Security Weekly Podcast Network (Video)

Managing firewall rule reviews, especially for PCI-DSS, can be complex but it doesn't have to be. Hear from Jeff Styles as he talks about how you can automate this process to keep you compliant and secure. This segment is sponsored by FireMon. Visit https://securityweekly.com/firemon to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw264

Unix-like systems are growing rapidly. Sometimes we forget to learn from the past and sometimes the past haunts us. We talk about how the rapid change in Unix-like systems affected it's security state. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw731

In a world with rapidly-changing technology, it can be tempting to constantly reach for the newest, shiniest security tools/techniques at both the program management and engineering levels. But even given unusual circumstances like startup hypergrowth or Web3 applications, sometimes we should focus on more basic issues. We can learn a lot about where to start with some of these basics when thinking about recent current events, especially related to widely-reported vulnerabilities or specific security incidents. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw731

In the Leadership and Communications section, 7 Pressing Cybersecurity Questions Boards Need to Ask, 7 mistakes CISOs make when presenting to the board (Let's see if those align), CISO Checklist for Offboarding Security Staff, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw253

Something is seriously wrong with our current approach to cybersecurity––the more we spend, the worse the situation becomes. In an industry plagued by a chronic talent shortage, one thing is clear: simply throwing another tool in the mix isn't the path to better security. If we're going to solve the security paradox, we're going to need a cross-functional, in-depth analysis of the problem and a structured approach to fixing it. Michael McPherson joins Business Security Weekly to share tactical questions that security leaders can ask themselves and their teams in order to build a better overall approach to defense. This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw253

In the AppSec News: Finding vulns in markdown parsers, Census II and widespread open source dependencies, inside iCloud Private Relay, and cloud pentesting tools! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw187

As the volume of API traffic increases, it becomes a greater threat to an organization's sensitive data. Motivated attackers will increasingly target APIs as the pathway to the underlying infrastructure and database. Imperva API Security is a new product that delivers rapid API discovery and data classification -- helping an organization truly protect all paths to the data, without slowing down the application development lifecycle. This segment is sponsored by Imperva. Visit https://securityweekly.com/imperva to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw187

Finally, in the Enterprise Security News, BlueVoyant raises a $250M Series D to become security's newest unicorn (baby unicorn, awww), Balbix raises a $70M Series C, Scope Security announces a $20M Series A to specifically focus on monitoring and defense for healthcare, Palo Alto introduces a new product aiming to disrupt the SIEM market, Third Party Risk Management vendors come together to forge the one ring of standards to rule all of cyber (less forge, more rubber stamp though), Signal Science founder, former Etsy CISO, and honorary level 80 DevOps wizard Zane Lackey is now a general partner at Andreesen Horowitz (A16Z), All that and more, on this episode of Enterprise Security Weekly! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw263

Rich joins us to discuss the differences in managing security policies between on-premises network environments and the cloud and the impacts that has on companies that are 100% cloud-based. He'll also be discussing the additional considerations that these organizations need to consider if they are considering SASE and SD-WAN to expand network access for their users. This segment is sponsored by FireMon. Visit https://securityweekly.com/firemon to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw730

If you are amongst the legions transitioning into a cybersecurity career, mock interviews serve as critical preparation for your job hunt. Alissa has delivered over 50 of these practice sessions over the last 4 months. Get some pointers from her on how to stand out from the crowd of entry-level applicants. Segment Resources: Alissa's class with Antisyphon InfoSec Training **Advanced Endpoint Investigations** - https://www.antisyphontraining.com/advanced-endpoint-investigations-w-alissa-torres/ Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw730