Security Weekly Podcast Network (Video)
4,109 episodes - English - Latest episode: 19 days ago - ★★★★★ - 34 ratingsThis feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Access vs Actions, Beyond Traditional IGA, Remote Identity Verification, & Fraud - Tim Prendergast, Damon Tompkins, Andrew Bud, Chris Meyer - ESW Vault
June 21, 2024 21:00 - 58 minutes - 252 MB VideoTraditional approaches to access management are no longer sufficient to safeguard enterprise security. Tim will explain why the most effective approach to modern enterprise security requires a Zero Trust model that extends beyond just access to encompass every action, no matter how minor. Tim will describe the importance of implementing a Zero Trust framework that evaluates each command, query, and configuration change in real-time, and how that delivers the most effective and complete sec...
Cybersecurity In College - SWN Vault
June 21, 2024 16:00 - 38 minutes - 167 MB VideoCheck out this interview from the SWN Vault, hand picked by main host Doug White! This Secure Digital Life segment was originally published on June 19, 2018. This week, Doug and Russ interview Matthew Silva, President and Founder of the Cybersecurity and Intel Club at Roger Williams University! They talk about majoring in Cybersecurity vs. Computer Science, gaining experience vs. book learning, and more on this episode of Secure Digital Life! Show Notes: https://securityweekly.com/vault-...
iShield Key Experience, Automated (PKI) Infrastructure, & GenAI Identity Attacks - Kevin Fadaie, Roni Bliss, David Mahdi - ESW Vault
June 21, 2024 09:00 - 44 minutes - 193 MB VideoFIDO security keys are not new in the authentication workflow. They have been around now for 10 years. What is new is the combination of the most secure multi-factor authentication method not only for logical but also for physical access control with the highest FIPS140-3 security certification in the market. Segment Resources: Video "Swissbit iShield Key Pro: Protecting Digital Identities" https://www.youtube.com/watch?v=kxtqOyZ6e80 This segment is sponsored by Swissbit. Visit https://s...
Bringing Autonomy to AppSec - Dr. David Brumley - ESW Vault
June 20, 2024 19:00 - 32 minutes - 139 MB VideoLog4j, solar winds, tesla hacks, and the wave of high profile appsec problems aren’t going to go away with current approaches like SAST and SCA. Why? They are: -40 years old, with little innovation -Haven’t solved the problem. In this segment, we talk about fully autonomous application security. Vetted by DARPA in the Cyber Grand Challenge, the approach is different: -Prove bugs, rather than trying to list all of them. -Zero false positives, which leads to better autonomy. Segmen...
Hacker Heroes - Dave Aitel - PSW Vault
June 19, 2024 21:00 - 1 hour - 389 MB VideoExploring the Strategic Minds in Cybersecurity: A Conversation with Dave Aitel Welcome to an enlightening episode of our podcast, where we sit down with Dave Aitel, a prominent figure in the cybersecurity landscape. With a robust background in offensive security and an extensive career spanning various facets of the industry, Dave brings a wealth of knowledge and strategic insights to our discussion. As the Founder and CEO of Immunity Inc., a leading cybersecurity company, Dave has playe...
Back To School: Networking 101 - SWN Vault
June 18, 2024 16:00 - 26 minutes - 117 MB VideoCheck out this interview from the SWN Vault, hand picked by main host Doug White! This Secure Digital Life segment was originally published on September 25, 2018. This week, Russ takes the reigns in the absence of Dr. Doug to talk about Networking 101! We are going to go back to school to examine how networking and the internet actually work. Russ looks at MAC addresses, IP Addressing (Private/Public), DHCP, routing, and DNS. Show Notes: https://securityweekly.com/vault-swn-15
Learning EBPF - Liz Rice - ASW Vault
June 18, 2024 16:00 - 37 minutes - 161 MB VideoCheck out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on April 4, 2023. Following on from her successful title "Container Security", Liz has recently authored "Learning eBPF", published by O'Reilly. eBPF is a revolutionary kernel technology that is enabling a whole new generation of infrastructure tools for networking, observability, and security. Let's explore eBPF and understand its value for security, and how it's used to...
Zero Trust Is Not A SKU - Saša Zdjelar - BSW Vault
June 17, 2024 18:00 - 32 minutes - 141 MB VideoCheck out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on August 9, 2022. Zero Trust is the security buzzword of the moment, and while it is a very powerful approach, nearly every enterprise security product on the market – and some that aren’t even security products — are saying they enable Zero Trust. The problem is this: you can’t buy zero trust. It’s an approach, an architecture, and a journey, not software, hardware, ...
Unlocking Business Value, Beyond Outages, & Combat Account and Platform Fraud - Ajay Gupta, Gerry Gebel, Mark Batchelor - ESW #365
June 15, 2024 09:00 - 46 minutes - 199 MB VideoEnterprises often struggle with achieving business value in identity programs. This is typically the result of technology choices that require a disproportionately greater amount of effort and focus and underestimating the workforce required for organizational change management. With 30 years in the industry and a depth of accumulated knowledge working with large, global customers and vendors, we share how to identify and realize the business value in your organization’s identity program. ...
Increasing KYB Coverage, Is your SSO on point, & The Future of Identity Management - Vibhuti Sinha, Tarvinder Sembhi, Chris Simmons - ESW #365
June 14, 2024 21:00 - 43 minutes - 189 MB VideoSeveral recent trends underscore the increasing importance of Know Your Business (KYB) practices in today's business landscape. One significant trend is the rise in financial crimes, including money laundering, fraud, and terrorist financing. Technological advancements have transformed the way businesses operate, leading to increased digitization, online transactions, and remote customer interactions. While these developments offer numerous benefits, they also create opportunities for crimin...
Trust in Microsoft, Apple, and the Holy AI, Moonstone Sleet, Cheating, Joshua Marpet - SWN #393
June 14, 2024 17:26 - 34 minutes - 151 MB VideoTrust in Microsoft, Apple, and the Holy AI, Amen, Moonstone Sleet, Cheating, Joshua Marpet, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-393
Shared irresponsibilities and the importance of product privacy: Apple vs Microsoft - ESW #365
June 14, 2024 15:35 - 1 hour - 307 MB VideoThis week, we've got data security being both funded AND acquired. We discuss Lacework's fall from unicorn status and why rumors that it went to Fortinet for considerably more than Wiz was willing to pay make sense. Microsoft Recall and Apple Intelligence are the perfect bookends for a conversation about the importance of handling consumer privacy concerns at launch. How can the Snowflake breach both be one of the biggest breaches ever, but also not a breach at all (for Snowflake, at lea...
Bricking PCs and IoT Hacking - PSW #832
June 13, 2024 21:00 - 1 hour - 478 MB VideoSkyrocketing IoT vulnerabilities, bricked computers?, MACBORG!, raw dogging source code, PHP strikes again and again, if you have a Netgear WNR614 replace it now, Arm Mali, new OpenSSH feature, weird headphones, decrypting firmware, and VPNs are still being hacked! Show Notes: https://securityweekly.com/psw-832
GenAI, Security, and More Lies - Aubrey King - PSW #832
June 13, 2024 17:43 - 1 hour - 277 MB VideoWe will discuss LLM security in general and some of the issues covered in the OWASP Top 10 for LLMs! Segment Resources: https://genai.owasp.org/ Show Notes: https://securityweekly.com/psw-832
Buzz Aldrin, the Gray Lady, Veeam, Microsoft squared, Nvidia, Josh Marpet... - SWN #392
June 11, 2024 16:00 - 32 minutes - 144 MB VideoBuzz Aldrin, the Gray Lady, Veeam, Microsoft squared, Nvidia, Hardware, Pentests, Josh Marpet, and more on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-392
Microsoft Recall's Security & Privacy, Hacking Web APIs, Secure Design Pledge - ASW #288
June 11, 2024 14:45 - 38 minutes - 167 MB VideoLooking at use cases and abuse cases of Microsoft's Recall feature, examples of hacking web APIs, CISA's secure design pledge, what we look for in CVEs, a nod to PHP's history, and more! Show Notes: https://securityweekly.com/asw-288
Deep Learning to Combat AI Threats & Disrupting the Browser Security Market - Carl Froggett, Vivek Ramachandran - BSW #353
June 11, 2024 09:00 - 32 minutes - 139 MB VideoThe recent rise in adversarial AI has made it clear: organizations must fight AI with better AI. Gone are the days of relying on legacy, antiquated endpoint detection and response offerings, or cybersecurity tools that are based on ineffective machine learning models. In this interview, Deep Instinct CIO Carl Froggett will explain why Deep Learning is the most superior form of AI, and the technology’s role in powering predictive prevention. This segment is sponsored by Deep Instinct. Visit...
