In this week's episode, Randy covers the Hive Ransomware Group, the reemergence of Scarab APT, and a few stories that have nothing to do with insects...

Featured stories include:

• An update on Lapsus$ and liability
• Hive Ransomware Group and remote access
• Scarab APT reemergence targeting Ukraine
• Rockwell Automation vulnerabilities
• PCI 4.0
• Gartner's cybersecurity trends for 2022
  
  

In this episode, Randy Watkins covers the biggest stories on our news feeds today: the Oscars and the Okta Breach.

See how many Will Smith movie references Randy can fit in a minute, and starting at 1:09, get filled in on the latest information about Lapsus$ - a juvenile threat group causing adult problems.

Join CRITICALSTART CTO and SON OF A BREACH! podcast host Randy Watkins as he talks with IDC Program Director, Security Services, Craig Robinson.  The two discuss the Critical Start sponsored IDC white paper, "In Cybersecurity Every Alert Matters". 

The two share their thoughts on: 

• Making organizations more secure in the face of ongoing digital transformations
•  The value of internal talent to prioritize business outcomes in cybersecurity
• Predictions around MDR and alert resolution

Special thanks to Craig Robinson!

Join CRITICALSTART CTO and SON OF A BREACH! podcast host Randy Watkins as he winds up our Rated XDR series. After four previous episodes with CRITICALSTART integration partners about their extended detection and response platforms and strategies, Watkins shares his thoughts on:

• How to define and evaluate XDR offerings
• Why you can expect XDR to displace SIEM
• What’s cooking in the alphabet soup of detection and response with EDR, NDR, MDR, and even MXDR
•  Which analyst you should be following in the XDR space

Special thanks to our Rated XDR visionaries, and be sure to catch their previous episodes if you missed any:

• Ajit Sancheti, VP of Identity Protection, CrowdStrike 
• Ann Johnson, CVP Security, Compliance, and Identity at Microsoft
• Yonni Shelmerdine, AVP of Product and Head of XDR at SentinelOne
• Tim Junio, SVP of Products, Cortex at Palo Alto Networks

 Any guesses on our next series in the podcast? Stay tuned to find out on SON OF A BREACH!

Palo Alto Networks introduced the industry's first XDR product in February 2019, going beyond endpoint to extended detection and response. Building on the success of their next-generation firewalls, the company continues to disrupt in cybersecurity by integrating in-house innovation with a steady string of acquisitions.

In this fourth episode of “Rated XDR”, a SON OF A BREACH! series focused on XDR, Tim Junio, SVP of Products, Cortex at Palo Alto Networks joins CRITICALSTART CTO Randy Watkins to discuss Palo Alto Networks’ XDR strategy and R&D focus, including:

• Which capabilities and types of data define XDR
• How joining endpoint data with network data helped deliver a breakthrough in detection and prevention capabilities
• What sets XDR apart from SIEM and endpoint detection approaches in the modern SOC
• What to expect from Palo Alto Networks Cortex® XDR™ 3.0 and beyond

Junio is Senior Vice President of Products, Cortex at Palo Alto Networks and former Co-Founder and Chief Executive Officer of Expanse, which Palo Alto Networks acquired in December 2020. He has more than a decade of experience in cyber operations and large-scale distributed sensing. Prior to co-founding Expanse, he worked at DARPA, RAND Corporation, Office of the Secretary of Defense, and the CIA. Junio holds a Ph.D. from the University of Pennsylvania and was a Postdoctoral Fellow at Stanford University.

 SentinelOne recently made headlines as the highest-valued cybersecurity IPO ever. In a bid to revolutionize extended detection and response (XDR) and further broaden the company’s scope of detection capability, SentinelOne has acquired Scalyr, a leading cloud-native, cloud-scale data analytics platform.

In this third episode of “Rated XDR”, a SON OF A BREACH! series focused on XDR, SentinelOne AVP of Product and Head of XDR, Yonni Shelmerdine, joins CRITICALSTART CTO, Randy Watkins, to discuss SentinelOne’s development strategy and approach, including:

·       What has most significantly impacted the product group’s evolution and innovation

·       How the recent Scalyr acquisition fits with SentinelOne’s in-house product development

·       What future capabilities to expect from the Ranger IoT product line 

·       Reaction to Gartner’s assessment of SentinelOne in the newest Magic Quadrant for Endpoint Protection Platforms

Shelmerdine leads the EDR, XDR, Big Data and Security Research product areas at SentinelOne. Previously, he held product leadership roles at Cybereason, Check Point, Lacoon, and several other early stage start-ups. Shelmerdine is also a veteran of an elite intelligence unit in the Israel Defense Forces and has won multiple awards.

We’ve all seen the negative news about the latest security breaches and ransomware attacks. But we must not forget that the cybersecurity industry prevents many more cyberattacks every day that don’t make headlines.

Companies like Microsoft are building security into their tech offerings, securing organizations that increasingly turn to technology to protect against business disruptions.

In this second of a series of SON OF A BREACH! podcast episodes focused on extended detection and response (XDR), CRITICALSTART CTO Randy Watkins welcomes Microsoft Corporate Vice President of Security, Compliance, and Identity Ann Johnson, to give us a look behind the scenes of Microsoft’s security strategy, including:

·       How Microsoft raised its credibility in the security industry and continues to stay competitive 

·       Why Microsoft wants their Azure Sentinel – a cloud-native SIEM and XDR delivery platform – to become the master brain of your security operations center

·       The role of XDR in solving alert fatigue caused by overly excited detection logic

·       How Microsoft prioritizes their efforts given the constantly evolving threat landscape

As the change agent who ushered Microsoft to the top of the security industry, Johnson oversees Microsoft’s long-term investment and partnership strategies for security, compliance, and identity. She discusses core areas shaping the cyber landscape on her podcast, Afternoon Cyber Tea.

Conference badges have evolved from paper and plastic to collectable mini-computers of all shapes and sizes, coveted and collected by security professionals and enthusiasts. The rise of #Badgelife signifies one of the most creative offshoots of security conferences, with its underground culture of hardware art and ingenuity. 

 In this episode of SON OF A BREACH!, CRITICALSTART CTO Randy Watkins welcomes badge creator Florida Man, a/k/a Jonathan Singer, to celebrate the allure of #Badgelife, reveal how deep the culture runs, and share tips on how to get started in the community. 

Tune in to learn:

·       The colorful, flashy history of #Badgelife

·       How unofficial conference badges have come to symbolize the security culture’s uniqueness and sense of community 

·       Steps to start collecting or creating digital badges that people want to take home and talk about

·       What tools and techniques you need to design and produce your own #Badgelife creation

Both fun and functional, digital badges celebrate computers and the security around them at the hardware level. Many are intentionally hackable so you can take control of the lights, noises, and other built-in features. 

Singer shares some favorites from his extensive badge collection, which you can see by watching the recorded video of this podcast episode on YouTube.

Jonathan Singer is SIEM and SOAR Practice Lead at GuidePoint Security, with certifications including GPEN, GWAPT, GCIA, GCFE, and CEH. He is a self-taught badge creator, who launched his first digital badge at Bsides Orlando 2013. Singer also shares his passion for cybersecurity and hardware on his YouTube channel.