Security Weekly Podcast Network (Video)

Steve Laubenstein is the VP - Cyber Threat Products Group at Core Security - a HelpSystems Company. Steve will be discussing the need to understand your system's resilience to attacks, and your people's ability to quickly identify and respond, has never been higher. Yet, we live in an IT world that is increasingly becoming borderless. We will be discussing the role of pen testing where mobile, cloud, IoT and network sprawl are the new normal. To learn more about Core Security, visit: https://securityweekly.com/coresecurity Full Show Notes: https://wiki.securityweekly.com/ES_Episode153 Visit https://www.securityweekly.com/esw for all the latest episodes!

This week, in the Enterprise News, Splunk buys SaaS startup Omnition, Stage Fund buys Israeli cybersecurity co Cymmetria, Trustwave platform brings more visibility and control cloud security, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode153 Visit https://www.securityweekly.com/esw for all the latest episodes!

Brian Reed is the Chief Mobility Officer at NowSecure. Brian discusses mobile-app traffic now outpaces mobile web traffic, yet for many organizations mobile security drags behind web leaving businesses at risk. In fact, industry benchmarks show 85% of mobile apps have security issues and 72% have mobile privacy issues. As more organizations build mobile apps to engage with customers in delightful experiences and drive digital transformation, dev and security teams are looking for ways to ensure security and privacy are built in. The mobile app security techstack now includes tools purpose-built for mobile that automate testing and integrate into the SDLC. Let's enable the business to deliver secure mobile apps faster. To learn more about NowSecure, visit: https://securityweekly.com/nowsecure Full Show Notes: https://wiki.securityweekly.com/BSWEpisode142 Visit https://www.securityweekly.com/bsw for all the latest episodes!

A very deep dive into iOS Exploit chains found in the wild followed by Heap Exploit Development, Twitter turns off SMS texting after @Jack hijacking, CVE-2019-15846: Unauthenticated Remote Command Execution Flaw Disclosed for Exim, 7 Steps to Web App Security, Fuzzing 101: Why Bug Hunters Still Love It After All These Years, and more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode75 Visit https://www.securityweekly.com/asw for all the latest episodes!

David X Martin is the CEO at DavidXMartin, LLC. He is passionate about helping business leaders sleep better at night – by equipping them with critical cyber risk management tools that protect their enterprises while enhancing strategic business growth. David will be covering Critical Business Decision Making - IT vs Business Making. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode142 Visit https://www.securityweekly.com/bsw for all the latest episodes!

Ty Sbano is the Cloud Chief Information Security Officer of Sisense. Ty will be discussing Tools in the DevOps Pipeline, Component Analysis, and Anything Application Security! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode75 Visit https://www.securityweekly.com/asw for all the latest episodes!

We interview Carolyn Crandall, the Chief Deception Officer at Attivo Networks. Carolyn will discussing the deception technology fabric, which interweaves "wolves in sheep's clothing" throughout the network to deceive attackers, detect their presence, and derail their attacks. We interview Krupa Srivatsan, the Director of Security Products at Infoblox. Krupa will talk about Network Security Foundations for Digital Transformation. Full Show Notes: https://wiki.securityweekly.com/ES_Episode152 Visit https://www.securityweekly.com/esw for all the latest episodes!

Privilege Escalation Vulnerability that existed in Check Point Software, Untangle survey finds SMBs continue to struggle with IT Security, Tufin delivers enhanced Visibility and Topology modeling for Cisco ACI Migration, and how the OS that poweredf smartphones started from failure! Full Show Notes: https://wiki.securityweekly.com/ES_Episode152 Visit https://www.securityweekly.com/esw for all the latest episodes!

We interview Jason Brvenik, the Chief Executive Officer at NSS Labs. Jason will cover The Importance of Independent, Third-Party Testing. We interview Mehul Revankar, the Senior Product Manager at SaltStack. Mehul will be talking about the intersection between security and IT operations. Full Show Notes: https://wiki.securityweekly.com/ES_Episode152 Visit https://www.securityweekly.com/esw for all the latest episodes!

Christopher Hadnagy is the Chief Human Hacker of Social-Engineer, LLC. Chris will be giving an overview of inaugural SEVillage Orlando 2020. Brief description of the training workshops provided. Mission and information on non-profit Innocent Lives Foundation. Full Show Notes: https://wiki.securityweekly.com/Episode618 Visit https://www.securityweekly.com/psw for all the latest episodes!

