In the enterprise news, discussing how Sysdig supports Google Cloud Run for Anthos to secure serverless workloads in production, StackRox Kubernetes Security Platform 3.0 Introduces Advanced Features and New Workflows for Configuration and Vulnerability Management, and some acquisition and funding updates from CyberCube, 1Password, Docker, WhiteSource, and more!
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode162
Reuven Harrison is the Chief Technology Officer at Tufin. Reuven brings more than 20 years of software development experience, holding two key senior developer positions at Check Point Software, as well other key positions at Capsule Technologies and ECS. He received a Bachelor's degree in Mathematics and Philosophy from Tel Aviv University.
To learn more about Tufin, visit: https://securityweekly.com/tufin Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/ESWEpisode162
This site maintains quick links for checking End Of Life dates for various tools and technologies, Mirantis' Docker Enterprise acquisition a lifeline as industry shifts to Kubernetes, Website, Know Thyself: What Code Are You Serving? because it might have a, Self-Cleaning Payment Card-Skimmer Infects E-Commerce Sites, Attackers' Costs Increasing as Businesses Focus on Security, Soft Skills: 6 Nontechnical Traits CISOs Need to Succeed, and Three Ways Developers Can Worry Less About Security.
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/ASWEpisode85
Scott Petry is the CEO of Authentic8. Scott Petry has been using the cloud to disrupt the information security market for nearly 20 years. He founded Postini in 1999, which pioneered the cloud-delivered service model for email security and content compliance. After Postini was acquired by Google, Scott remained as Director of Product Management for Google Enterprise. In 2010, he co-founded Authentic8, a secure virtual browser solution designed to address the inherent lack of security in the protocols the world uses to access the web. He graduated with a B.S. from San Diego State University.
To learn more about Authentic8, visit: https://securityweekly.com/authentic8
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/BSWEpisode152
CISOs left in compromising position as organisations tout cyber robustness, Why Your Organization Needs an Innovation Ecosystem, How businesses can accelerate innovation, The Highest Performing Teams Have These 4 Mindsets, and more!
Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode152
Verizon finds payment security declines for 2nd consecutive year, Is My PCI Compliance Good Enough to Serve as a Network Cybersecurity Audit?, Getting Prepared for New York’s Expanded Security Breach and Data Security Requirements, Virginia Builds New Model for Quantifying Cybersecurity Risk, Five Cyber Program Elements Financial Services Firms Must Cover To Stay Compliant, and more!
Visit https://www.securityweekly.com/scw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/SCWEpisode7
On SCW this week, we talk about the 2019 Verizon Payment Security Report. We discuss Why is PCI Compliance Decreasing?, why is it decreasing?, what's missing?, and what needs to change?
Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode7
Pawan Shankar is the Senior Product Marketing Manager of Sysdig. Sysdig is very excited to announce the launch of Sysdig Secure 3.0! With this release, Sysdig Secure is the industry’s first security tool to bring both threat prevention and incident response to Kubernetes.
To learn more about Sysdig, visit: https://securityweekly.com/sysdig Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode85
Payment Security Compliance Declines - 1 in 3 Companies Make the Grade, RMC Agrees to $3M HIPAA Settlement Over Mobile Device Encryption, How Emerging Technologies Are Disrupting the Banking Compliance Landscape, and much more!
Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode6
They answer questions like what is a security program and what is a compliance program?, Aren't they the same thing?, What are some differences?, Where do they overlap or how should they work together?, Do they compete for the same budget?, and more!
Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode6
Two security researchers earned $60,000 for hacking an Amazon Echo, Amazon Kindle, Embedded devices Open to Code-Execution, This App Will Tell You if Your iPhone Gets Hacked, Two New Carding Bots Threaten E-Commerce Sites, and much more!
Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode627
Bryson Bort (Founder and CEO of SCYTHE) will demonstrate how to safely simulate ransomware and a multi-staged APT with lateral movement in your production environment! How would your organization protect, detect and respond to a ransomware attack? Bryson is also announcing the availability of the SCYTHE marketplace where red teams can collaboratively build and share threats and modules to extend the SCYTHE platform while also sharing market intelligence on what enterprises are looking for in their assessments. To learn more about SCYTHE, visit: https://scythe.io/securityweekly
Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode627
As advancements have been made in technologies new surveillance tools have been designed giving those charged with protecting citizen’s additional opportunities to prevent crimes or identify those who have violated laws or policies. While innovation has introduced a variety of new platforms there remains a concern of if the implementation of them is ethical. Additionally, there are concerns that surveillance has been and continues to be unequally applied. Our guest for this segment is Dr. Kevin Harris, the Program Director for Information Systems Security and Information Technology Management at American Public University.
Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode627
Ward Cobleigh is the Sr. Product Manager at VIAVI Solutions. There's an abundance of potential data sources that can be found within you network. Where should you look? Which data sources offer unique perspectives and value? How can you use these data sources to speed threat identification, understand scope and impact, and aide in remediation steps to minimize impact? This segment will include a brief demonstration of how commonly available data sources can be effectively leveraged by SecOps and NetOps teams. Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/ESWEpisode161
Ron Ross is a Fellow at the National Institute of Standards and Technology. His focus areas include cybersecurity, systems security engineering, and risk management. Dr. Ross leads the Federal Information Security Modernization Act (FISMA) Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical infrastructure.
Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode4
Baber Amin is the CTO West at Ping Identity. Security has always been perimeter centric with an "US" vs "THEM" approach. Multiple factors are forcing a change to this design pattern, and exposing it's shortcomings. The concept of "zero trust" is really a concept of "defense in depth" applicable when our perimeters are ephemeral and fluid.
To learn more about Ping Identity, visit: https://securityweekly.com/ping
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode161
STEALTHbits releases StealthDEFEND 2.2, its real-time threat detection and response platform, Tenable to Secure Enterprise Cloud Environments with Microsoft Azure Integration, Aqua Security buys CloudSploit to expand into cloud security posture management, and much more!
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode161
What does your business need to know about the California Consumer Privacy Act (CCPA)?, California AG: No CCPA Safe Harbor for GDPR Compliance, Canada data breach tally soars since new privacy laws arrived, Marijuana Compliance and the quandary for brokers and dealers, and much more!
Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode5
Ron Ross is a Fellow at the National Institute of Standards and Technology. His focus areas include cybersecurity, systems security engineering, and risk management. Dr. Ross leads the Federal Information Security Modernization Act (FISMA) Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical infrastructure.
Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode4
Pwn2Own Tokyo Roundup: Amazon Echo, Routers, Smart TVs Fall to Hackers, Robinhood Traders Discovered a Glitch That Gave Them 'Infinite Leverage', Bugcrowd Pays Out Over $500K in Bounties in One Week, GWP-ASan: Sampling heap memory error detection in-the-wild, and much more!
Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode84
5 questions with Cisco's CISO, The CIO role, from IT operator to business strategist, Making the case for integrated risk management, Gartner's strategic tech trends for 2020: Part 1, augmenting skills, and much more!
Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode151
Mike, Matt, and John talk about security testing.
Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode84
Josh Marpet and Scott Lyons perform interviews at 2019 NACD Blue Ribbon Commission Initiative.
Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode3
Brendon Macaraeg is the Sr. Director of Product Marketing of Signal Sciences. Focus on the people, processes and tools a dev team needs to put an effective security program in place. Discuss how to improve listener's current program and tooling to develop, release secure code and proactively protect their apps in prod. Four potential key tactics or areas to cover.
To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences
Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode151
This week, we discuss part 1 on how Artificial Intelligence and Machine Learning can be used for Compliance, including:
- What is Artificial Intelligence (AI) and Machine Learning (ML)?
- What are the roles of AI/ML for Compliance?
- Example: Gaming
Visit https://www.securityweekly.com/scw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/SCWEpisode5