Security Weekly Podcast Network (Video)

Peter Kruse is the Founder of CSIS Security Group. "Nothing specific but a Google search will provide numerous research I have been involved with and conferences I have spoken at including Kaspersky SAS, NCSC, Underground Economy, Virusbulletin, CARO, APWG, Hackdays, Confidence, Cyberhagen and many more." Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode623

Cybercrime Tool Prices Bump Up in Dark Web Markets, Pen testers find mystery black box connected to ships engines, Using Machine Learning to Detect IP Hijacking - Schneier on Security, and much more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode623

We air three pre-recorded interviews from Hacker Halted with Cathy Ullman, Joe Gray, and Jenny Radcliffe! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode157

DeCloss is the President and CEO of PlexTrac. The segment will focus on the importance of a high-quality report and what red and blue teamers should recognize goes into a good report. Often times, there's no feedback loop after report delivery and collaboration can be limited post-engagement. That will lead into a demo of PlexTrac to highlight the efficiencies we provide when creating and receiving a report. To learn more about PlexTrac, visit: https://securityweekly.com/plextrac Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode623

In our second segment, we talk Tactics for Understanding Security Vendor Products! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode157

In the news, we discuss how Okta is launching offerings for threat detection and remediation, Tenable extends Lumin to all platform customers, Signal Sciences announces integration with Pivotal Container Service, and how Thoma Bravo made a 3.9 Billion dollar offer to acquire Sophos! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode157

It's our quarterly security money segment and we'll review the Security Weekly 25 index. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode147

In this segment, we'll share the results of our Security Weekly 25 Index Survey, which we completed earlier this year. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode147

In the Application Security News, Key takeaways from Imperva breach, From Automated Cloud Deployment to Progressive Delivery, Designing Your First App in Kubernetes: An Overview Food for Thought, Autonomy and the death of CVEs?, and AppSec 'Spaghetti on the Wall' Tool Strategy Undermining Security! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode80

Francois is a member of the Ping Identity Office of the CTO. He provides product and strategic direction to customers and partners with a focus on API infrastructures security and API cybersecurity. To learn more about Ping Identity, visit: https://securityweekly.com/ping Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode80

In the leadership and communications section, The 5 Enemies of Trustworthy Leadership, 5 Things Leaders Do That Stifle Innovation, 'What's Your Purpose'? Big Tech's 7 Favorite Interview Questions, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode146

Ex-Yahoo Engineer Abused Access to Hack 6,000 User Accounts, American Express Insider Breaches Cardholder Information, How a double-free bug in, WhatsApp turns to RCE, Flare-on 6 2019 Writeups, Five Trends Shaping the Future of Container Security, and Common Pitfalls of Security Monitoring! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode79

Ty Sbano is the Cloud Chief Information Security Officer of Sisense. Ty graduated from Penn State University with a B.S. in Information Science & Technology and from Norwich University with a M.S. in Information Assurance. He currently holds a CISSP, CEH, CCSK and CPT. To learn more, please visit – tysbano.com. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode146

How to step in and help with small cloud security teams. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode79

This week, we talk Security News, how Turkey fines Facebook $282,000 over privacy breach, why the FBI is encouraging not to pay ransomware demands, the top 10 cybersecurity myths that criminals love, Doordash third-party breach hits 4.9 Million users, and how a "Bulletproof" Dark Web data center was seized by German police! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode622

Stewart Room is a Partner of PwC. Security Professionals have long understood the need to deliver security outcomes in technology and data, but is the privacy community on the same page? Data Privacy requires outcomes for matters such as data accuracy, data minimization and fair processing, as well as risks, such as portability and access. These outcomes need tech and data solutions. In this session we will examine The Journey to Code, the next evolutionary step for Data Privacy. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode622

It's the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It's time for Security and Compliance Weekly. This show is hosted by: Jeff Man, Josh Marpet, and Scott Lyons. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode622

Paul Claxton is the CEO at Elite Holding, Co.. Discussing the top cyber security threats for chief operations officers and chief marketing officer/chief information security officers. With regards to the top cyber security threats, Phishing/Social Engineering, Insider Threats such as Private Contractors/Employees, and Data leakage/Information and Data Management. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode156

In the articles, they cover Why New Leaders Should Make Decisions Slowly, The Missing Ingredient in Kraft Heinz's Restructuring, Shift to digital business is booming, but are CEOs ignoring associated risk?, and much more! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode145 Visit https://www.securityweekly.com/bsw for all the latest episodes!

Matt Wyckhouse is the Co Founder & CEO at Finite State. More than 15 years of experience developing advanced software to support offensive and defensive cyber operations led Matt Wyckhouse to co-found Finite State in 2017 to focus on the unique challenges of cybersecurity in the IoT era. Matt spent most of his career at Battelle, the world's largest private R&D company, where he was the technical founder and CTO of Battelle's Cyber Innovations Business. He will be talking about Supply chain security in the IoT era. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode156

In the news, we discuss how ripwire unveils new version of Tripwire Connect, Infrastructure management at scale with Netshield, Five Trends Shaping the Future of Container Security, and some funding updates from BurstIQ and Kenna Security! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode156

Threat Actors Use Percentage-Based URL Encoding to Bypass Email Gateways, Intelligent Tracking Prevention 2.3 and a discussion to Limit the length of the Referer header with some background on Browser Side Channels, Serverless Security Threats Loom as Enterprises Go Cloud Native, and much more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode78 Visit https://www.securityweekly.com/asw for all the latest episodes!

Jeff Costlow is the Head of Security at ExtraHop. Organizations looking to embrace the speed and flexibility of the cloud need to shift gears in security as well, moving towards a cloud-first approach that combines complete visibility with behavioral- and- rule-based threat detection. Learn how the SOC Visibility Triad pairs network detection and response with endpoint detection and response and SIEM tools in order to help you strengthen your cloud security posture. To learn more about ExtraHop, visit: https://securityweekly.com/extrahop Full Show Notes: https://wiki.securityweekly.com/BSWEpisode145 Visit https://www.securityweekly.com/bsw for all the latest episodes!

Ryan Kelso is the Application Security Engineer at 10-Sec, Inc. Former developer turned application security engineer with a passion for giving back to the security community that has helped me out tremendously with getting into this field. Information disclosures traditionally aren't seen as high priority fixes, but can be pretty important in an exploitation chain. The more information provided to an attacker, the better equipped that attacker is. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode78 Visit https://www.securityweekly.com/asw for all the latest episodes!

How a hacker took over a smart home with vulgar music and rising temperatures, a security warning for 23 million YouTube creators following a crazy hack attack, Vimeo sued for storing faceprints of people without their say-so, Selfie Android Apps push ads and can record audio, and how adopting DevOps leads to an improved security posture! Full Show Notes: https://wiki.securityweekly.com/Episode621 Visit https://www.securityweekly.com/psw for all the latest episodes!

We interview Perry Carpenter and Chris Pritchard at DEF CON SE Village. Perry Carpenter talks about how (as someone on the autism spectrum) has used various social-engineering related skills to become extremely successful in my career. Chris Pritchard talks about the basics of Social Engineering aKa how I break into Casinos, Airports and Critical National Infrastructure. Full Show Notes: https://wiki.securityweekly.com/Episode621 Visit https://www.securityweekly.com/psw for all the latest episodes!

We interview Billy Boatright, Edward Miro, and Jayson Street at DEF CON SE Village. Billy talks about Impostor Syndrome. Edward Miro talks about Rideshare OSINT – Car Based SE For Fun & Profit. Jayson Street talks about Hugs, SE Village, Security Awareness, and DEF CON itself. Full Show Notes: https://wiki.securityweekly.com/Episode621 Visit https://www.securityweekly.com/psw for all the latest episodes!

