Captain's Log, Stardate 2021.04.23

April 23, 2021 | IN Blog, Cyber Asset Visibility and Management | Mark Miller BY Mark Miller

Captain's Log, Stardate is an ongoing series, published every Friday, highlighting interesting cyber news from the past week. To continue the discussion on any of these topics, join us on Slack

J1_Ambassador Hunter @2x

Who's Responsible for Protecting our Digital Assets of the Future | Smarter Markets Podcast
Michelle Dennedy sits down with “Cybersecurity Strategist of the Year” Caroline Wong, Chief Strategy Officer at Cobalt, to examine the question “Who is responsible for protecting our digital assets of the future?” Podcast transcription available.

They Hacked McDonald's Ice Cream Machines - and Started a Cold War | Wired
Andy Greenberg is one of our favorite journalists. In this long form article, Andy tells the story of how Jeremy O’Sullivan and Melissa Nelson discovered a "secret" menu in the McDonald's ice cream machine, and how they created a solution for making it more visible, much to the consternation of McDonald's.

Value stream mapping for DevOps | Marc Hornbeek
This slide deck explains a simple approach to conduct value stream mapping for DevOps value streams. Easy to use templates are provided. An example is included, which shows the dramatic effect that using containers and Kubernetes had on the value stream for a business application.

Backdoored developer tool that stole credentials escaped notice for 3 months | ars technica
A publicly available software development tool contained malicious code that stole the authentication credentials that apps need to access sensitive resources. It's the latest revelation of a supply chain attack that has the potential to backdoor the networks of countless organizations. Story by Dan Goodin.

Podcast: The Cyber Defense Matrix | JupiterOne
The Cyber Defense Matrix is a structured framework that allows a company to understand who their vendors are, what they do, how they work along side one another, what problem they profess to solve, and ultimately to find gaps in the company’s portfolio of capabilities. That's the way it started, anyway. We talk with Sounil Yu, creator of the matrix, to hear how the project is going, what his plans are for the future of the matrix, and what help he can use from the community for expanding its usefulness.