Login
This week, we welcome Jeremy Winter, the Director of Azure Management, to talk about what CSO's and CISO's need to know about Azure! In the Leadership and Communications Segment, the trust crisis in business, employee engagement and successful change, and 3 shocking ways to show up today!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode132
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, prevent the impact of a Linux worm, Yubico recalls FIPS Yubikey tokens after flaw discovered, how fraudulent domains hide in plain site, Samsung reminds rabble to scan smart TV's for viruses and makes them forget, and the scraping of millions of Venmo transactions in a privacy warning to consumers! In the expert commentary, we welcome Sagi Bar-Zva, Strategic Pre-Sales Manager from Tufin to talk about Using Automation to Improve Your Overall Security Posture!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode223
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we interview Shannon Lietz, the Director Information Security at Intuit, to talk about DevOps! In the Application Security News, there's no escape that will save you..., the privilege of running a Chrome extension, and Four practices towards DevSecOps!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode65
Β
Visit https://www.securityweekly.com/asw for all the latest episodes!
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
This week, we welcome Peter Smith, Founder and CEO of Edgewise, to talk about Edgewise's 1 Click Micro Segmentation! In the second segment, we welcome back Corey Thuen, Co-Founder and CEO of Gravwell, to talk about security analytics using the new Sysmon DNS Logging that dropped this week! In the Security News, the rise of purple teaming, the World's largest beer brewer sets up a Cybersecurity team, a mystery signal shutting down key fobs in an Ohio neighborhood, why hackers ignore most security flaws, and warnings of real world-wide worm attacks are the real deal!
Β
To get involved with Edgewise, visit: https://securityweekly.com/edgewise
To get involved with Gravwell, visit: https://securityweekly.com/gravwell
Full Show Notes: https://wiki.securityweekly.com/Episode608
Β
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we're joined by John Strand and Matt Alderman, to talk about how Rapid7 is integrating access to Insight Platform Applications, Ixia releases a new Scalable, modular packet broker, Sonatype's Nexus user conference to bring 2000 DevSecOps leaders together for free, and CyberArk and CNA introduce cybersecurity insurance! In our second segment, we interview Adam Gordon, Edutainer and SME at ITProTV, to talk about what are container services in the Microsoft Azure Cloud! In the final segment, Matt and I discuss seed rounds, equity rounds, and debt rounds!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode141
To learn more about ITPro.TV, visit: https://securityweekly.com/itprotv
Visit https://www.securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, a botnet that's targeting 1.5 million RDP servers worldwide, VLC Player gets patched for two highly severe bugs, thousands of images stolen from US border hack, Troy Hunt looks to sell I Been Pwnd, and a near-ubiquitous critical Microsoft RCE bugs affect all versions of Windows! In the expert commentary, we welcome back Jason Wood from Paladin Security to talk about how the Evolution of Extortion Emails continues! All that and more, on this episode of Hack Naked News!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode222
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we're going to discuss the state of privacy one year after GDPR! Yes, GDPR is a year old! Are things better, worse, or the same? In the Leadership and Communications segment, 7 subconscious habits that sabotage your ability to listen - and lead, the power of writing stuff down, what really helps employees improve, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode131
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Tanya Janca, also known as SheHacksPurple, a senior cloud advocate for Microsoft, specializing in application, cloud security, and more! Tanya is joining us on the show to talk about DevSecOps and Securing Software Supply Chains! In the Application Security News, "Waiting for the worms to come." -- Pink Floyd and RDP's CVE-2019-0708. Even the NSA warns about the population of exposed systems, A patch commands attention for mail servers, In macOS Catalina and iOS 13, Apples finds a way to find devices and not lose privacy, iOS App Transport Security has strong benefits, but weak adoption, and much more!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode64
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
In this episode of Paul's Security Weekly, we will talk with Paul Ewing of Endgame about how to close the 'breakout window' between detection and response, and hear about Endgame's recently announced technology, Reflex, that was built with customized protection in mind! In our second interview, we welcome back Amanda Berlin, CEO of Mental Health Hackers to talk about why its important to educate technology professionals about unique mental health risks faced by people in the field, and how we can provide them with the proper support services to help! In the Security News, SalesForce bans customers from gun sales, what is your iPhone talking to overnight, Office retires support for old Android versions, and really how likely are weaponized cars?!
