Info

Paul's Security Weekly TV

Security news, interviews, how-to technical segments. For security professionals by security professionals. We Hack Naked.
RSS Feed Subscribe in Apple Podcasts
Paul's Security Weekly TV
2022
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: 2021
Jul 16, 2021

In the Enterprise News, Contrast Security partners with Secure Code Warrior, Bandura releases the Cyber Intelligence Marketplace, Illumio beefs up zero-trust security with automated policy enforcement, Rapid7 Launches InsightCloudSec to Automate Continuous Security and Compliance, Leaked email shows Tanium just lost its fourth chief marketing officers in five years, Bitdefender launches eXtended EDR platform, ThycoticCentrify Releases a new version of Server Suite, Outpost24 acquires threat intelligence solution Blueliv, Microsoft acquires RiskIQ, Cybereason raises $275 million led by Steven Mnuchin's VC fund, and Arctic Wolf triples valuation and raises an additional $150m!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw234

Jul 15, 2021

Gas South and Extrahop have partnered to give Gas South visibility in areas of the network that are normally invisible or dark to the regular network team.

To learn more about ExtraHop, visit: https://securityweekly.com/extrahop

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw234

Jul 15, 2021

We'll start with a brief discussion of what HIPAA and is not (e.g., it's doesn't prevent your employer from ask you about your health). Then discuss recent developments like ongoing how ransomware attacks are targeting healthcare and, when successful, are reportable breaches; and the recent final rule on interoperability and information blocking that went into effect on April 5th.

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw79

Jul 14, 2021

We'll start with a brief discussion of what HIPAA and is not (e.g., it's doesn't prevent your employer from ask you about your health). Then discuss recent developments like ongoing how ransomware attacks are targeting healthcare and, when successful, are reportable breaches; and the recent final rule on interoperability and information blocking that went into effect on April 5th.

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw79

 

Jul 14, 2021

Every day brings news of more breaches and ransomware attacks. Why are organizations failing to protect themselves, and what can we do to combat these cybersecurity threats? Technological advances, such as XDR and AI-driven threat monitoring, offer a way to thwart attackers in an ever-evolving security landscape.

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw223

Jul 13, 2021

In the Leadership and Communications section, 3 Things Every CISO Wishes You Understood, What is the BISO role and is it necessary?, Cyber insurance costs up by a third, and more!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw223

Jul 13, 2021

The truth is, most web app and API security tools were designed for a very different era. A time before developers and security practitioners worked together, before applications were globally distributed and API-based. But attackers are developers too, and they aren’t bogged down by the limitations of legacy solutions. It’s never been more clear that it’s time for a change. Sean will outline new rules for web application and API security that respect the way modern applications are built.

https://www.fastly.com/blog/the-new-rules-for-web-application-and-api-security

 

This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw157

 

Jul 13, 2021

In the AppSec news, a password manager makes predictable mistakes, Trusted Types terminate DOM XSS, waking up from PrintNightmare, understanding hardware fault injections.

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw157

Jul 4, 2021

This week in the Security News: LinkedIn breach exposes user data, Why MTTR is Bad for SecOps, 3 Things Every CISO Wishes You Understood, USA as a Cyber Power, is ignorance bliss for hackers, flaws let you hack an ATM by waving your phone, PrintNightmare, Bitcoins from Banks and more!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw701

Jul 3, 2021

80% of SIM-Swap attacks are successful. This could lead to greater financial loss and loss of social status since this is where hackers latch onto. The statistics are true and spreading like a wildfire.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw701

Jul 3, 2021

Deep dive on the data broker industry, and how new threats are stemming from the widespread availability of employee/personal information publicly for sale at data broker websites.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw701

Jul 2, 2021

Threat hunters are under increased pressure to rapidly analyze, classify, detect and respond to malicious files. ReversingLabs is stepping forward to address these needs with its new Malware Lab Solution. The ReversingLabs Malware Lab solution powers the next generation of threat hunting by delivering a unique combination of static and dynamic analysis capabilities at scale to identify malicious files including those in the software supply chain.

This segment is sponsored by Reversing Labs. Visit https://securityweekly.com/ReversingLabs to learn more about them!

 

The development life cycle as we know it is rapidly changing, and today’s AppSec testing needs to keep up with shorter and faster processes. A shift-left approach is no longer enough to protect web assets - you need much more dynamic tools and ways of working.

