Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This week on The 443, Corey Nachreiner and Marc Laliberte discuss the latest software supply chain attack with a potential blast radius of thousands of organizations. They then cover a new protocol vulnerability in the Wi-Fi wireless standard before ending with some research into insecure Microsoft Azure applications.

With cyberattacks on the rise, cyber insurance has become important for CISOs and CEOs to explore, evaluate and understand. In this video, One Identity experts will help you get started.

CISO Global's VP of Solutions Architecture Chris Clements shares what it means to be threat informed and ready & resilient.

Honeytokens or Canary tokens are decoy credentials that alert you when an intruder or hacker is trying to use them. This will alert you to their existence in your infrastructure! They are easy early warning systems. Here is a quick video explanation.

This week on the podcast, we cover two new publications out of CISA. First, we dive into CISA's guidance to manufacturers and customers on products that are secure-by-design and secure-by-default. Next, we discuss CISA's latest Zero Trust Maturity Model which any organization can use to gauge how far along they are on the ZTA path and where the should focus their efforts next. Finally, we end wit some research from Blaze Information Security on a series of vulnerabilities in a play-to-earn blockchain game.

Speakers: AJ Nurcombe (Corelight), Brandon Dunlop (ISC2) Threat hunting is a challenge to get right, with many potential pitfalls. There are twenty different definitions for threat hunting and ten different ways to do it. Organisations vary from having zero presence in their threat hunting program to multiple full-time hunters, but unfortunately, they often miss many critical pieces. This webinar will cover the common oversights that organisations fall foul of as well as emphasising the importance of network evidence in your threat hunting framework.

CrowdStrike Zero Trust Assessment (CrowdStrike ZTA) provides customers the ability to assess their endpoint security posture, allowing AWS Verified Access to provide conditional access to resources that comply with their organization’s device posture policies.