Β
To learn more about Endgame, visit: https://securityweekly.com/endgame
Full Show Notes: https://wiki.securityweekly.com/Episode607
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul is joined by Jeff Man to interview Charles Thompson, Senior Director of Product Management at VIAVI Solution to talk about the importance of response and remediation in a strong security strategy! In our second segment, we talk about Defending Your Environment Against Major Microsoft Vulnerabilities, and four pillars that define a "major" Microsoft vulnerability! In the Enterprise News, Database security for Amazon RDS, Infoblox unveils simplified security platform to detect and stop cyber threats, Palo Alto launches new 'Prisma' cloud security suite, and we have some funding and acquisition updates from Recorded Future, Swinlane, EnSilo, and SentinelOne!
Β
To learn more about Viavi Solutions, visit: https://securityweekly.com/viavi
Full Show Notes: https://wiki.securityweekly.com/ES_Episode140
Visit https://www.securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome John McCumber, Director of Cybersecurity Advocacy at (ISC)2, to talk about the statistics behind the cybersecurity workforce gap! In our second segment, we air a pre recorded interview with Andrew Hollister, Chief Architect and Product Manager at LogRhythm, discussing how to measure the effectiveness of your SOC!
Β
To learn more about ISC2, visit: https://securityweekly.com/isc2
To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode130
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, SUPRA Smart TV flaw lets attackers hijack screens with no video, 20,000 Linksys routers leak historic record of every device ever connected, a new attack creates ghost taps on Android smartphones, and an Australian teenager that hacked into Apple twice to get a job! In the expert commentary, we welcome Winn Schwartau from the Security Awareness Company to talk about Ethical Bias in Artificial Intelligence-Based Security Systems!
Β
To learn more about SAC, visit: https://securityweekly.com/sac
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode221
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Β
This week, Mike and John delve into some DevSecOps topics. They discuss good design patterns that emerged from cloud native environments, Kubernetes and containers, and building blocks of unique services in the AppSec world. In the Application Security News, Duo reveals a path from a Docker container to its host, Google fumbles some password functionality, GitHub makes dependency tracking more dependable, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode63
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Eric Butash, Director of Digital Platforms at InnovateEDU, and Mike Klein, Professional Learning Coordinator at Highlander Institute, to talk about how important it is to teach good digital hygiene to the future generations of cybersecurity! In the second segment, we welcome Robert Graham, CEO of Errata Security, to take a deep dive on his tool rdpscan! In our third segment, we welcome David Boucha, Sr. Engineer at SaltStack, to talk about how Salt Open and SaltStack Enterprise can help you automate your infrastructure! In the Security News, why mobile ad fraud prevention is too good to be true, how police can snoop on McDonald's and Westfield WiFi customers, macOS Gatekeeper bypass exploits trust on network shares, and the cryptominer that kept coming back!
Β
To learn more about SaltStack, visit: https://securityweekly.com/saltstack
Full Show Notes: https://wiki.securityweekly.com/Episode606
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, in the Enterprise News, Paul is joined by John Strand to discuss how Okta joins forces with Secret Double Octopus, Tenable unveils new innovations for Cyber Exposure analytics, Barracuda launches bot protection feature for firewall offerings, and some acquisition and funding updates from Palo Alto, FireEye, and Verodin! In the second segment, we welcome to Ruvi Kitov, CEO and Co-Founder of Tufin to talk about the importance of having a network-wide security policy! In our final segment, we interview Jack Jones, Chief Risk Scientist at RiskLens to talk about Understanding and quantifying cyber risk using FAIR!
Β
To learn more about Tufin, visit: https://securityweekly.com/tufin
Full Show Notes: https://wiki.securityweekly.com/ES_Episode139
Β
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Microsoft brings hardware-based isolation to Chrome & Firefox, the U.S. border's license plate scanning technology hacked, crooks leverage WordPress and Joomla sites for malicious redirects, the Chinese military wants to replace Windows OS in fear of U.S. hacking, and how Google-protected mobile browsers were open to phishing for over a year! In the expert commentary, we welcome back Jason Wood from Paladin Security to talk about how almost one million are still vulnerable to the BlueKeep Vulnerability!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode220
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Matthew McMahon, Head of Security Analytics at Salve Regina University, to talk about Medical devices, Cybersecurity and Resilience, and Cybersecurity Training! In our second segment, we welcome Justin Murphy, Cloud Security Engineer at Cisco, to talk about DNS in the Security Architecture! In our final segment, Doug, Jeff, Patrick, and Lee give you the latest security news to talk about a Zero Day for Windows, the battle over Huawei with the US and Google, & unpatched hardware and companies tripping themselves up!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode605
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Corey Thuen, Co-Founder of Gravwell, to talk about focusing on the basics that sustain us! In our second interview, we welcome Candy Alexander, President of the Information Systems Security Association for an interview! In the Enterprise News, ThreatQuotient expands integration with MITRE ATT&CK Framework, JASK launches a new Heads Up Display for security operations centers, and we have some acquisition and funding updates from Guardicore, Auth0, and KnowBe4!
