Login
This week, we welcome Katelyn Bowden, CEO of BADASS, (Battling Against Demeaning and Abusive Selfie Sharing), to talk about her journey, and how she started BADASS! In our second segment, we present you with a Technical Segment to talk about Adventures in AWS Computing! In the Security News, Google shares private videos with the wrong users, how to get hacked through a Philips Hue smart hub, Buggy Iowa Caucus App is actually Buggy? No way!, how US cities have handled their fight against cybercrime attacks, and how someone sabotaged their boss with ransomware from the dark web!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode638
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, in the Enterprise Security News, Preempt Security Becomes First in Industry to do Real-Time Threat Detection for Encrypted Authentication Protocol Traffic, Actionable Searching and Data Download with Vulnerability Management Dashboards, Companies and employees embrace BYOD but with compliance and risk challenges! In our second segment, we interview Wilson Bautista, Founder of Jun Cyber, to talk about leadership, DevOps and Security working together to provide security for the business! In our final segment, we welcomeMalcolm Harkins, Chief Security & Trust Officer at Cymatic, to discuss the security profits from the insecurity of computing thus at a macro economic level has no real economic incentive to solve many of the risk issues we face!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode171
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome David Starobinksi, Professor, Department of Electrical and Computer Engineering at Boston University, to discuss the changes in network communications in both the wireless and IoT world! In the Leadership and Communications segment, 9 Quotes By NBA Legend Kobe Bryant That Might Impact Our Lives Forever, How to Build Trust with Business Partners from Other Cultures, and For zero trust to work, machines and humans require identities, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode161
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Chris Roberts, CSS of Attivo Networks! You are hedging your bets, hoping that someone else gets breached first, don't believe it's as big as an issue as people make out, keeping your insurance companies happy, telling your board "we're ok" and, basically avoiding looking in the mirror. We interview Chris Roberts to talk about bridging the gap in the learning process that companies only follow when they are breached!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode16
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Everyone wins in Iowa, Twitter has conspiracy theories? No way! Hackers steal billions and don't get caught, Iowa Election Apps secured by "obscurity", and the top 24 passwords found on the Dark Web. In the Expert Commentary, we welcome back Jason Wood, to talk about a New Iranian Campaign Tailored to US Companies Utilizes an Updated Toolset!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode9
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Mike, John, and Matt review the presentation given by Clint Gilber at AppSec Cali, An Opinionated Guide to Scaling Your Company's Security! In the Application Security News, Xbox Bounty Program, Magento 2.3.4 Patches Critical Code Execution Vulnerabilities, Remote Cloud Execution - Critical Vulnerabilities in Azure Cloud Infrastructure, RCE in OpenSMTPD library impacts BSD and Linux distros, Fintechs divided on screen scraping ban, and Zero trust architecture design principles!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode94
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Gene Kim, Founder, Researcher, and Author of the Phoenix Project and The Unicorn Project, to talk about his goals and aspirations in The Unicorn Project, take a deep dive into the Five Ideals, and how DevOps will be a major player for decades to come! In our second segment, we welcome back Peter Smith, CEO, and Co-Founder of Edgewise, to talk about Stopping Python Backdoor Attacks, and how similar attacks have managed to evade traditional network security defenses and propagate inside their target environments! In the Security News, NHS alerted to severe vulns in GE health equipment, Ragnarok Ransomware targets Citrix ADC & disables Windows Defender, suspected Magecart hackers arrested in Indonesia, Wawa breach data was found for sale, and a mega-breach that exposed more than 250 million users!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode637
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
To learn more about Edgewise, visit: https://securityweekly.com/edgewise
Visit https://securit Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
DEFCON is canceled from Coronavirus, Ragnarok Ransomware Runs Ragged Rapidly, Avast suddenly stops selling your data to third parties and shutters Jumpshot, Charges against Coalfire Red Team dropped in Dallas County, and 20 Board Members realize that Cybersecurity is more than just some guy named Ned in the Basement!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode8
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about New Cisco and AppDynamics integration bridges IT and DevOps for app management, Citrix and FireEye Mandiant Launch Indicator of Compromise Scanner, Sophos Introduces Intercept X for Mobile, Optimizing Your IT Spend as You Move to the Cloud, and more! In our second segment, we will deliver a Technical Segment on Migrating Legacy Apps to the Cloud Pt. 1! In our final segment, we welcome Steven Bay, Director of Security Operations at Security On-Demand, to discuss Edward Snowden and the Insider Threat!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode170
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Jeff, Scott, Josh, and Matt talk about Cyber Insurance! They'll dive into some topics such as Relationship and dilution of responsibility between brokers, underwriters, and reinsurance companies, Cost of Cyber Insurance, and much more! In the Security and Compliance News, Dallas County Acquires Cyber Insurance through ICAP, Ransomware Claims Driving Up Cyber Insurance Costs, Cowbell Cyber Demystifies Cyber Insurance with Cowbell Prime 100, The Cold Truth About Your Cyber Insurance, and more!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode15
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Michael Figueroa, Independent Executive Security Advisor, to discuss the challenges of CISOs and the differences between large enterprises and small businesses! In the Leadership and Communications segment, Board members find cybersecurity risk an existential threat, When Community Becomes Your Competitive Advantage, The Little Things That Make Employees Feel Appreciated, Don't Stay in Your Lane: The Secret to Developing Your Career, and more!
ย
Like us on Facebook: https://www.facebook.com/secweekly
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, How all vehicles are on the road to being hackable, Misinformation on the internet regarding the Corona virus? No way!, Jersey police are barred from using Clearview, CDC report on the Coronavirus, and Coveware reports said that ransomware payments increased over 100% in Q4 of 2019! In the Expert Commentary, we welcome Jason Wood of Paladin Security, to talk about how Leaked Documents Expose the Secretive Market for Your Web Browsing Data!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode7
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome John Butler, Solutions Engineer at Guardsquare, to discuss Dynamically Protecting Mobile Applications with RASP! In the Application Security News, Insecure configurations expose GE Healthcare devices to attacks demonstrate more simple flaws with high impacts, NSA Offers Guidance on Mitigating Cloud Vulnerabilities, Enumerating Docker Registries with go-pillage-registries for pentesters searching for useful information, and more!
ย
Like us on Facebook: https://www.facebook.com/secweekly
To request a demo with Guardsquare, please visit: https://securityweekly.com/guardsquare
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Dug Song, Co-Founder and General Manager of Duo Security at Cisco, to discuss the vision and culture behind Duo Security, and talk about his journey from when he began his start in Information Security! In our second segment, we welcome Mike Godwin, Distinguished Senior Fellow at R Street Institute, to talk about Digital Rights and Privacy! In the Security News, Microsoft Security Shocker As 250 Million Customer Records Exposed Online, the NSA Offers Guidance on Mitigating Cloud Flaws, Multiple Vulnerabilities Found in AMD ATI Radeon Graphics Cards, Brazil prosecutes Glenn Greenwald in an attack on press freedom, and Cybersecurity Lessons Learned from 'The Rise of Skywalker'!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode636
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White brings the Security Weekly News update for the week of January 20, 2020, to discuss the top news stories of the week, across all of the Security Weekly Network shows!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode6
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about Security Compass securing funding to enhance solutions portfolio and accelerate growth, Micropatch simulates workaround for recent zero-day IE flaw, New Kaspersky Sandbox automates protection from advanced threats, FireEye adds Cloudvisory to its stable, and some funding and acquisition updates from ServiceNow, Sysdig, Waterfall Security Solutions, and more! In our second segment, we welcome Alex Horan, Director of Product Management of Onapsis, and JP Perez, CTO of Onapsis, to discuss SAP Vulnerability and the current state as it relates to SAAP Vulns and Security! In our final segment, we welcome Robert Siciliano, Security Awareness Expert, to discuss Security Awareness: Empowering employees to care about security through security appreciation training!
