Securing endpoints is a persistent challenge, especially in a hybrid working environment. The human factor is an unavoidable element with endpoint security, which means you have to be ready for a lot of unexpected behavior. Centrally managed policies for endpoints can only enhance security if they don’t compromise the flexibility the business needs.

In this episode, Rob Allen, chief product officer at ThreatLocker, discusses how their Network Control solution offers a endpoint-based firewall to protect these devices. Rob is joined by our panelists, Janet Heins, CISO at ChenMed, and Shaun Marion, vp, CSO at Xcel Energy.

Got feedback? Join the conversation on LinkedIn.

Huge thanks to our sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

Customer security reviews often miss their mark, leaving organizations scrambling to compensate with extensive questionnaires that divert attention away from genuine risk management. The inconsistency of these processes and the lack of clear authority or visibility contribute to prolonged timelines and increased frustration. So, how can companies maintain trust without drowning in the complex processes that come with these reviews?

In this episode, Chris Gomes, head of product at Conveyor, discusses how they automate the response to security questionnaires and focus on relieving the burden on customer trust offices overwhelmed by extensive review processes. Chris is joined by our panelists, Steve Gentry, advisor at Cognate Cyber, and Eduardo Ortiz-Romeu, vp, global head of cybersecurity at Techtronic Industries.

Huge thanks to our sponsor, Conveyor

Conveyor’s AI Agent, Sue, automates the entire security review process by handling every customer request for security documents and answering security questionnaires. She also coordinates every step in-between like tagging SMEs, updating tickets, and collaborating with other teams so you do less busywork and your deals close faster. Learn more at Conveyor.com.

We hear all the time that identity is the new perimeter. If we place that much importance on identity, then compromised credentials can give away the keys to the kingdom. In an environment where hybrid infrastructures introduce visibility challenges, the need for advanced monitoring techniques for identities becomes clear.

In this episode, Paul Nguyen, co-founder and co-CEO at Permiso Security, discusses how Permiso enables organizations to fortify their defenses against insider threats and malicious actors. Paul is joined by our panelists, Trina Ford, CISO of iHeartMedia, and Eduardo Ortiz-Romeu, vp, global head of cybersecurity at Techtronic Industries.

Huge thanks to our sponsor, Permiso Security

Protect all identities with comprehensive security against credential compromise, account takeover, and insider risks. Our solution provides unified visibility across authentication boundaries, eliminating fragmented cloud security. Learn more at Permiso.io

Managing application control amid increasing ransomware threats while not impeding business flow remains a challenge. Organizations need a layered defense to bolster their security posture without overinvesting in overlapping tooling.

In this episode, Rob Allen, chief product officer at ThreatLocker, discusses how their deny-by-default approach to application control helps simplify this persistent challenge. Rob is joined by our panelists, Janet Heins, CISO at ChenMed, and Shaun Marion, vp, CSO at Xcel Energy.

Huge thanks to our sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

The tendency to focus on merely checking boxes to achieve compliance can lead to superficial solutions that may not effectively reduce operational risk. A strategic pivot towards ensuring compliance through holistic security measures is key; long-term, it demands less effort and provides more substantial protection.

In this episode, Craig Unger, founder and CEO of HyperProof, discusses the company‘s efforts to help companies achieve compliance and manage third-party risks. Craig is joined by our panelists, Trina Ford, CISO of iHeartMedia, and former CISO TC Niedzialkowski

Huge thanks to our sponsor, Hyperproof

Take control of your compliance and risk management with Hyperproof. Simplify audits, automate workflows, and gain complete visibility into your security posture. Trusted by industry leaders, Hyperproof empowers your team to mitigate risks and boost productivity. See it in action—get a demo today!

 

SaaS visibility remains a mixed bag. Within company sanctioned tools we have visibility. But when it comes to visibility across tools, we struggle. And don't forget all of the SaaS apps your employees use that you don't know about. How do you start to address that SaaS visibility gap?

In this episode, Russell Spitler, co-founder and CEO of Nudge Security, discusses how using email as the foundation for SaaS visibility makes the whole situation much easier to manage. Russell is joined by our panelists, Steve Zalewski, co-host of Defense in Depth, and Nick Espinosa, host of the nationally syndicated Deep Dive Radio Show.

Huge thanks to our sponsor, Nudge Security

Nudge Security solves the identity security, IT governance, and third-party risk challenges resulting from SaaS sprawl and GenAI use. With complete SaaS discovery on Day One and automated IT governance workflows, customers can eliminate blind spots, harden security posture, and mitigate supply chain risks without slowing down the business. Learn more at NudgeSecurity.com.

