Security Weekly Podcast Network (Video)
4,006 episodes - English - Latest episode: 11 days ago - ★★★★★ - 34 ratingsThis feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Combadges, SISENSE, Microsoft, CISA, Lastpass, Palo Alto, Broadband, Aaran and More - SWN #377
April 12, 2024 19:27 - 30 minutes - 137 MB VideoCombadges, SISENSE, Microsoft, Malware Next-Gen, Lastpass, Palo Alto, Broadband, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-377
The AI-est news segment ever, now with even more AI! - ESW #357
April 12, 2024 09:00 - 1 hour - 300 MB VideoThis week, Tyler and Adrian discuss Cyera's $300M Series C, which lands them a $1.4B valuation! But is that still a unicorn? Aileen Lee of Cowboy Ventures, who coined the term back in 2013, recently wrote a piece celebrating the 10th anniversary of the term, and revisiting what it means. We HIGHLY recommend checking it out: https://www.cowboy.vc/news/welcome-back-to-the-unicorn-club-10-years-later They discuss a few other companies that have raised funding or just come out of stealth, inc...
Why Is Your TV & NAS On The Internet? - PSW #824
April 11, 2024 21:00 - 1 hour - 526 MB VideoAhoi new VM attacks ahead! HTTP/2 floods, USB Hid and run, forwarded email tricks, attackers be scanning, a bunch of nerds write software and give it away for free, your TV is on the Internet, Rust library issue, D-Link strikes again, EV charging station vulnerabilities, and rendering all cybersecurity useless. Show Notes: https://securityweekly.com/psw-824
Understanding KillNet and Recent Waves of DDoS Attacks - Michael Smith - ESW #357
April 11, 2024 20:59 - 36 minutes - 163 MB VideoIn the days when Mirai emerged and took down DynDNS, along with what seemed like half the Internet, DDoS was as active a topic in the headlines as it was behind the scenes (check out Andy Greenberg's amazing story on Mirai on Wired). We don't hear about DDoS attacks as much anymore. What happened? Well, they didn't go away. DDoS attacks are a more common and varied tool of cybercriminals than ever. Today, Michael Smith is going to catch us up on the state of DDoS attacks in 2024, and we'll...
Digging Into Supply Chain Security - James McMurry - PSW #824
April 11, 2024 18:02 - 1 hour - 288 MB VideoJim joins the Security Weekly crew to discuss all things supply chain! Given the recent events with XZ we still have many topics to explore, especially when it comes to practical advice surrounding supply chain threats. Show Notes: https://securityweekly.com/psw-824
OWASP Breach, Types of Prompt Injection, Device-Bound Sessions, ASVS & APIs - ASW #280
April 09, 2024 21:00 - 28 minutes - 126 MB VideoOWASP leaks resumes, defining different types of prompt injection, a secure design example in device-bound sessions, turning an ASVS requirement into practice, Ivanti has its 2000s-era Microsoft moment, HTTP/2 CONTINUATION flood, and more! Show Notes: https://securityweekly.com/asw-280
Dronepocalypse, Microsoft, DLINK, Home Depot, Phishing, NIST, VenomRat, Josh Marpet - SWN #376
April 09, 2024 18:40 - 35 minutes - 162 MB VideoDronepocalypse, Privacy, Microsoft, DLINK, Home Depot, Phishing, NIST, VenomRat, Josh Marpet, and more, are on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-376
Lessons That The XZ Utils Backdoor Spells Out - Farshad Abasi - ASW #280
April 09, 2024 13:36 - 31 minutes - 139 MB VideoWe look into the supply chain saga of the XZ Utils backdoor. It's a wild story of a carefully planned long con to add malicious code to a commonly used package that many SSH connections rely on. It hits themes from social engineering and abuse of trust to obscuring the changes and suppressing warnings. It also has a few lessons about software development, the social and economic dynamics of open source, and strategies for patching software. It's an exciting topic partially because so much ...
