Peter Smith is the Founder & CEO of Edgewise. Peter will be covering the Capital One breach and the AWS metadata service with request forgery. He will explain how to solve this problem with Edgewise.
To learn more about Edgewise, visit: https://securityweekly.com/edgewise
Full Show Notes: https://wiki.securityweekly.com/Episode619
Visit https://www.securityweekly.com/psw for all the latest episodes!
Corey Thuen is the Co-Founder at Gravwell. Security analytics using the new Sysmon DNS logging and Sysmon DNS logging dropped this week.
Full Show Notes: https://wiki.securityweekly.com/Episode618
Visit https://www.securityweekly.com/psw for all the latest episodes!
Paul gives a technical segment on deobfuscating JavaScript to investigate phishing domains.
To learn more about DomainTools, visit: https://securityweekly.com/domaintools
Full Show Notes: https://wiki.securityweekly.com/Episode617
Visit https://www.securityweekly.com/psw for all the latest episodes!
Paul, Larry, Doug, and Gabe talk about Software Development: Security Do's & Don'ts.
→Visit our website: https://www.securityweekly.com
→Follow us on Twitter: https://www.twitter.com/securityweekly
→Like us on Facebook: https://www.facebook.com/secweekly
Talk about the way Signal Sciences is implemented, especially in the container world. Where we sit in the stack for protection of the web apps in those containers and common first things identified after install (Attack Scanners, Injection Attacks, actionable anomalies like 404 or 500 errors). Finally do a short demo walking through installing Signal Sciences in a Kubernetes environment and the Signal Sciences dashboard.
To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences
Full Show Notes: https://wiki.securityweekly.com/Episode614
Visit https://www.securityweekly.com/psw for all the latest episodes!
Kathleen Smith is the CMO at CyberSecJobs.Com/ClearedJobs.Net. We all have cool tools, but not necessarily the best ones for career search or professional development. Why is it so hard? Many of the resources are at our fingertips, we just are using them or are too scared to reach for them.
Slides: https://www.slideshare.net/CyberSecJobs/cyber-security-community-volunteering-survey-results-2018
Links to more slides here: https://wiki.securityweekly.com/Episode610
→Visit our website: https://www.securityweekly.com
→Follow us on Twitter: https://www.twitter.com/securityweekly
→Like us on Facebook: https://www.facebook.com/secweekly
We welcome back Bryson Bort, who is the Founder/CEO of GRIMM. Bryson will be talking about Purple Teaming, Top Attack Simulation Scenarios, and Testing Command & Control Channels.
To learn more about SCYTHE, visit: https://securityweekly.com/scythe
Full Show Notes: https://wiki.securityweekly.com/Episode609
Follow us on Twitter: https://www.twitter.com/securityweekly
We welcome back Corey Thuen, Founder and CEO of Gravwell, to talk about security analytics using the new Sysmon DNS logging that dropped this week!
To get involved with Gravwell, visit: https://securityweekly.com/gravwell
Full Show Notes: https://wiki.securityweekly.com/Episode608
Follow us on Twitter: https://www.twitter.com/securityweekly
Paul Asadoorian and Robert Graham from Errata Security show you how to search for the BlueKeep vulnerability, or CVE-2019-0708, that has been affecting hundreds of thousands of systems!
Full Show Notes: https://wiki.securityweekly.com/Episode606
Follow us on Twitter: https://www.twitter.com/securityweekly
We welcome Matthew McMahon, Head of Security Analytics at Salve Regina University, to talk about Medical devices, Cybersecurity and Resilience, and Cybersecurity Training!
Full Show Notes: https://wiki.securityweekly.com/Episode605
Follow us on Twitter: https://www.twitter.com/securityweekly
Federico Simonetti is the CTO of Xiid Corporation. Federico comes on the show to discuss How To Fix Identity & Access Management.
Full Show Notes: https://wiki.securityweekly.com/Episode604
Follow us on Twitter: https://www.twitter.com/securityweekly
Guru Pandurangi is the CEO and Founder of Cloudneeti, to talk about how their SaaS product is delivering continuous cloud security and compliance assurance to businesses migrating or using cloud providers such as Azure, AWS, Office365, to develop and host their applications!
To learn more about Cloudneeti, visit: https://securityweekly.com/cloudneeti
Full Show Notes: https://wiki.securityweekly.com/Episode601
Follow us on Twitter: https://www.twitter.com/securityweekly
In the Technical Segment, we welcome back our friend Chris Brenton, Chief Operating Officer at Active Countermeasures, to discuss why threat hunting is the missing link between our protection tools and our response tools, and will take a deep dive into the AI Hunter!
To learn more about Active Countermeasures and to get the slides for the Technical Segment today, visit: https://securityweekly.com/acm Full Show Notes: https://wiki.securityweekly.com/Episode599
Follow us on Twitter: https://www.twitter.com/securityweekly
In this segment, we run a Technical Demo with our sponsor DomainTools, all about Domain Investigation with DomainTools Iris!