Tony Meehan is the Vice President of Engineering at Endgame. Tony will be talking about building an engineering team for every stage of company growth. In the fast-paced startup world, there's one thing you can always rely on: constant change. This makes work challenging and stimulating, but it also means recruiting can be a real challenge. How do you describe your company to prospective candidates when the work environment is constantly evolving? And how do you attract people who will be the right fit for this precise moment in your growth, but who will also continue to be a good fit in the future? Full Show Notes: https://wiki.securityweekly.com/ES_Episode155 Visit https://www.securityweekly.com/esw for all the latest episodes!

gsgdfsgfd Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode22222

Brian Dye is the CEO of Corelight. Brian will be discussing the Path To Threat Hunting Is Paved With Great Network Data. Tune in for a lively discussion about the role of network evidence in threat hunting and innovations our guest speaker sees in the industry from some of the world's most sophisticated threat hunters. Brian Dye is Chief Product Officer at Corelight, provider of network security monitoring solutions from the creators of open-source Zeek (formerly Bro). Full Show Notes: https://wiki.securityweekly.com/ES_Episode155 Visit https://www.securityweekly.com/esw for all the latest episodes!

Brian Lamoureux is a Partner at Pannone Lopes Devereaux & O'Gara LLC. Is Big Tech heading down the same road of Big Tobacco? Full Show Notes: https://wiki.securityweekly.com/ASW_Episode77 Visit https://www.securityweekly.com/bsw for all the latest episodes!

In the news, Akamai acquires MFA specialist KryptCo, HP acquires Bromium to enhance its security platform, Cyber Insurance firm Cowbell emerges from stealth with $3.3M in seed funding, and more. Full Show Notes: https://wiki.securityweekly.com/ES_Episode155 Visit https://www.securityweekly.com/esw for all the latest episodes!

In the leadership and communications section, Troublesome Teammates, Email challenges and how to set boundaries, Cybersecurity confidence rattled by continued investments, small results, and more! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode144 Visit https://www.securityweekly.com/bsw for all the latest episodes!

BSIMM10 Emphasizes DevOps' Role in Software Security and the BSIMM10 report, Crowdsourced Security & the Gig Economy, Lessons learned through 15 years of SDL at work, Software eats the world, jobs double US employment growth rate, and more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode77 Visit https://www.securityweekly.com/asw for all the latest episodes!

Nicolas Valcárcel is the Security Engineer at AdRoll. Nicolas Developers and security professional have vastly different views of the world, so it's not uncommon that trainings created by the later don't fully reach the former. Training for developers should be made with their tools and with their view of the world in mind. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode77 Visit https://www.securityweekly.com/asw for all the latest episodes!

In the Security News, how an iOS 13 flaw could provide access to contacts with passcode, Equifax demands more information before making payouts, confidential data of 24.3 million patients were discovered online, and a SIM Flaw that lets hackers hijack any phone by sending SMS! Full Show Notes: https://wiki.securityweekly.com/Episode620 Visit https://www.securityweekly.com/psw for all the latest episodes!

Wes Widner is the Cloud Engineering Manager at CrowdStrike. Wes will be talking about personal voice assistants are the wave of the future. So naturally we should wonder about the unique attack vectors they pose. I'd like to discuss my research into this field and share a few tips on how you can keep yourself safe around voice assistants. Full Show Notes: https://wiki.securityweekly.com/Episode620 Visit https://www.securityweekly.com/psw for all the latest episodes!

Jason Lang is the Sr. Security Consultant of TrustedSec. Modern day red teaming against some of the largest company's in the US. Current passion is Ansible for red teamers (i.e. fast infrastructure buildout). To learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/Episode620 Visit https://www.securityweekly.com/psw for all the latest episodes!

