Info

Security Weekly Podcast Network (Video)

This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
RSS Feed Subscribe in Apple Podcasts
Security Weekly Podcast Network (Video)
2024
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: Page 40
Mar 5, 2022

Finally, in the Enterprise Security News, BlueVoyant raises a $250M Series D to become security’s newest unicorn (baby unicorn, awww), Balbix raises a $70M Series C, Scope Security announces a $20M Series A to specifically focus on monitoring and defense for healthcare, Palo Alto introduces a new product aiming to disrupt the SIEM market, Third Party Risk Management vendors come together to forge the one ring of standards to rule all of cyber (less forge, more rubber stamp though), Signal Science founder, former Etsy CISO, and honorary level 80 DevOps wizard Zane Lackey is now a general partner at Andreesen Horowitz (A16Z), All that and more, on this episode of Enterprise Security Weekly!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw263

Mar 5, 2022

Rich joins us to discuss the differences in managing security policies between on-premises network environments and the cloud and the impacts that has on companies that are 100% cloud-based. He’ll also be discussing the additional considerations that these organizations need to consider if they are considering SASE and SD-WAN to expand network access for their users.

 

This segment is sponsored by FireMon. Visit https://securityweekly.com/firemon to learn more about them!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw730

Mar 4, 2022

If you are amongst the legions transitioning into a cybersecurity career, mock interviews serve as critical preparation for your job hunt. Alissa has delivered over 50 of these practice sessions over the last 4 months. Get some pointers from her on how to stand out from the crowd of entry-level applicants.

Segment Resources:

Alissa's class with Antisyphon InfoSec Training **Advanced Endpoint Investigations**

- https://www.antisyphontraining.com/advanced-endpoint-investigations-w-alissa-torres/

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw730

Mar 4, 2022

90% of cloud runs on Linux, but current countermeasures are focused on addressing Windows-based threats, leaving multi-cloud deployments vulnerable to attacks. So, is it any wonder that malware is propagating in multi-cloud environments under the radar?

 

Segment Resources:

https://via.vmw.com/exposingmalware

 

This segment is sponsored by VMware. Visit https://securityweekly.com/vmware to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw263

Mar 4, 2022

In the Security News for this week: Was it Russia?, Blocking software updates, crowd-sourced attacks, protecting FPGAs, moving Linux to modern C, Nvidia hit, the split of cyber criminals, Namecheap banning, Anonymous declares war, the Alan framework, and leaving your Docker port exposed, & more!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw730

Mar 4, 2022

We'll cover the cutting-edge recommendations in the US federal governments January 2022 memo on their "transition to zero trust". Then we'll talk about what the standard definition of "zero-trust" means in our industry, and why it doesn't mean "trust zero things". Finally, we'll chat about architectures that can get us closer to actually trusting zero things.

 

Segment Resources:

Analysis of the federal government's zero trust memo: https://www.bastionzero.com/blog/i-read-the-federal-governments-zero-trust-memo-so-you-dont-have-to

https://www.bastionzero.com/blog/bashing-vpns-for-fun-and-profit

Zero trust security models

https://docs.bastionzero.com/product-docs/home/security-model

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw263

Mar 2, 2022

In the leadership and communications section, Answer this question to assess your leadership, Partner Across Teams to Create a Cybersecurity Culture, The Future of Cyber Insurance, and more!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw252

Mar 1, 2022

Ransomware developments we saw over the past year—along with a look ahead at what to expect in 2022.

 

This segment is sponsored by Barracuda Networks. Visit https://securityweekly.com/barracuda to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw252

Mar 1, 2022

Salesforce reveals their bounty totals for 2021, GitHub opens its advisory database for collaboration, a year in review of ICS vulns, automating WordPress plugin security analysis, the Secure Software Factory from CNCF, Samsung's encryption mistakes, filling in the missing semester of Computer Science

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw186

Feb 28, 2022

DevOps teams have often been underserved by security tools. Modern appsec solutions need to fit within the existing workflows related to how software is built and deployed. But just dropping a tool into that pipeline isn't sufficient -- there are apps that haven't migrated to modern build processes or framework and many cloud-native apps demand different approaches to deployment. We'll cover the different approaches to adapting security tools to the needs of the developers.

 

This segment is sponsored by Contrast Security. Visit https://securityweekly.com/contrast to learn more about them!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw186

Feb 26, 2022

This discussion will provide a brief overview of the Incident Command System for Industrial Control Systems processes and describe how ICS4ICS will help companies better manage industrial cyber incidents. We will discuss how ICS4ICS will enable companies to work with government agencies and mutual aid partners when a cyber incident impacts an entire industrial sector or multiple sectors.

 

Segment Resources:

General info and to sign up for more information in our newsletter: https://gca.isa.org/ics4ics

Learn more about our call to volunteers: https://gca.isa.org/blog/ics4ics-will-improve-management-of-ics-cybersecurity-incidents

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw262

Feb 26, 2022

Cloud, DevOps, Kubernetes - the world has gone crazy. We don't have servers anymore - we have workloads, instances, and serverless. We have CI/CD pipelines. These workloads are distributed, immutable, and ephemeral (aka 'DIE' - hi Sounil!) in many cases. Today, we chat with Jimmy Vo about what it was like, as a detection engineer, to come from a traditional banking environment and suddenly get thrown into a world full of 'cloud-first' startups. "DevOps folks are nuts." --Jimmy Vo

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw262

Feb 26, 2022

Josh Corman joins to describe, in vivid detail, some of his experiences working for CISA, as a fed, & from the frontlines.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw729

Feb 26, 2022

This week in the Enterprise News: eSentire raises $325M as it expands into services Beyond Identity raises $100M to build out MFA, Secureframe raises $56M to help folks with SOC 2 and HIPAA compliance, Nashville-based Phosphorus Cybersecurity raises $38M to secure IoT devices (curious about the name - what kind of Phosphorus? Could be dangerous!), anecdotes raises a $25M Series A to compete in the same space as Secureframe (lots of money for folks that ease compliance pains!), Cloudflare acquires, Area 1 Security for $162M, Darktrace acquires ASM vendor Cybersprint, Snyk acquires Fugue, Andy Ellis drops an SBOM in his latest opinion piece, the latest of several thought-provoking hot takes from him, CISA publishes a list of free tools and services, & more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw262

Feb 25, 2022

Chris will tell the tale on how an electrical engineer got sucked backwards into the infosec abyss. Also, Chris will share some war stories about what he's seen...and be open to questions from Paul that his viewers will enjoy. Beware of dad jokes.

 

Segment Resources:

Presentations: https://www.slideshare.net/chrissistrunk

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw729

Feb 25, 2022

In the Security News for this week: Unskilled hacker linked to years of attacks on aviation, transport sectors, The Elite Hackers of the FSB, Bionic Eyes Go Dark, Herpaderping, & more!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw729

Feb 24, 2022

In the Leadership & Communications section for this week: What Is Security?, How to Team Up with IT for Cybersecurity, Executive Cybersecurity Leadership Program launches, and more!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw251

Feb 23, 2022

The Business Information Security Officer, or BISO, is relatively new and somewhat controversial role. Does this role act as the CISO's non-technical liaison to the business units or as the CISO's deputy to oversee strategy implementation at a granular level? Is this new role a necessary career path for future CISOs or an entry point into security? The BSW hosts debate!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw251

Feb 21, 2022

Lots of web hacking can be done directly from the browser. Throw in a proxy like Burp plus the browser's developer tools window and you've got a nearly complete toolkit. But nearly complete means there's still room for improvement. We'll talk about the tools to keep on hand, setting up practice targets, participating in bug bounties, and more resources to help you learn along the way. For tips on labs beyond just appsec, be sure to check out the Security Weekly webcast on "Do It Yourself: Building a Security Lab At Home" at https://securityweekly.com/webcasts/do-it-yourself-building-a-security-lab-at-home/

 

Segment resources:

- https://www.darkreading.com/careers-and-people/want-to-be-an-ethical-hacker-here-s-where-to-begin

- https://github.com/AdminTurnedDevOps/DevOps-The-Hard-Way-AWS

- https://owasp.org/www-project-juice-shop/

- https://owasp.org/www-project-vulnerable-web-applications-directory/

- https://portswigger.net/web-security

- https://azeria-labs.com/writing-arm-assembly-part-1/

- https://twitter.com/0xAs1F/status/1480604655952433155

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw185

Feb 19, 2022

Finally, in the Enterprise Security News, Securonix raises $1B in Vista-led round (it’s like they ate a unicorn!), Salt Security becomes a Unicorn, has not been eaten (yet), Legit Security raises a totally legit $26.5M Series A, Vicarius and Calamu raise Series As ,Permit.io, KSOC, Titaniam, Canonic Security, Allure Security, and SecureThings all pick up seed funding! We look at Big Tech’s cybersecurity funding and acquisitions, The rumor mill goes nuts over a Cisco/Splunk deal that’s probably not happening (maybe?) Why are cybersecurity asset management startups so hot right now? New products, unhelpful legislation, a major acquisition, & of course a few squirrel stories! 

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw261

Feb 19, 2022

This week in the Security News: To steal or collect a bug bounty, print bombing an NFL team, Webkit strikes again, hackers be framing, TIPC Linux kernels, is that an Airtag in your pocket or?, It was Russia unless it wasn't Russia, Cassandra and Magento, how not to redact, & more! 

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw728

Feb 18, 2022

This week in the Application Security News: RCE in Cassandra, why pixelization isn't good redaction, Rust's compiler is friendly, Edge adds arbitrary code guard to its WASM interpreter, & the difference between secure code and a secure product (as demonstrated by a DAO)

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw185

Feb 18, 2022

Yes, this is possible! We have incoporated into our vulhub-lab project a way to run Windows inside a Docker Container that is running on Linux. We didn't invent this technique but we will show you how to do it!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw728

Feb 18, 2022

0patch is a simple but powerful service that provides tiny targeted security patches to Windows computers, eliminating the most critical vulnerabilities without restarting the computer or relaunching applications. A different approach to patching allows us to both create and deploy 0day patches much quicker than original vendors can with their traditional update processes.

Segment Resources:

0patch Blog with many posts on vulnerabilities and patches we make

https://blog.0patch.com/

0patch FAQ

https://0patch.zendesk.com/hc/en-us/categories/200441471

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw261

Feb 18, 2022

Michael joins us to discuss the importance of information sharing, how to convey cybersecurity practice and topics to senior leaders, cybersecurity regulation, myths surrounding militarizing cyberspace, and more! 

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw728

1 « Previous 37 38 39 40 41 42 43 Next » 160