Home Black Hat Deep Tech Essays Fireside Chat My Take News Alerts Q&A RSAC Videocasts About Contact



Black Hat Fireside Chat: ‘UEM’ solutions seek to protect endpoints, preserve user experience

By Byron V. Acohido

LAS VEGAS — Shadow IT and BYOD security exposures have long bedeviled businesses – ever since the iPhone and Dropbox first came on the scene.

Covid 19 only intensified the problem of how to securely manage the personally owned devices and unvetted apps employees gravitate to.

At Black Hat USA 2023, taking place here this week, suppliers of unified endpoint management (UEM) solutions collectively will lay out a roadmap for resolving Shadow IT and BYOD once and for all.

UEM vendors range from tech giants IBM, Microsoft and Google to a swelling cottage industry of startups and mid-sized suppliers of mobile device and vulnerability management services.

I had the chance to visit with Ashley Leonard, CEO of Syxsense, a Newport Beach, Calif.-based vendor

Black Hat Fireside Chat: Horizon3.ai makes a strong case for continuous, self-service pentesting

By Byron V. Acohido

LAS VEGAS — Penetration testing, traditionally, gave businesses a nice, pretty picture of their network security posture — at a given point in time.

Related: Going on the security offensive

Such snapshots proved useful for building audit trails, particularly for companies in heavily regulated industries. However, manual pentests never really were very effective at shining a light on emerging cyber exposures of the moment.

Enter advanced pentesting. One of the hot topics at Black Hat USA 2023, which ramps up here this week in the desert heat, is how automation and machine learning are underpinning pentesting solutions deeply and continuously. This self-service, self-directed, continuous infrastructure pentesting approach allows organization to discover their exploitable attack surfaces and reduced their risk.

I had the chance to visit with someone in the thick of this important shift: Snehal Antani, CEO of Horizon3.ai, a San Francisco-based supplier of “autonomous” vulnerability

Black Hat Fireside Chat: Easy come, easy go access strengthens ‘Identity Threat Detection & Response’

By Byron V. Acohido

The rise of the remote workforce, post Covid-19, did nothing to make the already difficult task of doing Identity and Access Management (IAM) any easier for CISOs.

Related: Exposing Shadow IT

With Black Hat USA 2023 ramping up in Las Vegas next week, cybersecurity startup Trustle is championing a new product category—Identity Threat Detection & Response (ITDR)—which aims to enhance the capabilities of legacy IAM solutions.

Companies today are struggling to answer fundamental questions about their cloud environments, such as, who are my users and what can they access? How did they obtain this access? When they don’t need this access, do their identities still exist? Questions like these are a driving force behind the adoption of ITDR, which is becoming a crucial component in the realm of Cloud Infrastructure Entitlement Management (CIEM) and access management.

I had the chance to sit down with Trustle CEO Emiliano Berenbaum to learn just how ITDR can help companies much more efficiently manage user identities and access privileges, while also strengthening

RSAC Videocast: As network perimeters shift and ecosystems blend, the role of MSSPs solidifies

By Byron V. Acohido

Deepening interoperability of AI-infused systems – in our buildings, transportation grids, communications systems and medical equipment — portend amazing breakthroughs for humankind.

Related: The coming of optical infrastructure

But first businesses must come to grips with the quickening convergence of their internal and external computing resources. And that’s no small task.

I had the chance to discuss this with Shinichi Yokohama, NTT Global CISO and John Petrie, Counselor to the NTT Global CISO, at RSA Conference 2023. It was a rare opportunity to get the perspective of senior executives responsible for protecting a Fortune 100 global enterprise.

We discussed how the boundaries between in-company and out-of-company IT infrastructure have become increasingly blurred making network security more challenging than ever. For a full drill, please view the accompanying videocast. Here are a few takeaways:

A converged ecosystem

Cloud migration and rapid software development were both on a rising curve when Covid 19 hit and the global economy suddenly shut down in 2020. As companies adjusted in the post pandemic operating environment, Internet-centric services rose to the fore.

This accelerated the convergence of on-premises and cloud-hosted IT infrastructure. Today, data storage and processing power are prominently

FIRESIDE CHAT: Outrageous phone bills stun businesses targeted for ‘SMS toll fraud’

By Byron V. Acohido

SMS toll fraud is spiking. I learned all about the nuances of deploying – and defending – these insidious attacks in a recent visit with Arkose Labs CEO, Kevin Gosschalk, who explained how the perpetrators victimize businesses that use text messages to validate phone users signing up for a new account.

Related: Countering Putin’s weaponizing of ransomware

The fraudsters set themselves up as “affiliates” of phone companies in Indonesia, Thailand and Vietnam and then use bots to apply for online accounts, en masse, at a targeted business. The con: each text message the business then sends in return —  to validate the applicant — generates a fee for the phone company which it shares with the affiliate.

This fraudulent activity usually remains undetected until the business receives a bill for an unusually high number of

RSAC Fireside Chat: Fusing ‘TIP’ and ‘SOAR’ to defend hybrid-cloud, multi-cloud networks

By Byron V. Acohido

When Threat Intelligence Platform (TIP) and Security Orchestration, Automation and Response (SOAR) first arrived a decade or so ago, they were heralded as breakthrough advances.

Related: Equipping SOCs for the long haul

TIP and SOAR may yet live up to that promise. I had an evocative discussion about this at RSA Conference 2023 with Willy Leichter, vice president of marketing, and Neal Dennis, threat intelligence specialist, at Cyware, which supplies a cyber fusion solution built around advanced TIP and SOAR services. For a full drill down, please give the accompanying podcast a listen.

TIP and SOAR may have been slightly ahead of the curve; today, they argued, TIP and SOAR align perfectly

RSAC Fireside Chat: A breakthrough in securing cloud collaboration — decentralized key storage

By Byron V. Acohido

Back in 2002, when I was a reporter at USA Today, I had to reach for a keychain fob to retrieve a single-use passcode to connect remotely to the paper’s publishing system.

Related: A call to regulate facial recognition

This was an early example of multifactor authentication (MFA). Fast forward to today; much of the MFA concept is being reimagined by startup Circle Security to protect data circulating in cloud collaboration scenarios.

I learned about this at RSA Conference 2023 from company Co-founder and CEO Phani Nagarjuna, who explained how Circle extends the use of encryption keys fused to biometrics and decentralizes where copies of