Secure code should be grounded more in concepts like secure by default and secure by design than by "spot the vuln" thinking. Matias Madou shares his experience in secure coding training and the importance of teaching critical thinking. He also discusses why critical thinking is so closely related to threat modeling and how LLMs can be a tool for helping developers get beyond the superficial advice of, "Think like an attacker."
Show Notes: https://securityweekly.com/asw-357
It’s the Year of the (Clandestine) Linux Desktop!
As if EDR evasions weren’t enough, attackers are now employing yet another method to hide their presence on enterprise systems: deploying tiny Linux VMs. Attackers are using Hyper-V and/or WSL to deploy tiny (120MB disk space and 256MB memory) Linux VMs to host a custom reverse shell and reverse proxy.
In this segment, we’ll discuss strategies and mitigations to battle this novel technique with Rob Allen from Threatlocker.
Segment Resources:
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!
We're entering the age of human-shaped robots, so it seems like a good time to talk about the fact that they ALREADY HAVE CVEs assigned to them. I guess this isn't a terrible thing - John Connor might have had an easier time if he could simply hack the terminators from a distance...
Resources
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-433
Augustus De Morgan, Doordash, Fortiweb, Typosquatting, Vista, Ransomware, AI, Josh, Rob, Aaran, Jason, Dr. Scott, Rocky, Uh., and More on this edition of the Security Weekly News.
Show Notes: https://securityweekly.com/swn-529
This week:
Show Notes: https://securityweekly.com/psw-900
As AI revolutionizes how we work, it has created a new attack surface with new technologies. One of those new technologies is Model Context Protocol (MCP). MCP has emerged as the standard for connecting AI to external tools, but its flexibility has created security challenges. How do we secure MCP?
Rahul Parwani, Head of Product, Security Solutions at Airia, joins Business Security Weekly to discuss the challenges of MCP and how to secure this new protocol. Rahul will cover how Aria's solutions help you secure your AI development by:
This segment is sponsored by Airia. Visit https://securityweekly.com/airia to learn more about them!
In the leadership and communications segment, CISO Burnout – Epidemic, Endemic, or Simply Inevitable?, If Trust Is So Important, Why Aren’t We Measuring It?, Over one-third of companies plan to replace entry roles with AI, survey says, and more!
Show Notes: https://securityweekly.com/bsw-421
Miles Davis, Jimmy Buffet, 10/8 time, Lost Phones, Phishing, Whisper Leak, Quantum Route Redirect, AI Galore, Rob Allen, and more on the Security Weekly News.
Segment Resources: https://www.bleepingcomputer.com/news/security/how-a-ransomware-gang-encrypted-nevada-governments-systems/
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!
Show Notes: https://securityweekly.com/swn-528
Just how bad can things get if someone clicks on a link? Rob Allen joins us again to talk about ransomware, why putting too much attention on clicking links misses the larger picture of effective defenses, and what orgs can do to prepare for an influx of holiday-infused ransomware targeting.
Segment resources
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!
Show Notes: https://securityweekly.com/asw-356
OT/ICS/SCADA systems are often off limits to cybersecurity folks, and exempt from many controls. Attackers don’t care how fragile these systems are, however. For attackers aiming to disrupt operations, fragile but critical systems fit criminals’ plans nicely.
In this interview, we discuss the challenge of securing OT systems with Todd Peterson and Joshua Hay from Junto Security.
This segment is sponsored by Junto Security. Visit https://securityweekly.com/junto to learn more!
This week's topic segment is all about tuning your 'spidey sense' to spot myths and misconceptions online so we can avoid amplifying AI slop, scams, and other forms of Internet bunk. It was inspired by this LinkedIn post, but we've got a cybersecurity story in the news that we could have easily used for this as well (the report from MIT).
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-432
This week we have AI-Obfuscating Malware, China Influence Ops, and Meta’s Fraud Fortune, Jason Wood, and more on the Security Weekly News.
Show Notes: https://securityweekly.com/swn-527
This week:
Show Notes: https://securityweekly.com/psw-899
What's the biggest attack vector for breaches besides all of the human related ones (i.e., social engineering, phishing, compromised credentials, etc.)? You might think vulnerabilities, but it's actually misconfiguration. The top breach attack vectors are stolen or compromised credentials, phishing, and misconfigurations, which often work together. So why is it so hard to properly configure your systems?
Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss Defense Against Configurations and how ThreatLocker can automatically identify misconfigurations and map them to your environment’s compliance and security requirements. Rob will discuss how ThreatLocker Defense Against Configurations dashboard can:
Receive clear, actionable remediation guidance
and more!
