Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This week on the podcast, Corey Nachreiner and Marc Laliberte discuss another cybercrime marketplace takedown dubbed Operation Cookie Monster. After that, they discuss Microsoft’s attempts to limit the distribution of a popular hacking toolkit. Finally, we discuss a recent analysis by Dr. Ken Tindell of Canis Automotive Labs about how criminals could steal his friend’s Toyota Rav4.

3 Easy Steps to Onboard! About TrustCloud: Our mission is to make it effortless to earn trust in every business relationship. TrustCloud's Trust Assurance platform democratizes every company's ability to quickly and cost-effectively set up, test and get audited for security and compliance certifications, automatically respond to security questionnaires, and confidently share its compliance program with enterprise customers.

In today's software development world, developers rely on numerous secrets, including API keys, credentials, and passwords to facilitate seamless interaction between application components as they code. Failing to remove these secrets can have disastrous consequences for businesses, making it essential to find and fix them before release.

Whether you’re attending RSA or not, one thing is for certain - attackers are always at work. Furthermore, attackers are always working together without red tape like we have within our corporate infrastructure. That’s why Mandiant/Google, Stairwell, SnapAttack, Nozomi Networks, SentinelOne, and Corelight are hosting a webinar before RSAC 2023 to show how Defenders are also Stronger Together. There is no silver bullet in the cybersecurity space, so come get the conversation started early in an executive panel as we explore how each executive/organization is addressing.

Stephanie Best, Director of Product Marketing, and Yaniv Balmas, VP of Research at Salt Labs, discuss what you need to know about the new 2023 OWASP API Security Top 10 release candidate. As a member of the OWASP committee that helped shaped the latest report, Yaniv takes you behind the scenes to learn what changed, what stayed the same, and why these decisions were made.

LimaCharlie is a cybersecurity middleware platform to connect sources of security telemetry, automate activity based on what's being observed, and forward data where you need it. LimaCharlie puts you in complete control of your data, allowing you to build the security program that your organization wants and needs. As powerful as the LimaCharlie platform is, we recognize that sometimes analysts need to send data elsewhere, or integrate specific tools for security control testing and incident response. In Part 3 of our LC101 series, we’ll look at options for extending the LimaCharlie platform.

Bitsight Third-Party Vulnerability Response empowers organizations to take action on high priority incidents at a moments notice. Learn how to initiate vendor outreach and track responses to critical vulnerabilities through scalable templated questionnaires —with tailored exposure evidence— for more effective remediation. And grow and build trust across your ecosystem without worrying about expanded risk. Vulnerability Response not only facilitates communication with vendors but also allows you to track responses with more precision, coupling automated, bulk outreach with status updates and insights.

Bitsight is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss. Built on over a decade of technological innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.

Meet 1Password’s refreshed brand! We’re excited to share our new visual identity today. Our looks may be changing, but our values aren't – we're on a mission to build a safer, simpler digital future for everyone.

Sebastian Glab, Cloud Architect at CloudCasa, shows you how Cloud Casa for Velero allows Velero users to manage their cluster using our software as a service platform. By plugging directly into Velero, CloudCasa provides user friendly, intuitive UI for Kubernetes cluster management utilizing Velero as the backup tool. Users can centrally manage their current backups and configuration across multiple clusters and cloud providers (AKS, EKS and GKE) in one place. They don't have to jump across different environments, access different clusters to see what's going on, they can simply go to Cloud Casa, and manage everything from there. The best part is that Velero users can get all these benefits without worrying about infrastructure management, without causing any disruptions or without having to undergo any migration process.