleen share about how she developed her voice on social media, her first experience at DEFCON and Hacker Summer Camp in Las Vegas, and finding community among #infosec Twitter.
In this episode:
Get a copy of "Reinventing Cybersecurity" on Amazon or download the ebook here.
More articles on #infosecbikini:
Vice
Infosecurity Magazine
The New Stack
Cyber Risk Leaders
Follow Coleen Shane on Twitter.
Follow Jasmine Henry on LinkedIn and Twitter.
...2022-05-1856 min
Cloud Security NewsDell Embraces Multi-cloud + Hackers use stolen OAuthCloud Security News this week 11 May 2022
Brought to you this week by JupiterOne
To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/
Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News 2022-05-1106 min
RSA ConferenceGet Your Head IN the Clouds: SOC Teams Must Live in Clouds to Secure ThemMassive cloud proliferation has driven huge increases in IT and security complexity, the vast majority of which come from trying to force fit legacy concepts, processes and even tools, into a cloud context. This will cover the most important considerations and requirements facing organizations to adequately understand and affect their new reality – and evolve their security thinking.
Speakers:
Nipun Gupta, Senior Security Leader, Devo
Sounil Yu, CISO and Head of Research, JupiterOne
Kacy Zurkus, Content Strategist, RSAC2022-05-0935 min
Enterprise Security Weekly (Audio)ESW #272 - Prashasth Baliga & Ryan FriedThis week, in our first segment, we welcome Prashasth Baliga, Senior Security Consultant at Palo Alto Networks to talk about Security Orchestration and Automation Simplified! Then, Ryan Fried, Senior Security Engineer at Brooks Running, joins for an interview about Getting Value from SOAR beyond Phishing Workflows! Finally, in the Enterprise Security News, Veza raises $110M for Data Security, Traceable raises $60M for API Security, 10 other security startups get funded, Synopsis buys Whitehat for $330M, HackerOne approves a PullRequest, Bright Security acquires WeHackPurple, LexusNexis acquires BehaviorSec, JupiterOne continues to release some compelling books, the DevSecOps evolution, the future of Product-Led...2022-05-061h 48
Enterprise Security Weekly (Video)WeHackPurple, DevSecOps Evolution, Product-Led Growth, & 10 Security Startups - ESW #272In the Enterprise Security News, Veza raises $110M for Data Security, Traceable raises $60M for API Security, 10 other security startups get funded, Synopsis buys Whitehat for $330M, HackerOne approves a PullRequest, Bright Security acquires WeHackPurple, LexusNexis acquires BehaviorSec, JupiterOne continues to release some compelling books, the DevSecOps evolution, the future of Product-Led Growth, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw2722022-05-0644 minCyber TherapyWhat contributes to imposter syndrome & what can we do to address it in the workplaceMeet Angela Marafino, Customer Product Manager at Microsoft. Angela shares about her non-traditional journey into cybersecurity, her thoughts on the phrase "imposter syndrome," and her ideas on how companies can improve workplace culture to eradicate imposter syndrome.
In this episode:
Get a copy of "Reinventing Cybersecurity" on Amazon or download the ebook here.
Follow Angela Marafino on LinkedIn and Twitter.
Follow Ashleigh Lee on LinkedIn.
Follow Jasmine Henry on LinkedIn and Twitter.2022-05-0450 min100x Engineering100x Engineering | E05: Open Source Library developmentThis episode is joined by special guest Tyler Walch. We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-04-2648 minCyber TherapyFollowing your passion, finding your voice, and becoming a “content creator”Meet Clint Gibler, creator of tl;dr sec newsletter and Head of Security Research at r2c, a San Francisco-based startup building Semgrep. Tune in to learn how the famed tl;dr sec newsletter came into existence, the challenges to hitting publish, and finding your written voice.
Tyler and Ashleigh also try something new and fail spectacularly - please hold your scathing commentary, but feel free to laugh at our expense.
