Player FM - Internet Radio Done Right
156 subscribers
Checked 14h ago
Lagt til ten år siden
Innhold levert av Security Weekly Productions and Security Weekly. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Security Weekly Productions and Security Weekly eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.
Player FM - Podcast-app
Gå frakoblet med Player FM -appen!
Gå frakoblet med Player FM -appen!
Security Weekly Podcast Network (Video)
Merk alt (u)spilt...
Manage series 72776
Innhold levert av Security Weekly Productions and Security Weekly. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Security Weekly Productions and Security Weekly eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
…
continue reading
4391 episoder
Merk alt (u)spilt...
Manage series 72776
Innhold levert av Security Weekly Productions and Security Weekly. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Security Weekly Productions and Security Weekly eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
…
continue reading
4391 episoder
Alle episoder
×1 The Future Of The CISO - Part 2 - Jess Burn, Jeff Pollard - BSW #379 27:28
27:28
Spill senere
Spill senere
Lister
Lik
Likt
27:28Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team, and Jess Burn, Principal Analyst, both from Forrester Research join Business Security Weekly to discuss the second part of The Future Of The CISO report. What if you don't like the future of the CISO role and want to get out? The report also provides guidance on what comes after the CISO role, as leaders contemplate the next step in their career. If you think it's a board role, you better know what skills are needed, as cybersecurity by itself is not enough. Join in for part 2. Show Notes: https://securityweekly.com/bsw-379…
1 The Future Of The CISO - Part 1 - Jess Burn, Jeff Pollard - BSW #379 32:14
32:14
Spill senere
Spill senere
Lister
Lik
Likt
32:14Becoming a CISO is a lofty goal for many security and risk pros, and the role brings new sets of challenges. CISOs who accept the wrong opportunities will be forced to conform, rather than excel, and take on outsized liability for the scope of responsibilities. Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team, and Jess Burn, Principal Analyst, both from Forrester Research join Business Security Weekly to discuss The Future Of The CISO report. This report outlines the six most common types of CISOs based on Forrester Research and interactions with security leaders, including the characteristics and competencies of each type. This report helps security leaders define who they are, their values, and optimal situations for their skill set. Show Notes: https://securityweekly.com/bsw-379…
1 Smishing, Microsoft, Star Blizzard, Sneaky Log, VMARE, Josh Marpet, and more... - SWN #444 34:45
34:45
Spill senere
Spill senere
Lister
Lik
Likt
34:45Smishing, Microsoft, Star Blizzard, Sneaky Log, VMARE, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-444
1 Appsec Predictions for 2025 - Cody Scott - ASW #314 52:10
52:10
Spill senere
Spill senere
Lister
Lik
Likt
52:10What’s in store for appsec in 2025? Sure, there'll be some XSS and SQL injection, but what about trends that might influence how appsec teams plan? Cody Scott shares five cybersecurity and privacy predictions and we take a deep dive into three of them. We talk about finding value to appsec from AI, why IoT and OT need both programmatic and technical changes, and what the implications of the next XZ Utils attack might be. Segment resources: https://www.forrester.com/blogs/predictions-2025-cybersecurity-risk-privacy/ Show Notes: https://securityweekly.com/asw-314…
This week in the enterprise news - Cymulate acquires CYNC Secure, Tidal Cyber acquires Zero-Shot, Amazon ransomware attack, and more! Show Notes: https://securityweekly.com/esw-390
1 50,000 critical exposures + one of the most vulnerable IT environments: our schools - Kiran Chinnagangannagari, Jeff Smith - ESW #390 33:35
33:35
Spill senere
Spill senere
Lister
Lik
Likt
33:35I've been so excited to see the external attack surface management (EASM) market take off in the past few years. This market category focuses exclusively on security issues exposed to the public Internet - issues ANYONE can see. All organizations have exposure management problems, but industries that are traditionally underfunded when it comes to cybersecurity and IT are particularly worse off. We see breaches in these industries every day - industries like manufacturing, healthcare, and education. Of course, exposure issues don't stop at the network boundary - all organizations have internal exposures to worry about as well. With all the breaches we see every week, we've become somewhat desensitized to them. Is it possible to address even just the most critical exposures (a fraction of 1% of all vulnerabilities) in one of the most underfunded industries? In this episode, we dive into how a small school system in New Mexico took on this challenge. Show Notes: https://securityweekly.com/esw-390…
1 The Next Era of Data Security: AI, Cloud, & Compliance - Dimitri Sirota - ESW #390 32:26
32:26
Spill senere
Spill senere
Lister
Lik
Likt
32:26Today's data landscape is undergoing a seismic shift with increasing regulatory pressures, rapid acceleration to the cloud, and AI adoption. Join BigID's CEO and Co-Founder, Dimitri Sirota, to learn how organizations can adopt a holistic approach to their data security and compliance strategy to keep up with the revolution in data, transforming their data into a competitive advantage. This segment is sponsored by BigID! Start protecting your sensitive data wherever your data lives at https://securityweekly.com/bigid . Show Notes: https://securityweekly.com/esw-390…
1 AIs in Love, UEFI, Fortinet, Godaddy, Juggalos, Aaran Leyland, and More. - SWN #443 39:25
39:25
Spill senere
Spill senere
