To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Artwork

Paul Asadoorian Security Weekly Security Tech Software Development Podcasting Education News Discussions
Content provided by Security Weekly Productions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

Similar to Enterprise Security Weekly (Audio)

Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Enterprise Security Weekly (Audio) « »
What is old is new again: default deny on the endpoint - Colby DeRodeff, Danny Jenkins - ESW #402

2:03:21
 
Play
Playing
Share
 

MP3Episode home
Manage episode 477076980 series 1161048
Content provided by Security Weekly Productions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

Default deny is an old, and very recognizable term in security. Most folks that have been in the industry for a long time will associate the concept with firewall rules. The old network firewalls, positioned between the public Internet and private data centers, however, were relatively uncomplicated and static. Most businesses had a few hundred firewall rules at most.

The idea of implementing default deny principles elsewhere were attempted, but without much success. Internal networks (NAC), and endpoints (application control 1.0) were too dynamic for the default deny approach to be feasible. Vendors built solutions, and enterprises tried to implement them, but most gave up.

Default deny is still an ideal approach to protecting assets and data against attacks - what it needed was a better approach. An approach that could be implemented at scale, with less overhead. This is what we’ll be talking to Threatlocker’s CEO and co-founder, Danny Jenkins, about on this episode. They seemed to have cracked the code here and are eager to share how they did it.

This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them!

We wanted security data? We got it! Now, what the heck do we DO with all of it?

The core challenge of security operations, incident response, and even compliance is still a data management and analysis problem. Which is why we’re seeing companies like Abstract Security pop up to address some of these challenges.

Abstract just released a comprehensive eBook on security data strategy, linked below, and you don’t even need to give up an email address to read it! In this interview, we’ll talk through some of the highlights:

  • Challenges
  • Myths
  • Pillars of a data security strategy
  • Understanding the tools available

Segment Resources

In the enterprise security news,

  1. new startup funding
  2. what happened to the cybersecurity skills shortage?
  3. tools for playing with local GenAI models
  4. CVE assignment drama
  5. a SIEM-agnostic approach to detection engineering
  6. pitch for charity
  7. a lost dog that doesn’t want to be found

All that and more, on this episode of Enterprise Security Weekly.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-402

  continue reading

422 episodes

#Paul Asadoorian #Security Weekly #Security #Tech #Software Development #Podcasting Education #News Discussions
Artwork

What is old is new again: default deny on the endpoint - Colby DeRodeff, Danny Jenkins - ESW #402

Enterprise Security Weekly (Audio)

113 subscribers

published

Play Playing
iconShare
 
MP3Episode home
Manage episode 477076980 series 1161048
Content provided by Security Weekly Productions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

Default deny is an old, and very recognizable term in security. Most folks that have been in the industry for a long time will associate the concept with firewall rules. The old network firewalls, positioned between the public Internet and private data centers, however, were relatively uncomplicated and static. Most businesses had a few hundred firewall rules at most.

The idea of implementing default deny principles elsewhere were attempted, but without much success. Internal networks (NAC), and endpoints (application control 1.0) were too dynamic for the default deny approach to be feasible. Vendors built solutions, and enterprises tried to implement them, but most gave up.

Default deny is still an ideal approach to protecting assets and data against attacks - what it needed was a better approach. An approach that could be implemented at scale, with less overhead. This is what we’ll be talking to Threatlocker’s CEO and co-founder, Danny Jenkins, about on this episode. They seemed to have cracked the code here and are eager to share how they did it.

This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them!

We wanted security data? We got it! Now, what the heck do we DO with all of it?

The core challenge of security operations, incident response, and even compliance is still a data management and analysis problem. Which is why we’re seeing companies like Abstract Security pop up to address some of these challenges.

Abstract just released a comprehensive eBook on security data strategy, linked below, and you don’t even need to give up an email address to read it! In this interview, we’ll talk through some of the highlights:

  • Challenges
  • Myths
  • Pillars of a data security strategy
  • Understanding the tools available

Segment Resources

In the enterprise security news,

  1. new startup funding
  2. what happened to the cybersecurity skills shortage?
  3. tools for playing with local GenAI models
  4. CVE assignment drama
  5. a SIEM-agnostic approach to detection engineering
  6. pitch for charity
  7. a lost dog that doesn’t want to be found

All that and more, on this episode of Enterprise Security Weekly.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-402

  continue reading

422 episodes

#Paul Asadoorian #Security Weekly #Security #Tech #Software Development #Podcasting Education #News Discussions

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Similar to Enterprise Security Weekly (Audio)

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Quick Reference Guide

Top Podcasts
The Bill Simmons Podcast
PTI
First Take
Marketplace
Comedy of the Week
The Bugle
How Did This Get Made?
Doug Loves Movies
Planet Money
TED Talks Daily
NBC Nightly News with Lester Holt
The World This Hour
Daily Boost Motivation and Coaching
Radiolab
Science Friday
This American Life
Criminal
Sword and Scale
In The Dark
Player FM logo
Help/FAQ | Upgrade | Advertise
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2025 | Sitemap | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox
Listen to this show while you explore
Play