SecurityWeek podcast series. Hear from cybersecurity industry experts and visionaries. Easy listening, great insights..
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
SC Media, and our sponsor Spirion, are proud to present this month's CISO Stories program. Each month, the CISO Stories Program explores a cybersecurity topic selected by CyberRisk Alliance’s CISO Community and provides content that examines that topic from a variety of perspectives. Hosted by Todd Fitzgerald, best-selling author of CISO COMPASS, the CISO Stories weekly podcast features content powered by the 1,100+ members of CyberRisk Alliance’s CISO Community.
…
continue reading
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly.
…
continue reading
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly.
…
continue reading
The Future of Cybercrime is dedicated to helping security practitioners defend their organizations by distilling insights, best practices, and actionable tips from the world’s leading cyber crime experts. This show is brought you by KELA Cyber Threat Intelligence. For more information, visit www.kelacyber.com
…
continue reading
1
The Enterprise Browser & AI in Securing Software and Supply Chains - Mike Fey, Josh Lemos - ASW #285
29:24
29:24
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
29:24
How companies are benefiting from the enterprise browser. It's not just security when talking about the enterprise browser. It's the marriage between security AND productivity. In this interview, Mike will provide real live case studies on how different enterprises are benefitting. Segment Resources: https://www.island.io/resources https://www.isla…
…
continue reading
1
3000 Years Ago, Dell, Robocalls, PyPI, Cinterion, Cacti, Chat-GPT, Josh Marpet... - SWN #386
37:01
37:01
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
37:01
3000 Years Ago, Dell, Robocalls, PyPI, Cinterion, Cacti, Chat-GPT, Windows, Josh Marpet, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-386
…
continue reading
1
Inside the OWASP Top 10 for LLM Applications - Sandy Dunn - ASW #285
37:33
37:33
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
37:33
Everyone is interested in generative AIs and LLMs, and everyone is looking for use cases and apps to apply them to. Just as the early days of the web inspired the original OWASP Top 10 over 20 years ago, the experimentation and adoption of LLMs has inspired a Top 10 list of their own. Sandy Dunn talks about why the list looks so familiar in many wa…
…
continue reading
1
That Data Sprawl is Here! What Should We Do About it? - Nick Ritter - CSP #174
29:50
29:50
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
29:50
As technology has enabled high speed access and massive amounts of inexpensive storage, data is being created at a logarithmic hockey-stick pace. Not all this data is important for the organization, however the organization must understand what data is important to run the business. Join us as we discuss this dilemma, with an eye to protecting esse…
…
continue reading
1
Leveraging AI & The Role Identity Plays - BSW #350
34:28
34:28
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
34:28
AI is more than just a buzzword. Done right, AI can improve decision making and scale your identity security platform to manage every identity, human and machine, physical and digital. Learn about how Saviynt’s #1 Identity Security platform is leveraging a variety of AI capabilities to enhance the user experience and improve identity security and c…
…
continue reading
1
Identity Resilience: The Next Frontier in Security - Ray Zadjmool - BSW #350
27:03
27:03
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
27:03
In today's enterprises, the Identity Access Management (IAM) System is the key to a business' critical operations. But that IAM environment is more vulnerable than most security executives realize. Segment Resources: https://www.mightyid.com/articles/the-r-in-itdr-the-missing-piece-in-identity-threat-detection-and-response https://www.mightyid.com/…
…
continue reading
1
Easy Passwords, BIG-IP, Ascension, Lockbit, Google, Poland, ZScaler, Aaran Leyland... - SWN #385
37:05
37:05
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
37:05
Easy Passwords, BIG-IP, Ascension, Lockbit, Google, Poland, ZScaler, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-385
…
continue reading
1
Phishing Attacks Increase, Network Transformation, & Unified SASE as a Service - Deepen Desai, Renuka Nadkarni, Tim Roddy - ESW #361
48:30
48:30
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
48:30
The landscape of phishing attacks continues to rapidly evolve. In 2023, Zscaler ThreatLabz observed a year-over-year increase of 58.2% in global phishing attempts. This surge was characterized by emerging schemes, including voice phishing, recruitment scams, and browser-in-the-browser attacks. This segment is sponsored by Zscaler. Visit https://sec…
…
continue reading
1
Automated Pentesting, AI in SecOps, & AI-Powered Analytics - Jason Keirstead, Jay Mar-Tang, Anthony Aurigemma - ESW #361
45:12
45:12
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
45:12
Despite building up impressive security stacks in the Cloud, organizations are still struggling to keep their environments safe. Pentera recently introduced Pentera Cloud as the first tool to provide automated pentesting capabilities for cloud environments. This conversation will focus on the challenge of security validation and pentesting in the c…
…
continue reading
1
Next Gen Threats, CTEM Essentials, & Proactive MDR - Randy Watkins, Paul Reid, Zaira Pirzada - ESW #361
40:48
40:48
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
40:48
Emerging threats are targeting organizations from seemingly every angle. This means security teams must expand their focus to secure as many domains as possible. OpenText is building on its holistic approach to cybersecurity with new innovations that make it easier for organizations to secure themselves against next generation threats. This segment…
…
continue reading
1
Hacker Heroes - Jeremiah Grossman - PSW #828
1:00:23
1:00:23
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
1:00:23
Illuminating the Cybersecurity Path: A Conversation with Jeremiah Grossman Join us for a compelling episode featuring Jeremiah Grossman, a prominent figure in the cybersecurity landscape. As a recognized expert, Jeremiah has played a pivotal role in shaping the discourse around web security and risk management. Jeremiah's journey in cybersecurity i…
…
continue reading
1
Corporate Ransomware Deep Dive - Mikko Hypponen - PSW #828
56:06
56:06
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
56:06
In this RSAC 2024 South Stage Keynote, Mikko Hyppönen will look back at the past decade of ransomware evolution and explore how newer innovations, like AI, are shaping its future. Show Notes: https://securityweekly.com/psw-828
…
continue reading
1
Tetris, APT42, Kimsuky, Android, ChatRTX, MITRE, Computer Dating, Josh Marpet, More - SWN #384
37:50
37:50
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
37:50
Tetris, APT42, Kimsuky, Android, ChatRTX, MITRE, Computer Dating, Josh Marpet, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-384
…
continue reading
1
Hacking AI Bias with Human Techniques - Keith Hoodlet - ASW #284
31:47
31:47
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
31:47
We already have bug bounties for web apps so it was only a matter of time before we would have bounties for AI-related bugs. Keith Hoodlet shares his experience winning first place in the DOD's inaugural AI bias bounty program. He explains how his education in psychology helped fill in the lack of resources in testing an AI's bias. Then we discuss …
…
continue reading
1
AI & Hype & Security (Oh My!) - Caleb Sima - ASW #284
33:18
33:18
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
33:18
A lot of AI security has nothing to do with AI -- things like data privacy, access controls, and identity are concerns for any new software and in many cases AI concerns look more like old-school API concerns. But...there are still important aspects to AI safety and security, from prompt injection to jailbreaking to authenticity. Caleb Sima explain…
…
continue reading
1
Why CISO’s Fail: Some Practical Lessons for the Future - Barak Engel - CSP #173
25:33
25:33
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
25:33
Security is both overcooked and underdeveloped at the same time, and we keep doubling down on insanity. Our own community is at great fault for pushing fear and ignoring service, leading to consistent, negative experiences for all other stakeholders in the organization - and ultimately the CISOs themselves. "Do more cyber" never had, does not, and …
…
continue reading
1
Say Easy, Do Hard - Train How You Fight, Part 2 - BSW #349
32:23
32:23
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
32:23
Inspired by my co-host Jason Albuquerque, we dig into the hard part of our Say Easy, Do Hard segment. In part 2, we discuss how to train for a cyber instance. We'll cover the elements of a training program that will prepare you for responding to a cyber incident, including: Developing the training program Practice, practice, practice Imposing corre…
…
continue reading
1
Say Easy, Do Hard - Train How You Fight, Part 1 - BSW #349
28:16
28:16
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
28:16
Inspired by my co-host Jason Albuquerque, this quarter's Say Easy, Do Hard segment is Train How You Fight. In part 1, we discuss the importance of training for a cyber incident. However, lots of organizations do not take it seriously, causing mistakes during an actual cyber incident. How will the lack of preparation impact your organization during …
…
continue reading
1
Weird Al, Docker, OT, Gitlab, Credit Monitoring, Dropbox, Cisco, AI, Aaran Leyland... - SWN #383
35:18
35:18
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
35:18
Weird Al, Docker, OT, Gitlab, Credit Monitoring, Dropbox, Cisco, AI, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-383
…
continue reading
1
RSA Conference, Verizon DBIR, funding, reports, partnerships and more - ESW #360
1:07:00
1:07:00
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
1:07:00
It's the week before RSA and the news is PACKED. Everyone is trying to get their RSA announcements out all at once. We've got announcements about funding, acquisitions, partnerships, new companies, new products, new features... To make things MORE challenging, everyone is also putting out their big annual reports, like Verizon's DBIR and Mandiant's…
…
continue reading
1
Preparation: The Less Shiny Side of Incident Response - Joe Gross - ESW #360
50:34
50:34
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
50:34
It's the most boring part of incident response. Skip it at your peril, however. In this interview, we'll talk to Joe Gross about why preparing for incident response is so important. There's SO MUCH to do, we'll spend some time breaking down the different tasks you need to complete long before an incident occurs. Resources 5 Best Practices for Build…
…
continue reading
1
ChatGPT Writes Exploits - PSW #827
1:59:20
1:59:20
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
1:59:20
ChatGPT writes exploits, banning default and weak passwords, forget vulnerabilities just get rid of malware, IR blasting for fun and not profit, creating fake people, shattered dreams and passkey, and removing chips. Show Notes: https://securityweekly.com/psw-827
…
continue reading
1
Kicking Off With Crypto - PSW #827
1:05:09
1:05:09
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
1:05:09
The Security Weekly crew discusses some of the latest articles and research in cryptography and some background relevant subtopics including the race against quantum computing, key management, creating your own crypto, selecting the right crypto and more! https://www.globalsecuritymag.com/keysight-introduces-testing-capabilities-to-strengthen-post-…
…
continue reading
1
Random Problems, Protecting Packages, and Vulns in Designs, Defaults & Data Leaks - ASW #283
38:40
38:40
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
38:40
Misusing random numbers, protecting platforms for code repos and package repos, vulns that teach us about designs and defaults, and more! Show Notes: https://securityweekly.com/asw-283
…
continue reading
1
AI, Okta, Chrome, Quantum, Kaiser Permanente, FTC, FCC, NCSC, Josh Marpet, and more. - SWN #382
37:23
37:23
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
37:23
AI, Okta, Chrome, Quantum, Kaiser Permanente, FTC, FCC, NCSC, Josh Marpet, and more, are on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-382
…
continue reading
1
Why Companies Continue to Struggle with Supply Chain Security - Melinda Marks - ASW #283
41:11
41:11
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
41:11
Companies deploy tools (usually lots of tools) to address different threats to supply chain security. Melinda Marks shares some of the chaos those companies still face when trying to prioritize investments, measure risk, and scale their solutions to keep pace with their development. Not only are companies still figuring out supply chain, but now th…
…
continue reading