Ink8r (in·cu·ba·tor) Podcast

Episode #53 - Productivity Through Self-Awareness

Sun, 11 May 2025 09:00:00 -0700

In this compelling episode of The Incubator Podcast, hosts Satbir Sran and Darren Boyd dive into the theme of productivity with TJ Walia, Founder and CEO of ZenTek Solutions. TJ shares his transformative journey from burnout to balance, sparked by a severe panic attack during his high-pressure career at Microsoft. His story unveils practical strategies for reclaiming productivity through self-awareness and intentional boundaries.

Key takeaways include:
Recognize Burnout: Monitor behavior for signs of chronic stress, like agitation or strained relationships, and pause to assess sustainability.

Set Boundaries: Use tools like calendars to prioritize tasks, block personal time, and avoid multitasking. TJ emphasizes focusing on three key stakeholders and projects to filter out noise.

Embrace Mindfulness: Simple practices, like observing nature or doing nothing, can quiet the mind and boost creativity.

Leverage Technology: Tools like Outlook rules and AI can streamline workflows, saving hours daily.

Communicate Priorities: Proactively reschedule with clients to ensure quality delivery, balancing their needs with personal capacity.

TJ’s approach, now shared through ZenTek, empowers organizations with team-building, morale-boosting strategies, and AI-driven productivity hacks. Connect with him on LinkedIn for corporate development services or to learn how to save 2-4 hours daily. This episode is a must-listen for anyone seeking to escape the rat race and thrive with purpose.

Episode #52 - Exploring Cybersecurity Strategies for 2025

Fri, 09 May 2025 23:00:00 -0700

In this episode of the Incubator Podcast, hosts Satbir Sran and Darren Boyd sit down with Daniel Hooper, a cybersecurity expert with over 25 years of experience, including a decade as a CISO. They dive into the evolving world of cybersecurity, exploring key challenges and strategies for 2025.

Daniel shares his journey from technical roles to a business-focused CISO, emphasizing the need to align security with organizational goals. He highlights AI as a game-changer for enhancing security operations, like investigations in Security Operations Centers, and enabling safe business innovations, such as secure chatbots. However, AI’s accessibility also empowers adversaries, pushing CISOs to stay vigilant through threat modeling and risk assessments.

Looking ahead, Daniel identifies identity management, attack surface, third-party risk, and vulnerability management as top priorities. He advocates for proactive, automated solutions over reactive fixes. On the talent front, he suggests addressing skill gaps with training, promotions, or contractors before hiring full-time staff, ensuring resources match business needs.

Third-party risk, driven by booming SaaS and API integrations, is a growing concern. Daniel calls for standardized risk assessments to cut redundant due diligence, urging focus on business-specific needs like GDPR compliance. He also reflects on the CISO’s increasing accountability, with legal scrutiny from regulators like the SEC adding pressure. Despite this, Daniel remains motivated by the challenge of safeguarding organizations.

Daniel envisions security teams evolving into integrated “Centers of Excellence,” focusing on identity as the new perimeter and proactive risk management over alert-driven responses. Daniel's parting call is for the cybersecurity community to collaborate on streamlined third-party risk frameworks, saving time and sharpening focus on unique business requirements.

Episode #51 - Securing the API Frontier with Salt Security

Sun, 04 May 2025 23:00:00 -0700

In this episode of the Incubator Podcast, hosts Satbir Sran and Darren Boyd sit down with Nick Rago, Vice President of Product Strategy at Salt Security, a leading firm in API security. The conversation dives into the evolution of API security, the pioneering role of Salt Security, and the innovative approaches the company takes to address the growing challenges in the API landscape. Rago shares the origins of Salt Security and how the company is shaping the future of API governance and protection.

*API Security Challenges*
- Evolving Threat Landscape: APIs have become a prevalent attack vector, with adversaries exploiting business logic flaws that traditional edge defenses (e.g., WAFs, CDNs) cannot detect. Approximately 80% of API breaches are schema-compliant, bypassing conventional security measures.
- Visibility and Governance: Many enterprises lack visibility into their API attack surface, treating APIs as untracked IT assets. This leads to misconfigurations, which account for 70% of API breaches, often requiring minimal technical skill to exploit.
- Industry Awakening: Gartner’s 2024 report highlights API breaches as a top security priority. Enterprises are beginning to treat APIs as critical IT assets, integrating them into CMDBs and establishing governance frameworks.

*Salt Security’s Unique Approach*
- Intent Analysis: Unlike traditional behavioral analysis, Salt’s patented technology focuses on intent analysis, identifying malicious activities with high fidelity (only 0.02% of behavioral anomalies are malicious). This prevents SOC overload and enables confident blocking states.
- Comprehensive Governance: Salt emphasizes posture governance, helping organizations define and enforce API standards across their ecosystem. This includes integrating with API gateways and management platforms like Kong to ensure consistency.
- Ease of Deployment: Salt’s platform is designed for quick deployment and delivers deep insights rapidly, identifying top attack vectors, vulnerable endpoints, and usage concentrations. Its policy engine is intuitive, with out-of-the-box policies tailored to various industries.
- Ecosystem Integration: Recent innovations, such as integration with CrowdStrike’s Falcon Foundry, allow for API discovery within minutes by leveraging existing EDR footprints, accelerating time to value.

*Innovations and Future Directions*
- SaltSurface Technology: Introduced last year, this reconnaissance tool identifies externally facing API endpoints, uncovering rogue APIs (e.g., exposed HVAC systems in hotels).
- Data Security and Governance: Salt is expanding its platform to address data security, helping organizations understand what data flows through their APIs and enforce data governance policies.
- AI and LLM Integration: Leveraging advanced machine learning and large language models, Salt’s platform now provides automated SOC feedback, explaining why specific actions (e.g., blocking) are recommended.
- Upcoming Releases: In the first half of 2025, Salt plans to roll out new technologies to further simplify deployment, enhance data governance, and address AI-driven API sprawl.

Episode #3 - Democratizing Telemetry Collection with Morgan McLean

Sun, 04 May 2025 23:00:00 -0700

In this episode, we speak with Morgan McLean, Director of Product Management for Splunk Observability Cloud, and co-founder of OpenCensus and OpenTelemetry. As a governance committee member of the OpenTelemetry project, Morgan is shaping how to democratize the collection of telemetry signals (metrics, logs, traces) into a single braid based on context propagation. Listen as Morgan provides a perspective on Observability and OpenTelemetry, shares how concepts in OpenTelemetry provide support to distributed applications, and lends practical implementation guidance for introducing signal collection standards in the enterprise.

Episode #50 - Building a Data Security Foundation with Bedrock Security

Fri, 14 Feb 2025 20:00:00 -0800

In this episode of the Incubator podcast, co-hosts Satbir Sran and Darren Boyd sit down with Bruno Kurtic, the CEO and co-founder of Bedrock Security, to discuss his journey in enterprise software. Bruno shares his experience building Sumo Logic, a cloud-native log analytics platform that went public, and how those lessons drive innovations at Bedrock Security.

