Stewart Room is a Partner of PwC. Security Professionals have long understood the need to deliver security outcomes in technology and data, but is the privacy community on the same page? Data Privacy requires outcomes for matters such as data accuracy, data minimization and fair processing, as well as risks, such as portability and access. These outcomes need tech and data solutions. In this session we will examine The Journey to Code, the next evolutionary step for Data Privacy.
Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode622
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly. This show is hosted by: Jeff Man, Josh Marpet, and Scott Lyons.
Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode622
Paul Claxton is the CEO at Elite Holding, Co.. Discussing the top cyber security threats for chief operations officers and chief marketing officer/chief information security officers. With regards to the top cyber security threats, Phishing/Social Engineering, Insider Threats such as Private Contractors/Employees, and Data leakage/Information and Data Management.
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode156
In the articles, they cover Why New Leaders Should Make Decisions Slowly, The Missing Ingredient in Kraft Heinz’s Restructuring, Shift to digital business is booming, but are CEOs ignoring associated risk?, and much more!
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode145 Visit https://www.securityweekly.com/bsw for all the latest episodes!
Matt Wyckhouse is the Co Founder & CEO at Finite State. More than 15 years of experience developing advanced software to support offensive and defensive cyber operations led Matt Wyckhouse to co-found Finite State in 2017 to focus on the unique challenges of cybersecurity in the IoT era. Matt spent most of his career at Battelle, the world’s largest private R&D company, where he was the technical founder and CTO of Battelle’s Cyber Innovations Business. He will be talking about Supply chain security in the IoT era.
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode156
In the news, we discuss how ripwire unveils new version of Tripwire Connect, Infrastructure management at scale with Netshield, Five Trends Shaping the Future of Container Security, and some funding updates from BurstIQ and Kenna Security!
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode156
Threat Actors Use Percentage-Based URL Encoding to Bypass Email Gateways, Intelligent Tracking Prevention 2.3 and a discussion to Limit the length of the Referer header with some background on Browser Side Channels, Serverless Security Threats Loom as Enterprises Go Cloud Native, and much more!
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode78 Visit https://www.securityweekly.com/asw for all the latest episodes!
Jeff Costlow is the Head of Security at ExtraHop. Organizations looking to embrace the speed and flexibility of the cloud need to shift gears in security as well, moving towards a cloud-first approach that combines complete visibility with behavioral- and- rule-based threat detection. Learn how the SOC Visibility Triad pairs network detection and response with endpoint detection and response and SIEM tools in order to help you strengthen your cloud security posture.
To learn more about ExtraHop, visit: https://securityweekly.com/extrahop
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode145 Visit https://www.securityweekly.com/bsw for all the latest episodes!
Ryan Kelso is the Application Security Engineer at 10-Sec, Inc. Former developer turned application security engineer with a passion for giving back to the security community that has helped me out tremendously with getting into this field. Information disclosures traditionally aren't seen as high priority fixes, but can be pretty important in an exploitation chain. The more information provided to an attacker, the better equipped that attacker is.
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode78 Visit https://www.securityweekly.com/asw for all the latest episodes!
How a hacker took over a smart home with vulgar music and rising temperatures, a security warning for 23 million YouTube creators following a crazy hack attack, Vimeo sued for storing faceprints of people without their say-so, Selfie Android Apps push ads and can record audio, and how adopting DevOps leads to an improved security posture!
Full Show Notes: https://wiki.securityweekly.com/Episode621
Visit https://www.securityweekly.com/psw for all the latest episodes!
We interview Perry Carpenter and Chris Pritchard at DEF CON SE Village. Perry Carpenter talks about how (as someone on the autism spectrum) has used various social-engineering related skills to become extremely successful in my career. Chris Pritchard talks about the basics of Social Engineering aKa how I break into Casinos, Airports and Critical National Infrastructure.
Full Show Notes: https://wiki.securityweekly.com/Episode621
Visit https://www.securityweekly.com/psw for all the latest episodes!
We interview Billy Boatright, Edward Miro, and Jayson Street at DEF CON SE Village. Billy talks about Impostor Syndrome. Edward Miro talks about Rideshare OSINT – Car Based SE For Fun & Profit. Jayson Street talks about Hugs, SE Village, Security Awareness, and DEF CON itself.
Full Show Notes: https://wiki.securityweekly.com/Episode621
Visit https://www.securityweekly.com/psw for all the latest episodes!
