Login
This week, we welcome Rebecca Black, Senior Staff Application Security Engineer at Avalara, to talk about Building an AppSec Ecosystem! This week in the Application Security News, JSON Web Token Validation Bypass in Auth0 Authentication API, Mining for malicious Ruby gems, A Brief History of a Rootable Docker Image, Privacy In The Time Of COVID, and Threat modeling explained: A process for anticipating cyber attacks!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode104
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Wade Woolwine, Principal Threat Intelligence Researcher at Rapid7 to talk about Threat Intel Program Strategies! In our second segment, we welcome Magno Gomes, Director of Sales Engineering at Core Security (a HelpSystems Company), to discuss Penetration Testing to Validate Vulnerability Scanners! In the Security News, How to teach your iPhone to recognize you while wearing a mask, Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic, VMware plugs critical flaw in vCenter Server, Russian state hackers behind San Francisco airport hack, and Macs Are More Secure, and Other Jokes You Can Tell Yourself!
ย
To learn more about Core Security, visit: https://securityweekly.com/coresecurity
To learn more about Rapid7 or to request a demo, visit: https://securityweekly.com/rapid7
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode647
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week in the Security Weekly News Wrap Up Show, Doug White covers the hot topics and and stories across all our shows on the Security Weekly Network! How to teach your iPhone to recognize FACE ID while wearing a mask, Energetic bear behind SFO Airport site hacks, Hackers are targeting critical healthcare facilities with ransomware during the pandemic, Cyber insurance providers using "act of war" exclusion in reference to "cyberwar" in notPetya Claims, and more!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode26
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss how NeuVector adds to container security platform and automates end-to-end vulnerability management, Sysdig Expands Unified Monitoring Across IBM Cloud Services Globally, Optiv Hires Deloitte Stalwart Kevin Lynch as Chief Executive Officer, Illusive Networks Integrates with Infoblox to Speed Deployment, and Microsoft's April 2020 Patch Tuesday arrives with fixes for 3 zero-day exploits and 15 critical flaws! In our second segment, we welcome Terry McCorkle, Founder and CEO of PhishCloud, to discuss Phishing's effect on the Corporate Culture! In our final segment, we welcome Tim Williams, Founder and CEO of Index Engines, to talk about how Testing is the Missing Link for Protecting Your Data Against a Ransomware Attack!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode179
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jeffrey Smith, Managing Partner at Cyber Risk Underwriters, to sell us Cyber Insurance, and how he wants to take on the skeptics (e.g. the SCW hosts) about the role that Cyber Insurance plays in security! Jeffrey stays on for the Security and Compliance News, to talk about how Cyber Insurance in playing out in the real world, or at least how it's showing up in the news!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode24
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, it's our Security Money show, where we'll review the Security Weekly 25 Index and all the financial updates for both the public and private security markets! In the Leadership and Communications segment, the 3 stages of adapting to a crisis, build a culture that aligns to people's values, stop, start, defer: how companies are navigating technology spend in a crisis, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode169
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Brad Geesaman, Co-Founder of Darkbit, to talk about Making Kubernetes a Hostile Place for Attackers! In the Application Security News, Zoom Taps Ex-Facebook CISO Amid Security Snafus, Lawsuit, How we abused Slack's TURN servers to gain access to internal services, Moving from reCAPTCHA to hCaptcha, Automate Security Testing with ZAP and GitHub Actions, Shift-Right Testing: The Emergence of TestOps, and Building Secure and Reliable Systems!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode103
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week on the Security Weekly News, Checkpoint Global Threat Index moved Dridex to third place, Dutch Telco towers damaged by 5G protestors, CyberCube reports indicate Increased targeting of C-Suite employees, Cybercrime may be the world's third-largest economy by 2021, and Jason Wood joins for the Expert Commentary on how WooCommerce Falls to Fresh Card-Skimmer Malware!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode25
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we bring you one of Security Weekly's very own, Tyler Robinson, Managing Director of Network Operations at Nisos, for a Technical Segment titled: To Hunt or Not To Hunt: Using offensive tooling to obtain OSINT and Real-Time Intelligence on a subject of interest for hunting or targeting! In our second segment, we talk Security News, to discuss Vulnerabilities in B&R Automation Software Facilitate Attacks on ICS Networks, Using AWS to secure your web applications, Serious Vulnerabilities Patched in Chrome & Firefox, Email Provider that got Hacked & Data of 600,000 Users is Now being Sold on the Dark Web, and As if the world couldn't get any weirder, this AI toilet scans your anus to identify you! In our final segment, we air a pre recorded interview with Jeff Man, entitled "Tales from the Crypt...Analysts pt.2", discussing many myths, legends and fables in hacker history!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode646
Visit https://www.securityweekly.com/psw for all the latest episodes!
