Info

Paul's Security Weekly TV

Security news, interviews, how-to technical segments. For security professionals by security professionals. We Hack Naked.
RSS Feed Subscribe in Apple Podcasts
Paul's Security Weekly TV
2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: Category: Application Security Weekly
Sep 18, 2019

Simjacker – Next Generation Spying Over Mobile, Intel CPUs Vulnerable to Sensitive Data Leakage in NetCAT Attack and NetCAT: Practical Cache Attacks from the Network, What is PSD2? And how it will impact the payments processing industry, Better Together: Why Software-Development Toolmakers Should Embrace Integration, and more!

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode143 Visit https://www.securityweekly.com/asw for all the latest episodes!

Sep 17, 2019

The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development. The excel tool Jay Durga developed can be used to measure metric or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode76 Visit https://www.securityweekly.com/asw for all the latest episodes!

Sep 11, 2019

A very deep dive into iOS Exploit chains found in the wild followed by Heap Exploit Development, Twitter turns off SMS texting after @Jack hijacking, CVE-2019-15846: Unauthenticated Remote Command Execution Flaw Disclosed for Exim, 7 Steps to Web App Security, Fuzzing 101: Why Bug Hunters Still Love It After All These Years, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode75 Visit https://www.securityweekly.com/asw for all the latest episodes!

Sep 10, 2019

Ty Sbano is the Cloud Chief Information Security Officer of Sisense. Ty will be discussing Tools in the DevOps Pipeline, Component Analysis, and Anything Application Security!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode75 Visit https://www.securityweekly.com/asw for all the latest episodes!

Aug 28, 2019

We interview Azi Cohen the Co-founder of WhiteSource. He will be talking about Application security has undergone a transition in recent years, as information security teams testing products before release became irrelevant, developers started playing a leading role in the day-to-day operational responsibility for application security. We then interview Jeff Hudson the CEO of Venafi. He will talk about code signing that has been used to verify the integrity of software, and nearly every organization relies on it to confirm their code has not been corrupted with malware.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode74 Visit https://www.securityweekly.com/asw for all the latest episodes!

Aug 27, 2019

Pawan Shankar is the Senior Product Marketing Manager of Sysdig. Sysdig is very excited to announce the launch of Sysdig Secure 2.4! With this release, Sysdig adds runtime profiling to enhance anomaly detection and introduces brand new interfaces that improve runtime security policy creation and vulnerability reporting.

To learn more about Sysdig, visit: https://securityweekly.com/sysdig Full Show Notes: https://wiki.securityweekly.com/ASW_Episode74 Visit https://www.securityweekly.com/asw for all the latest episodes!

Aug 21, 2019

CVE-2019-1162 showcases elevation of privilege in an ancient Windows component. HTTP/2 Denial of Service Advisory with seven vulns that affects the protocol implemented by several vendors, SSH certificate authentication for GitHub Enterprise Cloud works well with tools like Sharkey and BLESS. We talked more about ephemeral access and SSH in episode 71, Polaris Points the Way to Kubernetes Best Practices, and much more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode73 Visit https://www.securityweekly.com/asw for all the latest episodes!

Aug 20, 2019

At Black Hat 2019, we interviewed: Ameya Talwalker from Cequence, Mark Batchelor from PING Identity, and Michael Krueger from NowSecure!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode73 Visit https://www.securityweekly.com/asw for all the latest episodes!

Aug 14, 2019

Outline of Interview: Leaders want to be successful, what are the "6 Secrets of Success" As a leader, what's my body language and how do I improve it: "Body Language of Leaders" "Myths About Body Language" "Confident Body Language Boosters" As a leader, I need to know "How to Increase Your Influence" Finally, as a leader, I need to know "How to Capture an Audience by Using the Body Language Secrets"

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode139 Visit https://www.securityweekly.com/bsw for all the latest episodes!

Aug 12, 2019

Mike Shema and Matt Alderman discuss Hacker Summer Camp as the Security Weekly team has returned from Las Vegas.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode72 Visit https://www.securityweekly.com/asw for all the latest episodes!

Jul 31, 2019

Murray Goldschmidt is the COO & Co-founder of Sense of Security. Murray talks about The state of container security in the enterprise. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode71 Visit https://www.securityweekly.com/asw for all the latest episodes!

Jul 30, 2019

Rare Steganography Hack Can Compromise Fully Patched Websites, Bug Bounties Continue to Rise as Google Boosts its Payouts, Snyk Acquires DevSecCon to Boost DevSecOps Community, and much more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode71 Visit https://www.securityweekly.com/asw for all the latest episodes!

