Security Weekly Podcast Network (Video)

Modern software development demands a different approach to application security. Contrast's developer-first Application Security Platform empowers developers to accelerate the release of secure code with highly accurate results that include context-aware, how-to-fix vulnerability remediation guidance. Show Notes: https://securityweekly.com/asw166 Segment Resources: 2021 Application Security Observability Report: https://view-su2.highspot.com/viewer/612ff3a8c6485f4687834782 White Paper: Pipeline-native Scanning for Modern Application Development https://view-su2.highspot.com/viewer/612ff3e4cc0bb2392d968b25 DevSecOps Requires a Platform Approach to Application Security https://view-su2.highspot.com/viewer/612ff42ecb2d1b6cd60f3f65 This segment is sponsored by Contrast Security. Visit https://securityweekly.com/contrast to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes!

This week in the Security News: Anonymous hacks Epik (with a K), Fuzzing Close-Source Javascript Engines, ForcedEntry, 8 Websites that can replace computer software, REvil decryptor key released, Microsoft fixes Critical vulnerability in Linux App, Drone accidentally delivers drug paraphernalia to high schoolers, & more! Show Notes: https://securityweekly.com/psw710 Visit https://www.securityweekly.com/psw for all the latest episodes!

Brakeman is a free static analysis security tool specifically designed for Ruby on Rails applications. It analyzes Rails application code to find security issues at any stage of development. Justin first released Brakeman in 2010. In 2018, the commercial version, "Brakeman Pro", was acquired by Synopsys. Brakeman continues to be a very popular security tool for Rails, with tens of thousands of downloads per day. Show Notes: https://securityweekly.com/psw710 https://github.com/presidentbeef/brakeman Visit https://www.securityweekly.com/psw for all the latest episodes!

Network breaches, ransomware attacks, and remote-work challenges highlight the need for cloud-native Secure Access Service Edge (SASE) deployments. Show Notes: https://securityweekly.com/psw710 This segment is sponsored by Barracuda Networks. Visit https://securityweekly.com/barracuda to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes!

This week in the Enterprise News: Adrian's first Enterprise News in the Captain's Seat, BitSight raises $250m on a $2.4bn valuation, Palo Alto Networks enters the consumer IoT market, Martin Roesch Joins Netography as CEO, the special "Squirrel of the Week" story, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw242

Organizations are divided. Some will be able to lean into mitigations against catastrophic and cascading failures. Others will not. In this discussion, we will explore the risk tradeoffs in firmware security. This includes risks inherent in devices, supply chain, physical access, and malicious software. We will also explore various mitigation strategies throughout the lifecycle, which separate those leaning in from those that don't. This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw242

Large organizations develop hundreds of new web applications every year. Some of those deployments are lost in time, and others go wild with high severity vulnerabilities. Forgotten and outdated web applications are a common culprit of successful hack attacks. What can you do to protect your organization? Let's talk about the first step to securing web applications - continuous web asset discovery. Segment Resources: https://www.acunetix.com/blog/docs/benefits-of-web-asset-discovery/ https://www.netsparker.com/features/continous-web-asset-discovery-engine/ This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw242

Defining Insider Threats / Going Beyond Traditional Definitions (What Is Really Happening Behind Firewalls) How Damaging And Costly An Insider Threat Incident Can Be? (Eye Opening Examples From 10+ Years Of Research) Creating An Insider Threat Mitigation Framework Segment Resources: INSIDER THREAT INCIDENTS E-MAGAZINE 2014 To Present The Insider Threat Incidents E-Magazine contains the largest publicly available source of Insider Threat incidents (2,700+ Incidents). View On This Link. Or Download The Flipboard App To View On Your Mobile Device https://flipboard.com/@cybercops911/insider-threat-incidents-magazine-resource-guide-tkh6a9b1z INSIDER THREAT INCIDENT POSTINGS WITH DETAILS (500+ Incidents) https://www.insiderthreatdefense.us/category/insider-threat-incidents/ Incident Posting Notifications Enter your e-mail address in the Subscriptions box on the right of this page. https://www.insiderthreatdefense.us/news/ INSIDER THREAT INCIDENTS COSTING $1 MILLION TO $1 BILLION + https://www.linkedin.com/post/edit/6696456113925230592/ INSIDER THREAT INCIDENT POSTINGS ON TWITTER https://twitter.com/InsiderThreatDG DG CRITICAL INFRASTRUCTURE INSIDER THREAT INCIDENTS https://www.nationalinsiderthreatsig.org/crticial-infrastructure-insider-threats.html Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw86

Defining Insider Threats / Going Beyond Traditional Definitions (What Is Really Happening Behind Firewalls) How Damaging And Costly An Insider Threat Incident Can Be? (Eye Opening Examples From 10+ Years Of Research) Creating An Insider Threat Mitigation Framework Segment Resources: INSIDER THREAT INCIDENTS E-MAGAZINE 2014 To Present The Insider Threat Incidents E-Magazine contains the largest publicly available source of Insider Threat incidents (2,700+ Incidents). View On This Link. Or Download The Flipboard App To View On Your Mobile Device https://flipboard.com/@cybercops911/insider-threat-incidents-magazine-resource-guide-tkh6a9b1z INSIDER THREAT INCIDENT POSTINGS WITH DETAILS (500+ Incidents) https://www.insiderthreatdefense.us/category/insider-threat-incidents/ Incident Posting Notifications Enter your e-mail address in the Subscriptions box on the right of this page. https://www.insiderthreatdefense.us/news/ INSIDER THREAT INCIDENTS COSTING $1 MILLION TO $1 BILLION + https://www.linkedin.com/post/edit/6696456113925230592/ INSIDER THREAT INCIDENT POSTINGS ON TWITTER https://twitter.com/InsiderThreatDG DG CRITICAL INFRASTRUCTURE INSIDER THREAT INCIDENTS https://www.nationalinsiderthreatsig.org/crticial-infrastructure-insider-threats.html Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw86

This Week, in the Leadership and Communications section, The SEC Is Serious About Cybersecurity. Is Your Company?, CISA Urges Organizations to Avoid Bad Security Practices, IT leaders facing backlash from remote workers over cybersecurity measures, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw231