
Security Weekly Podcast Network (Video)
4,876 episodes — Page 58 of 98

Layer8 Conference & WorkshopCon - Ori Zigindere, Patrick Laverty - PSW #648
Patrick Laverty created and co-organizes the Layer 8 Conference with Lea Snyder. This year will be the 3rd annual conference that solely focuses on social engineering and OSINT topics. Ori Zigindere is an offensive security professional with a background in software engineering. He works with a wide range of companies in all major industries to help them improve their security posture against day to day threats. Patrick and Ori join us today to talk about the Layer8 Conference, and WorkshopCon! To sign up for the Layer8 Conference, please visit: https://layer8conference.com/ Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode648

The Insider Threat - Steven Bay - PSW #648
Steven Bay has over 16 years of cybersecurity experience, spanning the military, government, consulting, and enterprise security. For 10 of those years, he supported the National Security Agency both as a member of the military and a contractor. In 2013 he hired Edward Snowden to a contract position in Hawaii and was his manager when Snowden fled the country with top-secret NSA data. Following this, he moved into commercial cybersecurity where he provided IR and Threat Intelligence services to Fortune 500 companies, served as a CISO, and today is the Director of Security Operations at Security On-Demand. He also is a keynote speaker where shares his story and lessons learned from his Snowden experience at industry groups, corporate events, and student groups. To watch our interview with Steven Bay on Enterprise Security Weekly #170, visit: https://youtu.be/nbnSSiVUSSw Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode648

Threats of Social Engineering Go Beyond Phishing - Peter Warmka - ESW #180
Peter will discuss this article and put it into even greater perspective: https://worldview.stratfor.com/article/linkedin-cybersecurity-recruitment-hostile-intelligence-agency Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode180

Work from Home - Business Impacts & Security Risks - Mark Orsi - ESW #180
As we quickly pivot to remote work, what are the business impacts and security risks? What have we learned and how quickly can organizations adapt to this new paradigm? What activities should we take to make our organizations more resilient as we emerge from this crisis and prepare for the next? Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode180

ThunderScan, F-Secure Countercept, & ZeroFOX AI - ESW #180
This week in the Enterprise Security News, Breach-and-Attack Simulation Firm SafeBreach Raises $19 Million, F-Secure launches protection and response service to protect remote workers, Swimlane acquires Syncurity to spur growth and affirm commitment to SOAR market, DefenseCode ThunderScan SAST 2.1.0 supports Go and ABAP languages, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode180

Compliance News - SCW #25
This week in the Security and Compliance News, Back to basics: The GDPR and PCI DSS, Why Compliance is for Guidance, Not a Security Strategy, Cognizant hit by 'Maze' ransomware attack, Audits Don't Solve Security Problems, Contact Tracing Apps Attempt to Balance Necessary Public Health Measures With User Privacy, and more! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode25

State of the Union - Paul Asadoorian - SCW #25
We're talking to our host and benefactor about his vision for Security Weekly Productions and how Security & Compliance Weekly fits into the mix. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode25

Clear Vision, 3 Recession Scenarios, and Transparency - BSW #170
In the leadership and communications section, Leaders, Do You Have a Clear Vision for the Post-Crisis Future?, 3 recession scenarios and their impact on tech spend, Supply chain transparency: Technology, partnership and progress, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode170

InfoSec World Conference 2020 - Summer Fowler - BSW #170
As the Co-Chair of the Leadership Board for InfoSec World Conference in Orlando, FL this June 2020, Summer will discuss how this is an excellent opportunity for Executive, Management, and Technical teams to attend a conference together to learn more about both the business of cyber security and the latest in technical capabilities. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode170

Malicious Ruby Gems & JSON Web Token Bypass - ASW #104
This week in the Application Security News, JSON Web Token Validation Bypass in Auth0 Authentication API, Mining for malicious Ruby gems, A Brief History of a Rootable Docker Image, Privacy In The Time Of COVID, and Threat modeling explained: A process for anticipating cyber attacks! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode104

Building an AppSec Ecosystem - Rebecca Deck - ASW #104
It's possible to check the boxes and have an AppSec program that looks great on paper, but still not have positive results. We will cover using continuous feedback from AppSec testing activities passing through threat models to make life better for AppSec, red teams, QA, and engineers. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode104

Hospital Hackers, $500K Zoom 0day, & SFO Windows Hackers - PSW #647
This week in the Security News, How to teach your iPhone to recognize you while wearing a mask, Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic, VMware plugs critical flaw in vCenter Server, Russian state hackers behind San Francisco airport hack, Macs Are More Secure, and Other Jokes You Can Tell Yourself, and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode647

Pen Testing to Validate Vulnerability Scanners - Magno Gomes - PSW #647
Many people inaccurately use vulnerability scans or vulnerability assessments as terms that are synonymous with penetration tests. Those that do know the difference often think you have to choose between the two. But that's not the case. This segment will cover why and how pen testing can be used to validate vulnerability scanner results. To learn more about Core Security, visit: https://securityweekly.com/coresecurity Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode647

Threat Intel Program Strategies - Wade Woolwine - PSW #647
Defining key areas of investment that organizations need to consider in their programs. Within the areas of investment, we talk about functional areas and defining capabilities within each functional area. The end goal is to have a framework that folks can use to document their security program, measure evolution over time, share best practices, organize content and data, and be used as a reference architecture based on community input. To learn more about Rapid7 or to request a demo, visit: https://securityweekly.com/rapid7 Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode647

The Missing Link for Protecting Against Ransomware - Tim Williams - ESW #179
Tim Williams, Founder and CEO of Index Engines, joins us to discuss the cyber security software market and how it's focused on preventing ransomware attacks. How do you know if that line of defense fails? How do you prove that negative? Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode179

Phishing's Effect on Corporate Culture - Terry McCorkle - ESW #179
Many organizations today know about phishing and have taken steps to educate users, followed by phishing simulations. What comes next? This discussion will revolve around what many organizations are struggling with after they have built a phishing program. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode179

Patch Tuesday, Sysdig, & AttackIQ - ESW #179
This week in the Enterprise Security News, NeuVector adds to container security platform and automates end-to-end vulnerability management, Sysdig Expands Unified Monitoring Across IBM Cloud Services Globally, Optiv Hires Deloitte Stalwart Kevin Lynch as Chief Executive Officer, Illusive Networks Integrates with Infoblox to Speed Deployment, Microsoft's April 2020 Patch Tuesday arrives with fixes for 3 zero-day exploits and 15 critical flaws, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode179

Cyber Insurance News - SCW #24
Jeffrey Smith joins us in looking at how cyber insurance is playing out in the real world - or at least how it's showing up in the news. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode24

Cyber Insurance - Jeffrey Smith - SCW #24
This week, we welcome Jeffrey Smith, Managing Partner at Cyber Risk Underwriters, to sell us Cyber Insurance, and how he wants to take on the skeptics (e.g. the SCW hosts) about the role that Cyber Insurance plays in security! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode24

Start, Stop, Defer; Adapting to a Crisis; and Building a Culture - BSW #169
In the leadership and communications section, the 3 stages of adapting to a crisis, build a culture that aligns to people's values, stop, start, defer: how companies are navigating technology spend in a crisis, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode169

Security Money - BSW #169
It's our Security Money show, where we'll review the Security Weekly 25 Index and all the financial updates for both the public and private security markets. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode169

Zooming Alex Stamos & Building Security TestOps - ASW #103
This week in the Application Security News, Zoom Taps Ex-Facebook CISO Amid Security Snafus, Lawsuit, How we abused Slack's TURN servers to gain access to internal services, Moving from reCAPTCHA to hCaptcha, Automate Security Testing with ZAP and GitHub Actions, Shift-Right Testing: The Emergence of TestOps, and Building Secure and Reliable Systems! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode103

Making Kubernetes a Hostile Place for Attackers - Brad Geesaman - ASW #103
Kubernetes is conceptually simple, but in practical terms, a highly complex distributed system with thousands of interdependent settings that drive behavior and security posture. That said, focusing hardening efforts on a handful of key configurations and policies can make the job of an attacker incredibly challenging in a cluster. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode103

Zoom, Kubernetes, and Hacking - PSW #646
A little about Zoom vulnerabilities and data leaks and Cisco Webex vulnerabilities. We talk about security Kubernetes and how the same security principals apply, vulnerabilities in ICS systems and how hackers can help improve society. Oh, and smart toilets that scan your, er, logs. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode646

Tales From The Crypt...Analyst - Part 2 - Jeff Man - PSW #646
In the second part of our interview series with the legend Jeff Man, he continues his discussion with Paul, Matt, and Lee, about the many myths, legends and fables in hacker history. One of the themes of these legends surrounds some of the first red team hackers working for the US Government out of NSA. The building where they worked was called "The Pit". Jeff Man sits with us for this segment to talk about, where he can, the history and events that transpired during his tenure with the NSA. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode646

To Hunt or Not To Hunt; This is Never a !=? - Tyler Robinson - PSW #646
We welcome Security Weekly's own Tyler Robinson for a Technical Segment, to talk about how individuals are tracked and then demonstrates different TTPs Nisos uses to hunt and track people of interest. Using a modified version of Trape, ngrok, and DNS setup, Tyler shows how much information and tracking data can be gathered and further used for ongoing operations by simply clicking a link or visiting a page with embedded JavaScript. To view ngrok, visit: https://www.ngrok.com/ To check out the Trape tool, visit: https://github.com/jofpin/trape Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode646

Moving Towards Modern Vulnerability Management - Ed Bellis - ESW #178
What are the practical ways to get that time to value in app security? How can we utilize devs in the process without creating massive SAST integration projects and training them on false positives and complex challenges. So just fitting into their daily process, and only sending them actionable and real findings. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode178

Time to Measure Security Improvement in AppSec - Ferruh Mavituna - ESW #178
What are the practical ways to get that time to value in app security? How can we utilize devs in the process without creating massive SAST integration projects and training them on false positives and complex challenges. So just fitting into their daily process, and only sending them actionable and real findings. To learn more about Netsparker, visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode178

CrowdStrike, Automox, & Ixia - ESW #178
New from BitDam, Ping, CrowsdStrike, Automox, Ixia, Recorded Future, CyberArk, AlgoSec, Tufin, Unisys. Redis servers found exposed to the Internet and vulnerable! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode178

CMMC - Part 2 - Chris Golden - SCW #23
Chris Golden, Board Member for the Accreditation Body, continues the conversation surrounding the DOD's release of the CMMC program to keep the amount of false information to a minimum. To view the CMMC Model, visit: https://www.acq.osd.mil/cmmc/docs/CMMC_v1.0_Public_Briefing_20200131_v2.pdf Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode23

CMMC - Part 1 - Chris Golden - SCW #23
Chris Golden, Board Member for the Accreditation Body, will answer questions surrounding the DOD's release of the CMMC program to keep the amount of false information to a minimum. To view the CMMC Model, visit: https://www.acq.osd.mil/cmmc/docs/CMMC_v1.0_Public_Briefing_20200131_v2.pdf Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode23

3 Tips, 4 Behaviors, and 15 Steps for Remote Work - BSW #168
In the leadership and communications section, 4 Behaviors That Help Leaders Manage a Crisis, The Right Way to Keep Your Remote Team Accountable, 15 Steps to Take Before Your Next Video Call, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode168

Cyber Resilience - Richard Clarke - BSW #168
This week, we welcome Dick Clarke to discuss his new book, The Fifth Domain, and the need for cyber resilience, especially these days. Significant risks are still manageable, but what are the concrete steps that can be taken toward cyber resilience. In conversations with leading scientists, government officials, and corporate executives, the prevailing consensus is that we are capable of defending ourselves as individuals, as organizations, and as a nation, but that our cyber security remains contingent on the a consensus that it is worth prioritizing. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode168

Zoom Flaws, 'Zombie' win32k Bug, & Inputscope - ASW #102
This week in the Application Security News, Zoom is gaining lots of attention for flaws and serves as a good exercise in threat modeling and communicating security trade-offs, Popular Digital Wallet Exposes Millions to Risk in Huge Data Leak from the usual suspect of an S3 bucket for an unusual amount of sensitive data, 12k+ Android apps contain master passwords, secret access keys, secret commands in not-so-secret client-side code identified by a research tool Inputscope, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode102

You're (probably) Doing AppSec Wrong - Grant Ongers - ASW #102
Most security programs generally get in the way of delivery (if they don't, to all intents and purposes, prevent it altogether) and are probably also failing to provide the required level of actual security. This segment can try to look at why this is the case and how (in general terms) security and product teams can change this. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode102

Security News - To Zoom or Not to Zoom - PSW #645
This segment will largely focus on the recent Zoom vulnerabilities and the responses from security researchers, the security community and enterprises. Should you stop using Zoom? Tune in to find out! (Hint: Uhm, probably not). Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode645

IoT Devices: Security and Privacy Labels Research - Lorrie Cranor - PSW #645
At Carnegie Mellon University we are designing a usable security and privacy label for smart devices to help consumers make informed choices about Internet of Things device purchases and encourage manufacturers to disclose their privacy and security practices. The label includes information on privacy and security practices of the smart device, such as the type of data the device collects and whether or not the device gets automatic security updates. Based on research with both consumers and experts, we have designed a two-layer label that includes a simple, understandable primary layer for consumers and a more detailed secondary layer that includes information important to experts. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode645

Collaboration Between NetOps and SecOps in Today's World - Matt Allen - PSW #645
Matt and the Security Weekly crew will discuss how the interaction between network engineers and security operations has changed over the years, as well as the value of the network when identifying security threats and performing remediation. For more information on VIAVI Solutions, visit: https://securityweekly.com/viavi Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode645

Windows Exploits, Re-Training Your Security Solutions - Tod Beardsley - ESW #177
Tod Beardsley, research director, will discuss some of the trends in Internet scanning and attacker behavior given there are new Windows vulnerabilities and the workforce working from home. Should you re-train your User Behavior Analytics (UBA) and/or rely on other technologies? To learn more about Rapid7 or to get a free trial, visit: https://securityweekly.com/rapid7 Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode177

