Info

Security Weekly Podcast Network (Video)

Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
RSS Feed Subscribe in Apple Podcasts
Security Weekly Podcast Network (Video)
2025
January


2024
December
November
October
September
August
July
June
May
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: December, 2024
Dec 31, 2024

Our old friend Russ Beauchemin and Doug talk about the future of AI and what it may mean when AI is smarter than us all.

Show Notes: https://securityweekly.com/vault-swn-25

Dec 30, 2024

Check out this episode from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on January 3, 2023.

With the current macro economic head winds, 2023 budgets are either frozen or are flat. Where should CISOs focus these limited budgets to maximize the most out of their security program? In this segment, we invite Jon Fredrickson, Chief Risk Officer at Blue Cross Blue Shield of Rhode Island, to debate what should be in your minimum viable security program.

This segment is part 2 and focuses on the minimum viable security vendors for our top 6 capabilities:

  1. Asset Management

  2. Patch Management

  3. IAM/MFA/PIM/PAM

  4. EDR/MDR/XDR

  5. Backup/Recovery

  6. Risk Management

Show Notes: https://securityweekly.com/vault-bsw-16

Dec 27, 2024

Josh Marpet and Doug talk about how Tariffs work and how you maybe should get ready for higher prices to replace equipment in the coming years if new rounds of tariffs are imposed on foreign goods and components.

Show Notes: https://securityweekly.com/vault-swn-24

Dec 25, 2024

Unraveling Cybersecurity Complexity: A Conversation with Haroon Meer

Haroon Meer, an influential figure in the world of cybersecurity, takes center stage in this podcast interview. With a deep reservoir of knowledge and a track record of tackling complex security challenges, Haroon has established himself as a key player in the InfoSec domain.

As the founder of Thinkst Applied Research, Haroon brings a wealth of practical experience to the table. Join us as we explore his professional journey, from early forays into cybersecurity to pioneering innovations that have reshaped how organizations approach security.

Haroon Meer's insights go beyond the theoretical, offering a pragmatic understanding of cybersecurity issues and solutions. Dive into the intricacies of threat landscapes, security architectures, and the evolving dynamics of cyber threats as Haroon shares his perspectives on the current state of cybersecurity.

With a focus on practicality and a knack for simplifying complex concepts, Haroon Meer's interview is a must-listen for anyone interested in the nuances of cybersecurity. Gain a deeper understanding of the challenges faced by security professionals and uncover valuable takeaways that can enhance your approach to securing digital environments.

Join us as we explore the mind of a cybersecurity luminary, unraveling the layers of InfoSec intricacies with Haroon Meer in this enlightening podcast episode.

Show Notes: https://securityweekly.com/vault-psw-14

Dec 24, 2024

Josh Marpet and Doug talk about Compliance and Privacy for about 30 minutes but it could have been a lot more.

Show Notes: https://securityweekly.com/vault-swn-23

Dec 23, 2024

Check out this episode from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on January 3, 2023.

With the current macro economic head winds, 2023 budgets are either frozen or are flat. Where should CISOs focus these limited budgets to maximize the most out of their security program? In this segment, we invite Jon Fredrickson, Chief Risk Officer at Blue Cross Blue Shield of Rhode Island, to debate what should be in your minimum viable security program. This segment is part 1 of 2 parts and focuses on the minimum viable security capabilities.

Show Notes: https://securityweekly.com/vault-bsw-15

Dec 21, 2024

As we wrap up the year, we have an honest discussion about how important security really is to the business. We discuss some of Katie's predictions for AppSec in 2025, as well as "what sucks" in security!

Show Notes: https://securityweekly.com/esw-388

Dec 20, 2024

In the enterprise security news,

  1. a final few fundings before the year closes out
  2. Arctic Wolf buys Cylance from Blackberry for cheap, a sentence that feels very weird to say
  3. the quiet HTTPS revolution
  4. passkeys are REALLY catching on
  5. resilience keeps showing up in the titles of news items
  6. Apple Intelligence insults the BBC’s intelligence
  7. MITRE ATT&CK evals drama
  8. Lastpass breach drama continues

All that and more, on this episode of Enterprise Security Weekly

Show Notes: https://securityweekly.com/esw-388

Dec 20, 2024

Dysentery, TP-Link, Piracy, Calendar Scams, Tencent, TikTok, Aaran Leyland, and More, on this edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-439

Dec 20, 2024

Since D3FEND was founded to fill a gap created by the MITRE ATT&CK Matrix, it has come a long way. We discuss the details of the 1.0 release of D3FEND with Peter in this episode, along with some of the new tools they've built to go along with this milestone.

To use MITRE's own words to describe the gap this project fills:

"it is necessary that practitioners know not only what threats a capability claims to address, but specifically how those threats are addressed from an engineering perspective, and under what circumstances the solution would work"

Segment Resources:

Show Notes: https://securityweekly.com/esw-388

Dec 19, 2024

XSS is the number one threat?, fix your bugs faster, hacking VoIP systems, AI and how it may help fuzzing, hacker gift guides, new DMA attacks, hacking InTune, Rhode Island gets hacked, OpenWrt supply chain issues, we are being spied on, Germans take down botnet, Bill and Larry are speaking at Shmoocon!, and TP-Link bans.

Show Notes: https://securityweekly.com/psw-855

Dec 18, 2024

In the leadership and communications segment, CISOs need to consider the personal risks associated with their role, CISOs: Don’t rely solely on technical defences in 2025, The Questions Leaders Need to Be Asking Themselve, and more!