To view ngrok, visit: https://www.ngrok.com/
To check out the Trape tool, visit: https://github.com/jofpin/trape
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White brings you the latest on the Security Weekly Network in the Weekly Wrap Up, discussing Soaring phone calls, analprints, yes, I said that correctly, snake oil, Grace Hopper's ghost, and COBOL. No one has ever said all those things in a single sentence in the history of the world. All this and more on the Security Weekly News Wrapup.
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode24
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss how Ping Identity's PingID multi-factor authentication is now available in AWS Marketplace, 8,000 Unprotected Redis Instances Accessible From Internet, Tufin Announces Free Firewall Change Tracker to Enhance Network Security and Connectivity for Remote Workforces, Simple Advanced Persistent Threat Emulation with BreakingPoint Attack Campaigns from Ixia, and more! In our second segment, we welcome back Ferruh Mavituna, CEO and Founder of Netsparker, to talk about the Time to Measure Security Improvement in Application Security! In our final segment, we air a pre recorded interview from RSAC 2020 with Ed Bellis, Co-Founder and Chief Technology Officer at Kenna Security, discussing Moving Towards Modern Vulnerability Management!
ย
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
Show Notes: https://wiki.securityweekly.com/ESWEpisode178
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Chris Golden, Board Member for the Accreditation Body, as he will answer questions surrounding the DOD's release of the CMMC program to keep the amount of false information to a minimum!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode23
To view the CMMC Model, visit: https://www.acq.osd.mil/cmmc/docs/CMMC_v1.0_Public_Briefing_20200131_v2.pdf
ย
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Richard Clarke to discuss his new book, The Fifth Domain, and the need for cyber resilience, especially these days! In the Leadership and Communications segment, 4 Behaviors That Help Leaders Manage a Crisis, The Right Way to Keep Your Remote Team Accountable, 15 Steps to Take Before Your Next Video Call, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode168
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Zoombombers threatened with jail time by FBI, Cybercriminals are trying to cash in on Zoom use, How to protect your Zoom calls, Bad Bots in 2020, CyberHero Comics: Defending your Health, and zoom configurations along with the lack of effective zooming on the zoom camera application!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode23
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Grant Ongers, Co-Founder of Secure Delivery, to discuss why "You re (probably) Doing AppSec Wrong"! In the Application Security News, Zoom is gaining lots of attention for flaws, Popular Digital Wallet Exposes Millions to Risk in Huge Data Leak, 12k+ Android apps contain master passwords, secret access keys, secret commands in not-so-secret client-side code identified by a research tool Inputscope, and more!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode102
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Matt Allen, Senior Solutions Engineer at VIAVI Solutions, to discuss Collaboration between NetOps and SecOps in today's world! In our second segment, we welcome Lorrie Cranor, Director of CyLab Security and Privacy Institute at Carnegie Mellon University, to discuss Research on Security and Privacy labels for IoT devices! In the Security News, Two Zoom Zero-Day Flaws Uncovered, Millions of routers running OpenWRT vulnerable to attack, Marriott says 5.2 million guest records were stolen in another data breach, PoC Exploits for CVE-2020-0796 (SMBGhost) Privilege Escalation flaw published, and we welcome our very special guest for tonight, Dave Kennedy, who joins us to talk about Video Chat Client Vulnerability History and the recent Zoom Vulnerabilities!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode645
For more information on VIAVI Solutions, visit: https://securityweekly.com/viavi
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss OWASP Security Knowledge Framework, How to Write an Automated Test Framework in a Million Little Steps, Sumo Logic Selects StackRox to Protect Its Cloud-Native Applications and Services, Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering, and Windows users under attack via two new RCE zero-days! In our second segment, we welcome Sumedh Thakar, Chief Product Officer at Qualys, to talk about Cybersecurity Challenges Created by a Remote Workforce! In our final segment, we welcome Tod Beardsley, Director of Research at Rapid7, to discuss SMB exposures and User Behavior Analytics failures, using findings from Rapid7 Research Labs!