ย
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode169
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, we welcome Chase Robertson, CEO at Robertson Wealth Management, to discuss the state of the financial markets in 2020 and beyond! In our second segment, it's our quarterly Security Money update! This segment tracks the Top 25 public security vendors, known as the Security Weekly 25 Index, and the private funding!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode159
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Trevor Bryant, Senior Information Security Architect at Epigen Technology, to talk about the Risk Management Framework, and how to leverage sound business practices to promote security and compliance initiatives in the workplace!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode14
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Clearview app lets strangers find your information through Facial Recognition, Travelex begins reboot as VPN bug persists, ADP users hit by Phishing Scam, Exposed Telnet ports lead to over 500,000 IoT devices credentials stolen, and over 1000 local governments reported they were hit by ransomware in 2019! In the Expert Commentary, we welcome Jason Wood of Paladin Security, to talk about how the FBI is to inform election officials about hacking attempts!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode5
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week in our first segment, Mike, Matt, and John, discuss Protecting Data in Apps and Protecting Apps from Data! In the Application Security News, PoC Exploits Published For Microsoft Crypto Bug disclosed by NSA, Introducing Microsoft Application Inspector, Vulnerability management requires good people and patching skills, and DevSecOps: 10 Best Practices to Embed Security into DevOps are more like 10 verbs related to DevOps responsibilities!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode92
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, in the Security News, A Powerful GPG collision attack spells the end for SHA-1, an unpatched Citrix Flaw now has PoC Exploits, a Lottery hacker gets 9 months for his 5 cut of the loot, Windows 10 has a security flaw so severe the NSA disclosed it, and PayPal patches a high severity password vulnerability! In our second segment, we welcome Ryan Speers & Jeff Spielberg of River Loop Security, to talk about Embedded Product Security: Left of Ship! In our final segment, we will be airing our Hacker Culture Roundtable, recorded from the Security Weekly Christmas Extravaganza, with a boatload of hosts from the Security Weekly Family!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode635
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Highlights from the Security Weekly shows this week, including dealing with personalities and compliance, Windows 10 exploits, alert fatigue in your SoC, security for startups, Windows 10 exploits, Tik Tok backdoors, lottery hack, 5G (in)security and more!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode4
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about How to Create Easy and Open Integrations with VMRays REST API, Zimperium integrates with Microsoft Defender Advanced Threat Protection EDR, PacketViper Deception360 now available for Microsoft Azure, Up Your Vulnerability Prioritization Game with Tenable Lumin for Tenable.sc, and Say Goodbye to Windows Server 2008 and Hello to Azure?! In our second segment, we welcome Mark Orlando, Founder, and CEO of Bionic, to discuss Outdated Defense Approaches and the need to revisit traditional thinking about security operations in the Enterprise! In our final segment, we welcome Ward Cobleigh, Product Line Manager at VIAVI Solutions, to discuss VISA Security Alerts - What we can learn, and what we can do!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode168
To learn more about VIAVI Solutions, visit: https://securityweekly.com/viavi
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Al Ghous, VP and Head of Security at ServiceMax, to discuss Startup Security - It s Everyone s Business! In the Leadership Articles, Unexpected Companies Produce Some of the Best CEOs, Security Think Tank: Hero or villain? Creating a no-blame culture, The Guy Who Invented Inbox Zero Says We're All Doing It Wrong, Enterprise-scale companies adopting Azure over AWS, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode158
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Ben Rothke, Senior Information Security Specialist for Tapad, to talk about the Multiple Personalities we encounter during Compliance and Audit Engagements! In the Security and Compliance news, A Risk Assessment Path to Real-Time Assurance, Culture, Integrity and the Board's Role in Guarding Corporate Reputation, Skills For the Compliance Professional in the 2020s, Four Compliance Insights For 2020 and Beyond, Compliance Officer Burnout, Why You Should Draft a Compliance Mission Statement, and more!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode13
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Tesla goes Pwn2Own again this year, GRU "hacks" a Ukranian gas company at the heart of scandals in DC, Microsoft has officially ended support for Windows 7 and Server 2008, and a nasty bug in Firefox, Citrix exploits are being well...exploited, and the return of Emotet! In the Expert Commentary, we welcome Jason Wood of Paladin Security, to talk about The State of 5G Security!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode3
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Hillel Solow, CTO at Check Point, to discuss The Evolution of DevSecOps and AppSec Trends in 2020! In the Application Security News, Policy and Disclosure: 2020 Edition, A look back & forward for bug bounties over the past decade, 4 Ring Employees Fired For Spying on Customers, Exploit Fully Breaks SHA-1, Lowers the Attack Bar, The Open Source Licence Debate: Comprehension Consternations & Stipulation Frustrations, Synopsys Buys Tinfoil, and Rotate Your Amazon RDS, Aurora, and Amazon DocumentDB (with MongoDB compatibility) Certificates!
