TWiET 363: Al Dente Security Tools

Beep boop - this is a robot. A new show has been posted to TWiT…

What are your thoughts about today’s show? We’d love to hear from you!

Was listening to the Al Dente Security Tools and have an opinion as a manager that has to try and manage this chaos that is cyber security.

I understand that the tools are a band aid to help us get a handle on a problem. From my perspective they act as a method of visualizing the issue.

I agree with Lou that they can make things worse, because they can add complexity that makes it harder to setup properly. I also agree that we are looking for suites of solutions that we can bank on.

Security is an impossible problem for most organizations. I was listening to another episode recently where you guy’s were talking about Glitching, and then you have the Security Now podcast that scares the daylights out of me every time I listen to it.

Where do we go for real solutions. Solutions that help against Ransom ware or any of the million other potential attack vectors we have. Are the cloud solutions available from Microsoft, cisco etc something we should be looking at? Where do we go to learn more about making ourselves more secure?

1 Like

These are GREAT questions Seamus. So good, I think we should cover them in a future episode, or two. :slight_smile:

Hackers tend to find innovative ways to bypass the known rules, and before a security expert knows about the breach, it is often too late. There are new services and tools that are using Machine learning, and even AI, to determine weak points in the network and detect network anomalies. This is catching issues proactively and sometimes reactively during an event. In addition to scanning devices, architecting a Zero Trust network and building new solutions and secure hardware/hardened OS, there is a need to go further to protect environments built at global scale. This is where I believe AI has a strong use case.There is an interesting read here. Zero Trust is a new mindset and methodology, but it means adopting a “never trust, always verify” stance towards access and authentication. That’s a good place to start.

Now there is, however, growing adoption of “as a service” security solutions, with the most common being endpoint security as a service and threat protection as a service. From experience, Malwarebytes (top), Sophos (tie with the top), Symantec, Webroot, Trend Micro, Bitdefender, and ESET are also among the top endpoint security providers. Sophos is a sponsor, but I can also tell you we use it at a corporate level to secure all BYOD on our network (100+K employees) It’s exceptional!

Next level stuff is, AI-powered network security appliances. Take a look at network security appliances from Cisco, SonicWall, and Meraki by Cisco, which are the most commonly used by businesses today. Sophos, Fortinet, and Barracuda are also among the top providers. Other notable players are Palo Alto Networks, WatchGuard, and pfSense.

I could go on and on, but I hope this helps so far. Like I said, we should do a show about it. :slight_smile:

2 Likes

Hello Lou,
We currently use the Meraki Firewall and have some of their equipment in an offsite warehouse, so I am glad to hear you mention them.
As for the rest, this is great and I am sure there are many people that listen to the show that are thinking about the issue at this scale, what about the small guy’s. The ones that have one location, or have a small IT staff of just 1 or 2 , the SMB companies that have limited resources, limited budgets and even more concerning limited support for these types of events (Until after they have happened.)
I would love to hear a good method of calculating ROI for a new Cloud based AI based security system, or starting a zero trust model. I personally try using the a spread sheet that Douglas Hubbard produced as part of the “How to measure Anything: Finding the value of intangibles in business”.
In the spreadsheet you set up a series of random experiments, I normally use 40,000. You have a series of questions and you structure the calculation to use the values and calculate a value. With this method you can more easily get a better idea of how effective a change will be. It does a good job of showing the potential risk of an event or probability of something happening, or how ever you want to structure the calculation.
Lastly, I noticed that you left Microsoft out of the list of security services. We are users of Office 365 and I am curious as to why Azure Active Directory or ATP or Intune for device were not included? (Full disclosure I am considering trying to push these as solutions to some of our current gaps.)
Again I would like to thank you for the answer you provided and I agree that there is some very interesting activity in AI and Machine Learning. There was good information in that article that you provided.
I am a long time listener, I think I started with the first episode, and look forward to listening to the show each week.

1 Like