In this episode:
You want a pure security research newsletter? Look no further. Subscribe to the newsletter that Daniel Miessler...2022-04-201h 07100x Engineering100x Engineering | E04: Local dev environments, in-house tooling, protecting dev time, how to survive early-stage startupThis episode is joined by special guest Charlie Duong. We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-04-1244 minCyber TherapyBuffy, cybersecurity research, and learning journeysMeet Dr. Meg Layton, Security Architect at Children's National Hospital. Avid fan of Buffy the Vampire Slayer, a quote from Spike keeps her motivated to do the hard work of information security.
Meet Jasmine Henry, Field Security Director at JupiterOne. With several years of leading cybersecurity teams under her belt, she is currently pursuing her Ph.D., conducting research on the state of cyber assets.
Both Dr. Meg and Jasmine tell tales of educating developers about secure coding practices and how their own extended education has influenced their methods of communication and education.
2022-04-061h 09Cloud Security NewsLatest with Okta/Lapsus$ + Return of Log4JCloud Security News this week 30 March 2022
Brought you by
- JupiterOne - Find out more about them at www.jupiterone.com/csp
To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/
Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News 2022-03-3006 min
Cloud Security PodcastScaling a Practical AWS Asset Management ProgramIn this episode of the Virtual Coffee with Ashish edition, we spoke with Jasmine Henry & George Tang from JupiterOne
Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Linkedin: Jasmine Henry & George Tang
Podcast Twitter - @CloudSecPod @CloudSecureNews
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security News
- Cloud Security Academy2022-03-2740 minCloud Security NewsAll you need to know about the Okta and Microsoft breachCloud Security News this week 23 March 2022
Brought you by
- JupiterOne - Find out more about them at www.jupiterone.com/csp
- Hunters - Find out more about them at www.hunters.ai
To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/
Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News 2022-03-2305 min100x Engineering100x Engineering | E03: What are the challenges of transitioning into a leadership position?This episode is joined by special guest Phil Gates-Idem. We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-03-221h 00Cloud Security NewsThe Cyber Defense Matrix + CSA launches Zero Trust Advancement CenterCloud Security News this week 16 March 2022
Brought you by
- JupiterOne - Find out more about them at www.jupiterone.com/csp
- Hunters - Find out more about them at www.hunters.ai
To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/
Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News 2022-03-1604 minCyber TherapyThreat intelligence, the market analyst life, and BBQMeet Rick Holland, CISO at Digital Shadows and former Forrester Research analyst. Listen to find out:
why he left the analyst life to join the vendor side,
his thoughts on the state of threat intelligence, and
how he recharges his energy and enthusiasm for his job
Follow Rick Holland on LinkedIn and Twitter.
Follow Ashleigh Lee on LinkedIn.
Follow Tyler Shields on LinkedIn.2022-03-1558 min
Express Over EspressoMove And ImproveAkash Ganapathi, our speaker of the podcast titled 'Move and Improve', is the Head of Solutions Architecture at JupiterOne. He comes from a data modeling and software architecture background and also operated his own startup prior to joining JupiterOne. In a candid conversation with our host Zahid Sheikh, Akash shared his unorthodox journey into the world of technology from dropping out of college to his passion to build something of his own and launching his own startup. Listen to Akash sharing his entrepreneurial journey from the lessons he learned the hard way to playing an instrumental role in JupiterOne's growth.2022-03-1427 minCloud Security NewsGoogle's 5.4B Aquisition + CNCF Accepts Knative, a kubernetes PlatformCloud Security News this week 9 March 2022
Brought you by
- JupiterOne - Find out more about them at www.jupiterone.com/csp
- Hunters - Find out more about them at www.hunters.ai
To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/
Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News 2022-03-0908 min100x Engineering100x Engineering | E02: What is it like shifting careers to become a Software Engineer?This episode is joined by special guest Julia Zolotarev. We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-03-081h 00
Tomorrow's Leader#251 - How Great Leaders Attract Top Talent with Erkang ZhengSend us a textIn this episode, host John Laurito talks with the Founder and CEO of JupiterOne about his journey from leading security for other organizations to starting his own cybersecurity company. He also shares his views on expanding comfort zones, hiring A-players as an A-player himself, and his advice to leaders who are only starting in their entrepreneurial journeys.Erkang Zheng, Founder and CEO of JupiterOne, is a leader in cybersecurity with 15 years of experience in all domains from identity and access, penetration testing, and incident response to data, application, and cloud security...2022-03-0518 minCloud Security NewsJupiterOne announces open source StarBaseCloud Security News this week 2 March 2022
Brought you by Hunters - Find out more about them at www.hunters.ai
To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/
Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News 2022-03-0205 minCyber TherapyEthics, burnout & the retired lifeMeet Jason Chan, aka Chan-lander, former VP of Security at Netflix who is now retired. Learn how he:
vet hiring candidates' ethics in interviews
supported team members who experience burnout
passes the time as a retiree
Did you know that 56% of podcasts have 10 episodes or fewer? We are definitely celebrating this milestone!
