PLAY PODCASTS
Security Weekly Podcast Network (Video)

Security Weekly Podcast Network (Video)

4,876 episodes — Page 50 of 98

XDR and Vitamins - Michael Roytman - PSW #681

What is XDR? How do we know the security protections we're investing in are working? All this and Paul's CBD Pineapple Pizza Drink on this week's show. This segment is sponsored by Kenna Security. Visit https://securityweekly.com/kennasecurity to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw681

Jan 30, 202155 min

Supply Chain Security in the Face of Solarwinds - Allan Alford - ESW #214

Do we really need to be freaking out? What could we and should we be doing in general regardless of SolarWinds? Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw214

Jan 29, 202125 min

DNS Hijacking - Fredrik Nordberg Almroth - ESW #214

Fredrik Nordberg Almroth, Security Researcher at Detectify, tells the story of how he managed to claim the top-level domain of an entire country - the Congo (DRC), .cd - before any bad actors could snatch it up. He will also discuss domain takeovers (TLD as well as subdomains) and how they can be prevented. Key to this is to keep track of your assets and monitor them for vulns. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw214

Jan 29, 202118 min

Platform9, Swimlane, SonicWall 0-Days, & Fortinet - ESW #214

This week, in the Enterprise Security News, Platform9 unburdens users from the complexities of Kubernetes, Swimlane Raises $40 Million, SonicWall hacked by zero-days in its own products, Deloitte Buys Root9B, Cygilant and SentinelOne Partnership, Fortinet announces AI-powered XDR, AlgoSec Announced updates to A32, ESET Launches Enhanced Cloud-based Endpoint Security Management, Entrust acquires HyTrust, LogRhythm acquires MistNet, Huntress Acquires EDR Technology From Level Effect, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw214

Jan 28, 202130 min

How to Build an Insider Threat Program in 10 Steps - Part 2 - Anthony Palmeri - SCW #59

The conversation continues on mitigating insider threats and building an insider threat program! This segment is sponsored by Ekran System. Visit https://securityweekly.com/ekran to learn more about them! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw59

Jan 28, 202138 min

How to Build an Insider Threat Program in 10 Steps - Part 1 - Anthony Palmeri - SCW #59

Mitigating insider threats is a key cybersecurity priority for any organization that works with sensitive data. And to do that, you need an insider threat program. Such a program not only is required by numerous cybersecurity regulations, standards, and laws but also allows a company to detect an insider threat at its early stages, respond to it, and remediate the damage with little to no harm done. This segment is sponsored by Ekran System. Visit https://securityweekly.com/ekran to learn more about them! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw59

Jan 27, 202133 min

Cybersecurity Failure, Reboot Security Strategy, & Solving the Skills Gap - BSW #203

In the Leadership and Communications section, Cybersecurity Failure among Highest Risks, warns World Economic Forum, How to reboot a broken or outdated security strategy, A 21st Century Solution to Our Cybersecurity Skills Shortfall, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw203

Jan 27, 202129 min

Everyone missed SUNBURST... or did they? - Matt Cauthorn - BSW #203

When the SolarWinds Orion SUNBURST attack hit the national newscycle, businesses far-and-wide scrambled to determine whether or not they were affected–unfortunately, many found they couldn't say either way with confidence. And then came the question, "why didn't anyone catch this?" ExtraHop's Matt Cauthorn joins BSW to discuss the SUNBURST attack, why it was so challenging to detect, and share some behavioral analysis insights to shed light on what the attackers were doing post-compromise. This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw203

Jan 26, 202132 min

KindleDrip, State of Messaging State Machines, DoH, & Data Security Strategies - ASW #137

An overflow and a flawed regex paint an RCE picture for Kindle, messaging apps miss the message on secure state machines, three pillars of a data security strategy for the cloud, where DoH might fit into appsec, and all the things that can go wrong when you give up root in your Kubernetes pod. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw137

Jan 26, 202138 min

Reading Industry Analyst Tea Leaves To Predict The Future - Taylor McCaslin - ASW #137

It's analyst season with the new Forrester Wave on SAST recently published as well as Gartner's Application Security Testing Magic Quadrant publishing in April. We'll talk about what are analyst reports, how should you use them, and how should you interpret placement on them as I like to call it, reading the analyst tea leaves. This segment is sponsored by GitLab. Visit https://securityweekly.com/GitLab to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw137