ย
To learn more about Qualys, visit: https://securityweekly.com/qualys
To learn more about Rapid7 or to get a free trial, visit: https://securityweekly.com/rapid7
Show Notes: https://wiki.securityweekly.com/ESWEpisode177
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White brings you the latest and greatest news across all of our shows on the network, as well as all of the hot topics this week! Doug discusses Zoombombing, Russian Hackers, Zuck turns over the controls to the AIs, free cybersecurity products to help out, Chubb hacked, and more!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode22
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome David Walter, Vice President, RSA Archer and RSA Cloud at RSA Security, to discuss Compliance Risk Challenges! In our second segment, we welcome Kevin Haynes, Chief Privacy Officer at Nemours Children's Health System, to talk about Nemours' use of RSA Archer to manage Compliance Risk!
ย
To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity
Show Notes: https://wiki.securityweekly.com/SCWEpisode22
ย
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jeff Costlow, Deputy CISO at ExtraHop, to discuss Protect Your Assets According to Their Value! In the Leadership and Communications segment, Matt, Jason, and Paul discuss Real Leaders: Abraham Lincoln and the Power of Emotional Discipline, Social Distancing: 15 Ideas for How to Stay Sane, Rethink Your Relationship with Your Vendors, and more!
ย
To learn more about ExtraHop, visit: https://securityweekly.com/extrahop
Show Notes: https://wiki.securityweekly.com/BSWEpisode167
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White brings you the latest news for this week, including Zoombombing, Zero Days at Microsoft, AI Takes charge at Facebook, and COVID-19! In the Expert Commentary, we welcome Daniel Hampton, Sr. Technical Account Manager at Signal Sciences, to talk Working Smarter and Not Harder!
ย
To learn more about Signal Sciences or to request a demo, visit: https://securityweekly.com/signalsciences
Show Notes: https://wiki.securityweekly.com/SWNEpisode21
ย
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, we welcome Adam Hughes, Chief Software Architect at Sylabs Inc., to discuss Singularity: A Different Take on Container Security! In the second segment, we welcome Utsav Sanghani, Senior Product Manager at Synopsys, to discuss Why combining SAST and SCA in your IDE produces higher quality, secure software faster!
ย
To learn more about Synopsys, visit: https://securityweekly.com/synopsys
Show Notes: https://wiki.securityweekly.com/ASWEpisode101
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Corey Thuen, Founder and CEO of Gravwell, to discuss Zen and The Art of Logs In the Cloud! In our second segment, we welcome back Peter Smith, Founder and CEO of Edgewise, to discuss How remote users and administrators can work securely from home! In the Security News, Authorities Helpless as Crypto-Currency Scams Rock Nigeria, C.S. Lewis on the Coronavirus, Microsoft SMBv3.11 Vulnerability and Patch CVE-20200796 Explained, Drobo 5N2 4.1.1 - Remote Command Injection, DDoS attack on US Health agency part of coordinated campaign, A cyberattack hits the US Department of Health and Human Services, and more!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode644
To learn more about Gravwell, visit: https://securityweekly.com/gravwell
To learn more about Edgewise, visit: https://securityweekly.com/edgewise
ย
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
ย
This week, Doug White brings to you the Security Weekly News Wrap Up, with the hot topics across all of our shows, including, Pornhub has Italians singing from balconies, The Senate renews surveillance rules, Drobo hacks, Google Cloud bug bounties, all the show wrapups, and COVID-19
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode20
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about Fortinet Introducing Self-Learning AI Appliance for Sub-Second Threat Detection Enterprise IT World, GreatHorn Offers Free Email Protection for 60 Days, ZeroNorth raises $10M to further expand engineering, customer support and sales, WordPress to get automatic updates for plugins and themes, and more!! In our second segment, we air two pre recorded interviews with Mehul Revanker of SaltStack and Utsav Sanghani of Synopsys from RSAC 2020! In our final segment, we air two more pre recorded interviews from the RSAC2020, with Kevin Gallagher of Netsparker and Mark Ralls of Acunetix!
