The future of security validation – what next? [CyberWire-X]

CyberWire Daily

N2K Networks, Inc.

Technology, Daily News, News, Tech News

4.8 • 1.1K Ratings

🗓️ 3 May 2022

⏱️ 29 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Security executives need visibility into their real cyber risk in real time. But with the flood of vulnerability alerts, how can organizations pinpoint impactful security gaps? To meet this challenge, security teams are shifting to an exploit-centric approach to security validation to expose potential threats from ransomware, leaked credentials, phishing, & more. On this episode, of CyberWire-X, we explore how automation can help teams make this shift to prioritize remediation based on bottom line business impact. Rick Howard, the CyberWire's CSO, Chief Analyst and Senior Fellow, discusses the topic with Rick Doten, CISO, Carolina Complete Health and CyberWire Hash Table member, while Dave Bittner, CyberWire podcast host, engages with Sponsor Pentera's Jay Mar-Tang, Sales Engineering Manager for the Americas, about automated security validation. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K. Hey everyone.
0:20.0	Welcome to CyberWireX, a series of specials where we highlight important security topics
0:25.2	affecting security professionals worldwide.
0:28.0	I'm Rick Howard, the chief security officer, chief analyst, and senior fellow at the
0:32.2	CyberWire,
0:33.0	and today's episode is titled,
0:35.0	The Future of Security Validation.
0:37.0	What's next?
0:38.0	It's clear that security executives need visibility
0:41.0	into their actual cyber risk in real time.
0:44.9	But with the flood of security alerts, it's tough for organizations to pinpoint impactful
0:49.7	security gaps.
0:51.3	To meet this challenge, security teams are shifting to an exploit-centric approach to security
0:56.1	validation. In other words they are looking towards adversary group
0:59.6	emulation the process of imitating the tactics, techniques, and procedures of a specific
1:04.2	adversary in order to assess and improve how resilient an organization is against
1:09.1	known adversary attack sequences, in other words, red teaming.
1:13.0	In this episode, I've invited two subject matter experts to the cyberwire hash table
1:18.0	to discuss the current state of red teaming, blue teaming, purple teaming, and penetration testing.
1:23.7	A program note, each CyberWireX special features two segments.
1:28.0	In the first part, we'll hear from an industry expert on the topic at hand,
1:31.1	and in the second part, we'll hear from our show's sponsor for their point of view.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.