The pain caused by bad pricing models in cybersecurity and analytics tools Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode175

Neustar's enhanced UltraDNS capabilities boast greater capacity, global reach and security, WatchGuard acquires Panda Security to expand endpoint capabilities, Ping Identity launches two hybrid IT focused solution packages, and Fortinet updates FortiOS & launches next-gen firewall product! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode175

How we breakdown the categories in information security. We look at the major areas of infosec and how they relate to your security programs and the vendors/technologies in each category. Our category breakdown will be used to label each segment we produce and allow subscribers to select categories of interest!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/BSWEpisode165

The goal of the show is to explore all the attitudes and impressions between security and compliance regardless of where you stand. for security folks - how to navigate compliance to promote security; for compliance folks - to expose them to the depth of research/knowledge/capabilities of the hacker community. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode20

The goal of the show is to explore all the attitudes and impressions between security and compliance regardless of where you stand. for security folks - how to navigate compliance to promote security; for compliance folks - to expose them to the depth of research/knowledge/capabilities of the hacker community. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode20

CVE-2020-0688 Losing the keys to your kingdom, which is why Multiple nation-state groups are hacking Microsoft Exchange servers, Revoking certain certificates on March 4 and Why 3 million Let’s Encrypt certificates are being killed off today, Gandalf: An Intelligent, End-To-End Analytics Service for Safe Deployment in Large-Scale Cloud Infrastructure and slides, CISOs Who Want a Seat at the DevOps Table Better Bring Value. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode99

In the leadership and communications section, CISOs who leave after 2 years may not finish what they start, Most CISOs ready to move jobs if something better comes along, A New Framework for Executive Compensation, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode165

Guy Podjarny (@guypod) is Snyk's Founder and President, focusing on using open source and staying secure. Guy was previously CTO at Akamai following their acquisition of his startup, Blaze.io, and worked on the first web app firewall & security code analyzer. Guy is a frequent conference speaker & the author of O'Reilly "Securing Open Source Libraries", "Responsive & Fast" and "High Performance Images". Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode99

Apache Tomcat AJP exploit, malware in AWS, hacker movies and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode642

How SHAKEN/STIR and PKI will end the global robocall problem Link to an article Mark wrote for Dark Reading: https://www.darkreading.com/endpoint/shaken-stir-finally!-a-solution-to-caller-id-spoofing/a/d-id/1336285 Link to landing page with more info: https://www.pkisolutions.com/shakenstir/ Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode642

Active Directory & Microsoft Cloud (Azure AD & Office 365) Security, including a breakdown of Microsoft's security offerings and recommendations for cloud migrations for Active Directory.

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/PSWEpisode642

Dashboards are a great way to enable junior security analysts to be more effective when trying to discover security events. Cory Thuen is the Founder and CEO of Gravwell, and they want to your logs, all of your logs. Gravwell's solution allows you to run queries and create dashboards that lead to actionable events. Cory explains how this works and even how customers are using Gravwell to collect logs on-premise and in the cloud. Vulnerabilities and exposures come from many different sources. Plextrac allows you to bring in data from anywhere and track those findings across your entire organization. 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode174

It is no secret that elections are under constant attack. Attacks take many shapes and forms, from dis-information to malware to denial of service, its all in play as adversaries look to disrupt enemy infrastructure. Tod Beardsley, Director of Research at Rapid 7 brings unique and insightful perspectives on this topic as he is analyzing data from scans of the entire Internet and monitoring over 250 honeypots.Mike Nichols, Head of Product at Elastic, discusses election security and their partnership with the DDC to offer 2020 campaigns free security. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode174

News from Nozomi Networks, Code42, CrowdStrike, SCYTHE, Palo Alto Networks, Gurucul, SentinelOne and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode174

Health compliance measures to improve pandemic recovery and reduce issues, World Bank pandemic awareness, Is coronavirus not a flu?, Dear passwords: Forget you. Here's what is going to protect us instead, Cyber insurance coverage reflects a changing threat landscape, and the greatest contest ever – privacy versus security.

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode19

Reflections on RSAC! Let's talk about the grand festival of infosec consumerism that is RSA Conference! Was it worth catching the Coronavirus? And if so, did you use a lime!?

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode19

Dan discusses his upcoming 2-day workshop at InfoSec World. The workshop is a "deep survey" into all things DevSecOps. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode98

CVE-2020-1938: Ghostcat vulnerability in the Tomcat Apache JServ Protocol. IMP4GT: IMPersonation Attacks in 4G NeTworks demonstrates a proven insecurity on a layer above provably secure protocol, Boeing implementing more rigorous testing of Starliner after software problems shows how problems in cloud computing will be just the same in star systems, APIs are becoming a major target for credential stuffing attacks and don't have to target the login workflow, SSL/TLS certificate validity chopped down to one year by Apple’s Safari and how this can drive secure DevOps behaviors, and 5 key areas for tech leaders to watch in 2020. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode98

We found some cool stuff at RSAC 2020! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode641

Gabriel Gumbs and the Security Weekly crew discuss strategies for protecting your data. We will explore practical use-cases for needing to manage access and protect your data as it pertains to security and compliance. Protect what matters most. Visit https://securityweekly.com/spirion for more information. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode641

There are many myths, legends and fables in hacker history. One of the themes of these legends surrounds some of the first red team hackers working for the US Government out of NSA. The building where they worked was called "The Pit". Jeff Man sits with us for this segment to talk about, where he can, the history and events that transpired during his tenure with the NSA.

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/PSWEpisode641

This interview will cover the idea of Shadow Risk and why it's something your organization can’t ignore. Specifically, we'll talk about why your security efforts have to start with mapping and managing your attack surface, how that's gotten harder with digital transformation, and how legacy approaches to addressing the problem -- including vulnerability management and penetration testing -- and even more recent approaches like Security Ratings Services, are out of touch with your IT infrastructure and, worse still, lag behind the way attackers operate.

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/BSWEpisode164

Jinan Budge, Principal Analyst at Forrester, discusses CISO Leadership, Security Culture, and the Evolving Role of the CISO.

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/BSWEpisode164