PLAY PODCASTS
Paul's Security Weekly (Video)

Paul's Security Weekly (Video)

1,206 episodes — Page 13 of 25

Fighting the Cyber War With Battlefield Tactics - Jeremy Miller, Philip Niedermair - PSW #649

Jeremy Miller, a former Green Beret and current CEO of Lionfish Cyber Security, will discuss how mission set tactics used by Special Forces can be applied directly to the cyber war being waged today. These mission sets are very relevant for the front line of cybersecurity professionals, who are the next generation of Special Operation forces. These are the men and women that protect our country, our businesses and our families. Approaching the cyber war with this mindset, Miller is re-aligning how cybersecurity in small to medium sized businesses is structured. His team plans to be a force multiplier for SMBs by bundling resources and capabilities into an affordable security platform, making cyber security more a strength than a weakness for these organizations. Link to the Cyberspace Solarium Commission (CSC): https://www.solarium.gov/ Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode649

May 1, 202052 min

iOS Mail Hijack, Hacking Satellites, & 0-Days for Days - PSW #648

In the Security News, Legions of cybersecurity volunteers rally to protect hospitals during COVID-19 crisis, Wanna hack a Satellite? The Navy will let you…, IBM 0-day released for days after notification - IBM said "won't fix!", Zoom Dropped by Big Business Despite Addressing Security Flaws, Android Users Beware: Google Just Banned These Devious Apps With 69 Million Installs, NSA shares list of vulnerabilities commonly exploited to plant web shells, German Government Loses 'Tens of Millions' in COVID-19 Phishing Attack, and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode648

Apr 25, 20201h 26m

Layer8 Conference & WorkshopCon - Ori Zigindere, Patrick Laverty - PSW #648

Patrick Laverty created and co-organizes the Layer 8 Conference with Lea Snyder. This year will be the 3rd annual conference that solely focuses on social engineering and OSINT topics. Ori Zigindere is an offensive security professional with a background in software engineering. He works with a wide range of companies in all major industries to help them improve their security posture against day to day threats. Patrick and Ori join us today to talk about the Layer8 Conference, and WorkshopCon! To sign up for the Layer8 Conference, please visit: https://layer8conference.com/ Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode648

Apr 25, 202040 min

The Insider Threat - Steven Bay - PSW #648

Steven Bay has over 16 years of cybersecurity experience, spanning the military, government, consulting, and enterprise security. For 10 of those years, he supported the National Security Agency both as a member of the military and a contractor. In 2013 he hired Edward Snowden to a contract position in Hawaii and was his manager when Snowden fled the country with top-secret NSA data. Following this, he moved into commercial cybersecurity where he provided IR and Threat Intelligence services to Fortune 500 companies, served as a CISO, and today is the Director of Security Operations at Security On-Demand. He also is a keynote speaker where shares his story and lessons learned from his Snowden experience at industry groups, corporate events, and student groups. To watch our interview with Steven Bay on Enterprise Security Weekly #170, visit: https://youtu.be/nbnSSiVUSSw Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode648

Apr 24, 202059 min

Hospital Hackers, $500K Zoom 0day, & SFO Windows Hackers - PSW #647

This week in the Security News, How to teach your iPhone to recognize you while wearing a mask, Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic, VMware plugs critical flaw in vCenter Server, Russian state hackers behind San Francisco airport hack, Macs Are More Secure, and Other Jokes You Can Tell Yourself, and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode647

Apr 18, 20201h 24m

Pen Testing to Validate Vulnerability Scanners - Magno Gomes - PSW #647

Many people inaccurately use vulnerability scans or vulnerability assessments as terms that are synonymous with penetration tests. Those that do know the difference often think you have to choose between the two. But that's not the case. This segment will cover why and how pen testing can be used to validate vulnerability scanner results. To learn more about Core Security, visit: https://securityweekly.com/coresecurity Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode647

Apr 18, 202024 min

Threat Intel Program Strategies - Wade Woolwine - PSW #647

Defining key areas of investment that organizations need to consider in their programs. Within the areas of investment, we talk about functional areas and defining capabilities within each functional area. The end goal is to have a framework that folks can use to document their security program, measure evolution over time, share best practices, organize content and data, and be used as a reference architecture based on community input. To learn more about Rapid7 or to request a demo, visit: https://securityweekly.com/rapid7 Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode647

Apr 17, 202049 min

Zoom, Kubernetes, and Hacking - PSW #646

A little about Zoom vulnerabilities and data leaks and Cisco Webex vulnerabilities. We talk about security Kubernetes and how the same security principals apply, vulnerabilities in ICS systems and how hackers can help improve society. Oh, and smart toilets that scan your, er, logs. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode646

Apr 11, 20201h 8m

Tales From The Crypt...Analyst - Part 2 - Jeff Man - PSW #646

In the second part of our interview series with the legend Jeff Man, he continues his discussion with Paul, Matt, and Lee, about the many myths, legends and fables in hacker history. One of the themes of these legends surrounds some of the first red team hackers working for the US Government out of NSA. The building where they worked was called "The Pit". Jeff Man sits with us for this segment to talk about, where he can, the history and events that transpired during his tenure with the NSA. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode646

Apr 11, 20201h 28m

To Hunt or Not To Hunt; This is Never a !=? - Tyler Robinson - PSW #646

We welcome Security Weekly's own Tyler Robinson for a Technical Segment, to talk about how individuals are tracked and then demonstrates different TTPs Nisos uses to hunt and track people of interest. Using a modified version of Trape, ngrok, and DNS setup, Tyler shows how much information and tracking data can be gathered and further used for ongoing operations by simply clicking a link or visiting a page with embedded JavaScript. To view ngrok, visit: https://www.ngrok.com/ To check out the Trape tool, visit: https://github.com/jofpin/trape Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode646

Apr 10, 202059 min

Security News - To Zoom or Not to Zoom - PSW #645

This segment will largely focus on the recent Zoom vulnerabilities and the responses from security researchers, the security community and enterprises. Should you stop using Zoom? Tune in to find out! (Hint: Uhm, probably not). Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode645

Apr 4, 20201h 32m

IoT Devices: Security and Privacy Labels Research - Lorrie Cranor - PSW #645

At Carnegie Mellon University we are designing a usable security and privacy label for smart devices to help consumers make informed choices about Internet of Things device purchases and encourage manufacturers to disclose their privacy and security practices. The label includes information on privacy and security practices of the smart device, such as the type of data the device collects and whether or not the device gets automatic security updates. Based on research with both consumers and experts, we have designed a two-layer label that includes a simple, understandable primary layer for consumers and a more detailed secondary layer that includes information important to experts. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode645

Apr 4, 202049 min

Collaboration Between NetOps and SecOps in Today's World - Matt Allen - PSW #645

Matt and the Security Weekly crew will discuss how the interaction between network engineers and security operations has changed over the years, as well as the value of the network when identifying security threats and performing remediation. For more information on VIAVI Solutions, visit: https://securityweekly.com/viavi Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode645

Apr 3, 202049 min

Drobo Exploit, Docker Escape, SMBv3.11 - PSW #644

SANS Penetration Testing | Microsoft SMBv3.11 Vulnerability and Patch CVE-20200796 Explained, Drobo 5N2 4.1.1 - Remote Command Injection, $100K Paid Out for Google Cloud Shell Root Compromise, WordPress, Apache Struts Attract the Most Bug Exploits, Run Docker nginx as Non-Root-User. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode644

Mar 21, 20201h 21m

Zen And The Art Of Logs In The Cloud - Corey Thuen - PSW #644

Struggling with how to get your logs from the cloud? Have no fear, Corey and the Security Weekly crew talk about how to configure your logs in the cloud, use cloud-native services to handle the shuffling of logs in and out of the cloud, and control your costs! We conclude by talking a bit about Windows Event logs and overcoming some gotchas. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode644

Mar 20, 202053 min

Work from home securely - PSW #644

The challenges and differentiated values of desktop and laptop protection and administrative tool control (e.g., Powershell, SSH) for remote users and administrators to work securely. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode644

Mar 20, 202058 min

Protecting Data on Employee 0wned PCs - Gabe Gumbs - PSW #643

COVID-19, among other things, has deemed it necessary for many to work from home. There are several security concerns that need to be raised, such as those who work from home still require access to data and services. How many will store sensitive information on their personal computers? How will attackers change their strategy to target those working from home? Tune in to this segment for the full discussion! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode643

Mar 15, 20201h 1m

Connected devices security - Dorit Naparstek - PSW #643

Hacks performed on connected & IoT devices, such as routers, security cameras, smart meters, etc. are increasingly common, and revealing major vulnerabilities in existing security measure. This vicious cycle of hack & patch can be broken by adopting a new approach that introduces the role of flash memory in securing devices. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode643

Mar 15, 202029 min

Girls Who Hack and Secure Open Vote - Bianca Lewis - PSW #643

Girls Who Hack teaches classes primarily to middle school girls on hacking and making. Secure Open Vote is an end to end, open source election system that is in the design stages. www.BiaSciLab.com www.GirlsWhoHack.com www.SecureOpenVote.com Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode643