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!
In the leadership and communications segment, Cybersecurity management for boards: Metrics that matter, The Emotional Architecture of Leadership: Why Energy, Not Strategy, Builds Great Teams, Your Transformation Can’t Succeed Without a Talent Strategy, and more!
Show Notes: https://securityweekly.com/bsw-420
Rogue Negotiators, Gemini Pulled, Apple’s AI Shift, Disappearing CAPTCHAs, and Aaran Leyland on the Security Weekly News.
Show Notes: https://securityweekly.com/swn-526
Pull requests are a core part of collaboration, whether in open or closed source. GitHub has documented some of the security consequences of misconfiguring how PRs can trigger actions. But what happens when repo owners don't read the docs? Bar Kaduri and Roi Nisimi walk through their experience in reading docs, finding vulns, demonstrating exploits, and working with repo owners to improve their security. Their work highlights the challenges in maintaining good security guidance, figuring out secure defaults, and how so many orgs still struggle with triaging external security reports -- something that's becoming even more challenging when orgs are being flooded with low-quality reports from LLMs.
Segment Resources:
Show Notes: https://securityweekly.com/asw-355
Frontline workers can’t afford to be slowed down by manual, repetitive logins, especially in mission-critical industries where both security and productivity are crucial. This segment will explore how inefficient login methods erode productivity, while workarounds like shared credentials increase risk, highlighting why passwordless authentication is emerging as a game-changer for frontline access to shared devices. Joel Burleson-Davis, Chief Technology Officer of Imprivata, will share how organizations can adopt frictionless and secure access management to improve both security and frontline efficiency at scale.
Segment Resources:
This segment is sponsored by Imprivata. Visit https://securityweekly.com/imprivata to learn more about them!
Vendors are finding, after integrating agents into their processes, that agentic AI can get expensive very quickly. Of course, this isn't surprising when your goal is "review all my third party contracts and fill out questionnaires for me" and the pricing is X DOLLARS for 1M TOKENS blah blah context window, max model thinking model blah blah. No one knows what the conversion is from "review my contracts" to millions of tokens, so everyone is left to just test it out and see what the bill is at the end of the month.
As we saw with Cloud when adoption started increasing in the early 2010s, we are naturally entering the era of AI cost optimization. In this segment, we'll discuss what that means, how it affects the market, and how it affects the use of AI in cybersecurity.
Jackie mentions this story from Wired in the segment: https://www.wired.com/story/ai-bubble-will-burst/
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-431
AI Cheating?, O, Canada, npms, passkeys, Exchange, Solaris, the amazing Rob Allen of Threatlocker, and More on this edition of the Security Weekly News.
Segment Resources:
Ingram Micro Working Through Ransomware Attack by SafePay Group | MSSP Alert: https://www.msspalert.com/news/ingram-micro-working-through-ransomware-attack-by-safepay-group
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!
Show Notes: https://securityweekly.com/swn-525
In the security news this week:
Show Notes: https://securityweekly.com/psw-898
Organizations that successfully earn and keep the trust of their customers, employees, and partners experience better business outcomes, more engagement, and competitive differentiation. But what does that trust look like and who's responsible for building and maintaining that trust?
Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team at Forrester Research, joins Business Security Weekly to discuss the emergence of the Chief Trust Officer. For organizations that refuse to leave trust to chance, chief trust officers have emerged as the role responsible for shaping their firm’s destiny. Jeff will explain why the role has emerged and details its responsibilities, organizational structures, and measures for success.
In the leadership and communications segment, Why must CISOs slay a cyber dragon to earn business respect?, Simon Sinek says the most successful people in the world ‘hit zero’ or came close to it: Failure is ‘the gift’, The Remote Leadership Paradox: Why Your Team Feels Micromanaged AND Abandoned (And How to Fix It), and more!
Show Notes: https://securityweekly.com/bsw-419
Lockpicks, Microsoft, CoPhish, Atlas, Turing, ForumTroll, PKD, even Kilgore Trout, the Amazing Aaran Leyland, and more on the Security Weekly News.
Show Notes: https://securityweekly.com/swn-524
The post quantum encryption migration is going to be a challenge, but how much of a challenge? There are several reasons why it is different from every other protocol and cypher iteration in the past. Is today's hardware up to the task? Is it just swapping out a library, or is there more to it? What is the extent of software, systems, and architecture that have to be updated or replaced to complete the migration? Can we get it all done by 2030?
