Security Weekly Podcast Network (Video)

Where do the lines blur between monitoring, configuration, and vulnerability management? What is the best way to monitor systems in an enterprise? How to you manage machine to machine trust? Answers to all those questions and more in this segment! Full Show Notes: https://wiki.securityweekly.com/ES_Episode54 Visit http://securityweekly.com/esw for all the latest episodes!

Get some in-depth information on GDPR from Thomas Fischer, a Global Security Advocate at Digital Guardian and Director of BSides London! Full Show Notes: https://wiki.securityweekly.com/ES_Episode54 Visit http://securityweekly.com/esw for all the latest episodes!

ZeroFOX, Deep Instinct, Flashpoint, Symantec acquired Skycure for an undisclosed amount, RiskLens and Nok Nok Labs raised $8M series D. Full Show Notes: https://wiki.securityweekly.com/SSWEpisode47 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!

Ronnie Feldman is the President & Creative Director of Learnings & Entertainments, a network of comedians musicians, and writers that builds creative content to improve employee engagement, communication and corporate education. Full Show Notes: https://wiki.securityweekly.com/SSWEpisode47 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!

Forgetting your Windows password, bidding farewell to SMS authentication, reviewing Black Hat USA 2017, Ubuntu Linux for Windows 10, and more. Jason Wood of Paladin Security joins us to discuss companies being breached due to misconfiguration on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode133 Visit http://hacknaked.tv to get all the latest episodes!

Russians on PornHub, dirty songs on the radio, Windows security protocol vulnerabilities, tomato plant security, and more security news! Full Show Notes: https://wiki.securityweekly.com/Episode522 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

This is a random technical segment on implementing random number generators in Linux. Don shows us the ins and outs of the entropy pool, the different between /dev/random and /dev/urandom, and some awesome hardware that can increase entropy. Full Show Notes: https://wiki.securityweekly.com/Episode522 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Learn about "fileless" malware, threat actors, evading detection on the endpoint and more! Joe Desimone is a Malware Researcher at Endgame. He focuses on tracking and countering APTs, reverse engineering malware, and developing novel techniques and tools to empower hunt teams. Full Show Notes: https://wiki.securityweekly.com/Episode522 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Ferruh Mavituna of Netsparker joins us to discuss CI level automated web security! Full Show Notes: https://wiki.securityweekly.com/ES_Episode53 Visit http://securityweekly.com/esw for all the latest episodes!

Suffering breaches from ex-employees, Tanium announces threat response, the SANS Institute's incident response survey results, and is cybersecurity getting harder? Full Show Notes: https://wiki.securityweekly.com/ES_Episode53 Visit http://securityweekly.com/esw for all the latest episodes!

If you are a security professional who has not taken the plunge into Docker, this segment is for you. Paul highlights some of the configuration options available for Docket containers and how you can apply them to both your operating system and application hardening strategies. Full Show Notes: https://wiki.securityweekly.com/ES_Episode53 (Including sample Docker files discussed in this segment) Visit http://securityweekly.com/esw for all the latest episodes!

Solving artificial stupidity, Petya's decryption key is released, sleeping with the enemy, burner laptops for DEF CON, and more. Jason Wood of Paladin Security joins us to discuss the FTC shutting down a loan application firm on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode132 Visit http://hacknaked.tv to get all the latest episodes!

James Jardine is the CEO of Jardine Software and a former SANS Institute author and instructor. James possesses over 15 years of development and application security experience. Full Show Notes: https://wiki.securityweekly.com/SSWEpisode46 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!

Tim Helming joins us to talk about all things related to domains, including luxury domain abuses, the security value of the whois database and more! Full Show Notes: https://wiki.securityweekly.com/Episode521 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

The hells of being a founder, killing projects before they kill you, intellectual property 101, and invisible unicorns. Michael and Paul give updates on Auth0, Upstream, Palo Alto Networks, Symantec, and more! Full Show Notes: https://wiki.securityweekly.com/SSWEpisode46 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!

Paul Ewing from Endgame talks about the different types of threat hunting (network, host and logs) and the pros and cons of each! Full Show Notes: https://wiki.securityweekly.com/Episode521 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

How to hire infosec professionals, patching automation code, hijacked Android devices, Bitdefender support for Mac, and more security news! Full Show Notes: https://wiki.securityweekly.com/Episode521 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Paul and Doug talk about the need for and the pitfalls of Egress Filtering in your enterprise network. And sweaty lawyers. Full Show Notes: https://wiki.securityweekly.com/ES_Episode52 Visit http://securityweekly.com/esw for all the latest episodes!

Fortinet preps for a next-gen firewall, Samsung no longer males printers, beware of Cisco training, using the right switches, Kubernetes, requirements and testing, to update or not to update and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode52 Visit http://securityweekly.com/esw for all the latest episodes!

Separating the hacked and the paranoid, remote Linux hacking, Petya goes postal at FedEx, today's mainstream hacktivism tools, and why choosing Windows should get you fired! Full Show Notes: https://wiki.securityweekly.com/Episode520 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Guy came on the show and gave a live demo on how to become Domain Admin in an Active Directory environment, and keep those privileges for 20+ years. Guys shows us how to abuse service accounts to get yourself a golden ticket. Then shows how the Javelin Networks technology can be used to detect, prevent and monitor for this type of attack and the exposures inside Active Directory that hand over the keys, er tickets, to the kingdom. Full Show Notes: https://wiki.securityweekly.com/Episode520 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Moses returns to the show to discuss his background in technology and security (which is eerily similar to Paul's!). The crew then got into a deep discussion of the history of many different technologies (Solaris Firewalls, IDS, Java and more!). Moses talked at length about serialization bugs in both PHP and Java. Then we dove right into JavaScript. It was a nerdfest, not to be missed! Full Show Notes: https://wiki.securityweekly.com/Episode520 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Apollo Clark discusses the tools and techniques your team can use to manage, monitor and tune your enterprise AWS deployment. Full Show Notes: https://wiki.securityweekly.com/ES_Episode51 Visit http://securityweekly.com/esw for all the latest episodes!

Love it or hate it, Docker (and containers) are here to stay. Embrace change in this segment where Paul and Apollo discuss using Docker in the enterprise. We cover security considerations, deployment scenarios and much more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode51 Visit http://securityweekly.com/esw for all the latest episodes!

Microsoft buys another company, to patch (or not), the shift in the cybersecurity battleground, Carbon Black's Petya assessment, and more enterprise news! Full Show Notes: https://wiki.securityweekly.com/ES_Episode51 Visit http://securityweekly.com/esw for all the latest episodes!

Why most startups fail, conference season tips, the question you need to ask before solving any problem, and when should you hit pause? Michael and Paul deliver updates from GreatHorn, Cybereason, Amazon, and more! Full Show Notes: https://wiki.securityweekly.com/SSWEpisode45 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!

DoD networks have been compromised, the Shadow Brokers continue their exploits, a Pennsylvania healthcare system gets hit with Petya, and more. Jason Wood of Paladin Security joins us to discuss nations' offensive technical strengths and defensive weaknesses on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode131 Visit http://hacknaked.tv to get all the latest episodes!

Fred Kneip is the Chief Executive Officer for CyberGRX. Fred has served in several senior management roles, and has worked as an investor with two later-stage private equity investment firms. Fred joins us to talk about his journey in this interview! Full Show Notes: https://wiki.securityweekly.com/SSWEpisode45 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!

