Virtualization Technology News and Information
Black Hat USA 2023 Q&A: FireMon Will Showcase Several Product Enhancements, Including Cloud Defense and Asset Manager


Are you getting ready for the upcoming Black Hat USA 2023 event, an internationally recognized cybersecurity event providing the most technical and relevant information security research, now in its 26th year.  The event is quickly approaching, taking place August 5-10, 2023, returning to the Mandalay Bay Convention Center in Las Vegas, NV with a 6-day program. 

Ahead of the show, VMblog received an exclusive interview with Jody Brazil, CEO and Cofounder of FireMon, a leading network security policy management company that brings visibility, control, and automation to enterprise cloud and hybrid network infrastructure.  Make sure to add them to your MUST SEE list.

firemon logo 

VMblog: Before we get into it, can you give us a quick overview of the company? What should folks know?

Jody Brazil:  FireMon's mission is to improve security operations to improve our customers' security outcomes. We deliver industry-leading security policy management, cloud security operations, and cybersecurity asset management solutions to over 1,700 enterprises in nearly 70 countries.

FireMon has been at the forefront of the security management category, delivering first-ever functionality such as firewall behavior testing, workflow integration, traffic flow analysis, and rule recertification. Our security policy management platform is the only real-time solution that reduces firewall and cloud security policy-related risks, manages policy changes, and enforces compliance.

FireMon is the only distributed cloud security operations offering that detects and responds to issues in fast-paced public cloud environments. Finally, our cloud-based Asset Discovery solution can scan an entire enterprise infrastructure, from on-premises networks to the cloud, to identify every device and network in the environment and provide valuable insights into how it's all connected.

VMblog: You are sponsoring the upcoming Black Hat USA event. How can attendees find you at the show? Does your booth have a theme? How many folks are you sending?

Brazil:  FireMon will be at Booth #1469 at the Black Hat USA 2023 event.

The company will send a team of 10 specialists to attend this year's show. They are Hailee Lansville, Talia LaVache, Sean Hatfield, Jonathan De La Cruz, Keith Brennon, Nash Nelson, Lisa Wallace, Vincent Flores, Daniel Smith, Jeremy Dickerson, and Spencer Carson.

Rich Mogull, the Senior Vice President of Cloud Security at FireMon, will also be at Black Hat, where he'll be presenting a two-day hands-on training workshop on August 5 and 6 entitled ‘Adversarial Cloud Incident Response.'

Rich focuses on leading-edge cloud security research and implementation. He joined FireMon through the acquisition of DisruptOps, a cloud security automation platform based on his research while CEO of Securosis. He has over 25 years of security experience and specializes in cloud security and DevSecOps. Before founding Securosis and DisruptOps, Rich was a Research Vice President at Gartner on the security team.

VMblog: Is this your first time sponsoring Black Hat? If not, how many times have you sponsored before? And what keeps you coming back?

Brazil:  FireMon has been sponsoring Black Hat for 15 years. Black Hat is one of the cybersecurity industry's premier events. Its mix of training and labs, workshops, briefings, keynote sessions, product demonstrations, and other interactive elements make it something that every person in the sector needs to be at.

But beyond the technology and the massive amount of information available on tap, Black Hat is about the people, the networking, and the opportunities to engage with like-minded individuals and discuss the key trends shaping the world around us. Even for us industry veterans, there's always something to learn and experience at Black Hat. And with artificial intelligence, machine learning, and the cloud becoming more integrated into the daily operations of mainstream businesses, the event provides a wonderful platform for a brand to position itself as a leader in the industry.

VMblog: What are some of the key takeaways of your solution that Black Hat attendees should be aware of?

Brazil:  Cybercrime is one of the most significant threats facing enterprises today. Environments are expanding rapidly, and cybercriminals are always looking for new ways to exploit vulnerabilities in computer systems and networks, making security hygiene a high priority for preventing attacks.