Understanding the Cybersecurity Ecosystem, Part 2 - Ross Haleliuk - BSW #345
April 09, 2024 09:00 - 29 minutes - 130 MB VideoIn this discussion, we focus on vendor/tool challenges in infosec, from a security leader's perspective. To quote our guest, Ross, "running a security program is often confused with shopping". You can't buy an effective security program any more than you can buy respect, or a black belt in kung fu (there might be holes in these examples, but you hopefully get the point). In fact, buying too much can often create more problems than it solves, especially if you're struggling to fill your staff...
Understanding the Cybersecurity Ecosystem, Part 1 - Ross Haleliuk - BSW #345
April 08, 2024 18:00 - 30 minutes - 134 MB VideoIn this discussion, we focus on vendor/tool challenges in infosec, from a security leader's perspective. To quote our guest, Ross, "running a security program is often confused with shopping". You can't buy an effective security program any more than you can buy respect, or a black belt in kung fu (there might be holes in these examples, but you hopefully get the point). In fact, buying too much can often create more problems than it solves, especially if you're struggling to fill your staff...
SEXi, Powerhost, Acuity, Layerslider, JSOutProx, Byakugan, Josh Marpet, and More - SWN #375
April 05, 2024 18:50 - 33 minutes - 151 MB VideoSEXi, AI Dreams, Powerhost, Acuity, Layerslider, JSOutProx, Byakugan, Josh Marpet, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-375
Have you heard about AI? Lots of AI news. Also, RSA conference, and RooBadges! - ESW #356
April 05, 2024 09:00 - 1 hour - 295 MB VideoAs we near RSA conference season, tons of security startups are coming out of stealth! The RSA Innovation Sandbox has also announced the top 10 finalists, also highlighting early stage startups that will be at the show. In this week's news segment, We discuss the highlights of the Cyber Safety Review Board's detailed and scathing report on Microsoft's 2023 breach We spend a bit of time on the xz backdoor, but not too much, as it has been covered comprehensively elsewhere We discover h...
Getting Vulnerability Management Back on the Rails - Patrick Garrity - ESW #356
April 04, 2024 22:48 - 52 minutes - 232 MB VideoNVD checked out, then they came back? Maybe? Should the xz backdoor be treated as a vulnerability? Is scan-driven vulnerability management obsolete when it comes to alerting on emerging threats? What were some of the takeaways from the first-ever VulnCon? EPSS is featured in over 100 security products, but is it properly supported by those that benefit from it? How long do defenders have from the moment a vulnerability is disclosed to patch or mitigate it before working exploits ar...
It's A Minifilter! - PSW #823
April 04, 2024 21:00 - 1 hour - 485 MB VideopfSense switches to Linux (April Fools?), Flipper panic in Oz, Tales from the Krypt, Funding to secure the Internet, Abusing SSH on Windows, Blinding EDR, more hotel hacking, Quantum Bleed, and more! Show Notes: https://securityweekly.com/psw-823
XZ - Backdoors and The Fragile Supply Chain - PSW #823
April 04, 2024 16:08 - 1 hour - 291 MB VideoAs most of you have probably heard there was a scary supply chain attack against the open source compression software called "xz". The security weekly hosts will break down all the details and provide valuable insights. https://blog.qualys.com/vulnerabilities-threat-research/2024/03/29/xz-utils-sshd-backdoor https://gynvael.coldwind.pl/?id=782 https://isc.sans.edu/diary/The+xzutils+backdoor+in+security+advisories+by+national+CSIRTs/30800 https://lcamtuf.substack.com/p/technologist-...
Top 10's First Update, Metasploit's Second Update, PHP Prepares Statements, RSA & MS - ASW #279
April 03, 2024 09:00 - 26 minutes - 119 MB VideoThe OWASP Top 10 gets its first update after a year, Metasploit gets its first rewrite (but it's still in Perl), PHP adds support for prepared statements, RSA Conference puts passwords on notice while patching remains hard, and more! Show Notes: https://securityweekly.com/asw-279
Lena, XZ, WallEscape, AT&T, OWASP, Google, Microsoft, AI, Josh Marpet, and More - SWN #374
April 02, 2024 18:21 - 33 minutes - 149 MB VideoLena, XZ, WallEscape, AT&T, OWASP, Google, Microsoft, AI, Josh Marpet, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-374
Infosec Myths, Mistakes, and Misconceptions - Adrian Sanabria - ASW #279
April 02, 2024 16:00 - 34 minutes - 153 MB VideoSometimes infosec problems can be summarized succinctly, like "patching is hard". Sometimes a succinct summary sounds convincing, but is based on old data, irrelevant data, or made up data. Adrian Sanabria walks through some of the archeological work he's done to dig up the source of some myths. We talk about some of our favorite (as in most disliked) myths to point out how oversimplified slogans and oversimplified threat models lead to bad advice -- and why bad advice can make users less se...
CISO Soul Searching: Navigating the Evolving Role of the CISO - Harold Rivas - BSW #344
April 02, 2024 15:35 - 31 minutes - 138 MB VideoHarold Rivas has held multiple CISO roles. In his current CISO role, he's championing Trellix's overall mission to address the issues CISOs face every day, encouraging information sharing and collaborative discussions among the CISO community to help address challenges and solve real problems together - part of this is through Trellix's Mind of the CISO Initiative and the Trellix CISO Council. In this interview, we do a little CISO soul-searching. Harold will bring insights from the initiati...
C-Level Perspective, Communication Failure, and Leadership Misconceptions - BSW #344
April 02, 2024 15:35 - 25 minutes - 111 MB VideoIn the leadership and communications section, The Strategic Implications of Cybersecurity: A C-Level Perspective, Leadership Misconceptions That Hinder Your Success , "Mastering Communication: Lessons from Two Years of Learning", and more! Show Notes: https://securityweekly.com/bsw-344
Multi-Layered Defense Platforms and other terms we found in security press releases - ESW #355
March 29, 2024 18:52 - 56 minutes - 255 MB VideoThis week, in the enterprise security news: Early stage funding is all the rage AI startups continue to pop out of stealth The buyer's market continues with more interesting acquisitions Purpose-built large language models for security Benchmarking LLMs for security GoFetch? More like... Get outta here (I couldn't think of anything clever) Crowdstrike and NVIDIA team up Why do people trust AI? What do Google Sheets and Carlos Sainz Jr. have in common? All that and more, on ...
Electric Sheep, Exchange, Darcula, NuGet, Rockwell, FTX, Aaran Leyland, and More - SWN #373
March 29, 2024 18:52 - 37 minutes - 166 MB VideoAI Dreams of Electric Sheep, Exchange, Darcula, NuGet, Rockwell, FTX, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-373
Why cyber hygiene requires curious talent - Clea Ostendorf - ESW #355
March 28, 2024 21:52 - 48 minutes - 220 MB VideoMany years ago, I fielded a survey focused on the culture of cybersecurity. One of the questions asked what initially drew folks to cybersecurity as a career. The most common response was a deep sense of curiosity. Throughout my career, I noticed another major factor in folks that brought a lot of value to security teams: diversity. Diversity of people, diversity of background, and diversity of experience. I've seen auto mechanics, biologists, and finance experts bring the most interesting...
Crypto, Bluetooth Vulns, Unsafe Locks - PSW #822
March 28, 2024 21:00 - 1 hour - 521 MB VideoThe PSW crew discusses some crypto topics, such as post-quantum and GoFetch, new Flipper Zero projects, RFID hacking and hotel locks, BlueDucky, side channel attacks and more! Show Notes: https://securityweekly.com/psw-822
Are we winning? - Jason Healey - PSW #822
March 28, 2024 16:34 - 1 hour - 294 MB VideoJason Healey comes on the show to discuss new ideas on whether the new national cybersecurity strategy is working. Segment Resources: DEFRAG Hacker Film Festival short documentary (https://youtu.be/NYvHWcQsIRE) on hackers and their favorite films. For educational purposes only, as we don’t have the rights to the clips. YouTube link to Wargames event with Jen Easterly, Matt Devost, Amelia Koran and Kevin Huyck (head of ops for NORAD) (https://youtu.be/iqx6STDYJ7c?si=73WQtSG4RnCGsBcT). ...
Patrick Stewart, Colorama, Strelastealer, CVSS scores, CHUDS, Josh Marpet, and more - SWN #372
March 26, 2024 19:27 - 30 minutes - 136 MB VideoPatrick Stewart, Colorama, Strelastealer, CVSS scores, CHUDS, Josh Marpet, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-372
Apps Gone Wild: Re-thinking App and Identity Security for SaaS - Guy Guzner - BSW #343
March 26, 2024 16:43 - 29 minutes - 130 MB VideoWith hundreds or thousands of SaaS apps to secure with no traditional perimeter, Identity becomes the focal point for SaaS Security in the modern enterprise. Yet with Shadow IT, now recast as Business-Led IT, quickly becoming normal practice, it’s more complicated than trying to centralize all identities with an Identity Provider (IdP) for Single Sign-On (SSO). So the question becomes, “How do you enable the business while still providing security oversight and governance?” This segment is...
CSO Role vs. Changing CISO Role as 60% of Both Roles are Omitted from SEC Filings - BSW #343
March 26, 2024 09:00 - 33 minutes - 145 MB VideoIn the leadership and communications section, The CISO Role Is Changing. Can CISOs Themselves Keep Up? , Why do 60% of SEC Cybersecurity Filings Omit CSO, CISO Info?, How Co-Leaders Succeed, and more! Show Notes: https://securityweekly.com/bsw-343
GoFetch Side Channel, OpenSSF & Security Education, Fuzzing vs. Formal Verification - ASW #278
March 26, 2024 09:00 - 32 minutes - 143 MB VideoThe GoFetch side channel in Apple CPUs, OpenSSF's plan for secure software developer education, fuzzing vs. formal verification as a security strategy, hard problems in InfoSec (and AppSec), and more! Show Notes: https://securityweekly.com/asw-278
Top 5 Myths About API Security and What to Do Instead - Robert Dickinson - ESW #354
March 25, 2024 21:21 - 49 minutes - 214 MB VideoWhile awareness and attention towards cybersecurity are on the rise, some popular and persistent myths about cybersecurity have almost become threats themselves. API security requires a modern understanding of the threat landscape, with the context that most API providers desire to be more open and accessible to all. We will debunk the 5 worst myths about protecting your APIs. Segment Resources: API Security Basics - Everything You Need to Know Graylog API Security - Gain Visibility & C...
Successful Security Needs a Streamlined UX - Benedek Gagyi - ASW #278
March 25, 2024 21:00 - 36 minutes - 159 MB VideoOne of the biggest failures in appsec is an attitude that blames users for security problems. A lot of processes and workflows break down because of an insecure design or insecure defaults. Benedek Gagyi chats with us about the impact of the user experience (UX) on security and why it's not only important to understand how to make a user's life easier, but in defining who that user is in the first place. Segment resources: https://www.usenix.org/conference/8th-usenix-security-symposium/wh...
Robots, UDP, GoFetch, DCs, Pwn2Own, Verner Vinge, Reddit, Aaran Leyland, and More - SWN #371
March 22, 2024 19:41 - 28 minutes - 130 MB VideoRobots gone wild, UDP, GoFetch, Domain Controllers, Pwn2Own, Verner Vinge, Reddit, Aaran Leyland, and More on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-371
Lots Of Funding News, Airbus Says No, and Cato Networks Going IPO? - ESW #354
March 22, 2024 09:00 - 55 minutes - 250 MB VideoIn the enterprise security news, Lots of funding news, including: - Nozomi Networks Raises $100 Million to Expand Industrial Cybersecurity Business - BigID Raises $60 Million at $1 Billion Valuation - J.P. Morgan Growth Leads $39 Million Investment in Eye Security - CyberSaint raises $21 million to accelerate market expansion Zscaler Acquires Avalor for $350 Million Cisco completes $28 bn acquisition of cybersecurity firm Splunk Airbus Calls Off Planned Acquisition of Atos Cybersecurity Gr...