ย
To request a demo with SaltStack, visit: https://securityweekly.com/saltstack
To get a demo of Synopsys, please visit: https://securityweekly.com/synopsys
To schedule a demo with Acunetix, visit: https://securityweekly.com/acunetix
To get a demo of NetSparker, please visit: https://securityweekly.com/netsparker
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Stephen Black, InfoSecWorld 2020 Speaker and Visiting Professor of Cyberlaw at the University of Houston, to discuss Where the Law Thinks Your Data Lives! In the Leadership and Communications segment, Drowning in a Sea of Alerts, Boeing taps Qantas exec Susan Doniz as CIO, CIO interview: Ian Cohen, chief product and technology officer, at Addison Lee, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode166
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Matt Allen from VIAVI Solutions! The SCW crew discusses compliance requirements and SecOps frameworks like NIST - checking boxes rather than a holistic view? The vendor eco-system feeding on checking boxes (of which we are one, we HAVE to be.) RSA s theme this year: the human factor . Are CFOs driving technical decisions that put SecOps teams underwater? Investing in Protect vs. Detect vs. Responding tools/resources.
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode21
To learn more about VIAVI Solutions, visit: https://securityweekly.com/viavi
ย
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White talks Plague surveillance coming soon, the US government is worried about cryptocurrency, dbags attack the HHS, and new attacks on Android phones! Jason Wood delivers the Expert Commentary on Coronavirus Phishing Scams!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode19
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Clint Gibler, Research Director at NCC Group, to discuss DevSecOps and Scaling Security! In the Application Security News, Data of millions of eBay and Amazon shoppers exposed as another supply chain casualty, Announcing Bottlerocket, a new open-source Linux-based operating system purpose-built to run containers, and The DevOps Sweet Spot: Inserting Security at Pull Requests (Part 1)!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode100
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White brings you the Security Weekly News Wrap up, discussing Biting other passengers on EU flights, Everyone is going to telecommute, NSO argues with Facebook in court of phone bugging, the return of FIDO, and more!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode18
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Gabe Gumbs, Chief Innovation Officer at Spirion, to discuss How attackers will change their strategy to target those working from home! In our second segment, we welcome Bianca Lewis, Founder, and CEO of Girls Who Hack, to discuss Girls Who Hack, teaching classes to middle school girls on hacking, and Secure Open Vote, open-source election system that is in the design stages! In the final segment, we air a pre-recorded interview with Dorit Naparstek, director of R&D at NanoLock Security, to discuss Hacks performed on connected & IoT devices, and revealing major vulnerabilities in existing security measures!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode643
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about Neustar's enhanced UltraDNS capabilities boast greater capacity, global reach, and security, WatchGuard acquires Panda Security to expand endpoint capabilities, Ping Identity launches two-hybrid IT-focused solution packages, and Fortinet updates FortiOS & launches next-gen firewall product! In our second segment, we welcome back Corey Thuen, Co-Founder and CEO of Gravwell, to discuss Secondary Consequences of Bad Pricing Models! In our final segment, we air two pre-recorded interviews from the RSA conference 2020, with Corey Bodzin of ExtraHop, and Todd Weller of Bandura!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode175
To try RevealX Cloud for Free visit: https://securityweekly.com/extrahop
To find out more about Bandura Cyber, please email Todd.Weller@banduracyber.com
To learn more about ExtraHop, visit: https://securityweeky.com/extrahop
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Visit https://www.securityweekly.com/esw for all the latest episodes!ย
This week, we discuss how we breakdown the categories in Information Security. We look at the major areas of Infosec and how they relate to your security programs and the vendors/technologies in each category. Our category breakdown will be used to label each segment we produce and allow subscribers to select categories of interest! In the Leadership and Communications segment, CISOs who leave after 2 years may not finish what they start, Most CISOs ready to move jobs if something better comes along, A New Framework for Executive Compensation, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode165
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Winn Schwartau for an interview. The goal of the show is to explore all the attitudes and impressions between security and compliance regardless of where you stand. for security folks - how to navigate compliance to promote security; for compliance folks - to expose them to the depth of research/knowledge/capabilities of the hacker community.