John Strand gives a teaser about his upcoming webcast: Attacking AWS: Elastic Map to Reduce Clusters. John will talk about the intro to cloud security research. Full Show Notes: https://wiki.securityweekly.com/ES_Episode154 Visit https://www.securityweekly.com/esw for all the latest episodes!

In the Enterprise News, hundreds of laid off by Symantec as part of restructuring plan, Infection Monkey Industries first Zero Trust Assesment Tool, Shape Security eyes IPO after raising 51 million at 1 billion evaluation, Lacework secures $42 Million and adds new president, board members and customers, and FireMon announced the introduction of FireMon automation, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode154 Visit https://www.securityweekly.com/esw for all the latest episodes!

Matt gives a demo on Cloud Security covering IaaS, PaaS, FaaS, SaaS, and the components concerning the User and the provider. Full Show Notes: https://wiki.securityweekly.com/ES_Episode154 Visit https://www.securityweekly.com/esw for all the latest episodes!

Chris Bush is the Head of Security at ObserveIT. He will be discussing: Investigating the Insider Threat. To learn more about ObserveIT, visit: https://securityweekly.com/observeit Full Show Notes: https://wiki.securityweekly.com/BSWEpisode143 Visit https://www.securityweekly.com/bsw for all the latest episodes!

Simjacker – Next Generation Spying Over Mobile, Intel CPUs Vulnerable to Sensitive Data Leakage in NetCAT Attack and NetCAT: Practical Cache Attacks from the Network, What is PSD2? And how it will impact the payments processing industry, Better Together: Why Software-Development Toolmakers Should Embrace Integration, and more! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode143 Visit https://www.securityweekly.com/asw for all the latest episodes!

Why So Many Companies Fail at Strategy and How to Fix It, 8 Things Leaders Do That Make Employees Quit, The changing role of the CIO, How to Rehearse for an Important Presentation, and 10 Steps To Get Started In Cybersecurity Careers: What High-Achievers Do While Others Don't! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode143 Visit https://www.securityweekly.com/bsw for all the latest episodes!

Chris Bush is the Head of Security at ObserveIT. He will be discussing: Investigating the Insider Threat. To learn more about ObserveIT, visit: https://securityweekly.com/observeit Full Show Notes: https://wiki.securityweekly.com/BSWEpisode143 Visit https://www.securityweekly.com/bsw for all the latest episodes!

The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development. The excel tool Jay Durga developed can be used to measure metric or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode76 Visit https://www.securityweekly.com/asw for all the latest episodes!

At DEF CON 2019, we interview Chris Kirsch on Getting Psychic: Cold Reading Techniques for Fortune Tellers and Social Engineers Cold reading is a technique to make others believe that you have psychic powers. Then we interview Micah Zenko on the rationale and practice of non-cyber red teaming. Full Show Notes: https://wiki.securityweekly.com/Episode619 Visit https://www.securityweekly.com/psw for all the latest episodes!

Peter Smith is the Founder & CEO of Edgewise. Peter will be covering the Capital One breach and the AWS metadata service with request forgery. He will explain how to solve this problem with Edgewise. To learn more about Edgewise, visit: https://securityweekly.com/edgewise Full Show Notes: https://wiki.securityweekly.com/Episode619 Visit https://www.securityweekly.com/psw for all the latest episodes!

This week, we present the Security News, to discuss New ransomware grows 118% as cybercriminals adopt fresh tactics and code innovations, Period Tracker Apps share data with Facebook, U.S. Cyber Command trolls North Korea with Malware Release, and a lot more! Full Show Notes: https://wiki.securityweekly.com/Episode619 Visit https://www.securityweekly.com/psw for all the latest episodes!

We interview Dan Cornell, the Founder & CTO the at DenimGroup.Next, Bryson Bort, the Founder & CEO at SCYTHE. Last, Yuriy Bulygin, the Founder & CEO at Eclypsium. Full Show Notes: https://wiki.securityweekly.com/ES_Episode153 Visit https://www.securityweekly.com/esw for all the latest episodes!