Follow Jason Chan on LinkedIn and Twitter.
Follow Ashleigh Lee on LinkedIn.
Follow Tyler Shields on LinkedIn.2022-03-021h 01Cloud Security NewsSnyk Acquires Fugue + Amazon CodeGuru Reviewer now detects Apache Log4jCloud Security News this week 23 February 2022
Brought you by JupiterOne - Find out more about them at https://jupiterone.com/csp
To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/
Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News 2022-02-2305 min100x Engineering100x Engineering | E01: What value and risks do Junior Engineers provide?This episode is joined by special guest Henry Garrett. Welcome to 100x Engineering! We created 100x Engineering to help you acquire the skills necessary to become not a 1x, or even 10x engineer, but a 100x Engineer. We discuss career progression, soft skills, interviewing, how to approach new tech, transitioning into management, and working with other teams. Contact us at 100x@jupiterone.com.
Connect with Carter Hesterman on LinkedIn.
Connect with Drew Johnson on LinkedIn. 2022-02-221h 01Cloud Security NewsAzure Launches Azure Payment HSMCloud Security News this week 16 February 2022 - https://cloudsecuritypodcast.tv/cloud-security-news/
Brought you by JupiterOne - Find out more about them at https://jupiterone.com/csp
Google’s Cybersecurity Action Team has released Threat Horizon’s report this month. The report can be accessed here
Staying in theme with Google Cloud (which also happens to be our theme for this month at Cloud Security Podcast). This week they have reported a low severity vulnerability in the Linux kernel's function. The attack uses unprivileged user namespaces and under certain circumstances this vulnerability can be exploitable for container breako...2022-02-1704 minCyber TherapyWhat’s an asset (in the context of infosec), cyber resilience, security careers and cultures across industriesMeet Helen Patton, author of Navigating the Cybersecurity Career Path. She's currently an Advisory CISO at Cisco and has decades of experience as a CISO at places like JPMC and The Ohio State. What unique asset did she have to include in her threat model at The Ohio State? Tune in to find out!
Meet Sounil Yu, creator of the Cyber Defense Matrix and DIE triad. He is currently CISO and Head of Research at JupiterOne and previously served as the CISO-in-Residence at YL Ventures and Chief Security Scientist at Bank of America. How is the Cyber...2022-02-161h 00
Breaking Through in Cybersecurity MarketingBuilding Trust, Culture, and Communities with Tyler ShieldsIn the first episode of Breaking Through In Cybersecurity Marketing, Gianna and Maria are joined by JupiterOne’s self proclaimed “accidental CMO,” Tyler Shields. Tyler shares his three step approach for building out marketing programs at startups, how to establish company culture remotely, setting realistic expectations with internal stakeholders when building community at companies, and why your company is in need of a “talking head.” Lastly, Tyler spills the beans on the true mastermind behind his Yeti swag and the current marketing models and platforms he’s engaging in.
