Security Weekly Podcast Network (Audio)
2,816 episodes - English - Latest episode: about 1 month ago - ★★★★ - 202 ratingsThis feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Tackling the Perennial Problem of Device Management, News, BlackHat Interviews - Jason Meller - ESW #329
August 25, 2023 21:00 - 2 hours - 144 MBIncredibly, the seemingly simple task of managing corporate-owned devices is still a struggle for most organizations in 2023. Maybe best MDM for Mac doesn't work with Windows, or the best MDM for Windows doesn't work with Mac. Maybe neither have Linux support. Perhaps they don't provide enough insight into the endpoint, or control over it. Whatever the case, security leaders never seem satisfied with their MDM solution and are always investigating new ones. Now, Kolide has stepped in with a ...
Openfire, Firepower, Barracuda, CosmicBeetle, Encryption, Aaran Leyland, & More - SWN #321
August 25, 2023 18:00 - 34 minutes - 31.9 MBThis week in the Security News Dr. Doug talks: Openfire, Firepower, Barracuda, CosmicBeetle, Lazarus, Encryption, Network Tourism, India's on the Moon, Aaran Leyland, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-321
Managing Bug Bounty Programs At Scale - Dr. Jared DeMott - PSW #796
August 24, 2023 21:00 - 3 hours - 199 MBJared has a long, and outstanding, history in cybersecurity. Today, he works for Microsoft helping them run and respond to bug bounty reports. The scale is massive and I think we can all learn a thing or two about vulnerability management and bug bounties! Segment Resources: https://www.microsoft.com/en-us/msrc/bounty?rtc=1 https://www.microsoft.com/en-us/msrc https://msrc.microsoft.com/report/vulnerability/new https://www.microsoft.com/en-us/msrc/bounty https://msrc.microsoft.com/...
Security in a Cloud Native World & Mobile App Attacks - ASW #252
August 22, 2023 21:00 - 37 minutes - 68.6 MBTwo featured interviews from this year's Black Hat. In the news, Discord.io ceases to be, Azure AD breach to get scrutiny from the CSRB, Zoom's AI stumbles show security concerns, model confusion attacks, a look at how far we have -- and haven't -- come with XSS flaws, an approachable article on AI, and more! Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly ...
Cold Fusion, EncroChat, Apple Device Spoofing, Tesla Breach, Jason Wood & More - SWN #320
August 22, 2023 18:00 - 26 minutes - 24.5 MBThis week Aaran Leyland subs in to discuss: Cold Fusion Flaw, EncroChat, sneaky Amazon and Google, Spoofing Apple devices, Telsa data breach, Space and Jason Wood on this episode of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-320
Security Money & BlackHat Interviews - BSW #317
August 22, 2023 09:00 - 57 minutes - 54.9 MBThe Security Weekly 25 Index is still trying to recover. Inflation fears have tampered the recovery and the NASDAQ is outperforming the Index. Fastly replaces Sumo Logic in the Index and Thoma Bravo has not acquired anyone, so hoping the index stays stable for more than a quarter :). Here's the latest list of companies in the index: Secureworks Corp Palo Alto Networks Inc Check Point Software Technologies Ltd. Splunk Inc Gen Digital Inc Fortinet Inc Akamai Technologies, Inc. F5 Inc Zscaler I...
News and Interviews from BlackHat 2023 - ESW #328
August 18, 2023 21:00 - 2 hours - 122 MBIn the Enterprise Security News, 1. Check Point buys Perimeter 81 to augment its cybersecurity 2. 2023 Layoff Tracker: SecureWorks Cuts 300 Jobs 3. Hackers Rig Casino Card-Shuffling Machines for ‘Full Control’ Cheating 4. ‘DoubleDrive’ attack turns Microsoft OneDrive into ransomware 5. NYC bans TikTok on city-owned devices As more organizations explore edge computing, understanding the entire ecosystem is paramount for bolstering security and resiliency, especially within a critical in...
Dilithium, Africa, Suse, Citrix, QR, AI, & More News - SWN #319
August 18, 2023 18:00 - 26 minutes - 28.5 MBThis week Dr. Doug talks: Elon Throttling, Dilithium, Africa, Suse, Citrix, QR Codes, AI Meetings, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-319
Defending Public Infrastructure While At War - Antranig Vartanian - PSW #795
August 18, 2023 14:29 - 3 hours - 201 MBThe 2020 Armenian war with Azerbaijan called into action over 100 volunteer incident responders from across the country (and the globe) into action. Our guest for this segment was one of the leads during the 40-day conflict and helped organize teams that responded to everything from websites being attacked and country-wide Internet outages. In the Security News: You should read the NIST CSF, JTAG hacking the original Xbox, tricked into sharing your password, attacking power management softwa...
DEFCON, ScrutisWeb, DoubleDrive, GitHub, npms, AI Cheating, More news, and Jason Wood - SWN #318
August 15, 2023 18:00 - 30 minutes - 31.5 MBThis week in the Security News, Dr. Doug talks: DEFCON, ScrutisWeb, DoubleDrive, GitHub, npms, AI Cheating advice, More news and Jason Wood Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-318
CISO in Crisis, but Will the SEC Regulations Make a Difference and New NIST CSF Draft - BSW #316
August 15, 2023 17:00 - 56 minutes - 51.3 MBIn the leadership and communications section, CISO is Crisis, Will SEC Cybersecurity Regulations Make a Difference?, NIST Drafts Major Update to Its Widely Used Cybersecurity Framework, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-316
Pointers and Perils for Presentations - Josh Goldberg - ASW #251
August 15, 2023 16:52 - 1 hour - 194 MBA key part of modern appsec is communication. From interpersonal skills for fostering collaborations to presentation skills for delivering a message, the ability to tell a story and engage an audience is a skill that doesn't appear on top ten lists and that doesn't come up in secure coding checklists. Josh shares his path to becoming a presenter on technical topics, including stumbles he's made along the way and how he helps others develop their skills for slides. Resources: - https://www....
Black Hat Startup Spotlight Finalists - Alex Matrosov, Ian Amit - ESW #327
August 11, 2023 21:00 - 2 hours - 140 MBBinarly is one of only a few startups focused on highlighting security issues in firmware. The company has discovered a remarkable number of vulnerabilities in firmware in a very short time. Its' founder, Alex Matrosov, joins us to discuss insights discovered along his company's journey to convince vendors that firmware is worth securing. This week in the Enterprise News, we discuss Kubernetes attacks and CPU attacks. We also have a better idea of what valuation losses might be for security ...
Creepy AI, Codesys, Kyber768, .Net, Gootloader, DARPA, EvilProxy, Aaran Leyland - SWN #317
August 11, 2023 18:00 - 34 minutes - 34 MBThis week: Dr. Doug talks Creepy AI, Codesys, Kyber768, .net, Gootloader, DARPA, EvilProxy, Aaran Leyland, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-317
Incident Response Readiness - Gerard Johansen - PSW #794
August 10, 2023 21:00 - 3 hours - 201 MBJust how prepared are you for the next cybersecurity incident? Depending on the definition, security incidents likely happen daily at most enterprises. Because we can't prevent everything, the key to success is to be in a constant state of readiness. This means regular training with a focus on preparation. Gerard will walk us through tips and tricks to keep our incident response teams in tip-top condition. In the Security News: Hacking your Tesla to enable heated seats (and so much more), Th...
You've Got Appsec, But Do You Have ArchSec? - Merritt Baer - ASW #250
August 08, 2023 21:00 - 1 hour - 172 MBMature shops should be looking to a security architecture process to help scale their systems and embrace security by design. We talk about what it means to create a security architecture process, why it's not just another security review, and why it requires security to dig into engineering. Segment Resources: - https://www.lacework.com/ciso-boardbook/ciso/merritt-baer Zap gets a jolt of new support, using Clang for security research, LLM attacks learn models, Rust visualizes dependenci...
