Info

Security Weekly Podcast Network (Video)

This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
RSS Feed Subscribe in Apple Podcasts
Security Weekly Podcast Network (Video)
2024
May
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: May, 2023
May 12, 2023

Singing Terminators, Gmail, Joe Sullivan, Dragos, ESXi, Microsoft, Greatness, Jessica Davis, and More on this episode of the Security Weekly News.

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn297 

May 12, 2023

In the enterprise security news, A slow week for funding, but, as always, a busy week for AI news! Databricks acquires Okera, CrowdStrike, Fortinet and other cybersecurity shares rise, Merck might finally see that $1.4 billion dollar NotPetya payout, Ex-Uber CISO Joe Sullivan won’t go to jail, Google rolls out passkey support, Do Bartenders make good pen testers?, ICS using steganography to hide data, DEF CON will unleash hackers on Large Language Models, and Security’s eternal prioritization problem!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw317 

May 11, 2023

We are nearly half way through 2023, and we're seeing some new trends surface in the cyber landscape. These include generative artificial intelligence, which was everywhere at RSA Conference this year, as well as automation across security operations and the continued need for skilled expertise. Join Matt Alderman from CyberRisk Alliance and Antonio Sanchez, Principal Evangelist at Fortra, as they dive into 2023 cybersecurity trends and observations.

Segment Resources:

https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000011812&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness

https://www.fortra.com/products/bundles?code=cmp-0000011812&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness

 

This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw317 

May 11, 2023

In the security news: feel free to cry a bit, honeytokens are the shiny new hotness, it's fixed in the future, backdooring electron, should we move to passkeys, the turbo button, why Cisco hates SMBs, old vulnerabilities are new again, MSI, Boot Guard and some FUD, fake tickets, AI hacking, prompt injection, and the SBOM Bombshell!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw784 

May 11, 2023

In this talk, Paula Januszkiewicz, renowned cybersecurity expert with years of experience in the field, shares her insights on critical tasks that must be included in any successful penetration testing checklist. She will offer the listeners a sneak peek into her pentesting trick book, discuss the special tools she is using, and highlight the importance of diversifying your pentester's toolkit. This episode is a must-listen for anyone interested in mastering the art of penetration testing.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw784

May 9, 2023

In the ever-evolving world of cybersecurity, attackers are constantly finding new ways to infiltrate your software supply chains. But with GitGuardian's Honeytoken, you can stay ahead of the game. Deploy honeytokens at scale, monitor for unauthorized use, and detect intrusions before they can wreak havoc on your system. With Honeytoken, you'll have the insight you need to protect your confidential data and know where, who, and how attackers are trying to access it.

This segment is sponsored by GitGuardian. Visit https://securityweekly.com/gitguardianrsac to learn more about them!

 

In light of the constant change in the threat landscape, how does an organization keep up with the attackers who're always innovating? New specialized security solutions are regularly being introduced to address new threats, increasing complexities and the non-functional requirement(NFRs) associated with integration of these systems to already complicated enterprise web applications. How does an organization implement holistic defense without increasing cost, complexity and impacting user experience? Edgio will address how an edge-enabled holistic security platform can effectively reduce the attack surface, improve the effectiveness of the defense while reducing the latency of critical web applications via it’s multi-layered defense approach. It also offers the ability to integrate with an enterprises' DevSecOps workflow to achieve better security practices. Edio will discuss how its security platform “shrinks the haystacks” so that organizations can better focus on delivering key business outcomes.

This segment is sponsored by Edgio. Visit https://securityweekly.com/edgiorsac to learn more about them!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw240 

May 9, 2023

Poisonous Parsley and Chat GPT, QR codes, Boot Guard, Akira, Wanted Posters, SuperCare, VPNS, Jason Wood, and more on this edition of the Security Weekly News.

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn296 

May 9, 2023

What does software resilience mean? Why is status quo application security unfit for the modern era of software? How can we move from security theater to security chaos engineering? This segment answers these questions and more.

Segment Resources:

Book -- https://securitychaoseng.com

Blog -- https://kellyshortridge.com/blog/posts/

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw240 

May 9, 2023

A resilient cybersecurity strategy is essential to running your business while protecting against security threats and preventing data breaches. For CISOs, partnering with a managed service security provider (MSSP) means you can be in control of your organization’s information and infrastructure security without placing a strain on internal personnel or resources which is critical in today’s uncertain economy. With an MSSP on board, CISOs are better equipped to meet strategic and business goals, while improving operations and reducing expenses. This interview will discuss not only why to consider an MSSP but how to choose the right one for the job.