Open source is a bedrock of modern enterprise software. But support for various components is all over the place. The ecosystem doesn't have the right incentives in place, leading to end-of-life security issues many organizations aren't ready to address. When community support for open-source components dries up over time, what is your recourse?

In this episode, Aaron Frost, founder and CEO, HeroDevs, discusses how HeroDevs is addressing this problem by providing secure, drop-in replacements to give enterprises the time they need to safely transition to supported software. Aaron is joined by our panelists, DJ Schleen, head of security, Boats Group, and Russ Ayres, deputy CISO & head of cyber, Equifax.

Huge thanks to our sponsor, HeroDevs

Outdated software puts your security at risk. HeroDevs' Never-Ending Support ensures your legacy systems stay secure, compliant, and functional. Proactively protect against vulnerabilities in unsupported frameworks like Spring or AngularJS. Don’t let end-of-life open-source software be your weak link—secure your stack today with HeroDevs.

The velocity of innovation necessitates an agile approach to infrastructure management, which often leads to complexity and, consequently, vulnerabilities. Organizations are in a relentless race to identify and prioritize security gaps, but how can we effectively manage and mitigate these risks?

In this episode, Jay Mar-Tang, field CISO at Pentera, discusses how Pentara blends the efficiency of automation with insightful human judgment to addresses the gaps in traditional security processes while enhancing effectiveness and response times. Jay is joined by our panelists, Keith McCartney, vp, security and IT, DNAnexus, and Nick Espinosa, host of the nationally syndicated Deep Dive Radio Show.

Huge thanks to our sponsor, Pentera

Pentera, established in 2015, leads the charge in Automated Security Validation. We empower organizations to pinpoint their true security gaps and prioritize based on true exposure, providing a strong defense against cyber threats. Trusted by thousands worldwide, Pentera offers security posture, clarity and precise guidance for remediation.

The sheer volume of security alerts and data being generated by various sources like firewalls, servers, and endpoint devices is daunting. The challenge lies in sifting through this vast amount of information to identify genuine threats without throwing manual effort at it. Traditional security logs merely tell us what happened but do not provide insights on what's happening now. The demand is for more actionable intelligence that focuses on different, more relevant data types rather than just more data.

In this episode, Subo Guha, chief product officer at Stellar Cyber, discusses the company's efforts to turn raw security alerts and IT data into actionable intelligence at scale. Subo is joined by our panelists, Nick Espinosa, host of the nationally syndicated Deep Dive Radio Show, and Steve Zalewski, co-host of Defense in Depth.

Huge thanks to our sponsor, Stellar Cyber

Understanding and mitigating insider risk has taken a front seat in organizational security strategies. What once was a niche concern, we’re seeing significant escalation in insider threats, particularly from nation-state actors, with insiders becoming victims of coercion or identity theft.

In this episode, Mohan Koo, president & co-founder, DTEX Systems, explains why understanding human behavior, continuous data tracking, and proactive collaborations are key components in staying ahead of evolving risks. Joining Mohan in this discussion are Janet Heins, CISO, ChenMed, and Bethany De Lude, CISO emeritus.

Huge thanks to our sponsor, DTEX Systems

As the trusted leader in insider risk management, DTEX stops insider threats and prevents data loss. By combining data loss prevention, user and entity behavior analytics, and user activity monitoring in a single platform, DTEX proactively identifies malicious and non-malicious behavior, without sacrificing privacy or network performance.

The fragmentation and vast amount of data generated from enterprise tools create a convoluted landscape for cybersecurity professionals to navigate. This complexity is exacerbated in large companies with dynamic environments, where innovation and growth must be balanced with the ever-present need for security.

In this episode, Piyush Sharrma, CEO and co-founder at Tuskira discusses what the company is doing to unify security tools and validate defenses in this sea of data. Piyush is joined by our panelists, Mike Woods, vp, cybersecurity, GE Vernova, and Keith McCartney, vp, security and IT, DNAnexus.

Huge thanks to our sponsor, Tuskira

Tuskira simplifies cybersecurity by unifying data from 150+ tools into a proactive, AI-driven security mesh. Resolve operational complexity by aligning defenses like EDRs, WAFs, & more with real-world vulnerabilities. Accelerate response times with automated exploit validation & risk mitigation. Stop patching noise and start focusing on the threats that truly matter.