Info

Paul's Security Weekly TV

Security news, interviews, how-to technical segments. For security professionals by security professionals. We Hack Naked.
RSS Feed Subscribe in Apple Podcasts
Paul's Security Weekly TV
2022
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: April, 2022
Apr 30, 2022

This week in the Enterprise News: Basis Theory raises $17 million funding round, Crunchbase Funding Round Profile, Devo Acquires AI-Powered Security Automation Innovator to Deliver the “Autonomous SOC”, Hivemapper Dashcam, Authtech, Twitter accepts Elon Musk’s $44 billion offer, Austin Peay State University on Twitter, Basis Theory raises $17 million funding round, & more!

 

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw271

Apr 30, 2022

Digital identity is key to modern security architectures; enables privacy-preserving, trusted services; and drives customer-oriented experiences. Key trends like passwordless, verified credentials, and personal identity will have a profound effect on enterprise security. Discover how you can make the most of these evolutions, and learn how you can support the industry and its professionals.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw271

Apr 30, 2022

This week in the Security News: Java’s “psychic paper”, Musk’s plans for Twitter’s algorithm, Bossware, What Google is getting wrong about expired domains, & NFT Tweet Auctions, Silk Road Seizures, 0-Days, & more!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw738

Apr 29, 2022

Cloud security is confusing enough these days, but a complex product landscape doesn’t make it any easier. In this segment we’ll talk about what’s driving this, how to make sense of it, and where to find things that actually help.

To register for our upcoming webcast with Rich Mogull on Deploying Cloud Applications Securely, visit https://attendee.gotowebinar.com/register/3131398543024475915?source=esw

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw271

Apr 29, 2022

Marcus Sachs, the Deputy Director for Research at the McCrary Institute for Cyber and Critical Infrastructure Security, joins to discuss his cryptography collection, service for the US Army & Government, Antique Typewriters, & more!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw738

Apr 29, 2022

The need to communicate, collaborate and do business on a global level has created a proliferation of cloud based applications and services. Email. Cloud Storage. Messaging platforms. CRM. Digital Apps and Services. Organizations continue to add new cloud channels to support their business needs. But with new channels come new security blind spots that must be addressed. In this session we'll discuss:

Cyber attack trends in the collaboration channel ecosystem

The (yet) unsolved challenges of email security – the main channel of targeted attacks

The rising threat of cloud collaboration and the growing risk of content-borne attacks ...And we will walk though three use cases, their challenges and their deployments.

 

Segment Resources:

Request a demo and get a FREE coffee on us: https://hubs.la/Q0156lpK0

 

This segment is sponsored by Perception Point. Visit https://securityweekly.com/perceptionpoint to learn more about them!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw738

Apr 27, 2022

How should we empower developers to embrace the NIST software development practices? Because from here on out, developers need to view themselves as the front lines of defense for the end-consumer. A more secure-aware developer leads to a more-protected consumer. Dr. Wang will offer her perspectives on the above question as well as address: - How companies can set their developers up for security success - The importance of implementing micro-learnings - What should CISOs’ expectations be of developers and developers’ expectations of CISOs after Feb. 6 and beyond? - How corporate boards should be aware of implications of developer’s pervasive development and software security and how they should work together

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw194

Apr 27, 2022

In the Leadership and Communications section: What cybersecurity metrics should I report to my board?, Cybersecurity litigation risks: 4 top concerns for CISOs, The SEC Is About To Force CISOs Into America’s Boardrooms, and more!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw260

Apr 26, 2022

Security leaders are using their hard-won influence with senior leadership to take on challenges related to emerging threats and unrelenting attackers. Yet plenty of old problems remain and are piling up. In this session, Senior Analyst Jess Burn will go highlight Forrester's eight security program recommendations for 2022 that will help security leaders take full advantage of their political capital — and budget — to resolve perennial problems and tackle emerging issues.

 

Segment Resources:

Blog post: https://www.forrester.com/blogs/our-2022-top-recommendations-for-your-security-program-cisos-get-an-offer-they-cant-refuse/?ref_search=604835_1649953578273

Full report: https://www.forrester.com/report/top-recommendations-for-your-security-program-2022/RES177270?ref_search=604835_1649953578273

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw260

Apr 26, 2022

Java's ECDSA implementation is all for nought, writing a modern Linux kernel RCE, lessons learned from the Okta breach, lessons repeated from a log4shell hot patch, a strategy for bug bounties, Microsoft finally disables SMB1

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw194

Apr 23, 2022

This week in the Enterprise Security News: Fortress InfoSec raises $125M to help critical infrastructure improve security, ThreatLocker raises $100M, thanks in part to Kaseya’s breach, Obsidian raises $90M to secure SaaS use, DoControl raises $30M to possibly compete with Obsidian, Blueshift raises a seed round to bring SOC and XDR to SMBs, Strike Security raises a seed round to take a different approach to pen testing, Thoma Bravo is still working on an Imprivata exit, The biggest startup failures of all time - how many security vendors are on the list? Is the SEC forcing CISOs into the boardroom, Better, but harder to collect, security metrics, & more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw270

Apr 23, 2022

This is a recurring segment, in which we bring on a VC to provide an investor’s point-of-view on all this activity. It’s hard to imagine a better investor to join us than Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups! We're very excited to have Will back on and are looking forward to discussing:

- Huge valuations and potential pricing/market resets and corrections

- Interesting new security categories: DSPM, SaaS Security, Enterprise Browsers

- Why security startups seem to be more resilient than in other markets (for reference: https://www.cbinsights.com/research/biggest-startup-failures/)

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw270

Apr 23, 2022

Logitech’s Lift is a vertical mouse that’s easier to grasp, CISA warns of attackers now exploiting Windows Print Spooler bug, Google tracked 58,exploited zero-day security holes in 2021, For Russian tech firms, QNAP urges customers to disable UPnP port forwarding on routers Putin’s crackdown ended their global ambitions, & Hackers can infect >100 Lenovo models with unremovable malware. Are you patched?

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw737

Apr 22, 2022

Learn all about the technical ins and outs of HP SureClick Enterprise with HP expert Dan Allen and discover how SureClick Enterprise can help improve security efforts in your organization.

 

This segment is sponsored by HP Wolf Security. Visit https://securityweekly.com/hpwolf to learn more about them!

 

Segment Resources:

https://threatresearch.ext.hp.com/zero-trust-in-reverse-why-the-current-definition-of-zero-trust-is-only-half-full/

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw270

Apr 22, 2022

Considering that history has always had foreign legions, from Lord Byron fighting in Greece (well fighting might be a bit much), to For Whom the Bell Tolls, to the Flying Tigers, to the Layfayette Escadrille, foreign fighters have often entered war zones for a wide variety of reasons. Today, well, you can join up to a virtual cause and fight for whatever cause you are seeking and fight from the comfort of your own gaming chair. No selling your estates and dashing off to attack Lepanto, although you can do that too if you like. In this segment, we discuss, the computer fraud and abuse act, what it means to be a member of the foreign legion, and revisit the whole idea of hacking back as a security technique! 

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw737

Apr 22, 2022

John Alfred is a retired Police Officer that directed a Computer Crimes unit for years. This segment will discuss how that unit got developed, what kinds of skills might be useful to develop in your own units, and what sorts of mistakes are often made trying to operate computer crimes units! 

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw737

Apr 20, 2022

In the leadership and communications section, 10 Signs of a Good Security Leader, Toxic Leadership: The Four Horsemen of the Apocalypse, Know Them, 3 Ways to Take Control of Your Cyber Security Career in 2022, and more!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw259

Apr 19, 2022

With an ever expanding perimeter, how do organizations address the challenges of hybrid cloud? New threats, increased complexity, and continued fragmentation of security responsibilities makes it harder than ever. Tim Woods, VP Technology Alliances at Firemon, joins BSW to discuss how centralized policy management can provide the visibility, enforcement, and compliance of policies across hybrid cloud environments.