Key takeaways:
00:40 Bio
02:10 Tyler’s...2022-02-1441 minCloud Security NewsAmazon GuardDuty now protects Amazon EKSCloud Security News this week 09 February 2022 - https://cloudsecuritypodcast.tv/cloud-security-news/
Brought you by JupiterOne - Find out more about them at https://jupiterone.com/csp
Google Cloud has released the Virtual Machine Threat Detection tool as part of their Security Command Center for Premium customer. According to Google’s blog this “is a first-to-market detection capability from a major cloud provider that provides agentless memory scanning to help detect threats like cryptomining malware inside your virtual machines running in Google Cloud.” For those familiar with AWS Guardduty, how does this compare - share with us on link...2022-02-0905 minCloud Security NewsGoogle reports Linux Kernel VulnerabilitiesCloud Security News this week 02 February 2022
Brought you by JupiterOne - Find out more about them at https://jupiterone.com/csp
Google Cloud have reported that 3 security vulnerabilities have been discovered in the Linux kernel, each of which can lead to either a container breakout, privilege escalation on the host, or both.Google have shared that these vulnerabilities affect all GKE node operating systems and Anthos clusters on VMware node operating systems (COS and Ubuntu). Pods using GKE Sandbox are not vulnerable to these vulnerabilities. You can find out more about it here.
Safety detectives uncovered a...2022-02-0205 minCyber TherapyNC State college seniors get industry experience with the software development lifecycle and contribute to what became Starbase (from JupiterOne)Meet Margaret Heil, Director of the Computer Science Department Senior Design Center at NC State. She leads the Senior Design Center where students can get industry experience outside of a regular internship or co-op. Not only do they get to experience the full software development lifecycle, they get experience in project management and communication, both vital skills in the role of a software developer.
Meet Nick Dowmon, Software Engineer at JupiterOne. With Nick as their guide, this group of NC State students contributed substantially to what would become Starbase, the open source graph-based security analysis tool.
2022-02-0249 min
Cloud TalkEpisode 85: Adventures in Cloud Native SecurityIf you've ever been curious about all things cloud native security, you're in luck because our host, Jeff DeVerter, and his guest, Mark Miller, from JupiterOne expand on the adventures of this exact subject.Special Guest: Mark Miller.2022-01-2431 minCyber TherapyEvolution of InfoSec metrics, security culture, burnout and self-careMeet Caroline Wong, Chief Strategy Officer at Cobalt and host of the Humans of InfoSec podcast. Caroline authored "Security Metrics, a Beginner's Guide" back in 2011 and speaks to the evolution of those metrics over the last decade. She also shares her thoughts on the transformation of security culture, as well as what to do if you're feeling burned out.
Follow Ashleigh Lee on LinkedIn.
Follow Tyler Shields on LinkedIn.2022-01-1959 min
The OWASP Podcast SeriesThe InfoSec Color Wheel with Jasmine HenryWe’ve all heard of “Red Teams” and “Blue Teams” when it comes to cybersecurity. But what about the “Purple Team”, the “Yellow Team” or the “Blue Team”. What are those?
In February of 2020, Louis Cremen introduced the InfoSec Colour Wheel to the security community. The wheel expands upon April Wright’s work on bringing builders into the security team. The value of the wheel is to show the various types of security teams, seven in all, and the role each plays in security.
Jasmine Henry brought the wheel to my attention. As she and I talked, we realized the InfoSec Wheel can be use...2022-01-1027 minCyber TherapyCybersecurity trends, investing, and educationMeet Kelley Mak, Partner at Work-Bench. He double-majored in philosophy and physics (why?) and is now a market-analyst-turned-investor. Tune in to hear some cybersecurity trends over the last decade, as well as thoughts on personal branding and how it impacts investor pitches.
Follow Ashleigh Lee on LinkedIn.
Follow Tyler Shields on LinkedIn.2022-01-0558 minCyber TherapyvCISOs, the security playbook for SMBs, Log4j, and the Diana InitiativeMeet Carlota Sage, a vCISO who's passionate about setting up the security foundations for small and medium-sized businesses (SMBs).
