Login
This week Dr. Doug talks Bill Gates Mind control, Section 230, Threatpost 2021 Predictions, Zyxel, California Privacy Law, Ticketmaster Hacking Rivals, and Jason Wood returns for Expert Commentary!
Β
Show Notes: https://securityweekly.com/swn91
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
A premise of adding security to DevOps is we can "shift left" AppSec responsibilities, one of which is building apps so they're secure by design. Yet what resources does the AppSec community provide for this approach to design? We take a look at the OWASP Top 10, Web Security Testing Guide, and Application Security Verification Standard to find a way forward for DevOps teams. In the AppSec News, Microsoft purges malicious SolarWinds presence and highlights a threat model around their source code, the tl;drsec crew provides a hardening guide for Kubernetes, Apples provides a user guide for hardening accounts, and Firefox provides a new storage system to defeat side channel abuse!
Β
Show Notes: https://securityweekly.com/asw135
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Vicarius' very own Roi Cohen and Shani Dodge join us to kick off the show with a technical segment titled "Generating Threat Insights Using Data Science"! Then, Harry SverdLove from ZScaler joins us for a technical segment on "Securing The Enterprise Software Supply Chain"! In the Security News, How suspected Russian hackers outed their massive cyberattack, Millions of Unpatched IoT, OT Devices Threaten Critical Infrastructure, Zodiac Killer Cipher Solved, a Security Researcher states βsolarwinds123β Password Left Firm Vulnerable in 2019, Why the Weakest Links Matter, and a 26-Year-Old Turns βMistakeβ of Being Added to an Honors Geometry Class to Becoming a Rocket Scientist!
Β
Show Notes: https://securityweekly.com/psw678
Visit https://securityweekly.com/vicarius to learn more about them!
Visit https://securityweekly.com/edgewise to learn more about them!
Β
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week in the Enterprise security News, A Hack brought unwanted attention to SolarWinds, Datadog and Snyk unveil GitHub integration to automate software development workflow, Thoma Bravo Invests In Machine Identity Management/Security Startup Venafi, FireEye Closes $400M Blackstone Investment, and DigiCert now enables manufacturers to embed certificates on chips prior to manufacturing! Then, Martyn Crew from Gigamon joins us to discuss how "Visibility Is Critical in Uncertain Times", and we wrap up the show with a pre-recorded interview with Emily Huynh and Mandy McKenzie from Mimecast, discussing the Mimecast Awareness Training Philosophy!
Β
Show Notes: https://securityweekly.com/esw211
Visit https://securityweekly.com/mimecast to learn more about them!
Visit https://securityweekly.com/gigamon to learn more about them!
Β
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, it's the final episode of Security Weekly News for 2020! Dr. Doug talks show summaries, the Russians, SolarWinds kill switch, everyone is hacked, Gitpaste-12 returns, and more!
Β
Show Notes: https://securityweekly.com/swn90
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
The penetration testing mythology as it applies to information security is all screwed up. If nothing else, we're going to attempt to define a penetration test, focus on the goals, and what should be in a report. You better believe there is going to be an overarching "PCI" context to this discussion. We'll continue our discussion of penetration testing. In this segment, we'll talk about the right reasons to have a penetration test performed, the impact (for better or worse) of the PCI requirement for annual penetration testing, and how to get the most out of your penetration testing results.
Β
Show Notes: https://securityweekly.com/scw56
Visit https://www.securityweekly.com/scw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Padraic O'Reilly, Chief Product Officer & Co-Founder at CyberSaint, to talk about Transforming Cyber Risk/Compliance Through Automation! For this final segment of 2020, why pull more articles to review when we all lived it? Instead, let's recap some of the leadership and communications lessons we have learned in a very difficult 2020 and discuss the changes we'll make in 2021 to be better leaders.
Β
Show Notes: https://securityweekly.com/bsw200
Visit https://securityweekly.com/cybersaintbsw to learn more about them!
Β
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug talks about U.S Agencies hit by Foreign Adversaries, SolarWinds, New PyMicropsia Trojan, SoRel-20M, Naughty Cyberpunk 2077 glitches, and the return of Jason Wood!
Β
Show Notes: https://securityweekly.com/swn89
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Ev Kontsevoy, CEO at Teleport, to discuss Freedom From Computing Environments! In the Application Security News, FireEye shares supply chain subterfuge, researchers show repeated mistakes in TCP/IP stacks, Google open sources Python fuzzing, Cisco and Microsoft patch their patches for vulns in Jabber and printer modules!
Β
Show Notes: https://securityweekly.com/asw134
Visit https://securityweekly.com/teleport to learn more about them!
Β
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
This week, it's the 15 Year Anniversary Edition of Security Weekly! We celebrate with three roundtable discussions on Penetration Testing, Blue Team Techniques, and Hacker Culture! Penetration Testing: Join us for a lively discussion surrounding the topic of penetration testing. Sure, we've called out differences between vulnerability scanning and penetration testing. Moving past this particular issue, we'll explore how to effectively use penetration testing in your environments. Blue Team Techniques We often hear that offensive security techniques are "sexier" than defensive blue team techniques. In this panel discussion, we attempt to level the playing field (on so many levels...) between attackers and defenders. Keeping the evil attackers out of our networks and systems is a daunting task that requires creative thinking and creative solutions. Hacker Culture: Hacking matters. The term hacking has gotten away from us over the years. I believe we've reclaimed it, to a certain extent. The goal of this panel is to discuss all things hacking culture. What does it mean to be a hacker and how do we preserve the hacking ideology?
Β
Show Notes: https://securityweekly.com/psw677
Visit https://securityweekly.com/ilf to learn more about them!
Visit https://securityweekly.com/risksense to learn more about them!
Visit https://securityweekly.com/coresecurity to learn more about them!
Β
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug talks Steam flaws, Zuck gets zucked, Black Mirror, Kerberos flaws in Windows, and the 15th Anniversary/Unlocked show! All this and show wrap ups on the Security Weekly News Wrap Up!
Β
Show Notes: https://securityweekly.com/swn88
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week in the Enterprise Security News, How Kali Linux creators plan to handle the future of penetration testing, Tenable founders launch cybersecurity foundation to hand out grants, FireEye cybersecurity tools compromised in state-sponsored attack, Bitdefender launches cloud-based endpoint detection, response platform for companies, and Sysnet acquires Viking Cloud to enhance its cloud security platform and boost market expansion! Mike Lloyd from RedSeal joins us to discuss "How Can We Vaccinate Our Networks?", and we wrap up the show with an interview with Joe Rivela from Polarity!
Β
Show Notes: https://securityweekly.com/esw210
Visit https://www.polarity.io/sw to learn more about them!
Visit https://securityweekly.com/redseal to learn more about them!
Β
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Padraic O'Reilly, Chief Product Officer & Co-Founder at CyberSaint, to talk about The Cyber Risk/Compliance Transformation Solution! We want to take the time in the segment to formally introduce you to one of our new co-hosts, Mr. Fredrick "Flee" Lee. Flee is currently the Chief Security Officer for a company called Gusto and used to be Head of Information Security at Square. We'll spend some time getting to know Flee and his background, pepper him with questions, talk shop, all the while engaging in the usual mayhem!
Β
Show Notes: https://securityweekly.com/scw55
Visit https://securityweekly.com/cybersaintscw to learn more about them!
Β
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug talks Amnesia:33, the NSA, IoT Laws, Trickbot returns from the dead, & IRS tax ID Pins! Tim Mackey, Principal Security Strategist at Synopsys, joins us for Expert Commentary to discuss the impact of the supreme court taking up the case of how broad the CFAA is and its impact on security research!
Β
Show Notes: https://securityweekly.com/swn87
Visit https://securityweekly.com/synopsys to learn more about them!
Β
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Sri Sundaralingam joins Security Weekly to discuss the challenges of hybrid workforce and what security professionals should start thinking about as they begin planning for a return to the office in 2021! In the leadership and communications section, Darth Vader Week - Leadership from the Dark Side, Compassionate Leadership Is Necessary β but Not Sufficient, 3 Steps to Run Better and More Effective Meetings, and more!
Β
Show Notes: https://securityweekly.com/bsw199
Visit https://securityweekly.com/extrahop to learn more about them!
Β
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Mike Manrod, CISO of Grand Canyon University, joined by John Delaroderie, Security Solutions Architect at Qualys, to discuss his approach to web application security with an emphasis on improving knowledge of web application vulnerabilities and the external attack surface, and his approach to reducing the number of opportunities an attacker has to compromise our information and infrastructure! In the Application Security News, An old security bug in the Play library still affects 8% of apps in Google Play, Project Zero researcher spends six months to reboot an iPhone (in an epic manner), GitHub looks at the security of repos within its Octoverse, the OWASP Web Security Testing Guide gets a minor bump, and XS-Leaks get more attention.
Β
Show Notes: https://securityweekly.com/asw133
Visit https://securityweekly.com/qualys to learn more about them!
Β
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Vicarius' very own Roi Cohen and Gilad Lev join us to kick off the show with a technical segment titled "From Chaos to Topia"! Jeff Capone from SecureCircle joins us for an interview on zero trust data security! Ed Skoudis returns to talk to us about the Holiday Hack Challenge! Then, in the Security News, Thousands of unsecured medical records were exposed online, Advanced Persistent Threat Actors Targeting U.S. Think Tanks, WarGames for real: How one 1983 exercise nearly triggered WWIII , The Supreme Court will hear its first big CFAA case, TrickBoot feature allows TrickBot to run UEFI attacks, and Cyber Command deployed personnel to Estonia to protect elections against Russian threat!
Β
Show Notes: https://securityweekly.com/psw676
Visit https://securityweekly.com/vicarius to learn more about them!
Visit https://securityweekly.com/securecircle to learn more about them!
Β
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug talks Krebs, slack, docker vulnerabilities, Jeff Man finds fake news, a massive IoS article, and UEFI, all this and show wrap ups on the Security Weekly News Wrap Up!
Β
Show Notes: https://securityweekly.com/swn86
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, in the Enterprise Security News, securing Amazon EKS, Attivo Networks announces a new integration, a cloud security mapping startup comes out of stealth, recent funding announcements from DefenseStorm, GoSecure, EclecticIQ and more! We discuss The Road To Secure Your Organization, with Ferruh Mavituna, and wrap up the show with a special Round Table Discussion on Cybersecurity and Diversity featuring; Jackie Abrams, Gabe Gumbs, Mandy Logan, & Susan Bosco!
Β
Show Notes: https://securityweekly.com/esw209
Visit https://securityweekly.com/netsparker to learn more about them!
Β
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we're going to take on a different aspect of the cybersecurity skills gaps in this episode. Namely, the lack of diversity in our industry when it comes to African Americans and what can we all do about it. To facilitate the discussion today we are joined by AJ Yawn, who is a founding board member of the National Association of Black Compliance & Risk Management Professionals, Inc. (NABCRMP). He's also co-founder and CEO of a company called ByteChek whose tagline is "We Make Compliance Suck Less" so I think we're in store for a fascinating discussion.
Β
Show Notes: https://securityweekly.com/scw54
Visit https://www.securityweekly.com/scw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Jeff Capone, CEO and Co-founder at SecureCircle, joins us to discuss how to protect all of your data and stop asking "Where's Your Data?"! If we can protect everything, who cares where it is, as you continue to maintain control! In the Leadership and Communications section,Your Title Doesn't Make You a Leader, The New Nine to Five: How Traditional Hours Are Holding Your Business Back, Building a Better Workplace Starts with Saying βThanksβ, and more!
Β
Show Notes: https://securityweekly.com/bsw198
Visit https://securityweekly.com/securecircle to learn more about them!
Β
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Building High Performing Security Teams - The Skills Gap vs The Talent Shortage: Cybrary CEO and Co-Founder Ryan Corey sits down with Security Weekly to chat about the trends they are seeing in Cybersecurity skill development among high performing teams. Ryan will share some highlights from Cybrary's recent Cybersecurity Skills Gap Survey Report.
Β
Show Notes: https://securityweekly.com/swn85
Visit https://cybrary.it/solved to learn more about them!
Β
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Tim Mackey, Principal Security Strategist at Synopsys, to talk about Security Decisions During Application Development! In the Application Security News, Xbox bug exposed email identities, focusing on prevention for your cloud security strategies, Amazon looking to hire more Rust developers, KubeCon continues push for security, and a DevOps reading list!
Β
Show Notes: https://securityweekly.com/asw132
Visit https://securityweekly.com/synopsys to learn more about them!
Β
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week in the Enterprise Security News, Why Companies Should Outsource Cybersecurity During COVID and Beyond, Sectigo Adds Five PKI DevOps Integrations, a Drupal vulnerability press statement from ExtraHop, Palo Alto Networks launches Industryβs first 5G-Native Security offering, And Passwords exposed for almost 50,000 vulnerable Fortinet VPNs! We discuss Which Multifactor Authentication is the Right One with Matt Barnett, Chief Strategist at SEVN-X!, and then we gain some insights into Sharpening CVSS with Asset Context, with Clayton Fields and Michael Assraf of Vicarius!
Β
Show Notes: https://securityweekly.com/esw208
Visit https://securityweekly.com/vicarius to learn more about them!
Β
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Zulfikar Ramzan, Ph.D., Chief Digital Officer at RSA Security, to talk about how Zero Trust Intersects XDR in Todayβs Digital Era! In the second segment, the SCW crew and Dr. Ramzan talk about Cyber Credit Score Industry! Someone made an offhand comment about the Cyber Credit Score Industry on one of our shows a couple weeks ago, so we thought we'd bring it up as a compliance topic. We'll define what we're talking about when it comes to Cyber Credit Scores - what they are intended to do and for whom. Then we'll pick it apart, SCW style!
Β
Show Notes: https://securityweekly.com/scw53
Visit https://securityweekly.com/rsasecurity to learn more about them!
Β
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, James Gomez, CISO at Cybersec, join us to discuss Cybersecurity & Integrated Risk Management! In the Leadership and Communication Segment we discuss the creative mindset, CMMC challenges, work from home security is still lacking security, you may not get it right the first time, reaching your goals, increasing productivity with music, tackling bottlenecks and more!
Β
Show Notes: https://securityweekly.com/bsw197
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, in the first segment, Mike, Adrian, and John discuss Threat Modeling! We threat model every day without realizing it. And, of course, we often threat model with systems and products within our organizations. So how formal does our approach need to be? How do we best guide the "what could go wrong" discussion with DevOps teams? And what's a sign that we're generating useful threat models? In the Application Security News, a manifesto highlights principles and values for threat modeling, the CNCF releases a Cloud Native Security Whitepaper, Microsoft put security in the CPU with Pluton, mass scanning for secrets, ancient flaws resurface in Drupal, and steps for implementing source composition analysis!
Β
Show Notes: https://wiki.securityweekly.com/asw131
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Mimecast's very own Jamie Fernandes and Karsten Chearis join us to discuss recent Threat Actor Trends! Michael Roytman, the Chief Data Scientist at Kenna Security discusses how to use AI and Machine Learning to solve Infosec problems! In the Security News, Verizon has suggestions on how to make DNS more secure, Microsoft is trying to fix another Kerberos vulnerability, Bumble made some security blunders, why trying to write an article about rebooting your router was a terrible idea, popping shells on Linux via the file manager, Trump fired Krebs, backdoors on your TV and why PHP is still a really bad idea!
Β
Show Notes: https://securityweekly.com/psw675
Visit https://securityweekly.com/mimecast to learn more about them!
Visit https://securityweekly.com/kennasecurity to learn more about them!
Β
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug talks about IoT Legislature, Krebs is fired, DNS, Joff Thyer, Clearview, Cicada, and Funny Dream as well as the show Wrap Ups!
Β
Show Notes: https://securityweekly.com/swn84
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we start with the Enterprise News, discussing the all new AWS Network Firewall, Zero Trust for Kubernetes, interactive coding simulations, DNS monitoring, and Twitter appoints a new head of security! The latest acquisitions from Cisco, Acronis, Palo Alto Networks, and Flashpoint, and recent funding announcements from Unbound, Havoc Shield, Menlo Security and Cato networks!In our second segment, we discuss how network detection helps fill the gaps with Steve Porcello from Gigamon! Finally, we gain some insights into the future of Osquery with Ganesh Pai and Julian Wayte from Uptycs!
Β
Show Notes: https://securityweekly.com/esw207
Visit https://securityweekly.com/gigamon to learn more about them!
Visit https://securityweekly.com/uptycs to learn more about them!
Β
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we have the pleasure of welcoming the newest member of the CRA/Security Weekly family, Adrian Sanabria! What is his role at Security Weekly, and what is the plan for rolling things out over the next 12-18 months? We'll continue the discussion with Adrian Sanabria and explore if and how the plans for CRA/Security Weekly will impact the Security & Compliance Weekly audience!
Β
Show Notes: https://wiki.securityweekly.com/scw52
Visit https://www.securityweekly.com/scw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Kevin O'Brien, CEO and Co-Founder at GreatHorn, for a discussion around what Risk Mitigation looks like in email! In the Leadership and Communications section, The CISOβs Dilemma: Balancing Security, Productivity With a Housebound Workforce, Seven cybersecurity predictions for 2021, Avoiding cloud sprawl: 5 considerations for managing a multicloud environment, and more!
Β
Show Notes: https://securityweekly.com/bsw196
Visit https://securityweekly.com/greathorn to learn more about them!
Β
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug talks Bumble, Facebook Scams, Mudge, CISA, Hidden Cobra, and Lazarus Group! All this and Jason Wood returns for Expert Commentary on the Security Weekly News!
Β
Show Notes: https://securityweekly.com/swn83
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Rickard Carlsson, Co-founder & CEO at Detectify, to talk about Automated Hacker Knowledge! In the Application Security News, The Platypus Attack Threatens Intel SGX, a Revitalized Attack Makes for Sad DNS, Bug Hunter Hits DOD With an IDOR, Steps for DevOps, Testing in Prod, Two More Chrome Bugs, and Open Source K8s Tools From Capital One!
Β
Show Notes: https://wiki.securityweekly.com/asw130
Visit https://securityweekly.com/detectify to learn more about them!
Β
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Joseph Salazar, Technical Deception Engineer at Attivo Networks, to discuss how to Disrupt Attacks at the Endpoint with Attivo Networks! Then, Badri Raghunathan, Director of Product Management, and Sumedh Thakar, President and Chief Product Officer from Qualys, join us to discuss The Challenges Associated With Securing Container Environments! In the Security News, not all cyberattacks are created equal, Google patches two more Chrome zero days, What does threat intelligence really mean?, Cobalt Strike leaked source code, DNS cache poisoning is back, and Zebras and Dots!
Β
Show Notes: https://wiki.securityweekly.com/psw674
Visit https://securityweekly.com/qualys to learn more about them!
Visit https://securityweekly.com/attivo to learn more about them!
Β
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug talks Tianfu, Ghimob, Scalper bots, Animal Jam, Pay2Key, the Sad State Of 2FA, all this and Doug's Threat of the Week on the Security Weekly News Wrap Up!
Β
Show Notes: https://securityweekly.com/swn82
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Trevor Welsh, Global Security Strategist at Chronicle, to discuss Getting Google Scale Threat Detection With Chronicle Detect! In the Enterprise News, Radware Announces Expanded Elastic Scalability and Resiliency for its Virtual DDoS Protection in AWS, Neustar Agrees to Buy Verisignβs Public DNS Service, Auto-Scaling Network Visibility in AWS Cloud, Palo Alto Networks introduces Enterprise Data Loss Prevention, New Kasada API protects from botnet attacks and targeted fraud, and more! In our final segment, we have two pre-recorded interviews with Jeff Capone of SecureCircle, and Roi Cohen of Vicarius!
Β
Show Notes: https://securityweekly.com/esw206
Visit https://securityweekly.com/chronicle to learn more about them!
Visit https://securityweekly.com/securecircle to learn more about them!
Visit https://securityweekly.com/vicarius to learn more about them!
Β
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Liam Downward, CEO at CYRISMA, to talk about Data, Data, Data! You've scanned your data to uncover risks and vulnerabilities and assigned accountability through mitigation plans to meet compliance mandates. Now you must classify, rank, prioritize and score your data to track efforts and stay organized.
Β
Show Notes: https://wiki.securityweekly.com/scw51
Visit https://securityweekly.com/cyrisma to learn more about them!
Β
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Dr. Mike Lloyd, CTO at RedSeal, to talk about the Cybersecurity Forecast: Cloudy With a Chance of Turbulence! In the Leadership and Communications section, How to Be a Visionary Leader and Still Have a Personal Life, 5 Mistakes CISOs Make in Their Board Presentations, What are CEOs focused on for next year?, and more!
Β
Show Notes: https://securityweekly.com/bsw195
Visit https://securityweekly.com/redseal to learn more about them!
Β
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug reviews all of the latest cyber security news and then discusses incident response strategy and scenario exercising with Joshua Harr, Sr. Advisory Services Consultant at Rapid7!
Β
Show Notes: https://securityweekly.com/swn81
Visit https://securityweekly.com/rapid7 to learn more about them!
Β
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we have the pleasure to welcome back Keith Hoodlet, Senior Manager, Application Experience at Thermo Fisher Scientific, and former Host of Application Security Weekly, to discuss how Security Is a Feature! In the Application Security News, China's top hacking contest turns months of effort into 15 minutes of exploits, an injection flaw in GitHub Actions, understanding post-compromise activity in exploits targeting Solaris and VoIP, security and quality challenges in integrating software from multiple vendors, and CVE naming turns into wibbly wobbly timey wimey stuff!
Β
Show Notes: https://wiki.securityweekly.com/asw129
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Sven Morgenroth, Security Researcher from Netsparker, to talk about Abusing JWT (JSON Web Tokens)! Dan DeCloss, CEO & President of Plextrac joins us in the following segment to show us how to use Proactive Security Using Runbooks! In the Security News, Deception Technology: No Longer Only A Fortune 2000 Solution, New Chrome Zero-Day Under Active Attacks Update Your Browser, Pornhub Has Been Blocked In Thailand, 3 actively exploited zero days on iOS, and Someone Just Emptied Out a $1 Billion Bitcoin Wallet!
Β
Show Notes: https://wiki.securityweekly.com/psw673
Visit https://securityweekly.com/netsparker to learn more about them!
Visit https://securityweekly.com/plextrac to learn more about them!
Β
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug Talks Billion USD Bitcoin Mystery Solved, Russian Bears Doxed, Oracle, Zoom Snooping, and Drugs, all this and show wrap ups on the Security Weekly News Wrap Up!
Β
Show Notes: https://securityweekly.com/swn80
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we start off the show with an Interview with Mike Gruen, VP of Engineering & CISO from Cybrary, to discuss The Benefits of Online On-Demand Training For Teams! In our second segment, we welcome Kevin O'Brien, Co-Founder and CEO of GreatHorn, to talk about Massive Cyberattack Spreading Across 68% of Organizations! In our final segment, we welcome Mike Campfield, VP of Global Security Programs from ExtraHop, joins us for a technical segment on Why Network Detection & Response Belongs In Your 2021 Strategy!
Β
Show Notes: https://securityweekly.com/esw205
Visit https://securityweekly.com/GreatHorn to learn more about them!
Visit https://cybrary.it/solved to learn more about them!
Visit https://securityweekly.com/extrahop to learn more about them!
Β
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Frank Macreery, Co-Founder and CTO at Aptible, to talk about Cloud Computing Compliance: Intelligent vs. Basic Automations, this this special two part interview!
Β
Show Notes: https://wiki.securityweekly.com/scw50
Visit https://securityweekly.com/aptible to learn more about them!
Β
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Marie Ketner, Director of Product at Cybrary, to talk about How to Develop Your Cybersecurity Skills! In the Leadership and Communications section, The Dark Side Of Authentic Leadership, Why CISOs must be students of the business, Top IT certifications and degrees to help you advance your career, and more!
Β
Show Notes: https://securityweekly.com/bsw194
Visit https://cybrary.it/solved to learn more about them!
Β
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug talks Election Day jitters, Zero Days in Microsoft, Maze, Kimsuky, and it's Jersey Baby in Montana! Jason Woods returns for Expert Commentary on Ransomware in Action & Their communications & use of Legitimate Services!
Β
Show Notes: https://securityweekly.com/swn79
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Alfred Chung, Sr. Product Manager at Signal Sciences, to discuss Azure App Service & Cloud-Native Signal Sciences Deployments! In the Application Security News, Lax IoT security exposes smart-irrigation systems, Adobe Flash goes truly end of line in one last update, confidential computing gets a turbo boost with Nitro, link previews show security and privacy problems, and security theatre gets an encore!
Β
Show Notes: https://wiki.securityweekly.com/asw128
Visit https://securityweekly.com/signalsciences to learn more about them!
Β
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Shani Dodge and Roi Cohen from Vicarius to apply what we learned in the previous segment and actually prioritize our vulnerabilities and remediation the right way. Paul Battista, CEO & Founder of Polarity joins us in the following segment to show us how to use and customize augmented reality to speed up security analysis! In the Security News, the KashmirBlack botnet is behind attacks on CMSs such as WordPress, Joomla, and Drupal, Cybercriminals are Coming After Your Coffee, irrigation systems and door openers are vulnerable to attacks, if you have Oracle WebLogic exposed to the Internet you are likely already pwned, who needs Internet Explorer any longer? and why isn't MFA more popular?!
Β
Show Notes: https://wiki.securityweekly.com/psw672
Visit https://securityweekly.com/vicarius to learn more about them!
Visit https://securityweekly.com/polarity to learn more about them!
Β
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week in the Enterprise News, Blackpoint Cyber introduces insurance for customers and MSPs, Qualys Extends Integration with Microsoft Azure Defender, GrammaTech CodeSentry now identifies third party code vulnerabilities, AttackIQ integrates with Microsoft Azure Sentinel, Aqua Security announces Kubernetes-native security capabilities and funding updates from Artic Wolf, StackHawk, Eagle Eye Networks and more! In our second segment, we welcome Jeff Capone, Co-Founder and CEO of SecureCircle to discuss Conditional Data Access for Endpoints! In our final segment, Alexi Papaleonardos, Cloud Incident Response Manager at Crowdstrike joins us to discuss Attacking and Defending Cloud Infrastructure!
Β
Show Notes: https://securityweekly.com/esw204
Visit https://securityweekly.com/crowdstrike to learn more about them!
Visit https://securityweekly.com/securecircle to learn more about them!
Β
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug talks Dorsey, Zuckerberg, and Pichai in the Senate hotseat, KashmirBlack, Healthcare under assault, typosquatting, WebLogic, bug bounties, and the NSA strikes back, all this and show wrap ups on the Security Weekly News Wrap Up!
Β
Show Notes: https://securityweekly.com/swn78
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we have the pleasure of welcoming Frank Price, VP of Product at CyberGRX, to discuss Third Party Risk Assessment: What's in Your Supply Chain? In our second segment, we welcome Alain Espinosa, Director of Security Operations at Online Business Systems, to talk about Logging, Monitoring, and SIEM, Oh My!
Β
Show Notes: https://wiki.securityweekly.com/scw49
Visit https://securityweekly.com/cybergrx to learn more about them!
Β
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Matt Ashburn, Federal Engagement Lead at Authentic8, to talk about Scale Your SOC: Protecting Against Browser-Based Threats! In the Leadership and Communications section, Cybersecurity, a risk to all board of directors, Is The Cybersecurity Industry Selling Lemons? Apparently Lots Of Important CISOs Think it Is, 4 critical strategies for tech leaders in Gartner's CIO agenda, and more!
Β
Show Notes: https://securityweekly.com/bsw193
Visit https://securityweekly.com/authentic8 to learn more about them!
Β
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug talks IoT, Southern Comfort, Winston Privacy, backdoor wars, KashmirBlack, healthcare keeps getting hit, and Roger Hale from BigID joins us for Expert Commentary!
Β
Show Notes: https://securityweekly.com/swn77
Visit https://securityweekly.com/bigid to learn more about them!
Β
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Cesar Rodriguez, Head of Developer Advocacy at Accurics, to talk about Cyber Resiliency Through Self-Healing Cloud Infrastructure! In the Application Security News, NSA publishes list of top vulnerabilities currently targeted by Chinese hackers, Nvidia Warns Gamers of Severe GeForce Experience Flaws, Addressing cybersecurity risk in industrial IoT and OT, Firefox 'Site Isolation' feature enters user testing, expected next year, Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser, and Exit Stage Left: Eradicating Security Theater!
Β
Show Notes: https://wiki.securityweekly.com/asw127
Visit https://securityweekly.com/accurics to learn more about them!
Β
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Corey Thuen from Gravwell, to talk about Sysmon Endpoint Monitoring complete with Clipboard Voyeurism! Next up, Scott Scheferman, the Principal Cyber Strategist at Eclypsium, joins us to talk about how Hackers Are Hitting Below The Belt! In the Security News, testing firm NSS Labs closes up shop, stringing vulnerabilities together to pwn the Discord desktop app, a Wordpress plugin aimed at protecting Wordpress does the opposite, the FDA approves the use of a new tool for medical device vulnerability scoring, and 8 new hot, steamy, moist cybersecurity certifications!
Β
Show Notes: https://wiki.securityweekly.com/psw671
Visit https://securityweekly.com/gravwell to learn more about them!
Visit https://securityweekly.com/eclypsium to learn more about them!
Β
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, first we talk Enterprise News, discussing how Palo Alto Networks announces cloud native security platform, Akamai launches new API security tool, SentinelOne secures patent for unique approach to uncovering exploits in their initial payload stage, Splunk helps security teams modernize and unify their security operations in the cloud, and Agile1 Predictive Analytics Risk Scoring helps orgs identify, prioritize and quantify cybersecurity risks! In our second segment, we welcome Ed Bellis, Co-Founder and CTO at Kenna Security, to discuss Prioritization to Prediction Vulnerability Research Series! In our final segment, we welcome back Corey Bodzin, CTO at deepwatch, to talk about deepwatch Lens Score and Series B!
Β
Show Notes: https://securityweekly.com/esw203
Visit https://securityweekly.com/deepwatch to learn more about them!
Visit https://securityweekly.com/kennasecurity to learn more about them!
Β
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug wraps up all the shows from this week, and talks about Twitter hacks, Oracle patches, Sandworm, Singapore facial recognition, and Donald Trump says we don't need security!
Β
Show Notes: https://securityweekly.com/swn76
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Steve Schlarman, Integrated Risk Management Strategist at RSA Security, to discuss Integrated Risk Management & Operational Resiliency! In our second segment, we welcome David Mundhenk, Principal Security Consultant at Herjavec Group, and Ivan Tsarynny, Co-Founder and CEO at Feroot Security, to talk about How Backdoors Lead To Breaches & GRC Compliance Issues!
Β
Show Notes: https://wiki.securityweekly.com/scw48
Visit https://securityweekly.com/rsasecurity to learn more about them!
Β
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week we update you on the Security Weekly 25 Index! In the Leadership and Communications segment, 96% of Cybersecurity Professionals are Happy With Their Roles, 4 Tips for Effective Virtual Collaboration, Whatβs Really Happening in Infosec Hiring Now?, 5 Signs That Point to a Schism in Cybersecurity, Tactical vs Strategic: CISOs and Boards Narrow Communication Gap, and CISO Stressbusters: 7 tips for weathering the cybersecurity storms!
Β
Show Notes: https://securityweekly.com/bsw192
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
FreshRSS