Bruno explains that the core of Bedrock Security’s approach is a "metadata link," which builds a comprehensive data inventory from creation to consumption. This helps organizations discover, classify, and manage data effectively—the foundational step before any security can be implemented. He discusses how Bedrock’s platform leverages generative AI for accurate, scalable, and real-time data analysis, setting it apart from traditional solutions.

The conversation touches on the intersection of data security and AI, advising CXOs and security leaders to focus on data discovery first to create a strong foundation. Bruno emphasizes that when organizations understand their data, they unlock opportunities for smarter security, better compliance, and even cost savings. Bedrock’s focus on data classification, access control, and proactive security measures positions it as a critical tool in managing enterprise data security. The episode concludes with Bruno highlighting new use cases in AI and evolving customer needs.

This discussion is essential for understanding the future of data-centric security and how to approach it strategically within any organization.

Episode #49 - Securing SaaS: Reco’s AI-Driven End-to-End SSPM Solution

Thu, 13 Feb 2025 06:00:00 -0800

In this episode of the Incubator Podcast, hosts Darren Boyd and Satbir Sran welcome Ofer Klein, the co-founder and CEO of Reco.ai, to delve into the evolving landscape of SaaS Security Posture Management (SSPM). Ofer shares his diverse background—from flying helicopters in the Israeli Air Force to launching multiple startups—and explains how his experience, along with the expertise of his co-founders (who bring unique skills from their time in the Israeli FBI), laid the foundation for Reco.ai’s innovative approach to SaaS security.

This podcast episode centers on the explosive growth of SaaS applications in the enterprise environment, a trend that accelerated during the COVID-19 pandemic and continues with the rise of AI-driven tools. Ofer explains how organizations are now managing hundreds of SaaS apps, many of which are shadow applications that can expose significant risks. Reco.ai’s platform tackles this challenge by creating an AI-driven graph that maps every interaction between people, applications, and data in real-time. This comprehensive view enables organizations to discover unknown apps, assess risk through detailed configuration and compliance checks, and execute detection and response strategies—all within one unified solution.

Real-world examples shared during the podcast highlight how the platform has helped companies streamline operations, reduce manual workload by up to 80%, and foster collaboration between security and business teams. Ofer emphasizes the importance of context-based decision-making, which allows organizations to prioritize risks, align with regulatory requirements, and ensure that operational changes do not hinder business productivity.

Looking ahead, Ofer discusses emerging trends in SaaS security, including the increasing complexity of generative AI and the critical need for consolidated, end-to-end security solutions. His advice for organizations is clear: in a landscape where SaaS usage and potential vulnerabilities are growing exponentially, the time to invest in comprehensive SaaS security is now. This conversation not only demystifies the challenges of managing SaaS environments but also offers actionable insights for enterprises striving to secure their digital ecosystems without compromising innovation.

We hope you enjoy the episode as much as we enjoyed hosting Ofer!

Episode #48 - Navigating the Future of AI with Ahead

Sun, 02 Feb 2025 17:00:00 -0800

In this episode of the Incubator Podcast, co-hosts Darren Boyd and Satbir Sran welcome Ethan Rasa, an AI Sales Specialist at Ahead, to explore the evolving landscape of artificial intelligence and how enterprises can harness its potential.

Key Highlights:

Introducing Ahead:
Discover how Ahead—a Chicago-based, multi-billion-dollar company with a nationwide footprint—is driving innovation with a robust portfolio that spans AI strategy, engineering, data science, security, and more. With 3,000 employees (including 2,500 engineers) and a strong presence among Fortune 2000 clients, Ahead is at the forefront of integrating cutting-edge solutions into complex enterprise environments.
Enterprise AI Strategy:
The discussion dives into the importance of a comprehensive data strategy, including data collection, engineering, and governance. Ethan emphasizes that the foundation of successful AI initiatives lies in how companies manage and operationalize their data—whether on-premise, in the cloud, or via hybrid solutions.
Security, Governance, and Ethical AI:
With AI’s rapid adoption come new challenges in data security and ethical considerations. The podcast highlights the necessity of integrating security teams early in the AI development process to safeguard sensitive information and comply with evolving regulatory standards. Ethan also touches on practical approaches to responsible AI deployment, such as private AI models and rigorous data governance frameworks.
Industry Applications and Value Creation:
From healthcare and financial services to manufacturing and aerospace, the conversation explores how tailored AI strategies can unlock significant business value. Whether it’s reducing product lifecycle times, enhancing predictive analytics, or revolutionizing patient care, Ahead’s multi-practice approach is designed to help organizations at every stage of their AI journey.

Connect with Ahead:
For companies ready to explore innovative AI solutions, Ahead offers comprehensive support—from initial strategy sessions and pilot projects to full-scale deployments. Reach out to your local Ahead contact to start transforming your data into a competitive advantage.

Episode #47 - Exploring the future of APIs and how to secure them

Sun, 06 Oct 2024 19:00:00 -0700

In this exciting episode of The Incubator Podcast, co-hosts Satbir Sran and Darren Boyd sit down with Reza Shafii, Senior Vice President of Product at Kong Inc., to discuss the ever-evolving landscape of API management, service mesh technologies, and the future of developer platforms.

A key focus of the conversation is the convergence of API management and platform engineering, and how this integration is changing the way enterprises approach infrastructure, developer productivity, and system reliability. Reza explains how Kong is building innovative tools such as Kong Mesh and Insomnia to simplify the API development process, enhance security, and deliver exceptional performance for high-demand use cases. He also touches on the challenges and opportunities of adopting service mesh technology and how Kong’s approach differs from other platforms, focusing on making deployment easier and less intrusive for operators.

Another exciting topic is the rise of AI-driven APIs, where Reza emphasizes how the rapid advancement of AI technologies, such as large language models (LLMs), is being enabled by APIs. He highlights how Kong is positioning itself to support developers working with AI and machine learning models, introducing features like Kong AI Gateway to streamline the integration and management of AI-based APIs.

Looking ahead, Reza gives a glimpse into Kong’s future direction. With its Kong Connect platform, the company is building a robust ecosystem that enables customers to access API gateways, observability tools, API portals, and more — all through an incremental, self-service approach. Kong’s focus remains on providing flexible solutions that meet the diverse needs of its users, from individual developers to large enterprises.

Don’t miss this in-depth conversation about the future of APIs, platform engineering, service mesh, and Kong’s role in shaping the API-driven future of enterprise technology.

Episode #46 - ‘Space Container’: Creative IT Solutions, Without Limits

Mon, 02 Sep 2024 20:00:00 -0700

In this insightful episode of the Incubator podcast, hosts Satbir Sran and Darren Boyd are joined by Craig Martin, VP at Ahead and leader of the Digital Solutions Group.

In this episode, Craig, a devout Grateful Dead fan, shares the transformative strategies his team uses to help organizations unlock the full potential of technology through modernization. Just as Jerry Garcia's 'space container' crafted a unique, boundary-pushing soundscape in music, Craig's team is redefining the norms in IT, challenging conventional approaches to deliver innovative solutions.

With a rich background in engineering and a knack for pioneering solutions, Craig discusses the shift towards microservices architecture and cloud transformation, emphasizing the necessity of a holistic strategy that marries engineering prowess with keen business acumen.