To learn more about DomainTools, visit: https://securityweekly.com/domaintools
Full Show Notes: https://wiki.securityweekly.com/Episode598
Follow us on Twitter: https://www.twitter.com/securityweekly
We welcome Peter Smith, Founder and CEO of Edgewise to talk about the evolution of Zero Trust! Smith, Edgewise Founder and CEO, is a serial entrepreneur who built and deployed Harvard University’s first NAC system before it became a security category. Peter brings a security practitioner’s perspective to Edgewise with more than ten years of expertise as an infrastructure and security architect of data centers.
To learn more about Edgwise, visit: https://securityweekly.com/edgewise/
Full Show Notes: https://wiki.securityweekly.com/Episode597
Follow us on Twitter: https://www.twitter.com/securityweekly
Marcello Salvati, Security Analyst at our sponsor Black Hills Information Security, to give some updates on his Post Exploitation Tool SILENTRINITY! Sign up for the BHIS Mailing List to receive updates about upcoming webcasts, blogs, and open-source tools from our testers at: https://securityweekly.com/bhis
Full Show Notes: https://wiki.securityweekly.com/Episode595
Follow us on Twitter: https://www.twitter.com/securityweekly
There are quite a few choices for selecting open-source and inexpensive hardware to build your network and provide tools to monitor for security events. In this segment we'll discuss some of the options, the pros and cons of each, limitations, and really cool features! Includes coverage of Qotom hardware, how to procure enterprise-grade switches, the right cabling, and OPNSense and pfSense.
Full Show Notes: https://wiki.securityweekly.com/Episode594
Follow us on Twitter: https://www.twitter.com/securityweekly
DetectionLab is a collection of Vagrant and Packer scripts that allows you to automate the creation of a small active directory network that is pre-loaded with endpoint security tooling and logging best practices with a single command. It's cross-platform and the only requirements to bring up the lab are are Virtualbox / VMware and Vagrant.
Full Show Notes: https://wiki.securityweekly.com/Episode593
Follow us on Twitter: https://www.twitter.com/securityweekly
Joff will demonstrate some syntax with PowerShell useful for transferring data into a network while pen testing. The technical segment assumes that the pen testing is able to directly use PowerShell from the console itself, although the techniques can be adapted for different purposes.
To learn more about BHIS, visit: https://securityweekly.com/bhis
Full Show Notes: https://wiki.securityweekly.com/Episode590
Follow us on Twitter: https://www.twitter.com/securityweekly
Kory Findley talks about his Github project pktrecon. Internal network segment reconnaissance using packets captured from broadcast and service discovery protocol traffic. pktrecon is a tool for internal network segment reconnaissance using broadcast and service discovery protocol traffic. Individual pieces of data collected from these protocols include hostnames, IPv4 and IPv6 addresses, router addresses, gateways and firewalls, Windows OS fingerprints, and much more. This data is correlated and normalized with attackers in mind, and provides an effective method of initiating an engagement and obtaining as much target data as possible before resorting to more active methods.
Full Show Notes: https://wiki.securityweekly.com/Episode589
Follow us on Twitter: https://www.twitter.com/securityweekly
The Security Weekly crew has a lively topic discussion on the following: Security Breaches, Privacy, Vulnerability Disclosure, Evaluating Security Solutions, and Compliance.
Full Show Notes: https://wiki.securityweekly.com/Episode588
Follow us on Twitter: https://www.twitter.com/securityweekly
Vaughn will discuss using freely available tools and logs you are already collecting to detect attacker behavior. Vaughn has a cookbook that will allow you to configure and analyze logs to detect attacks in your environment. You don't need anything fancy to detect attacks, use what you have along with freely available tools and techniques!
To get involved with LogRhythm, go to: https://securityweekly.com/logrhythm
Full Show Notes: https://wiki.securityweekly.com/Episode587
Follow us on Twitter: https://www.twitter.com/securityweekly
Marcello Salvati is a security consultant at BHIS, and is giving a technical segment on SilentTrinity. Marcello will solve the red team tradecraft problem of gaining dynamic access to the .net api without going through powershell.
To learn more about Black Hills Information Security, go to: https://www.blackhillsinfosec.com/PSW
Full Show Notes: https://wiki.securityweekly.com/Episode585
Follow us on Twitter: https://www.twitter.com/securityweekly
Lenny Zeltser the VP of Products at Minerva, will be giving a technical segment on Evasion Tactics in Malware from the Inside Out. He will explain the tactics malware authors use to evade detection and analysis and find out how analysts examine these aspects of malicious code with a disassembler and a debugger.
To learn more about Minerva Labs, go to: https://l.minerva-labs.com/security-weekly
Full Show Notes: https://wiki.securityweekly.com/Episode585
Follow us on Twitter: https://www.twitter.com/securityweekly
Sven will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function. He will show the format of serialized PHP Objects, explain PHP's magic methods and how to write an exploit for a PHP Object Injection vulnerability during his technical demo.
Full Show Notes: https://wiki.securityweekly.com/Episode584
To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly
Follow us on Twitter: https://www.twitter.com/securityweekly