Jorge Salamero is the Director of Technical Marketing at Sysdig. Jorge enjoys playing with containers and Kubernetes, home automation and DIY projects. Currently, he is part of the Sysdig team, and in the past was a Debian developer. When he is away from computers, you will find him walking with his 2 dogs in the mountains or driving his car through a twisted road.

To learn more about Sysdig, visit: https://securityweekly.com/sysdig Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode630

Equifax nears 'historic' data breach settlement that could cost up to $3.5B, Maryland Again Amends its Data Breach Notification Law, Hidden Complexity is Biggest Threat to Compliance , Data Security Remains Top IT Concern for Small Businesses and Others, A Compliance Carol: A visit from the Ghost of Compliance Past, and more!

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode10

Barracuda launches Cloud Security Guardian integration with Amazon Detective, Booz Allen Hamilton announces support for AWS Outposts, 10 Notable Cybersecurity Acquisitions of 2019, Part 2, Sophos launches new cloud-based threat intelligence and analysis platform, and much more!

Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode165

Laura Jones is the author of a children’s book titled Cyber Ky & Tekkie Guy Manage the Risk of Being Online. She focuses on children being as 'appropriately informed' as they are comfortable with using technology. Her book introduces real terms, definitions and careers to young people. Laura joins Jeff and Scott to discuss Orienting Younger Children to Cyber and Tech!

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode10

In-depth protection is a matter of basic hygiene, 4 strategies to find time for yourself, Enterprises muddled over cloud security responsibilities, and Screw Productivity Hacks: My morning routine is getting up late!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/BSWEpisode155

In the Application Security News, GitHub Seeks Security Dominance With Developers, IoT and Agile Framework Partners in Efficacy, WhiteSource acquires & open sources Renovate dependency update tool set, and Java vs. Python: Which should you choose? So stay tuned, for Application Security Weekly!

Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode88

Allan Friedman is the Director of Cybersecurity Initiatives of NTIA (National Telecommunication and Information Administration) US Dept of Commerce. The problem: unknown software supply chain. Following a newly identified software risk, very few firms can answer the simple question: Am I affected? An overview of the solution: what is an SBOM, and how is it used. Where we are: some background on why the govt is doing this, the results thus far, and where we are going next. Potential to discuss regulation, govt policy, etc.

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ASWEpisode88

Netflix: BPF is a new type of software we use to run Linux apps securely in the kernel, Automated security tests with OWASP ZAP, HackerOne Breach Leads to $20,000 Bounty Reward, US-CERT AA19-339A: Dridex Malware , and much more!

Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode629

Micah Hoffman is the Principle Investigator at Spotlight Infosec. Looking to increase the publicity of using Open Source Intelligence (OSINT) in traditional cyber fields like pentest, DFIR, and cyber defense. Just created a new non-profit called The OSINT Curious Project (https://osintcurio.us) that is a clearinghouse for excellent OSINT information and resources.

Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode629

Heather Paunet is the VP of Product at Untangle. Untangle is releasing an SD-WAN Router, which has advanced routing capabilities and provides the ability for a business to build a comprehensive, secure Software Defined Network at a fraction of the cost. Our SD-WAN Router provides interoffice connectivity across multiple sites, optimizes the internet over existing infrastructure and prioritizes business critical application to maximize employee productivity.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode164

Eric Brown is the Sr. Security Analyst at LogRhythm. Eric will cover topics including: Phishing Trends, 2020 Outlook, Top 4 Types Eric is seeing: Exec Phish / Legit websites (Box/sites.google/OneDrive) / Fake O365 / HTML attachment, Use of/upload to VirusTotal, Value of Incident Response and Playbooks, Value of Training baseStriker, Has it been patched? Or just now detectable?, and Hunting Phish Kits.

To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/PSWEpisode629

Ferruh Mavituna is the CEO at Netsparker. Ferruh will be talking about How to start building a web security program and a realistic approach to starting a web security security program in enterprises. To learn more about Netsparker, visit: https://securityweekly.com/netsparker

Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode164

Companies Need to Rethink What Cybersecurity Leadership Is, What Companies That Are Good at Innovation Get Right, Staff in smaller businesses bogged down by poor communications, Why You Should Be Sending More Video Emails … And How To Record Them, Enterprises muddled over cloud security responsibilities, and Top tech conferences to attend in 2020.

Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode154

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains, Sentara Hospitals to pay $2.2M HIPAA settlement for undisclosed data breaches, Privacy Regs Changing the Face of Cybersecurity, TrueDialog Leaks 600GB of Personal Data, Affecting Millions, CFTC Fines Goldman Sachs $1 Million for Failing to Record Calls Global Cops Shut 31,000 Domains in IP Crackdown, and more! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode9

In the news, Mimecast Challenges Shadow IT for Cloud App Usage on Mobile and Desktop Devices, CloudKnox Security Announces Integration with AWS IAM Access Analyzer, Morphisec Achieves AWS Security Competency Status for Cloud Server Workload Protection, and more!

Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode164

Mathieu Gorge is the CEO at Vigitrust. The approach that business leaders need to take in developing payment risk strategies, linking, PCI, ISO, GDPR, CCPA, SCA.

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode9

Analysis of Jira Bug Stresses Impact of SSRF in Public Cloud, DevSecOps Adoption and the Web Security Myth, Facebook, Twitter profiles slurped by mobile apps using malicious SDKs, Firefox gets tough on tracking tricks that sneakily sap your privacy, and Decoding the Modern Enterprise Software Spaghetti.

Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode87

Ward Cobleigh is the Sr. Product Manager at VIAVI Solutions. In a very recent study, 65% of responding organizations reported a shortage of cybersecurity staff, with a lack of skilled or experienced security personnel their number one workplace concern (36%). To help fill this void, there is a very real and still growing need to cross-train existing professionals and teams whenever possible. How achievable is this goal? Can we really take the typical NetOps skillset, combine it with the data sources that are typically available to them, and apply this to the SecOps skills gap? This Business Security Week Podcast will answer these questions and include a demonstration of how a performance analysis platform can be used to quickly and efficiently identify threats.

Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode154

Sandy Carielli is the Principal Analyst at Forrester Research. Discuss the impact of good and bad bots on enterprises and how it is both a security and customer experience problem. Review how the bot management marketing is evolving and how WAFs are buying up or partnering with bot management tools to expand their reach.

Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode87

From Fortune 500 to Education, from startup to running a consulting firm, Brendan's experience in information security has served him well. It all started with his boss speaking outloud about how they 'needed to get someone to handle security', and deciding he wanted to be that someone. Now a CISSP, CISM, and a couple of decades, and many industry changes, later he is still at it. Brendan joins Matt and Paul this week to discuss Patch Management, and how using Automox is helping him in the space!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode163

Cloudflare Open-Sources its Network Vulnerability Scanner, Qualys brings its Market Leading Vulnerability Management Solution to the next level, and some acquisition and funding updates from Palo Alto, Cymulate, Detectify, and Perimeter 81!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode163

Kenneth F. Belva, CISSP, CEH is a cyber security expert practicing in the field since 1998 serving in both technical and non-technical roles. Ken joins Matt and Paul today to talk about Why scanning for default credentials missing from the rest of the scanning vendors! The problem of default and weak credentials. Why they're still low hanging fruit after all these years. And new solutions to detecting default and weak credentials on the network.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/ESWEpisode163

Russell and Jim will discuss security and compliance specifically for small businesses where they have been involved with audit and compliance including NIST 800-171, 800-53 (FISMA) and SOC, and how to achieve decent security and meet compliance requirements with limited staff and resources.

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode8

Russell and Jim will discuss security and compliance specifically for small businesses where they have been involved with audit and compliance including NIST 800-171, 800-53 (FISMA) and SOC, and how to achieve decent security and meet compliance requirements with limited staff and resources.

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode8

Nate Fick is the GM of Elastic Security. Earlier this month, Elastic announced a radical change to how endpoint protection is offered, doing away with per-endpoint pricing. We'd like to spend 5-10 mins talking about why, and the remainder of the show talking about a topic Nate has talked and written about extensively: organizational cybersecurity. Cybersecurity has historically been perceived as an enigma - a world of hackers lurking in the shadows - which reinforces the idea that the only way to stop them is with highly trained security experts at large enterprises with multi-million dollar budgets. To learn more about Elastic Security, visit: https://securityweekly.com/elastic

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/BSWEpisode153