-What are we seeing from infosec graduates as they come into the enterprise to begin their careers? -How has data privacy changed since 2014? -Is the cloud a solution, or creates more problems? -How does the changing model of application architecture and security testing improve things? (DevOps, "shift left" testing, IAST, etc.)
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw679
The way we identify, prioritize, and mitigate software vulnerabilities was built in the reverse order. Why did it happen? Could a new remediation strategy finally form an alliance between IT and security teams?
This segment is sponsored by Vicarius. Visit https://securityweekly.com/vicarius to learn more about them!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw679
The current ransomware, breaches, and nation state attacks have defenders feeling overwhelmed and under resourced. Can defensive teams really have defended against this type of supply chain attack and what can every security team do for best practices within Active directory and Azure federation to reduce your enterprises risk.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw212
A casual and candid conversation on database security. Talking through the current data trends including the transition to the cloud and what this means for the database security practitioner. What pitfalls and tools can be used to help simplify and maximize the security professional's transition to a fully monitored data environment solving for Cloud/Hybrid cloud and traditional on-premise.
This segment is sponsored by Imperva.
Visit https://securityweekly.com/imperva to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw212
This week, Tyler Shields joins us for his first episode as Co-Host, and John Strand returns! In the Enterprise News, Two data security companies merge, Veracode's products are now available in the AWS Marketplace, Zscaler launches a program for organizations dealing with the SolarWinds attack, SolarWinds is being sued in a class action lawsuit, funding announcements from Weaveworks, iBoss and Venafi!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw212
We don't want to have the typical "predictions" episode, but do want to chat about what we might expect in the coming year; what is changing? what is coming back? and when? (if at all)? Looking forward: -Vaccines -Anti-vaxxers -Resumption of travel? -Resumption of conferences???? -Sales and marketing changes -Societal changes -The problems we face moving forward in compliance and security
Show Notes: https://securityweekly.com/scw57
Visit https://www.securityweekly.com/scw for all the latest episodes!
We have a roundtable discussion amongst the hosts looking back on the highs and lows of 2020! Looking back: -Solarwinds (not in depth but just as part of the year) -Covid-19 -Working from home -Conferences shut down -Travel gone -The new normal of zoom calls -Kids at home
Visit https://www.securityweekly.com/scw for all the latest episodes!
Show Notes: https://securityweekly.com/scw57
In the leadership and communications section, 6 board of directors security concerns every CISO should be prepared to address, Four ways to improve the relationship between security and IT, CISO playbook: 3 steps to breaking in a new boss, and more!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw201
Up Your game with the CISO STORIES Podcast! If anything this past year has taught us is that we can not go on our own, and leveraging the experiences from other CISOs is critical to our success. Join Todd as he introduces a new Podcast featuring actionable lessons from top-notch CISOs and Cybersecurity Leaders.
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw201
Microsoft purges malicious SolarWinds presence and highlights a threat model around their source code, the tl;drsec crew provides a hardening guide for Kubernetes, Apples provides a user guide for hardening accounts, Firefox provides a new storage system to defeat side channel abuse.
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw135
A premise of adding security to DevOps is we can "shift left" AppSec responsibilities, one of which is building apps so they're secure by design. Yet what resources does the AppSec community provide for this approach to design? We take a look at the OWASP Top 10, Web Security Testing Guide, and Application Security Verification Standard to find a way forward for DevOps teams.
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw135