The Cyber5 Podcast

Using Threat Intelligence Against Platform Abuse with Chief of Security at Egnyte Kris Lahiri

Episode 17 of the podcast covers different uses of threat intelligence to protect against platform abuse and application security with Kris Lahiri, Chief of Security at Egnyte.

Outline:

  • (00:45) Intro
  • (01:09) Q1: File sharing companies have a heavy attack surface not only from cyber actors trying to infiltrate their network perimeter, but also using the platform itself to store illicit information they steal. How do you defend against all these threats and how do you prioritize?
  • (09:55) Q2: As a medium size business, how do you prioritize threat intelligence that shows vulnerabilities against your tech stack?
  • (14:37) Q3: There’s been a lot of talk about the shared responsibility model, particularly after the Capital One incident, what are your thoughts on shared responsibility? What is Egnyte responsible for and what are your clients responsible for in regards to security?
  • (20:18) Q4: Does attribution matter? If so, no organization is going to be able to devote resources to attributing all attempted threat activity, where do you draw the line? Which types of attacks or actors are you willing to make that investment on and why?
  • (23:33) Q5: Many say that modern day application development does not take into consideration or prioritize security controls. What approach and strategy did you take to bake in security controls when building Egnyte?

Episode 17 | July 30, 2020

Adversary Research
Discovering the methods, motives and identity of threat actors to disrupt attacks 
Reputation Defense
Technical guidance for countering disinformation and slanderous attacks 
Trust & Safety
Intelligence to secure business operations and defend against fraud, abuse and e-crime 
TPRM Exposure
Adversary-centric intelligence to address supplier, M&A and investment risks 
Outside Intel
Research for defending outside the firewall that leverages tier 3 intelligence programs 
Executive Shield
Assessment of threats to key personnel with attribution and PII takedown  
Adversary Insights Retainer℠
Annual retainers for client-driven inquiries and rapid-response research 
Intelligence Team as a Service
Collaborative engagement providing robust intelligence and tier 3 cyber analysts  
Event-Driven Intel Investigations
Multidimensional security fact-finding that delivers insights into adversary behavior 
On Demand Threat Research
Proactive and preventative investigations that reveal threat actor context and risk correlations 
Investment Zero Touch Diligence℠
Project-based discovery to assess risk for investments, IPO, Mergers and Acquisitions 
TPRM Zero Touch Diligence℠
Subscription assessment of external network hygiene, key personnel, and non-traditional business risks