ย
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode91
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
Welcome to the first-ever Security Weekly News Wrap up for the week of January 5th, 2020. We have a massive amount of content here on Security Weekly every week, and Doug White is here to try and sum it all up for you, so you can just hit the high points for the week. So, stick around, and we'll cover all the shows and all the top stories of the week!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode2
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Dan DeCloss, President and CEO at PlexTrac, to talk about How to Improve Penetration Testing Outcomes with Purple Teaming! In our second segment, we welcome Ambuj Kumar, CEO, and Co-Founder of Fortanix, to discuss The Keys to Your Kingdom: Protecting Data in Hybrid and Multiple Public Clouds! In the Security News, Car hacking hits the streets, Four Ring employees fired for spying on customers, MITRE presents ATT&CK for ICS, and Las Vegas suffers cyberattack on the first day of CES!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode634
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about Tapplock introducing new enterprise fingerprint scanning padlock accessories, Protecting corporations without sacrificing performance with Cloudflare, as well as their acquisition of S2 Systems, Pulse Secure, and SecureWave enter a partnership, Mimecast acquires Segasec, and more! In our second segment, we discuss Docker Container Security - Vulnerable Upon Inception! In our final segment, we welcome back Britta Glade, Director of Content and Curation for RSAC, and Linda Gray, Senior Director and General Manager for RSAC, to discuss what to expect at the world's largest cybersecurity conference in San Francisco!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode167
To register for RSAC 2020 using our discount code or to book an interview with Security Weekly on-site at RSA Conference visit: https://securityweekly.com/rsac2020
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
This week on Security and Compliance Weekly, we welcome Ian Amit, CSO at Cimpress, to discuss utilizing quantitative (vs qualitative) metrics in a security program, maturing it from a technical novelty to something a business can align with and see value from, and understanding where security fits into risk management!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode12
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week on Business Security Weekly, Matt Alderman, Paul Asadoorian and Jason Albuquerque discuss the best and worst companies and performance of 2019 including Amazon, Apple, Lululemon, Facebook, Boeing, and Pacific Gas and Light! In the Leadership and Communications segment, 5 CIO and IT leadership trends for 2020, First Look: Leadership Books for January 2020, The Right Way to Form New Habits, and 5 Questions You Can Ask to Learn About Company Culture in a Job Interview and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode157
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Happy New Year and welcome to the first episode ever of Security Weekly News! It's another year of malware, exploits, and fun here on the Security Weekly Network, with your host, Doug White! Ransomware, TikTok, and in the Expert Commentary, we welcome Jason Wood of Paladin Security, to talk about Iranian Cyber Threats: Practical Advice for Security Professionals!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode1
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week on Application Security Weekly, Mike Shema and Matt Alderman discuss Privacy by Design - The 7 Foundational Principles! In the Application Security News, Featured Flaws and Big Breaches, Cloud, Code and Controls (Python is dead. Long live Python!), Learning and Tools (Breaking Down the OWASP API Security Top 10), and Food for Thought (Facebook will stop mining contacts with your 2FA number, 6 Security Team Goals for DevSecOps in 2020, 7 security incidents that cost CISOs their jobs)!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode90
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Kavya Pearlman, CEO at XR Safety Initiative, to talk about Who is going to protect the Brave New Virtual Worlds, and HOW?! In our second segment, we welcome Chris Painter, Commissioner at the Global Commission on the Stability of Cyberspace, to discuss Diplomacy, Norms, and Deterrence in Cyberspace! In the security news, mysterious Drones are Flying over Colorado, 7 Tips for Maximizing Your SOC, The Most Dangerous People on the Internet This Decade, North Korean Hackers Stole 'Highly Sensitive Information' from Microsoft Users, Critical Vulnerabilities Impact Ruckus Wi-Fi Routers, & The Coolest Hacks of 2019!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode633
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome you with our Roundtable Discussion on DevOps and Securing Applications, where we'll cover how to navigate the wide variety of options for securing modern applications and the processes used to build and deploy software today! Next up we debate one of Information Security's long-standing debates: Security vs. Compliance! The final segment in this episode assembles a panel of experts to discuss The History of Security and what we can learn from the past!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode632