With a background in knowledge sharing and community, she's also a huge advocate for building a more inclusive information security industry through The Diana Initiative.
In this episode:
Follow Carlota Sage on LinkedIn and Twitter.
Check out The Diana Initiative, a conference helping all who are underrepresented in information security.
Follow Tyler Shields on LinkedIn.
Follow Jennie Duong on LinkedIn.2021-12-281h 03Cyber TherapyThe worst early career IT/security jobs and the best mediums to share your hot takes on cyberMeet Adrian Sanabria, seasoned security professional and host of Enterprise Security Weekly. How did he get into security before security was really a "thing"? With experience troubleshooting modems in a call center and tinkering with technology, he got extensive IT and security experience at a company that was doing 40,000+ credit card transactions a day.
In this episode:
Follow Adrian Sanabria on Linkedin and Twitter.
Check out the podcast Enterprise Security Weekly.
Follow Tyler Shields on LinkedIn.
Follow Jennie Duong on LinkedIn.2021-12-141h 03Cyber TherapyAWS re:Invent - a first-timer's experienceMeet Carter Hesterman, Director of Engineering, Applications at JupiterOne, as he shares his experience in Las Vegas at AWS re:Invent. From sessions to parties and making friends on the dance floor, it sure sounds like a memorable event to attend!
Follow Ashleigh Lee on LinkedIn.
Follow Tyler Shields on LinkedIn.2021-12-071h 05
The CollabTalk PodcastEpisode 34 | The Role of DevOps in Collaboration Culture with Mark MillerFor this episode, I spoke with Mark Miller (@EUSP), Senior Director of Content Marketing with JupiterOne and the host and executive producer of the DevSecOps Podcast series, on the topic of the role of Dev Ops within our collaboration culture, and how the dev ops space has evolved and grown over the past decade.
You can find more information on my guest on my blog at https://www.buckleyplanet.com/2021/12/collabtalk-podcast-episode-34.html2021-12-0354 minCyber TherapyFounder relationships and mentorshipMeet Aaron Bray and Pete Morgan from Phylum. Aaron (CEO) and Pete (President) co-founded Phylum with Louis Lang (CTO) in 2020, but their history dates back much further. Learn about their foray into cybersecurity and how mentorship played a critical role in their journey into entrepreneurship.
Follow Ashleigh Lee on LinkedIn.
Follow Tyler Shields on LinkedIn.2021-11-2356 minCyber TherapyA new security showWho are the humans driving this show? In this first episode, get to know the hosts and why we decided to make a show highlighting the people doing the hard work of security, not just their technical chops.
Follow Ashleigh Lee on LinkedIn.
Follow Tyler Shields on LinkedIn.2021-11-1744 min
Cloud Security PodcastFeds go "Cloud Smart"+ Alibaba Cloud targeted by HackersCloud Security News this week 17 November 2021
According to a research by Trend Micro, Elastic Computing Service (ECS) instances for Alibab Cloud are becoming an increasingly common target for financially motivated hackers with cryptomining goals. This increased targeting may be due to a few unique features of Alibaba Cloud. Alibaba ECS instances come with a preinstalled security agent and provides root access/ privileged control by default. There is a detailed article attached about this here
JupiterOne (a Cyber Asset Management Platform ) and Cisco have announced the launch of Secure Cloud Insights, an expanded cloud security and security operations partnership d...2021-11-1704 minCloud Security News17 November 2021 - Feds go Cloud Smart + Alibaba Cloud targeted by HackersCloud Security News this week 17 November 2021
According to a research by Trend Micro, Elastic Computing Service (ECS) instances for Alibab Cloud are becoming an increasingly common target for financially motivated hackers with cryptomining goals. This increased targeting may be due to a few unique features of Alibaba Cloud. Alibaba ECS instances come with a preinstalled security agent and provides root access/ privileged control by default. There is a detailed article attached about this here
JupiterOne (a Cyber Asset Management Platform ) and Cisco have announced the launch of Secure Cloud Insights, an expanded cloud security and security operations partnership d...2021-11-1704 min
Fuse ShowEP. 58 - A Fireside chat with CEO & Founder of JupiterOne - Erkang ZhengErkang Zhang is the CEO & Founder of JupiterOne. He is a hands-on leader in cybersecurity, an engineer by trade, and an entrepreneur at heart. He is passionate about technology and solving real-world challenges. He's building a cloud-native security platform — JupiterOne — to deliver knowledge, transparency, and confidence to every digital operation in every organization, large or small.2021-10-2049 min