The State of the Cybersecurity Market, At Least According to Gartner - Padraic O'Reilly - BSW #353
June 10, 2024 19:41 - 32 minutes - 138 MB VideoDid you miss Gartner Security & Risk Management last week in National Harbor, MD? Don't worry, Padraic O'Reilly, Founder and Chief Innovation Officer at CyberSaint, joins us to discuss the hot topics that were presented at the conference last week, including: Artificial Intelligence(AI) Continuous Threat Exposure Management(CTEM) Identity & Access Management (IAM) Cyber Risk Padraic will also discuss the changing role of the CISO, at least in the eyes of Gartner. Don't miss this reca...
Securing Health, Creating Phishing-Resistant Users & Rising Ransomware Stakes - Jim Broome, John Shier, Christopher Harrell - ESW #364
June 07, 2024 21:00 - 48 minutes - 213 MB VideoThe interview will delve into the healthcare industry's tumultuous year in 2023, marked by 124 million breached health records across 725 hacking incidents (according to The HIPAA Journal). This interview will explore the critical role that MSSPs play in safeguarding health data and systems against potential security incidents, such as ransomware and business email compromise attacks. Jim Broome will share how to proactively prepare for an incident - including establishing a comprehensive in...
AI, Lockbit, Veeam, Club Penguin, Kali, Commando Cat, HugeGraph, Aaran Leyland... - SWN #391
June 07, 2024 18:12 - 35 minutes - 153 MB VideoBurning AI, Lockbit, Veeam, Club Penguin, Kali, Commando Cat, HugeGraph, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-391
The Cybersecurity Market Gets Some New Quirks and Features - ESW #364
June 07, 2024 09:00 - 1 hour - 294 MB VideoWe start off discussing the latest round of fundings, centered largely around data security and securing LLM use. This dovetails into a discussion about marketing language and how difficult it can be for buyers to work out what the latest round of early stage startups are doing. Next, we discuss Cloudflare and Bugcrowd's acquisitions, as well as Synopsys's divestiture of its appsec portfolio. From here, we dive into a raft of new features across both IT and cybersecurity products, like A...
Interest in Identity Security is Spiking - Will Lin - ESW #364
June 06, 2024 21:00 - 35 minutes - 151 MB Video"Identity security has been around forever though", you might be thinking. Allow me to clarify. Identity is the largest cybersecurity product category, but most of it is focused on identity governance, authentication, multi-factor, etc. Very little of it is focused on operational identity security. It's this trend, where we recently (within the last 2 years) started seeing the ITDR (Identity Threat Detection and Response) acronym that we'll be focused on today. Particularly: Why is this tre...
Routers, Breaches, and Vulnerabilities - PSW #831
June 06, 2024 21:00 - 1 hour - 421 MB VideoThis week: Take on the upstream, how hard is it to patch end-of-life software, hack millions of routers, take over millions of routers, 0-days, and no responses, hack Taylor Swift wristbands, can you detect that covert channel?, and breach reports from Ticketmaster, Snowflake, Santander, and TikTok, and top it all of with C-level DNS servers dropping off the Internet! Show Notes: https://securityweekly.com/psw-831
Whose Vulnerability Is It Anyway? - Josh Bressers - PSW #831
June 06, 2024 15:28 - 1 hour - 293 MB VideoJosh comes on the show to discuss all things related to vulnerability tracking and scoring, including the current issues with various systems and organizations including NIST, CVE, Mitre, CVSS, NVD, and more! Segment Resources: NVD blog post Josh wrote: https://anchore.com/blog/navigating-the-nvd-quagmire/ Josh's Latest post: https://opensourcesecurity.io/2024/06/03/why-are-vulnerabilities-out-of-control-in-2024/ Josh's podcasts: https://opensourcesecurity.io/category/podcast/ http...
Bots are Taking Over the Internet & Defining ASPM - Idan Plotnik, Erez Hasson - ASW #287
June 04, 2024 21:00 - 30 minutes - 131 MB VideoApplication security posture management has quickly become a hot commodity in the world of AppSec, but questions remain around what is defined by ASPM. Vendors have cropped up from different corners of the AppSec space to help security teams make their programs more effective, improve their security postures, and connect the dots between developers and security. Apiiro is setting the diamond standard for ASPM, combining deep code analysis, runtime context, and native risk detection with a 10...
BCNF, Azure, Roaring Kitty, Hugging Face, Okta, Linux, Oracle, Josh Marpet... - SWN #390
June 04, 2024 18:07 - 35 minutes - 156 MB VideoBoyce Codd Normal Form, Azure, Roaring Kitty, Hugging Face, Okta, Linux, Oracle, Josh Marpet and more, are on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-390
Open Source Software Supply Chain Security & The Real Crisis Behind XZ Utils - Luis Villa - ASW #287
June 04, 2024 14:06 - 42 minutes - 182 MB VideoOpen source has been a part of the software supply chain for decades, yet many projects and their maintainers remain undersupported by the companies that consume them. The security responsibilities for project owners has increased not only in dealing with security disclosures, but in maintaining secure processes backed by strong authentication and trust. Segment Resources: https://www.cisa.gov/news-events/news/lessons-xz-utils-achieving-more-sustainable-open-source-ecosystem https://w...
Harnessing the Power of Data and AI & The Evolving Role of the CISO - James Doggett, Sivan Tehila - BSW #352
June 04, 2024 09:00 - 27 minutes - 119 MB VideoSemperis CISO Jim Doggett shares insights into the evolving role of the CISO. The daily onslaught of cyberattacks not only increases business risk, but also puts a company’s most important data at risk – data on the company, its employees, customers, and partners. Now, more than ever, the CISO is being asked to understand the business of cyber without being given much time to implement plans for protecting an organization’s infrastructure. There is a balance needed between being a technical ...
Emotional Intelligence for Cyber Leaders - Jessica Hoffman - BSW #352
June 03, 2024 19:43 - 33 minutes - 141 MB VideoSince the 1995 publication of Daniel Goleman’s international bestseller Emotional Intelligence, Why It Can Matter More Than IQ, a global movement has developed to bring “EQ” into practice in businesses, schools, and communities around the globe. But what is its impact on Cybersecurity? In this interview, we welcome Jessica Hoffman, Deputy CISO for the City of Philadelphia, to discuss how Emotional Intelligence can be applied by CyberSecurity leadership to create a better culture and better...
A CISO’s Perspective, Defending Against AI & Ransomware Evolution - Kris Lahiri, Jim Broome, Mike Lyborg - ESW Vault
May 31, 2024 21:00 - 46 minutes - 202 MB VideoIn this interview, join Swimlane Chief Information Security Officer, Mike Lyborg, and host Akira Brand as we discuss the value of cybersecurity marketplaces from a CISO perspective. Through insightful discussions, unpack the connection between outcomes-driven solutions and tangible business KPIs. This segment is sponsored by Swimlane. Visit https://securityweekly.com/swimlanersac to learn more about them! The past two years have witnessed an unprecedented surge in the adoption of generat...
Securing Backups - SWN Vault
May 31, 2024 16:00 - 20 minutes - 87.7 MB VideoCheck out this episode from the Secure Digital Life Vault, hand picked by main host Doug White! This segment was originally published on June 14, 2017. Doug and Russ talk about different types of backups, how they work and out-of-band strategies. Show Notes: https://securityweekly.com/vault-swn-14
Achieving Cyber Resilience, External Cybersecurity & Risk Reduction - Margarita Barrero, Andy Grolnick, Alexandre Sieira - ESW Vault
May 31, 2024 09:00 - 48 minutes - 209 MB VideoOrganizations today are overwhelmed with the sheer magnitude of potential cybersecurity threats and there is plenty of vendor buzz around AI in Security products, but what is the reality? Threat detection and incident response (TDIR) strategy and execution have never been more critical and are essential in maintaining cyber resilience and strengthening the security posture of every organization. TDIR aims to identify potential threats and respond before they can impact a business. A layered ...
Exploring the latest FortiGuard Labs Threat Report - Derek Manky - ESW Vault
May 30, 2024 19:00 - 40 minutes - 181 MB VideoAs a special treat for this week's vault episode, we set up a conversation with Derek Manky to discuss Fortinet's FortiGuard Labs Threat Report. This is a bi-annual report put out by FortiGuard Labs, and in my opinion, it just keeps getting better and better. The report is chock full of actionable information and insights. It answered all my questions about the current state of threats and attacks, like: What is the latest big shift in strategy and focus for ransomware groups? I keep hear...
