In a special segment for this week, John Strand and Paul discuss some companies that Paul had a chance to sit down for briefings with! They discuss GuardiCore and their Application Segmentation, Cyxtera and their Network Security and Software Defined Perimeters, PreVeil’s Encrypted Email and File Sharing, and more!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode111

Visit https://www.securityweekly.com/esw for all the latest episodes! 

Garrett Gross received his first modem at age six and has been plugged in ever since. Today, Garrett is a Senior Solutions Engineer with a specialization in application security at Rapid7. He serves as an escalation layer to the applied engineering department, provides technical enablement, and facilitates cross-departmental functionality. Garrett joins Keith and Paul this week for an interview!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode35

Visit https://www.securityweekly.com/asw for all the latest episodes!

www.rapid7.com/securityweekly

Follow us on Twitter: https://www.twitter.com/securityweekly

In the Application Security News, Git Project patches Remote Code Execution Vulnerability, Google is Shutting Down Google+ after 500k accounts potentially affected by a data breach, Facebook wants people to Invite its cameras into their homes, GitHub introduces user blocking notifications, DevOps producing more insecure apps than ever, Climate Change being taught on Fortnite Twitch stream, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode35

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

This week, Michael and Paul talk about the Article Discussion on Leadership, Communication, and Innovation! They discuss how to automate habits and never think about them again, why it’s important to explain to employees that organizational changes are coming, how journaling can boost your leadership skills, why you need to tell them why, and more on this episode of Business Security Weekly!

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode102

New Apple and Microsoft security flaws at Black Hat Europe, CCTV makers leaves at least 9 million cameras public, upset Google+ users are sueing Google, US weapons systems apparently can be easily hacked, not all multifactor authentication is created equal, and Kanye's '000000' password makes iPhone security great again!

Full Show Notes: https://wiki.securityweekly.com/Episode578

Follow us on Twitter: https://www.twitter.com/securityweekly

Lee Neely is a senior IT and security professional at LLNL with over 25 years of extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions.

Full Show Notes: https://wiki.securityweekly.com/Episode578

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Omer is End-Point team lead at Javelin Networks. The team focuses on methods to covertly manipulate OS internals. Before Javelin Networks, he was a malware researcher at IBM Trusteer for two years focusing on financial malware families and lectured about his research on Virus Bulletin and Zero Nights conferences.

Full Show Notes: https://wiki.securityweekly.com/Episode578

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Doug White interviews Mark Russinovich at Microsoft Ignite. Doug and Mark talk about Azure Confidential Computing, Mark's book Zero Day, and Azure security.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode110

Visit http://securityweekly.com/esw for all the latest episodes!

Splunk unveils first IoT platform for customers, Palo Alto Networks acquires RedLock to build out Cloud Security Tech, KnowBe4 boosts security awareness training with Virtual Risk Officer, Symantec brings workload assurance security to the Cloud, and more!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode110

Visit http://securityweekly.com/esw for all the latest episodes!

Mimecast offers free training kit as part of Cybersecurity Awareness Month, Microsoft will finally kill off the old Skype client (for real this time), Security startup Tanium raises another $200 million at a $6.5 billion valuation, LogRhythm receives patent for data monitoring tech, Tufin launches first of its kind program for MSSPs, three reasons why BlackBerry stock is potentially about to soar, and more!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode109

Visit http://securityweekly.com/esw for all the latest episodes!

Mike Gordover is a Pre-Sales manager and solutions architect at ObserveIT. He has been at ObserveIT consulting on insider threat management for 5 years, working hands on with over 300 deployments, and working with researchers and analysts on strategies to mitigate internal risk. Paul and John talk with Michael about the current perception in the market of DLP, how ObserveIT’s solutions differ from traditional DLP, what challenges he faces when combating insider threats, and much more!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode109 ObserveIT Landing Page: www.observeit.com/securityweekly

Visit http://securityweekly.com/esw for all the latest episodes!

Facebook discloses the loss of at least 50M Access Tokens also covered by Motherboard Formjacking is on the rise, Google admits to allowing hundreds of companies read your email, FireFox Monitor will alert you when your accounts have been Pwned, Microsoft releases MS-DOS v1.25 and v2.0 as Open Source, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode34 Follow us on Twitter: https://www.twitter.com/securityweekly

Michael, Paul, and Jason discuss how to develop empathy for someone who annoys you, separating the quality of the outcome and quality of the decision, and much more!