Mar 14, 202056 min

Tomcat, AWS Malware, Hacker Movies - PSW #642

Apache Tomcat AJP exploit, malware in AWS, hacker movies and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode642

Mar 9, 20201h 43m

Mark Cooper, PKI Solutions - Mark Cooper - PSW #642

How SHAKEN/STIR and PKI will end the global robocall problem Link to an article Mark wrote for Dark Reading: https://www.darkreading.com/endpoint/shaken-stir-finally!-a-solution-to-caller-id-spoofing/a/d-id/1336285 Link to landing page with more info: https://www.pkisolutions.com/shakenstir/ Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode642

Mar 8, 202047 min

Active Directory, Azure and Windows Security - Sean Metcalf - PSW #642

Active Directory & Microsoft Cloud (Azure AD & Office 365) Security, including a breakdown of Microsoft's security offerings and recommendations for cloud migrations for Active Directory. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode642

Mar 8, 20201h 0m

Cool Things We Found At RSAC 2020 - PSW #641

We found some cool stuff at RSAC 2020! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode641

Mar 2, 202027 min

Protect Ya Data - Gabe Gumbs - PSW #641

Gabriel Gumbs and the Security Weekly crew discuss strategies for protecting your data. We will explore practical use-cases for needing to manage access and protect your data as it pertains to security and compliance. Protect what matters most. Visit https://securityweekly.com/spirion for more information. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode641

Mar 1, 202033 min

Tales From The Crypt...Analyst - Jeff Man - PSW #641

There are many myths, legends and fables in hacker history. One of the themes of these legends surrounds some of the first red team hackers working for the US Government out of NSA. The building where they worked was called "The Pit". Jeff Man sits with us for this segment to talk about, where he can, the history and events that transpired during his tenure with the NSA. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode641

Mar 1, 202049 min

Tesla Sensors, Israeli Soldiers Phished, Machine Learning - PSW #640

Nedbank Says 1.7 Million Customers Impacted by Breach at Third-Party Provider, 500 Chrome Extensions Caught Stealing Private Data of 1.7 Million Users, 5 inch piece of electrical tape can fool Tesla sensors, Israeli soldiers phished by HAMAS posing as interested women, and a simple guide to AI, Deep Learning, and Machine Learning. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode640

Feb 24, 20201h 23m

Kubernetes/Container Security - Ian Coldwater - PSW #640

Ian Coldwater is the Lead Platform Security Engineer at Heroku. Ian will discuss Kubernetes and container security! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode640

Feb 23, 202054 min

Unifying SIEM And Endpoint Security - PSW #640

Elastic recently released Elastic Security 7.6 - the culmination of months of work by the security team and a monumental leap forward toward delivering a unified threat protection and security analytics solution. At the core of our solution is Elasticsearch, powering a new SIEM detection engine that automates threat detection and comes with 100+ prebuilt rules aligned with the MITRE ATT&CK framework to identify known and unknown threats. We would like to talk about these milestone features in the context of bringing SIEM and endpoint security together in a single UI. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode640

Feb 22, 202056 min

Docker, 42 Vulnerabilities, Backdoors, Spying on 100+ Foreign Govs. - PSW #639

In the Security News, Misconfigured Docker Registries Expose Thousands of Repositories, a Forgotten motherboard driver turns out to be perfect for slipping Windows ransomware past antivirus checks, Jail Software Left Inmate Data Exposed Online, Adobe patches 42 vulnerabilities across 5 products, and how the CIA Secretly Owned Global Encryption Provider, Built Backdoors,& Spied On 100+ Foreign Governments! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode639

Feb 16, 20201h 17m

The Unprotected Attack Surface of the Enterprise - John Loucaides - PSW #639

Hackers are using firmware implants and backdoors to compromise enterprise security with attacks that are stealthy and persistent. It's time for information security specialists to learn how to attack and defend enterprise infrastructure. John will provide a preview of his upcoming presentation at InfoSec World where he will demonstrate attacks on firmware that are invisible to traditional security platforms, and show how to detect and defend against them. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode638

Feb 15, 20201h 16m

Living in Blue Team Land and Skicon - O'Shea Bowens - PSW #639

O'Shea Bowens is the CEO of Null Hat Security. O'Shea will discuss why I think blue teaming is as essential now as our red brothers. Mistakenly calling out APT's. A new type of security conference I've created, SKICON. If there is time, diversity in cyber. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode638

Feb 14, 202052 min

Security News - PSW #638

In the Security News, Twitter fixes API bug that can reveal users, Microsoft patches flaws in Azure stack, 8 cities that have been crippled by cyber attacks and how they fought against it, and so much more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode638

Feb 9, 20201h 9m

Adventures In AWS Computing - PSW #638

Paul shows you how to create secure Docker containers and begin to deploy them to Amazon ECS. This segment focuses on the security aspects of taking a legacy/non-contanerized application to the cloud. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode638

Feb 8, 20201h 13m

BADASS Army - The Fight Against Revenge Porn - Katelyn Bowden - PSW #638

After finding her own intimate photos online without her consent, Katelyn Bowden discovered that there weren't many resources for those who find themselves victims of this sort of abuse. In response, she started B.A.D.A.S.S., a nonprofit dedicated to fighting image abuse through victim empowerment and awareness. In their 2 year existence, BADASS has accomplished a lot-from legislation to education, and there's so much more on the way. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode638

Feb 7, 202048 min

Wawa Breach, Citrix ADC, Magecart Hackers, Ragnarok Ransomware - PSW #637

In the Security News, NHS alerted to severe bulbs in GE health equipment, Ragnarok Ransomware targets Citrix ADC & disables Windows Defender, suspected Magecart hackers arrested in Indonesia, Wawa breach data was found for sale,, and so much more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode637

Feb 3, 20201h 10m

Stopping Python Backdoor Attacks - Peter Smith - PSW #637

The recent MechaFlounder was a backdoor attack linked to Iranian threat actors who targeted Turkish entities. Similar Python-based backdoor attacks have managed to evade traditional network security defenses and propagate inside their target environments. To learn more about Edgewise, visit: https://securityweekly.com/edgewise Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode637

Feb 2, 20201h 13m

The Unicorn Project and The Five Ideals - Gene Kim - PSW #637

In this week's episode of Paul's Security Weekly, Paul and the guys welcome back Gene Kim to interview him about his newest book "The Unicorn Project". Gene shares with us his goals and aspirations for The Unicorn Project, describes in detail the Five Ideals, along with his favorite case studies of both ideal and non-ideal, and why he believes more than ever that DevOps will be one of the most potent economic forces for decades to come. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode635

Feb 1, 20201h 16m

Tomatoes, Jeff Bezo, Vuln. In AMD ATI Radeon, 'The Rise of Skywalker' - PSW #636

In the Security News, Microsoft Security Shocker As 250 Million Customer Records Exposed Online, the NSA Offers Guidance on Mitigating Cloud Flaws, Multiple Vulnerabilities Found in AMD ATI Radeon Graphics Cards, Brazil prosecutes Glenn Greenwald in attack on press freedom, and Cybersecurity Lessons Learned from 'The Rise of Skywalker'! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode636

Jan 26, 20201h 19m

Electronic Frontier Foundation (EFF), Godwin's Law, Freedom of Speech - Mike Godwin - PSW #636

Paul, Doug and Tyler interview Mike Godwin about the creation of the EFF, why it was created and how he became involved, some of the first cases taken on by the EFF, Godwin's Law, the right to repair, freedom of speech, and much more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode636

Jan 25, 202055 min

Dug Song - Engineer to Entrepreneur - Dug Song - PSW #636

Paul, Doug and Tyler interview Dug Song about how he got his start in Information Security, what prompted him to begin work for dsniff, his transition from engineer to entrepreneur, what he learned from his experiences at Arbor Networks, why he decided to found a company in the authentication space, how to grow a company while maintaining your vision and culture, CISCO's acquisition of DUO Security, what it's like to be integrated into such a large company, what makes company's great, advice for talented tech people who want to become entrepreneurs, Dug's book recommendation for inspiring entrepreneurs, and much, much more Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode636

Jan 24, 20201h 2m

CVE-2020-0601, Netscaler RCE, npm - PSW #635

We discuss the details and impact of the latest flaw, disclosed by NSA, in Windows 10 that allows attackers to pass off malware as signed applications and so much more. The Citric Netscaler vulnerability is a rare remote-easy-to-exploit opportunity for attackers. The crew also talks about book recommendations, backdoors in crypto (and why its bad), conspiracy theories and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode635