Show Notes: https://securityweekly.com/bsw-376

Dec 18, 2024

The local network is no more. Neither is the corporate firewall. Users are not only working from the office but also remotely, meaning the network we utilize has quickly become the internet, leaving devices and data vulnerable to cyber threats. But how do we monitor this new, expanded network?

Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss how the dissolution of the business perimeter makes network access controls essential to protect your devices and, by extension, your data. Network Access Control helps protect business assets whether employees are in the office or remote. ThreatLocker Network Control provides a direct connection between the client and server, as opposed to a VPN that goes through a central point.

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Show Notes: https://securityweekly.com/bsw-376

Dec 17, 2024

Vogons, Task Scams, HiatusRat, Cellebrite, Deloitte, Quantum, WordPress, Aaran Leyland, and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-438

Dec 16, 2024

Curl's oldest bug yet, RCPs (and more!) from AWS re:Invent, possible controls for NPM's malware proliferation, insights and next steps on protecting top 500 packages from the Census III report, the flawed design choice that made Microsoft's OTP (successfully) brute-forceable, and more!

00:00 - Intro & Cyber Resilience Insights 01:20 - The 25-Year-Old Curl Bug Story 04:17 - Fuzzing for Security: A Missed Opportunity? 08:46 - AWS re:Invent Security Highlights 11:54 - NPM Malware Surge 16:33 - Small Packages, Big Risks in NPM 19:55 - Open Source Security Trends 24:27 - Microsoft MFA Vulnerability Explained 28:28 - Hardware Hacking & DMA Exploits 30:55 - Auditing Ruby’s Package Ecosystem 34:02 - Looking Ahead to 2025

Show Notes: https://securityweekly.com/asw-311

Dec 16, 2024

Practices around identity and managing credentials have improved greatly since the days of infosec mandating 90-day password rotations. But those improvements didn't arise from a narrow security view. Hannah Sutor talks about the importance of balancing security with usability, the importance of engaging with users when determining defaults, and setting an example for transparency in security disclosures.

Segment resources

00:00 Welcome to Application Security Weekly! 01:49 Meet the Experts 03:28 What Are Non-Human Identities? 06:17 Balancing Security & Usability 08:24 MFA Challenges & Admin Security 12:09 Navigating Breaking Changes 16:05 Security by Design in Action 18:42 Identity Management for Startups 20:18 Secure by Design: Real Impact 24:03 Transparency After a Critical Vulnerability 31:39 Looking Ahead to 2025 32:45 Application Security in Three Words

Show Notes: https://securityweekly.com/asw-311

Dec 14, 2024

This week, in the enterprise security news,

NOTE: We didn't get to 2, 3, 5, or 7 due to some technical difficulties and time constraints, but we'll hit them next week! The show notes have been updated to reflect what we actually discussed this week: https://www.scworld.com/podcast-segment/13370-enterprise-security-weekly-387

  1. Snowflake takes security more seriously
  2. Microsoft takes security more seriously
  3. US Government takes telecom security more seriously
  4. Cleo Capital takes security more seriously
  5. EU’s DORA takes effect soon
  6. Is phishing and security awareness training worthless?
  7. CISOs need financial literacy
  8. Supply chain firewall is basic but useful

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-387

Dec 13, 2024

In this segment, we discuss two new FIDO Alliance standards focused on credential portability. Specifically, if passwordless is going to catch on, we need to minimize friction and maximize usability. In practice, this means that passkeys must be portable!

Rew Islam of Dashlane joins us to discuss the new standards and how they'll help us enter a new age of secure authentication, both for consumers and the enterprise.

Segment Resources:

Show Notes: https://securityweekly.com/esw-387

Dec 13, 2024

Nudity, Krispy Kreme, Cleo, AIAPIs, non-human identities, North Korea, Jersey Drones, Josh Marpet, and More, on this edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-437

Dec 13, 2024

For our second year now, Mike Privette, from Return on Security and the Security, Funded newsletter joins us to discuss the year's highlights and what's to come in the next 12 months.

In some ways, it has been a return to form for funding, though some casualties of a tough market likely had to seek acquisition when they might have otherwise raised another round and stayed independent a while longer. We'll cover some stats, talk 2025 IPO market, and discuss the likelihood of (already) being in another bubble, particularly with regards to the already saturated AI security market.

It won't be all financial trends though, we'll discuss some of the technical market trends, whether they're finding market fit, and how ~50ish AI SOC startups could possibly survive in such a crowded space.

Show Notes: https://securityweekly.com/esw-387

Dec 12, 2024

In the security news, the crew, (minus Paul) get to gather to discus hacks causing disruptions, in healthcare, donuts and vodka, router and OpenWRT hacks (and the two are not related), Salt/Volt Typhoon means no more texting and 10 year old vulnerabilities and more!

Show Notes: https://securityweekly.com/psw-854

Dec 12, 2024

Join us for this segment as we discuss government regulations and certifications as they apply to supply chain security and vulnerability management, and how understanding the mumbo jumbo can enable organizations to improve their cyber security.

Show Notes: https://securityweekly.com/psw-854

Dec 10, 2024

Curl and Python (and others) deal with bad vuln reports generated by LLMs, supply chain attack on Solana, comparing 5 genAI mistakes to OWASP's Top Ten for LLM Applications, a Rust survey, and more!

Show Notes: https://securityweekly.com/asw-310

Dec 10, 2024

Evil ISPs, Deloitte, YOLO11, Microsoft, Gift Cards, Navix, Horror, Telegram, Josh Marpet and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-436

1 2 Next »