Hacker Heroes - Josh Corman - PSW Vault
May 29, 2024 21:00 - 1 hour - 314 MB VideoMaking The World A More Secure Place: Joshua Corman's Journey and Insights Welcome to an insightful podcast episode featuring Joshua Corman, a prominent figure in the realm of cybersecurity. With a wealth of experience and a keen understanding of the evolving threat landscape, Joshua has established himself as a thought leader and influencer in the cybersecurity community. In this episode, we explore Joshua's professional journey, from his early days in the industry to his current positi...
Securing Shadow Apps & Protecting Data - Guy Guzner, Pranava Adduri - ASW Vault
May 28, 2024 21:00 - 30 minutes - 132 MB VideoWith hundreds or thousands of SaaS apps to secure with no traditional perimeter, Identity becomes the focal point for SaaS Security in the modern enterprise. Yet with Shadow IT, now recast as Business-Led IT, quickly becoming normal practice, it’s more complicated than trying to centralize all identities with an Identity Provider (IdP) for Single Sign-On (SSO). So the question becomes, “How do you enable the business while still providing security oversight and governance?” This segment is...
Collecting Bounties and Building Communities - Ben Sadeghipour - ASW Vault
May 28, 2024 17:40 - 36 minutes - 157 MB VideoCheck out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on April 18, 2023. We talk with Ben about the rewards, hazards, and fun of bug bounty programs. Then we find out different ways to build successful and welcoming communities. Show Notes: https://securityweekly.com/vault-asw-9
College Degrees - SWN Vault
May 28, 2024 16:00 - 23 minutes - 104 MB VideoCheck out this episode from the Secure Digital Life Vault, hand picked by main host Doug White! This segment was originally published on June 8, 2017. Doug and Russ swim the warm waters of academia, college degrees, types of degrees, and whether or not you need one. Show Notes: https://securityweekly.com/vault-swn-13
Shifting Third Party Risk & What You Need to Know About PCI DSS 4.0 - Lynn Marks, Paul Valente - BSW Vault
May 28, 2024 09:00 - 29 minutes - 127 MB VideoExplore how to transform your third party risk program from a business bottleneck to a business driver. Discover how evidence-based security documentation and AI can streamline risk assessments, completing them in days not months. This data-driven approach will reduce TPRM backlog and allow your security team to move faster, identify risk proactively, and become a business driver for your organization. This segment is sponsored by VISO TRUST. Visit https://www.securityweekly.com/visotrustr...
The VC Perspective: Embracing Uncertainty & Staying the Course - Alberto Yépez - BSW Vault
May 27, 2024 16:00 - 35 minutes - 156 MB VideoCheck out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on June 27, 2022. Forgepoint Capital’s Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are st...
Secure Code From the Start, Security Validation & Platformization - Maxime Lamothe-Brassard, Volkan Ertürk, Chris Hatter - ESW #363
May 24, 2024 21:00 - 47 minutes - 205 MB VideoQwiet AI provides real time detection of security vulnerabilities in code along with the best AI generated fixes to aid developers in finding and fixing their code with the addition of AI AutoFix. This segment is sponsored by Qwiet AI. Visit https://securityweekly.com/qwietrsac to learn more about them! With scores of security tools implemented, configured, and integrated security teams are overwhelmed while knowing there is still a possibility for a breach. As they work to prioritize th...
Gold Pressed Latinum, VBScript, ORBS, Rockwell, Chrome, SKY, Aaran Leyland, and More - SWN #389
May 24, 2024 17:41 - 36 minutes - 157 MB VideoGold Pressed Latinum, VBScript, ORBS, Rockwell, Chrome, SKY, Aaran Leyland, and More on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-389
Unified Identity Security, Identity is Under Attack & Identity is Security - Andre Durand, David Bradbury, Wendy Wu - ESW #363
May 24, 2024 09:00 - 47 minutes - 206 MB VideoThe next generation of identity security is not about the popular idea of convergence, but of unification. A single, AI-driven solution that integrates PAM with identity security and access management is the clear path forward to manage and secure all enterprise data through a unified control point. Segment Resources: • https://www.sailpoint.com/products/identity-security-cloud/atlas/ • https://www.sailpoint.com/press-releases/sailpoint-accelerates-innovation-with-its-identity-security-p...
