John Strand delivers the Technical Segment this week on Office 365 User Behavior Analytics. The idea is if you have a user account simultaneously logged in to multiple computer systems, that may be abnormal.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode104
Visit http://securityweekly.com/esw for all the latest episodes!
Rick Holland has more than 15 years' experience working in information security. Paul and John talk to Rick about vulnerability management, WAFs, and advice to enterprise marketing.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode104
Visit http://securityweekly.com/esw for all the latest episodes!
In the Application security news, 'Fortnite' developer had sharp words for Google after an Exploit was discovered, PHP flaw puts WordPress sites at risk, Oracle will charge for Java starting in 2019, how Netflix does Failovers in 7 minutes flat, hacking Black Hat, Burp Suite 2.0 Beta released, Windows 95 running in Electron, and more!
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode30 Follow us on Twitter: https://www.twitter.com/securityweekly
Keith Hoodlet and Paul Asadoorian talk about The Apache Struts2 RCE Vulnerability. They cover:
- CVE-2018-11776
- How the 3 Ways of DevOps can guide us toward better security practices
- Shared Version Control
- Test Environments
- Shared Ticketing
- ChatOps
- Buying
Time Full Show Notes: https://wiki.securityweekly.com/ASW_Episode30
Follow us on Twitter: https://www.twitter.com/securityweekly
Join Paul, Doug White, and Todd to talk about Security Innovation that includes: AlienVault, Cloudera, Splunk, Fortinet, CA and more!
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode97
Visit http://securityweekly.com/category/ssw for all the latest episodes!
Todd talks about his journey in the security industry. Todd also explains what Bandura Systems does for the security industry and how they sell their solution to companies.
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode97
Visit http://securityweekly.com/category/ssw for all the latest episodes!
The Untold story of NotPetya, New Apache Struts RCE Flaw, How door cameras are creating dilemmas for police, Google gets sued for tracking you even when your location history is off, and Artificial Whiskey is coming, and one company is betting you'll drink up.
Full Show Notes: https://wiki.securityweekly.com/Episode572 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly
Visit our website: http://securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Sven Morgenroth is a security researcher at Netsparker. He found filter bypasses for Chrome's XSS auditor and several web application firewalls. He comes on the show to discuss PHP Type Juggling Vulnerabilities.
Full Show Notes: https://wiki.securityweekly.com/Episode572 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly
Visit our website: http://securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Tod Beardsley is the Director of Research at Rapid7. Paul talks to Tod about his recent projects Sonar and Heisenberg. They also discuss Tod's Under the Hoodie pentest report.
Full Show Notes: https://wiki.securityweekly.com/Episode572 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly
Visit our website: http://securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Mike leads the Product Management, Product Marketing, UX, and Business Development efforts at DomainTools. He brings over 20 years of experience in the security industry, and has a real passion for building products that customers love and driving significant growth for the product lines he leads.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode103
Visit http://securityweekly.com/esw for all the latest episodes!
Paul Asadoorian and Matt Alderman compare and contrast the enterprise security vendors that were at Black Hat and DEF CON 2018.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode103
Visit http://securityweekly.com/esw for all the latest episodes!
Paul Asadoorian and Matt Alderman talk about and discuss the enterprise security vendors that attended DEF CON 2018.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode103
Visit http://securityweekly.com/esw for all the latest episodes!
Matt Alderman and Paul sat down at DEF CON to talk all of the AppSec vendors that they held briefings with at our Pool Cabana. They sat down with companies like Synopsis, Signal Sciences, and discussed how their products influence the AppSec world.
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode29 Follow us on Twitter: https://www.twitter.com/securityweekly
Tom is the founder of ServerlessOps (https://www.serverlessops.io/) and an experienced operations engineer. He started ServerlessOps after he asked the question, what would he do if servers went away? At a loss for an answer and interested in the future of his profession, he decided to pursue the answer. Tom is actively engaged in promoting serverless infrastructure and engaging with the community to learn more about their thoughts, wants, and concerns are around the topic.
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode29 Follow us on Twitter: https://www.twitter.com/securityweekly
Matt Alderman sits down with Paul this year at DEF CON to talk about the processes that they go through to hold briefings. Founders, CEO’s, and Business Execs of many different companies sat down to discuss what their product was, how they fit into the marketplace, and who their competition is, all while sitting aside Security Weekly’s Pool Cabana in the Las Vegas sun.
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode96
Visit http://securityweekly.com/category/ssw for all the latest episodes!
!
Sharon Goldberg is the CEO/Co-Founder of Commonwealth Crypto, a Boston blockchain startup that is making cryptocurrency trading more secure. She is also an associate professor in the Computer Science Department at Boston University, where her research focuses on securing the protocols that provide many of the global internet's core functions.
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode96
Visit http://securityweekly.com/category/ssw for all the latest episodes!
Paul and Matt Alderman had the chance at DEF CON to sit down and talk about Cigars and Security. In our very first episode, Paul asks Matt questions on how he got started in Security, who some of his biggest influencers were, and how he feels about the Security world today. Matt asks Paul questions about Cigars, their origin, and what the difference is between different tobaccos grown all around the world.
Full Show Notes: https://wiki.securityweekly.com/Episode571 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly
Visit our website: http://securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Our very own Larry Pesce delivers the Technical Segment this week on Spoofing GPS with a hackRF.
Full Show Notes: https://wiki.securityweekly.com/Episode571 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly
Visit our website: http://securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
In the Security News this week, Hacking Police Bodycams, Adobe fixes critical code execution flaws in latest patch update, Researchers develop device to aid in hunt for stealthy ATM card skimmers, Australians who wont unlock their phones could face 10 years in jail, overcoming 'Security as a Silo' with Orchestration and Automation, and more!
Full Show Notes: https://wiki.securityweekly.com/Episode571 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly
Visit our website: http://securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Paul and Matt discuss all of the vendors providing attack simulation solutions, including why you want (or need) this type of solution, the problem(s) they solve, and differentiators. This is an exciting space, so exciting that Paul and Matt sweat A LOT as this was recorded live from our pool cabana in Las Vegas!
Visit http://securityweekly.com/esw for all the latest episodes!
Paul and Matt review the ICS security landscape, discussing the problems and potential solutions to secure critical infrastructure. We used several on-site interviews and briefings with solutions providers at Blackhat as a basis for this segment. Recorded live at the Security Weekly pool cabana in Las Vegas!
Visit http://securityweekly.com/esw for all the latest episodes!
Al Ghous is the Sr Director of Cyber Security for GE Digital. In this capacity Al is responsible for GE Digital’s Cloud Platform and Product Cyber Security where he is focused on building secure and resilient Cloud for the Industrial Internet of Things (IIOT).
Full Show Notes: https://wiki.securityweekly.com/ES_Episode102
Visit http://securityweekly.com/esw for all the latest episodes!
After arriving back from Black Hat and DEF CON 2018, Doug joins Keith to share some of his stories about attending the world famous security conferences. They discuss, secure coding practices.
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode28
Follow us on Twitter: https://www.twitter.com/securityweekly
Alibaba Cloud Security team discovers Apache spark rest API remote code execution exploit, Comcast security flaws exposed partial address, Hacker finds hidden 'God Mode' in old x86 CPUs, and more!
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode28
Follow us on Twitter: https://www.twitter.com/securityweekly
Hardware-based Root of Trust, Small Trusted Computing Base, React v16.4.2, GitHub shows best practices for account security and recoverability, and the cost of JavaScript, and Food for Thought!
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode27
Follow us on Twitter: https://www.twitter.com/securityweekly