Tony Meehan is the Vice President of Engineering at Endgame. Tony will be talking about building an engineering team for every stage of company growth. In the fast-paced startup world, there’s one thing you can always rely on: constant change. This makes work challenging and stimulating, but it also means recruiting can be a real challenge. How do you describe your company to prospective candidates when the work environment is constantly evolving? And how do you attract people who will be the right fit for this precise moment in your growth, but who will also continue to be a good fit in the future?
Full Show Notes: https://wiki.securityweekly.com/ES_Episode155
Visit https://www.securityweekly.com/esw for all the latest episodes!
Brian Dye is the CEO of Corelight. Brian will be discussing the Path To Threat Hunting Is Paved With Great Network Data. Tune in for a lively discussion about the role of network evidence in threat hunting and innovations our guest speaker sees in the industry from some of the world’s most sophisticated threat hunters. Brian Dye is Chief Product Officer at Corelight, provider of network security monitoring solutions from the creators of open-source Zeek (formerly Bro).
Full Show Notes: https://wiki.securityweekly.com/ES_Episode155
Visit https://www.securityweekly.com/esw for all the latest episodes!
Brian Lamoureux is a Partner at Pannone Lopes Devereaux & O'Gara LLC. Is Big Tech heading down the same road of Big Tobacco?
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode77 Visit https://www.securityweekly.com/bsw for all the latest episodes!
In the news, Akamai acquires MFA specialist KryptCo, HP acquires Bromium to enhance its security platform, Cyber Insurance firm Cowbell emerges from stealth with $3.3M in seed funding, and more. Full Show Notes: https://wiki.securityweekly.com/ES_Episode155
Visit https://www.securityweekly.com/esw for all the latest episodes!
In the leadership and communications section, Troublesome Teammates, Email challenges and how to set boundaries, Cybersecurity confidence rattled by continued investments, small results, and more!
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode144 Visit https://www.securityweekly.com/bsw for all the latest episodes!
BSIMM10 Emphasizes DevOps' Role in Software Security and the BSIMM10 report, Crowdsourced Security & the Gig Economy, Lessons learned through 15 years of SDL at work, Software eats the world, jobs double US employment growth rate, and more!
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode77 Visit https://www.securityweekly.com/asw for all the latest episodes!
Nicolas Valcárcel is the Security Engineer at AdRoll. Nicolas Developers and security professional have vastly different views of the world, so it's not uncommon that trainings created by the later don't fully reach the former. Training for developers should be made with their tools and with their view of the world in mind.
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode77 Visit https://www.securityweekly.com/asw for all the latest episodes!
In the Security News, how an iOS 13 flaw could provide access to contacts with passcode, Equifax demands more information before making payouts, confidential data of 24.3 million patients were discovered online, and a SIM Flaw that lets hackers hijack any phone by sending SMS!
Full Show Notes: https://wiki.securityweekly.com/Episode620
Visit https://www.securityweekly.com/psw for all the latest episodes!
Wes Widner is the Cloud Engineering Manager at CrowdStrike. Wes will be talking about personal voice assistants are the wave of the future. So naturally we should wonder about the unique attack vectors they pose. I'd like to discuss my research into this field and share a few tips on how you can keep yourself safe around voice assistants. Full Show Notes: https://wiki.securityweekly.com/Episode620
Visit https://www.securityweekly.com/psw for all the latest episodes!
John Strand gives a teaser about his upcoming webcast: Attacking AWS: Elastic Map to Reduce Clusters. John will talk about the intro to cloud security research.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode154
Visit https://www.securityweekly.com/esw for all the latest episodes!
Jason Lang is the Sr. Security Consultant of TrustedSec. Modern day red teaming against some of the largest company's in the US. Current passion is Ansible for red teamers (i.e. fast infrastructure buildout).
To learn more about TrustedSec, visit: https://securityweekly.com/trustedsec
Full Show Notes: https://wiki.securityweekly.com/Episode620
Visit https://www.securityweekly.com/psw for all the latest episodes!
In the Enterprise News, hundreds of laid off by Symantec as part of restructuring plan, Infection Monkey Industries first Zero Trust Assesment Tool, Shape Security eyes IPO after raising 51 million at 1 billion evaluation, Lacework secures $42 Million and adds new president, board members and customers, and FireMon announced the introduction of FireMon automation, and more!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode154
Visit https://www.securityweekly.com/esw for all the latest episodes!