Β
To learn more about Gravwell, visit: https://securityweekly.com/gravwell
Full Show Notes: https://wiki.securityweekly.com/ES_Episode138
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Ferruh Mavituna, Founder and CEO of Netsparker! Ferruh will be discussing the discover and scan perspective of applications, how to handle in-house written applications vs. ones that are acquired, and more! In the Leadership and Communications segment, don't let your expertise narrow your perspective, don't be blinded by your own expertise, and the smartest cities in the future of urban development!
Β
To get involved with Netsparker, visit: https://securityweekly.com/netsparker
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode129
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Unistellar attackers wiped over 12,000 MongoDB databases, a Slack bug that allows remote file hijacking, Baltimore ransomware nightmare could last weeks more, over 25,000 smart Linksys routers are leaking sensitive data, and Huawei's microchip vulnerability explained! In the expert commentary, we welcome Charles Thompson, Senior Director of Product Management at VIAVI to talk about Security Forensics!
Β
To learn more about VIAVI Solutions, visit: https://securityweekly.com/viavi
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode219
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Cody Wood, AppSec Product Support Engineer at Signal Sciences! In the AppSec News, Cisco Expressway goes off path and a Cisco IOS XE vuln goes for emojis, More erosion of CPU data boundaries, RDP patches a pre-auth problem and even resuscitates a patch process for XP, Microsoft's Attack Surface Analyzer gives DevSecOps teams more data, Clear design goals for better privacy and security, and Google Security blogs that basics are best!
Β
To get involved with Signal Sciences, visit: https://securityweekly.com/signalsciences
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode62
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Julian Zottl, Cyber and Information Operations SME at Raytheon, to talk about defending against advanced adversaries! In the second segment, we welcome Federico Simonetti, CTO of Xiid Corporation, to talk about how to fix identity and access management! In the Security News, Singapore passes an anti-fake news law, WhatsApp Vulnerability Exploited to Infect Phones with Israeli Spyware, major security issues found in Cisco routers, and Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode604
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Ferruh Mavituna, CEO and Founder at our sponsor Netsparker, to talk about centralization of web application security in large enterprises! In the Enterprise News, Atos launches a new unified cloud identity and access management solution, ExtraHop announces new panorama partner program, SysDig and In-Q-Tel partnership to provide U.S. government agencies with the SysDig Cloud Native VSP, and LogRhythm releases a Cloud Based NextGen SIEM platform! In our final segment, we talk about Enterprise Open-Source Firewalls!
Β
To learn more about Netsparker, visit: https://netsparker.com/securityweekly
Full Show Notes: https://wiki.securityweekly.com/ES_Episode137
Visit https://www.securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jon Fredrickson, Information Security Officer at Blue Cross & Blue Shield of Rhode Island! In the Leadership and Communications segment, Transformational leadership style inspires 'moonshot goals', How to Deal With Information Overload, The surprising secret of success: it's not about winning, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode128
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Β
This week, hacking the unhackable eyeDisk USB stick, how to brick all Samsung mobile phones, how Twitter shared user location data through advertising, a 0-Day flaw used to install spyware on phones, and a Linux kernel flaw allows remote code execution! In the expert commentary, we welcome Marcin Szary, CTO at Secfense, to talk about Web Authentication!