Why Firefox is superior, spies in Mexico, WannaCry shuts down a car plant, Cisco patches critical vulnerabilities, hacking air-gapped networks, and more security news! Full Show Notes: https://wiki.securityweekly.com/Episode519 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Learn how to use Windows Event Logs to catch attackers in your network, including domain admin group enumeration and mimikatz attacks! Justin Henderson (@SecurityMapper) categorizes these techniques as "reverse attack analysis for detection" and shows us how to do it in this technical segment! References to Mark Baggett's work on freq.py are made as well (https://isc.sans.edu/forums/diary/Detecting+Random+Finding+Algorithmically+chosen+DNS+names+DGA/19893/) Full Show Notes: https://wiki.securityweekly.com/Episode519 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Eric Conrad comes into the studio to talk about a groundbreaking new CTF aimed at the defenders and how to become a SANS instructor. A healthy dose of UNIX/Linux nerd talk and how to give effective presentations is included! Eric Conrad is a SANS Senior Instructor, author, and infosec consultant. He also serves as the CTO of Backshore Communications, a company focusing on hunt teaming, intrusion detection, incident handling, and penetration testing. Full Show Notes: https://wiki.securityweekly.com/Episode519 Security Weekly Web Site: http://securityweekly.com Follow us on Twitter: @securityweekly

Five ways to maximize your IT training, pocket-sized printing, 30 years of evasion techniques, Ixia teases advanced visibility solutions, and more enterprise security news! Full Show Notes: https://wiki.securityweekly.com/ES_Episode50 Visit http://securityweekly.com/esw for all the latest episodes!

Brian Ventura is a SANS Instructor and infosec architect, while Ted Gary serves as the Product Marketing Manager at Tenable. Full Show Notes: https://wiki.securityweekly.com/ES_Episode50 Visit http://securityweekly.com/esw for all the latest episodes!

Negotiation mistakes that are hurting your deals, hiring re-founders, and does VC fund differentiation really matter? Michael and Matt deliver updates from Hexadite, Amazon, Sqrrl, SafeBreach, and more! Full Show Notes: https://wiki.securityweekly.com/SSWEpisode44 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!

Tarun Desikan is the Co-Founder and CEO of Banyan, a container and microservices security company based in San Francisco. Tarun Joins Michael and Matt to discuss Containerization, biometrics, advice for startups, and more! Full Show Notes: https://wiki.securityweekly.com/SSWEpisode44 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!

Hacking military phone systems, IoT malware activity doubles, more WikiLeaks dumps, decade-old bugs, and more. Jason Wood of Paladin Security joins us to discuss the erosion of ISP privacy rules on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode130 Visit http://hacknaked.tv to get all the latest episodes!

One MILLION endpoints, WannaCry is linked to North Korea, IoT is broken (what's new?),inside a porn-pimping spam botnet, fixing Windows Defender, and more security news! Full Show Notes: https://wiki.securityweekly.com/Episode518 Visit Our Website: https://securityweekly.com

Carrie Roberts of Black Hills Information Security joins us to show hot to use Burp and ProxyCannon to Prevent IP blacklisting while password spraying in this technical segment! Full Show Notes: https://wiki.securityweekly.com/Episode518 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Trey Forgety is the Director of Government Affairs and Information Security Issues at the National Emergency Number Association. He worked with the White House to develop policy for a nationwide LTE network for public safety known as FirstNet. Trey joins us to discuss emergency response systems and the future of crisis communications in this interview! Full Show Notes: https://wiki.securityweekly.com/Episode518 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: https://securityweekly.com Follow us on Twitter: @securityweekly

Carbon Black releases Cb Response 6.1, what to ask yourself before committing to a cybersecurity vendor, Malwarebytes replaces antivirus with endpoint protection, and more enterprise security news! Full Show Notes: https://wiki.securityweekly.com/ES_Episode49 Visit http://securityweekly.com/esw for all the latest episodes!

*Should EDR be installed on every system? Servers too? All clients? *How important is the configuration of EDR? *What should your goals be for defense: know malware? unknown malware? ransomware? or are these three different products? *If you have a big name AV install, what should drive you to change it? e.g. Symantec or Mcafee... *What are the most common threats missed by EDR? *How much of a concern is: performance, scalability, manageability, and crashing the host OS? *When should you consider running two, or more, EDR solutions on the same host? Or, do you run one flavor on some, and another flavor on another? Full Show Notes: https://wiki.securityweekly.com/ES_Episode49 Visit http://securityweekly.com/esw for all the latest episodes!

Fundraising updates from Yubikey, CybelAngel, Netskope, Illumio, Krypto.co, and more startup new and journey updates! Full Show Notes: https://wiki.securityweekly.com/SSWEpisode43 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!

