Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Innehåll tillhandahållet av Security Weekly Productions. Allt poddinnehåll inklusive avsnitt, grafik och podcastbeskrivningar laddas upp och tillhandahålls direkt av Security Weekly Productions eller deras podcastplattformspartner. Om du tror att någon använder ditt upphovsrättsskyddade verk utan din tillåtelse kan du följa processen som beskrivs här https://sv.player.fm/legal.
Liknande Enterprise Security Weekly (Audio)
The American healthcare system is one of the most innovative in the world. But it’s also riddled with complex challenges, such as access to affordable medications, inefficiency and administrative burdens, and communication barriers between providers. There’s clearly a better way—and at Surescripts, we have a unique sightline into what that may be. In this series, host Melanie Marcus, Chief Marketing Officer of Surescripts, sits down with today’s most inspiring and innovative leaders in healt ...
…
continue reading
A podcast about web design and development.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
We help founders make something people want.
…
continue reading
Big tech is transforming every aspect of our world. But how? And at what cost? This season of Land of the Giants – The Twitter Fantasy – will tell the story of Twitter (X) at a crucial moment for the platform, exactly one year after Elon Musk took over. Hosted by Vox senior correspondent Peter Kafka, the four-episode season will survey the company's outsize influence on politics and culture. How did Twitter become the Internet’s town square, for better and for worse? And where is it heading, ...
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Player FM - Podcast-app
Gå offline med appen Player FM !
Gå offline med appen Player FM !
))
Autonomous - I don't think that word means what you think it means - Adam Shostack, Ely Kahn - ESW #359
Manage episode 414627444 series 2794639
Innehåll tillhandahållet av Security Weekly Productions. Allt poddinnehåll inklusive avsnitt, grafik och podcastbeskrivningar laddas upp och tillhandahålls direkt av Security Weekly Productions eller deras podcastplattformspartner. Om du tror att någon använder ditt upphovsrättsskyddade verk utan din tillåtelse kan du följa processen som beskrivs här https://sv.player.fm/legal.
A clear pattern with startups getting funding this week are "autonomous" products and features.
- Automated detection engineering
- Autonomously map and predict malicious infrastructure
- ..."helps your workforce resolve their own security issues autonomously"
- automated remediation
- automated compliance management & reporting
I'll believe it when I see it. Don't get me wrong, I think we're in desperate need of more automation when it comes to patching and security decision-making. I just don't think the majority of the market has the level of confidence necessary to trust security products to automate things without a human in the loop.
The way LimaCharlie is going about it, with their new bi-directional functionality they're talking up right now, might work, as detections can be VERY specific and fine-grained.
We've already seen a round of fully automated guardrail approaches (particularly in the Cloud) fail, however. My prediction? Either what we're seeing isn't truly automated, or it will become a part of the product that no one uses - like Metasploit Pro licenses.
We've talked about generative AI in a general sense on our podcast for years, but we haven't done many deep dives into specific security use cases. That ends with this interview, as we discuss how generative AI can improve SecOps with Ely Kahn. Some of the use cases are obvious, while others were a complete surprise to me. Check out this episode if you're looking for some ideas!
This segment is sponsored by SentinelOne. Visit https://securityweekly.com/sentinelone to learn more about them!
This is a great interview with Adam Shostack on all things threat modeling. He's often the first name that pops into people's heads when threat modeling comes up, and has created or been involved with much of the foundational material around the subject. Adam recently released a whitepaper that focuses on and defines inherent threats.
Resources:
- Here's the Inherent Threats Whitepaper
- Adam's book, Threat Modeling: Designing for Security
- Adam's latest book, Threats: What Every Engineer Should Learn from Star Wars
- We mention the Okta Breach - here's my writeup on it
- We mention the CSRB report on the Microsoft/Storm breach, here's Adam's blog post on it
- And finally, Adam mentions the British Library incident report, which is here, and Adam's blog post is here
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-359
371 episoder
Dela
Manage episode 414627444 series 2794639
Innehåll tillhandahållet av Security Weekly Productions. Allt poddinnehåll inklusive avsnitt, grafik och podcastbeskrivningar laddas upp och tillhandahålls direkt av Security Weekly Productions eller deras podcastplattformspartner. Om du tror att någon använder ditt upphovsrättsskyddade verk utan din tillåtelse kan du följa processen som beskrivs här https://sv.player.fm/legal.
A clear pattern with startups getting funding this week are "autonomous" products and features.
- Automated detection engineering
- Autonomously map and predict malicious infrastructure
- ..."helps your workforce resolve their own security issues autonomously"
- automated remediation
- automated compliance management & reporting
I'll believe it when I see it. Don't get me wrong, I think we're in desperate need of more automation when it comes to patching and security decision-making. I just don't think the majority of the market has the level of confidence necessary to trust security products to automate things without a human in the loop.
The way LimaCharlie is going about it, with their new bi-directional functionality they're talking up right now, might work, as detections can be VERY specific and fine-grained.
We've already seen a round of fully automated guardrail approaches (particularly in the Cloud) fail, however. My prediction? Either what we're seeing isn't truly automated, or it will become a part of the product that no one uses - like Metasploit Pro licenses.
We've talked about generative AI in a general sense on our podcast for years, but we haven't done many deep dives into specific security use cases. That ends with this interview, as we discuss how generative AI can improve SecOps with Ely Kahn. Some of the use cases are obvious, while others were a complete surprise to me. Check out this episode if you're looking for some ideas!
This segment is sponsored by SentinelOne. Visit https://securityweekly.com/sentinelone to learn more about them!
This is a great interview with Adam Shostack on all things threat modeling. He's often the first name that pops into people's heads when threat modeling comes up, and has created or been involved with much of the foundational material around the subject. Adam recently released a whitepaper that focuses on and defines inherent threats.
Resources:
- Here's the Inherent Threats Whitepaper
- Adam's book, Threat Modeling: Designing for Security
- Adam's latest book, Threats: What Every Engineer Should Learn from Star Wars
- We mention the Okta Breach - here's my writeup on it
- We mention the CSRB report on the Microsoft/Storm breach, here's Adam's blog post on it
- And finally, Adam mentions the British Library incident report, which is here, and Adam's blog post is here
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-359
371 episoder
Усі епізоди
×
Välkommen till Player FM
Player FM scannar webben för högkvalitativa podcasts för dig att njuta av nu direkt. Den är den bästa podcast-appen och den fungerar med Android, Iphone och webben. Bli medlem för att synka prenumerationer mellan enheter.
Liknande Enterprise Security Weekly (Audio)
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
The American healthcare system is one of the most innovative in the world. But it’s also riddled with complex challenges, such as access to affordable medications, inefficiency and administrative burdens, and communication barriers between providers. There’s clearly a better way—and at Surescripts, we have a unique sightline into what that may be. In this series, host Melanie Marcus, Chief Marketing Officer of Surescripts, sits down with today’s most inspiring and innovative leaders in healt ...
…
continue reading
A podcast about web design and development.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
We help founders make something people want.
…
continue reading
Big tech is transforming every aspect of our world. But how? And at what cost? This season of Land of the Giants – The Twitter Fantasy – will tell the story of Twitter (X) at a crucial moment for the platform, exactly one year after Elon Musk took over. Hosted by Vox senior correspondent Peter Kafka, the four-episode season will survey the company's outsize influence on politics and culture. How did Twitter become the Internet’s town square, for better and for worse? And where is it heading, ...
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Player FM - Podcast-app
Gå offline med appen Player FM !
Gå offline med appen Player FM !