Corey Thuen is the Co-Founder at Gravwell. Security analytics using the new Sysmon DNS logging and Sysmon DNS logging dropped this week. Full Show Notes: https://wiki.securityweekly.com/Episode618 Visit https://www.securityweekly.com/psw for all the latest episodes!

We interview Brett Wahlin, the VP of Security & Trust at Respond Software, Andrew Homer, the VP of Business Development at Morphisec, and Mat Gangwer, the Director of Managed Threat Response at Sophos. Full Show Notes: https://wiki.securityweekly.com/ES_Episode151 Visit https://www.securityweekly.com/esw for all the latest episodes!

We interview Chris Kennedy, the CISO & VP and Customer Success at AttackIQ, Balaji Prasad, the VP of Product Management at BlueHexagon, and Mike Weber, the VP of Product Management at Coalfire. Full Show Notes: https://wiki.securityweekly.com/ES_Episode151 Visit https://www.securityweekly.com/esw for all the latest episodes!

In the news, we discuss how AT&T employees took bribes to plant malware on the company's network, how hackers could decrypt your GSM calls, 80 suspects charged with massive BEC scam, and how the passports and licenses of 300 people were leaked in New Zealand! Full Show Notes: https://wiki.securityweekly.com/Episode618 Visit https://www.securityweekly.com/psw for all the latest episodes!

In the news, we discuss 5 tips on how testers can collaborate with software developers, Imperva discloses a data breach affecting some firewall users, VMware unveils security enhancements in Virtual Cloud Network Offering, and how Veristor and Synack partner to apply Ethical Hackers and AI Technology! Full Show Notes: https://wiki.securityweekly.com/ES_Episode151 Visit https://www.securityweekly.com/esw for all the latest episodes!

We interview Azi Cohen the Co-founder of WhiteSource. He will be talking about Application security has undergone a transition in recent years, as information security teams testing products before release became irrelevant, developers started playing a leading role in the day-to-day operational responsibility for application security. We then interview Jeff Hudson the CEO of Venafi. He will talk about code signing that has been used to verify the integrity of software, and nearly every organization relies on it to confirm their code has not been corrupted with malware. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode74 Visit https://www.securityweekly.com/asw for all the latest episodes!

IT and data breaches are going up every year and a large portion of them involve vendors or other third parties with access to enterprise networks and systems. Mr. Howlett will review the current state, examine a couple of high profile vendor related breaches for lessons learned and talk about best practices to limit 3rd party risk. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode141 Visit https://www.securityweekly.com/bsw for all the latest episodes!

Pawan Shankar is the Senior Product Marketing Manager of Sysdig. Sysdig is very excited to announce the launch of Sysdig Secure 2.4! With this release, Sysdig adds runtime profiling to enhance anomaly detection and introduces brand new interfaces that improve runtime security policy creation and vulnerability reporting. To learn more about Sysdig, visit: https://securityweekly.com/sysdig Full Show Notes: https://wiki.securityweekly.com/ASW_Episode74 Visit https://www.securityweekly.com/asw for all the latest episodes!

In the Leadership and Communications segment, The elements of a good company apology, 8 ways leaders delegate successfully, there's no shame in working on vacation and more! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode141 Visit https://www.securityweekly.com/bsw for all the latest episodes!

We interview Roman Sannikov, the Director and Analyst on Demand at Recorded Future. We also interview Ray DeMeo, the Chief Operating Officer at Virsec. \Full Show Notes: https://wiki.securityweekly.com/Episode617 Visit https://www.securityweekly.com/psw for all the latest episodes!

In the news, ThreatConnect released Enhanced Integration with Flashpoint, ObserveIT unveils crowdsourced insider threat analytics solution, Thycotic launches automated solution for managing service accounts, and StackRox Kubernetes Security Platform is offered on the GCP! Full Show Notes: https://wiki.securityweekly.com/ES_Episode150 Visit https://www.securityweekly.com/esw for all the latest episodes!

Waiting to deploy critical patches makes you a bigger target - Cybercriminals Have Seven-Day Advantage to Weaponize Vulnerabilities, According to New Research from Tenable- Cyber Criminals have seven day advantage to weaponize vulnerabilities according to new research from tenable. To learn more about Automox, visit: https://securityweekly.com/automox Full Show Notes: https://wiki.securityweekly.com/Episode617 Visit https://www.securityweekly.com/psw for all the latest episodes!

Paul gives a technical segment on deobfuscating JavaScript to investigate phishing domains. To learn more about DomainTools, visit: https://securityweekly.com/domaintools Full Show Notes: https://wiki.securityweekly.com/Episode617 Visit https://www.securityweekly.com/psw for all the latest episodes!

We interview Carsten Willems from VMRay and David Etue from BlueVoyant! Full Show Notes: https://wiki.securityweekly.com/ES_Episode150 Visit https://www.securityweekly.com/esw for all the latest episodes!

We interview Steve Laubenstein from CoreSecurity, Ian McShane from Endgame, and Peter Smith from Edgewise! Full Show Notes: https://wiki.securityweekly.com/ES_Episode150 Visit https://www.securityweekly.com/esw for all the latest episodes!

Hacker Halted is EC-Council's premier IT Security Conference held in Atlanta annually. Hacker Halted gathers 1400+ Information Security Professionals in two days of Exhibiting, Breakout Sessions, Live Hacking Demos and Keynotes! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode140 To register for Hacker Halted, visit: https://securityweekly.com/hackerhalted and use the discount code HH19SW to get $100 off! Visit https://www.securityweekly.com/bsw for all the latest episodes!

CVE-2019-1162 showcases elevation of privilege in an ancient Windows component. HTTP/2 Denial of Service Advisory with seven vulns that affects the protocol implemented by several vendors, SSH certificate authentication for GitHub Enterprise Cloud works well with tools like Sharkey and BLESS. We talked more about ephemeral access and SSH in episode 71, Polaris Points the Way to Kubernetes Best Practices, and much more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode73 Visit https://www.securityweekly.com/asw for all the latest episodes!

In the Leadership and Communications segment, 3 Traits Of Successful Entrepreneurs, 4 Ways To Gain Power And Use It For Good, 5 Reasons to Never Compromise on Punctuality, and more! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode140 Visit https://www.securityweekly.com/bsw for all the latest episodes!

At Black Hat 2019, we interviewed: Ameya Talwalker from Cequence, Mark Batchelor from PING Identity, and Michael Krueger from NowSecure! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode73 Visit https://www.securityweekly.com/asw for all the latest episodes!

In this segment, we interview O'Shea Bowens from Null Hat Security and Tyler Robinson from Nisos, Inc., from the Blue Team Village. Then we interview Aaran Leyland in the Social Engineering Village. Full Show Notes: https://wiki.securityweekly.com/Episode616 Visit https://www.securityweekly.com/psw for all the latest episodes!

The Huawei shenanigans get deeper and more broad. - This is why I have issues with supply chain, CapitalOne hacker may have stolen from 30 more companies, New Data Breach Has Exposed Millions Of Fingerprint And Facial Recognition Records, Malware lingers in SMBs for an average of 800 days before discovery, and more! Full Show Notes: https://wiki.securityweekly.com/Episode616 Visit https://www.securityweekly.com/psw for all the latest episodes!

Tony Punturiero is the Community Manager at Offensive Security. Discussing about my adventure transferring from being on the blue side to becoming a pentester/red teamer full time. Created an infosec community to help each people in the infosec field come together to learn from one another. Full Show Notes: https://wiki.securityweekly.com/Episode616 Visit https://www.securityweekly.com/psw for all the latest episodes!

We interviewed NetScout, Remediant, and BitDefender at Black Hat 2019! Full Show Notes: https://wiki.securityweekly.com/ES_Episode149 Visit https://www.securityweekly.com/esw for all the latest episodes!

Containers are a hot topic because of the simplicity they bring to the process of software development, shipping, and deployment. It is important to understand the security properties of containers, how they have been escaped in the past, and how they are likely to be escaped in the future. Full Show Notes: https://wiki.securityweekly.com/ES_Episode148 Visit https://www.securityweekly.com/esw for all the latest episodes!

Managing vulnerabilities the Enterprise is more than how many assets can you scan but how do you manage the issues that you discover. They will cover usability, easy to use tool, fast deployment, quickly operational, intuitive UI and workflow, discovery, and accuracy. Full Show Notes: https://wiki.securityweekly.com/ES_Episode148 Visit https://www.securityweekly.com/esw for all the latest episodes!

Signal Sciences Rolls New Application Security Product, A10 Networks brings zero-day automated protection to DDoS defense, and we have some acquisition and funding updates from Symantec, McAfee, Cybereason, and Capsule8! Full Show Notes: https://wiki.securityweekly.com/ES_Episode149 Visit https://www.securityweekly.com/esw for all the latest episodes!

During this discussion, Joshua and Paul will speak about the threats facing organizations today and how they are evolving. Josh will also discuss how IT and security teams need to understand the threats their organizations face and how leveraging actionable threat intelligence can help them build the most effective and efficient defense strategy. →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

In the Leadership and Communications segment, How our brains decide when to trust, Warren Buffet's "2 List strategy, Lack of IT leadership fuels IoT trial failures, and more! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode139 Visit https://www.securityweekly.com/bsw for all the latest episodes!

Network Detection & Response (NDR) as a critical component of cloud-first security, both because of the need for east-west visibility across cloud and on-premises assets, and because combining behavioral-based threat detection with signature-based detection gives organizations a better chance of discovering threats quickly enough (and with enough context) to mitigate the damage. Full Show Notes: https://wiki.securityweekly.com/ES_Episode148 Visit https://www.securityweekly.com/esw for all the latest episodes!

IT operations and security teams are very different, but at a high level they both work to create a highly available digital infrastructure that s secure and compliant with regulatory standards. Achieving this goal is easier said than done for most organizations. SaltStack is bringing new solution to market to solve this well know but unique problem. Full Show Notes: https://wiki.securityweekly.com/ES_Episode149 Visit https://www.securityweekly.com/esw for all the latest episodes!

From Equifax to Capital One: The problem with web application security, Upcoming Change to Chrome's Identity Indicators means the EV UI Moving to Page Info, Apple extends its bug bounty program to cover macOS with $1 million in rewards, Azure Security Lab: a new space for Azure research and collaboration, Awarding Google Cloud Vulnerability Research, and more! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode139 Visit https://www.securityweekly.com/asw for all the latest episodes!

Outline of Interview: Leaders want to be successful, what are the "6 Secrets of Success" As a leader, what's my body language and how do I improve it: "Body Language of Leaders" "Myths About Body Language" "Confident Body Language Boosters" As a leader, I need to know "How to Increase Your Influence" Finally, as a leader, I need to know "How to Capture an Audience by Using the Body Language Secrets" Full Show Notes: https://wiki.securityweekly.com/BSWEpisode139 Visit https://www.securityweekly.com/bsw for all the latest episodes!

Paul, Larry, Doug, and Gabe talk about Software Development: Security Do's & Don'ts. →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

Gabriel Gumbs is the VP of Product Management at Spirion where his focus is on the strategy and technology propelling Spirion's rapidly-growing security platform. →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

Mike Shema and Matt Alderman discuss Hacker Summer Camp as the Security Weekly team has returned from Las Vegas. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode72 Visit https://www.securityweekly.com/asw for all the latest episodes!

In the Security News, the US government issues a light aircraft cyber alert, thieves steal a laptop with 30 years of Data from University of Western Australia, RCE is possible by exploiting flaws in Vxworks, and the alleged Capital One hacker is barely bothered to hide! Full Show Notes: https://wiki.securityweekly.com/Episode614 Visit https://www.securityweekly.com/psw for all the latest episodes!

Talk about the way Signal Sciences is implemented, especially in the container world. Where we sit in the stack for protection of the web apps in those containers and common first things identified after install (Attack Scanners, Injection Attacks, actionable anomalies like 404 or 500 errors). Finally do a short demo walking through installing Signal Sciences in a Kubernetes environment and the Signal Sciences dashboard. To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences Full Show Notes: https://wiki.securityweekly.com/Episode614 Visit https://www.securityweekly.com/psw for all the latest episodes!

Sam Straka is the Technical Product Manager at LogRhythm, and he will be talking about the movement of their market to the Cloud, how LogRhythm is innovating in that area, and why total cost of ownership is important when looking at a SIEM platform. To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm Full Show Notes: https://wiki.securityweekly.com/Episode614 Visit https://www.securityweekly.com/psw for all the latest episodes!

Charles Thompson, Sr. Director of Product Management at VIAVI Solutions, has a career spanning 20 years in the IT space specializing in using wire-data to assist SecOps and NetOps teams with management, analysis, and protection of critical applications, services, and data. Full Show Notes: https://wiki.securityweekly.com/ES_Episode147 Visit https://www.securityweekly.com/esw for all the latest episodes!

Paul, Matt, and John Strand to discuss how Microsoft acquires BlueTalon to bolster data governance offerings, Arduino selects Auth0 as standardized login for open source ecosystem, new code-signing solution released by Venafi, and ExtraHop issues warning about phoning home in new security advisory! Full Show Notes: https://wiki.securityweekly.com/ES_Episode147 Visit https://www.securityweekly.com/esw for all the latest episodes!