Three Buddy ProblemSounil Yu on SBOMs, software supply chain securityEpisode sponsored by SecurityWeek.com
JupiterOne CISO Sounil Yu joins the show to sift through the noise and explain the value of SBOMs (software bill of materials), the U.S. government's response to software supply chain security gaps, and what every buyer and seller should be doing to prepare for major changes in the ecosystem.2021-07-1348 min
The OWASP Podcast SeriesOWASP Flagship Projects - Episode 02In this episode of the People | Process | Technology podcast, I speak with Seba Deleersnyder from the Software Assurance Maturity Model, Carlos Holguera and Sven Schleier from the Mobile Security Testing Guide, and Bjoern Kimminich from the Juice Shop Project.
This is part of an ongoing podcast series, highlighting the OWASP Flagship Projects that will be featured at the OWASP 20th Anniversary Celebration in September. I talk with the project leads to hear what they have been working on for the past year, what their plans are for the coming year, and what we can expect to see at the conference...2021-06-1625 min
The OWASP Podcast SeriesOWASP Flagship Projects - Episode 01In this episode of the People | Process | Technology podcast, I speak with Simon Bennetts from the Zap Project, Christian Folini from the ModSecurity Core Rule Set Project, and Steve Springett from the Dependency Track Project.
This is part of an ongoing podcast series, highlighting the OWASP Flagship Projects that will be featured at the OWASP 20th Anniversary Celebration in September. I talk with the project leads to hear what they have been working on for the past year, what their plans are for the coming year, and what we can expect to see at the conference in September.
The OWASP 20...2021-06-0422 min
Paul's Security Weekly (Audio)Jerry the Hedgehog - PSW #695This week, we kick off the show with the Security News: Is the cyber NTSB a good thing?, Russian virtual keyboard for the win, information should be free, hang on while I unplug the Internet, security MUST be taken seriously, poison the water hole to poison the water, bombing hackers, how industry best practices have failed us?, publishing exploits is still a good thing regardless of what the studies say, & more! Then, we have a Technical Segment featuring our own Adrian Sanabria, & Sounil Yu from JupiterOne! Then we wrap up the show with a pre-recorded interview with ‘Wheel’ on the...2021-05-213h 10
Enterprise Security Weekly (Audio)Tyler Has Visitors - ESW #226This week, In the first segment, we welcome Steve Springett, Chair at CycloneDX SBOM Standard, Core Working Group, for a discussion on The Rise of SBOM! Next up, Carlos Morales, CTO Security Services at Neustar, joins for a discussion on how Applications Are Your Lifeblood – Understanding the Changing Attack! In the Enterprise Security News: Code42 enhances Incydr to help identify insider risk related to file uploads to unsanctioned websites, Imperva acquires CloudVector to provide visibility and security for API traffic, ThreatQuotient launches ThreatQ TDR Orchestrator to accelerate detection and response, KnowBe4 Launches Artificial Intelligence-Driven Phishing Feature, and some funding an...2021-05-071h 44
Enterprise Security Weekly (Video)JupiterOne, Signal Ad Banned, Series F Funding, & Imperva Acquires CloudVector - ESW #226This week in the Enterprise Security News: Code42 enhances Incydr to help identify insider risk related to file uploads to unsanctioned websites, Imperva acquires CloudVector to provide visibility and security for API traffic, ThreatQuotient launches ThreatQ TDR Orchestrator to accelerate detection and response, KnowBe4 Launches Artificial Intelligence-Driven Phishing Feature, and some funding and acquisition updates from Thoma Bravo, Proofpoint, Darktrace, JupiterOne, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw2262021-05-0639 min
The OWASP Podcast SeriesThe Cyber Defense Matrix Project with Sounil YuIn 2020, Security Magazine listed Sounil Yu as one of the most Influential People in Security in 2020, in part because of his work on the Cyber Defense Matrix, a framework for understanding and navigating your cybersecurity environments. The Cyber Defense Matrix started as a project when Sounil was the Chief Security Scientist at Bank of America. The initial problem he focused on with the matrix was how to evaluate and categorize vendors and the solutions they provided.
The Cyber Defense Matrix is a structured framework that allows a company to understand who their vendors are, what they do, how they work...2021-04-2122 min
The OWASP Podcast Series2021 OWASP Top 10 with Andrew van der StockThe Top 10 is considered one of the most important community contributions to come out OWASP. In 2003, just two years after organization was started, the OWASP Top 10 was created. The purpose of the project was to create an awareness document, highlighting the top ten exploits security professionals should be aware of. Since that time, innumerable organizations have used it as a guideline or framework for creating security programs. The current Top 10 list was released four years ago, in 2017.
As part of a 2021 initiative at OWASP, the OWASP Top 10 is in the process of being updated, and scheduled for release this summer...2021-03-2615 min
The OWASP Podcast SeriesThe Ops Side of DevSecOps w/ Damon EdwardsWhen Shannon Lietz and the team at DevSecOps.org published the DevSecOps Manifesto six years ago, security was uppermost in their minds. The manifesto starts with a call to arms…
“Through Security as Code, we have and will learn that there is simply a better way for security practitioners, like us, to operate and contribute value with less friction. We know we must adapt our ways quickly and foster innovation to ensure data security and privacy issues are not left behind because we were too slow to change.”
The effect of the DevSecOps movement was not understood by many, other than t...2021-01-2924 min
The OWASP Podcast SeriesA Note from the Executive ProducerThis is Mark Miller, Executive Producer. Over the years as I’ve produced the show, the topics of focus have followed the trends in the industry. What was originally called “The OWASP Podcast” became “OWASP 24/7” and then “The DevSecOps Podcast”.
Each change brought with it a new audience, extending our community from exclusively OWASP practitioners, to DevOps and DevSecOps advocates. The audience for the podcast has grown, with close to 500,000 listens of the 150 episodes.
We’ve covered book launches by speaking with the authors, we’ve talked about industry reports focusing on the Software Supply Chain. Topics have included Chaos Engineering, effor...2021-01-2703 min
Zero Hour PodcastErkang Zheng - The story of JupiterOneWe are joined by Erkang Zheng, Founder of JupiterOne, who is a leader in cybersecurity with 15 years of experience in all domains from identity and access, penetration testing and incident response to data, application and cloud security. Zheng holds several patents and is passionate about combining innovation and execution to deliver practical solutions that address cybersecurity challenges at their root cause. He was previously the head of software security architecture and assurance practice for Fidelity that serviced over 12 million customer accounts. He also led a team of engineers building customer protection solutions as well as patent-pending security R&D. Before...2020-10-0100 min
The Secure DeveloperInnovation And Execution For Better Solutions With Erkang ZhengFor this special, DevSecCon Seattle, edition of the show, our guest is Erkang Zheng from LifeOmic. Erkang is an experienced cybersecurity specialist and recently developed JupiterOne, a security product that is changing how organizations manage their cloud-based infrastructure. We get to hear from Erkang about the unique way that security is run at LifeOmic where he is the current CISO. LifeOmic is a software company that builds cloud-based data platforms for its customers. In our conversation, we cover the small security team size at the company, the reasons for this and the systems they have in place that hold...2020-04-1419 min