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode20
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Microsoft starts disabling authentication, New ransomware called PwndLocker is out and about, and a secret-sharing app called Whisper is "the safest place on the internet. James Adams from Core Security, a Help Systems Company joins us today talking about "How to think and act like a hacker."
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode17
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome David Sherry, Chief Information Security Officer at Princeton University, and Tara Schaufler, Information Security Awareness and Training Program Manager at Princeton University, to discuss Rapid Cultural Change of Security on the Princeton Campus! In the Leadership and Communications segment, Why 67% of companies fear they can't sustain privacy compliance, How Using An Old School Paper Planner Changed My Life, How to attract top talent in a competitive hiring market, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode163
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Guy Podjarny, Snyk's Founder and President! In the Application Security News, Revoking certain certificates on March 4 and Why 3 million Let s Encrypt certificates are being killed off today, Gandalf: An Intelligent, End-To-End Analytics Service for Safe Deployment in Large-Scale Cloud Infrastructure and slides, and CISOs Who Want a Seat at the DevOps Table Better Bring Value!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode99
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Hacker Movies, misinformation, and 70% of government employees felt they hadn't had adequate training in security. Doug White recaps the past week of all of the shows on the Security Weekly network!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode16
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Sean Metcalf, Founder and CTO at Trimarc, to discuss Azure AD & Office 365 Security, including a breakdown of Microsoft's security offerings and recommendations for cloud migrations for Active Directory! In the second segment, we welcome Mark Cooper, President and Founder of PKI Solutions, to talk about how SHAKEN/STIR and PKI will end the global robocall problem! In the Security News, Shark Tank Star Corcoran Loses $400K in Email Scam, Backdoor malware is being spread through fake security certificate alerts, Venezuela Power outage knocked out part of the internet connectivity, Experts warn of mass scans for Apache Tomcat Ghostcat flaw, 4 essential things security experts do to protect their own data, and more!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode642
Link to an article Mark wrote for Dark Reading: https://www.darkreading.com/endpoint/shaken-stir-finally!-a-solution-to-caller-id-spoofing/a/d-id/1336285
Link to landing page with more info: https://www.pkisolutions.com/shakenstir/
ย
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweeklyย
This week, we talk Enterprise News, to talk about CrowdStrike Falcon's expanded visibility protects workloads across all environments, SentinelOne launches container and cloud-native workload protection offering, Forcepoint's Tech Partnership with Amazon Web Services, Ping Identity Announces New Workforce and Customer Authentication Solutions for the Modern Digital Enterprise, and a whole lot more! In our second segment, we air two pre-recorded interviews from RSAC 2020 with Mike Nichols of Elastic and Tod Beardsley of Rapid7! In our final segment, we air two more pre-recorded interviews from RSAC 2020 with Dan DeCloss of PlexTrac and Corey Thuen of Gravwell!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode174
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Reflections on RSAC 2020, discussing the grand festival of infosec consumerism that is RSA Conference! Was it worth catching the Coronavirus? And if so, did you use a lime!? In the Security and Compliance News, Health compliance measures to improve pandemic recovery and reduce issues, World Bank pandemic awareness, Is coronavirus not the flu?, Dear passwords: Forget you. Here's what is going to protect us instead, Cyber insurance coverage reflects a changing threat landscape, and the greatest contest ever Privacy vs. Security!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode19
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Dan Petit, to discuss his upcoming 2-day workshop at InfoSec World 2020! The workshop is a "deep survey" into all things DevSecOps. In the Application Security News, CVE-2020-1938: Ghostcat vulnerability in the Tomcat Apache JServ Protocol, APIs are becoming a major target for credential stuffing attacks and don't have to target the login workflow, SSL/TLS certificate validity chopped down to one year by Apple s Safari and how this can drive secure DevOps behaviors, and 5 key areas for tech leaders to watch in 2020!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode98
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we're back from RSAC 2020 to talk Tesla files leaking, Shark Tank Judge gets back scam cash, Spotify accounts hacked?, and the Swiss Government is fed up and filing charges in the Crypto AG situation! Jason Wood delivers the Expert Commentary on Cyberattacks a Top Concern for Gov Workers.