Lister
Lik
Likt
39:25AIs in Love, UEFI, Fortinet, Godaddy, Juggalos, Aaran Leyland, and More. In this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-443
1 Stopping The Bad Things - PSW #857 2:33:47
2:33:47
Spill senere
Spill senere
Lister
Lik
Likt
2:33:47Rob from ThreatLocker comes on the show to talk about how we can disrupt attacker techniques, including Zero Trust, privilege escalation, LOLbins, and evil virtualization. In the news we talk about security appliances and vulnerabilities, rsync vulnerabilities, Shmoocon, hacking devices, and more! This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/psw-857…
1 Boards Stepping Up, as CISOs Build Stronger Bonds with Legal and Safeguard Leadership - BSW #378 36:18
36:18
Spill senere
Spill senere
Lister
Lik
Likt
36:18In the leadership and communications segment, New Year, New Cyber Threats: How Boards Are Stepping Up (or Not), Why CISOs should build stronger bonds with the legal function in 2025, New Managers: You Don’t Need to Know It All, and more! Show Notes: https://securityweekly.com/bsw-378
1 Smishing, Beyond Trust, CryptoReligion, Aviatrix, Azure, Josh Marpet, and more... - SWN #442 39:15
39:15
Spill senere
Spill senere
Lister
Lik
Likt
39:15Smishing, Beyond Trust, CryptoReligion, Aviatrix, Azure, Little Red Books, AI Abuse, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-442
1 PyPI's Quarantine, Phishing & Awareness, Porting Fishshell to Rust, Cyber Trust Mark - ASW #313 31:43
31:43
Spill senere
Spill senere
Lister
Lik
Likt
31:43Design lessons from PyPI's Quarantine capability, effective ways for appsec to approach phishing, why fishshell is moving to Rust component by component (and why that's a good thing!), what behaviors the Cyber Trust Mark might influence, and more! Show Notes: https://securityweekly.com/asw-313
1 Discussing Useful Security Requirements with Developers - Ixchel Ruiz - ASW #313 36:04
36:04
Spill senere
Spill senere
Lister
Lik
Likt
36:04There's a pernicious myth that developers don't care about security. In practice, they care about code quality. What developers don't care for is ambiguous requirements. Ixchel Ruiz shares her experience is discussing software designs, the challenges in prioritizing dev efforts, and how to help open source project maintainers with their issue backlog. Segment resources: https://github.com/ossf/scorecard https://www.commonhaus.org/ https://www.hackergarten.net/ Show Notes: https://securityweekly.com/asw-313…
1 Celebrity investors, creator metrics, and Chrome extension compromise - ESW #389 54:27
54:27
Spill senere
Spill senere
Lister
Lik
Likt
54:27In this latest Enterprise Security Weekly episode, we explored some significant cybersecurity developments, starting with Veracode’s acquisition of Phylum, a company specializing in detecting malicious code in open-source libraries. The acquisition sparked speculation that it might be more about Veracode staying relevant in a rapidly evolving market rather than a strategic growth move, especially given the rising influence of AI-driven code analysis tools. We also covered One Password's acquisition of a UK-based shadow IT detection firm, raising interesting questions about their expansion into access management. Notably, the deal involved celebrity investors like Matthew McConaughey and Ashton Kutcher, suggesting a trend where Hollywood influence intersects with cybersecurity branding. A major highlight was the Cyber Haven breach, where a compromised Chrome extension update led to stolen credentials. The attack was executed through a phishing campaign disguised as a Google policy violation warning. To their credit, Cyber Haven responded swiftly, pulling the extension within two hours and maintaining transparency throughout. This incident underscored broader concerns around the poor security of browser extensions, an issue that continues to be exploited due to lax marketplace oversight. We also reflected on Corey Doctorow's concept of "Enshittification," critiquing platforms that prioritize profit and engagement metrics over genuine user experiences. His decision to disable vanity metrics resonated, especially considering how often engagement numbers are inflated in corporate settings. The episode wrapped with a thoughtful discussion on how CISOs can say "no" more effectively, emphasizing "yes, but" strategies and the importance of consistency. We also debated the usability frustrations of "magic links" for authentication, arguing that simpler alternatives like passkeys or multi-factor codes could offer a better balance between security and convenience. Show Notes: https://securityweekly.com/esw-389…
1 Building a map of hacker history, one conversation at a time - Nathan Sportsman - ESW #389 31:25
31:25
Spill senere
Spill senere
Lister
Lik
Likt
31:25We're a fan of hacker lore and history here at Security Weekly. In fact, Paul's Security Weekly has interviewed some of the most notable (and notorious) personalities from both the business side of the industry and the hacker community. We're very excited to share this new effort to document hacker history through in-person interviews. The series is called "Where Warlocks Stay Up Late", and is the creation of Nathan Sportsman and other folks at Praetorian . The timing is crucial, as a lot of the original hackers and tech innovators are getting older, and we've already lost a few. References: Check out the Where the Warlocks Stay Up Late website and subscribe to get notified of each episode as it is released Check out the anthropological hacker map and relive your misspent youth! Show Notes: https://securityweekly.com/esw-389…
Velkommen til Player FM!
Player FM scanner netter for høykvalitets podcaster som du kan nyte nå. Det er den beste podcastappen og fungerer på Android, iPhone og internett. Registrer deg for å synkronisere abonnement på flere enheter.