We welcome Matthew McMahon, Head of Security Analytics at Salve Regina University, to talk about Medical devices, Cybersecurity and Resilience, and Cybersecurity Training!
Full Show Notes: https://wiki.securityweekly.com/Episode605
Follow us on Twitter: https://www.twitter.com/securityweekly
Corey Thuen is the Co-Founder at Gravwell. Corey covers the topics: Framework for discussion: the pillars of the SOC and the 80/20 principle, Wire data, Log/Application Data, Endpoint protection/EDR, Threat Intel, Data fusion, SOAR, and much more!
To learn more about Gravwell, visit: https://securityweekly.com/gravwell
Full Show Notes: https://wiki.securityweekly.com/ES_Episode138
Visit https://securityweekly.com/esw for all the latest episodes!
Cisco Expressway goes off path and a Cisco IOS XE vuln goes for emojis, More erosion of CPU data boundaries, RDP patches a pre-auth problem and even resuscitates a patch process for XP, Microsoft's Attack Surface Analyzer gives DevSecOps teams more data, Clear design goals for better privacy and security, and Google Security blogs that basics are best!
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode62 Follow us on Twitter: https://www.twitter.com/securityweekly
In the Leadership and Communications segment, don't let your expertise narrow your perspective, don't be blinded by your own expertise, and the smartest cities in the future of urban development!
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode129
Mike Shema and John Kinsella interview Cody Wood. Cody Wood is the AppSec Product Support Engineer at Signal Sciences.
To get involved with Signal Sciences, visit: https://securityweekly.com/signalsciences
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode62 Follow us on Twitter: https://www.twitter.com/securityweekly
We welcome Ferruh Mavituna, Founder and CEO of Netsparker! They will be discussing the discover and scan perspective of applications, how to handle in-house written applications vs. ones that are acquired, the prioritization and planning of the applications you have, and the common practice companies should be doing to focus on the top 20% of critical apps.
To get involved with Netsparker, visit: https://securityweekly.com/netsparker
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode129
In the Security News, Singapore passes an anti-fake news law, WhatsApp Vulnerability Exploited to Infect Phones with Israeli Spyware, major security issues found in Cisco routers, and Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability!
Full Show Notes: https://wiki.securityweekly.com/Episode604
Follow us on Twitter: https://www.twitter.com/securityweekly
Federico Simonetti is the CTO of Xiid Corporation. Federico comes on the show to discuss How To Fix Identity & Access Management.
Full Show Notes: https://wiki.securityweekly.com/Episode604
Follow us on Twitter: https://www.twitter.com/securityweekly
Julian Zottl is the Cyber and Information Operations SME at Raytheon. Julian joins us on the show to talk about side-channel attacks!
Full Show Notes: https://wiki.securityweekly.com/Episode604
Follow us on Twitter: https://www.twitter.com/securityweekly
Ferruh Mavituna is the Founder & Product Manager at Netsparker. Centralization vs. Decentralization of security is an interesting topic. Decentralization in web app penetration testing is popular in many large organizations because no good centralized solutions solve this problem. Instead small teams do independent or random testing, without consistency or well-defined processes. Web security automation is a better approach. If you have 100 actively developed applications across 10 different development teams, can you (and should you) centralize security testing?
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
Full Show Notes: https://wiki.securityweekly.com/ES_Episode137
Visit https://securityweekly.com/esw for all the latest episodes!
In the news, Atos launches a new unified cloud identity and access management solution, ExtraHop announces new panorama partner program, SysDig and In-Q-Tel partnership to provide U.S. government agencies with the SysDig Cloud Native VSP, and LogRhythm releases a Cloud Based NextGen SIEM platform!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode137
Visit https://securityweekly.com/esw for all the latest episodes!
In the Leadership and Communications segment, Transformational leadership style inspires 'moonshot goals', How to Deal With Information Overload, The surprising secret of success: it's not about winning, and more!
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode128
Paul will be giving a technical segment on firewalls. Paul talks about an enterprise open-source firewalls?
Full Show Notes: https://wiki.securityweekly.com/ES_Episode137
Visit https://securityweekly.com/esw for all the latest episodes!
In the Application News, Chrome constrains the cookies and Edge pushes privacy, Windows builds a sandbox for Linux, Android Q for more quarantined code with more LLVM features, Steve Singh stepping down as Docker CEO, and Verizon releases its 2019 DBIR! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode61 Follow us on Twitter: https://www.twitter.com/securityweekly
This week, we welcome Jon Fredrickson, Information Security Officer at Blue Cross & Blue Shield of Rhode Island.
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode128
This week, Derek Weeks joins us to talk about DevSecOps and Securing Software Supply Chains. Derek is the VP and DevOps Advocate at Sonatype. Derek is the world's foremost researcher on the topic of DevSecOps and securing software supply chains.
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode61 Follow us on Twitter: https://www.twitter.com/securityweekly
The top 5 mistakes that create field days for hackers, WordPress 5.2 brings new security features, a discontinued Insulin pump with security a security flaw in high demand, and how to communicate privately in the age of digital policing!
Full Show Notes: https://wiki.securityweekly.com/Episode603
Follow us on Twitter: https://www.twitter.com/securityweekly
Chris Sanders is the Founder of Applied Network Defense & Rural Technology Fund. He is also the Director of the Rural Technology Fund, a non-profit that donates scholarships and equipment to public schools to further technical education in rural and high poverty areas.
Full Show Notes: https://wiki.securityweekly.com/Episode603
Follow us on Twitter: https://www.twitter.com/securityweekly
We have a Security Industry Briefings Update, where we talk about 42Crunch, Viridium, Whitecanyon, and Eclypsium!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode136
Visit https://securityweekly.com/esw for all the latest episodes!
In the Enterprise news, Secureworks launches new cybersecurity analytics app, StackRox Kubernetes Security Platform Receives Red Hat Container Certification, SIEM Solutions Firm Exabeam Raises $75 Million, and Serverless monitoring startup Espagon expands to cover broader microservices TechCrunch, and more!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode136
Visit https://securityweekly.com/esw for all the latest episodes!
Lesley Carhart is the Principal Threat Analyst at Dragos Inc.. Lesley has been performing digital forensics and incident response on unconventional systems and advanced adversary attacks for over a decade. Lesley will be discussing her transition from IT security to OT security, DFIR in ICS - What is it like doing forensics in this environment? Firmware? Micro-code?, and much more!
Full Show Notes: https://wiki.securityweekly.com/Episode603
Follow us on Twitter: https://www.twitter.com/securityweekly
Nik Whitfield is the CEO at Panaseer. He joins us to talk about Continuous Controls Monitoring!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode136
Visit https://securityweekly.com/esw for all the latest episodes!
Firefox gives more scrutiny to add-ons but Firefox also forgot to give more scrutiny to a cert, Path traversals trampled by ransomware, Secure Software Design: The Next Frontier In Cybersecurity, Trust the Stack, Not the People, VRT adds a CAN, and MDM, parental controls, and security.
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode60
Follow us on Twitter: https://www.twitter.com/securityweekly
In the Leadership and Communications segment, How to build a startup, You Don't Have To Be Nice To Be Respected. Boeing and the Importance of Encouraging Employees to Speak Up, and more!
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode127
Sven joins us to talk about securing our applications, how confident can we be about the security of web applications, and how we can make it easier to build applications that we don't need to worry about the OWASP top 10 because of secure defaults.
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode60
Follow us on Twitter: https://www.twitter.com/securityweekly