Info

Paul's Security Weekly TV

Security news, interviews, how-to technical segments. For security professionals by security professionals. We Hack Naked.
RSS Feed Subscribe in Apple Podcasts
Paul's Security Weekly TV
2020
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: Page 1
Mar 27, 2020

Tod Beardsley, research director, will discuss some of the trends in Internet scanning and attacker behavior given there are new Windows vulnerabilities and the workforce working from home. Should you re-train your User Behavior Analytics (UBA) and/or rely on other technologies?

 

To learn more about Rapid7 or to get a free trial, visit: https://securityweekly.com/rapid7

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode177

Mar 27, 2020

The cybersecurity challenges created by remote workforces and what it takes to deliver security to remote workers while avoiding impacting business operations. How do you continue vulnerability and patch management across endpoints and servers when everyone is working from home?

 

To learn more about Qualys, visit: https://securityweekly.com/qualys

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode177

Mar 26, 2020

How to Write an Automated Test Framework in a Million Little Steps, Qualys remote endpoint protection solution helps enterprises secure remote workforces, Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering, Kaspersky Security for Microsoft Office 365 adds protection for SharePoint Online and Microsoft Teams and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode177

Mar 26, 2020

Customer perspective on the three topics discussed with RSA in first segment Also: -What is your view of security vs. compliance vs. risk? -What drives your security program initiatives? -What are the biggest challenges in administering a security program?

 

To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode22

Mar 25, 2020

David Walter from RSA will join us to discuss the following:
-The shift in the enterprise from compliance-based focused initiatives to risk-based ones
-Regulatory changes that are impacting organizations security program/management efforts
-Challenges/Successes associated with automating compliance monitoring efforts/continuous compliance monitoring

 

To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode22

Mar 25, 2020

In the leadership and communications section, Real Leaders: Abraham Lincoln and the Power of Emotional Discipline, Social Distancing: 15 Ideas for How to Stay Sane, Rethink Your Relationship with Your Vendors, and more!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/BSWEpisode167

Mar 24, 2020

How do you protect your assets commensurate with their value if you lack situational awareness of everything communicating on your network thanks to IoT, rogue cloud instances, and shadow IT? If we can agree that EDR doesn't give the full picture, what can the security industry do to combat this challenge both from a technological and a process/culture perspective? Jeff will discuss how asset and risk management is changing and open up a conversation around how the CIA Triad has and is evolving.

 

For more information, visit: https://securityweekly.com.extrahop

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/BSWEpisode167

Mar 24, 2020

Static application security testing (SAST) is critical for uncovering and eliminating issues in proprietary code. However, over 60% of the code in an average application today is composed of open source components. SAST isn't designed to find open source vulnerabilities (CVEs) or identify open source licenses. And manually maintaining a repository of approved open source components for developers is inefficient and time-consuming. That’s where software composition analysis (SCA) comes in. Introducing a new functionality within the Code Sight IDE plugin that combines SAST and SCA in one place to enable secure development.

 

For more information, visit: https://securityweekly.com/synopsys

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ASWEpisode101

Mar 23, 2020

Singularity is a container runtime that was built from the ground up to live in multi-user environments where POSIX permissions must be respected. In addition to a novel runtime approach, the Singularity Image Format (SIF) differs significantly from other container image formats, with built-in support for full image encryption as well as digital signatures.

 

For more information, visit: http://sylabs.io/

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ASWEpisode101

Mar 21, 2020

SANS Penetration Testing | Microsoft SMBv3.11 Vulnerability and Patch CVE-20200796 Explained, Drobo 5N2 4.1.1 - Remote Command Injection, $100K Paid Out for Google Cloud Shell Root Compromise, WordPress, Apache Struts Attract the Most Bug Exploits, Run Docker nginx as Non-Root-User.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/PSWEpisode644

Mar 21, 2020

Acunetix: Automation as a Solution for Web Application Security - Mark Ralls - RSAC 2020 Mark Ralls, President and Chief Operating Officer at Acunetix, discusses web security challenges in small and medium enterprises and how automation can help fill the skills gap. To schedule a demo with Acunetix, visit: https://securityweekly.com/acunetix Netsparker: How to Scale Web Application Security - Kevin Gallagher - RSAC 2020 Kevin Gallagher, Chief Revenue Officer at Netsparker, discusses how to scale web application security including asset discovery, application scanning, prioritization of results, and more! To get a demo of NetSparker, please visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode176

Mar 20, 2020

Struggling with how to get your logs from the cloud? Have no fear, Corey and the Security Weekly crew talk about how to configure your logs in the cloud, use cloud-native services to handle the shuffling of logs in and out of the cloud, and control your costs! We conclude by talking a bit about Windows Event logs and overcoming some gotchas.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