The discussion pivots to hybrid cloud environments, where Craig outlines the concept of a unified control plane that allows businesses the flexibility to run workloads more efficiently across various platforms, thereby optimizing operational performance without bogging down engineering teams with infrastructure concerns.

Have a listen to understand how hybrid cloud can be the "space container" of tech, offering the freedom to innovate without limits, much like Jerry Garcia's vision of boundless creativity.

Episode #45 - Observability Pipelines Reimagined with Observo.ai

Tue, 30 Jul 2024 10:00:00 -0700

Join us in this exciting episode of the Incubator podcast as co-hosts Darren Boyd and Satbir Sran sit down with Ricky Arora, the co-founder and COO of Observo.ai. Dive into the cutting-edge world of AI-powered observability pipelines and discover how Observo.ai is transforming the landscape of data observability and security.

Key Differentiators: Learn about the unique features of Observo.ai, including its ML-driven insights, efficient data processing, and seamless integration with existing tools like Splunk, Datadog, and Elastic.
Customer Success: Hear stories on how Observo.ai helps enterprises optimize their telemetry data, resulting in significant cost savings and improved operational efficiency.
Future Roadmap: Get a sneak peek into the future developments at Observo.ai, including advancements in anomaly detection, sentiment analysis, and development of GenAI capabilities.
Industry Impact: Understand the broader impact of Observo.ai on the cybersecurity ecosystem, highlighted by its recognition at the GISEC conference as one of the most innovative startups (out of over 130 participants).

This episode is packed with insights for anyone interested in the future of observability and data security. Don't miss out on this enlightening conversation with one of the leading minds in the industry.

Stay tuned for more exciting episodes of the Incubator podcast, where we bring you the latest innovations and thought leaders from the tech world.

Episode #44 - Operating at the Cyber Frontier with Zscaler

Wed, 17 Jul 2024 07:00:00 -0700

In this episode of the Incubator Podcast, co-hosts Satbir Sran and Darren Boyd welcome Brian Deitch, Chief Technology Evangelist at Zscaler. With an impressive 30% of Forbes Global 2000 companies as clients, Zscaler is making significant strides in connecting people to resources and enhancing cybersecurity measures.

Brian shares his journey from joining Zscaler seven years ago to becoming a key figure in their technology evangelism. The discussion delves into Zscaler's evolution, focusing on their Zero Trust Exchange strategy, data protection, DLP, and innovative approaches to data classification. Brian highlights the importance of user experience and the impact of AI and ML in simplifying data protection.

The conversation also explores the integration of new technologies, such as GenAI and the acquisition of Avalor for unified vulnerability management. Brian emphasizes Zscaler's commitment to operational simplicity and effective partnerships, making complex cybersecurity challenges more manageable for organizations.

Join us as we unpack Zscaler's journey, innovations, and vision for the future of cybersecurity. This episode is packed with insights on how Zscaler is transforming the way companies approach data protection and security.

Episode #43 - Cultivating Resilience and Innovation in Cybersecurity with Mel Reyes

Mon, 06 May 2024 17:00:00 -0700

In this episode of the Incubator Podcast, hosts Darren Boyd and Satbir Sran welcome Mel Reyes, a distinguished figure in the tech industry known for his roles as a global CIO and CISO, founder of Digital Guardians, and an active community contributor.

Mel shares his extensive experience in IT and security, discussing the evolving challenges in cyber threats, compliance, and the importance of leadership in security operations. He emphasizes the significant impact of management support on cultural change within organizations and highlights the necessity of building trust and collaboration among teams.

Mel also dives into the importance of addressing employee burnout and the critical role of establishing a robust security mindset across all levels of a company. Throughout the conversation, Mel advocates for a people-focused approach, underscoring that effective security and technological advancement rely heavily on nurturing and empowering personnel.

Tune in and enjoy insights from a cybersecurity leader!

Episode #42 - Unpacking the Future of Hybrid Clouds with Dell’s PowerFlex

Sun, 14 Apr 2024 10:00:00 -0700

In this episode of the Incubator Podcast, hosts Darren Boyd and Satbir Sran delve into the transformative world of hybrid cloud with guest Steve Bisnett, Global Field CTO for PowerFlex at Dell Technologies. Steve shares insights into his extensive background in the tech industry, especially his experiences transitioning from customer-focused roles to influencing product innovation at Dell.

The episode centers around PowerFlex, a pioneering software-defined storage solution. This technology, initially acquired and evolved over time by Dell, addresses the burgeoning needs of modern data centers characterized by high scalability and the flexibility to adapt to various workloads and configurations.

Steve explains the evolution of PowerFlex, highlighting its role in revolutionizing Dell's approach to storage solutions by integrating aspects of traditional three-tier architectures and hyper-converged infrastructures. This integration allows for separate scaling of storage and compute resources, crucial for handling the diverse needs of enterprise environments.

The discussion also covers the challenges organizations face, such as infrastructure complexity, cost management, and lifecycle management. PowerFlex addresses these through consolidation and a high degree of automation, which significantly simplifies operations and reduces the need for extensive human intervention.

Moreover, Steve elaborates on the strategic applications of PowerFlex in enterprise settings, particularly its capability to support a variety of workloads and operational models, whether on-premise or in the cloud. This flexibility is essential for enterprises looking to optimize performance and cost, especially those transitioning between cloud and on-premise environments.

The podcast provides a comprehensive view of how PowerFlex fits into the broader Dell ecosystem, capable of meeting specialized needs such as high-performance computing or extensive data storage through seamless integration with other Dell products.

This episode underscores the importance of adaptive technologies like PowerFlex in managing and transforming large-scale IT environments, reflecting Dell's commitment to innovation and customer-centric solutions in the evolving landscape of enterprise technology.

Episode #39 - Consumption Economics: A neoclassical view of cloud

Sat, 03 Feb 2024 16:00:00 -0800

In this podcast episode, we delve into the neoclassical economic view of cloud computing with Sarbjeet Johal, analyst, evangelist, and founder. The discussion begins by exploring the relevance of cloud in modern digital transformation. We then explore principles rooted in neoclassical economics, focusing on concepts such as consumption economics, utility maximization, institutional/transactional costs implications, and how these apply to the cloud computing market.

Key points include an analysis of supply and demand dynamics in cloud services, cost-benefit considerations for businesses transitioning to the cloud, and the role of competition among major cloud providers in shaping prices and service quality.

This episode is a must-listen for anyone interested in the intersection of economics and cloud computing, offering a view of cloud computing through the lens of neoclassical economics.

Episode #40 - Anonymisation through pseudonymisation

Thu, 01 Feb 2024 13:00:00 -0800

In this podcast episode, we delve into data masking, data privacy, test data management, test environment management, the role of synthetic data, and the value of establishing a data fabric. Quite a bit of ground to cover!

K2View is a leader in data fabric and Customer 360, creating a comprehensive view of the customer journey which aids businesses in understanding customer behavior, preferences, and needs, leading to better service and personalized experiences.

This of course naturally leads to the topic of data privacy. Hod Rotem emphasizes the increasing importance of safeguarding consumer data by sharing strategies and best practices for maintaining data privacy through concepts such as synthetic data and data subsetting via the domain of test data management. This ultimately leads to more agile, accurate, and cost-effective testing processes overall.

Have a listen and enjoy real-world examples and perspectives regarding future trends in data management and privacy.

Episode #38 - Practicality in Protection: Implementing an AppSec Program

Thu, 04 Jan 2024 12:00:00 -0800

In this episode of our podcast, we sit down with Jeevan Singh, a distinguished leader in the field of Application Security (AppSec), to delve into the intricate world of securing software applications. The discussion highlights the perils and challenges faced by organizations in today’s digital landscape, emphasizing the growing sophistication of cyber threats and the vital importance of robust AppSec programs.

Jeevan articulates how he approaches implementing AppSec programs through a crawl, walk, run progression, which helps to address cultural gaps that may exist between security teams and developers. He stresses the need for a paradigm shift from viewing security as a mere checkpoint, to integrating AppSec as a fundamental aspect of the development process. Jeevan shares insightful anecdotes and experiences to illustrate how this shift can lead to more secure and efficient development workflows.

Jeevan is active in the community, being Co-Chapter lead for OWASP Vancouver, as well as teaching threat hunting/modeling techniques to his local community.

https://www.owasp.org/index.php/Vancouver

Ever insightful, Jeevan offers advice to organizations just starting their AppSec journey and provides insights into the future trends in application security. This podcast is a must for anyone looking to make meaningful progress in their AppSec journey. We are confident our listeners will come away with a comprehensive understanding of the challenges and solutions in Application Security, enriched by Jeevan Singh’s expertise and practical insights.

Episode #37 - CISO Perspectives on Cybersecurity Programs, Risks, and Priorities

Sun, 05 Nov 2023 13:00:00 -0800

Join Satbir and Darren as they interview Nemi George, a seasoned Chief Information Security Officer (CISO) of Pacific Dental Services, as they cover a complex tapestry of modern cybersecurity concerns.

The discussion covers diverse topics including the evolving threat landscape, the rise of sophisticated cyber attacks, evolving insider threats, risk management, supply chain complexity, and the value of preventive action.

As the conversation unfolds, Nemi highlights the importance of a robust security culture within an organization, articulating that while technology is a critical line of defense, the human element remains the most unpredictable. Initiatives to enhance security awareness, continual education programs, and behavioral analytics to detect insider threats are discussed as key strategies.

A portion of the conversation is dedicated to the impact of regulatory compliance with Nemi discussing the challenges in navigating complex international laws such as the GDPR, CCPA, and industry/state-specific regulations. Amidst the discussion, Nemi emphasizes the importance of privacy by design and the role of the CISO in ensuring that compliance enhances, rather than hinders, business operations.

As the conversation nears its conclusion, Nemi speaks candidly about the future, including the advent of artificial intelligence as a technology that both enhances security measures while also inevitability being used by adversaries as well.

This important podcast ultimately touches on the intersection of business acumen, technical expertise, and strategic thinking required for modern CISOs to thrive and protect their organizations in an age where cybersecurity is a key pillar of business continuity.

We hope you enjoy!

Episode #35 - Using Aviatrix to simplify multi-cloud networking

Sun, 08 Oct 2023 10:00:00 -0700

Enterprises are not confined to the boundaries of a single cloud environment. But as many adopters have discovered, navigating multi-cloud isn't without its challenges from a networking perspective. The once-promised flexibility and scalability of the multi-cloud model are often overshadowed by daunting complexities, diminished visibility, and fragmented control mechanisms. The disparate networking and security paradigms of each CSP have all but eroded the notion of a seamless integration experience, ushering in the need for an overlay capability.

Aviatrix's answer is both innovative and intuitive. The company sought to reimagine the entire multi-cloud networking paradigm. By developing a platform that provided a unified control plane, Aviatrix ensured that businesses could have a singular, centralized view of their entire network topology, irrespective of the cloud provider. This was complemented by advanced networking and security features that addressed the individual quirks and requirements of each cloud environment, ensuring seamless operation across the board.

Join Satbir and Darren as they speak with Chris McHenry, Head of Product Management, about what makes Aviatrix unique in the space of multi-cloud networking.

Episode #36 - Leveraging Deep Learning for Deep Defense

Sun, 08 Oct 2023 09:00:00 -0700

Traditional cybersecurity approaches, often retrospective in nature, race to detect and respond to threats only after they've manifested. This reactive paradigm, although necessary, leaves a window of vulnerability—a time-lapse during which systems are exposed, data is compromised, and infrastructures are at risk.

Deep Instinct represents a seismic shift in the way we approach cybersecurity. What makes Deep Instinct stand out in the vast sea of cybersecurity firms lies in their use of deep learning. Inspired by the structure of the human brain, deep learning enables computers to learn from vast datasets and make independent decisions when distinguishing benign from malicious activity. This exhaustive training equips the system to recognize and thwart even the most novel threats, those that conventional systems might overlook.

While many companies leverage machine learning for post-breach detection, Deep Instinct's platform is designed for zero-time prevention. Its deep learning models, once trained, can instantaneously analyze data, making split-second decisions to halt threats in their tracks. This preemptive approach narrows the vulnerability window, fortifying systems against both known and unknown cyber adversaries.

Join Satbir and Darren as they speak with Carl Froggett, CIO & CISO, about what makes Deep Instinct unique in how they approach cyber-defense.

Episode #41 - Using synthetic data for ultimate privacy

Sun, 17 Sep 2023 17:00:00 -0700

Data security is heavily dependent on context, and as organizations contemplate Test Data Management (TDM) they must consider not only de-identification strategies but re-identification probabilities as well.

Data privacy regulations are becoming more stringent, with some regulations having an ‘extraterritorial scoping clause’ that stipulates that organizations must comply with regulations regardless of where the data resides, if collecting data on their constituents (e.g., GDPR and PIPL). Further, even if all direct identifiers are stripped out of a data set, the data will still be considered personal data if it is possible to link any data subjects to information in the data set relating to them (as per Recital 26 GDPR). In other words, according to GDPR, a person does not have to be named to be identifiable. If there is other information enabling an individual to be simply connected to data about them, they may still be considered ‘identified’.

An organization, using proper techniques combined with re-identification risk management procedures, remains among the strongest and most important tools in protecting privacy. Tonic is one such vendor that applies advanced concepts to de-identify aggregate datasets. They specialize in synthetic data, which by definition is differentially private, though they can also selectively de-identify identifiers and quasi-identifiers in complex schemas (e.g., structured and semi-structured data).

Join Satbir and Darren as they speak with Adam Kamor, Tonic Co-Founder and Head of Engineering, about what makes Tonic unique in the space of data de-identification.

Episode #34 - A trace-based approach to runtime security

Fri, 04 Aug 2023 15:00:00 -0700

Spyderbat continuously records ALL runtime context in an environment (from Kernel to Cloud) while providing causal linkage (recording both good & bad events alike). Alerts can then be traced along the resultant causal chain that's created. Normal behaviors can then be safely ignored, allowing practitioners to focus on more toxic combinations ONLY (i.e., Alerts-to-Traces).