Jul 24, 2019

SupPy Chain Malware - Detecting malware in package manager repositories, Attacking SSL VPN, Solving Digital Transformation Cybersecurity Concerns With DevSecOps, How I Could Have Hacked Any Instagram Account, Tracking Anonymized Bluetooth Devices and Bluetooth Bug, Enables Tracking on Windows 10, iOS & macOS Devices, 2019 Global Developer Report: DevSecOps finds security roadblocks divide teams and GitLab Survey Surfaces Major DevSecOps Challenges Ahead.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode70 Visit https://www.securityweekly.com/asw for all the latest episodes!

Jul 23, 2019

Ian Eyber is the CEO of NanoVMs. Unikernels are an emerging trend in software deployment because of their isolation, performance and size. However they are still very much new so it's good to learn what benefits they bring and what their current drawbacks are. Listeners might be surprised to learn how many unikernel implementations there are and what organizations are actively using them.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode70 Visit https://www.securityweekly.com/asw for all the latest episodes!

Jul 16, 2019

Gururaj Pandurangi is a founder and CEO of Cloudneeti, a software-as-a-service company focused on continuous cloud security, data privacy and compliance assurance. Gururaj is coming on the show to discuss security in multi-cloud environments.

To learn more about Cloudneeti, visit: https://securityweekly.com/cloudneeti

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode69 Follow us on Twitter: https://www.twitter.com/securityweekly

Jul 16, 2019

Yes, the zoom thing, 50 Ways to Leak Your Data in 1,300 Popular Android Apps Access Data, Without Proper Permissions, GE Aviation exposed internal configs via open Jenkins instance, Preparing your enterprise to eliminate passwords, DevSecOps Survey Finds Failure to Communicate, What Quality Metrics Matter Most for DevOps?

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode69 Follow us on Twitter: https://www.twitter.com/securityweekly

Jul 11, 2019

WordPress Plugin WP Statistics Patches XSS Flaw, Three RCEs in Android's Media framework, Nine Best Practices For Integrating Application Security Testing Into DevOps, 6 Traits That Define DevSecOps, and much more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode68 Follow us on Twitter: https://www.twitter.com/securityweekly

Jul 10, 2019

Mike Shema, John Kinsella, and Matt Alderman talk cloud native from an application perspective.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode68 Follow us on Twitter: https://www.twitter.com/securityweekly

Jul 3, 2019

Mike Shema, John Kinsella, & Matt Alderman discuss security training for Devs!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode67 Follow us on Twitter: https://www.twitter.com/securityweekly

Jul 2, 2019

GKE improves authentication with Workload Identity, AWS reinforce reveals traffic tools and security solutions that improve support for DevOps, Brief history of Trusted Execution Environments, From the Enterprise's Project: How to Explain Service Mesh in Plain English, Developers and Security Teams Under Pressure to Collaborate!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode67 Follow us on Twitter: https://www.twitter.com/securityweekly

Jun 27, 2019

API are now over 80% of the HTTP traffic and enterprise application breaches through compromised APIs are mounting!. A guide to API Security. They also discuss Public VS Private APIs and if the best practice should be segregation of the two.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode66 Follow us on Twitter: https://www.twitter.com/securityweekly

Jun 26, 2019

Mozilla pushes a patch onto an Array, Netflix shares a stream of patches, Breach to bankruptcy for healthcare company, Osquery becomes a foundational tool, Avoiding DevOps dangers, and Assigning DevOps directions!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode66 Follow us on Twitter: https://www.twitter.com/securityweekly

Jun 19, 2019

Mike Shema and John Kinsella interview Shannon Lietz, the Director Information Security at Intuit about DevOps.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode65 Follow us on Twitter: https://www.twitter.com/securityweekly

Jun 18, 2019

There's no escape that will save you..., the privilege of running a Chrome extension, and Four practices towards DevSecOps!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode65 Follow us on Twitter: https://www.twitter.com/securityweekly

Jun 11, 2019

"Waiting for the worms to come." -- Pink Floyd and RDP's CVE-2019-0708. Even the NSA warns about the population of exposed systems, A patch commands attention for mail servers, In macOS Catalina and iOS 13, Apples finds a way to find devices and not lose privacy, iOS App Transport Security has strong benefits, but weak adoption, and much more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode64 Follow us on Twitter: https://www.twitter.com/securityweekly

1 2 3 4 5 6 7 Next » 7