Info

Security Weekly Podcast Network (Video)

Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
RSS Feed Subscribe in Apple Podcasts
Security Weekly Podcast Network (Video)
2025
January


2024
December
November
October
September
August
July
June
May
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: Page 1
Jan 19, 2025

Today's data landscape is undergoing a seismic shift with increasing regulatory pressures, rapid acceleration to the cloud, and AI adoption. Join BigID's CEO and Co-Founder, Dimitri Sirota, to learn how organizations can adopt a holistic approach to their data security and compliance strategy to keep up with the revolution in data, transforming their data into a competitive advantage.

This segment is sponsored by BigID! Start protecting your sensitive data wherever your data lives at https://securityweekly.com/bigid.

Show Notes: https://securityweekly.com/esw-390

Jan 17, 2025

AIs in Love, UEFI, Fortinet, Godaddy, Juggalos, Aaran Leyland, and More. In this edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-443

Jan 17, 2025

Rob from ThreatLocker comes on the show to talk about how we can disrupt attacker techniques, including Zero Trust, privilege escalation, LOLbins, and evil virtualization. In the news we talk about security appliances and vulnerabilities, rsync vulnerabilities, Shmoocon, hacking devices, and more!

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Show Notes: https://securityweekly.com/psw-857

Jan 15, 2025

In the leadership and communications segment, New Year, New Cyber Threats: How Boards Are Stepping Up (or Not), Why CISOs should build stronger bonds with the legal function in 2025, New Managers: You Don’t Need to Know It All, and more!

Show Notes: https://securityweekly.com/bsw-378

Jan 14, 2025

Smishing, Beyond Trust, CryptoReligion, Aviatrix, Azure, Little Red Books, AI Abuse, Josh Marpet, and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-442

Jan 14, 2025

Design lessons from PyPI's Quarantine capability, effective ways for appsec to approach phishing, why fishshell is moving to Rust component by component (and why that's a good thing!), what behaviors the Cyber Trust Mark might influence, and more!

Show Notes: https://securityweekly.com/asw-313

Jan 14, 2025

There's a pernicious myth that developers don't care about security. In practice, they care about code quality. What developers don't care for is ambiguous requirements. Ixchel Ruiz shares her experience is discussing software designs, the challenges in prioritizing dev efforts, and how to help open source project maintainers with their issue backlog.

Segment resources:

Show Notes: https://securityweekly.com/asw-313

Jan 13, 2025

In this latest Enterprise Security Weekly episode, we explored some significant cybersecurity developments, starting with Veracode’s acquisition of Phylum, a company specializing in detecting malicious code in open-source libraries. The acquisition sparked speculation that it might be more about Veracode staying relevant in a rapidly evolving market rather than a strategic growth move, especially given the rising influence of AI-driven code analysis tools. We also covered One Password's acquisition of a UK-based shadow IT detection firm, raising interesting questions about their expansion into access management. Notably, the deal involved celebrity investors like Matthew McConaughey and Ashton Kutcher, suggesting a trend where Hollywood influence intersects with cybersecurity branding.

A major highlight was the Cyber Haven breach, where a compromised Chrome extension update led to stolen credentials. The attack was executed through a phishing campaign disguised as a Google policy violation warning. To their credit, Cyber Haven responded swiftly, pulling the extension within two hours and maintaining transparency throughout. This incident underscored broader concerns around the poor security of browser extensions, an issue that continues to be exploited due to lax marketplace oversight.

We also reflected on Corey Doctorow's concept of "Enshittification," critiquing platforms that prioritize profit and engagement metrics over genuine user experiences. His decision to disable vanity metrics resonated, especially considering how often engagement numbers are inflated in corporate settings. The episode wrapped with a thoughtful discussion on how CISOs can say "no" more effectively, emphasizing "yes, but" strategies and the importance of consistency. We also debated the usability frustrations of "magic links" for authentication, arguing that simpler alternatives like passkeys or multi-factor codes could offer a better balance between security and convenience.

Show Notes: https://securityweekly.com/esw-389

Jan 13, 2025

We're a fan of hacker lore and history here at Security Weekly. In fact, Paul's Security Weekly has interviewed some of the most notable (and notorious) personalities from both the business side of the industry and the hacker community.

We're very excited to share this new effort to document hacker history through in-person interviews. The series is called "Where Warlocks Stay Up Late", and is the creation of Nathan Sportsman and other folks at Praetorian. The timing is crucial, as a lot of the original hackers and tech innovators are getting older, and we've already lost a few.

References:

Show Notes: https://securityweekly.com/esw-389

Jan 12, 2025

We're thrilled to have Frank Duff on to discuss threat-informed defense. As one of the MITRE folks that helped create MITRE ATT&CK and ATT&CK evaluations, Frank has been working on how best to define and communicate attack language for many years now. The company he founded, Tidal Cyber is in a unique position to both leverage what MITRE has built with ATT&CK and help enterprises operationalize it.

Segment Resources:

Show Notes: https://securityweekly.com/esw-389

Jan 10, 2025

Bad Cameras, Robot Dogs, Ivanti, SonicWall, Banshee, Telegram, Motorola, Aaran Leyland, and More, on this edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-441

Jan 9, 2025

DNA sequencer vulnerabilities, threat actor naming conventions, new CNAs and problems, backdoors are not secrets (again), The RP2350 is hacked!, they know where your car is, treasury department hacked, what if someone hacked license plate cameras? Tenable CEO passes away, and very awkwardly, a Nessus plugin update causes problems, who needs fact-checking anyhow (And how people steal stuff and put it on Facebook), when you are breached, make sure you tell the victims how to be more secure, Salt Typhoon - still no real details other than more people were hacked and they are using the word sanctions a lot, Bitlocker bypassed again, Siri recorded you, and Apple pays, and yes, you can't print on Tuesdays!