Practitioners can then group behaviors for another order of magnitude reduction in alerts.

To do this, Spyderbat has developed the following algorithms:

Guardian - Records context to determine and visualize aggregate event significance in the environment. Guardian is the backbone that surfaces risk while addressing drift by comparing running applications against prior versions
Flashback - Replays the sequence of activities within/across containers at the earliest warning signs of trouble
Scout - Maps to Mitre Attack Matrix and Kubernetes Threat Matrix and identifies attacks based on suspicious behaviors.
Interceptor - Acts as automatic guardrails to protect known-good processes, extracts attackers, and rolls back misconfigurations.

Collectively this delivers on the value chain from causality through enforcement.

Episode #33 - A discussion with Sounil Yu, author of the Cyber Defense Matrix

Thu, 03 Aug 2023 10:00:00 -0700

Sounil Yu is an author, cybersecurity visionary/strategist, advisor, security scientist, and leader. In his capacity of Chief Security Scientist at BoA he was in part responsible for developing and optimizing their cybersecurity portfolio. With an ever-expanding set of entrants in cybersecurity, he recognized the need to develop a framework that would provide a consistent mechanism to describe and organize solutions. Over the last several years this framework, the Cyber Defense Matrix, has evolved into a very robust matrix that can apply to an expanding set of use cases.

At The Incubator Podcast, we are using the matrix to not only map out vendors in the cybersecurity domain, but to also anticipate vendor movement between adjacent capabilities to assist clients with deliberate rationalization and optimization exercises. Our customers tire of the 'expense in depth' that accompanies market narratives in the domain of cybersecurity and we aim to provide purposeful and defensible portfolio strategies.

Episode #32 - OSS LIbrary-Level Analysis and Least Privilege Enforcement

Mon, 17 Jul 2023 20:00:00 -0700

Oligo Security provides OSS library-level analysis and creates a profile of behavior on runtime. By evaluating what the OSS packages need from the operating system, they can detect malicious activity for each and every component in runtime. Through continuous monitoring, they can alert on deviations from baseline behavior and even block those deviations if desired. They apply a least privilege approach when assessing OSS libraries which reduces alerts by upwards of 85%. Given approximately 80% of deployed code contains OSS, Oligo's least-privilege approach is a true differentiator.

Join Satbir and Darren as they speak with Gal Elbaz, Co-Founder and CTO of Oligo Security, about their views on how to practically manage OSS vulnerabilities.

Episode #31 - Establishing Enterprise Encryption Supremacy

Mon, 17 Jul 2023 13:00:00 -0700

Primarily known as a pioneer in Confidential Computing, Fortanix has created a unified data security platform that delivers a suite of services, including multi-cloud key management, tokenization/encryption, Transparent Data Encryption (TDE), and specializes in secure enclaves. With 30+ granted and pending patents, and a host of awards such as Gartner Cool Vendor and RSA Innovation Sandbox - Fortanix has achieved absolute encryption supremacy for the enterprise.

In this episode, we speak with Faiyaz Shahpurwala, Chief Product and Strategy Officer, as we explore a broad set of use cases to secure enterprise data, wherever it is.

Please listen and contact Satbir and Darren to explore this and other observability-related domains.

Episode #30 - How to build a sustainable AppSec program

Wed, 17 May 2023 09:00:00 -0700

Apiiro has built its Code Risk Platform to address risks inherent in material changes to application logic/code ... long before those change ship to prod. Given the imbalance in the ratio of developer to security practitioner, Apiiro's solution is crucial if we are to deliver sustainable security programs that meet the demands of new product introduction. They are the winner of RSA's Innovation Sandbox and are recognized by Gartner as a Cool Vendor in DevSecOps.

Apiiro establishes an ongoing understanding of the ins and outs of applications and software supply chains, and how the attack surface changes over time. Their Risk Graph represents all code modules, dependencies, user stories, APIs, data models, development environments, container images, pipelines, technologies, frameworks, contributors, and other application components. Taking signal logic such as developer behaviors and various security inputs, they can trigger engagement models to allow developers and security practitioners to co-create software changes. This is a must-have for every security program!

Please listen and contact Satbir and Darren to explore this and other cybersecurity and risk-related domains.

Episode #29 - Tackling the biggest problem affecting code … dependency lifecycle management

Mon, 01 May 2023 19:00:00 -0700

As it turns out, managing Open Source Software (OSS) dependencies is extremely difficult. Not all vulnerabilities are in runtime and/or reachable, not all exploits focus on high/critical CVSS, there is a time delay with patches when they are made available, and Semantic Versioning (SerVer) can make prioritization challenging when thinking through backward compatibility, upgrade paths, version pinning in supply chain, etc.

Though estimates vary based on source, some 80% of deployed code is now OSS with 95% of vulnerabilities taking place in transitive dependencies. What’s more, when looking at the Census II report () approximately 50% of all packages tracked did NOT have a release in 2022. This is an intractable problem and a reason why Endor Labs started development back in 2021.

As they so eloquently state, “Software ages like milk, not like wine”.

In this podcast episode, Satbir and Darren explore the Software Composition Analysis (SCA) domain with Varun Badhwar, CEO/Founder of Endor Labs, regarding how to focus teams on the most relevant vulnerabilities associated with their OSS code and how many AppSec programs are starting to focus efforts in this area.

Episode #28 - A discussion of data cloud economies and security, with Navindra Yadav

Sun, 23 Apr 2023 19:00:00 -0700

Data platforms are evolving, allowing data clouds to connect with consumers and producers of data that may be external or internal to your organization. Sharing with upstream/downstream partners in this data economy presents significant challenges to protecting data.

Join us as we discuss this economy and the security implications, with Navindra Yadav, CEO & Co-Founder of Theom.

Episode #27 - Promoting Open Standards Observability at a massive scale

Mon, 03 Apr 2023 08:00:00 -0700

Nobody understands observability at scale quite like Chronosphere co-founders Martin Mao (CEO) and Rob Skillington (CTO). While at Uber they created, and open-sourced, the M3 metrics engine, which was capable of handling billions of data points that describe the most complex environments. Then, in 2019, they founded Chronosphere which is now valued at over a billion dollars.

Chronosphere focuses on capabilities that help Product Teams work more efficiently to manage their applications. The company’s trace metrics help developers and SREs create a single metric that represents all or part of their business logic call flow, such that visibility and alerting can focus on the things that matter. They also provide the ability to set data quotas on teams so Product Teams can better manage their costs against centrally managed quotas.

Chronosphere is committed to open source, having donated PromLens (a query builder for Prometheus) to Prometheus, as well as providing complete support to OpenTelemetry (a Cloud Native Computing Foundation (CNCF) project set to soon overtake Kubernetes in terms of contributions. For any company that desires to support open standards with its observability strategy, Chronosphere is a must-have platform!

Please listen and contact Satbir and Darren to explore this and other observability-related domains.

