@mzbat is a frequent speaker at hacker conferences, and likes to help folks prepare for job searches by performing mock interviews and resume reviews.

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode34

Director of Security Engineering at Truss.

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode34

In the Leadership and Communications section, Profile of the Post-Pandemic CISO, Time to rethink business continuity and cyber security, Protecting Remote Workers’ Productivity and Performance, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/BSWEpisode179

It's time to come out and say it: "response" means something different to every category in cybersecurity. Yet, it's broadly used with little industry definition. In endpoint detection and response (EDR) systems, "response" refers to a prescriptive set of actions that can be taken with little to no human intervention. For example, if suspicious activity occurs on a device, that device can be automatically quarantined by the EDR tool. In network detection and response, "response" is more broad. The network is too vast and interconnected for blunt responses and therefore requires more surgical precision and investigation.

To request a demo with ExtraHop, visit: https://securityweekly.com/extrahop

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/BSWEpisode179

Would you like some RCE with your Guacamole?, Attackers Will Target Critical PAN-OS Flaw, Security Experts Warn, Microsoft releases emergency security update to fix two bugs in Windows codecs, The Current State of Kubernetes Threat Modelling, and How To Build a Culture of Resilience Through Good Habits!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ASWEpisode113

What do you do if your ambition is to provide security for all the mobile apps in the world? You hire a data scientist! Machine Learning is more than just a buzz word, it is the science behind making decisions quickly and at scale. Catherine Chambers returns to Application Security Weekly with Irdeto's lead data scientist Will Hickie to describe how they turned Mobile Application Security into a data science problem, and what that means for your mobile app.

To download the white paper, visit: https://securityweekly.com/irdeto

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ASWEpisode113

Cisco Releases Security Advisory for Telnet Vulnerability in IOS XE Software, Firefox 78 is out with a mysteriously empty list of security fixes, Python Arbitrary File Write Prevention: The Tarbomb, New Lucifer DDoS Botnet Targets Windows Systems with Multiple Exploits, Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking, and how The Internet is too unsafe, and why We need more hackers!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/PSWEpisode656

With bug bounties becoming more and more main stream for organizations. The bounty hunters are turning to more and more automation. Open source intelligence gathering can be automated with the use of python and a handful of other opensource tools such as Recon-NG, Amass, and others.

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/PSWEpisode656

Hackers know that more people are working from home now and accessing/ sending/ sharing sensitive company data through their home networks. How can businesses help employees secure their home networks?

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/PSWEpisode656

Given the huge demand for cybersecurity professionals, how can we improve the hiring process to find those who are talented, but may not have an extensive resume? Let's discuss how CTF-style exercises can be used to help enterprises cast a wider net and find more diverse and qualified talent with low friction.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode189

Discussing HITRUST compliance in small and medium environments and how to use automation and scalable practices in the cloud to be both compliant and secure.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode189

Semperis adds vulnerability assessment, security reporting, and auto-remediation to its DSP, AWS launches Amazon Honeycode to help quickly build mobile and web apps without programming, Attivo Networks Advanced Protection Disrupts Ransomware 2.0, Improved threat visibility, defense and protection across social platforms with SafeGuard 7.6, and more!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode189

Cloud Security for a Dynamic Environment, Why identity-based, distributed controls are better suited to address cloud-era threats, Top Cloud Security Challenges in 2020, Exposed Cloud Databases Attacked 18 Times Per Day, and more!

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode33

Taking a deeper look into moving PCI related resources into cloud platforms. Public cloud, private cloud, do's, don'ts and can'ts! We will explore key considerations and impacts to security compliance and responsibilities related to cloud.

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode33

In the leadership and communications section, Why Cybersecurity Is Really A Business Problem, 6 Reasons Your Strategy Isn’t Working, 5 cities with the highest tech salaries, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/BSWEpisode178

As part of our CISO interview series, we'll ask Graeme our standard questions, including: How did you get started in security?, What security problems do you face on a daily basis?, How have you solved your challenges?, Where do you report within the organization? And any other advice or recommendations for other CISOs.

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/BSWEpisode178

DLL Hijacking at the Trend Micro Password Manager, Adobe Prompts Users to Uninstall Flash Player As EOL Date Looms, The State of Open Source Security 2020, Microservices vs. Monoliths: Which is Right for Your Enterprise?, What Modern CI/CD Should Look Like, and Build trust through better privacy!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ASWEpisode112

Teams building Infrastructure as Code still need to ensure that the infrastructure deployed matches the code they created. Not only can IaC help establish secure environments, analyzing that code can help identify when environments have drifted from security baselines or even highlight when misconfigurations lead to exploitable vulns.

To learn more about Accurics, visit: https://securityweekly.com/accurics

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ASWEpisode112

Despite running the mission-critical applications that power your business, ERP applications, such as SAP and Oracle E-Business Suite, and their custom code are often a cybersecurity blind spot. In this podcast, we’ll be discussing how missing patches, misconfigurations, issues with custom code and other vulnerabilities are leaving your most important data and applications unprotected—and what to do about it.

To request a complimentary assessment, visit https://securityweekly.com/onapsis

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode188

Paul, Matt, and Ferruh discuss the differences between DAST and other approaches such as SAST and IAST! They will debunk some common DAST myths and then follow-up on their last conversation and discuss Short-Term Vulnerability Management Tools!

To learn more about Netsparker, visit https://securityweekly.com/netsparker

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode188

BeyondTrust Announces Integration with the SailPoint Predictive Identity Platform, Check Point Launches CloudGuard Cloud Native Security, CyberArk Alero enhancements provide secure privileged access for remote users, Digital Shadows announces new capabilities to identify and remediate unwanted code exposure, and more!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode188

Jeff, Matt, Scott, and Josh continue the conversation and talk "How to Become an InfoSec Professional With Limited Resources"!

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode32

Jeff, Matt, Scott, and Josh talk "What Is An InfoSec Professional?"!

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode32

In the Leadership and Communications section, Five signs a virtual CISO makes sense for your organization, How to Negotiate — Virtually, Why Securing Endpoints Is The Future Of Cybersecurity, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/BSWEpisode177

The recent pandemic has been a financial burden across the country while also forcing businesses to transition to a work from home environment where IT and security departments were tasked with making sure their security infrastructure were prepared. As the country slowly begins to reopen, organizations may not have the necessary funds to spend on areas of their business, including security. Knowing what security best practices to prioritize can help organizations reduce risks, while getting back to work, without breaking the bank.

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/BSWEpisode177