Edward Snowden is a prime example of an Insider Threat. Steven Bay was his manager at the time as says: "My missing employee, Edward Snowden, revealed himself to be the person behind the Top Secret NSA leaks that rocked the country in the preceding days. I felt my life came tumbling down around me. My worst day had come. I had to act - I had to lead. " We discuss insiders and why they are so dangerous and gain unique insights into the Edward Snowden story. The lessons learned we can apply to both identify and protect ourselves from such threats.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode170

Whether you're trying to migrate a "homegrown" application or an open-source tool, getting into containers and to the cloud can be challenging. There are many ways to achieve the same goal, and as always, some not-so-great advice on the Internet. This segment will cover some of the technical details and considerations for moving applications into Docker and eventually into cloud services. We'll review Docker configurations and strategies for building, maintaining and securing containers.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode170

This week in the Enterprise Security News, Paul and Matt cover the following stories: Cequence CQ botDefense, Optimizing Your IT Spend as You Move to the Cloud, Cybereason Launches Free Emotet-Locker Tool, Swimlane Version 10.0, Cisco Launches IoT Security Architecture, AV Vendors Continuing Support for Products Under Windows 7, Citrix and FireEye Launch IoC Scanner, StackRox Announces Google Anthos Support, Sophos Introduces Intercept X for Mobile, New Cisco/AppDynamics Integration, CloudKnox Security Raises Funding, and Magnet Forensics Unveils New Solution to Simplify Remote Forensics Investigations.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode170

Security goes against our core beliefs, therefore security awareness training often falls flat because employees don't care about security. By showing employees the "why" and how it benefits them as individuals, they are much more open to the "how" and begin to appreciate the value security provides.

Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode169

Alex Horan is the Director of Product Management at Onapsis and JP Perez is the CTO at Onapsis. Today they discuss the current state as it relates to SAP Vulnerabilities and security.

Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode169

In the Enterprise News, Paul and Matt cover new InfoSec products of the week, CyberArk's new JIT access capabilities, a Micro patch that simulates a workaround for the recent zero-day IE flaw, easier and faster AD rollback and recovery with STEALTHbits StealthRECOVER, automating protection from advanced threats with the new Kaspersky Sandbox, compromised credentials monitoring with FlashPoint, and some funding and acquisition updates from Security Compass, Sysdig, Waterfall Security, ServiceNow, and FireEye!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode169

This week on Enterprise Security Weekly, Paul Asadoorian and Matt Alderman interview Ward Cobleigh about the recent VISA security alerts highlighting the need for ongoing network monitoring and the ability to react quickly to specific indicators of compromise (IOCs). How flow and wire data can flag malicious behaviors and identify breach scope and impact. To find out more about VIAVI Solutions and to download their "Using Wire Data for Security Forensics" White Paper, visit https://securityweekly.com/VIAVI.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode168

This week on Enterprise Security Weekly, Paul Asadoorian and Matt Alderman interview Mark Orlando on outdated defense approaches and the need to revisit traditional thinking about security operations in the enterprise.

Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode168

This week on the Enterprise Security News segment, Paul Asadoorian, John Strand, and Matt Alderman cover the following stories: Up Your Vulnerability Prioritization Game with Tenable Lumin for Tenable.sc, How to Create Easy and Open Integrations with VMRays REST API - VMRay, Neustar Offers Companies a Flexible Customer Identity Authentication Solution - Help Net Security, Zimperium Integrates With Microsoft Defender Advanced Threat Protection EDR - Help Net Security, PacketViper Deception360 now available for Microsoft Azure - Help Net Security, Synopsys, Inc.s Acquisition Of Tinfoil Security Global Legal Chronicle, and Say Goodbye to Windows Server 2008 and Hello to Azure.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode168

This week on Enterprise Security Weekly Paul Asadoorian and Matt Alderman interview Britta Glade and Linda Gray Martin about RSA Conference 2020! This segment will give listeners a high-level overview of what to expect at RSA Conference 2020 and will highlight new components of content and programming like the Engagement Zone and the recently announced keynote speaker lineup. The segment will also discuss RSAC 2020's overarching theme - the Human Element - and how it will be intertwined throughout the Conference. To register for RSAC 2020 using our discount code or to book an interview with Security Weekly on-site at RSA Conference visit: https://securityweekly.com/rsac2020

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode167