Info

Security Weekly Podcast Network (Video)

This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
RSS Feed Subscribe in Apple Podcasts
Security Weekly Podcast Network (Video)
2024
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: Page 8
Nov 16, 2023

Once again, Theresa Lanowitz joins us to discuss Edge Computing, but with a twist this time, as Mani Keerthi Nagotu from SentinelOne joins us as well! As a field CISO, Mani knows all too well the struggles security leaders are going through, given the current market and threat landscape:

  • Maybe not less budget, but more pressure to produce results and justify spending
  • Security leaders being held personally accountable for performance
  • Potential layoffs, and the need to achieve the same goals with less labor and tool overhead

Segment Resources

This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecurity to learn more about them!

Show Notes: https://securityweekly.com/esw-340

Nov 16, 2023

In the Security News: SSH under attack, IoT routers have vulnerabilities, the BLE Spam attacks still work against iPhones, there is a longer story behind BLE spam, and Larry is one of the stars, denial of pleasure via BLE, vulnerability disclosure and your blob is showing, the half-day watcher, tapping into cameras, 50 shades of vulnerabilities, Nuclear decay as a random number generator, cachewarp, reptar, attacking Danish critical infrastructure, you can’t patch a house of cards (and your bitcoin may be at risk), All that and more on this episode of Paul’s Security Weekly!

Show Notes: https://securityweekly.com/psw-807

Nov 16, 2023

Attackers pursue the shortest path to achieve their goals in your app. With a tri-layered security architecture, you can force hackers to crawl through a triathlon in your app. What’s in the three layers, to detect attacks sooner, slow attackers down, and stop them fast? Let’s take a journey across the three layers and discuss how to gain control of user permissions, secure your cloud computing, and keep your customers and their users safe.

Show Notes: https://securityweekly.com/psw-807

Nov 14, 2023

CNCF's releases a handbook on fuzzing, OpenSSF and OWASP respond to CISA's Open Source Software Security RFI, 14 years of Go, lessons for today from an internet worm from 35 years ago, and more!

Show Notes: https://securityweekly.com/asw-263

Nov 14, 2023

In the rapidly evolving landscape of application security, 2023 brought significant changes with the rise of generative AI tools and an increase in automated threats. In this discussion, Karl Triebes takes a deep dive into the major trends of the past year, examining their impact on the industry and shedding light on what security professionals can anticipate moving forward into 2024.

This segment is sponsored by Imperva. Visit https://securityweekly.com/imperva to learn more about them!

Show Notes: https://securityweekly.com/asw-263

Nov 14, 2023

Inspired by my co-host, Jason Albuquerque, we get our hands dirty and discuss the challenges of cyber risk management. Why is cyber risk management so elusive and what can we do to solve it?

In part 2, we get our hands dirty by walking through ways to quantify cyber risks in business terms. What risks are truly worth mitigating vs. accepting or transferring? And if we do mitigate them, how do we track progress and impact?

Show Notes: https://securityweekly.com/bsw-328

Nov 13, 2023

Inspired by my co-host, Jason Albuquerque, we get our hands dirty and discuss the challenges of cyber risk management. Why is cyber risk management so elusive and what can we do to solve it?

In part 1, we discuss the challenges of cyber risk management and quantification. Do risk scores really work? What do CEOs and Boards really need to understand cyber risks?

Show Notes: https://securityweekly.com/bsw-328

Nov 10, 2023

During the news today, we went deep down the rabbithole of discussing security product efficacy. Adrian still doesn't believe in enterprise browsers beyond Google Chrome, but can't deny that Talon got a pretty favorable exit considering the state of the market. We see the first major exit for cybersecurity insuretechs, and discuss a few notable funding rounds.

We discuss Kelly Shortridge's essay on the origins and nature of the term "security" and what it means. Stephen Schmidt suggests 6 questions every board should ask their CISO, we explore Cyentia Labs' meta analysis of MITRE ATT&CK techniques, and Phil Venables shares some hilarious takes on infosec stereotypes.

Show Notes: https://securityweekly.com/esw-339

Nov 10, 2023

Fakes, Sysaid, Sumo, farnetwork, CPU-Z, Google, Chat-GPT, Aaran Leyland, and More News on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-341

Nov 10, 2023

We've reached an inflection point in security. There are a handful of organizations regularly and successfully stopping cyber attacks. Most companies haven't gotten there, however. What separates these two groups? Why does it seem like we're still failing as an industry, despite seeming to collectively have all the tools, intel, and budget we've asked for?

Kelly Shortridge has studied this problem in depth. She has created tools (https://www.deciduous.app/), and written books (https://www.securitychaoseng.com/) to help the community approach security challenges in a more logical and structured way. We'll discuss what hasn't worked for infosec in the past, and what Kelly thinks might work as we go into the future.

Show Notes: https://securityweekly.com/esw-339

Nov 9, 2023

Today, we discuss the state of attack surface across the Internet. We've known for decades now that putting an insecure service on the public Internet is a recipe for disaster, often within minutes. How has this knowledge changed the publicly accessible Internet? We find out when we talk to Censys's Aidan Holland today.

Show Notes: https://securityweekly.com/esw-339

Nov 9, 2023

Do people still use mainframes? IoT and firmware security, Apple Find my, Bluetooth is the gift that keeps on giving, to hackers that is, and more!

