Info

Security Weekly Podcast Network (Video)

This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
RSS Feed Subscribe in Apple Podcasts
Security Weekly Podcast Network (Video)
2024
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: 2021
May 20, 2021

The Enterprise Security Weekly crew summarizes all the news from RSA Conference 2021, including product announcement, acquisitions, funding, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw228

May 20, 2021

The perimeter is dissolving. Employees are using any device from any location for work. With limited visibility from our traditional networking and endpoint security controls, how do we protect our data? John Masserini, Global Chief Information Security Officer at Millicom (Tigo) Telecommunications, joins us to discuss the fundamentals of an identity strategy, including identity and access management, single sign-on, multi-factor authentication, and privileged access.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw228

May 19, 2021

What is top of mind for CISOs in a year where cyber threats are getting sophisticated? Cross platform and cross domain visibility across LAN, WAN, Cloud, and Edge. Jonathan Nguyen-Duy, Vice President, Field CISO Team at Fortinet, shares his insights from other CISOs and the need for a unified security fabric.

This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw217

May 19, 2021

Data is the lifeblood of business, but now lives in more places than ever before (data centers, endpoints of remote workers, in multiple clouds, and SaaS applications), is time-consuming to manage, and is under daily attack from cybercriminals and clumsy employees. To address these challenges, IT pros need a solution that can address all workloads, provides end-to-end protection against cybercrime and human error, injects automation and artificial intelligence to simplify complex system, and empowers teams to work on more important projects that move their organization forward. This segment is sponsored by Unitrends.

Visit https://securityweekly.com/unitrends to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw217

May 18, 2021

Web applications are highly dependent on third party content and JavaScript. This creates a significant set of vulnerabilities that attackers are exploiting. How do you prevent a Solarwinds type hack on your website?

Segment Resources:

https://go.talasecurity.io/blog/data-in-the-browser-is-data-at-risk

https://www.talasecurity.io/protect/#how

https://go.talasecurity.io/blog/how-i-hacked-your-website

 

This segment is sponsored by Tala Security. Visit https://securityweekly.com/talasecurity to learn more about them!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw151

May 18, 2021

CNCF releases a whitepaper on supply chain security, Frag attacks against WiFi devices, security webhooks, trusting terraform plans, shared credentials and app access, complexity vs. security vs. design.

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw151

May 16, 2021

This week in the Security News: President Biden issues a 34-page executive order on Cybersecurity, Did you hear about the pipeline hack?, New/Old Wifi vulnerabilities, get this Apple didn't want to talk about a malware attack that exposed users, fake Amazon review database, why ad-hoc scanning is not enough, distroless linux, wormable windows bug, codered 2.0 perhaps?, and the cryptowars continue!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw694

May 15, 2021

Learn how to use Amass to collect information about your Internet exposed assets. We'll cover usage of the configuration file (heavily), then put it altogether by integrating Nmap and a screenshot tool called Eyewitness.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw694

May 15, 2021

"I hack naked" - Not my best choice of a phrase to use with a prospective client though, now that it is done, might as well go through with this terrible idea... This is the story of a kick-off call I had early in my career that revealed a truth that changed the way I present myself in professional settings.

 

Segment Resources:

https://youtube.com/alexchaveriat

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw694

May 14, 2021

This week in the Enterprise News: XM Cyber Announces Integration with Palo Alto Network's Cortex XSOAR, API Security Lessons Learned, Cycode Raises $20 Million, HelpSystems Acquires Beyond Security, Accurics Terrascan integrates with the Argo Project, Cequence Security API Sentinel 2.0, Seclore Security24 protects sensitive data, Who’s Really Behind the Colonial Pipeline Cyberattack?, Forcepoint acquires Cyberinc, Sophos launches industry’s only XDR solution for endpoint, server, firewall and email security?, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw227

May 14, 2021

Cyberattackers have not been slowed down by the worldwide pandemic. Phishing, cryptojacking, and trojans all continue to dominate the cybersecurity threat charts. It’s critical to know what security issues are most likely to crop up within your organization and their potential impacts. The challenge is that the most active threats change over time as the prevalence of different attacks ebb and flows. Register to learn about key threat trends facing businesses like yours in 2021. We’ll be joined by Data Scientist, Austin McBride, and Security Researcher, Artsiom Holub. We’ll tackle tough questions and take a deeper dive into recent threats to help you craft a strategy that helps you investigate threats, simplify operations, and scale security.

 

This segment is sponsored by Cisco Umbrella. Visit https://securityweekly.com/ciscoumbrella to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw227

May 13, 2021

What lessons can others still learn from the attack on the Florida water treatment facility? How does this incident shine a light on cybersecurity risks associated with the convergence of OT and IT? And what can be done to mitigate these risks?

Segment Resources:

https://newsroom.nccgroup.com/news/insight-florida-citys-water-supply-attack-420952

https://www.cnn.com/2021/02/13/us/florida-hack-remote-access/index.html

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw227

May 13, 2021

A flurry of legislative and legal activity is re-shaping the way privacy and cybersecurity professionals conduct business. As a result, in addition to actually carrying out their protection responsibilities, professionals charged with protecting private and confidential data must be also be constantly aware of these evolving regulatory and legal obligations.

Segment Resources: https://www.otterbourg.com/assets/htmldocuments/Protecting%20Privilege%20in%20Cyberspace%20New%20York%20State%20Bar%20Association%20Erik%20Weinick%20March%202021.pdf

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw73

 

May 12, 2021

A flurry of legislative and legal activity is re-shaping the way privacy and cybersecurity professionals conduct business. As a result, in addition to actually carrying out their protection responsibilities, professionals charged with protecting private and confidential data must be also be constantly aware of these evolving regulatory and legal obligations.

Segment Resources: https://www.otterbourg.com/assets/htmldocuments/Protecting%20Privilege%20in%20Cyberspace%20New%20York%20State%20Bar%20Association%20Erik%20Weinick%20March%202021.pdf

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw73

May 12, 2021

In the Leadership and Communications section, 6 ways to spur cybersecurity board engagement, 5 key qualities of successful CISOs, and how to develop them, 4 Actions Transformational Leaders Take, and more!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw216

May 11, 2021

The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities, as shown in the latest Acunetix by Invicti Web Application Vulnerability Report. In this segment, Ryan will discuss the main results, the trends that might have caused them, and advise how you can protect your organization against vulnerabillties that can negatively impact your business.

Segment Resources:

The Invicti AppSec Indicator, Spring 2021 Edition: Acunetix Web Vulnerability Report https://www.acunetix.com/white-papers/acunetix-web-application-vulnerability-report-2021/

This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw216

May 11, 2021

This Week in the AppSec News, Mike and John talk: "Find My threat model" with AirTags, Qualcomm modem vuln hits lots of Android, an Exim update patches lots of vulns, measuring hardened binaries, a maturity model for k8s, & more!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw150

May 10, 2021

While the vision for app security is relatively clear, executing on that vision is still somewhat of a work in progress. Fast-moving, interdependent pieces—custom code and open source packages, infrastructure and network configurations, user entitlements—make for complex systems. In this episode, we discuss the challenge in addressing each piece independently and consider how consolidated, multi-purpose tools may present an emerging solution.

 

This segment is sponsored by Prisma Cloud/ Palo Alto Networks. Visit https://securityweekly.com/prismacloud to learn more about them!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw150

May 9, 2021

This week in the Security Weekly News the crew talks: Pingback is back, was it ever really gone?, damn QNAP ransomeware, anti-anti-porn software, Qualcomm vulnerabilities, spreading pandas on Discord, the always popular Chinese APTs, exploits you should be concerned about, job expectations, westeal your crypto currency, quick and dirty python (without lists), new spectre attacks, Github says don't post evil malware and more!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw693

May 8, 2021

US Congressman Jim Langevin joins to talk about Executive Orders, International Interest in Cyber, & more in this gripping interview!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw693

May 8, 2021

Risk-based vulnerability management is more than just a vulnerability scan or assessment. It incorporates relevant risk context and analysis to prioritize the vulnerabilities that pose the greatest risk to your organization This segment will explore the elements of a successful vulnerability management program and impactful ways to build upon your foundation.

 

Segment Resources:

https://www.coresecurity.com/blog/how-mature-your-vulnerability-management-program

https://www.coresecurity.com/blog/when-use-pen-test-and-when-use-vulnerability-scan

https://www.digitaldefense.com/blog/infographic-risk-based-vulnerability-management/

 

This segment is sponsored by Core Security, A Help Systems Company. Visit https://securityweekly.com/coresecurity to learn more about them!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw693

May 7, 2021

This week in the Enterprise Security News: Code42 enhances Incydr to help identify insider risk related to file uploads to unsanctioned websites, Imperva acquires CloudVector to provide visibility and security for API traffic, ThreatQuotient launches ThreatQ TDR Orchestrator to accelerate detection and response, KnowBe4 Launches Artificial Intelligence-Driven Phishing Feature, and some funding and acquisition updates from Thoma Bravo, Proofpoint, Darktrace, JupiterOne, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw226

May 6, 2021

Software Bill of Materials (SBOM) are used to describe the list of ingredients for the software that organizations create or acquire. There's a rapidly expanding community of adopters, implementers, and producers that are creating, consuming, and analyzing them en mass. What are the benefits of SBOMs and what types of risk that can be identified through their use?

Segment Resources:

https://cyclonedx.org/

https://www.ntia.gov/sbom

https://owasp.org/scvs

https://dependencytrack.org/

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw226

May 6, 2021

Web applications have never been more critical to your business. Yet, the everchanging threat landscape, from the move towards the cloud, to the explosion of devices on the internet, to the effects of the pandemic, keeps shifting the playing field. Join Carlos Morales, CTO Security Services, Neustar, to hear about how cyber criminals are taking advantage of these changes and considerations for how best to de-risk your application environment, no matter where your apps are hosted.

 

Segment Resources:

Learn more about [Security Solutions at Neustar] https://www.home.neustar/security-solutions

See our [Video] https://www.home.neustar/resources/videos/security-you-can-trust

Read our new white paper: [The Changing Face of Web Application Security] https://www.home.neustar/resources/whitepapers/web-application-security-threats

 

This segment is sponsored by Neustar. Visit https://securityweekly.com/neustar to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw226

May 6, 2021

Just last month, Virginia became the second state in the U.S. to pass a privacy law – the Consumer Data Protection Act (CDPA). While this doesn’t take effect until 2023, it’s important for businesses to understand what it means for them and start preparing for data security compliance now.

Chris Pin, VP of Security and Privacy at PKWARE, will be discussing:

• How Virginia’s law differs from CCPA and GDPR and the key points companies need to know

• Where and how companies may need to enhance their data privacy policies and processes, and specifically how it’s imperative to know the five W’s of data: Who, What, Why, When, Where and one H, How

• How companies should begin incorporating data discovery, data classification, data minimization, records of data processing activities, and data protection assessments as part of their everyday processes and controls, if they haven’t already

• Real life situations that businesses could find themselves in

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw72

1 « Previous 11 12 13 14 15 16 17 Next » 21