Jan 25, 202131 min

WRT54G Hacking History, 70 Unpatched Cisco Vulns, & Bypassing MFA - PSW #680

In the Security News, How two authors became part of WRT54G hacking history, European police and German law enforcement have taken down the illegal "DarkMarket" online marketplace, 70 unpatched Cisco vulnerabilities and why these are not a big deal, Adobe is blocking Flash content, most containers still run as root, watching private videos on YouTube is more like silent films, and get a free bag of weed when you get your vaccine! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw680

Jan 17, 20211h 36m

Hacking Ubiquiti Devices - Jon Gorenflo - PSW #680

Ubiquiti network gear has become a favorite among tech enthusiasts, but various Ubiquiti products have had some serious vulnerabilities in recent history. Listen in as we discuss hack, secure, and learn with Ubiquiti gear. We'll also discuss Ubiquiti's data breach announced Jan. 11and what that could mean to the security of your network. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw680

Jan 16, 202149 min

Beyond Phishing Blockers - Ryan Noon - PSW #680

Ryan Noon joins Paul, and the rest of the PSW team, this week to chat through the importance of resilience in everything companies do to protect cloud-stored data and IP, unpack growing enterprise demand for a "digital seatbelt," and explain why Material takes a fresh approach to email security: building products with the assumption that bad actors will successfully hack inboxes. This segment is sponsored by Material Security. Visit https://securityweekly.com/materialsecurity to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw680

Jan 16, 20211h 0m

The DBoM Consortium - Chris Blask - ESW #213

The DBoM consortium is a Linux Foundation project to be able to share information with third parties safely, securely, and with control over the information, even after handing it over! Unisys has just open-sourced the code to make this possible, and Chris was a big part of their effort. Using a blockchain-based approach, DBoM works to share software bill of materials (SBoM)s in a fashion that works in a cloud-centric, internet time approach. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw213

Jan 15, 202132 min

It's 2021, Do You Know Where Your Assets Are? - ESW #213

We all know asset management is one of the basics. In fact, it's literally the first two items on the Center for Internet Security's list of top 20 critical security controls. https://www.cisecurity.org/controls/cis-controls-list/ The term "basics" can be deceptive though. We typically expect something basic to also be easy. This is InfoSec though, and the basics aren't simple or easy. We call them basics because they're foundational. Put another way, the other 18 critical security controls on that top 20 list can't be applied to assets that haven't been discovered yet! In the past few years, we've seen a resurgence in asset management. There are a few players taking a fresh crack at solving this problem and we're hearing positive things. Could this be the year we get a better handle on discovering and managing assets? Join us as we discuss. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw213

Jan 15, 202125 min

Amazon's Parler Removal, Beyond Security & Vicarius Partner, & More SolarWinds! - ESW #213

This week, Beyond Security partners with Vicarius, Amazon's Parler removal and what it means for Cloud onfidence, Kount sold to Equifax, McAfee vs Crowdstrike, JumpCloud raises some funds, Red Hat acquires StackRox, and SolarWinds warnings of weak security and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw213

Jan 14, 202136 min

Sunburst: The Cleanup - SCW #58

We will shift focus of the discussion from understanding to action - that is, what to do about this and similar types of attacks that might be perpetrated agains your organization. Or is there anything to do about this "clear and present danger"? Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw58

Jan 14, 202142 min

Sunburst: Down the Rabbit Hole - SCW #58

We're going to dissect what we know about the Sunburst/SolarWinds hack to this point - SCW style! We'll touch on the things that keep coming up in the news - attribution, conspiracy theories, implications, consequences, and so forth. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw58

Jan 13, 202133 min

BISOs Bridge the Gap, Lots of Questions, & Use Negative Feedback to Improve - BSW #202

In the Leadership and Communications section, How BISOs bridge the gap between corporate boards and cybersecurity, 5 questions CISOs should ask prospective corporate lawyers, Good Leadership Is About Asking Good Questions, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw202

Jan 13, 202131 min

Why deepwatch Chose Splunk to Secure Customer Networks - Patrick Orzechowski - BSW #202

Learn why deepwatch chose Splunk as it's one and only SIEM solution to deliver its Managed Detection & Response services to Fortune 2000 customers. Hear how deepwatch is leveraging a variety of Splunk capabilities and advanced API integrations to detect and respond to threats in customer environments. This segment is sponsored by deepwatch. Visit https://securityweekly.com/deepwatch to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw202