Jan 19, 20201h 32m

Hacking IoT Devices - Jeff Spielberg, Ryan Speers - PSW #635

The world continues to see a proliferation of highly insecure IoT/embedded products. How can companies making embedded products design security in from the start, and why don t they do it today? Importantly, security needs to be baked in while remaining lean and moving quickly towards an MVP product. Discussions will range from hardware chip selection, cryptographic protocol design, and firmware security -- both at the design and security pen test phases. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode635

Jan 18, 2020

What Does It Mean To Be A Hacker? - PSW #635

This is the Hacker Culture Roundtable discussion from the Security Weekly Christmas podcast marathon and features almost all of our hosts and special guests. Hacking is a term used to describe the activity of modifying a product or procedure to alter its normal function, or to fix a problem. The term purportedly originated in the 1960s, when it was used to describe the activities of certain MIT model train enthusiasts who modified the operation of their model trains. They discovered ways to change certain functions without re-engineering the entire device. These curious individuals went on to work with early computer systems where they applied their curiosity and resourcefulness to learning and changing the computer code that was used in early programs. To the general public, a "hack" became known as a clever way to fix a problem with a product, or an easy way to improve its function. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode635

Jan 17, 20202h 24m

Security News: January 9, 2020 - PSW #634

In the security news, Car hacking hits the streets, 4 Ring employees fired for spying on customers, MITRE presents ATT&CK for ICS, and Las Vegas suffers cyberattack on the first day of CES! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode634

Jan 13, 20201h 11m

The Keys to Your Kingdom: Protecting Data in Hybrid and Multiple Public Clouds - Ambuj Kumar - PSW #634

According to Gartner, 70% of businesses are adopting a hybrid cloud and multi-cloud strategy to augment their internal data centers. The challenges of protecting data and using encryption for multiple hybrid, public cloud, and on-premises environments increases complexity, cost, and security risk. As workloads and sensitive data move to the cloud, keeping cryptographic keys, shared secrets and tokens secure is critical to secure public cloud deployments and successful digital transformation. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode634

Jan 12, 202057 min

Improve Pen Testing Outcomes With Purple Teaming - PSW #634

Purple teaming reduces the lifespan of vulnerabilities found from pentests by facilitating knowledge transfer between red and blue teams in the remediation phase. PlexTrac provides a single interface through which red teams may report vulnerabilities and blue teams may remediate them. Visit https://www.securityweekly.com/plextrac to claim your free month of PlexTrac. Also, be sure to stop by their booth in the Early Stage Exhibit at RSA next month. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode634

Jan 11, 202057 min

Security News: January 2, 2020 - PSW #633

In the security news, mysterious Drones are Flying over Colorado (watchout Mr. Alderman), 7 Tips for Maximizing Your SOC, The Most Dangerous People on the Internet This Decade, North Korean Hackers Stole 'Highly Sensitive Information' from Microsoft Users, Critical Vulnerabilities Impact Ruckus Wi-Fi Routers, & The Coolest Hacks of 2019! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode633

Jan 5, 20201h 3m

Diplomacy, Norms and Deterrence in Cyberspace - Chris Painter - PSW #633

Global conversations around acceptable norms of behavior in cyberspace (particularly for states), attribution, accountability, and deterrence (though we have not done well on the last one), recent attacks, and the processes that are dealing with setting rules of the road in cyberspace. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode633

Jan 4, 202049 min

Security History - Lessons from the past - PSW #632

The history of security can be traced back to a variety of different sources. The amount of articles on the topic is dizzying. Most will cite names of early phone phreaks, Kevin Mitnick, Kevin Poulsen, Steve Jobs, Steve Wozniak and quickly transition to many other more recent "hacks" or breaches. Our goal is to not review the history of hacking. This is the history of security. We've carefully chosen key events and research to discuss the very beginnings of security, and their impact and lessons for today's ever-evolving security landscape. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode632

Jan 3, 20201h 13m

Who is Going to Protect the Brave New Virtual Worlds and HOW? - Kavya Pearlman - PSW #633

Emerging technologies such as Virtual, Augmented and Mixed Reality are inevitably gaining momentum and helping businesses gain competitive advantage. These technological advancements are giving rise to digital transformation as well as digital risks. The bigger question is who will protect these technologies. While the world is catching up on the business aspects and the real use cases, Silicon Valley startups are already gearing up to combat the risks born alongside emerging tech's benefits. The Valley companies are utilizing the same technologies to combat the associated risks. My Quest to protect these Brave New Virtual Worlds has taken me around the world and connected me to the geniuses at Wallarm. In this segment, I will talk about WHY I believe Wallarm, XRSI and companies alike are the ones moving fast to protect the Immersive Technologies. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode633

Jan 3, 202055 min