Wall Street Journal Best-Selling Author Shares 6 Secrets to Starting Smart [Book Excerpt] - Note the role of emotion to get traction/results Why Entrepreneurs Need To Keep Their Business Focused - Focus is key. Focusing on the right things is essential, The 5 Steps of Successful Customer Journey Mapping, A Startup's Guide to Protecting Trade Secrets - Bottle Breacher Uses Google to Hone Marketing Campaign - This is not just because Paul loves it, You need to know what your customers value - They do not define value in terms of features and advantages of products or services. Full Show Notes: https://wiki.securityweekly.com/SSWEpisode43 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!

How to delete an entire company, GameStop suffers a breach, Macs do get viruses, Docker released LinuxKit, and more. Jason Wood of Paladin Security joins us to discuss the military beefing up their cybersecurity reserve on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode129 Visit http://hacknaked.tv to get all the latest episodes!

• FBI Arrests NSA Contractor for Leaking Secrets • getsploit: Search & Download Exploits! • Some non-lessons from WannaCry • IDG Contributor Network: Top 5 InfoSec concerns for 2017 • VMware Patches Critical Vulnerabilities in vSphere Data • Protection OneLogin Security Chief Reveals New Details Of Data Breach • Authentication Bypass, Potential Backdoors Plague Old WiMAX Routers • Linux Malware Enslaves Raspberry Pi To Mine Cryptocurrency • Internet Cameras Have Hard-Coded Passwords You Can't Change • Will Deception as a Defense Become Mainstream? • How a few yellow dots burned the Intercepts NSA leaker • TV Hack Sparks Middle East's Diplomatic Crisis • 53 Percent of Enterprise Flash Installs are Outdated • Healthcare Industry Cybersecurity Task Force report Full Show Notes: https://wiki.securityweekly.com/Episode517 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

byt3bl33d3r recently released "DeathStar", which use Powershell Empire's API to automatically obtain Domain Admin privileges in an Active Directory environment with the Click of a button. Some may ask "How do i detect and prevent this attack?". Tune in to this segment to find out how to use products available from Javelin Networks to do just that! Full Show Notes: https://wiki.securityweekly.com/Episode517 Subscribe to YouTube Channel: https://www.youtube.com/securityweekly Security Weekly Website: https://securityweekly.com Follow us on Twitter: @securityweekly

Graham Cluley is an award-winning security blogger, researcher and public speaker. In this interview, we discuss ransomware, stealing content, the motivations of attackers, IoT, and more! Graham has been a well-known figure in the computer security industry since the early 1990s when he worked as a programmer, writing the first ever version of Dr. Solomon's Anti-Virus Toolkit for windows. Since then, he has been employed in senior roles by companies such as Sophos and Mcafee, and now runs his own security news website and podcast. Full Show Notes: https://wiki.securityweekly.com/Episode517 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

What should we consider while building an internal penetration testing team? Would you still need external pen tests? Paul and John discuss the pros and cons! Full Show Notes: https://wiki.securityweekly.com/ES_Episode48 Visit http://securityweekly.com/esw for all the latest episodes!

Automating all the things, Juniper Networks opens a software-defined security ecosystem, millions of devices are running out-of-date systems, DUO New Zealand and McAfee join forces, and more enterprise news! Full Show Notes: https://wiki.securityweekly.com/ES_Episode48 Visit http://securityweekly.com/esw for all the latest episodes!

Why You Should Think Twice About Listening to Business Gurus (There's no one-size-fits-all approach to innovation), A tech investor analyzed his 5000 monthly emails and explained how startups can stand out, Don't Build a Startup, Build a Business, Can Google's 20% time really work for your startup?, As a startup, friction is a killer. In Security Startup news: Honeywell launches $100 million venture fund, RiskRecon raised $12M Series A, CounterTack raised $20M Series D, 10 Big Takeaways From Mary Meeker's Widely-Read Internet Report. Full Show Notes: https://wiki.securityweekly.com/SSWEpisode42 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!