Keeping Systems Secure...From Home - Sumedh Thakar - ESW #177
The cybersecurity challenges created by remote workforces and what it takes to deliver security to remote workers while avoiding impacting business operations. How do you continue vulnerability and patch management across endpoints and servers when everyone is working from home? To learn more about Qualys, visit: https://securityweekly.com/qualys Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode177

Threat Stack, Qualys, StackRox, Sysdig - ESW #177
How to Write an Automated Test Framework in a Million Little Steps, Qualys remote endpoint protection solution helps enterprises secure remote workforces, Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering, Kaspersky Security for Microsoft Office 365 adds protection for SharePoint Online and Microsoft Teams and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode177

Nemours Use Of RSA Archer To Manage Compliance Risk - Kevin Haynes - SCW #22
Customer perspective on the three topics discussed with RSA in first segment Also: -What is your view of security vs. compliance vs. risk? -What drives your security program initiatives? -What are the biggest challenges in administering a security program? To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode22

Compliance Risk Challenges - David Walter - SCW #22
David Walter from RSA will join us to discuss the following: -The shift in the enterprise from compliance-based focused initiatives to risk-based ones -Regulatory changes that are impacting organizations security program/management efforts -Challenges/Successes associated with automating compliance monitoring efforts/continuous compliance monitoring To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode22

Real Leaders, Social Distancing, and Vendor Relationships - BSW #167
In the leadership and communications section, Real Leaders: Abraham Lincoln and the Power of Emotional Discipline, Social Distancing: 15 Ideas for How to Stay Sane, Rethink Your Relationship with Your Vendors, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode167

Protect Your Assets According to Their Value - Jeff Costlow - BSW #167
How do you protect your assets commensurate with their value if you lack situational awareness of everything communicating on your network thanks to IoT, rogue cloud instances, and shadow IT? If we can agree that EDR doesn't give the full picture, what can the security industry do to combat this challenge both from a technological and a process/culture perspective? Jeff will discuss how asset and risk management is changing and open up a conversation around how the CIA Triad has and is evolving. For more information, visit: https://securityweekly.com.extrahop Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode167

The Benefits of SAST and SCA in Your IDE - Utsav Sanghani - ASW #101
Static application security testing (SAST) is critical for uncovering and eliminating issues in proprietary code. However, over 60% of the code in an average application today is composed of open source components. SAST isn't designed to find open source vulnerabilities (CVEs) or identify open source licenses. And manually maintaining a repository of approved open source components for developers is inefficient and time-consuming. That's where software composition analysis (SCA) comes in. Introducing a new functionality within the Code Sight IDE plugin that combines SAST and SCA in one place to enable secure development. For more information, visit: https://securityweekly.com/synopsys Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode101

Singularity: A Different Take on Container Security - Adam Hughes - ASW #101
Singularity is a container runtime that was built from the ground up to live in multi-user environments where POSIX permissions must be respected. In addition to a novel runtime approach, the Singularity Image Format (SIF) differs significantly from other container image formats, with built-in support for full image encryption as well as digital signatures. For more information, visit: http://sylabs.io/ Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode101

Drobo Exploit, Docker Escape, SMBv3.11 - PSW #644
SANS Penetration Testing | Microsoft SMBv3.11 Vulnerability and Patch CVE-20200796 Explained, Drobo 5N2 4.1.1 - Remote Command Injection, $100K Paid Out for Google Cloud Shell Root Compromise, WordPress, Apache Struts Attract the Most Bug Exploits, Run Docker nginx as Non-Root-User. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode644

RSAC Micro Interview: Acunetix and Netsparker - Kevin Gallagher, Mark Ralls - ESW #176
Acunetix: Automation as a Solution for Web Application Security - Mark Ralls - RSAC 2020 Mark Ralls, President and Chief Operating Officer at Acunetix, discusses web security challenges in small and medium enterprises and how automation can help fill the skills gap. To schedule a demo with Acunetix, visit: https://securityweekly.com/acunetix Netsparker: How to Scale Web Application Security - Kevin Gallagher - RSAC 2020 Kevin Gallagher, Chief Revenue Officer at Netsparker, discusses how to scale web application security including asset discovery, application scanning, prioritization of results, and more! To get a demo of NetSparker, please visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode176

Zen And The Art Of Logs In The Cloud - Corey Thuen - PSW #644
Struggling with how to get your logs from the cloud? Have no fear, Corey and the Security Weekly crew talk about how to configure your logs in the cloud, use cloud-native services to handle the shuffling of logs in and out of the cloud, and control your costs! We conclude by talking a bit about Windows Event logs and overcoming some gotchas. Visit https://www.securityweekly.com/psw for all the latest episodes! To learn more about Gravwell, visit: https://securityweekly.com/gravwell Show Notes: https://wiki.securityweekly.com/PSWEpisode644