This Week: short on funding, long on research and analysis - ESW #363
May 23, 2024 22:00 - 1 hour - 280 MB VideoOnly one funding announcement this week, so we dive deep into Thoma Bravo's past and present portfolio. They recently announced a sale of Venafi to Cyberark and no one is quite sure how much of a hand they had in the LogRhythm/Exabeam merger, and whether or not they sold their stake in the process. We also have a crazy stat Ross Haleliuk spotted in Bessemer's analysis: "13 out of 14 cybersecurity companies acquired in the past year for over $100M were from Israel". Is this an anomaly? Does...
Exploits Make You More Secure - PSW #830
May 23, 2024 20:28 - 1 hour - 505 MB VideoAn exploit that makes you more secure, pardon the interruption, water heater company in hot water, IoT devices are vulnerable, Squeege and RDP scraping, free laundry for everyone!, Wifi routers and Apple Air tags, North Koreans fill US IT positions, taking out drones, the NVD backlog, IBM is no longer a security company?, and DNSBombs! Show Notes: https://securityweekly.com/psw-830
Pen Testing As A Service - Seemant Sehgal - PSW #830
May 22, 2024 09:00 - 56 minutes - 243 MB VideoThe Security Weekly crew and special guest Seemant Sehgal explore what PTaaS involves, how it differs from traditional penetration testing, and why it's becoming a crucial service for companies of all sizes to protect their digital assets. We'll discuss the how PTaaS is using the latest technologies (e.g machine learning), the benefits of having a third-party service, and real-world scenarios where PTaaS has successfully thwarted potential security breaches. PTaaS can be a game-changer in en...
Unpacking XDR & Business Applications - Chris Thomas, Oliver Tavakoli - ASW #286
May 21, 2024 21:00 - 30 minutes - 132 MB VideoThe challenge of evaluating threat alerts in aggregate – what a collection and sequence of threat signals tell us about an attacker’s sophistication and motives – has bedeviled SOC teams since the dawn of the Iron Age. Vectra AI CTO Oliver Tavakoli will discuss how the design principles of our XDR platform deal with this challenge and how GenAI impacts this perspective. Segment Resources: Vectra AI Platform Video: https://vimeo.com/916801622 Blog: https://www.vectra.ai/blog/what-is-xdr-...
Big Tech, Fighting a Junta, Keylogger in Microsoft, APT Hackers, Free Laundry, Josh - SWN #388
May 21, 2024 17:53 - 24 minutes - 106 MB VideoBig Tech, Fighting a Junta, Keylogger in Microsoft , APT Hackers, Free Laundry, Joshua Marpet & more on this edition of the Security Weekly News! Show Notes: https://securityweekly.com/swn-388
Node.js Secure Coding - Liran Tal - ASW #286
May 21, 2024 13:41 - 38 minutes - 167 MB VideoSecure coding education should be more than a list of issues or repeating generic advice. Liran Tal explains his approach to teaching developers through examples that start with exploiting known vulns and end with discussions on possible fixes. Not only does this create a more engaging experience, but it also relies on code that looks familiar to developers rather than contrived or overly simplistic examples. Segment resources: https://github.com/lirantal https://cheatsheetseries.owasp...
2024 Cyber Resilience Trends & Leveling the Cybersecurity Playing Field - Theresa Lanowitz, Jim Simpson - BSW #351
May 21, 2024 09:00 - 29 minutes - 129 MB VideoIn this segment, Theresa will unpack the complexities of cyber resilience, and dive into new research that examines dynamic computing. She’ll discuss how it merges IT and business operations, taps into data-driven decision-making, and redefines computing for the modern era. This segment is sponsored by LevelBlue. Visit https://www.Securityweekly.com/levelbluersac to learn more about them! In this segment, Jim can discuss how organizations can enhance their cybersecurity posture with Blum...
Security Money: Rubrick Saves The Index As It Continues To Climb - BSW #351
May 20, 2024 20:33 - 26 minutes - 114 MB VideoThis week, it’s time for security money, our quarterly review of the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. This quarter, Rubrick's IPO saves the index, as Cisco finishes the acquisition of Splunk. The index is now made up of the following 25 pure play cybersecurity public companies: Secureworks Corp Palo Alto Networks Inc Check Point Software Technologies Ltd. Rubrik Inc Gen Digital Inc Fortinet Inc Akamai Technologi...