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode101

Attend local meetups and conferences, practice your coding skills, get educated by World Class security researchers, do your homework, there's no substitute for Practice, OWASP Juice Shop, and much more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode34 Follow us on Twitter: https://www.twitter.com/securityweekly

Michael and Paul ask Jason how to become a better business. Jason explains how to run your security team as in a 'fish bowl', and how to apply this technique to your clients and their business.

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode101

Michael and Paul discuss the tools that have helped them in their business. They talk about the books they've read, the interviews that helped them the most, and the journey from Startup Security Weekly to Business Security Weekly!

In the security news, Russian Hackers use Malware that can survive OS reinstalls, Facebook’s 2-Factor authentication With a phone number isn’t only for security, it’s used for ads ,FBI warns companies about hackers increasingly abusing RDP connections, NSA employee who brought hacking tools home sentenced to 66 months in prison, new Linux Kernel Bug affects Red Hat, CentOS, and Debian Distributions, and Baddies just need one email account with clout to unleash phishing hell, and more!

Full Show Notes: https://wiki.securityweekly.com/Episode577

Visit https://www.securityweekly.com/psw for all the latest episodes! 

Carlos Perez delivers the Technical Segment on How to Operate Offensively Against Sysmon. He talks about how SysMon allows him to create rules, and track specific types of tradecraft, around process creation and process termination. He dives into network connection, driver loading, image loading, creation of remote threats, and more!

Full Show Notes: https://wiki.securityweekly.com/Episode577

Visit https://www.securityweekly.com/psw for all the latest episodes! 

Mike Nichols is the VP of Product Management at Endgame, and he manages the Endgame endpoint protection platform. Keith McCammon is the Chief Security Officer and Co-Founder of Red Canary, and he runs Red Canary’s Security Operation Center. Shawn Smith is the IT Security Manager at Panhandle Educators Federal Credit Union. They discuss the problems Shawn had that led him to choose Red Canary and Endgame as his solution, skill shortages in vendors, what he did to convince his management to approve of this solution, and what his process for testing the effectiveness of these solutions was.

Full Show Notes: https://wiki.securityweekly.com/Episode577

Visit https://www.securityweekly.com/psw for all the latest episodes! 

In the Enterprise News this week, Bomgar to be renamed BeyondTrust after acquisition from PAM vendor, Rapid7 looks to SOAR with InsightConnect Automation Platform, DigiCert, Gemalto, and ISARA Partner on Quantum-Safe Encryption, Symantec extends Data Loss Prevention Platform with DRM, ExtraHop announces the availability of Reveal(x) for Microsoft Azure, Attivo brings cyber security deception to containers and serverless, and more!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode108

Visit https://www.securityweekly.com/esw for all the latest episodes!

Visit http://securityweekly.com/esw for all the latest episodes!

Paul and Matt sit down this week to discuss Threat and Vulnerability Management, the value it has, and the different players that deal with it in the Enterprise. They delve into Cloud and Application Security’s impact on vendors, and who they need to look at for potential integrations or acquisitions.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode108

Visit https://www.securityweekly.com/esw for all the latest episodes!

Visit http://securityweekly.com/esw for all the latest episodes!

In the Application Security News, Hackers stole customer credit cards in Newegg data breach, John Hancock now requires monitoring bracelets to buy insurance, the man who broke Ticketmaster, new security settings available in iOS 12, State Department confirms data breach exposed employee data, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode33

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Ron started his cybersecurity career as a network penetration tester for the NSA, and is the Founder of Tenable and Gula Tech Adventures. He joins Keith and April for an interview to talk about security in the upcoming elections, how to maintain separation of duties, attack simulation, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode33

Follow us on Twitter: https://www.twitter.com/securityweekly

In the second part of Scott’s interview, Michael and April talk with him about ICS security, communication, and building relationships! They discuss the best practices to understand how these systems work, holding accountability, common goals, and how legal and security share common goals!

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode100

Scott brings a unique mixture of hands-on experience in incident response, penetration testing, forensics, operations, architecture, engineering, and executive leadership as a former Chief Information Security Officer (CISO) to the Rapid7 Advisory team. He talks about his role at Rapid7, why he joined the company, how to integrate security better into an organization, and what he recommends to people who need to break the ice and get their first meeting started!

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode100