Navigating Unauthorized Site Access with ThreatLocker
Unauthorized site access remains a significant security concern for organizations. But why does this issue persist, and how can it be effectively addressed? In this episode, Rob Allen, chief product officer at ThreatLocker, discusses the core functionality of ThreatLocker's Web Control solution: blocking access to unauthorized sites without meddling with DNS servers—a common pitfall among other tools. Rob explains that the simplicity of defining where employees can and cannot access is pivotal. This approach not only helps keep users away from malicious sites but also steers them clear of non-productive ones, thereby enhancing resource allocation. Rob is joined by our panelists, TC Niedzialkowski, Head of IT & Security at Opendoor, and Sasha Pereira, CISO, WASH. Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
--------
15:12
Getting Linux Visibility with Sandfly Security
Linux is the backbone of critical infrastructure, yet it often flies under the radar when it comes to endpoint monitoring. From legacy servers to embedded systems, Linux devices are frequently unprotected, either due to operational risk, overlooked assets, or the false assumption that Linux is “secure by default.” In this episode, Craig Rowland, founder and CEO of Sandfly Security, introduces an agentless approach to EDR purpose-built for Linux systems. By operating over SSH and running rapid, randomized checks without traditional kernel hooks, Sandfly can monitor unprotected Linux endpoints, detect fileless and dormant attacks, and uncover SSH key-based lateral movement—all without tipping over sensitive systems. Joining Craig are Jerich Beason, CISO at WM, and Steve Zalewski, co-host of Defense in Depth, dive into where this solution fits in the broader Linux security conversation and why it might be the missing piece for OT and critical infrastructure teams. Huge thanks to our sponsor, Sandfly Security Sandfly delivers agentless Linux EDR that deploys instantly across all distributions and architectures - from cloud servers to embedded devices and legacy systems. Our platform detects evasive threats, monitors SSH keys, and identifies system drift without performance impacts. Comprehensive Linux security without the endpoint agent risk.
--------
18:18
Solving Patch Management with ThreatLocker
For years, patch management has been treated as a solved problem—until reality strikes. Outdated applications, portable executables, patch conflicts, and shadow software leave organizations unknowingly exposed. The tools may exist, but the process often breaks down. In this episode, Rob Allen, chief product officer at ThreatLocker, discusses why their new patch management solution goes beyond legacy approaches. With built-in patch packaging, pre-deployment testing, and granular control, the platform helps teams navigate complex environments while keeping rollback, risk tolerance, and deny-by-default strategies in play. Joining him are Mike Woods, vp of cybersecurity at GE Vernova, and Steve Zalewski, co-host of Defense in Depth. Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
--------
17:28
Beating the Bots with Kasada
Automated attacks are growing in speed and sophistication, far outpacing the human defenses most organizations rely on. Whether it’s credential stuffing, scraping, or denial-of-wallet attacks, bots can drain your resources before they even steal a cent. In this episode, Sam Crowther, founder of Kasada, discusses how their bot detection and mitigation solution flips the economics of attacks. By disrupting automated behavior at wire speed—without impacting user experience—Kasada ensures you’re doing business with real people, not fake clicks. Joining him are panelists Jimmy Sanders, president of ISSA International, and Jason Elrod, CISO at MultiCare Health System. Huge thanks to our sponsor, Kasada
--------
16:11
Containing Elevated Privileges with ThreatLocker
Managing privileged access across a sprawling IT environment remains one of cybersecurity’s toughest balancing acts. Admin privileges are often granted too broadly and retained for too long, opening dangerous pathways for lateral movement and ransomware. In this episode, Rob Allen, chief product officer at ThreatLocker, introduces their Elevation Control tool — a solution designed to help security teams remove unnecessary privileges, apply just-in-time elevation for specific apps, and restrict lateral movement, even within elevated sessions. Joining him are Mike Woods, vp of cybersecurity at GE Vernova, and Steve Zalewski, co-host of Defense in Depth. Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
What if you could get a no-nonsense look at security solutions in just 15 minutes? Security You Should Know, the latest podcast from the CISO Series, does just that.
Hosted by Rich Stroffolino, each episode brings together one security vendor and two security leaders to break down a real-world problem and the solution trying to fix it. Expect straight answers on:
How to explain the issue to your CEO
What the solution actually does (and doesn’t do)
How the pricing model works
Then, our security leaders ask the tough questions to see what sets this vendor apart.
Subscribe now and and stay ahead of the latest security solutions. Visit CISOseries.com for more details.
Security You Should Know: Connecting security solutions with security leaders.