Randall Trzeciak, the Director of the CERT Insider Threat Center at Carnegie Mellon University's Software Engineering Institute! Randall will be speaking at InfoSec World 2019 about "An Effective Insider Threat Program" on Saturday, March 30th @9:00 am.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode125

Visit http://securityweekly.com/esw for all the latest episodes!

Three UK customer details exposed in homepage blunder, Microsoft cloud services see global authentication outage, the age of surveillance capitalism, the rise of DevXOps, and much more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode49 Follow us on Twitter: https://www.twitter.com/securityweekly

Keith and Paul discuss the current state of privacy and software development.

- Facebook reveals news feed experiment to control emotions

- Facebook pays teens to install VPN that spies on them

- Apple blocks Facebook from running its internal iOS apps

- Apple restores Google’s internal iOS apps after certificate misuse punishment

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode49 Follow us on Twitter: https://www.twitter.com/securityweekly

Sandra Toms is Vice President and Curator at RSA Conference. In 1998, her vision was to establish RSA Conference as a global cybersecurity forum where technology vendors and businesses unite. We all know how that turned out! Britta Glade is Director, Content and Curation at RSA Conference. When I first met Britta in 2012, she headed analyst relations for RSA before moving over to RSA Conference. If you want to learn more about RSA Conference, you can visit RSAConference.com.

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode116

We welcome David Kennedy, founder and CEO, at TrustedSec to discuss "Investing in the right technology and resources"!

To learn more about TrustedSec, visit: https://www.securityweekly.com/trustedsec

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode116

In our second segment, the Security Weekly hosts will discuss the Future of Security, such as major changes, evolving threats, and security culture!

Full Show notes: https://wiki.securityweekly.com/Episode592

Follow us on Twitter: https://www.twitter.com/securityweekly

Benjamin Daniel Mussleris the Senior Security Researcher at Acunetix. Benjamin will come on the show to talk about Web App Scanning with authentication.

To learn more about Acunetix, visit: https://securityweekly.com/acunetix

Full Show Notes: https://wiki.securityweekly.com/Episode592

Follow us on Twitter: https://www.twitter.com/securityweekly

In the Enterprise Security News, we will discuss how Cynets Platform approach tames cyber security issues, Salt Security launches API protection platform, Yubicos 2019 state of password and authentication security report, and we have some acquisition and funding updates from ReSec, Medigate, Cato Networks, Sophos, and DarkBytes!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode124

Visit http://securityweekly.com/esw for all the latest episodes!

In the Leadership and Communications segment, cybersecurity isn't just for tech people anymore, the weird approach to leadership, 4 things to do before a tough conversation, and more!

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode115

In the Security News, 5 tips for access control from an ethical hacker, Japan is to hunt down Citizens insecure IoT devices, kid tracking watches allow attackers to monitor real time location data, and Imperva mitigate a DDoS attack generated 500 million packets per second!

Full Show Notes: https://wiki.securityweekly.com/Episode592

Follow us on Twitter: https://www.twitter.com/securityweekly

Andrew Peterson is the Founder & CEO of Signal Sciences, and an O’Reilly author of "Cracking Security Misconceptions". He joins the show today to talk about prioritizing bugs, if certain bugs at lower levels are being exploited, how to connect with developers and prioritize bugs, and more!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode124

Visit http://securityweekly.com/esw for all the latest episodes!

Shreyans Mehta is the CTO at Cequence Security. Shreyans joins us to talk about advanced bot protection and how Cequence is involved.

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode115

Dr. Jing Xie is the senior threat intelligence researcher for Venafi, the market leading cybersecurity company in machine identity protection. As a member of the Venafi thought leadership group, she leads Venafi Labs.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode48 Follow us on Twitter: https://www.twitter.com/securityweekly

Concerns about WordPress' new "White Screen of Death", Google Chrome changes could 'destroy' ad-blockers, Mozilla is adding and ad-blocker to Firefox Focus 9.0, Websites can steal browser data via extensions APIs, a Fortnite security issue would have granted hackers access to accounts, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode48 Follow us on Twitter: https://www.twitter.com/securityweekly

Cellular carriers are implementing services to identify cell scam leveraging, New Android Malware uses motion sensor to avoid detection, Linux Malware disables security software to mine cryptocurrency, and how a Hacker threatened a family using a Nest Camera to broadcast a fake missile attack alert!

Full Show Notes: https://wiki.securityweekly.com/Episode591

Follow us on Twitter: https://www.twitter.com/securityweekly

In our second segment, the Security Weekly hosts talks about some of our favorite hacker movies, influencers in the community, and what software and devices make appearances in our labs!

Full Show Notes: https://wiki.securityweekly.com/Episode591

Follow us on Twitter: https://www.twitter.com/securityweekly

Christopher Morales is Head of Security Analytics at Vectra, where he advises and designs incident response and threat management programs for Fortune 500 enterprise clients. Christopher is a widely respected expert on cybersecurity issues and technologies and has researched, written and presented numerous information security architecture programs and processes.

Full Show Notes: https://wiki.securityweekly.com/Episode591

Follow us on Twitter: https://www.twitter.com/securityweekly

Jeff Man joins Paul to talk about Ping Identity offering advanced API cyber protection, AppDynamics keeps expanding monitoring vision, eSentire announces managed endpoint defense powered by Carbon Black, and Juniper Networks signs a deal with IBMs!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode123

Visit http://securityweekly.com/esw for all the latest episodes!

Paul and Jeff Man talk about Open-Source and free collaboration security tools.

1. Project Planning - OrangeScrum

2. Ticketing - Mantis Bug Tracker

3. Documentation - MediaWiki

4. Zabbix - Remote System Monitoring

5. Feedly - Share stories and RSS feed

6. Slack - Free!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode123

Visit http://securityweekly.com/esw for all the latest episodes!

This week on Application Security Weekly, Matt Alderman is joined by James Wickett, who is the Head of Research at Signal Sciences. They talk about the human element of application security training and testing.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode47 Follow us on Twitter: https://www.twitter.com/securityweekly

In the Leadership and Communications segment, customer surveys are no substitute for actually talking to customers, CEOs most concerned about Cybersecurity in 2019, the open workspace, doesn't work, and more!

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode114

Zane Lackey is the Chief Security Officer at Signal Sciences. Zane comes on the show to talk about advising!

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode114

In the News segment, Oracle patches 284 vulnerabilities, bug in Twitter Android app exposed protected tweets, 4 tips for better API Security in 2019, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode47 Follow us on Twitter: https://www.twitter.com/securityweekly

Two code execution flaws patched in Drupal, 773 million records exposed in massive data breach, prices for zero-day exploits are rising, new attacks target recent PHP framework vulnerability, and Microsoft launches a new Azure DevOps Bug Bounty program!

Full Show Notes: https://wiki.securityweekly.com/Episode590

Follow us on Twitter: https://www.twitter.com/securityweekly

Joff will demonstrate some syntax with PowerShell useful for transferring data into a network while pen testing. The technical segment assumes that the pen testing is able to directly use PowerShell from the console itself, although the techniques can be adapted for different purposes.

To learn more about BHIS, visit: https://securityweekly.com/bhis

Full Show Notes: https://wiki.securityweekly.com/Episode590

Follow us on Twitter: https://www.twitter.com/securityweekly