#2 - Practical uses of the Secure Controls Framework
Manage episode 353106870 series 3438766
Cybersecurity Growth
- livestream and podcast
Duration: Weekly, 90 minutes
Title: Cybersecurity Growth #2 - Practical uses of the Secure Controls Framework
Opening
- When You Arrived instrumental as theme song
Welcome to Cybersecurity Growth. A show for aspiring and existing cybersecurity leaders. I’m your host Shawn Valle, Exec Director and CISO of Cybersecurity Growth
Former Chief Security Officer of Rapid7 and former CISO of Tricentis
Musician here on Twitch and elsewhere, MusicBySV (more on that later)
Top News Stories
New emergent threat response: "CVE-2022-47966: Rapid7 Observed Exploitation of Critical ManageEngine Vulnerability."
Glenn Thorpe of Rapid7 “This has kept us busy over the past 24+ hours. If you’re running ManageEngine software you should:
1. Patch it always no questions asked just do it.
2a. Keep it as segmented as possible from the public internet regardless of its function.
2b. Migrate away from it.”
Dozens of products impacted.
Access Manager Plus*
Active Directory 360**
ADAudit Plus**
ADManager Plus**
ADSelfService Plus**
Analytics Plus*
Application Control Plus*
Asset Explorer**
Browser Security Plus*
Device Control Plus*
Endpoint Central*
Endpoint Central MSP*
Endpoint DLP*
Key Manager Plus*
OS Deployer*
PAM 360*
Password Manager Pro*
Patch Manager Plus*
Remote Access Plus*
Remote Monitoring and Management (RMM)*
ServiceDesk Plus**
ServiceDesk Plus MSP**
SupportCenter Plus**
Vulnerability Manager Plus*
https://www.csoonline.com/article/3684850/11-top-xdr-tools-and-how-to-evaluate-them.html
By Tim Ferrill CSO Online
11 top XDR tools and how to evaluate them
Extended detection and response tools provide a deeper and more automated means to identify and respond to threats. These are some of the most popular options.
XDR is a relatively new class of security tool that combines and builds on the strongest elements of security incident and event management (SIEM), endpoint detection and response (EDR), and even security orchestration and response (SOAR).
Trend Micro,
Microsoft XDR,
Palo Alto Networks Cortex XDR,
Crowdstrike Falcon Insight XDR,
Bitdefender GravityZone Business Security Enterprise,
SentinelOne Singularity XDR,
Cybereason XDR,
VMware Carbon Black XDR,
Elastic Security for XDR,
Trellix XDR Platform,
Cynet 360 AutoXDR
https://www.csoonline.com/article/3685670/attackers-deploy-sophisticated-linux-implant-on-fortinet-network-security-devices.html
Attackers deploy sophisticated Linux implant on Fortinet network security devices
The exploit allows attackers to remotely execute arbitrary code and commands without authentication.
Fortinet disclosed that a critical vulnerability in its FortiOS operating system was being exploited by attackers in the wild. This week, after additional analysis, the company released more details…
…the original zero-day attack was highly targeted to government-related entities…
… CVE-2022-42475, is in the SSL-VPN functionality of FortiOS and can be exploited by remote attackers without authentication. Successful exploitation can result in the execution of arbitrary code and commands.
Patch your Fortinet gear.
Death By Slides
- Practical uses of the Secure Controls Framework
What’chu Listening To or Creating
- Talk about music
That’s a Wrap
- Concluding topics
- Thank you for listening
- Web address, socials
- I’m Shawn Valle, creator of this show and the music here on Cybersecurity Growth
- Cybersecuritygrowth.com and cybersecuritygrowth.com/blog
- @shawnvalle or @cybersecuritygrowth
- If you like the show, please tell your friends. If you hate it, tell your adversaries. Like/subscribe and leave 5-stars and a review like “great show, I learned something new to help me in my cybersecurity career.”
- This week we covered
- Practical application of the Secure Controls Framework. Picking up from where we left off last week. My takeaway is, if you are dealing with 3 or more security/privacy frameworks, it’s worth investing time into SCF and possibly a tool that uses SCF as an overarching security framework, for all your compliance/security/privacy frameworks. It may save you time, and provides a wholistic framework for just about any control you could imagine. But, it could be overwhelming, if you are just getting started...so, if you are just getting started on your compliance/security/privacy journey, you may want to wait a year or two before you jump into SCF.
- Plans for next week
- [My approach for the first 100 days as a security leader (this could be as a CISO, but also as a Director of team reporting to the CISO – like GRC Dir, SecOps Dir, ProdSec Dir, etc.)]
- Live on Twitch weekly, Fridays at 10:30 AM EST, 7:30 AM PST, 3:30 PM GMT in your pod feeds a few days later.
24 episodi