Of course, firewalls and more traditional security solutions remain an integral component of the defensive stance. But more than that, asset visibility has emerged as a critical piece of the expanding cybersecurity puzzle. It is essential to have the ability to see everything connected to a network, from servers and workstations to Shadow IT and IoT devices. Asset discovery and management entails collecting data about each device, including what it is, where it is, and what it is interconnected with.

After all, no business can effectively protect itself against cybercrime if it doesn't understand its environment and what needs to be secured. Like we always say, you cannot protect what you cannot see. If you are not equipped to properly identify, manage, and secure your new assets, they become an immediate liability.

Asset visibility has become mission-critical to having good cybersecurity hygiene. It enables a business to identify unknown assets, improve response times, ensure compliance, achieve continuous monitoring, and strengthen its security posture. Without this in place, the organization is at risk of cyberattacks that could lead to data breaches, reputational damage, and financial losses.

VMblog: The show is focused on cybersecurity. What specific problems are your company and technology addressing?

Brazil:  We know how quickly cloud adoption has grown globally in recent years. The normalization of hybrid work, the expanding endpoint footprint, the need to access data regardless of location or device, and the need to scale while still being secure and compliant with regulations that often differ significantly from country to country are all impacting how best to strengthen organizational infrastructure.

Given this context, it should hardly be surprising that misconfigurations are still a significant problem. This is only exacerbated by the increased complexity of companies' cybersecurity stance, given the need to embrace AI, machine learning, and automation. While these technologies might not necessarily be new, they have now expanded to the mainstream, where traditional businesses struggle to keep up with the speed at which change occurs.

The work FireMon has done to align with the right industry partners across the cloud is paying dividends now as we inject more robust cloud security automation capabilities into our security management platform to deliver the security operations environment of the future. Since September 2021, FireMon has introduced more than 200 product enhancements to reflect the cloud security requirements of today's digitally-driven organizations. At the heart of this lies the ethos of translating business and security outcomes into product features indispensable for enterprise continuity.

VMblog: The market is a crowded space. What is it about your company and technology that sets you apart from the competition? What are your differentiators?

Brazil:  FireMon adopts an outcomes-based approach to ensure our customers get everything they need to accomplish the tasks at hand. For us, it is about solving the most complex challenges faced by network and cloud security teams, whether this is ever-expanding firewall rules or helping overcome misconfigurations in the cloud.

The FireMon Security Manager is the only Network Security Policy Management (NSPM) solution offering robust risk management, change automation, rule lifecycle reviews, and compliance reporting in a single platform that supports devices anywhere on a network, from on-premises to the cloud. Combined with Asset Manager and Cloud Defense, organizations can utilize device discovery and Cloud Security Posture Management (CSPM) from a single vendor.

VMblog: What will you be showing off at the show this year?

Brazil:  In addition to our industry-leading security policy management and firewall security solutions, we'll showcase several product enhancements at Black Hat 2023 this year. For us, a successful cybersecurity strategy comes down to improving security outcomes and operations by having complete visibility of enterprise infrastructure in a cloud-driven world.

We encourage delegates to come to our stand and see the following exciting new products in action:
  • FireMon Cloud Defense: A real-time cloud compliance, inventory, misconfiguration, and threat detection solution, now with proactive IAM defense. It provides visibility and control over cloud infrastructure, services, and applications, allowing organizations to identify and address security risks proactively.
  • FireMon Asset Manager: This provides real-time cyber situational awareness for discovering and monitoring the entire network infrastructure, using advanced behavioral detection techniques to alert security teams when suspicious activities or compliance violations are detected. With this platform, organizations can reduce risk accurately, detect and identify assets and networks, and improve operational efficiencies to secure their environment while maintaining compliance.

Delegates can sign up for a free demo of these solutions at our booth by visiting and registering here:

VMblog: What are some of the top priorities you believe attendees at Black Hat should be considering for 2023/2024?