To learn more about Gravwell, visit: https://securityweekly.com/gravwell

Show Notes: https://wiki.securityweekly.com/PSWEpisode644

Mar 20, 2020

SaltStack: Managing Configuration & Patches with SaltStack - Mehul Revankar - RSAC 2020 Offering open-source and commercial solutions for configuration, patch, and vulnerability management, SaltStack is a must-have! Mehul Ravankar provides us with details about the various products and new features including the ability to import vulnerability scan data and remediate! To request a demo with SaltStack, visit: https://securityweekly.com/saltstack Synopsys: Enabling Developers Without Negatively Impacting Their Velocity - Utsav Sanghani - RSAC 2020 Utsav Sanghani, Senior Product Manager from Synopsys, discusses the latest efforts to enable developers in ensuring that software security is accounted for in their work without negatively impacting their velocity. To get a demo of Synopsys, please visit: https://securityweekly.com/synopsys Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode176

Mar 20, 2020

The challenges and differentiated values of desktop and laptop protection and administrative tool control (e.g., Powershell, SSH) for remote users and administrators to work securely. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode644

Mar 19, 2020

Compliance requirements and SecOps frameworks like NIST - checking boxes rather than a ‘holistic’ view? The vendor eco-system feeding on checking boxes (of which we are one, we HAVE to be.) RSA’s theme this year: ‘the human factor’. Are CFOs driving technical decisions that put SecOps teams underwater? Investing in Protect vs. Detect vs. Responding tools/resources Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode21

Mar 19, 2020

Fortinet Introduces Self-Learning AI Appliance for Sub-Second Threat Detection Enterprise IT World, GreatHorn Offers Free Email Protection for 60 Days, ZeroNorth raises $10M to further expand engineering, customer support and sales, WordPress to get automatic updates for plugins and themes, and more!! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode176

Mar 17, 2020

Compliance requirements and SecOps frameworks like NIST - checking boxes rather than a ‘holistic’ view? The vendor eco-system feeding on checking boxes (of which we are one, we HAVE to be.) RSA’s theme this year: ‘the human factor’. Are CFOs driving technical decisions that put SecOps teams underwater? Investing in Protect vs. Detect vs. Responding tools/resources Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode21

Mar 17, 2020

What data compliance regulations apply to a Las Vegas hospital with California patients? One major compliance fine can lead to a big financial hit and a complete loss of customer trust, so understanding ‘where your data lives’ and how the law shifts based on the location of data collection, storage and transfer is paramount. With no overarching federal data law, each state can (and does) require different duties from organizations that collect and keep data. A big challenge for compliance teams is figuring out which state (or states) claim your data. Unfortunately, the legal world of intangible data property is complicated and sometimes even contradictory. I will also preview my InfoSec World 2020 session - Cyberlaw Year in Review. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode166

Mar 17, 2020

Data of millions of eBay and Amazon shoppers exposed as another supply chain casualty, Announcing Bottlerocket, a new open source Linux-based operating system purpose-built to run containers, and The DevOps Sweet Spot: Inserting Security at Pull Requests (Part 1). Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode100

Mar 17, 2020

Due to a combination of a) development teams embracing Agile and DevOps and b) that security teams are often outnumbered by developers 100:1 or more in many companies, there's been a fundamental shift in how security teams need to operate. I've spent a significant amount of time studying how security teams at companies, large and small, have attempted to adapt to this new reality. There are a number of interesting trends in how work is prioritized, continuous code scanning (static and dynamic), scaling threat modeling and detection & response, investing in secure defaults, asset inventory, self-healing cloud environments, and more. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode100

Mar 17, 2020

In the leadership and communications segment, Drowning in a Sea of Alerts, Boeing taps Qantas exec Susan Doniz as CIO, CIO interview: Ian Cohen, chief product and technology officer, at Addison Lee, and more. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode166

Mar 15, 2020

Hacks performed on connected & IoT devices, such as routers, security cameras, smart meters, etc. are increasingly common, and revealing major vulnerabilities in existing security measure. This vicious cycle of hack & patch can be broken by adopting a new approach that introduces the role of flash memory in securing devices.

Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode643

Mar 15, 2020

COVID-19, among other things, has deemed it necessary for many to work from home. There are several security concerns that need to be raised, such as those who work from home still require access to data and services. How many will store sensitive information on their personal computers? How will attackers change their strategy to target those working from home? Tune in to this segment for the full discussion! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode643

Mar 14, 2020

Girls Who Hack teaches classes primarily to middle school girls on hacking and making. Secure Open Vote is an end to end, open source election system that is in the design stages. www.BiaSciLab.com www.GirlsWhoHack.com www.SecureOpenVote.com Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode643

Mar 13, 2020

ExtraHop - Agents and logs don't play well in an IoT environment, however the network doesn't lie. Looking at the behaviors of IoT devices through the lens of the network traffic can help build an asset inventory help detect attacks. Corey Bodzin is the VP of Product Management for ExtraHop and discusses how network visibility can help with IoT security. To try RevealX Cloud for Free visit: https://securityweekly.com/extrahop Bandura - Todd Weller, Chief Strategy Officer at Bandura Cyber, provides an update on Bandura Cyber and discusses the latest trends and dynamics in threat intelligence. To find out more about Bandura Cyber, please email Todd.Weller@banduracyber.com Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode175

1 2 3 4 5 6 7 Next » 80