Jan 12, 202128 min

Google 2FA Cloning, Speed vs. Security, & "Hack The Army" Bug Bounty 3.0 - ASW #136

Significant source code leak from misconfigured repo, side-channel attack on hardware authentication keys, a third bug bounty for the U.S. Army, the cost of poor software quality, the benefits of DevOps approaches to building systems. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw136

Jan 12, 202131 min

Fuzz Testing - Andrei Serban - ASW #136

Fuzzing can be successful appsec strategy for finding software bugs. And deploying a fuzzer no longer needs to be a cumbersome process. Find out how fuzzing can help secure software beyond just memory safety issues and what the future holds for making this strategy more effective for modern apps. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw136

Jan 11, 202136 min

Custom Python Encryption, Shady 0-Days, & The Great iPwn - PSW #679

In the Security News, Nissan Source code leaked, how the shady 0-Day sales game is evolving, Hack the Army 3.0 announced, creating your own custom encryption in python, FBI warns of swatting attacks targeting your smart device, & the rise of Uncaptcha3! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw679

Jan 10, 20211h 18m

What Has Changed (or Not) Since Our Last Visit? - Ming Chow - PSW #679

-What are we seeing from infosec graduates as they come into the enterprise to begin their careers? -How has data privacy changed since 2014? -Is the cloud a solution, or creates more problems? -How does the changing model of application architecture and security testing improve things? (DevOps, "shift left" testing, IAST, etc.) Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw679

Jan 9, 202155 min

Automated Vulnerability Remediation - The Good, the Bad and the Ugly - PSW #679

The way we identify, prioritize, and mitigate software vulnerabilities was built in the reverse order. Why did it happen? Could a new remediation strategy finally form an alliance between IT and security teams? This segment is sponsored by Vicarius. Visit https://securityweekly.com/vicarius to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw679

Jan 9, 202147 min

SolarWinds, FireEye, Microsoft, Oh My! - Sean Metcalf, Tyler Robinson - ESW #212

The current ransomware, breaches, and nation state attacks have defenders feeling overwhelmed and under resourced. Can defensive teams really have defended against this type of supply chain attack and what can every security team do for best practices within Active directory and Azure federation to reduce your enterprises risk. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw212

Jan 8, 202133 min

The State of Data Security - Chris Brown - ESW #212

A casual and candid conversation on database security. Talking through the current data trends including the transition to the cloud and what this means for the database security practitioner. What pitfalls and tools can be used to help simplify and maximize the security professional's transition to a fully monitored data environment solving for Cloud/Hybrid cloud and traditional on-premise. This segment is sponsored by Imperva. Visit https://securityweekly.com/imperva to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw212

Jan 8, 202124 min

Veracode in AWS Marketplace, ZScaler SUNBURST Assessment, & SolarWinds Fallout - ESW #212

This week, Tyler Shields joins us for his first episode as Co-Host, and John Strand returns! In the Enterprise News, Two data security companies merge, Veracode's products are now available in the AWS Marketplace, Zscaler launches a program for organizations dealing with the SolarWinds attack, SolarWinds is being sued in a class action lawsuit, funding announcements from Weaveworks, iBoss and Venafi! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw212

Jan 7, 202130 min

Looking Forward - SCW #57

We don't want to have the typical "predictions" episode, but do want to chat about what we might expect in the coming year; what is changing? what is coming back? and when? (if at all)? Looking forward: -Vaccines -Anti-vaxxers -Resumption of travel? -Resumption of conferences???? -Sales and marketing changes -Societal changes -The problems we face moving forward in compliance and security Show Notes: https://securityweekly.com/scw57 Visit https://www.securityweekly.com/scw for all the latest episodes!

Jan 7, 202141 min

Looking Back - SCW #57

We have a roundtable discussion amongst the hosts looking back on the highs and lows of 2020! Looking back: -Solarwinds (not in depth but just as part of the year) -Covid-19 -Working from home -Conferences shut down -Travel gone -The new normal of zoom calls -Kids at home Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw57

Jan 6, 202138 min

6 Security Concerns, 3 Steps, & 10 Skills - BSW #201

In the leadership and communications section, 6 board of directors security concerns every CISO should be prepared to address, Four ways to improve the relationship between security and IT, CISO playbook: 3 steps to breaking in a new boss, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw201