BilDad, points.com, Papercut, Prospect , SMS, Microsoft, DAAS, Jason Wood, and More - SWN #316
August 08, 2023 18:00 - 32 minutes - 44 MBThis week in the Security News, Dr. Doug talks: BilDad the Shuhite, Points.com, Papercut, Prospect Medical, SMS, Microsoft, DAAS, Chatbots, More News, and Jason Wood. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-316
Deciphering The National Cyber Workforce and Education Strategy - Dr. José-Marie Griffiths - BSW #315
August 08, 2023 09:00 - 55 minutes - 52.7 MBOn July 31st, 2023, the Biden administration released a national strategy addressing cyber workforce shortages, calling long-standing vacancies a national security imperative. The National Cyber Workforce and Education Strategy focuses on four major pillars: equipping every American with cyber skills, transforming cyber education, expanding and enhancing the national cyber workforce and strengthening the federal cyber workforce. The strategy relies heavily on non-governmental and private sec...
Surging Email Impersonation Threats, Creating Online Kids' Safety Community - Fareedah Shaheed, John Wilson - ESW #326
August 04, 2023 20:00 - 2 hours - 127 MBWhile malware and ransomware tend to dominate cybersecurity headlines, Fortra’s research shows that nearly 99% of email threats reaching corporate inboxes utilize impersonation rather than malware. Email impersonation is a key component of credential phishing, advance fee fraud, hybrid vishing, and business email compromise schemes. Because email impersonation scams rely on social engineering rather than technology, the barrier to entry for an aspiring cybercriminal is almost non-existent. I...
Midnight Blizzard, Cult of the Dead Cow, Five Eyes, Aaran Leyland, and More News - SWN #315
August 04, 2023 18:00 - 28 minutes - 28.4 MBMidnight Blizzard, Citrix, Bloodhound, Five Eyes, Canon, Cult of the Dead Cow, AI Shopping, Aaran Leyland, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-315
Incident Response Stories - Bill Swearingen - PSW #793
August 03, 2023 21:00 - 3 hours - 187 MBOur good friend Bill Swearingen joins us to talk about some of the incident response work he's been doing lately. Many people have it wrong, you don't need to be a cybersecurity ninja to respond to a security incident. Its about knowing who does what in your organization and executing a plan. Bill has put together a a set of free resources to help the community with incident response as well! Vistit the Awesome Incident Response project here: https://github.com/hevnsnt/Awesome_Incident_Respo...
Identity and Verifiable Credentials in Cars - Eve Maler - ASW #249
August 01, 2023 21:00 - 1 hour - 169 MBIdentity isn't new, but we do have new ways of presenting and protecting identity with things like payment wallets and verifiable credentials. But we also have identity in surprising places -- like cars. We'll answer some questions like: - Why do we even have identities in cars? - What else is your car connected to? - How should devs be thinking about security in this space? In the news segment, Zenbleed in AMD, Google's TAG sees a drop in zero-days, new security testing handbook from Trail ...
Throbbing Elon, China, Dragos, Ransomware, Tomcat, Ivanti, Jason Wood and More - SWN #314
August 01, 2023 18:00 - 32 minutes - 33.1 MBThis week in the Security News: Throbbing Gristle, China, Dragos, Ransomware, Tomcat, Ivanti, Radio Radio, My Mother the Car, Jason Wood, and More! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-314
How to Effectively Embrace and Protect Generative AI Tools, Models, & Data - Randy Lariar - BSW #314
August 01, 2023 16:08 - 52 minutes - 51.3 MBSome organizations are banning ChatGPT and other generative AI models out of fear of the risks they could introduce. While this is understandable, the reality is generative AI is accelerating so fast that, very soon, banning it in the workplace will be like blocking employee access to their web browser. Randy Lariar, Practice Director of Big Data, AI and Analytics at Optiv, will discuss how to embrace the new technology and shift the focus from preventing it in the workplace to adopting it s...
Post-Breach: The Hardening Continues - Sean Metcalf - PSW #792
August 01, 2023 13:57 - 3 hours - 223 MBOnce an incident has occurred and you've responded, then what? Join us for a chat with Sean Metcalf on what we can do to ensure our infrastructure remains resilient after a security incident. Segment description coming soon! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-792
Rethinking the CISO Model, Edge Ecosystem Insights - Nathan Case, Theresa Lanowitz - ESW #325
July 28, 2023 21:00 - 2 hours - 139 MBThe traditional concept of the CISO may literally be 'too much', according to Nathan Case. It's based on systems of control and unrealistic assumptions that don't survive contact with real life. In this conversation, we'll discuss what the top security leadership role should be, and how it differs from the current/old school concept. The concept of Edge computing has evolved over the years and now has a distinct role alongside the public cloud. AT&T Cybersecurity just released their 12...
GameOver(lay), ZenBleed, Maximus, Redline, the SEC, More News & Aaran Leyland - SWN #313
July 28, 2023 18:00 - 30 minutes - 30.2 MBGameOver(lay), ZenBleed, Maximus, Redline and others, the SEC, SiegedSec, Microsoft, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Navigating the Complexities of Development to Create Secure APIs - Kristen Bell - ASW #248
July 25, 2023 21:00 - 1 hour - 177 MBAppsec teams and developers must both understand the consequences of what they're doing when building APIs. Appsec teams need to push for collaboration and help implement tools that augment the development process. Dev teams need to wrangle complex architectures and work on addressing classes of vulns rather than just playing BugOps with scanner outputs. In the news, there's a (non-critical, but cool) RCE in ssh-agent forwarding, Node's vm2 bids adieu, zero-day from a CTF eventually makes it...
Improving Diversity and Accessibility in Cybersecurity - Laurie Salvail - BSW #313
July 25, 2023 09:00 - 1 hour - 84.3 MBCYBER.ORG, in partnership with CISA, is helping create a diverse cyber workforce by breaking down the barriers to cybersecurity education by improving access for all K-12 students nationwide. CYBER.ORG’s HBCU feeder program Project REACH was recently highlighted in CISA’s 2022 Year in Review as part of the agency’s commitment to improving diversity and accessibility in the field. Laurie Salvail, Director of CYBER.ORG, joins BSW to discuss: - Why the expansion of K-12 cybersecurity education ...
Citrix, Ivanti, DOJ changes, Elon X, TETRA Radio, Google WEI, Jason Wood, and More - SWN #312
July 25, 2023 00:00 - 30 minutes - 30.3 MBCitrix, Ivanti, DOJ changes, Elon X, TETRA Radio, Google WEI, Jason Wood, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-312
Enhancing Enterprise Security UX: Embracing Zero-ish Trust - Ryan Fried, Juliet Okafor - ESW #324
July 21, 2023 21:00 - 2 hours - 134 MBToday, we talk to Juliet about what's wrong with security programs today and what security leaders should be doing to fix them. We'll discuss how security programs can look rosy... until the incident hits, and the true posture of the organization is laid bare. How can CISOs still look good and maintain the org's trust under the worst of circumstances? In this interview, Jules will tell us how. Zero Trust is an imperfect concept and is often impractical to deploy comprehensively at scale, but...
AirGaps, Slackware, Mitnick, Awareness, Microsoft, Bad API, Aaran Leyland and More - SWN #311
July 21, 2023 18:00 - 31 minutes - 29.9 MBAirGaps, Slackware, Kevin Mitnick, Awareness, Microsoft, Bad API, JumpCloud, Megarac, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-311
Security Certification - Rohit Misuriya, Sumit Siddharth - PSW #791
July 20, 2023 21:00 - 3 hours - 189 MBThis week, up first is the Security News: Microsoft lost its keys, LOL drivers, If you were the CSO, try to keep employees happy but remove their accounts when they leave, gaming device finds a missing child, $3 brute forcing, undocumented instructions are sometimes the best instructions, remote code on your Oscilloscope, fuzzing satellites, routers are great places to hide, typos lead to information leaks of US military emails, pwning yourself, pwning security researchers, getting pwned by ...
Brian Glas - ASW #247
July 18, 2023 21:00 - 1 hour - 185 MBWhile much has been written and argued about the security of election systems - the things that do the actual ballot counting - there's other systems that have to be in place and secured before the vote can occur - voter registration databases, ballot delivery systems, etc. Might it be possible to use modern appsec concepts OWASP SAMM to secure them in a more efficient, targeted, cost-effective manner? Brian Glas joins us to talk about this and his ongoing work around providing students with...
Scotty in Hell, CISA, S3, White House,Microsoft, Mali, Jason Wood and More - SWN #310
July 18, 2023 18:00 - 29 minutes - 39 MBScotty in Hell, CISA, S3, the White House, Risky Devices, Microsoft, Mali, Virus Total, Jason Wood, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-310
Say Easy, Do Hard - BSW #312
July 18, 2023 09:00 - 1 hour - 57.1 MBLess than 50% of the Fortune 500 have a Chief Information Security Officer (CISO) or Chief Security Officer (CSO) listed on their executive team. Why is that? Is this role not considered an executive position? In part 1, we debate the role of the CISO/CSO and whether it is or is NOT and executive position. We've made a lot of progress over the last 20+ years, but has the role peaked? Will the role continue to get a seat at the table as a C-level executive or will it atrophy back to a VP or D...
SIEM Rules - Eric Capuano, Tim MalcomVetter - ESW #323
July 14, 2023 21:00 - 2 hours - 136 MBInfoSec might have a hoarding problem, but it’s easy to understand why. It’s almost impossible to know what logs you’re doing to need, when you’re going to need them, or for what reason. SIEM vendors have taken advantage of these InfoSec data FOMO tendencies, however, and are making a killing charging a premium for storage - even when the storage in question is your own on-prem hardware. There ARE alternatives, however, but it seems most folks aren’t aware of this. In this interview with Eri...
Microsoft, Zimbra, Rockwell, Joe Biden, Tax Software, Black Mirror, and Aaran Leyland - SWN #309
July 14, 2023 18:00 - 30 minutes - 29.6 MBMicrosoft, Zimbra, Rockwell, Joe Biden, Tax Software, Black Mirror, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-309
Getting Control Of Your Security Data Pipeline - JP Bourget - PSW #790
July 13, 2023 21:00 - 2 hours - 158 MBGetting the correct data in the right place for incident response is challenging. JP comes on the show to talk about how he is helping companies with these challenges, getting control of the security data pipeline while helping save costs! In the security news: Someone is going to get hurt, slow migrations, hiding on the Internet is hard, more Fortinet vulnerabilities, BLackLotus source code, the difficulties with roots of trust, stealthy rootkits, patching made easy?, rowhammer and gaslight...
Software Trust & Adversaries, Developer-Focused Security - Shannon Lietz, Melinda Marks - ASW #246
July 11, 2023 20:11 - 1 hour - 175 MBInfosec is still figuring out useful metrics, how to talk about risk, and how to make resilience more relevant. Shannon talks about a new community effort to measure software trust. She also covers threat modeling and adversary management as steps towards determining an org's resiliency and security. Segment Resources: https://community.ravemetrics.com Melinda will share results from her study last year on developer-focused security, "Walking the Line: Shift Left and GitOps Security" an...
Hairy Tongue, MoveIt redux, HCA, Apple, Threads, Jason Wood, and More on SWN - SWN #308
July 11, 2023 18:00 - 30 minutes - 29 MBGreen, Hairy Tongue, MoveIt redux, HCA, Apple, Threads, Jason Wood, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-308
The Golden Age of Email Security - Jess Burn - BSW #311
July 11, 2023 09:00 - 54 minutes - 49 MBA golden age is a time of great achievement in a society or industry — a time of innovation and the furthering of new ideas via new mediums or technological advancements. Email security is now entering a golden age after stagnating for the better part of a decade. Is it time to celebrate? Customers have more choice than ever when it comes to protecting how employees, customers, and partners communicate and collaborate. Often, those customers are choosing more than one email security partner ...
AI Bots - SWN Vault
July 07, 2023 09:00 - 38 minutes - 27.2 MBRobots have always had a kind of scaling from very mechanical to autonomous devices that are self aware. On this episode of SDL, Russ and Doug discuss AI, how bots work, and botnets in general. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/vault-swn-2
Zero to Full Domain Admin: The Real-World Story of a Ransomware Attack - Joseph Carson - ESW Vault
July 06, 2023 09:00 - 35 minutes - 17.4 MBCheck out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on August 11, 2022. Following in the footsteps of an attacker and uncovering their digital footprints, this episode will uncover an attacker’s techniques used and how they went from zero to full domain admin compromise, which resulted in a nasty ransomware incident. It will also cover general lessons learned from Ransomware Incident Response. Visit https://www....
The Psychology of Training - Matias Madou - ASW Vault
July 05, 2023 18:33 - 35 minutes - 18.8 MBCheck out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on May 23, 2022. Developers want bug-free code -- it frees up their time and is easier to maintain. They want secure code for the same reasons. We'll talk about how the definition of secure coding varies among developers and appsec teams, why it's important to understand those perspectives, and how training is just one step towards building a security culture. Visit...
Thoughts From A Security Legend - Dan Geer - PSW Vault
July 05, 2023 17:54 - 39 minutes - 15.8 MBWelcome to another edition of a Paul's Security Weekly Vault episode! This episode was previously recorded on April 5, 2012 and features an interview with none other than Dan Geer. Unfortunately there is no video for this episode, but the content is still relevant today. Dan Geer is a renowned cybersecurity expert and visionary. With a wealth of knowledge and experience in the field, Dan has made significant contributions to our understanding of information security and its implications. ...
Killer Robots - SDL - SWN Vault
July 04, 2023 09:00 - 24 minutes - 15.8 MBAI, machines, and killer robots, oh my! Elon Musk and 116 people sent a letter to the UN asking that Autonomous Weapons be banned. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/vault-swn-1
Russian Satellites, Cl0p, CISA, YouTube, ArcServ, EarlyRat, Aaran Leyland, & More - SWN #307
July 03, 2023 17:33 - 28 minutes - 27.3 MBThis week in the Security News, Dr. Doug talks: Russian Satellites, Cl0p, CISA, YouTube, ArcServ, EarlyRat, Aaran Leyland, and More on this edition of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-307
The Fifth Domain - Richard Clarke - BSW Vault
July 03, 2023 09:00 - 29 minutes - 12.9 MBThis week, we welcome Dick Clarke to discuss his new book, The Fifth Domain, and the need for cyber resilience, especially these days! In the Leadership and Communications segment, 4 Behaviors That Help Leaders Manage a Crisis, The Right Way to Keep Your Remote Team Accountable, 15 Steps to Take Before Your Next Video Call, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/vault-bsw-3
Unveiling DSPM & the Future of Cloud Data Security: State of IoT in 2023 - Dan Benjamin, Paddy Harrington - ESW #322
June 30, 2023 21:00 - 2 hours - 139 MBSecuring data is hard. Business stops when data flows are hindered, stopped, sometimes even slowed. Placing controls around data traditionally leads to more friction and less productivity. Can it be a different story in the cloud? Today, we find out when we talk to Dan Benjamin about why he founded Dig and the space they're trying to fill in public cloud services. Paddy Harrington joins us from Forrester research to discuss his findings in this year's state of IoT security report. Computers ...