Β
To learn more about Secfense, visit: https://securityweekly.com/secfense
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode218
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Derek Weeks joins us to talk about DevSecOps and Securing Software Supply Chains! Derek is the VP and DevOps Advocate at Sonatype! In the Application News, Chrome constrains the cookies and Edge pushes privacy, Windows builds a sandbox for Linux, Android Q for more quarantined code with more LLVM features, Steve Singh stepping down as Docker CEO, and Verizon releases its 2019 DBIR!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode61
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Lesley Carhart, Principal Threat Analyst at Dragos Inc., to talk about moving from IT security to OT security, DFIR in ICS, and more! In the second segment, we welcome Chris Sanders, Founder of Applied Network Defense & Director of the Rural Technology Fund, to talk about delivering high quality IT training and donating scholarships and equipment to further education in schools! In the Security News, the top 5 mistakes that create field days for hackers, WordPress 5.2 brings new security features, a discontinued Insulin pump with security a security flaw in high demand, and how to communicate privately in the age of digital policing!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode603
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Nik Whitfield, CEO at Panaseer, to talk about Continuous Controls Monitoring! In the Enterprise news, Secureworks launches new cybersecurity analytics app, StackRox Kubernetes Security Platform Receives Red Hat Container Certification, SIEM Solutions Firm Exabeam Raises $75 Million, and Serverless monitoring startup Espagon expands to cover broader microservices TechCrunch, and more! In our final segment, we have a Security Industry Briefings Update, where we talk about 42Crunch, Viridium, Whitecanyon, and Eclypsium!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode136
Visit https://www.securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt, Jason, and Paul do a recap on the Global Cyber Innovation Summit that was held in Baltimore last week! In the Leadership and Communications segment, How to build a startup, You Don't Have To Be Nice To Be Respected. Boeing and the Importance of Encouraging Employees to Speak Up, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode127
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, software flaw exposed most dell computers to remote hacking, Israel neutralizes cyber attack by blowing up a building with hackers, an expert that found hundreds of vulnerable Jenkins plugins, a bug in Mirai code allows crashing C2 servers, and how researchers discovered a highly stealthy Microsoft Exchange Backdoor! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Japan is developing a computer virus to fight cyber attacks!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode217
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Β
This week, we welcome Sven Morgenroth, Security Researcher at Netsparker to talk about securing our applications, web applications, and how we can make it easier to build applications! In the AppSec News, Firefox gives more scrutiny to add-ons but Firefox also forgot to give more scrutiny to a cert, Path traversals trampled by ransomware, Secure Software Design: The Next Frontier In Cybersecurity, Trust the Stack, Not the People, VRT adds a CAN, and MDM, parental controls, and security!
Β
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode60
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Philip Niedermair, CEO at the National Cyber Group, to discuss the National Cyber Education Program! In our second interview, we welcome back Josh Abraham, Staff Engineer at Praetorian, to talk about the MITRE attack framework for attackers! In the Security News, how Tenable experts found 15 flaws in wireless penetration systems, Julian Assange refused exfiltration to the US, PoC exploits for old SAP config flaws increase risk of attacks, and how 1.75 million dollars was stolen from a Church through a phishing attack!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode602
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jay Prassl, CEO of Automox joins us to discuss Patch Management struggles and how to overcome them! In our second interview, we're joined by Josh Abraham in studio, who is a Staff Engineer at Praetorian, to talk about the MITRE attack framework for defenders! In the Enterprise news, ThreatConnects new features make creating security playbook's easier, SolarWinds adds password management to security portfolio, Checkpoint Systems announces HALO IoT platform, and BlackHat USA offers an inside look at Intel's security engine!
Β
To get involved with Automox, visit: https://securityweekly.com/automox
Why Praetorian Benchmarks to MITRE ATT&CK: https://p16.praetorian.com/blog/why-praetorian-benchmarks-to-mitre-attack
Full Show Notes: https://wiki.securityweekly.com/ES_Episode135
Β
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Craig Sandman, President and Co Founder of Symbol Security, a Cyber Security SaaS company with a mission to reduce corporate risk through Security Awareness Education! Craig will discuss Security Awareness, Education, and Training! In the Leadership and Communications segment, 5 Myths about Strategy, The making of a technology leader, Want Fewer Employees to Quit? Listen to Them, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode126
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, how a politicians' kids accessed his laptop through facial recognition, critical flaws in WordPress and Qualcomm chips, how 2 million IoT security cameras and baby monitors are vulnerable to takeover, and how a new Emotet variant uses connected devices as proxy C2 servers! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Microsoft is telling IT admins to nix 'obsolete' password reset practices!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode216
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Larry Maccherone, Senior Director of Comcast, to talk about the world of SecOps vs. DevSecOps! In the Application Security News, Software update gums up fingerprints, a counterproductive security practice expires thanks to well-considered guidelines, Docker Hub breach response, a path to hacking Ruby Gems, 5 Security Challenges to API Protection, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode59
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Haroon Meer, CEO and Researcher at our sponsor Thinkst, to talk about why hackers should create companies, and some of the technical details behind Thinkts' tool Canary! In the second segment, we welcome Gururaj Pandarangi, CEO and Co-Founder of Cloudneeti, to talk about how their SaaS product is delivering continuous cloud security and compliance assurance to businesses! In the Security News, serious vulnerabilities found in fujifilm x-ray devices, facebook could be fined 5 billion over privacy violations, preinstalled malware on bootleg streaming devices, hackers using SIM swapping to steal cryptocurrency, and how a 29 year old computer scientist created the algorithm that took the first ever picture of a black hole!
Β
To learn more about Thinkst, visit: https://securityweekly.com/canary
To learn more about CloudNeeti, visit: https://cloudneeti.com/securityweekly
Full Show Notes: https://wiki.securityweekly.com/Episode601
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul Asadoorian is joined by Matt Alderman, as we interview Francis Dinha, the CEO of OpenVPN! In the Enterprise News, ShieldX adds lateral movement prevention to the Elastic Security Platform for AWS, Tenable Integrates with Google Cloud Security Command Center, Capsule8 to help Google Cloud SCC members consolidate findings and speed up response, and Evident and Okta partnership simplifies identity verification and reduces risk for businesses! In the final segment, Security Legend Dave Kennedy sits down with our Founder and CTO Paul Asadoorian at InfoSec World 2019 to discuss his company Binary Defense and how they're helping the Security community!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode134
Visit https://www.securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Adam Fletcher, Chief Information Security Officer for Blackstone! In the Leadership and Communications segment, 5 Ways to Find Natural Leaders for Your Team, Business Wisdom Learned From Bomb Squad Experts And Their Commanders, Why Rest Is Essential To High Performance, 4 Ways Working Dads Can Make More Time for Family, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode125
Please join Adam and other CISOs at the Global Cyber Innovation Summit by visiting https://globalcybersummit.org/request-information to request your invitation.
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Thomas Hatch, the creator of the Salt open source software project, and is the CTO of SaltStack, the company behind Salt! In the Application Security News, Breach at IT outsourcer Wipro, SCP serves the file it wants, Confluence Path traverses to RCE, another Local PrivEsc on Windows, easier sandboxing for C and C++ APIs, and Computer Science plus Ethics!
Β
To learn more about SaltStack, visit: https://securityweekly.com/saltstack
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode58
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, a weather channel that was knocked off air by a malicious attack, how bad bots make up 20 percent of web traffic, ransomware ravages municipalities nationwide, a flaw in Shopify API exposed revenue and traffic data of thousands of stores, and how attackers are weaponizing more vulnerabilities than ever before! In the expert commentary, we welcome Itai Tevet, CEO of Intezer, to talk about Linus threats, recent Mirai variants, and general code reuse in the cyber space!
Β
To learn more about Intezer, visit: https://securityweekly.com/intezer
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode215
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we interview Matt Cauthorn, VP of Cyber Security Engineering at ExtraHop, to discuss "The Three Horsemen of SOC Intel"! In the news segment, Solarwinds to acquire Samanage for $350M, Tufin goes public, and Tenable releases Predictive Prioritization. And this week, our third segment airs our interview with Matt Tierney from Endgame for InfoSec World 2019. So stay tuned, for all that and more, on this episode, of Enterprise Security Weekly! To get involved with ExtraHop, vist: https://securityweekly.com/extrahop
Full Show Notes: https://wiki.securityweekly.com/ES_Episode133
Visit http://securityweekly.com/eswΒ for all the latest episodes!
This week, the Apache Tomcat Patches Important Remote Code Execution Flaw, New variants of Mirai botnet detected, targeting more IoT devices, Hackers used credentials of a Microsoft Support worker to access users' webmail, TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids, Ecuador suffered 40 Million Cyber attacks after the Julian Assange arrest, Security weakness in popular VPN clients, and Open Source Tool From FireEye Automates Analysis of Flash Files! In the expert commentary, Jason Wood talks about The Impact of Cyber Warfare! All that and more, on this episode of Hack Naked News!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode214
Gabriel Gumbs is the VP of Product Management at Spirion where his focus is on the strategy and technology propelling Spirionβs rapidly-growing security platform. Merissa Villalobos is the North America Talent Acquisition Leader for NCC Group, a global security consulting firm and has been recruiting in security for 10 years. She got her start in Virginia, at a Federal Government contractor, filling roles for the intelligence community and various Government Agencies. Jessica Gulick leads Katzcy Consulting, a growth hacker company that helps tech firms grow through strategy, market research, and digital marketing. With 20+ years in cybersecurity, she is a seasoned cybersecurity manager, marketer, consultant, and expert with a substantial network of technical and executive peers. In the news, Bitcoin mining ban considered by China's economic planner, Yahoo strikes $117.5 million data breach settlement, Serious flaws leave WPA3 vulnerable to hacks that steal Wi-Fi passwords, WikiLeaks Founder Julian Assange arrested and charged in US with computer hacking conspiracy, and How HTML5 Ping Is Used in DDoS Attacks.
Full Show Notes: https://wiki.securityweekly.com/Episode600
Follow us on Twitter: https://www.twitter.com/securityweekly
Follow us on Twitter: https://www.twitter.com/securityweekly
Will is a Partner and a Founding Investor at ForgePoint Capital. He has been an avid technology enthusiast for decades: building his first computer in elementary school and starting online businesses while completing his bachelorβs degree from the University of California, Berkeley. This week we have our quarterly segment to review the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. We also update the Security Weekly 25 index. Let's understand how the security market is doing.
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode124
This last week was pretty busy with announcements and presentations from the Google Next Conference. In 2018 they previewed some security tools and this year many of them are now GA along with a lot of other developer-focused services. In the news, 3D fingerprints and unlocking Android, Ticking off another command injection, Alexa, audio, and annotations, STS no longer just for HTTP, and Hardenize goes beyond TLS.
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode57 Follow us on Twitter: https://www.twitter.com/securityweekly
Mike Weber is the Vice President of Coalfire and Rebecca Larson is the Director, Vulnerability Assessment Operations of Coalfire. Coalfire ASV Scanning: - ASV program (love, praise, struggle) - Development and growth of scanning, 1-5 person team, partnership, marketing position - Published opinion piece, getting knowledge, supporting the industry - Scan platform - RISE - movement in the company, coalfire programs, development at Coalfire - Limitations of scanning, pen testing? To learn more about Coalfire, visit:Β https://securityweekly.com/coalfire Full Show Notes:Β https://wiki.securityweekly.com/ES_Ep... VisitΒ http://securityweekly.com/eswΒ for all the latest episodes!
This week, we welcome Loris Degioanni from Sysdig to discuss their open source container native runtime security project called Falco! In the News segment, The Matrix turns 20, Containers are Weakest Security Leak Again, The Evolution of Application Security in the Serverless World, and more!
To learn more about Sysdig, visit: https://securityweekly.com/sysdig
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode56
Visit https://www.securityweekly.com/asw for all the latest episodes!
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Β
In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code, Nvidia Fixes 8 High-Severity Flaws Allowing DoS, Code Execution, Computer virus alters cancer scan images, A Serious Apache server bug gives root to baddies in shared host environments, Cybercrime Groups Are Still Rampant on Facebook, 90% of OT organizations are cyberattack victims, Tenable Discloses Verizon Fios Router Vulnerabilities, and Samsung Galaxy S10 Fingerprint Sensor Duped With 3D Print!
Neil Butchart the SVP at Ekran, comes on the show to talk about "Is the industry broken?"
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode213
This week, we welcome Michael Murray, Chief Security Officer at Lookout! Michael joins us today to talk about Post-perimeter Security! In the Leadership and Communications segment, 94% of CIOs, CISOs have to make protection compromises, Accelerating Business Through Customer Centricity, 5 states dominating tech employment, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode123
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Mary Beth Borgwing, President and Founder of of the Cyber Social Club, to talk about Uniting Women in Cyber! In the Technical Segment, we welcome back our friend Chris Brenton, Chief Operating Officer at Active Countermeasures, to discuss why threat hunting is the missing link between our protection tools and our response tools, and will take a deep dive into the AI Hunter! In the Security News, Attackers exploiting IMAP to bypass MFA on O365 and G-Suite accounts, Vietnam's OceanLotus Group Ramps up hacking car companies, UC Browser violates Google Play Store Rules, & how Russia is spoofing GPS Signals on a massive scale!
Β
To learn more about Active Countermeasures and to get the slides for the Technical Segment today, visit: https://securityweekly.com/acm
Full Show Notes: https://wiki.securityweekly.com/Episode599
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Dr. Branden R. Williams! Branden has more than twenty years of experience in business, technology, and information security as a consultant, leader, and an executive. His specialty is navigating complex landscapesβbe it compliance, security, technology, or businessβand finding innovative solutions that propel companies forward while reducing risk. In the second segment, Paul and Matt sit down with Wade Lance and Nir Greenberg of Illusive Networks at the RSA Conference 2019!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode131
Visit https://www.securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Mike Shema, Product Security Lead of Square! Mike joins us on the show to talk about where the wins and challenges are in AppSec! In the Application Security News, XSS Vulnerability in Abandoned Cart Plugin Leads to WordPress Site Takeover, The RedMonk Programming Language Rankings: January 2019, I Deleted Facebook Last Year; Here's What Changed (and What Didn't), CommitStrip: Over-excited, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode55
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Asus pushes patch after hackers used updates to send malware, Microsoft announces Windows Defender ATP Antivirus for Mac, researchers find 36 new security flaws in LTE protocol, new settings let hackers easily pentest Facebook and Instagram Mobile Apps, and how researchers can get a free Tesla for spotting infotainment system bug! Sven Morgenroth from Netsparker joins us for expert commentary to discuss how Facebook stored hundreds of Millions of user passwords in plain text!
Β
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode212
Β
Subscribe to our YouTube channel: https://www.youtube.com/securityweekly
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Ian McShane, Vice President of Product Marketing at Endgame, to discuss Security ROI! In the Leadership and Communications segment, Even CEOs Should Clean Their Own Bathrooms Sometimes, Building an Effective Cybersecurity Program, How to Get Booked as a Podcast Guest, and more!
Β
To learn more about Endgame, visit:Β https://securityweekly.com/endgame
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode122
Visit https://www.securityweekly.com/bsΒ for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Marcus Carey, CEO and Founder of ThreatCare, to talk about Tribe of Hackers, a collection of industry, career, and personal insights from 70 cybersecurity professionals! In the Security News, WordPress plugin removed after zero day discovered, why you should change your facebook password NOW, threat hunting tips to improve security operations, hacked tornado sirens taken offline ahead of a major storm, and how a white hat hacker found a new bug class in Windows! In the final segment, we run a Technical Demo with our sponsor DomainTools, all about Domain Investigation w/ DomainTools Iris! All that and more, on this episode of Paul's Security Weekly!
Full Show Notes:Β https://wiki.securityweekly.com/Episode598
To learn more about DomainTools and Iris, visit: https://securityweekly.com/domaintools
Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, in the Enterprise Security News, I am joined by John Strand to discuss how Stackpath released new edge computing VMs, ExtraHop hires former Tenable and HPE leaders to support growth in cyber, Security professionals want to return fire to Venafi, Dragos acquires NexDefense, and 42Crunch unveils a new platform to discover API vulnerabilities and protect them from attacks! In the second segment, we air some pre recorded from RSA Conference 2019 with Endgame, Virsec, and Scythe!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode130
Visit https://www.securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Β
This week, we welcome Jamie Duncan, a recovering history major who has been at Red Hat for just over 7 years! Beginning with his role as a TAM, his focus has increasingly centered on the operations-oriented features of OpenShift, including the May 2018 publication of OpenShift In Action by Manning Publishing. Jamie has had this discussion with customers, OpenShift advocates, and technology fans on multiple continents to date. In the Application Security News, Owner of MAGA-Friendly Yelp Knockoff Threatens to Call FBI After Researcher Exposes Security Holes, Chinese Data Breach Exposes 'Breed Ready' Status Of Almost 2 Million Women, Dozens of companies leaked sensitive data thanks to misconfigured Box accounts, DARPA Is Building a $10 Million, Open Source, Secure Voting System, and much more!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode54
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
FreshRSS 