Sandy Carielli and Martha Bennett join us to answer these questions and dive into one area of tech that hasn't been discussed much when it comes to post-quantum encryption: blockchain.
Relevant Forrester Reports:
In the news, high standards for open source software, trends in self-hosting, doing the cloud wrong, and is it really always DNS?
Show Notes: https://securityweekly.com/asw-354
In this week's sponsored interview, we dive into the evolving security landscape around AI agents, where we stand with AI agent adoption. We also touch on topics such as securing credentials in browser workflows and why identity is foundational to AI agent security.
This segment is sponsored by 1Password. Visit https://securityweekly.com/1password to learn more!
In this week's enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Interview with Connor Mulherin of TechSoup
The cybersecurity landscape in the nonprofit sector is evolving quickly, with organizations facing unique challenges due to limited resources, sensitive mission-driven work, and developing policies and training programs. Connor Mulherin, Director and GM of Validation Services at TechSoup, will discuss the industry's need for accessible and collaborative solutions to provide affordable technology leadership and security guidance. It will highlight how nonprofit organizations can build long-term digital resilience and combat these growing challenges.
Segment Resources:
Interview with Mike Poole, Director of Cyber Security at Werner Enterprises
In today's digital landscape, cybersecurity is not just a technical issue—it’s a business imperative. Organizations that prioritize cybersecurity culture see fewer incidents and stronger resilience against evolving threats. But how do you foster a security-first mindset across an organization?
This session will explore the critical components of building and maintaining a robust cybersecurity culture, starting with executive leadership buy-in—a fundamental step in securing resources and driving organizational change. We’ll then dive into the power of monthly phishing exercises, which reinforce awareness and preparedness. Attendees will also learn how to develop effective training programs that engage employees at all levels and create lasting behavioral change. Finally, we’ll discuss the role of cybersecurity-themed events, particularly during Cybersecurity Awareness Month, as a powerful tool to capture attention and reinforce key security principles.
This segment is sponsored by Oktane by Okta. Visit https://securityweekly.com/oktane to learn more about them!
Show Notes: https://securityweekly.com/esw-430
Venomous Robo Bees and Rabid Cocaine Weasels, sidebar spoofing, AI Risk, Red Tiger, SessionReaper, Bad Bots, Willow, Josh Marpet, and More on this edition of the Security Weekly News.
Show Notes: https://securityweekly.com/swn-523
In the security news:
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!
Show Notes: https://securityweekly.com/psw-897
As the Verizon Data Breach Investigations Report has stated year after year, most breaches start with human error. We've invested a lot in Security Awareness and Training and Phishing solutions, but yet human error is still the top risk. How do we actually reduce human risk?
Rinki Sethi, CSO at Upwind Security, and Nicole Jiang, CEO of Fable Security, share why human risk management is the next frontier for security—and how platforms like Fable Security deliver personalized nudges that help employees build safer habits and stay ahead of threats. Solving human risk starts by changing human behavior. Learn how advancements in Artificial Intelligence (AI) and the application of adtech principles (targeted, personalized, A/B-tested messages delivered when they’re most relevant) are delivering faster, more effective behavior change that lasts.
Segment Resources: Five must-haves of modern human risk management: https://fablesecurity.com/ebook-five-must-haves/ Starter RFP for modern human risk management: https://fablesecurity.com/starter-rfp-for-modern-hrm/
This segment is sponsored by Fable Security. Visit https://securityweekly.com/fable to learn more about them!
In the leadership and communications segment, Inside the CISO Mind: How Security Leaders Choose Solutions, 2026 Leadership Strategy: Mastering Agility and Anticipation for Better Decisions, The Most Human, Strategic, Sought-After Tool in Leadership, and more!
Show Notes: https://securityweekly.com/bsw-418
The Afterlife, AWS, ClickFix, Agentic AI Galore, Robot Lumberjacks, Robocalls, Aaran Leyland, and more on the Security Weekly News.
Show Notes: https://securityweekly.com/swn-522
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!
Ransomware attacks typically don't care about memory safety and dependency scanning, they often target old, unpatched vulns and too often they succeed. Rob Allen shares some of the biggest cases he's seen, what they have in common, and what appsec teams could do better to help them. Too much software still requires custom configuration to make it more secure. And too few software makers are embracing secure by default, let alone secure by design.
In the news, passively monitoring geosynchronous satellite communications on the cheap, successful LLM poisoning of any size model with a single size dose, security engineering lessons from Signal's post-quantum crypto work, improving security for JavaScript in the browser, and more!
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more!
Show Notes: https://securityweekly.com/asw-353