SecurityWeek public
[search 0]
×
Best SecurityWeek podcasts we could find (updated May 2020)
Best SecurityWeek podcasts we could find
Updated May 2020
Join millions of Player FM users today to get news and insights whenever you like, even when you're offline. Podcast smarter with the free podcast app that refuses to compromise. Let's play!
Join the world's best podcast app to manage your favorite shows online and play them offline on our Android and iOS apps. It's free and easy!
More
show episodes
 
Ryan Naraine is the host of the SecurityWeek podcast series "Security Conversations". He is the head of Kaspersky Lab's Global Research & Analysis team in the USA and has extensive experience in computer security user education, specializing in operating system and third-party application vulnerabilities, zero-day attacks, social engineering and social networking threats.
 
If you’re looking to understand the business of security, then Business Security Weekly is your show! Matt and Paul cover security for senior managers and executives, including business challenges, leadership, and communications! Our special guests provide unique perspectives on real problems and solutions to help organizations secure their environments effectively. Learn how to build your security program, solve real problems, learn leadership skills and so much more!
 
Loading …
show series
 
In this week's Security News, NSA warns Russia-linked APT group is exploiting Exim flaw since 2019, Hackers Compromise Cisco Servers Via SaltStack Flaws, OpenSSH to deprecate SHA-1 logins due to security risk, all this and more with Special Guest Ed Skoudis, Founder of Counter Hack and Faculty Fellow at SANS Institute! To check out the SANS Pen Tes…
 
"Burn-In: A Novel of the Real Robotic Revolution" (May 26 release) is a new kind of novel+nonfiction. It uses the technothriller format as a way to share real research on the ways that AI+automation will shape our future, but also leave it vulnerable to a new scale of risks. That is, it is a fictional story following an FBI agent as she and a new p…
 
The MITRE ATT&CK framework has had a major impact on the cybersecurity industry and has given a defenders a haystack in which to focus their defensive efforts. What’s most interesting, perhaps, is where and how these TTPs intersect and how we can use that information to determine patterns and disrupt attacks by analyzing historical datasets. Visit …
 
What is the value of identity in a larger security conversation? Why does CyberArk partner with so many technology vendors? What’s the value to you, the customer? It’s an opportunity to talk about Privileged Access Management solution integrations with market leading software applications in the vulnerability management, SIEM, storage, discovery, o…
 
This week, MITRE ATT&CK for ICS: A Technical Deep Dive, Tufin Expands Security Automation Capabilities, Strengthen Business and Security Alignment with ThreatConnect, BeyondTrust Privilege Management for Windows and Mac SaaS Accelerates and Enhances Endpoint Security, Re-imaging threat detection, hunting and response with CTI, and more! Visit https…
 
In the Security News, Hackers target the air-gapped networks of the Taiwanese and Philippine military, Stored XSS in WP Product Review Lite plugin allows for automated takeovers, Remote Code Execution Vulnerability Patched in VMware Cloud Director, Shodan scan of new preauth RCE shows 450k devices at risk including all QNAP devices, and The 3 Top C…
 
HTTP security headers are an easy and effective way to harden your application against all kinds of client side attacks. We'll discuss which security headers there are, what functions they have and how to use them properly. Security Header Whitepaper: https://www.netsparker.com/whitepaper-http-security-headers/ Slide Show: https://securityweekly.co…
 
The guests on Trust Me I'm Certified have dropped some real knowledge and I'd like to distill that down as well as talk about building technical skills, looking at your career as a 'thing' that needs care and feeding, and the BSidesNH conference. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.security…
 
In this segment we'll discuss why email security is still not a solved problem and how now that people are increasingly working from home, it poses an increased risk. We'll also share some interesting attacks that we've uncovered in the past several weeks since the beginning of shelter-in-place. Visit https://www.securityweekly.com/esw for all the …
 
Whether it's an external red team, internal red team, vulnerability scanning data, or a self-assessment questionnaire, results from all of these different types of assessments must be tracked and managed. Dan from Plextrac will walk you through how to track and manage all of these activities in one place! To learn more about PlexTrac or to claim yo…
 
RSA Conference 2021 Changes Date from February to May 2021, Docker partners with Snyk on container image vulnerability scanning, Venafi acquires Jetstack to bring together developer speed and enterprise security, Onapsis expands assessments for its Business Risk Illustration service, Volterra launches VoltShare to simplify the process of securely e…
 
Meet Ann Cleaveland, the Executive Director of the Center for Long-Term Cybersecurity, a research and collaboration think tank housed within the University of California, Berkeley School of Information. Anne will tell us about the work that the CLTC is doing, why "Long-Term" is in the name, and introduce us to their recent joint study with Booz All…
 
Meet Ann Cleaveland, the Executive Director of the Center for Long-Term Cybersecurity, a research and collaboration think tank housed within the University of California, Berkeley School of Information. Anne will tell us about the work that the CLTC is doing, why "Long-Term" is in the name, and introduce us to their recent joint study with Booz All…
 
In the leadership and communications section, Burnt out CISOs are a huge cyber risk, to build strategy, start with the future, 78% of Organizations Use More than 50 Cybersecurity Products to Address Security Issues, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode…
 
As many organizations look to their "new normal," remote work will likely be a large piece of that strategy. Adler will dive into the impact this has on the SOC and why EDR should be top-of-mind. To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity To check out the RSA NetWitness Platform (SIEM and integrated EDR), visit:…
 
This week, we welcome Mike Adler, Vice President of RSA NetWitness Platform at RSA Security, for a conversation on the question: Is the Virtual SOC Our "New Normal"? In the Leadership and Communications segment, Burnt out CISOs are a huge cyber risk, to build strategy, start with the future, 78% of Organizations Use More than 50 Cybersecurity Produ…
 
The 2020 OSSRA report shows that 91% of commercial applications contain outdated or abandoned open source components. The report, produced by the Synopsys Cybersecurity Research Center (CyRC), examines the results of more than 1,250 audits of commercial codebases, performed by the Black Duck Audit Services team. The most concerning trend in this ye…
 
Rate limiting can be used to protect against a number of modern web application and API attacks. We’ll discuss some of those attacks, including Object ID enumeration, in detail, will demo an attack and will show how using rate limiting in our solution can protect against these attacks. To learn more about Signal Sciences, visit: https://securitywee…
 
In the Security News, Palo Alto Networks Patches Many Vulnerabilities in PAN-OS, Zerodium will no longer acquire certain types of iOS exploits due to surplus, New Ramsay Malware Can Steal Sensitive Documents from Air-Gapped Networks, vBulletin fixes critical vulnerability so patch immediately!, U.S. Cyber Command Shares More North Korean Malware Va…
 
We use terms such as Social Distancing, Quarantine, and Contact Tracing on a regular basis amid the current crisis. How do these apply to Information and Network Security? To learn more about Edgewise Networks or to request a Demo, visit: https://securityweekly.com/edgewise Visit https://www.securityweekly.com/psw for all the latest episodes! Show …
 
In this episode of Paul's Security Weekly, we will dive into the recently published MITRE ATT&CK second-round evaluation based on APT29. While MITRE does not declare a "winner," stressing that the results enable users to make informed decisions on what tools meet their needs, It's notable how many vendors claimed victory shortly after the results w…
 
Many companies hire external consultants to conduct incident response and remediation, which can add up quickly in cost. By providing these security consultants with network data in seconds as opposed to hours or days, we can drastically reduce remediation costs and speed breach containment. To learn more about VIAVI Solutions, visit: https://secur…
 
Discuss approach to vulnerability management at Toyota Financials and benefits of a full life-cycle approach to vulnerability management. To learn more about Qualys VMDR, visit: https://securityweekly.com/qualys Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode183…
 
In the Enterprise Security News, how GitHub Code Scanning aims to prevent vulnerabilities in open source software, SlashNext Integrates with Palo Alto Networks Cortex XSOAR to Deliver Automated Phishing IR and Threat Hunting, Portshift Announces Extended Kubernetes Cluster Protection, Vigilant Ops InSight Platform V1 automatically generates device …
 
In the leadership and communications section, Top 5 Tactical Steps for a New CISO, Good Leadership Is About Communicating “Why”, 5, ok maybe only 4, CISO Priorities During the COVID-19 Response, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode173…
 
This week, we welcome back Dr. Mike Lloyd, CTO at RedSeal, to talk about Lessons for Cybersecurity From a Pandemic! In the leadership and communications section, Top 5 Tactical Steps for a New CISO, Good Leadership Is About Communicating Why , 5, ok maybe only 4, CISO Priorities During the COVID-19 Response, and more! Show Notes: https://wiki.secur…
 
The coronavirus has focused the world’s attention on disease spread like never before. This discussion will draw out some of the parallels that can inform how we do our work in cybersecurity, and that are helpful in communicating with the people who pay the bills. All the new vocabulary around “social distancing”, “contact tracing”, and “flattening…
 
In the Application Security News, Cloud servers hacked via critical SaltStack vulnerabilities, Samsung Confirms Critical Security Issue For Millions: Every Galaxy After 2014 Affected, Mitigating vulnerabilities in endpoint network stacks, Microsoft Shells Out $100K for IoT Security, and Secure your team’s code with code scanning and secret scanning…
 
DevOps and Agile IT practices have been around for a while. However, security teams are just now catching up. We will discuss how security teams can stop being “showstoppers” for the developers and actually work with them, not against them. Focus will be around empowering the developers with open source secrets management, securing endpoints and cl…
 