Brazil:  Network security has become a top priority for organizations regardless of size or industry vertical. Attackers only have to be right once, while defenders must always be right. One simple mistake can have devastating consequences, including data breaches, business disruptions, service outages, and ransomware infections.

Patching one system may be easy, but trying to patch thousands of systems makes misconfigurations possible and highly likely. Closing the complexity gap at scale requires automating network security functions to replace manual, error-prone processes, maintain regulatory and internal compliance, and reduce overall security risk. This will increase the efficiency and efficacy of security teams, drive business innovation, enable business agility, and improve the bottom line.

At FireMon, we believe deploying a network security policy management platform that automates manual functions and simplifies workflows will reduce misconfiguration errors and risk exposure and increase productivity for resource-strapped security teams. With automation, DevOps and SecOps can work in tandem to meet and maintain compliance requirements, strengthen their security posture, and keep up with the growing demands of their business.

VMblog: What are some of the security best practices you would deem critical?

Brazil:  The most common threat to business security is accidental firewall policy misconfigurations. Given the time-consuming and complex nature of manual rules and policy management of complex ground-to-cloud networks, there is a high likelihood of human error, with most breaches occurring due to this.

Centralizing and automating change management across all resources is key to preventing misconfigurations that can lead to massive breaches. Network Security Policy Management (NSPM) platforms offer centralized change management to help prevent misconfigurations and rule errors from creeping into the network.

Good policy hygiene starts at the beginning, minimizing the opportunity for error and drastically increasing the speed of security policy orchestration across the entire rule creation and change management process.

VMblog: If you were presenting on the keynote stage, what trends do you see that companies should pay special attention to in 2023 and beyond?

Brazil:  We've observed several trends over the past 12 months that will likely impact businesses especially given the growth of the cloud and the continually evolving cyber threat landscape.

Much of what's happening in the market has begun with more organizations realizing that they can't manage what they can't see. There's a reason why the cyber asset management TAM (technology asset management) is growing 50% year over year. We've noted how more decision-makers are turning to asset discovery and focusing efforts on improving their understanding of the requirements of such an approach. FireMon expects the coming months to see more enterprises using asset management and discovery solutions not as a checkbox exercise but as an integral component of an agile cybersecurity strategy.

Of course, one cannot neglect the cloud. As more cloud services are being adopted, the security ecosystem exponentially increases in its complexity. Managing compliance, maintaining inventory, tracking changes, and reducing misconfigurations while handling threats and users is a massive challenge. Organizations will use advanced tools to support cloud security operations across their decentralized cloud teams and operations.

VMblog: Does your company have any speaking slots at Black Hat? If so, can you tell us more about those sessions so people can get them on their schedules?

Brazil:  Rich Mogull, the Senior Vice President of Cloud Security at FireMon, will be presenting a two-day hands-on training workshop on August 5 and 6 entitled ‘Adversarial Cloud Incident Response,' where delegates will spend the time immersed in pragmatic techniques to detect and respond to the latest cloud attacks. His workshop will be filled with live-fire exercises and opportunities to play the adversary, where attendees will try to break into their fellow students' lab environments.

Rich will drill into how the cloud differs from traditional incident response as delegates build out the FireMon detection and response capabilities. Everything in the workshop will be enterprise-focused, addressing both multi-account/subscription and multi-cloud techniques (all primary labs are in AWS with some Azure demonstrations).

The training is designed to show attendees how to build a complete incident response capability for enterprises, from preparation to detection to response. It's based on extensive real-world experience and research, not theory. It will address the complex and practical issues people will face as they scale and smash into the more-complex cloud issues that are far from apparent in the early stages of their journey into the cloud.

VMblog: Is your company giving away any interesting tchotchke at your booth? What is it?

Brazil:  Throughout Black Hat 2023, FireMon will be having several giveaways. Part of the goodies will include pens, koozies, coloring books (serious collectibles), pens, and of course, black hats. We invite delegates to either pop in at booth #1469 or book a demo online by clicking here:


Published Friday, July 28, 2023 7:31 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<July 2023>