Security Weekly Podcast Network (Video)

Security Weekly Productions

Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape.

Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!

Episodes

Mentioned books

Sep 19, 2023 • 41min

Stopping Business Logic Attacks: Why a WAF is no Longer Enough - Karl Triebes - ASW #255

The majority of attacks are now automated, with a growing number of attacks targeting business logic via APIs, which is unique to every organization. This shift makes traditional signature-based defenses insufficient to stop targeted business logic attacks on their own. In this discussion, Karl Triebes shares how flaws in business logic design can leave applications and APIs open to attack and what tools organizations need to effectively mitigate these threats. This segment is sponsored by Imperva. Visit https://securityweekly.com/imperva to learn more about them! Show Notes: https://securityweekly.com/asw-255

Sep 19, 2023 • 29min

SprySocks, Lazarus, Fortinet, Juniper, CISA, AI Art, More News, & Jason Wood - SWN #326

SprySocks, Lazarus, Fortinet, Juniper, CISA, Transparent Tribe, AI Art, More News, and Jason Wood on the Security Weekly News. Show Notes: https://securityweekly.com/swn-326

Sep 19, 2023 • 27min

Board Members Struggling while Cybersecurity Goals Conflict with Business - BSW #320

In the leadership and communications section, Board Members Struggling to Understand Cyber Risks, Cybersecurity Goals Conflict With Business Aims, Navigating Change: The Essence of Agile Leadership, and more! Show Notes: https://securityweekly.com/bsw-320

Sep 18, 2023 • 32min

2023 AT&T Cybersecurity Insights Report: Edge Ecosystem - Theresa Lanowitz, Steve Winterfeld - BSW #320

Organizations still struggle with DDoS, ransomware, and personal information exfiltration. In order the prevent these attacks, we first need to understand the 'types' of DDoS and emerging threat techniques used by the adversary. In this interview, we explore these attacks in the context of edge computing. As edge computing use cases evolve, organizations need to understand the intersection of edge computing, networking, and cybersecurity. We discuss the risks associated with edge computing, the controls that can mitigate these risks, and how to plan for implementation, including security budgeting. Segment Resources: https://www.akamai.com/blog/security/defeating-triple-extortion-ransomware This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecurity to learn more about them! Show Notes: https://securityweekly.com/bsw-320

Sep 15, 2023 • 1h 2min

Breaches, detecting deepfakes, cloning yourself, and cars are a privacy nightmare! - ESW #331

In this news segment, we start off by discussing funding, acquisitions, and Ironnet's unfortunate demise. We discuss Gmail's new, extra verifications for sensitive actions and Lockheed Martin's Hoppr SBOM and software supply-chain utility kit. We get into CISA's roadmap to help secure open source software, and their offer to run free vulnerability scans for the United States' 150,000+ water utilities. Then, discussion turns back to some more negative items with Brazil's self-inflicted $11 billion dollar data leak, and the MGM/Caesar's ransomware attacks, which seem like they could have a common attacker and initial attack vector (a shared IT support company, perhaps). We also discuss Microsoft's post mortem on the Storm-0558 attack. Kelly Shortridge wants to know, "why are you logging into production hosts", someone is submitting garbage CVEs, and Mozilla finds that privacy policies from auto manufacturers are a privacy TRAIN WRECK. Finally, we wrap up discussing tools that can detect deepfake audio, as well as the likelihood that this will be the start of a game of leapfrog, as deepfakes get increasingly better over time. And we discuss Delphi's offer to create a 'digital clone' of you that could live on forever, haunting your descendants. Show Notes: https://securityweekly.com/esw-331

Sep 15, 2023 • 32min

Cyberdog, Pegasus, Webex, Peach Sandstorm, SAP, Caesar, Penn, Aaran Leyland, and More - SWN #325

Cyberdog, Pegasus, Webex, Peach Sandstorm, SAP, Caesar, Penn State, Aaran Leyland, and More News on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-325

Sep 15, 2023 • 49min

Detection Difficulty - Why are we still missing attackers? - Chris Sanders - ESW #331

We talk to Chris Sanders today, who has been steeped in the world of SecOps and detection/response for many years. After many years of writing books and training folks in the cybersecurity industry, he started delving into cognitive psychology and educational effectiveness. He leverages this knowledge in the training classes he builds and delivers. Today we'll discuss why it seems like defenders are still failing, despite the security industry largely (and arguably) receiving the resources it has been requesting. Show Notes: https://securityweekly.com/esw-331

Sep 14, 2023 • 44min

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

Get the app