This segment is sponsored by Detectify. Visit https://securityweekly.com/detectify to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw233

Jul 2, 2021

This week, In the Enterprise News, Atos launches thinkAI, AWS welcomes Wickr to the team, U.S. DoD approves two (ISC)² certifications as requirements for staff, JFrog to acquire Vdoo, & more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw233

Jul 1, 2021

More than 96% of software development projects fail across the globe because too many businesses rely on the legacy DevOps process which allows us to run security testing right before going to production. Using the legacy DevOps can lead to a downfall of the project management triangle (Budget, Scope, and Time). However, with more efficient use of dynamic application security testing tools (DAST) in every single stage/sprint, the legacy DevOps can be transformed into DevSecOps, in turn preventing our projects from failing.

 

This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw233

Jul 1, 2021

We will review how synthetics are being utilized to perpetrate pandemic related frauds in the Payroll Protection Program and Unemployment Insurance. An overview of the government programs will take place with the controls that were in place, how they were compromised, by who and what you can do to remediate risk.

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw78

Jun 30, 2021

We will review how synthetics are being utilized to perpetrate pandemic related frauds in the Payroll Protection Program and Unemployment Insurance. An overview of the government programs will take place with the controls that were in place, how they were compromised, by who and what you can do to remediate risk.

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw78

Jun 30, 2021

In the Leadership and Communications section: Cybersecurity today requires greater digital and business understanding, 12 skills business continuity managers need to succeed, SOC burnout is real: 3 preventative steps every CISO must take, and more!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw222

Jun 29, 2021

For the private sector and government alike, 2021 is proving to be a year of transition and refocused activity. A year of hybrid activity - from cyber threats to IT approaches.

Segment Resources:

https://www.fortinet.com/blog

 

This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw222

Jun 29, 2021

This week in the AppSec News: Visual Studio Code's Workplace Trust, Injured Android an insecure mobile app, Microsoft accidentally signed driver with rootkits, The NSA funds a new sister Matrix to ATT&CK: D3FEND, & "Ransomware: maybe it's you, not them?", and more!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw156

Jun 28, 2021

In this segment with Clint Gibler, learn:

* Why secure defaults are higher ROI than finding vulnerabilities

* How modern AppSec teams are working with their engineering counterparts

* Targeting vulnerability classes, avoiding bug whack-a-mole

* The latest innovations in lightweight static analysis

Segment Resources:

https://semgrep.dev/

https://github.com/returntocorp/semgrep

https://github.com/returntocorp/semgrep-rules

2020 GlobalAppSec SF https://docs.google.com/presentation/d/14PjOViz2dE6iToOyoFk_BQ_RUfkEHGX-celIiybDQZA/edit

https://tldrsec.com/

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw156

Jun 27, 2021

In the Security News for this week Paul and the crew talk: Windows 11, Drive-by RCE, Cookies for sale, McAfee has passed away, 30 Million Dell Devices at risk, & more!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw700

Jun 26, 2021

Brief history and purpose of the CFAA. Discussion of the majority and dissenting "Van Buren" opinion. Implications for the computer forensic and security profession.

Segment Resources: https://www.supremecourt.gov/opinions/20pdf/19-783_k53l.pdf

Prosecuting Computer Crimes DOJ,: https://www.justice.gov/sites/default/files/criminal-ccips/legacy/2015/01/14/ccmanual.pdf

"Computer Crime and Intellectual Property Section DOJ": https://www.justice.gov/criminal-ccips/ccips-documents-and-reports

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw700

Jun 26, 2021

Offensive Security expert Jim O'Gorman talks through his own career progression and training, revealing what it takes to be successful in infosec. He also covers key learning tracks and gives concrete examples of job roles available to those who prove themselves through industry certifications and other means.

 

This segment is sponsored by Offensive Security. Visit https://securityweekly.com/offSec to learn more about them!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw700

Jun 25, 2021

This week In the Enterprise News: Smoothwall Acquires eSafe Global, LookingGlass Cyber Announces Acquisition of AlphaWave, Vectra Launches Detect for AWS, SentinelOne announces IPO, & Building a Better Internet with Code BGP, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw232

Jun 25, 2021

Security is a shared responsibility, but teams need to know what’s really going on in production with their web apps and APIs, as it’s happening, in order to achieve the reliable security that companies crave. In this podcast, Brendon Macaraeg will focus on the mission-critical need for real-time visibility. As many teams no longer work in the same room side by side, the role visibility plays today — and will continue to play in the future — can no longer be ignored. And it’s not just a shift toward distributed work that’s creating this increased need for information: while security teams may have more application security tools than ever before, very few of them will actually provide visibility into the important decisions they need to make, like which alerts to triage or which APIs are being targeted. Brendon will discuss why companies need to quickly move past legacy technologies that have limited visibility, to instead more active observability tools that provide real insights to act upon — allowing developers and IT security teams to collaborate in real time.

 

This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw232

1 « Previous 8 9 10 11 12 13 14 Next » 21