In this week's enterprise security news,
- Lots of funding announcements as we approach RSA
- New products
- The M-Trends also rudely dropped their report the same day as Verizon
- Supply chain threats
- Windows Recall is making another attempt
- MCP server challenges
- Non-human identities
- A startup post mortem
- Remember that Zoom outage a week or two ago? The cause is VERY interesting
All that and more, on this episode of Enterprise Security Weekly.
Security Weekly listeners save $100 on their RSAC Conference 2025 Full Conference Pass! RSA Conference will take place April 28 to May 1 in San Francisco and on demand. To register using our discount code, please visit securityweekly.com/rsac25 and use the code 5U5SECWEEKLY! We hope to see you there!
Adrian Sanabria
- FUNDING: Courtesy of the Security, Funded newsletter, issue #190 – Sparkling Risk Management
Last week's vibe check asked, "what's the most effective way a security leader can build influence internally?"
The overwhelming choice was "cross-team relationships", followed by "tie security to revenue".
The funding announcements are really starting to flow, with RSA arriving next week!
- Chainguard raises a $356M Series D, led by Kleiner Perkins and IVP, to provide secure containers.
- Endor Labs raises $93M led by DFJ Growth, to secure AI-generated code.
- ExaForce, a "US-based multi-modal AI agent security operations platform", raised a $75M series A
- Virtue AI, a United States-based AI model security platform, raised a $23.0M Series A from Lightspeed Venture Partners and Walden Catalyst Ventures and a $7.0M Seed from Factory.
- Scamnetic receives $13M series A, led by Roo Capital to detect scams
- ACQUISITIONS: Checkr Acquires Truework to Expand Consumer Verifications
- NEW PRODUCTS: Talkback – an interesting new cybersecurity news aggregator
- NEW FEATURES: Announcing the Agent2Agent Protocol (A2A)- Google Developers Blog
- REPORTS: M-Trends 2025: Data, Insights, and Recommendations From the Frontlines
Sorry M-Trends, I've been prioritizing reading the Verizon DBIR over you.
- SUPPLY CHAIN: Official NPM package infected with crypto stealing backdoor
- ANALYSIS: Earth Day 2025: How GREEN is your Cybersecurity Automation?
A clearly biased, but very interesting analysis of the power used with traditional SOC automation techniques vs LLM-based approaches.
- ANALYSIS: Kevin Beaumont goes deep on Windows Recall
- ANALYSIS: A great piece from Gunnar Peterson on the difficulties of authentication when using MCP
- ANALYSIS: Non-Human Identities (NHIs) & Generative AI: Real-World Attack Scenarios and Best Practices
Some great reporting on potential threats - this is a must have for anyone adding GenAI to their risk register or threat modeling processes.
- AI RESOURCES: RealHarm Data Set
- POST MORTEM: Closing Myrror — Part I: Intro
Never heard of them. I imagine this happens more often than we realize.
- RESILIENCE: Issue with multiple Zoom Services
Cyber resilience is tricky for everyone. Even Zoom's DNS records.
Katie Teitler-Santullo
- STANDARDS: EU CVE Database Announced and Live
Adrian's thoughts: The drama around the US CVE program that is managed by MITRE and was in danger of being defunded last week has set some things in motion that don't look like they'll stop now that funding has been secured.
Much like the controversial US tariffs, creating uncertainty erodes trust. The impact of the tariffs likely has an effect here as well. The rest of the world is increasingly unsure about depending on the US for anything critical, as international programs continue to get defunded and shut down.
The concern here for cybersecurity professionals is that, if CVE gets fragmented, vulnerability management could become more difficult and time consuming than it already is.