A Dive into Vulnerabilities and Compliance - PSW #821
March 21, 2024 21:00 - 1 hour - 513 MB VideoWe discuss the always controversial Flipper Zero devices the hidden risks in the undersea cables, and the landscape of government oversight, revealing the intricacies of CVE, KEV, and NVD systems that are the linchpins of our digital safety. The conversation takes a turn to the practicalities of risk management and the impact of individuals on the industry, like Daniel from the curl project, striking a chord with the significance of cybersecurity vulnerabilities compared to environmental pol...
Securing All The Things - Josh Corman - PSW #821
March 21, 2024 15:46 - 1 hour - 304 MB VideoJosh Corman joins us to explore how we can make things more secure, making companies make things more secure, and making regulations that make us make things more secure! We will also touch on supply chain security and the state of vulnerability tracking and scoring. Show Notes: https://securityweekly.com/psw-821
Emerging Trends CISOs Should Pay Attention To - Tom Parker - BSW #342
March 19, 2024 21:08 - 29 minutes - 127 MB VideoPiggybacking off of our interview with Dave DeWalt, Tom Parker from Hubble joins Business Security Weekly to discuss a few of the key trends CISOs should be paying attention to. Yes, we'll cover Artificial Intelligence, but more from a business risk and governance perspective. We'll also cover quantum computing, technical debt, and how budgets will impact how organizations can or cannot prepare for these emerging trends. Buckle up and hang on for part two of our jam packed episode. Show No...
Vulns in Smart Locks, FCC labels for IoT, ZAP's New Home - ASW #277
March 19, 2024 21:00 - 38 minutes - 170 MB VideoInsecure defaults and insecure design in smart locks, FCC adopts Cyber Trust Mark labels for IoT devices, the ZAP project gets a new home, and more! Show Notes: https://securityweekly.com/asw-277
Sick Jokes, WEBGPU, Fortra, Azorult, Fujitsu, Phishing, Josh Marpet, and More - SWN #370
March 19, 2024 17:41 - 32 minutes - 148 MB VideoSick Jokes, WEBGPU, Fortra, Azorult, Fujitsu, Conversation Overflow, Phishing, Josh Marpet, and more on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-370
Figuring Out Where Appsec Fits When Starting a Cybersecurity Program - Tyler VonMoll - ASW #277
March 19, 2024 15:33 - 35 minutes - 153 MB VideoLots of companies need cybersecurity programs, as do non-profits. Tyler Von Moll talks about how to get small organizations started on security and how to prioritize initial investments. While an appsec program likely isn't going to be one of the first steps, it's going to be an early one. What decisions can you make at the start that will benefit the program in the years that follow? What does an appsec program look like at a small scale? Segment Resources: "Cybersecurity for Nonprofits"...
How The Evolving Threat Landscape Drives Innovation In Cybersecurity - Dave Dewalt - BSW #342
March 18, 2024 20:08 - 32 minutes - 145 MB VideoDave DeWalt needs no introduction. A four-time CEO and currently the Founder and CEO of NightDragon, Dave collects, analyses, and disseminates more intelligence on the cybersecurity industry in a year than most of us ever will in a lifetime. We've invited Dave to Business Security Weekly to share some of that intelligence with our audience. Specifically, we'll hear about: The evolving threat landscape, including impacts of Artificial Intelligence The latest cybersecurity innovation, inclu...
Will AI allow us to finally scale vuln mgmt and threat detection? - ESW #353
March 15, 2024 21:00 - 1 hour - 306 MB VideoWe don't cover a lot of stories in this week's episode, but we go deep on a few important ones. I'm biased, but I think it's a good one, especially having Darwin's input and encyclopedic knowledge available to us. Also in this week's news: Homomorphic encryption pops up again! Microsoft Security Copilot has a release date! Sudo for Windows Microsegmentation pops up again! The TikTok Ban Darwin's Newsletter: The Cybersecurity Pulse All that and more, on this episode of Enterpris...
Cynicism, TikTok, Redline, Securam, Ghostrace, eSim Swaps, Aaran Leyland, and More - SWN #369
March 15, 2024 19:01 - 32 minutes - 141 MB VideoCynicism, TikTok, Redline, Securam, Ghostrace, MicroOrange, eSim Swaps, Aaran Leyland, and More on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-369
Addressing Identity-Related Threats in 2024 - Rod Simmons - ESW #353
March 15, 2024 14:41 - 48 minutes - 210 MB VideoIn this interview, we talk to Rod Simmons, the VP of Product Strategy at Omada. We'll discuss the complex topic of securing identities against ever growing threats. We'll discuss challenges like unnecessary access, accounts with too many permissions, and a threat landscape that is increasingly finding success from targeting identities. Finally, we'll discuss where the Identity Governance and Administration (IGA) market is going. Segment Resources: Analyst Report: The State of Identity Go...
Printers Are "Not Nice" - PSW #820
March 14, 2024 21:00 - 1 hour - 511 MB VideoIn the security News end of life routers and exploits, SCCM mis-configurations lead to compromise, apparently you can hack anything with a Flipper Zero, do source code leaks matter?, visibility is important, printer vulnerabilities that no one cares about, friendship gets you firmware, lock hacking continues, VM escapes and risk, and multiple really cool Bluetooth hacking stories. Show Notes: https://securityweekly.com/psw-820
Memory Safety, Re-Writing Software, and OSS Supply Chains - Omkhar Arasaratnam - PSW #820
March 14, 2024 16:44 - 52 minutes - 227 MB VideoOmkhar Arasaratnam is the General Manager of the Open Source Software Foundation (OpenSSF) and appears on the show to discuss memory safety, why re-writing software isn't always the best option, open-source software supply chains, and more! Segment Resources: https://openssf.org/blog/2024/02/26/openssf-supports-efforts-to-build-more-secure-and-measurable-software/ https://www.whitehouse.gov/wp-content/uploads/2024/02/Final-ONCD-Technical-Report.pdf Show Notes: https://securityweekly....
TeamCity Authn Bypass, ArtPrompt Attacks, Low Quality Vuln Reports, Secure by Design - ASW #276
March 12, 2024 21:00 - 36 minutes - 162 MB VideoThe trivial tweaks to bypass authentication in TeamCity, ArtPrompt attacks use ASCII art against LLMs, annoying developers with low quality vuln reports, removing dependencies as part of secure by design, removing overhead with secure by design, and more! Show Notes: https://securityweekly.com/asw-276
Dem Bones, Leather, QNAP, CISA, Microsoft, PyPI, France, AirBnB, Josh Marpet and More - SWN #368
March 12, 2024 18:40 - 32 minutes - 146 MB VideoDem Bones, Leather, QNAP, CISA, Microsoft, PyPI, France, AirBnB, Josh Marpet, and More are on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-368
More API Calls, More Problems: The State of API Security in 2024 - Lebin Cheng - ASW #276
March 12, 2024 16:51 - 35 minutes - 153 MB VideoA majority of internet traffic now originates from APIs, and cybercriminals are taking advantage. Increasingly, APIs are used as a common attack vector because they’re a direct pathway to access sensitive data. In this discussion, Lebin Cheng shares what API attack trends Imperva, a Thales Company has observed over the past year, and what steps organizations can take to protect their APIs. This segment is sponsored by Imperva. Visit https://www.securityweekly.com/imperva to learn more abou...
CISO's Guides to Engaging The Board, Artificial Intelligence, and Cyber Insurance - BSW #341
March 12, 2024 09:00 - 26 minutes - 116 MB VideoIn the leadership and communications section, Cybersecurity in the C-Suite: A CISO’s Guide to Engaging the Board, The CISO's Guide to AI: Embracing Innovation While Mitigating Risk, Cyber Insurance Strategy Requires CISO-CFO Collaboration, and more! Show Notes: https://securityweekly.com/bsw-341
Protecting Executives: Why The Home Is The New Battle Ground - Chris Pierson - BSW #341
March 11, 2024 20:54 - 31 minutes - 135 MB VideoWhen you think of executive protection, you think of work related activities such as security details, travel planning, and other physical security protections. But in the world of Artificial Intelligence and DeepFakes, the risk landscape for executives goes far beyond work and into their personal lives. The home is now the new battle field and family life will never be the same. Chris Pierson, CEO at BlackCloak, joins Business Security Weekly to discuss the changes in the risk landscape f...