Info

Paul's Security Weekly TV

Security news, interviews, how-to technical segments. For security professionals by security professionals. We Hack Naked.
RSS Feed Subscribe in Apple Podcasts
Paul's Security Weekly TV
2021
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: Category: podcast
Sep 5, 2021

Benjamin will discuss securing iframes with the sandbox attribute. This segment is sponsored by Acunetix.

 

Visit https://securityweekly.com/acunetix to learn more about them!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw709

Sep 4, 2021

This week in the Security News: Hacking Honda, a fact about single-factor, disarming your home and alarming vulnerability disclosure response, btw, you have a Sudo vulnerability, NSO under investigation, Loki and 0days, Linux turns 30, SANS appoints a new president of the college, how much does your USB thumb drive weigh?, and When "Florida Woman" attacks!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw709

Sep 4, 2021

Paul presents a Technical Segment that walks through Nmap, Vulners scripts, & Flan Scan!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw709

Sep 3, 2021

This week in the Enterprise News, "inertia in cybersecurity strategy", Check Point acquires Avanan, Absolute DataExplorer, BreachQuest Launches with $4.4m in seed funding, Acronym Bingo, & More!!!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw241

Sep 3, 2021

It's time to think more broadly about the R in NDR. Incident responders need a full spectrum of response–from hunting and investigations to remediation–not just another alert cannon. While blocking and containment are important steps, complete incident response is about gathering forensic evidence, sharing it across teams to establish root cause, pulling together an actionable plan, and eradicating the risk or vulnerability from the organization’s environment. ExtraHop's Principal Engineer John Smith joins Security Weekly to discuss.

Segment Resources:

- ExtraHop Extends Response and Forensics Capabilities with Deep Threat Insights for Hybrid Cloud https://www.extrahop.com/company/press-releases/2021/revealx-360-innovations/?uniqueid=FJ07532845&utm_source=security-weekly&utm_medium=podcast&utm_campaign=2021-q3-security-weekly-pr-resource&utm_content=press-release&utm_term=no-term&utm_region=global&utm_product=security&utm_funnelstage=top&utm_version=no-version

- ExtraHop free and interactive demo https://www.extrahop.com/demo/?uniqueid=AN07532846&utm_source=security-weekly&utm_medium=podcast&utm_campaign=2021-q3-security-weekly-demo&utm_content=demo&utm_term=no-term&utm_region=global&utm_product=security&utm_funnelstage=top&utm_version=no-version

 

This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw241

Sep 2, 2021

GitLab is unique in many ways, but our transparency value is pushing us to mature our Security posture faster than attackers. Discover how GitLab iterates quickly to adapt to a world where everyone can contribute.

 

Segment Resources: https://about.gitlab.com/handbook/values/#transparency

 

This segment is sponsored by GitLab. Visit https://securityweekly.com/gitlab to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw241

Sep 2, 2021

SMB needs to understand the importance of being PCI compliant and that just because the verbiage on a website says the vendor is compliant, doesn't make the merchant compliant. Just because it says it from a service provider standpoint, asking for a copy of their AOC is critical. If your merchant service provider is guiding you through the SAQ, or telling you to just check yes or no, they are coercing you into falsifying documents which is a breach of your agreement.

Segment Resources:

https://www.linkedin.com/pulse/what-matters-moreyour-vendor-relationship-your-client-bulin/?published=t

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw85

Sep 1, 2021

SMB needs to understand the importance of being PCI compliant and that just because the verbiage on a website says the vendor is compliant, doesn't make the merchant compliant. Just because it says it from a service provider standpoint, asking for a copy of their AOC is critical. If your merchant service provider is guiding you through the SAQ, or telling you to just check yes or no, they are coercing you into falsifying documents which is a breach of your agreement.

Segment Resources:

https://www.linkedin.com/pulse/what-matters-moreyour-vendor-relationship-your-client-bulin/?published=t

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw85

Sep 1, 2021

Looking into the first half of 2021, there are important indicators of what cyber adversaries are planning next. This will be a conversation about cyberthreat trends and looking into takeaways from big name attacks so far this year.

 

Show Notes: https://securityweekly.com/bsw230

Segment Resources: https://www.fortinet.com/fortiguard/labs https://www.fortinet.com/blog/threat-research

This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Aug 31, 2021

In the Leadership and Communications section, Executives in tech say staff attrition is rising, 7 in 10 Facility Managers Consider OT Cybersecurity a Major Concern, Consumers Concerned About Personal Data Collection, and more!

 

Show Notes: https://securityweekly.com/bsw230

Visit https://www.securityweekly.com/bsw for all the latest episodes! 

Aug 31, 2021

This week in the Application Security News, Mike and John talk: Flaws in Azure's CosmosDB, OpenSSL vulns in string handling, dating app location security, cloud security orienteering, detailed S3 threat model, & more!

 

Show Notes: https://securityweekly.com/asw164

Visit https://www.securityweekly.com/asw for all the latest episodes! 

Aug 30, 2021

In the segment Mike and Caroline will discuss Risk Tolerance and Risk Transfer. They'll touch on the following: risk ranking, risk transfer in supply chain, how to diversify security controls, time vs risk reduction vs vulnerability exposure all from a DevOps perspective. While also touching upon how security is not (and should not) be a gate.

 

Show Notes: https://securityweekly.com/asw164

Visit https://www.securityweekly.com/asw for all the latest episodes!

Aug 29, 2021

This week in the Security News: Some describe T-Mobile security as not good, if kids steal bitcoin just sue the parents, newsflash: unpatched vulnerabilities are exploited, insiders planting malware, LEDs can spy on you, hacking infusion pumps, PRISM variants, 1Password vulnerabilities, plugging in a mouse gives you admin, & yard sales!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw708

Aug 28, 2021

Apple's new M1 systems offer a myriad of benefits for both macOS users, and unfortunately, to malware authors as well. In this talk Patrick details the first malicious programs compiled to natively target Apple Silicon (M1/arm64), focusing on methods of analysis.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw708

Aug 28, 2021

Gain some insights into the OpenVAS project, why you might want to use it and some of the best implementations. This segment will dive right into the extended setup by compiling OpenVAS, and all components, from source code.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw708

Aug 27, 2021

This week, In the Enterprise News, Guardicore Centra lets teams stop ransomware and lateral movement, Netskope streamlines procedures with improved attribution models and collaboration, Cloudflare claims they blocked the ‘greatest DDoS attack in history’, SecurityScorecard partners up with Tenable to improve Risk Management, Sumo Logic delivers on SOAR promise by acquiring DFLabs, SCAR invests in cyber startup Hook Security, Hunters raises $30 Million in Series B, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw240

Aug 27, 2021

Deb has written a thriller series about an evil corporation called GlobeCom that takes over the world through human chip implants and the hackers who rise up against it to break its backbones and its grip on humanity. In it, she sticks very close to technology and hacks in use today to show the ramifications of tech over reach and couch the hackers as heroes. Her characters are drawn from hackers and agents she's met throughout her career and they have reviewed and approved the story. She is currently wrapping up her second book in the series, which delves more into AI and machine learning. She has written for a general audience, and the story is fast-paced and entertaining with reviewers saying her style is akin to Lee Child.

Segment Resources:

The book is available at https://www.amazon.com/Breaking-Backbones-Information-Hacker-Trilogy/dp/1665701080/; and her articles, speaking engagements and more information is available at www.debradcliff.com.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw240

Aug 26, 2021

Deciduous is an app Kelly built with Ryan Petrich that simplifies the process of creating security decision trees. Security decision trees are valuable aids in threat modeling and prioritizing mitigations, harnessing the power of belief prompting from the realm of behavioral game theory.

Segment Resources:

- https://www.deciduous.app/

- https://swagitda.com/blog/posts/rick-morty-thanksploitation-decision-tree/

- https://swagitda.com/blog/posts/deciduous-attack-tree-app/

- https://learning.oreilly.com/library/view/security-chaos-engineering/9781492080350/

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw240

Aug 26, 2021

Because only maintaining compliance is not enough to protect your business from the ever-evolving threat landscape, in this session, we will consider the intersection and codependence of compliance with security, maturity, defensibility and resiliency. An effective and maturing program must also align to a Control Framework so that you can measure its effectiveness and ensure appropriate decisions are made that enable business requirements and protect the security, integrity, and availability of information and technology. All of this must happen through the lens of defensibility which is an essential consideration when making risk decisions. And finally, we will look at what makes a business cyber-resilient. The cyber-strong resilient company has the ability to quickly adapt to disruptions while maintaining continuous business operations, and safeguarding people, assets, and overall brand equity.

To find out more and register with your Security Weekly discount code, visit: https://securityweekly.com/isw2021

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw84

Aug 25, 2021

Because only maintaining compliance is not enough to protect your business from the ever-evolving threat landscape, in this session, we will consider the intersection and codependence of compliance with security, maturity, defensibility and resiliency. An effective and maturing program must also align to a Control Framework so that you can measure its effectiveness and ensure appropriate decisions are made that enable business requirements and protect the security, integrity, and availability of information and technology. All of this must happen through the lens of defensibility which is an essential consideration when making risk decisions. And finally, we will look at what makes a business cyber-resilient. The cyber-strong resilient company has the ability to quickly adapt to disruptions while maintaining continuous business operations, and safeguarding people, assets, and overall brand equity.

To find out more and register with your Security Weekly discount code, visit: https://securityweekly.com/isw2021

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw84

Aug 25, 2021

This Week, In the Leadership and Communications section:10 years later, software really did eat the world, CISOs’ 15 top strategic priorities for 2021, 7 steps to protect against ransomware-related lawsuits, and more!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw229

Aug 24, 2021

Ben Carr, Qualys CISO, joins Business Security Weekly to share his views on the evolving role of the CISO. He’ll dive into the ever changing risks and how CISOs need to understand those risks to be truly aligned to the business. He will also discuss the different types of CISOs and how to align your direction and focus with that of a company's needs.

 

This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw229

Aug 24, 2021

This week Mike & John discuss: BlackBerry addresses BadAlloc bugs, glibc fixes a fix, more snprintf misuse that leads to command injection, ProxyLogon technical details, & more in the AppSec News!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw163

Aug 23, 2021

Open Source is the new mainstream of software development. However not much attention is paid on security in the upstream community for creating robust and secure software. At the LF, we are working on some initiatives and tools to help bridge the gap between functional and secure code, so that the benefits flow downstream to all users of OSS.

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw163

Aug 22, 2021

Shifting security left is good - but it’s an incomplete strategy that often leads to a false sense of security. In this segment, Sonali will discuss how organizations can reduce their risk of breach by embracing the modern AppSec techniques, that will allow development, operations and security teams to work together in order to efficiently and effectively secure all of their applications.

This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw707

1 « Previous 2 3 4 5 6 7 8 Next » 8