Jan 6, 202125 min

CISO Stories - Cybersecurity Leadership 2021 - Todd Fitzgerald - BSW #201

Up Your game with the CISO STORIES Podcast! If anything this past year has taught us is that we can not go on our own, and leveraging the experiences from other CISOs is critical to our success. Join Todd as he introduces a new Podcast featuring actionable lessons from top-notch CISOs and Cybersecurity Leaders. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw201

Jan 5, 202125 min

Kubernetes Clusters, Microsoft Solarigate, & Apple's Security DIY - ASW #135

Microsoft purges malicious SolarWinds presence and highlights a threat model around their source code, the tl;drsec crew provides a hardening guide for Kubernetes, Apples provides a user guide for hardening accounts, Firefox provides a new storage system to defeat side channel abuse. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw135

Jan 5, 202132 min

Security By Design - ASW #135

A premise of adding security to DevOps is we can "shift left" AppSec responsibilities, one of which is building apps so they're secure by design. Yet what resources does the AppSec community provide for this approach to design? We take a look at the OWASP Top 10, Web Security Testing Guide, and Application Security Verification Standard to find a way forward for DevOps teams. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw135

Jan 4, 202135 min

SolarWinds Attack, AIR-FI Technique, & Zodiac Cypher Decoded - PSW #678

In the Security News, How suspected Russian hackers outed their massive cyberattack, Millions of Unpatched IoT, OT Devices Threaten Critical Infrastructure, Zodiac Killer Cipher Solved, a Security Researcher states 'solarwinds123' Password Left Firm Vulnerable in 2019, Why the Weakest Links Matter, and a 26-Year-Old Turns 'Mistake' of Being Added to an Honors Geometry Class to Becoming a Rocket Scientist! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw678

Dec 20, 20201h 40m

Securing The Enterprise Software Supply Chain - Harry Sverdlove - PSW #678

SolarWinds is just the latest example of how the enterprise software supply chain, when compromised, can be used successfully by attackers. These coordinated and well-managed attacks prey on trust, so how can we trust our enterprise software? This segment is sponsored by Edgewise Networks. Visit https://securityweekly.com/edgewise to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw678

Dec 19, 202057 min

Generating Threat Insights Using Data Science - Roi Cohen, Shani Dodge - PSW #678

In this world of countless vulnerabilities, we need to find a way to identify threats. Prioritizing known vulnerabilities is a step in the right direction but definitely not enough. There is a need for a customized identifying threat process. This segment is sponsored by Vicarius. Visit https://securityweekly.com/vicarius to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw678

Dec 19, 202054 min

Mimecast Awareness Training Philosophy - Emily Huynh, Mandy McKenzie - ESW #211

When you roll-out the Mimecast Awareness Training best practices to your organization and embrace your employees, you will achieve something magical - employees who become an extension of your security team. Remember security is a team sport which requires the hearts of your employees and the minds of all. So, when do you that you're successful? One, would be when your employees recognize threats and share it with others in the office to not click on malicious items, creating community defense. The other, is when your employees are taking their best practices home to train their families. More importantly, it is when your company as a whole is excited about cyber security and see it as an enabler and fun! This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecast to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw211

Dec 18, 202033 min

Visibility Is Critical in Uncertain Times - Martyn Crew - ESW #211

As organizations come to terms with continued uncertainty in 2021, Martyn will discuss the importance of hybrid network visibility in building an IT infrastructure that can meet the needs of this environment. Specifically, how visibility is the key to supporting and securing the fluid workforce in the post-COVID world even with budget constraints and limited resources. This segment is sponsored by Gigamon. Visit https://securityweekly.com/gigamon to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw211

Dec 18, 202032 min

42Crunch IDE OpenAPI Editing, DigiCert IoT Device Manager, & More SolarWinds - ESW #211

This week in the Enterprise security News, A Hack brought unwanted attention to SolarWinds, Datadog and Snyk unveil GitHub integration to automate software development workflow, Thoma Bravo Invests In Machine Identity Management/Security Startup Venafi, FireEye Closes $400M Blackstone Investment, and DigiCert now enables manufacturers to embed certificates on chips prior to manufacturing! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw211

Dec 17, 202029 min

Pen Testing, Part 2 w/ Dmitry Zagadsky - SCW #56

We'll continue our discussion of penetration testing. In this segment, we'll talk about the right reasons to have a penetration test performed, the impact (for better or worse) of the PCI requirement for annual penetration testing, and how to get the most out of your penetration testing results. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw56

