Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This week on #the443podcast, Corey Nachreiner and Marc Laliberte cover two new publications out of CISA. First, we dive into CISA’s guidance to manufacturers and customers on secure-by-design and secure-by-default products. Next, they discuss CISA’s latest Zero Trust Maturity Model, which any organization can use to gauge how far along they are on the ZTA path and where they should focus their efforts next. Finally, we end with some research from Blaze Information Security on a series of vulnerabilities in a play-to-earn blockchain game.

Join WatchGuard CSO Corey Nachreiner and Sr. Security Analyst Trevor Collins as they discuss key findings from the WatchGuard Threat Lab’s 2022 Q4 Internet Security Report. They’ll cover the latest malware and network attack trends targeting small and midsized enterprises and defensive tips you can take back to your organization to stay ahead of modern threat actor tactics.

Datadog Cloud Security products offers real-time security monitoring across the stack, leveraging the Datadog Observability platform already used by millions of engineering teams. During this Datadog Security Observability Day we’ve shared how Datadog is making security a team sport, and how our security products help observe, uncover and secure vulnerabilities that matter.

CrowdStrike Falcon Complete XDR is the world’s first managed extended detection and response (MXDR) service with end-to-end remediation, from the #1 MDR leader. In this video, we demonstrate how the Falcon Complete XDR service team identifies, triages, and fully-remediates the cross-domain XDR threat activity associated with an advanced, file-less malware attack as the adversary attempts to persist and exfiltrate from servers in the customer’s environment.

This week on the podcast, Corey Nachreiner and Marc Laliberte discuss another cybercrime marketplace takedown dubbed Operation Cookie Monster. After that, they discuss Microsoft’s attempts to limit the distribution of a popular hacking toolkit. Finally, we discuss a recent analysis by Dr. Ken Tindell of Canis Automotive Labs about how criminals could steal his friend’s Toyota Rav4.

3 Easy Steps to Onboard! About TrustCloud: Our mission is to make it effortless to earn trust in every business relationship. TrustCloud's Trust Assurance platform democratizes every company's ability to quickly and cost-effectively set up, test and get audited for security and compliance certifications, automatically respond to security questionnaires, and confidently share its compliance program with enterprise customers.

In today's software development world, developers rely on numerous secrets, including API keys, credentials, and passwords to facilitate seamless interaction between application components as they code. Failing to remove these secrets can have disastrous consequences for businesses, making it essential to find and fix them before release.

Whether you’re attending RSA or not, one thing is for certain - attackers are always at work. Furthermore, attackers are always working together without red tape like we have within our corporate infrastructure. That’s why Mandiant/Google, Stairwell, SnapAttack, Nozomi Networks, SentinelOne, and Corelight are hosting a webinar before RSAC 2023 to show how Defenders are also Stronger Together. There is no silver bullet in the cybersecurity space, so come get the conversation started early in an executive panel as we explore how each executive/organization is addressing.

Stephanie Best, Director of Product Marketing, and Yaniv Balmas, VP of Research at Salt Labs, discuss what you need to know about the new 2023 OWASP API Security Top 10 release candidate. As a member of the OWASP committee that helped shaped the latest report, Yaniv takes you behind the scenes to learn what changed, what stayed the same, and why these decisions were made.

LimaCharlie is a cybersecurity middleware platform to connect sources of security telemetry, automate activity based on what's being observed, and forward data where you need it. LimaCharlie puts you in complete control of your data, allowing you to build the security program that your organization wants and needs. As powerful as the LimaCharlie platform is, we recognize that sometimes analysts need to send data elsewhere, or integrate specific tools for security control testing and incident response. In Part 3 of our LC101 series, we’ll look at options for extending the LimaCharlie platform.