Security Weekly Podcast Network (Video)

Harry Sverdlove, Chief Technology Officer of Edgewise for an interview, to talk about The Future of Firewalls! To learn more about Edgewise, visit: https://www.securityweekly.com/edgewise Full Show Notes: https://wiki.securityweekly.com/Episode594 Follow us on Twitter: https://www.twitter.com/securityweekly

Where do we stand today in the following 3 areas when it comes to vulnerability management: 1. Applications - DevOps, containers and applications in general (desktop and SaaS) - What are the new challenges and how do we solve them? 2. Infrastructure - We still have infrastructure, operating systems, IoT, network infrastructure, etc...How do we best make this happen and make sense of the results? 3. Mobile - How do we cover iOS, Android, Chrome OS? Do we even care? Full Show Notes: https://wiki.securityweekly.com/ES_Episode126 Visit http://securityweekly.com/esw for all the latest episodes!

Cisco unlocks IoT potential with Intent-Based Networking, Qualys extends cloud platform with patch management, Tenable announces general availability of Predictive Prioritization, and Lacework announces security support for Azure and Multicloud environments! Full Show Notes: https://wiki.securityweekly.com/ES_Episode126 Visit http://securityweekly.com/esw for all the latest episodes!

In the Application Security News, Many popular iPhone apps secretly record your screen without asking, MongoDB databases still being held for ransom, Most of the Fortune 100 still use flawed software that led to the Equifax breach, and a Chrome extension with millions of users is now serving popup ads! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode50 Follow us on Twitter: https://www.twitter.com/securityweekly

Tim Eades is the CEO at vArmour. Tim joins us on the show to talk about the basic flow of problems, the solutions, and the value. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode50 Follow us on Twitter: https://www.twitter.com/securityweekly

In the Leadership and Communications segment, Keep your employees and you'll keep your customers, Why leadership development is superficial and how to fix it, simple techniques to overcome negative emotions when negotiating with others, and more! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode117

Ed Moyle is on the Advisory Board for InfoSec World and he joins us on the show to talk about InfoSec World 2019 and its upcoming plans. Ed Moyle is also giving a talk on "Cryptocurrency Lessons for Enterprise Blockchain". Full Show Notes: https://wiki.securityweekly.com/BSWEpisode117

Connie Mastovich is the Sr. Security Compliance Analyst at Reclamere and she will be speaking at InfoSec World 2019. Connie's talk will be about "The Dark Web 2.0: How It Is Evolving, and How Can We Protect Ourselves?" Connie teases her talk and explains how to protect ourselves, our clients, and the information that we handle daily. Full Show Notes: https://wiki.securityweekly.com/Episode593 Follow us on Twitter: https://www.twitter.com/securityweekly

5G networks must be secured from hackers and bad actors, zero-day vulnerability highlights the responsible disclosure dilemma, a flaw in multiple airline systems exposes passenger data, security bugs in video chat tools enable remote attackers, and an original World War 2 German message decrypts to go on display at the National Museum of Computing! Full Show Notes: https://wiki.securityweekly.com/Episode593 Follow us on Twitter: https://www.twitter.com/securityweekly

DetectionLab is a collection of Vagrant and Packer scripts that allows you to automate the creation of a small active directory network that is pre-loaded with endpoint security tooling and logging best practices with a single command. It's cross-platform and the only requirements to bring up the lab are are Virtualbox / VMware and Vagrant. Full Show Notes: https://wiki.securityweekly.com/Episode593 Follow us on Twitter: https://www.twitter.com/securityweekly

RSA Conference announces finalists for Innovation Sandbox Contest 2019, DigiCert announces all-in-one digital certificate management solution, Google's new Chrome extension warns you about stolen passwords, Signal Sciences raises 35$ Million to accelerate market expansion and tech innovation, and Palo Alto is in talks to buy Information Security firm Demisto! Full Show Notes: https://wiki.securityweekly.com/ES_Episode125 Visit http://securityweekly.com/esw for all the latest episodes!