Show Notes: https://securityweekly.com/psw-856

Jan 8, 2025

In the leadership and communications segment, The Business of Cybersecurity: The CISO’s Role in Alignment and Pervasive Governance, CISO Priorities for 2025: Budget Wisely, How Do I Position Myself to Influence Senior Leadership?, and more!

Show Notes: https://securityweekly.com/bsw-377

Jan 8, 2025

Data is the fastest growing enterprise attack surface, and is projected to surpass 181 Zettabytes in 2025. Couple data growth with the growing demands of Artificial Intelligence, and the attack surface expands even more. How should organizations adapt their security programs to safeguard their data?

Lamont Orange, Chief Information Security Officer at Cyera, joins Business Security Weekly to help you solve your biggest data security challenges. By starting with inventory and classification, data access review can help you answer your biggest data security questions, including:

  • what data you have,
  • where it's stored,
  • who, or what, can access it, and
  • which data risks exist.

Show Notes: https://securityweekly.com/bsw-377

Jan 8, 2025

Ättestupa, Moxa, Typhoons, WordPress, Likert Scales, Algol, Josh Marpet, and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-440

Jan 7, 2025

Curl removes a Rust backend, double clickjacking revives an old vuln, a new tool for working with HTTP/3, a brief reminder to verify JWT signatures, design lessons from recursion, and more!

Show Notes: https://securityweekly.com/asw-312

Jan 7, 2025

All appsec teams need quality tools and all developers benefit from appsec guidance that's focused on meaningful results. Greg Anderson shares his experience in bringing the OWASP DefectDojo project to life and maintaining its value for over a decade. He reminds us that there are tons of appsec teams with low budgets and few members that need tools to help them bring useful insights to developers.

Segment Resources:

Show Notes: https://securityweekly.com/asw-312

Jan 3, 2025

Rob Allen and Doug talk about Endpoint security and how important it is to secure your endpoints going into the new year.

Show Notes: https://securityweekly.com/vault-swn-26

Dec 31, 2024

Our old friend Russ Beauchemin and Doug talk about the future of AI and what it may mean when AI is smarter than us all.

Show Notes: https://securityweekly.com/vault-swn-25

Dec 30, 2024

Check out this episode from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on January 3, 2023.

With the current macro economic head winds, 2023 budgets are either frozen or are flat. Where should CISOs focus these limited budgets to maximize the most out of their security program? In this segment, we invite Jon Fredrickson, Chief Risk Officer at Blue Cross Blue Shield of Rhode Island, to debate what should be in your minimum viable security program.

This segment is part 2 and focuses on the minimum viable security vendors for our top 6 capabilities:

  1. Asset Management

  2. Patch Management

  3. IAM/MFA/PIM/PAM

  4. EDR/MDR/XDR

  5. Backup/Recovery

  6. Risk Management

Show Notes: https://securityweekly.com/vault-bsw-16

Dec 27, 2024

Josh Marpet and Doug talk about how Tariffs work and how you maybe should get ready for higher prices to replace equipment in the coming years if new rounds of tariffs are imposed on foreign goods and components.

Show Notes: https://securityweekly.com/vault-swn-24

Dec 25, 2024

Unraveling Cybersecurity Complexity: A Conversation with Haroon Meer

Haroon Meer, an influential figure in the world of cybersecurity, takes center stage in this podcast interview. With a deep reservoir of knowledge and a track record of tackling complex security challenges, Haroon has established himself as a key player in the InfoSec domain.

As the founder of Thinkst Applied Research, Haroon brings a wealth of practical experience to the table. Join us as we explore his professional journey, from early forays into cybersecurity to pioneering innovations that have reshaped how organizations approach security.

Haroon Meer's insights go beyond the theoretical, offering a pragmatic understanding of cybersecurity issues and solutions. Dive into the intricacies of threat landscapes, security architectures, and the evolving dynamics of cyber threats as Haroon shares his perspectives on the current state of cybersecurity.

With a focus on practicality and a knack for simplifying complex concepts, Haroon Meer's interview is a must-listen for anyone interested in the nuances of cybersecurity. Gain a deeper understanding of the challenges faced by security professionals and uncover valuable takeaways that can enhance your approach to securing digital environments.

Join us as we explore the mind of a cybersecurity luminary, unraveling the layers of InfoSec intricacies with Haroon Meer in this enlightening podcast episode.

Show Notes: https://securityweekly.com/vault-psw-14

Dec 24, 2024

Josh Marpet and Doug talk about Compliance and Privacy for about 30 minutes but it could have been a lot more.

Show Notes: https://securityweekly.com/vault-swn-23

Dec 23, 2024

Check out this episode from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on January 3, 2023.

With the current macro economic head winds, 2023 budgets are either frozen or are flat. Where should CISOs focus these limited budgets to maximize the most out of their security program? In this segment, we invite Jon Fredrickson, Chief Risk Officer at Blue Cross Blue Shield of Rhode Island, to debate what should be in your minimum viable security program. This segment is part 1 of 2 parts and focuses on the minimum viable security capabilities.

Show Notes: https://securityweekly.com/vault-bsw-15

Dec 21, 2024

As we wrap up the year, we have an honest discussion about how important security really is to the business. We discuss some of Katie's predictions for AppSec in 2025, as well as "what sucks" in security!

Show Notes: https://securityweekly.com/esw-388

1 2 3 4 5 6 7 Next » 176