Info

Paul's Security Weekly TV

Security news, interviews, how-to technical segments. For security professionals by security professionals. We Hack Naked.
RSS Feed Subscribe in Apple Podcasts
Paul's Security Weekly TV
2020
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: October, 2020
Oct 31, 2020

Polarity uses computer vision that works like augmented reality for your data. It's not a new dashboard to search or a new portal to manage. Polarity augments your existing workflows, enriching your view as you do your work so you can see the story in your data without sacrificing thoroughness or speed. We'll be talking about how analysts are using Polarity to balance thoroughness and speed.

 

This segment is sponsored by Polarity. Visit https://securityweekly.com/polarity to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/psw672

Oct 31, 2020

Only integrating vulnerability characteristics to determine risk leaves half the prioritization canvas empty. Observing and analyzing user interaction and other surrounding software characteristics provide the rich contextual clues to complete the picture.

 

This segment is sponsored by Vicarius. Visit https://securityweekly.com/vicarius to learn more about them!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/psw672

Oct 30, 2020

CrowdStrike's broad visibility into incidents at organizations from every sector, around the globe has yielded insights into current trends in security incidents related to public clouds such as AWS, Azure, and Google Cloud. In this segment we'll discuss recent trends in breaches related to use of the public cloud, and what organizations can do to better prepare and protect themselves.

 

This segment is sponsored by CrowdStrike. Visit https://securityweekly.com/crowdstrike to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw204

Oct 30, 2020

Most folks think about using Conditional access for SaaS applications or access to specific data sources. However, once that data is accessed how do you continuously enforce conditional access "to the data" on an endpoint.

 

This segment is sponsored by SecureCircle. Visit https://securityweekly.com/securecircle to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw204

Oct 29, 2020

Blackpoint Cyber introduces insurance for customers and MSPs, Qualys Extends Integration with Microsoft Azure Defender, GrammaTech CodeSentry now identifies third party code vulnerabilities, AttackIQ integrates with Microsoft Azure Sentinel, Aqua Security announces Kubernetes-native security capabilities and funding updates from Artic Wolf, StackHawk, Eagle Eye Networks and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw204

Oct 29, 2020

Security monitoring tends to be a topic that companies either avoid, because it sounds too complicated or they tried it and were inundated with data. With proper tuning and asset clarification, security monitoring can save companies money, time and resources.

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/scw49

Oct 28, 2020

An introduction to CyberGRX and how to get companies working together safely and efficiently. Topics: - Third-party risk management and importance for your organization - The nature of bilateral relationships between vendors and enterprises - The evolution of PCI assessments

 

This segment is sponsored by CyberGRX. Visit https://securityweekly.com/cybergrx to learn more about them!

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/scw49

Oct 28, 2020

In the leadership and communications section, Cybersecurity, a risk to all board of directors , Is The Cybersecurity Industry Selling Lemons? Apparently Lots Of Important CISOs Think it Is, 4 critical strategies for tech leaders in Gartner's CIO agenda, and more!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw193

Oct 27, 2020

Silo is a cloud-based web isolation platform that separates the things you care about from the things you cannot trust. In this segment, former CIA cyber security officer Matt Ashburn will demonstrate how Silo protects organizations from malicious web-based content, from ransomware to advanced persistent threats. We’ll also see how Silo enables incident response and SOC analysts through security, managed attribution and unified insight into user behavior.

 

This segment is sponsored by Authentic8. Visit https://securityweekly.com/authentic8 to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw193

Oct 27, 2020

NSA publishes list of top vulnerabilities currently targeted by Chinese hackers, Nvidia Warns Gamers of Severe GeForce Experience Flaws, Addressing cybersecurity risk in industrial IoT and OT, Firefox 'Site Isolation' feature enters user testing, expected next year, Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser, and Exit Stage Left: Eradicating Security Theater!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/asw127

Oct 26, 2020

With the increased development velocity in cloud environments, cyber resilience is now more important than ever. To achieve cyber resiliency, security needs to be codified through the development life-cycle and security controls need to be implemented through self-healing infrastructure.

 

This segment is sponsored by Accurics. Visit https://securityweekly.com/accurics to learn more about them!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/asw127

Oct 25, 2020

In the Security News, Testing firm NSS Labs closes up shop, stringing vulnerabilities together to pwn the Discord desktop app, a Wordpress plugin aimed at protecting Wordpress does the opposite, the FDA approves the use of a new tool for medical device vulnerability scoring, 8 new hot, steamy, moist cybersecurity certifications, and 5 things you can do to secure your home office without hiring an expert!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/psw671

Oct 24, 2020

In 2020 attackers are increasingly targeting firmware and hardware - going below the operating system to hide from traditional security solutions and gain persistence. Both nation state actors and criminals are exploiting vulnerable, exposed firmware on network and VPN devices, and recently a new UEFI rootkit dubbed #MosaicRegressor was found in the wild. We'll discuss how and why attackers are targeting firmware and hardware, and the steps security professionals can take to gain visibility into this attack surface and protect enterprise devices. This segment is sponsored by Eclypsium.

 

Show Notes: https://wiki.securityweekly.com/psw671

Visit https://securityweekly.com/eclypsium to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes! 

Oct 24, 2020

Sysmon is a free endpoint monitoring tool published by Microsoft in their sysinternals suite. It generates process creations, network connections, file creations, DNS, and now clipboard monitoring with v12. We'll discuss what's in the events and how to easily visualize and search them with Gravwell's new Sysmon Kit. This segment is sponsored by Gravwell.

 

Show Notes: https://wiki.securityweekly.com/psw671

Visit https://securityweekly.com/gravwell to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes! 

Oct 23, 2020

deepwatch formally launched its Lens Score app on October 20th. Corey joins us to discuss the app, its future, and how it helps CISOs achieve their security outcomes. Corey will also discuss the deepwatch Series B and how we plan to invest the funds.

 

This segment is sponsored by deepwatch. Visit https://securityweekly.com/deepwatch to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw203

Oct 23, 2020

Organizations have millions of vulnerabilities. And our research has shown that those same organizations, large or small, on average, can only fix about one in ten of those vulnerabilities. But as a security practitioner you still need to keep your organization secure, so how do you do that when you can’t possibly fix ALL of your vulnerabilities? Ed Bellis will:

  • Review what years of joint research into vulnerability management with the Cyentia Institute uncovered about the scope of the challenge
  • A breakdown in performance factors by industry and platforms
  • Lay out several factors that drive better remediation performance
  • Provide a deeper understanding on the scope of exposures and how risk informs remediation strategies

 

This segment is sponsored by Kenna Security. Visit https://securityweekly.com/kennasecurity to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw203

Oct 22, 2020

Palo Alto Networks announces cloud native security platform, Akamai launches new API security tool, SentinelOne secures patent for unique approach to uncovering exploits in their initial payload stage, Splunk helps security teams modernize and unify their security operations in the cloud, and Agile1 Predictive Analytics Risk Scoring helps orgs identify, prioritize and quantify cybersecurity risks!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw203

Oct 22, 2020

The client-side or the front end of web applications, aka ‘digital user experience’, actively ingests customer/user information via forms. As the web app's front-end code runs on unmonitored devices, many application security flaws are being leveraged by malware and malicious actors to capture credentials, financial transactions, payment card data, and permit legitimate third-party vendor tools to facilitate unauthorized access or theft of sensitive data causing damages from tens of thousands to hundreds of millions of dollars.

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/scw48

Oct 21, 2020

2020 has been the perfect storm for risk management planners and practitioners. Steve Schlarman, Director of Product Marketing and GRC Strategist for RSA Archer will provide anecdotes and lessons learned about how Risk management programs have been challenged this year, and how they need to adapt moving forward.

 

This segment is sponsored by RSA Security. Visit https://securityweekly.com/rsasecurity to learn more about them!

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/scw48

Oct 21, 2020

In the Leadership and Communications segment, 96% of Cybersecurity Professionals are Happy With Their Roles, 4 Tips for Effective Virtual Collaboration, What’s Really Happening in Infosec Hiring Now?, 5 Signs That Point to a Schism in Cybersecurity, Tactical vs Strategic: CISOs and Boards Narrow Communication Gap, and CISO Stressbusters: 7 tips for weathering the cybersecurity storms!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw192

Oct 20, 2020

This week we update you on the Security Weekly 25 Index... Here's the companies we're tracking: Symbol Company Name SCWX Secureworks Corp PANW Palo Alto Networks Inc CHKP Check Point Software Technologies Ltd. SPLK Splunk Inc NLOK NortonLifeLock Inc FTNT Fortinet Inc AKAM Akamai Technologies, Inc. FFIV F5 Networks, Inc. ZS Zscaler Inc PFPT Proofpoint Inc FEYE FireEye Inc QLYS Qualys Inc VRNT Verint Systems Inc. CYBR Cyberark Software Ltd TENB Tenable Holdings Inc SAIL Sailpoint Technologies Holdings Inc MIME Mimecast Ltd NET Cloudflare Inc CRWD Crowdstrike Holdings Inc NTCT NetScout Systems, Inc. VRNS Varonis Systems Inc RPD Rapid7 Inc SUMO Sumo Logic Inc RDWR Radware Ltd. PING Ping Identity Holding Corp

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw192

Oct 20, 2020

Patch Your Windows - “Ping of Death” bug revealed, 800,000 SonicWall VPNs vulnerable to remote code execution bug, T2 Exploit Team Creates Cable That Hacks Mac, Zoom Rolling Out End-to-End Encryption, and 'BleedingTooth' Bluetooth flaw!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/asw126

Oct 19, 2020

Join Taylor McCaslin, Security Product Manager at GitLab to discuss current trends in the application security testing industry. We'll chat about where the industry is at today and discuss advances in the field and what the future might hold. We've seen an explosion of security offerings from traditional security testing vendors to general source code management platforms, we'll discuss current pain points and opportunities for developers, security experts, and executives navigating all these tools in their pursuit of building secure software. Topics will include SAST, data science, DevSecOps, "shift-left", and vulnerability management.

 

This segment is sponsored by GitLab. Visit https://securityweekly.com/gitlab to learn more about them!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/asw126

Oct 18, 2020

In the Security News, Microsoft Uses Trademark Law to Disrupt Trickbot Botnet, Barnes & Noble cyber incident could expose customer shipping addresses and order history, Zoom Rolls Out End-to-End Encryption After Setbacks, Google Warns of Severe 'BleedingTooth' Low to Medium risk vulnerabilities, 5 Signs That Point to a Schism in Cybersecurity, and Using nginx to Customize Control of Your Hosted App!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/psw670

Oct 17, 2020

Threats are no longer only a concern of large sophisticated organizations and there is a continued need to democratize security operations and controls so they are accessible to organizations of any size or skill level. Security services and tools need to be plug-in play for anyone with IT skills without requiring security expertise.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/psw670

1 2 3 Next »