Randall Trzeciak, the Director of the CERT Insider Threat Center at Carnegie Mellon University's Software Engineering Institute! Randall will be speaking at InfoSec World 2019 about "An Effective Insider Threat Program" on Saturday, March 30th @9:00 am. Full Show Notes: https://wiki.securityweekly.com/ES_Episode125 Visit http://securityweekly.com/esw for all the latest episodes!

Three UK customer details exposed in homepage blunder, Microsoft cloud services see global authentication outage, the age of surveillance capitalism, the rise of DevXOps, and much more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode49 Follow us on Twitter: https://www.twitter.com/securityweekly

Keith and Paul discuss the current state of privacy and software development. - Facebook reveals news feed experiment to control emotions - Facebook pays teens to install VPN that spies on them - Apple blocks Facebook from running its internal iOS apps - Apple restores Google's internal iOS apps after certificate misuse punishment Full Show Notes: https://wiki.securityweekly.com/ASW_Episode49 Follow us on Twitter: https://www.twitter.com/securityweekly

Sandra Toms is Vice President and Curator at RSA Conference. In 1998, her vision was to establish RSA Conference as a global cybersecurity forum where technology vendors and businesses unite. We all know how that turned out! Britta Glade is Director, Content and Curation at RSA Conference. When I first met Britta in 2012, she headed analyst relations for RSA before moving over to RSA Conference. If you want to learn more about RSA Conference, you can visit RSAConference.com. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode116

We welcome David Kennedy, founder and CEO, at TrustedSec to discuss "Investing in the right technology and resources"! To learn more about TrustedSec, visit: https://www.securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/BSWEpisode116

In our second segment, the Security Weekly hosts will discuss the Future of Security, such as major changes, evolving threats, and security culture! Full Show notes: https://wiki.securityweekly.com/Episode592 Follow us on Twitter: https://www.twitter.com/securityweekly

Benjamin Daniel Mussleris the Senior Security Researcher at Acunetix. Benjamin will come on the show to talk about Web App Scanning with authentication. To learn more about Acunetix, visit: https://securityweekly.com/acunetix Full Show Notes: https://wiki.securityweekly.com/Episode592 Follow us on Twitter: https://www.twitter.com/securityweekly

In the Security News, 5 tips for access control from an ethical hacker, Japan is to hunt down Citizens insecure IoT devices, kid tracking watches allow attackers to monitor real time location data, and Imperva mitigate a DDoS attack generated 500 million packets per second! Full Show Notes: https://wiki.securityweekly.com/Episode592 Follow us on Twitter: https://www.twitter.com/securityweekly

In the Enterprise Security News, we will discuss how Cynets Platform approach tames cyber security issues, Salt Security launches API protection platform, Yubicos 2019 state of password and authentication security report, and we have some acquisition and funding updates from ReSec, Medigate, Cato Networks, Sophos, and DarkBytes! Full Show Notes: https://wiki.securityweekly.com/ES_Episode124 Visit http://securityweekly.com/esw for all the latest episodes!

In the Leadership and Communications segment, cybersecurity isn't just for tech people anymore, the weird approach to leadership, 4 things to do before a tough conversation, and more! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode115

Shreyans Mehta is the CTO at Cequence Security. Shreyans joins us to talk about advanced bot protection and how Cequence is involved. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode115

Andrew Peterson is the Founder & CEO of Signal Sciences, and an O'Reilly author of "Cracking Security Misconceptions". He joins the show today to talk about prioritizing bugs, if certain bugs at lower levels are being exploited, how to connect with developers and prioritize bugs, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode124 Visit http://securityweekly.com/esw for all the latest episodes!