Show Notes: https://securityweekly.com/psw-806

Nov 9, 2023

Austin spends the majority of his time thinking about ways to abuse LLMs, the impact of the attacks, and the effects on society. He brings a truly unique perspective to the way to use, attack, and verify output from AI LLM models. Whether you are just learning the ins and outs of LLMs or you were an early adopter, this segment is for you!

Show Notes: https://securityweekly.com/psw-806

Nov 7, 2023

Details of the Citrix Bleed vuln, exploitation of the Atlassian improper authorization vuln, so many jQuery installations to upgrade, the price of bounties and the cost of fixes, Microsoft's Secure Future Initiative, and more!

Show Notes: https://securityweekly.com/asw-262

Nov 7, 2023

Grok, Okta, Looney Tunables, HelloKitty, Gootbot, Veeam, More News and Jason Wood, on this edition of the Security Weekly News

Show Notes: https://securityweekly.com/swn-340

Nov 7, 2023

A lot of appsec conferences have presentations for appsec audiences -- but that's not often the group that's building apps. What if more developer conferences had appsec content? We talk with Josh about security from the developer's point of view, both as an audience hearing about it and as a presenter talking about it. We discuss the importance of knowing your audience and finding the hooks in security tools and topics that can resonate with developers.

Segment resources:

Show Notes: https://securityweekly.com/asw-262

Nov 7, 2023

In the leadership and communications segment, SolarWinds Is A Game Changer - You Cannot Sugarcoat Cybersecurity, Rethinking CISO Accountability: A Call for Balance in Cybersecurity Leadership, How to improve communication in the workplace: Strategies for enhanced productivity, and more.

Show Notes: https://securityweekly.com/bsw-327

Nov 6, 2023

It's time to review the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. We also update you on the Security Weekly 25 index. The index is rebounding, but there's a long way to go to get back to the top.

Show Notes: https://securityweekly.com/bsw-327

Nov 3, 2023

Oh, the HARror! Sanitizing HAR files is not as easy as some might lead you to believe. CISA funds Cyber.org for K-12 cyber education and ORNL creates a Center for AI Security Research (CAISER). Cloudflare creates a tool out of spite, and CISA creates a tool you shouldn't use in production? Biden's EO on "Safe, Secure, and Trustworthy AI" and the Top Five Things you need to know about how GenAI is used in Security Tools.

Five lessons learned form Okta's latest breach, should ransom payments be illegal, and why ransomware victims can't stop paying ransoms. We discuss the impact of the charges made against Solarwinds and its CISO by the SEC, the 2023 ISC2 Cybersecurity Workforce Survey, and Microsoft's latest open letter on security.

Finally we wrap up discussing a delicious $8M Series A for better bagels!

Show Notes: https://securityweekly.com/esw-338

Nov 3, 2023

Bots, Citrix, Mitre, Solarwinds, Naked Nudes, Scarlett, Aaran Leyland, and More News on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-339

Nov 3, 2023

There is little to no organization of data within companies in 2023. We're all guilty of this at some level. The download folders and desktops on our personal machines are a mess. File servers, and cloud storage services are a mess. In Microsoft's recent data leak, AI researchers even had PC backups stored along side machine learning models for whatever reason.

Data is hard to classify, organize, and monitor. By designing for convenience, we've created convenience debt that now has to be paid down. In this segment we talk to Jackie McGuire about what needs to happen to accomplish this, at the enterprise level, and at scale.

Even if we can one day address the challenge of tracking and labeling data, we'll still have the challenge of addressing data integrity and resilience, which we'll also discuss if we have time!

Segment Resources: https://www.darkreading.com/risk/it-s-time-to-assess-the-potential-dangers-of-an-increasingly-connected-world-

Show Notes: https://securityweekly.com/esw-338

Nov 2, 2023

In this segment, we discuss the current state of the market recovery with Hank Thomas, founder of Strategic Cyber Ventures.

We've got market questions, like:

  • What has changed in the last year?
  • Are IPOs coming back any time soon?
  • How large is the cybersecurity death pool?
  • What do early and mid-sized startups need to do to survive in the current market?

Show Notes: https://securityweekly.com/esw-338

Nov 2, 2023

In the Security News: If an exploit falls in the forest do I still need to patch?, Reflections on trusting trust: the source code revealed, prompt injection in your resume, iPhones be updating, a deep dive into vulnerable kernel drivers and wiping SPI flash, cheap to exploit software, to ransom or steal?, oh OAuth, Florida man, door bell shenanigans, don’t pay the ransom, the White House and AI, and quantum teleportation via measurement-induced entanglement. All that and more on this episode of Paul’s Security Weekly!

Show Notes: https://securityweekly.com/psw-805

Nov 1, 2023

AI/ML is providing significant benefits in a wide range of application domains but also provides adversaries with a new attack surface. Learn about DARPA's efforts to help evaluate AI/ML and work towards a trust model that will allow us to use these valuable tools safely.

Segment Resources:

Show Notes: https://securityweekly.com/psw-805

Oct 31, 2023

OAuth implementation failures, the State of DevOps report, data poisoning generative AIs with Nightshade, implementing spectre attacks with JavaScript and WebAssembly against WebKit, sandboxing apps

Show Notes: https://securityweekly.com/asw-261

1 « Previous 5 6 7 8 9 10 11 Next » 160