Dec 17, 202044 min

Pen Testing, Part 1 w/ Dmitry Zagadsky - SCW #56

The penetration testing mythology as it applies to information security is all screwed up. If nothing else, we're going to attempt to define a penetration test, focus on the goals, and what should be in a report. You better believe there is going to be an overarching "PCI" context to this discussion. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw56

Dec 16, 202046 min

Leadership & Communications: Lessons Learned in 2020 - BSW #200

For this final segment of 2020, why pull more articles to review when we all lived it? Instead, let's recap some of the leadership and communications lessons we have learned in a very difficult 2020 and discuss the changes we'll make in 2021 to be better leaders. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw200

Dec 16, 202029 min

Transforming Cyber Risk/Compliance Through Automation - Padraic O'Reilly - BSW #200

How are CISOs of the Global 500 automating risk and compliance assessments by 90%, saving millions of dollars per year, and creating a unified strategy around cyber risk in the wake of Digital Transformation? Those on the cutting-edge of risk and compliance see a massive opportunity to ingest the telemetry coming from the security tech stack to bring a new level of automation to control compliance and risk management across all frameworks and standards. In this segment, we discuss how COVID-19 and rapid Digitalization have pushed risk and compliance teams to innovate internally, and how they're doing so with real-life examples. How is it even possible to eliminate nearly all manual effort around IT GRC? What is the latest strategy behind cross-walking frameworks and dynamically lighting up controls in an environment? You'll learn how some of the largest organizations in the world are proving compliance in real-time, empowering their teams to manage even the most unprecedented risks, and how risk and compliance programs get a clear view into risk likelihood, impact, solution-cost modeling and more. Listen in if you too are working to transform your cyber risk and compliance program to support Digital Transformation. This segment is sponsored by CyberSaint. Visit https://securityweekly.com/cybersaintsecurity to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw200

Dec 15, 202030 min

Atheris Python Fuzzer, Bronze Bit Attack, & FireEye Highlights - ASW #134

FireEye shares supply chain subterfuge, researchers show repeated mistakes in TCP/IP stacks, Google open sources Python fuzzing, Cisco and Microsoft patch their patches for vulns in Jabber and printer modules. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw134

Dec 15, 202036 min

Freedom From Computing Environments - Ev Kontsevoy - ASW #134

We built OSS Teleport to provide a Unified Access Plane that consolidates access controls and auditing across all environments - infrastructure, applications, and data. This segment is sponsored by TelePort. Visit https://securityweekly.com/teleport to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw134

Dec 14, 202038 min

Hacking Matters Panel - PSW #677

Hacking matters. The term hacking has gotten away from us over the years. I believe we've reclaimed it, to a certain extent. The goal of this panel is to discuss all things hacking culture. What does it mean to be a hacker and how do we preserve the hacking ideology? This segment is sponsored by Innocent Lives Foundation. Show Notes: https://securityweekly.com/psw677 Visit https://securityweekly.com/ilf to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes!

Dec 13, 20201h 35m

Innovative Blue Team Techniques Panel - PSW #677

We often hear that offensive security techniques are "sexier" than defensive blue team techniques. In this panel discussion, we attempt to level the playing field (on so many levels...) between attackers and defenders. Keeping the evil attackers out of our networks and systems is a daunting task that requires creative thinking and creative solutions. This segment is sponsored by RiskSense. Show Notes: https://securityweekly.com/psw677 Visit https://securityweekly.com/risksense to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes!

Dec 12, 20201h 6m

The State Of Penetration Testing Panel - PSW #677

Join us for a lively discussion surrounding the topic of penetration testing. Sure, we've called out differences between vulnerability scanning and penetration testing. Moving past this particular issue, we'll explore how to effectively use penetration testing in your environments. This segment is sponsored by Core Security, A Help Systems Company. Visit https://securityweekly.com/coresecurity to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw677

Dec 12, 20201h 0m

Every Analyst Struggles to Balance Thoroughness & Speed - Joe Rivela - ESW #210

Polarity uses computer vision that works like augmented reality for your data. It's not a new dashboard to search or a new portal to manage. Polarity augments your existing workflows, enriching your view as you do your work so you can see the story in your data without sacrificing thoroughness or speed. We'll be talking about how analysts are using Polarity to balance thoroughness and speed. This segment is sponsored by Polarity. Visit https://www.polarity.io/esw to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw210

Dec 11, 202029 min