Dr. Jing Xie is the senior threat intelligence researcher for Venafi, the market leading cybersecurity company in machine identity protection. As a member of the Venafi thought leadership group, she leads Venafi Labs. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode48 Follow us on Twitter: https://www.twitter.com/securityweekly

Concerns about WordPress' new "White Screen of Death", Google Chrome changes could 'destroy' ad-blockers, Mozilla is adding and ad-blocker to Firefox Focus 9.0, Websites can steal browser data via extensions APIs, a Fortnite security issue would have granted hackers access to accounts, and more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode48 Follow us on Twitter: https://www.twitter.com/securityweekly

Cellular carriers are implementing services to identify cell scam leveraging, New Android Malware uses motion sensor to avoid detection, Linux Malware disables security software to mine cryptocurrency, and how a Hacker threatened a family using a Nest Camera to broadcast a fake missile attack alert! Full Show Notes: https://wiki.securityweekly.com/Episode591 Follow us on Twitter: https://www.twitter.com/securityweekly

In our second segment, the Security Weekly hosts talks about some of our favorite hacker movies, influencers in the community, and what software and devices make appearances in our labs! Full Show Notes: https://wiki.securityweekly.com/Episode591 Follow us on Twitter: https://www.twitter.com/securityweekly

Christopher Morales is Head of Security Analytics at Vectra, where he advises and designs incident response and threat management programs for Fortune 500 enterprise clients. Christopher is a widely respected expert on cybersecurity issues and technologies and has researched, written and presented numerous information security architecture programs and processes. Full Show Notes: https://wiki.securityweekly.com/Episode591 Follow us on Twitter: https://www.twitter.com/securityweekly

Jeff Man joins Paul to talk about Ping Identity offering advanced API cyber protection, AppDynamics keeps expanding monitoring vision, eSentire announces managed endpoint defense powered by Carbon Black, and Juniper Networks signs a deal with IBMs! Full Show Notes: https://wiki.securityweekly.com/ES_Episode123 Visit http://securityweekly.com/esw for all the latest episodes!

Paul and Jeff Man talk about Open-Source and free collaboration security tools. 1. Project Planning - OrangeScrum 2. Ticketing - Mantis Bug Tracker 3. Documentation - MediaWiki 4. Zabbix - Remote System Monitoring 5. Feedly - Share stories and RSS feed 6. Slack - Free! Full Show Notes: https://wiki.securityweekly.com/ES_Episode123 Visit http://securityweekly.com/esw for all the latest episodes!

This week on Application Security Weekly, Matt Alderman is joined by James Wickett, who is the Head of Research at Signal Sciences. They talk about the human element of application security training and testing. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode47 Follow us on Twitter: https://www.twitter.com/securityweekly

In the Leadership and Communications segment, customer surveys are no substitute for actually talking to customers, CEOs most concerned about Cybersecurity in 2019, the open workspace, doesn't work, and more! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode114

In the News segment, Oracle patches 284 vulnerabilities, bug in Twitter Android app exposed protected tweets, 4 tips for better API Security in 2019, and more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode47 Follow us on Twitter: https://www.twitter.com/securityweekly

Zane Lackey is the Chief Security Officer at Signal Sciences. Zane comes on the show to talk about advising! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode114

Two code execution flaws patched in Drupal, 773 million records exposed in massive data breach, prices for zero-day exploits are rising, new attacks target recent PHP framework vulnerability, and Microsoft launches a new Azure DevOps Bug Bounty program! Full Show Notes: https://wiki.securityweekly.com/Episode590 Follow us on Twitter: https://www.twitter.com/securityweekly

Joff will demonstrate some syntax with PowerShell useful for transferring data into a network while pen testing. The technical segment assumes that the pen testing is able to directly use PowerShell from the console itself, although the techniques can be adapted for different purposes. To learn more about BHIS, visit: https://securityweekly.com/bhis Full Show Notes: https://wiki.securityweekly.com/Episode590 Follow us on Twitter: https://www.twitter.com/securityweekly

Dr. Eric Cole is the leading cybersecurity expert in the world, known as the go-to for major political and business power players. Full Show Notes: https://wiki.securityweekly.com/Episode590 Follow us on Twitter: https://www.twitter.com/securityweekly

In this segment, we will discuss some security product launches & announcements from Trustwave, NopSec, ConnectGuard, Pulse Secure, and Synopsys! Full Show Notes: https://wiki.securityweekly.com/ES_Episode122 Visit http://securityweekly.com/esw for all the latest episodes!

In this segment, they discuss some mergers, acquisitions, and partnerships, such as TokenEx partnering with SureCloud, Check Point acquires ForceNock, Zix agrees to acquire AppRiver for $275 million, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode122 Visit http://securityweekly.com/esw for all the latest episodes!

Another server security lapse at NASA exposed staff and project data, CRLF Injection Into PHP's cURL Options, System Down: A systemd-journald exploit, GitHub now gives free users unlimited private repositories, Twitter is Broken, Government shutdown: TLS certificates not renewed, many websites are down, and much more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode46 Follow us on Twitter: https://www.twitter.com/securityweekly

In business articles they discuss, how to be present, manage time, and avoid distractions, why your gut instinct is usually wrong, the 5 most efficient ways to get your work done, the creative difference between multitasking and multi-focus, and much more! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode113

Rey is a security advocate at Microsoft focused on helping the community build secure systems & being a voice for researchers within MS. After a long career in software development, he developed a strong interest in cybersecurity 2 years ago & worked feverishly to transition into this new community. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode46 Follow us on Twitter: https://www.twitter.com/securityweekly

This week we introduce a new quarterly segment to review the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. We also created our own index to track public security companies called the Security Weekly 25. Let's understand how the security market is doing. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode113

Tim Callahan joined Aflac in 2014, bringing more than 30 years of experience in information and physical security, business resiliency and risk management. They talk about communicating threat intelligence to executives and the board. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode112

Why Hyatt Is Launching a Public Bug Bounty Program, Amazon Key partners with myQ, Web vulnerabilities up, IoT flaws down, enterprise iPhones will soon be able to use security dongles, and how El Chapo's IT manager cracked his encrypted chats and brought him down! Full Show Notes: https://wiki.securityweekly.com/Episode589 Follow us on Twitter: https://www.twitter.com/securityweekly

Kory Findley talks about his Github project pktrecon. Internal network segment reconnaissance using packets captured from broadcast and service discovery protocol traffic. pktrecon is a tool for internal network segment reconnaissance using broadcast and service discovery protocol traffic. Individual pieces of data collected from these protocols include hostnames, IPv4 and IPv6 addresses, router addresses, gateways and firewalls, Windows OS fingerprints, and much more. This data is correlated and normalized with attackers in mind, and provides an effective method of initiating an engagement and obtaining as much target data as possible before resorting to more active methods. Full Show Notes: https://wiki.securityweekly.com/Episode589 Follow us on Twitter: https://www.twitter.com/securityweekly

Bryson is the Founder and CEO of SCYTHE and Founder of GRIMM. He comes on the show to talk about Attack Simulation. To learn more about SCYTHE.io, go to: https://www.scythe.io/securityweekly Full Show Notes: https://wiki.securityweekly.com/Episode589 Follow us on Twitter: https://www.twitter.com/securityweekly

Neustar bolsters fraud detection capabilities with Trustid, almost half of containers in production have vulnerabilities, BlackBerry offers its security technology to IoT device makers, and Radware to acquire ShieldSquare for expansion of its cloud security portfolio! Full Show Notes: https://wiki.securityweekly.com/ES_Episode121 Visit http://securityweekly.com/esw for all the latest episodes!

Tony Cole is the Chief Technology Officer at Attivo Networks and is a cybersecurity expert with more than 30 years' experience, a bachelor's degree in computer networking and is a CISSP. Tony discusses the cyber deception in the enterprises today and gives a brief history of deception and it's applicability to cybersecurity. Full Show Notes: https://wiki.securityweekly.com/ES_Episode121 Visit http://securityweekly.com/esw for all the latest episodes!

Ken Johnson has been hacking web applications professionally for 10 years and giving security training for 7 of those years. Ken is both a breaker and builder who currently works on the GitHub application security team. Ken explains approaching appsec the right way, "running a scanner without context", getting the right context/importance of context, and how do you figure what's real and what's legit? Full Show Notes: https://wiki.securityweekly.com/ASW_Episode45 Follow us on Twitter: https://www.twitter.com/securityweekly