Episode #26 - An Insider Threat Platform that Protects Individual Privacy

Sun, 26 Mar 2023 23:00:00 -0700

When considering an Insider Risk Management (IRM) program a confluence of events complicates effective execution, including a general increase in financial hardship due to the current economic climate, an increasingly remote corporate workforce, steady growth in the gig economy, privacy concerns regarding individual liberties, and negative perceptions of organizations developing a 'surveilling’ presence.

Insider threat is inherently a human challenge that must look beyond the traditional focus on cyber-only components - to also include human, organizational, and physical approaches & sensors. DTEX Systems operates in this space, providing significant thought leadership and even forming a Public-Private Partnership (PPP) with MITRE as they jointly develop an Insider Risk Management Framework (coming soon).

Through their patented privacy-compliant metadata collection, they can surface abhorrent and abnormal behavioral patterns as ‘indicators of intent’ to mitigate malicious, complacent, or unintentional acts that negatively affect the triad of confidentiality, integrity, and availability for an organization, its data, personnel, and/or facilities.

In this episode, we speak with Brian Stoner, Vice President of Worldwide Channels and Alliances, to uncover DTEX’s approach to balancing the needs of the individual while empowering organizations to act on contextual intelligence to stop insider threats.

Episode #25 - Helping Defenders focus on exceptions by offloading day-to-day, with StrikeReady

Sun, 26 Mar 2023 12:00:00 -0700

The annual Cybersecurity Workforce Study conducted by (ISC)² modeled the existing talent shortage as 3.4 million professionals in 2022, up 26% from their 2021 study. The purchasing of a multitude of security products to offset skill gaps can fall short as operators struggle to adapt processes and extract value from toolchains that may or may not be flexible in handling an evolving threat landscape.

Many available security automation products require an operator to construct, deconstruct, and reconstruct a set of playbooks that include a number of static decision blocks, which are clearly not optimized for ad-hoc or potentially ex-ante scenarios.

In this episode we have a conversation with Salim Scafuto, Global VP of Customer Success and Sales Engineering, of StrikeReady, about their platform and how its logic layers (attack harvesting, knowledge harvesting, action invocation, analysis & context) combined with their machine learning capabilities (e.g., deep neural networks, convolutional deep neural networks, deep belief networks, recurrent neural networks) can allow an operator to reason with their environment to thwart attacks.

The platform allows operators to engage in knowledge-seeking questions that invoke a security-centric conversation with their reasoning engine (e.g., such as asking, “what is ransomware?”, or, “who is APTXXX?”), a contextual awareness question to obtain a degree of business insight (e.g., such as asking “am I currently at risk for ransomware?”), or even an automation-based command for incident response and proactive operation (e.g., such as issuing the command, “check this email for phishing”, or, “assess my risk against mummyspider”).

With a host of integrations and a TAXII client to ingest a set of threat feeds, the platform is enabling a broad range of responses that mimic a security professional, offsetting much of the day-to-day load and allowing practitioners to focus more on the exceptions.

Please listen and contact Satbir and Darren to explore this and other cybersecurity-related domains.

Episode #24 - Unifying Security Technology and Human Intelligence with Synack

Wed, 08 Mar 2023 10:00:00 -0800

Disrupting traditional security testing approaches is where Synack specializes. They have long recognized that to thwart attacks in modern adversarial campaigns requires a maximal combined talent of human and AI-powered intelligence. Through the gamification and use of crowdsourced expertise across verifiable exercises, Synack leverages its Synack Red Team (SRT), a global network of ethical hackers, to identify and address vulnerabilities across an ever-evolving attack surface.

This crowdsourced team of highly skilled and heavily vetted ethical hackers represents one of Synack's key differentiators. Traditional security assessments and audits provide point-in-time insights into an enterprise's security posture which does little to illuminate an organization's cyber defense capabilities, processes, or controls. Synack instead opts to use an incentive-driven model that allows their security practitioners to employ any Tactics, Techniques, and Procedures (TTPs) they deem appropriate, encouraging behavior that more readily models exploitation hunting as an adversary would. Sessions are recorded and exploits are verified via other members, providing a capture into how the vulnerabilities are found, along with how long it took, what the relative effort was to identify, and what remediation steps are recommended. Re-test is part of the service for closed-loop verification.

Join us in this episode as we speak with Tim Lawrence, Solution Architect as we go into greater depth into how Synack can provide resilience to any organization. In a market where security practitioners are hard to come by, this is a firm to engage with.

Please reach out to us to discover how we develop closed-loop resilience patterns in a modern SSDLC!

Episode #23 - Cyber Defense Services Forged from the Front Lines

Sun, 19 Feb 2023 12:00:00 -0800

At its core, BlueVoyant offers MDR and managed SIEM services for Splunk and Microsoft Sentinel, though they also provide EDR services, 24/7 security monitoring, alert investigations & incident response, forensics & litigation support, attacker simulation & penetration testing, supply chain defense, dark web investigations, compliance services, vulnerability assessments and remediation, and professional services.

In this episode, we are joined by Matthew Gonter, Global Technical Solutions Architect - Splunk | Cribl where we talk about the myriad of security problems BlueVoyant sees in the industry and how they enable customers to outsource key security functions while addressing the cybersecurity skills gap to improve overall security preparedness and security outcomes. Matt joins BlueVoyant by way of their recent acquisition of Concanon, a Splunk and Cribl professional services company, in October 2021 where Matt introduced enterprise solutions and proprietary technology to manage Sentinel and Splunk at scale while directly tackling log shipping challenges.

Serving as an expert in SOC services, SIEM implementation/migration, and Observability Pipeline optimization, Matt shares many insights into the security industry and we look forward to having him back on the show!

Episode #22 - Operating at the nexus of Observability & Security data

Sun, 29 Jan 2023 21:00:00 -0800

Cribl provides a real-time data stream management platform for MELT data that enables organizations to gain insights and take action on data in place (right at the source), data at rest (already stored in a data lake), and eventually data in motion (transitioning an observability pipeline). Back in May 2022 Clint and the C021 team signaled that they would be turning search on its head, and in Nov '22 they did just that. We can now say goodbye to the swivel-chair searching which has become a rate limiter to value realization and start to unlock our observability and security data.

In this episode, Satbir and Darren speak with Ed Bailey, Cribl's Sr. Staff Technical Evangelist, about the power of Cribl's vision for the future. Though we cover a range of topics there is a heavy focus on Cribl Search and all that it promises. Search is built on an enhanced version of Kusto which provides practitioners a familiar interface to start with. This allows organizations to get a head start by performing actions such as compiling Sigma rules into Kusto for IOC/threat hunting. This design decision goes a long way to challenge the current modus vivendi that exists between operational and security data.

Further, Cribl Search is a cloud-native construct, scaling elastically as queries are processed which dramatically reduces the infrastructure cost burden of search.

Dispatching queries to where the data is promises to drive the convergence between observability and security operations and we are excited to continue partnering with Cribl. This is an essential platform for organizations looking to gain insights and take action on their MELT and security data. Long live the goat!

