Info

Security Weekly Podcast Network (Video)

Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
RSS Feed Subscribe in Apple Podcasts
Security Weekly Podcast Network (Video)
2024
October
September
August
July
June
May
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: Page 5
Aug 1, 2024

Hacking traffic lights (for real this time), the Docker API strikes again, access Github deleted data, using EDR to elevate privileges on Windows, computers I need in my life, failed experiments and Raspberry PI access points, sitting ducks and TuDoor - its always DNS times 2, null sessions and a blast from the past, chaining UEFI vulnerabilities, pirates exposed, revoking SSL certificates, and using AI to analyze your brain: Multimodal Automated Interpretability Agent!

Show Notes: https://securityweekly.com/psw-837

Aug 1, 2024

John is one of the foremost experts in UEFI and joins us to talk about PK Fail! What happens when a vendor in the supply chain accidentally loses a key? It's one of the things that keeps me up at night. Well, now my nightmare scenario has come true as a key has been leaked. Learn how and why and what you can do about it in this segment!

Show Notes: https://securityweekly.com/psw-837

Jul 30, 2024

Forever Mouse, RPC, WhatsApp, NIST, PKFail, 0Auth, Josh Marpet, and More, on this Edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-402

Jul 30, 2024

Modern appsec isn't modern because security tools got shifted in one direction or another, or because teams are finding and fixing more vulns. It's modern because appsec is meeting developer needs and supporting the business. Paul Davis talks about how AI is (and isn't) changing appsec, the KPIs that reflect outcomes rather than being busy, and the importance of communication for security teams.

This segment is sponsored by JFrog. Visit https://securityweekly.com/jfrog to learn more about them!

Show Notes: https://securityweekly.com/asw-293

Jul 30, 2024

The CISO role has been evolving for 20 years, but the last 2 years have accelerated that evolution. Some might say it's evolving into extinction. What are the factors driving this evolution?

Allan Alford, CEO at Alford and Adams Consulting and host of The Cyber Ranch Podcast, joins Business Security Weekly to discuss this evolution and some of the factors driving these trends. In this interview, Allan will share his insights:

  • Migratory Trends of the CISO
  • CISO Skill Sets: Technical or Business?
  • The Language of the CISO

Show Notes: https://securityweekly.com/bsw-358

Jul 29, 2024

Identity, the security threat that keeps on giving. For the 17th year in a row, identity is one of the top threats identified in the Verizon DBIR. Why?

Dor Fledel, Senior Director of Product Management at Okta and Co-Founder of Spera, joins Business Security Weekly to discuss the challenges of identity and how to solve them. From numerous disparate identity systems to a proliferation is SaaS application usage, Dor explains why Identity SecurityPosture Management is critical component to identify vulnerabilities, prioritize risks, and streamline remediation. If you're struggling with securing your identities, don't miss this interview.

Segment Resources: https://www.okta.com/products/identity-security-posture-management/ https://www.okta.com/secure-identity-commitment/

This segment is sponsored by Okta. Visit https://www.securityweekly.com/okta to learn more about them!

Show Notes: https://securityweekly.com/bsw-358

Jul 27, 2024

This week, on Enterprise Security Weekly, we've got:

  1. Identity Security gets more funding
  2. Wiz walks away
  3. BlackHat Announces Startup Spotlight Finalists
  4. Crowdstrike post mortem
  5. Simple Security Tricks are the Best Security Tricks
  6. Splitting the CISO role
  7. Web scraping for AI is out of control
  8. SEC vs Solarwinds
  9. Vaping the Internet

Show Notes: https://securityweekly.com/esw-369

Jul 26, 2024

Edward Wu thinks so! Understandably so, as his startup, Dropzone.ai is making a big bet on generative AI to change the face (and pace) of security operations.

We'll talk about what has changed here, and I have so many questions:

  • after many generations of AI/ML technology in security, is the current gen really that dramatically different?
  • Dropzone is far from the only startup with the same idea here, how will they differentiate?
  • Is the problem that we need more help than we can possibly hire, or are we fundamentally doing something wrong in security operations?
  • Specifically, what is this tech doing to help?

Finally, we'll wrap by talking about where this tech goes next, and can we get there with current technology, or are we dependent on more breakthroughs from companies like OpenAI, Anthropic, and Meta?

Show Notes: https://securityweekly.com/esw-369

Jul 26, 2024

Twitter Opt-In, the DOJ, DarkSeoul, Fake Employees, PlugX, Stargazer Ghost, Aaran Leyland, and More on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-401

Jul 26, 2024

The emergence of generative AI has caused us to rethink things on two fronts:

  1. how we consume threat detection data, as defenders
  2. how we need to shift our thinking and approaches to prepare for attackers' newfound GenAI capabilities

But wait - is GenAI even useful for defenders or attackers? We'll dive deep into the state of AI as it pertains to security operations, just as Gartner announces that AI is hitting the trough of disillusionment. What better time to dispel the hype and focus on where real progress can be made?

Show Notes: https://securityweekly.com/esw-369

Jul 25, 2024

Segment description coming soon!The Crowdstrike incident: what happened and what we can do better, people forget what 0-Day really means, shutting off the heat in January, honeypot evasion and non-functional exploits, what not to use to read eMMC, what if we don't patch DoS related vulnerabilities, a CVSS 10 deserves its own category, port shadow attacks, IPC and DBUS and a very informative and entertaining article, container breakouts, when you are bored on an airplane, Linksys security violations, fake IT workers, Telegram 0-day, and how to be more resilient on the same technology stack!

Show Notes: https://securityweekly.com/psw-836

Jul 25, 2024

Doug and the Security Weekly crew talk about vulnerabilities, are we patching the right things? This is the burning question. We will try to answer it.

Segment Resources: https://blog.sonicwall.com/en-us/2024/04/patch-tuesday-which-vulnerabilities-really-need-prioritizing/

Show Notes: https://securityweekly.com/psw-836

Jul 24, 2024

SAPwned demonstrates tenets of tenant isolation, a weak login flow puts Squarespace domains at risk, how AIs might (or might not) be useful for fixing code, getting buy-in for infosec investments, and more!

Show Notes: https://securityweekly.com/asw-292

Jul 23, 2024

Security is a risk management discipline. No one understand that more than Jeff Recor. Jeff has built risk management practices for Deloitte, Grant Thornton, and Accenture and has recently formed his own risk consulting practice. In this unscripted interview, Jeff will share his insights on the evolution of security as a risk management discipline, what CEOs and Boards really need, and how CISOs can be successful as a business leader.

Show Notes: https://securityweekly.com/bsw-357

Jul 23, 2024

Generative AI has produced impressive chatbots and content generation, but however fun or impressive those might be, they don't always translate to value for appsec. Allie brings some realistic expectations to how genAI is used by attackers and can be useful to defenders.

Segment resources:

Show Notes: https://securityweekly.com/asw-292

Jul 23, 2024

Elon's Killer Robots, Crowdstrike and More Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet, and more, on this Edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-400

Jul 23, 2024

Back in April, we covered a story on episode #348 titled "CISO-CEO communication gaps continue to undermine cybersecurity". In that article, Sumedh Thakar, the CEO at Qualys, stated "CISOs must translate technical risks into business impact for CEOs." But he didn't say how. So, we invited him on the show to explain. In this episode, Sumedh walks us through real life interactions with his CISO and Board and explains why security needs to be communicated in business terms.

Show Notes: https://securityweekly.com/bsw-357

Jul 19, 2024

In this episode of Security Weekly News, Dr. Doug White and Josh Marpet delve into the widespread impact of the recent CrowdStrike and Microsoft technical issue, which disrupted various industries, including airlines, DMVs, and hospitals. They discuss the interconnectedness of modern systems, the reliance on automatic updates, and the critical need for thorough testing and third-party risk management. Emphasizing the importance of understanding and planning for system failures, the hosts highlight the necessity for comprehensive inventories, continuous monitoring, and robust backup plans to ensure business continuity and resilience. Tune in for expert insights into mitigating the significant consequences of system failures.

Show Notes: https://securityweekly.com/swn-399

Jul 19, 2024

In this week's enterprise security news,

  1. Google is rumored to be considering acquiring Wiz for $23 BILLION
  2. ThreatConnect acquires Polarity
  3. XBOW and Sola Security are interesting new companies we’ll discuss
  4. What does “shared responsibility” actually mean?
  5. Palo Alto probably isn’t going to buy your startup
  6. Snowflake-related breaches continue getting worse
  7. MUCH less AI talk than usual
  8. Defragmenting your browser

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-368

Jul 19, 2024

On this segment, we're going to zoom all the way out to discuss one of my favorite topics: what's fundamentally wrong with this industry? I believe we're at an inflection point: security teams have budget, staff, and more sway at the board level than ever. The cybersecurity market is doing great - growing at an astonishing rate with cyber startups that almost never fail and funding that survives every market downturn.

So why are failures also breaking records? What are we getting wrong? Why are we failing?

These are the questions Richard, Katie, and I will try to answer in this segment.

Segment Resources:

Show Notes: https://securityweekly.com/esw-368

Jul 19, 2024

Three years after we last discussed this book on episode #221, Jarrett Rodrick returns, joined by co-author Tyler Wall to discuss an update of the book. We talk opportunities and layoffs. Career paths and experience. Degrees, certifications, and home labs. We talk about who cybersecurity is the right field for, and the pros and cons of the industry as a whole.

We also talk myths and reality about a cybersecurity career. Can you really make $100k just a few years in? Is it really an entry level field? Are you better off entering cyber from IT or the military?

Segment Resources:

Show Notes: https://securityweekly.com/esw-368

Jul 18, 2024

Find new flaws in UEFI using STASE, combining vulnerabilities to exploit Sonicwall Devices, remote BMC exploits, Netgear patches, and not a lot of information, 22 minutes before exploited, if the secrets were lost, we'd all be in screwed, Exim has not been replaced by something better and its vulnerable, CISA's red team reports, and attackers use drivers to attack EDR, the saga continues!

Show Notes: https://securityweekly.com/psw-835

Jul 18, 2024

Thinking about getting a 3D printer or have one and need a good primer? Check out this segment, we live 3D print a Captain Crunch whistle and talk all about 3D printing for hackers!

Segment Resources:

Major 3D Printer Websites:

Major 3D File libraries:

Youtube Channels:

  • Uncle Jessy
  • CnC Kitchen
  • The Edge of Tech
  • Makers Muse

Show Notes: https://securityweekly.com/psw-835

Jul 16, 2024

Cloudflare's 2024 appsec report, reasoning about the Cyber Reasoning Systems for the upcoming AIxCC semifinals at DEF CON, lessons in secure design from post-quantum cryptography, and more!

Show Notes: https://securityweekly.com/asw-291

Jul 16, 2024

Floppy Disks, Exim, Kaspersky, Darkgate, AT&T, Josh Marpet, and more are on this edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-398

1 « Previous 2 3 4 5 6 7 8 Next » 171