 

This segment is sponsored by FireMon. Visit https://securityweekly.com/firemon to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw259

Apr 19, 2022

OAuth tokens compromised, five flaws in a medical robot, lessons from ASN.1 parsing, XSS and bad UX, proactive security & engineering culture at Chime

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw193

Apr 18, 2022

We can create top 10 lists and we can count vulns that we find with scanners and pen tests, but those aren't effective metrics for understanding and improving an appsec program. So, what should we focus on? How do we avoid the trap of focusing on the metrics that are easy to gather and shift to metrics that have clear ways that teams can influence them?

 

Segment resources

- https://www.philvenables.com/post/10-fundamental-but-really-hard-security-metrics

- https://cloud.google.com/blog/products/devops-sre/using-the-four-keys-to-measure-your-devops-performance

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw193

Apr 16, 2022

This week in the Enterprise News: Datto to be Acquired by Kaseya for $6.2 Billion, with Funding Led by Insight Partners, Perforce Software Puppet, Synopsys acquires Juniper Networks, Managed detection and response startup Critical Start lands $215M in funding, Thinking About the Future of InfoSec, DuckDuckGo launches Mac app in beta, How I automated my presence in video calls for a week (and nobody knew), Why Do So Many Cybersecurity Products Suck?

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw269

Apr 16, 2022

This week in the Security News: Hackers have found a clever new way to steal your Microsoft 365 credentials, Former Ethereum Developer Virgil Griffith Sentenced to 5+ Years in Prison for North Korea Trip, An update to Raspberry Pi OS Bullseye, Bearded Barbie hackers catfish high ranking Israeli officials, & Nginxday! 

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw736

Apr 16, 2022

Security professionals face a variety of challenges on a daily basis. The cybersecurity talent shortage and the so-called Great Resignation can lead to gaps in security, an increase in insider threats and overworked employees, not to mention external threats like hacking and ransomware. Digital forensics can help alleviate these challenges with solutions that collect evidence properly, automate workflows, function in Zero Trust environments and detect and mitigate insider threats.

 

Segment Resources: FTK Over the Air podcast: https://www.exterro.com/ftk-over-the-air-podcast

 

FTK Feature Focus weekly videos: https://youtube.com/playlist?list=PLjlGL4cu_NaM0e7h1RCTJwNnZb-dyUf3B

 

This segment is sponsored by Exterro. Visit https://securityweekly.com/exterro to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw269

Apr 15, 2022

With cybersecurity attacks continually on the rise, security teams are under more pressure than ever. It’s imperative to use your pen testing resources wisely, leveraging automation capabilities where it makes sense to save time and help conduct more impactful engagements. During this interview, Bob Erdman will discuss how to find the right balance between the reliability and efficiency of pen testing automation with the astuteness and logic of human intervention.

 

Segment Resources:

The Truth About Pen Testing Automation - https://www.coresecurity.com/blog/the-truth-abouth-pen-testing-automation

Core Impact Rapid Pen Tests - https://www.coresecurity.com/products/core-impact/rapid-pen-tests

 

This segment is sponsored by Core Security, A Help Systems Company. Visit https://securityweekly.com/coresecurity to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw269

Apr 15, 2022

Amanda Berlin joins us to discuss what she’s been up to since her last appearance on the show. It’s only been a couple of years, but a lot has changed in that time. Tune in to hear about what changes the pandemic brought to the vision and operations of Mental Health Hackers, and how they pivoted to a virtual environment during this time. The crew talks about their experience going from traveling to 15-20+ conferences a year, down to hardly any conferences during Covid, and what their future plans are now that in-person events are coming back around. Amanda fills us in on her current role at Blumira, other business ventures, and where you can find her speaking/running a village in the near future! 

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw736

1 2 Next »