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we kick things off with the Blue Team Roundtable, to discuss defensive techniques that actually work, and ones that don't! In the second segment, we'll switch teams and transition to The State of Penetration Testing Roundtable, where we'll discuss the evolution of Penetration Testing, and how to get the most value from the different types of assessments! In our final segment, we welcome back long-time friend of the show Ed Skoudis, to discuss this year's Counterhack Holiday Hack Challenge, a holiday tradition here at Security Weekly, and one of the community's favorite hacking challenges!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode631
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about how MITRE updates ATT&CK for the cloud, Ping Identity builds and matures Zero Trust Infrastructures, SaltStack integrates with ServiceNow to deliver Closed-Loop IT and Security Automation, and some acquisition updates from Fortinet, CyberSponse, Guardsquare, Zimperium, and more! In our second segment, we discuss Unifying DevOps and SecOps, exploring the people and process challenges of DevSecOps and Where to integrate Security Seamlessly in the DevOps Pipeline! In our final segment, we welcome Jason Rolleston, Chief Product Officer at Kenna Security, and Michael Roytman, Chief Data Scientist at Kenna Security, to discuss Risk-Based Vulnerability Management and Threat and Vulnerability Management!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode166
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweeklyย
This week, we are joined in studio by Steve Levinson, Vice President of Online Business Systems Risk, Security, & Privacy practice (full disclosure - he s also my boss!). We ll talk about the Security & Compliance divide from the compliance side, and hopefully, gain some insight into why I m so passionate (or dispassionate about) PCI!
ย
To learn more about Online Business Systems, visit: https://securityweekly.com/online
Show Notes: https://wiki.securityweekly.com/SCWEpisode11
ย
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Montana TV stations hit by cyber attack, Ransomware crisis in US schools, a deep dive into Phobos Ransomware, Cybersecurity salary survey reveals variance across industries and geolocations in 2020, and Ring smart camera claims they were not hacked!! In the expert commentary, we welcome Paul Asadoorian, CTO and Founder of Security Weekly, to discuss why you should be careful who you do business with!
ย
Show Notes: https://wiki.securityweekly.com/HNNEpisode246
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Martin Bally, CISO at American Axle & Manufacturing! In the Leadership and Communications segment, Why Crowdsourcing Often Leads to Bad Ideas, Do You Need Charisma to Be a Great Public Speaker?, Fight the skills gap with a great upskilling and reskilling strategy, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode156
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Dave Ferguson, Director of Product Management and WAS at Qualys! Dave will discuss the issue of latent vulnerabilities and how they may linger in your custom-coded web applications and APIs, presenting an enticing target for attackers. In the Application Security News, GitLab Doles Out Half a Million Bucks to White Hats, How can we integrate security into the DevOps pipelines?, Go passwordless to strengthen security and reduce costs - and design your app to support these types of workflows, including account recovery.
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode89
To learn more, visit: https://securityweekly.com/qualys
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jorge Salamero, Director of Product Marketing at Sysdig, to talk about Runtime Protection for Containers! In our second segment, we welcome back the Legend himself John Strand, to talk about Backdoors & Breaches, an Incident Response Card Game! In the security news, Your Smart Christmas Lights Are Safer Than They Were Last Year, Intels SGX coughs up crypto keys when scientists tweak CPU voltage, Hackers Can Block iPhones and iPads Via AirDrop Attack, How hackers are breaking into Ring Cameras, and Bloomberg accidentally created an Alexa Fleshlight!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode630
To learn more about BHIS, visit: https://securityweekly.com/bhis
To learn more about Sysdig, visit: https://securityweekly.com/sysdig
ย
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Laura Jones, Author of a children's book titled Cyber Ky & Tekkie Guy Manage the Risk of Being Online. She focuses on children being as 'appropriately informed' as they are comfortable with using technology! In the Security and Compliance News, Equifax nears 'historic' data breach settlement that could cost up to $3.5B, Maryland Again Amends its Data Breach Notification Law, Hidden Complexity is Biggest Threat to Compliance, Data Security Remains Top IT Concern for Small Businesses and Others, A Compliance Carol: A visit from the Ghost of Compliance Past, and more!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode10
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about Barracuda launching Cloud Security Guardian integration with Amazon Detective, Sophos launches new cloud-based threat intelligence and analysis platform, Accenture launches Cloud Native solution to help clients, and 10 notable Cybersecurity acquisitions of 2019, Pt. 2! In our second segment, we welcome James Carder, Chief Security Officer & Vice President at LogRhythm, to discuss Measuring and Maturing Security Operations Maturity! In our final segment, we welcome Jamie Butler, Tech Lead at Elastic Security, to talk about how improving security requires reducing complexity!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode165
To learn more about Elastic, visit: https://securityweekly.com/elastic
To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome John Ramsey, Chief Information Security Officer at National Student Clearinghouse, to discuss Security in Education! In the Leadership and Communication Segment, In-depth protection is a matter of basic hygiene, 4 strategies to find time for yourself, Enterprises muddled over cloud security responsibilities, and Screw Productivity Hacks: My morning routine is getting up late!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode155
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, How Panasonic is using internet honeypots to improve IoT device security, A new Windows 10 ransomware threat?, 'Hackable' karaoke and walkie talkie toys found by Which?, Linux Bug Opens Most VPNs to Hijacking, New Office 365 Feature Provides Detailed Information on Email Attack Campaigns, and Google Confirms Critical Android 8, 9 And 10 Permanent Denial Of Service Threat! In the expert commentary, we welcome Tyler Robinson, Managing Director of Network Operations at Nisos, Inc, to discuss Sophos Uncovering New Version of Snatch Ransomware!
ย
Show Notes: https://wiki.securityweekly.com/HNNEpisode245
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweeklyย
This week, we welcome Allan Friedman, Director of Cybersecurity Initiatives at the NTIA US Department of Commerce, to talk about the Software Bill of Materials! In the Application Security News, GitHub Seeks Security Dominance With Developers, IoT and Agile Framework Partners in Efficacy, WhiteSource acquires & open sources Renovate dependency update toolset, and Java vs. Python: Which should you choose?
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode88
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, we welcome Eric Brown, Senior Security Analyst at LogRhythm, to talk about the Outlook on Phishing in 2020! In our second segment, we welcome back Micah Hoffman, Principal Investigator at Spotlight Infosec, to discuss OSINT in Cyber! In the Security News, HackerOne breach lets outside hacker read customers private bug reports, Two malicious Python libraries caught stealing SSH and GPG keys, Smash-and-grab car thieves use Bluetooth to target cars containing tech gadgets, and If You Bought a Smart TV on Black Friday, the FBI Has a Warning for You!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode629
To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise Security News, discussing How Mimecast Challenges Shadow IT for Cloud App Usage on Mobile and Desktop Devices, CloudKnox Security Announces Integration with AWS IAM Access Analyzer, Morphisec Achieves AWS Security Competency Status for Cloud Server Workload Protection, and more! In our second segment, we welcome back Ferruh Mavituna, CEO and Founder at Netsparker, as he'll be talking about how to start building a web security program and a realistic approach to starting a web security program in enterprises! In the final segment, we welcome Heather Paunet, VP of Product at Untangle, to talk about how Untangle will be releasing an SD-WAN Router, which has advanced routing capabilities and provides the ability for a business to build a comprehensive, secure Software-Defined Networking!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode164
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter Visit https://www.securityweekly.com/esw
Like us on Facebook: https://www.facebook.com/secweeklyย
This week, we welcome Mathieu Gorge, CEO at Vigitrust for an interview! In the Security and Compliance News, Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains, Sentara Hospitals to pay $2.2M HIPAA settlement for undisclosed data breaches, Privacy Regs Changing the Face of Cybersecurity, TrueDialog Leaks 600GB of Personal Data, Affecting Millions, CFTC Fines Goldman Sachs $1 Million for Failing to Record Calls, Global Cops Shut 31,000 Domains in IP Crackdown, and more!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode9
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Ward Cobleigh, Senior Product Manager at VIAVI Solutions! In the Leadership and Communications segment, Companies Need to Rethink What Cybersecurity Leadership Is, What Companies That Are Good at Innovation Get Right, Staff in smaller businesses bogged down by poor communications, Why You Should Be Sending More Video Emails And How To Record Them, Enterprises muddled over cloud security responsibilities, and Top tech conferences to attend in 2020!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode154
To learn more about VIAVI Solutions, visit: https://securityweekly.com/viavi
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, Microsoft OAuth Flaw Opens Azure Accounts to Takeover, Vulnerabilities Disclosed in Kaspersky, Trend Micro Products, Critical Code Execution Vulnerability Found in GoAhead Web Server, and StrandHogg Vulnerability Allows Malware to Pose as Legitimate Android Apps! In the expert commentary, we welcome back Adam Gordon from ITPro.TV, to discuss DevSecOps and the Culture Clash in Organizations!
ย
Show Notes: https://wiki.securityweekly.com/HNNEpisode244
To learn more about ITPro.TV, visit: https://securityweekly.com/itpro
ย
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Sandy Carielli, Principal Analyst at Forrester Research, to discuss the impact of good and bad bots on enterprises and how it is both a security and customer experience problem! In the Application Security News, Analysis of Jira Bug Stresses Impact of SSRF in Public Cloud, DevSecOps Adoption and the Web Security Myth, Facebook, Twitter profiles slurped by mobile apps using malicious SDKs, Firefox gets tough on tracking tricks that sneakily sap your privacy, and Decoding the Modern Enterprise Software Spaghetti!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode87
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about how Cloudflare Open-Sources its Network Vulnerability Scanner, Qualys brings its Market Leading Vulnerability Management Solution to the next level, and some acquisition and funding updates from Palo Alto, Cymulate, Detectify, and Perimeter 81! In our second segment, we welcome Ken Belva, CEO, and Founder of OpCode41, to talk about IoT Crusher, Testing for Default & Weak Credentials! In our final segment, we air a Pre-Recorded interview with Brenden O'Conner, Information Security Program Manager at Root Insurance, to discuss Patch Management!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode163
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Russell Mosley and Jim Nitterauer, to discuss security and compliance specifically for small businesses where they have been involved with audit and compliance including NIST 800-171, 800-53 (FISMA) and SOC, and how to achieve decent security and meet compliance requirements with limited staff and resources!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode8
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Nate Fick, GM of Elastic Security and former CEO of Endgame, to discuss Elastic's resource-based pricing! In the Leadership and Communications segment, Why Business Leaders Need to Understand Their Algorithms, How to Do a Digital Detox: 3 Easy Steps for Success, How Remote Workers Make Work Friends, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode153
To learn more about Elastic Security, visit: https://securityweekly.com/elastic
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, PoC exploit code for Apache Solr RCE flaw is available online, Some Fortinet products used hardcoded keys and weak encryption for communications, Critical Flaws in VNC Threaten Industrial Environments, Twitter allows users to use 2FA without a phone number, and Smash-and-grab car thieves use Bluetooth to target cars containing tech gadgets! In the expert commentary, we welcome back Jason Wood from Paladin Security, to discuss an Iranian hacking crew that is targeting Industrial Control Systems!
ย
Show Notes: https://wiki.securityweekly.com/HNNEpisode243
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Tim Mackey, Principal Security Strategist at Synopsys! In the Application Security News, $1M Google Hacking Prize, 1.2B Records Exposed in Massive Server Leak, How Attackers Could Hijack Your Android Camera to Spy on You, XSS in GMail s AMP4Email via DOM Clobbering, and more!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode86
To learn more about Synopsys, visit: https://securityweekly.com/synopsys
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
This week, we welcome Peter Liebert, CEO at Liebert Security, to discuss The Next Generation of SOCs: DevSecOps, Automation and breaking the model! In our second segment, we welcome back our friend Dave Kennedy, Founder and CEO of TrustedSec & Binary Defense, to discuss the Coalfire Incident and DerbyCon Communities! In the Security News, Disney Plus Blames Past Hacks for User Accounts Sold Online, Why Multifactor Authentication Is Now a Hacker Target, How the Linux kernel balances the risks of public bug disclosure, a critical flaw in Jetpack exposes millions of WordPress sites, and Amazon tells senators it isn't to blame for Capital One breach!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode628
To learn more about TrustedSec, visit: https://trustedsec.com/securityweekly
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweeklyย ย
FreshRSS