This segment is sponsored by Direct Defense. Visit https://securityweekly.com/directdefensersac to learn more about them!

 

Insider Risk is a problem that continues to grow - and that companies are still struggling to solve. CISOs state that it is the number one most difficult threat to detect, placing it over malware and ransomware. Code42 President and CEO Joe Payne will explain why the Insider Risk problem is so challenging and will offer guidance on how to solve it.

This segment is sponsored by Code42. Visit https://securityweekly.com/code42rsac to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw305 

May 8, 2023

Each year, Forrester tracks the top systemic risks — external events that impact your firm and customers but are out of your control — facing organizations. The impacts of climate change are both short-term, in the form of severe weather, drought, and heat waves, and long-term, in the form of biodiversity loss, sea-level rise, and rising temperatures. Want to see where climate risk ranked on the list?

Read The Top Systemic Risks, 2023 (https://www.forrester.com/report/the-top-systemic-risks-2023/RES179156) or listen to this segment on Business Security Weekly.

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw305

May 5, 2023

“Man plans, the Universe laughs” - unfortunately, that’s been the saying for far too long when it comes to cybersecurity. Security leaders know it's only a matter of time before their organization gets breached, but instead of being ready for it, they rely on fixing the problem after it happens. In Cisco’s newest report, the first ever Cybersecurity Readiness Index, it was found that a small minority of businesses globally (15%) consider themselves to be ready and able to defend against the expanding array of cybersecurity risks and threats of today. Organizations need to get ready and stay ready with solutions they can trust.

This segment is sponsored by Cisco. Visit https://securityweekly.com/ciscorsac to learn more about them!

 

OpenText Cybersecurity is on a mission to simplify security by delivering smarter, innovative solutions. Geoff Bibby, the SVP of OpenText Cybersecurity Marketing & Strategy, will offer insight into the company’s purpose-built approach to create a powerhouse cybersecurity portfolio that scales to meet the security needs of large enterprises down to individual consumers. This segment is sponsored by OpenText. Visit https://securityweekly.com/opentextrsac to learn more about them!

 

The continued headcount shortage facing cybersecurity teams is driving many organizations to embrace Managed Detection and Response (MDR) as a way to combat cyber threats. With this demand, dozens of MDR companies have emerged over the past two years. Critical Start’s CTO, Randy Watkins, will discuss the origin of MDR, share evaluation tips, and reveal some of the potential pitfalls.

This segment is sponsored by Critical Start. Visit https://securityweekly.com/criticalstartrsac to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw316 

May 5, 2023

St. Alban's Day, Kimsuky, WinRAR, Microsoft, fake AI, Siemens, Apple, and More on this episode of the Security Weekly News.

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn295 

May 5, 2023

Christopher will delve into what lateral security/lateral movement are and identify key lateral security tools (network segmentation, micro-segmentation, advanced threat prevention systems, network sandboxes, and network traffic analysis/network detection and response). He will also touch on why automation is important when it comes to consistent security and the current threat landscape.

Segment Resources:

https://cio.vmware.com/2023/03/why-cisos-are-looking-to-lateral-security-to-mitigate-ransomware.html

https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/lateral-security-is-the-new-cybersecurity-battleground-solution-overview.pdf

https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/vmw-ransomware-lateral-security.pdf

 

This segment is sponsored by VMware. Visit https://securityweekly.com/vmwarenetsecrsac to learn more about them!

 

AT&T Cybersecurity released its 12th annual Cybersecurity Insights Report, “Edge Ecosystem,” which highlights the dramatic shift in computing underpinned by 5G, the edge, and the convergence of networking and security. The report found that business and technology leaders are finally coming together not just to understand the new edge computing ecosystem, but to make more predictable, data-informed business decisions. Collaboration among these leaders, as well as external partners in the ecosystem, will be critical for the edge journey ahead – but more progress must be made to better leverage the edge and transform the business.

This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attrsac to learn more about them!

 

EASM is a critical component of continuous threat exposure management and a necessary step in improving validation and vulnerability management processes. Gartner recently published a report describing the evolution of EASM and where it's headed in the market. e're excited to see the market move in this direction because, at NetSPI, we're already committed to investing in our team and technology to stay ahead of these trends. We already have a head start.

 

This segment is sponsored by NetSpi. Visit https://securityweekly.com/netspirsac to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw316 

May 5, 2023

This week, we start with the news: 2 weeks of news to catch up on! 16 funding stories, 4 M&A stories, Cybereason prunes its valuation… a lot, First Republic Bank seized by FDIC, Ransomware is irrelevant Sun Tzu hates infosec, AI Trends, Kevin Mandia’s 7 tips for defense, & How much time should we spend automating tasks?

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw316 

May 4, 2023

This week in the Security News: 5-year old vulnerabilities, hijacking packages, EV charging apps that could steal stuff, do we even need software packages, selling hacking tools and ethics, I hate it when vendors fix stuff, HTTPS lock status, no pornhub for you!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw783 

May 4, 2023

Rob "Mubix" Fuller comes on the show to talk about penetration testing, what's changed over the years? He'll also discuss "Jurassic Malware" and creating games in your BIOS.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw783 

May 2, 2023

Without visibility into your entire web application attack surface and a continuous find and fix strategy, dangerous threats can expose your organization's blind spots and create risk. Invicti analyzes common web application vulnerabilities across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of application vulnerability trends from automated scan results across regions. In this interview, Invicti's Patrick Vandenberg zooms in on the vulnerabilities plaguing organizations, providing insight into this year's report trends, and guidance on how CISOs and AppSec program leaders can create an environment for their teams that mitigates risk.

Segment Resources:

https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_RSA-CRA-interview-2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand

This segment is sponsored by Invicti. Visit https://securityweekly.com/invictirsac to learn more about them!

 

Flaws in the design and implementation of an application can create business logic vulnerabilities that allow attackers to manipulate legitimate functionality to achieve a malicious goal. What’s more, API-related security incidents exploit business logic, the programming that manages communication between the application and the database. In this discussion, Karl Triebes shares what you need to know about business logic attacks to effectively protect against them.

This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw239

May 2, 2023

Pornhub, LobShot, TMobile, lawsuits, CISA, CERN, AI, Jason Wood, and more on this edition of the Security Weekly News.

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn294

May 2, 2023

Application security is messy and is getting messier. Modern application security teams are struggling to identify what's more important to fix. Cloud security and application security is getting squeezed all together. Modern vulnerability maturity needs a new approach and guidance. Vulnerability management framework and mature defect management is often overlooked as organizations tend to identify issues and stop there. The devil is usually in the details and time gets burned down in identifying who needs to solve what where. Vulnerability Management Maturity Framework has been created to address that.

Segment Resources:

Framework: https://phoenix.security/vulnerability-management-framework/

Books on metrics: https://phoenix.security/whitepapers-resources/data-driven-application-security-vulnerability-management-are-sla-slo-dead/

Vulnerability aggregation and prioritization https://phoenix.security/whitepapers-resources/whitepaper-vulnerability-management-in-application-cloud-security/

Shift left: https://phoenix.security/shift-everywhere/

Vulnerability management talk: https://phoenix.security/web-vuln-management/

Vulnerability management framework playlist (explained) https://www.youtube.com/playlist?list=PLVlvQpDxsvqHWQfqej5Gs7bOd-cq8JO24

How to act on risk: https://phoenix.security/phoenix-security-act-on-risk-calculation/

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw239 

May 2, 2023

CISOs face the complex challenge of protecting organizations against an expanding array of cybersecurity risks. While the role requires constant adaptation to protect against new threats, CISOs often bear the blame when defenses are breached. In this segment Kunal Anand, CTO & CISO, Imperva, discusses the evolution of the role and what aspiring professionals need to know if they want to hold the title.

This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them!

 

Today’s security products are evolving to meet the changing attack surface, each one targeting a specific set of risks. For organizations, this typically means that to increase security maturity, they need to implement a number of different solutions, and as the attack surface continues to expand, their tech stack quickly becomes difficult to manage. It’s time for the industry to help security teams achieve a better balance and reduce this operational burden.

Segment Resources:

 https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000011766&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=video&utm_campaign=ft-rsa-conference

This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrarsac to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw304 

May 1, 2023

This week, it's time for Security Money. We recap Q1 2023 with the latest financial results, funding announcements, and layoffs. Don't miss this quarterly update. At the market close on April 28th 2023: - SW25 Index is 1,404.31, which is an increase of 40.43% (up from last Q) since inception. - NASDAQ Index is 12,226.58, which is an increase of 84.27% (up from last Q) during the same period.

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw304

« Previous 1 2