Episode #21 - Automating continuous Classifying, Modeling, & Auditing of data actions with Theom

Sat, 05 Nov 2022 18:00:00 -0700

We at Ink8r have long been advocates for calibrating protection against threat modeling exercises to properly align protection for assets. When it comes to securing production resources in the cloud this often means extending beyond Cloud Security Posture Management (CSPM) and including Data Security Posture Management (DSPM), among other capabilities, to properly address threats. With Theom we find not only a complete data security solution but also a platform that has truly thought through what the enterprise practically requires.

Join us as we speak with Navindra Yadav, serial entrepreneur & inventor, and Co-Founder & CEO of Theom as we explore their platform and how they are truly the enterprise's Data Bodyguard!

Theom leverages NLP classifiers to discover/classify your data in the cloud across analytical stores, object stores, and relational databases (all at a granular level) and even monitors how that data is accessed (in-flight observations). With this approach, Theom can determine potential financial exposure by combining metadata of the entities accessing/actioning the data along and determining the sensitivity of that data. Historically, determining Annualized Loss Expectancy has been challenging. Organizations typically must determine an Annual Rate of Occurrence (ARO) and multiply it by the Single-Loss Expectancy (SLE) for each time a risk arises. With Theom this becomes infinitely easier and allows for a quantitative view of risk for your critical assets. WOW!

And that is just the beginning. Theom will also determine anomalous behavior regarding entity activity to help curtail overprovisioned access and help thwart more complicated 'slow leak' attacks. Activity can include actions on data, as well as how the data is being accessed. By looking at API access and comparing against Swagger specs for the API, Theom can expose discrepancies between spec and actual API configuration/exposure. Another WOW!

A final note on Theom has to do with platform design and the team's foresight regarding architecture. By leveraging Distributed Ledger Technology (DLT) Theom has placed a priority on security from several perspectives. They immediately deliver Proof of Action for every transaction including proof that Theom doesn't manipulate any customer data (i.e., all analytics happens in the customer environment, without data movement of any kind); all data analytics incur minimal costs to the customer (e.g., we are talking under $20/day, which is incredible); and an entire world opens up for futures around concepts such as Proof of State (e.g., imagine an auditor or cyberinsurance company validating state directly - without interacting with Theom at all).

Episode #20 - Making Connectivity to Business Resources Impossibly Simple

Sun, 16 Oct 2022 19:00:00 -0700

Episode #19 - Constructing a versatile SSDLC pipeline that can simply do more

Tue, 11 Oct 2022 06:00:00 -0700

How many pipelines does my organization need? What pipeline construction patterns are most acceptable to my developers? What intelligence should I inject into the pipeline? Nick Durkin, Field CTO & VP of Field Engineering from Harness answers these and more. Join us in this episode as we unpack some philosophical areas of SSDLC architecture, while diving into the Harness portfolio to see how they continue to innovate in topics such as Chaos Engineering, Feature Flag Management, Security, Intelligent Testing, Cloud Cost Management (more than just visibility), Service Reliability, and more.

The pipeline underpins the SSDLC process, ensuring not only a collaborative experience between testing, development, and operations, but also as an enabler of contemporary delivery approaches such as DevSecOps, Agile, Continuous Integration, and Continuous Delivery. Without a pipeline that can support all interested stakeholders, safe delivery of code at market expectation will be elusive at best.

Episode #18 - To truly understand the pervasive use of SaaS in your enterprise, turn to SSCP

Wed, 21 Sep 2022 14:00:00 -0700

Enterprises rely on dozens to hundreds of Software-as-a-Service (SaaS) applications, both sanctioned and unsanctioned, for their workloads, data, and processes. This attack surface requires SaaS Security Posture Management (SSPM) to protect the enterprise, but how do enterprises truly discover all of the SaaS apps in use (particularly those unsanctioned SaaS apps)?

Traditionally enterprises have relied on CASB solutions, API-integrated solutions, SSO-integrated solutions, and/or web proxies to try and discover the breadth of SaaS use, but these can be off by an order of magnitude from true usage in an environment. This is where a SaaS Security Control Plane (SSCP) becomes invaluable, not only from a discovery perspective but also to inject enterprise security expectations into EVERY SaaS application.

Join us in this episode as we speak with Lior Yaari, Co-Founder and CEO of Grip Security as we explore how their platform allows commercially-focused CISOs to partner with business line managers to rapidly determine their SaaS posture.

Episode #16 - Harmonizing your AppSecOps Program

Sat, 06 Aug 2022 19:00:00 -0700

Application delivery velocity is driving a need to bolster an organization's existing software security posture. One fundamental aspect in fortifying an AppSec strategy is to leverage the API’s of existing application portfolio management solutions, code repositories, open source code scanning, static code scanning, credential scanning, image scanning, and various dynamic application security test tools, to create a composite risk profile for each asset along with prioritization, tracking, and automated SLA management across the Secure Software Development Lifecycle (S-SDLC). This allows us to move beyond what is often construed as an obsession with defects, to achieve a degree of harmonization between developer and security professional.

Join us in this episode as we speak with Nikhil Gupta, Co-Founder and CEO of ArmorCode as we explore how their platform provides a single process for AppSec visibility, workflow automation, vulnerability management, and compliance, and how it allows an organization to elevate their Security Program.

Episode #15 - Reimagining Observability and making it viable

Fri, 01 Jul 2022 19:00:00 -0700

We heard a great quote at RESOLVE'22 this year which said, "customers pay for up time and companies pay for downtime". A rather adroit quote, and one that truly captures the Sisyphean challenge of ensuring applications are performant in the way we expect. When it comes to the Herculean task (wow - two mythological references in one opener!) of making modern observability viable, there stands Cribl, the leader in Observability Pipelines and a true disruptor of the domain. Cribl has launched several products that enable practitioners by focusing on data value at the edge, in the stream, and in a customer's Observability Lake(s).

Join us in this episode as we speak with Nick Heudecker, Senior Director of Market Strategy & Competitive Intelligence at Cribl as we explore their product portfolio and how those products reshape how we should think about data processing in observability and security.

Episode #13 - Running MELT through analytics at the edge

Thu, 30 Jun 2022 07:00:00 -0700

There is always tremendous value in decreasing latency in any decision-making process, particularly when we are dealing with stream processing in support of system and application observability. By running Metrics, Events, Logs, and Trace (MELT) data through an analytics algorithm at time of creation, on the very devices emitting the signals, organizations can set parameters on what information is worth sending to an observability platform, and what information is not.

In this episode, we speak with Zachary Quiring, Director of Product at Edge Delta regarding how they view observability and how distributed queries are the most economical approach to scale and efficiency for modern architectures. This is truly a novel approach and as Edge Delta puts it, the only way to achieve "observability without compromise".

Episode #14 - Enabling Collaborative IaC with specialized CICD

Thu, 30 Jun 2022 07:00:00 -0700

Many, if not most, organizations operate as polyglots - polyglot environments, polyglot programming languages, polyglot persistence, and so on. Infrastructure-as-Code (IaC) automation is no exception to this complexity with organizations often supporting polyglot IaC CICD tooling. Teams introduce this variability to achieve specific ends as some frameworks are great for one task but not another, so working with multiple platforms/frameworks enables developers to use the right tool for the job.

In this podcast episode, we speak with Co-Founder and Chief Product Officer of Spacelift, Marcin Wyszynski. Together we discuss how Spacelift can cull the digital Tower of Babel that comes with deploying and managing IaC in the enterprise. Spacelift provides a specialized IaC CICD platform with sophisticated state management and audit features for multiple frameworks such as Terraform, Pulumi, Kubernetes, CloudFormation, and soon Ansible. Through support for complex workflows, and a robust policy framework, Spacelift allows you to declare rules around account and project access, handling push notifications, starting runs, triggering tasks, and creating relationships between projects.

Episode #17 - An Observability breakout session from Resolve '22, with the Ink8r Team

Thu, 02 Jun 2022 07:00:00 -0700

Satbir and Darren were interviewed in a breakout session at Resolve '22, a BigPanda-organized community event. It was a wonderful opportunity for the Ink8r team to share thoughts on the domain of Observability, as directed by Aaron Johnson (BigPanda SE).

Join us in this episode as we cover topics such as the consequences of not starting a journey, key measurements to get started, finding your guiding star and staying a path, and our thoughts on the role and importance of open standards.

Episode #10 - Cloud-native security with a rules-optional intelligence platform

Sat, 28 May 2022 17:00:00 -0700

Lacework has a patented platform, Polygraph Data Platform, which ingests data, analyzes behavior, and detects anomalies across an organization’s multi-cloud environment. Lacework continuously monitors user, app, process, and network behavior, as well as continuously evaluating vulnerabilities and cloud configurations. They use an agent and agentless approach to collect information to uncover unusual activity that could indicate compromise and prioritize responses.

Join us in this podcast as we speak with Mark Nunnikhoven, Distinguished Cloud Strategist, regarding how Lacework identifies and traces new or anomalous activity correlated across cloud accounts including regions, users, principals, CSP services, API calls, and API responses, as well as identifying workloads and containers with known active vulnerabilities.

Episode #12 - Using AI to baseline good behavior to block malicious email

Sat, 28 May 2022 17:00:00 -0700

Social engineering attacks such as Business Email Compromise (BEC), supply chain fraud, executive impersonation, and ransomware, are complex vectors that readily evade solutions that rely on conventional threat intelligence and known bad indicators. Modern attacks frequently bypass secure email gateways as they may come from trusted sources and do not contain malicious links or attachments.

Abnormal Security provides a fundamentally different approach to email attacks by continuously baselining known good behavior by leveraging identity, behavior, and content to detect and remediate anomalies. Join us on this podcast as we speak with Abnormal Security's CISO, Mike Britton - a former customer and advocate for continuous supplier, vendor, partner, and email analysis based upon signals gathered across the entire enterprise ecosystem.

Episode #11 - Building data security into DevOps infrastructure

Sat, 28 May 2022 16:00:00 -0700

In the modern enterprise data spans multiple cloud providers, regions, databases, object stores, and data lakes. Users, developers, supply-chain vendors, and contractors all access data via multiple roles and applications. In a truly dynamic environment where developers instantiate instances, organizations need to be able to visualize how data flows, who is accessing that data, and how that data is being used, all in real-time.

In this episode, we speak with Martijn Loderus, VP of Solutions Engineering & Delivery, of Symmetry Systems on how they are taking a data-centric approach to enable organizations to map, secure, and track identity, permissions, and data flows across the estate while providing unified visibility across these environments for cloud and information security teams.

Episode #8 - Build trust in your software with the leader in AppSec

Sun, 15 May 2022 11:00:00 -0700

Synopsys is a leader in Gartner’s Magic Quadrant for Application Security Testing (AST) for the 6th straight year. Their portfolio is among the most comprehensive in the market, supplementing the foundational aspects of AST with an acquired portfolio of award-winning products including SAST, DAST, IAST, and SCA - with advanced capabilities such as protocol fuzzing and API protection.

Join us as we speak with Tim Mackay, Principal Security Strategist with Synopsys’ Cybersecurity Research Center, as we discuss how Synopsys represents an evolution of traditional application security, through integration of capabilities in risk management that automates and accelerates the aggregation, correlation, deduplication, and prioritization of software vulnerabilities, while orchestrating the right tests, at the right time, with the right focus.

Episode #7 - Protecting API business logic & vulnerabilities with Cequence Security

Sun, 15 May 2022 08:00:00 -0700

Cequence Security understands API attack surfaces, protecting upwards of 6 billion API transactions on any given day. In this podcast episode, we speak with Vince Bryant, Senior Director of Business Development of Cequence Security. In an age characterized by velocity in execution, Cequence will be the first to state that, "digital transformation from the inside looks pretty messy". In assessments, Cequence frequently discovers that the API attack surface is usually 2x what an organization believes is in use. From inventory discovery and risk assessment to behavior analysis with sensitive data exposure protection and business logic abuse protection - Cequence's single-pass architecture emphasizes intent when creating an in-depth profile of applications.

Episode #6 - Moving Beyond Observability with Aaron Johnson

Thu, 12 May 2022 16:00:00 -0700

As we begin emitting more signals from more endpoints in servitude of more complex transactions, it becomes clear that being observable isn't enough. Join us as we talk with Aaron Johnson (AJ), BigPanda as we explore the nature of correlation as a key component to ensuring services perform as intended. AJ has deep practitioner/leadership experience at companies performing correlation at scale and we thoroughly enjoyed his pragmatic views. We hope you enjoy it as well!

Episode #5 - At the intersection of Observability and Security

Sat, 30 Apr 2022 13:00:00 -0700

It’s in their DNA - sysdig (lower case ’s’) started as an open source troubleshooting tool, and the company has maintained that commitment to community. They donated Falco to CNCF as an incubating project with contributors that include AWS, Google, Microsoft, Cisco, and VMware, they leverage projects such as CloudCustodian in their cloud posture capability, and provide PromQL support for deep analysis.

In this episode, we validate Sysdig’s tagline of ‘dig deeper’ with Alex Lawrence, Principal Security Architect. Please enjoy as Alex discusses Sysdig’s product portfolio, which allows practitioners to manage IaC, and vulnerabilities in CI/CD and registries and ultimately into runtime with powerful remediate and forensic capabilities.

Episode #4 - Why Proactive API Security is Today's Imperative

Sun, 10 Apr 2022 20:00:00 -0700

APIs have become the largest abuse vector with even the most sophisticated development organizations falling prey to exposure. This episode of the podcast discusses the landscape and where organizations can begin securing their interfaces with Matt Tesauro, Distinguished Engineer at Noname Security providing pragmatic advice.

Episode #2 - Observability with Datadog

Wed, 02 Feb 2022 14:00:00 -0800

In this episode, we speak with Marc Weisman, VP of Product Management, Platform at Datadog. Marc has spent the last 6+ years with Datadog, defining and expanding their platform at a pace of almost one feature per day. Marc provides a perspective on observability, how it fits in the enterprise, and some practical implementation guidance.

Episode#1 - Trailer

Thu, 30 Dec 2021 05:00:00 -0800

A brief introduction to the Ink8r Podcast intention and scope

Ink8r (in·​cu·​ba·​tor) Podcast