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode15
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, live from RSAC 2020, we interview our very own Jeff Man! There are many myths, legends and fables in hacker history. One of the themes of these legends surrounds some of the first red team hackers working for the US Government out of NSA. The building where they worked was called "The Pit". Jeff Man sits with us for this segment to talk about, where he can, the history and events that transpired during his tenure with the NSA! In our second segment, Gabriel Gumbs and the Security Weekly crew discuss strategies for protecting your data. We will explore practical use-cases for needing to manage access and protect your data as it pertains to security and compliance. Protect what matters most! In the final segment, Paul, Matt, and Scott talk all new thoughts, ideas, and findings from the RSA Conference 2020!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode641
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/spirion for more information.ย
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, live from RSAC 2020 we welcome Rob Gurzeev, CEO of Cycognito, to discuss the idea of Shadow Risk and why it's something your organization can t ignore! In our second segment, we welcome Jinan Budge, Principal Analyst at Forrester, to discuss CISO Leadership, Security Culture, and the Evolving Role of the CISO!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode164
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, live from RSAC 2020, we interview Chris Eng, Chief Research Officer at Veracode! Chris provides an update on Veracode including 2019 growth, new product announcements, Veracode Security Labs, and booth activities at RSA Conference 2020! In the RSAC Application Security News, 6 of the 10 vendors at Innovation Sandbox are application security companies, F5 Empowers Customers with End-to-End App Security, Checkmarx Simplifies Automation of Application Security Testing for Modern Development and DevOps Environments, and more RSA Conference News!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode97
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug brings you the weekly Wrap Up, talking all things like D-List Celebrities will call you for money, RSA Sold for 2.1B, IBM pulls out of RSA due to fear of COVID-19, Citrix hacks, all this and more including highlights from this past week across all of our shows!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode14
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Mike Nichols, Head of Product at Elastic Security, to talk about how Elastic Security is unifying SIEM and Endpoint Security! In our second segment, we welcome Ian Coldwater, Lead Platform Security Engineer at Heroku, to talk bout Kubernetes and Container Security! In the Security News, Iranian Hackers are targeting Dutch Universities, how electrical tape can fool Tesla sensors, Ransomware attack forces 2-day shutdown of a natural gas pipeline, Ring Rolls Out Mandatory 2FA & New Privacy Controls, and 7 Ways to Improve the Security of Mobile Banking Apps!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode640
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt is joined by Scott Lyons and Josh Marpet to talk Enterprise News, and how IBM announced RSA Conference withdrawal, Dell Offloads RSA, 12 hottest new cybersecurity startups at RSA 2020, and lots of funding announcements! In the second segment, CEO of Red Lion LLC. Scott Lyons will provide an overview of their CTF at InfoSec World 2020, including their training class and CTF 101! In our final segment, we welcome Ben Budge, System Administrator III at Litehouse Foods, and Lyle Beck, Technology Manager at Litehouse Foods, to discuss the problems they faced at Litehouse in regards to network and system monitoring, troubleshooting, and how that ultimately took them to ExtraHop!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode173
To learn more about ExtraHop, visit: https://securityweekly.com/extrahop
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jeff Recor, Global IRM Lead at Accenture, to talk about how Integrated Risk Management is the New GRC! Jeff was scheduled to be part of the 'Security vs. Compliance' Roundtable (https://securityweekly.com/shows/security-vs-compliance-psw-632-2/) recorded on Dec. 19, 2019, but got snowed out!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode18
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Quantum Crypto Chaos, IBM Cloud Vulnerabilities in CICS, Crowded Flounder and Hacking Back, Turkish RATs, Israeli soldiers catfished by HAMAS, and the Julian Assange Trial: Australian PMs trying to prevent extradition to the United States!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode13
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Doug DePerry, Director of Defense at Datadog, to discuss Lessons Learned From The DevSecOps Trenches! In the Application Security News, SweynTooth: Unleashing Mayhem over Bluetooth Low Energy, RetireJS, What Is DevSecOps and How to Enable It on Your SDLC? and more!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode96
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White brings you through the latest across all of our shows on the network, CIA pwns well, everyone in history, Bluetooth hacking, Thousands of Docker Repositories are open to the internet, lots of ransomware, and is Apple giving up passwords?
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode12
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Oshea Bowens, Founder & Chief Janitor at Null Hat Security, to talk about Living in Blue Team Land and Skicon, a conference Founded by Oshea himself! In our second segment, we welcome John Loucaides, VP of Research & Development at Eclypsium, to talk about Hacking Firmware: The Unprotected Attack Surface of the Enterprise! In the Security News, Misconfigured Docker Registries Expose Thousands of Repositories, a Forgotten motherboard driver turns out to be perfect for slipping Windows ransomware past antivirus checks, Jail Software Left Inmate Data Exposed Online, Adobe patches 42 vulnerabilities across 5 products, and how the CIA Secretly Owned Global Encryption Provider, Built Backdoors,& Spied On 100+ Foreign Governments!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode639
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, we talk Enterprise News, to talk about Salt Security API Protection Explained, Thycotic Leads the Way for Cloud-based Privileged Access Management, ZeroFOX launches AI-powered Advanced Email Protection for Google and Microsoft platforms, Elastic Stack 7.6 delivers automated threat analysis and response, and 12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks! In our second segment, we welcome David Waugh, Chief Revenue Officer at Managed Methods, to discuss how K-12 schools are victims of lateral phishing campaigns! In our final segment, we welcome Jeff Deininger, Principal Sales Engineer for the Cloud at ExtraHop, to discuss How to Secure Cloud Workloads & Reduce Friction with Cloud-Native Network Detection & Response!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode172
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Dr. Mike Lloyd, CTO at RedSeal, to discuss The Critical Role of Basic Cyber Hygiene! In the Leadership and Communication Segment, 5 things successful people don't care about, 11 books that will change the way you think about Leadership, how IBM wants to be the next Microsoft starting with the CEO, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode162
To find out more and try Redseal, please visit: https://securityweekly.com/redseal
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Jeff and the crew discuss What is Risk-Based Security? How does compliance and/or security programs/points-of-view help or hinder risk-based security efforts? How can we change this? In the Security & Compliance News, Back to the basics What is the cost of non-PCI Compliance?, Endpoint Security the Foundation to Cybersecurity, Facebook settles data breach class-action lawsuit, CCPA cited in Hanna Andersson/Salesforce breach lawsuit, and Hanna Andersson Notice of Data Breach to Consumers!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode17
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
The CIA spying? NASA could have used a USB charger? Election technology not very secure? ICS is a threat and the return of the Equifax monster from beyond the grave!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode11
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Mike and John interview Shaun Lamb about strategies for how to best design applications so they are "secure by default" and have fewer incidents and vulnerabilities, and more! In the Application Security News, Dropbox bug bounty program has paid out over $1,000,000, Report Pins Cloud Security Woes on Flawed DevOps Processes, Ghost in the shell: Investigating web shell attacks, An Incident Impacting your Account Identity, and more!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode95
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White gives you the latest updates across all of Security Weekly's shows, from malware to hacking air-gapped computers, Ashley Madison, Katelyn Bowden and the BADASSARMY, Security Through Obscurity in Iowa, and highlights from the show notes from the week of February 2, 2020!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode10
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
FreshRSS