In the Security News, Naikon APT Hid Five-Year Espionage Attack Under Radar, PoC Exploit Released for DoS Vulnerability in OpenSSL, 900,000 WordPress sites attacked via XSS vulnerabilities, Kaiji, a New Linux Malware Targets IoT Devices in the Wild, Another Stuxnet-Style Vulnerability Found in Schneider Electric Software, and remembering the ILOVEY…
 
Lots of IT and security professionals do not want to use the CLI, which has set them back. Fantastic exposes the same power as the CLI in an easy to use GUI that is more consistent and hopefully easier to navigate/use than the native GUI tools. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securitywe…
 
Public utilities are under fire from malicious actors now, more than ever. At the same time, authorities for National Guard units are expanding, allowing greater levels of support. However, this only works when relationships already exist. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.…
 
Executing on a successful program and proving its efficacy is an impossibility for many security teams. Tune in as we discuss what steps you can take immediately to set more effective goals, track progress and share your success. You'll also have the opportunity to see how Rapid7's Vulnerability Management solution, InsightVM can help you create an…
 
Broad shifts to remote access plus increased strain on budgets and resources make it a business imperative to accelerate cloud adoption, and do it securely. Network detection and response bridges the gap between security and network teams and enables scalable visibility and security for cloud and multicloud environments. To learn more about ExtraHo…
 
Microsoft is to buy Israeli cybersecurity startup CyberX, ExtraHop Data Shows Shifts in IoT Device Usage During COVID-19 Have Broad Security Implications, Immuta and Snowflake help customers share data with automated privacy protection, Code42 Integrates with Palo Alto Networks Cortex XSOAR to Speed and Automate Insider Threat Incident Response, an…
 
Today we will discuss the PCI DSS and some of its myths, misunderstandings, and misconceptions, including: Why most vendors don't understand how their products fit within PCI, The six overall goals of the PCI DSS, Why PCI is perceived as a check box program, and more! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes:…
 
In the leadership and communications section, CISO position burnout causes high churn rate, 7 Rules for Staying Productive Long-Term, Now Is an Unprecedented Opportunity to Hire Great Talent, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode172…
 
This week, we welcome Graeme Payne, President at Cybersecurity4Executives, to discuss Impacts of a Data Breach! During the Equifax 2017 Data Breach, Graeme Payne was Senior Vice President and CIO of Global Corporate Platforms. He was fired the day before the former Chairman and CEO of Equifax testified to Congress that the root cause of the data br…
 
During the Equifax 2017 Data Breach, Graeme Payne was Senior Vice President and CIO of Global Corporate Platforms. He was fired the day before the former Chairman and CEO of Equifax testified to Congress that the root cause of the data breach was a human error and technological failure. Graeme would later be identified as “the human error”. Visit h…
 
This week in the Application Security News, “Psychic Paper” demonstrates why a lack of safe and consistent parsing of XML is disturbing, Beware of the GIF: Account Takeover Vulnerability in Microsoft Teams, Salt Bugs Allow Full RCE as Root on Cloud Servers, Managing risk in today’s IoT landscape: not a one-and-done, and Love Bug's creator tracked d…
 
This week, we welcome Gareth Rushgrove, Director of Product Management at Snyk, to talk about Modern Application Security and Container Security! They also discuss Configuration Management, how developers are writing more Docker and Kubernetes Container files, and more! To learn more about Snyk, visit: https://securityweekly.com/snyk Visit https://…
 
The crew talks about how to accomplish asset management, vulnerability management, prioritization of remediation, and the actual remediation steps! No small task! Then check out a deep dive demonstration of Qualys VMDR that includes, you guessed it, Asset Management, Vulnerability Management, Threat Detection & Prioritization, and Response! To lear…
 
In the Security News, Half a Million Zoom Accounts Compromised by Credential Stuffing, Sold on Dark Web, Scammers pounce as stimulus checks start flowing, NSA shares list of vulnerabilities commonly exploited to plant web shells, Using Pythons pickling to explain Insecure Deserialization, How to encrypt AWS RDS MySQL replica set with zero downtime …
 
Jeremy Miller, a former Green Beret and current CEO of Lionfish Cyber Security, will discuss how mission set tactics used by Special Forces can be applied directly to the cyber war being waged today. These mission sets are very relevant for the front line of cybersecurity professionals, who are the next generation of Special Operation forces. These…
 
Unfortunately, the pandemic has been used as the subject in an aggressive spike of malicious cyber attacks attempting to monopolize the situation. Knowing how and where to focus your security efforts first is critical in maintaining security and privacy. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.…
 
Loading …
Google login Twitter login Classic login