ESW #305 - Tom Goings, Ashley Leonard - a podcast by paul@securityweekly.com

from 2023-02-10T17:30:04

:: ::

Tanium has recently released a new capability called Tanium Software Bill of Materials (SBOM) to help customers identify third-party libraries associated with software packages.

• What is Tanium SBOM

• Why is it different and why do you need it

• How to configure SBOM

• How to query for the details about every software application in your environment

• Where your vulnerable packages exist

• Ways that Tanium can remediate vulnerabilities from OpenSSL to Struts to Log4j today as well as new supply-chain vulnerabilities in the future

 

No one knows what the next supply chain vulnerability is going to be, but with Tanium, you will have access to data about how your applications are affected before it happens so that when it does, you're ready to take action to remediate the issue from within the Tanium XEM platform.

 

Segment Resources:

https://www.tanium.com/products/tanium-sbom/

 https://www.tanium.com/press-releases/tanium-launches-software-bill-of-materials-for-unprecedented-visibility-to-combat-supply-chain-threats/

 https://www.tanium.com/blog/software-bill-of-materials-openssl/

 

This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more about them!

 

Syxsense and Enterprise Management Associates (EMA) recently teamed up to publish a survey around the current state of Zero Trust within enterprises as well as where it’s going. This interview will discuss the key findings and insights into the challenges many organizations face around Zero Trust, as well as endpoint security and network access.

Segment Resources:

https://www.syxsense.com/advancing-zero-trust-priorities

 

In the Enterprise News: Whether you want insurtechs or not, they’re here and you’re getting them! Don't worry - we’ll explain what insurtechs are. Two potential deals to take security companies private: Sumo Logic and Rapid 7! Looks like 32 year old security company Cyren is shutting down, hoping for an asset sale. They've already laid off all their employees. Big drama: a firm shorts Darktrace and releases a scathing report. We've got yet more more layoffs this week, but don't fret - the NSA is hiring! 

For our squirrel stories, we'll be deciding between three stories: codebreakers solve 500 year old ciphers, the real cost of meetings visualized, and sushi terrorists!

All that and more, on this episode of Enterprise Security Weekly.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

 

Show Notes: https://securityweekly.com/esw305

Further episodes of Security Weekly Podcast Network (Audio)

Further podcasts by paul@securityweekly.com

Website of paul@securityweekly.com