Breach analysis is one of my favorite topics to dive into and I’m thrilled Dimitri is joining us today to reveal some of the insights he’s pulled out of this GitHub Actions incident. It isn’t an overstatement to say that some of the lessons to be learned from this incident represent fundamental changes to how we architect development environments.

Why are we talking about it now, 4 months after it occurred? In the case of the Equifax breach, the most useful details about the breach didn’t get released to the public until 18 months after the incident. It takes time for details to come out, but in my experience, the learning opportunities are worth the wait.

Triggered by an op-ed from Dave Kennedy, the discussion of whether the US should launch more visible offensive cyber operations starts up again. There are a lot of factors and nuances to discuss here, and a lot of us have opinions here. We'll see if we can do any of it justice in 15 minutes.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-417

Did you know that there’s a hall-of-fame for cybersecurity books? Over the past decade, the Cybersecurity Canon has published reviews on dozens of cybersecurity books and established a hall of fame. Hall of fame books are defined as titles that all cybersecurity professionals should read - a great short list for those new to the field and overwhelmed by choices.

Helen Patton, co-founder and Chief of Staff for the Cybersecurity Canon joins us to tell us all about the Canon, how it came to be, and its transformation into a more visible and active organization.

We’ll also discuss Helen’s own book, “Navigating the Cybersecurity Career Path”, and an upcoming second book she’s working on as well!

Segment Resources:

• Helen's personal website
• The Cybersecurity Canon website

AJ Yawn thinks so.

The TL;DR is that he thinks industry-specific frameworks are more appropriate and effective.

You can check out some more of his thoughts on LinkedIn, or on the Alice in Supply Chains podcast.

• Ayman recommends checking out https://mvsp.dev/ as a potential alternative (or as a complementary process to actually get secure)

And finally, in the enterprise security news,

1. a bit of funding with a side of layoffs
2. McDonald’s applicants are not lovin’ it
3. a WILD story about a vulnerability in the US train system
4. Meta still on the hook for $8B in privacy violations
5. What is Agentic Misalignment?
6. Using AI when coding is… slower?
7. Auth Omnibus
8. Pop some popcorn - AI acquisitions are getting crazy

All that and more, on this episode of Enterprise Security Weekly.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-416

In the rush to score AI funding dollars, a lot of startups build a basic wrapper around existing generative AI services like those offered by OpenAI and Anthropic. As a result, these services are expensive, and don't satisfy many security operations teams' privacy requirements.

This is just the tip of the iceberg when discussing the challenges of using AI to aid the SOC. In this interview, we'll dive into the challenge of finding security vendors that care about security, the need for transparency in products, the evolving shared responsibility model, and other topics related to solving security operations challenges.

In the past few weeks, I've talked to several startup founders who are running into buyers that aren’t allowed to purchase their products, even though they want them and prefer them over the competition. Why? No AI and they’re not allowed to buy.

Finally, in the enterprise security news,

1. We cover the latest funding
2. The Trustwave saga comes to a positive end
3. Android 16 could help you evade law enforcement
4. Microsoft is kicking 3rd party AV out of the kernel
5. Giving AI some personality (and honesty)
6. Log4shell canaries reveal password weirdness
7. Denmark gives citizens copyright to their own faces to fight AI
8. McDonald’s has an AI whoopsie
9. Ingram Micro has a ransomware whoopsie
10. Drama in the trailer lock industry

All that and more, on this episode of Enterprise Security Weekly.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-415