Security Weekly Podcast Network (Video)

In the Leadership and Communications section, The CISO's Dilemma: Balancing Security, Productivity With a Housebound Workforce, Seven cybersecurity predictions for 2021, Avoiding cloud sprawl: 5 considerations for managing a multicloud environment, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw196

Email security is transitioning into being one of the top security pillars within the C-Suite's risk mitigation strategy. Given that it's the largest attack vector – not only based on the quantity of people who could be responsible for compromise, but also that it results in the greatest quantity of data breaches for organizations. Kevin O'Brien, CEO and Co-Founder at GreatHorn joins Business Security Weekly for a discussion around what risk mitigation looks like in email, including: - No longer known bad/known good. And, it's not "magical" AI or behind a black box - It's about being able to identify all the factors that contribute to risk within email – individual users, departments, and the organization itself. How much of a risk tolerance do you have as you look at each and being able to balance controls accordingly. - Risk mitigation comes down to data. And in email security, it's 2 data points - Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) This segment is sponsored by GreatHorn. Visit https://securityweekly.com/greathorn to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw196

In the Application Security News, The Platypus Attack Threatens Intel SGX, a Revitalized Attack Makes for Sad DNS, Bug Hunter Hits DOD With an IDOR, Steps for Devops, Testing in Prod, Two More Chrome Bugs, and Open Source K8s Tools From Capital One! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw130

In a fast-paced tech environment, keeping up with security research can be overwhelming for companies. Automation is a must to keep up - but you also need human ingenuity to make sure automation adds value and not noise. Combining software automation with the knowledge of elite hackers is the key to ensure both speed and relevance. This segment is sponsored by Detectify. Visit https://securityweekly.com/detectify to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw130

In the Security News, not all cyberattacks are created equal, Google patches two more Chrome zero days, What does threat intelligence really mean, Cobalt Strike leaked source code, DNS cache poisoning is back, and Zebras & Dots! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw674

Sumedh and Badri discuss challenges associated with container Security & DevOps need for visibility into containers. Qualys' new approach to runtime security. This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw674

Attackers have repeatedly demonstrated that they can evade perimeter defenses to compromise a system inside the network. Once they get in, they must break out from that beachhead, conduct discovery, credential theft, lateral movement, privilege escalation, and data collection activities. Suppose they go looking for locally stored files or network shares and instead see nothing of value? What if they query Active Directory and don't get real credentials in the responses? What if they look for ports or services to attack, and instead, their connections get redirected to systems with no value? If they can't see and access data or accounts that move them forward, they can't attack anything of value. Learn how deception and concealment technology can deny, detect, and disrupt attackers when they first enter the network. This segment is sponsored by Attivo Networks. Visit https://securityweekly.com/attivonetworks to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw674

Secure Circle: For a true Zero-Trust environment, it isn't enough to think about data in cloud services and SaaS applications, we also must protect, control and audit data that egresses form these services onto endpoints. - How do you protect data that egresses from your cloud services (i.e., Github, Workday, SalesForce, Box, OneDrive)? - Do you control access to your data after it egresses from your cloud services? This segment is sponsored by SecureCircle. Visit https://securityweekly.com/securecircle to learn more about them! Vicarius: Pentesting is littered with politics, bias reporting, and human error. So how do you clean up the trash? A former IDF engineer shares how his stint as a pentester changed the way he thinks about it - and ultimately led to the development of a new technology. This segment is sponsored by Vicarius. Visit https://securityweekly.com/vicarius to learn more about them! Start your free trial today, visit: https://www.vicarius.io/sign/up Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw206

In the Enterprise News, BotRx widgets provide analytical context on how attacks impact business operations, New Kasada API protects from botnet attacks and targeted fraud, White Ops Offers Expanded Protection Against Sophisticated Bot Attacks and Fraud through the AWS Marketplace, SentinelOne, an AI-based endpoint security firm, confirms $267M raise on a $3.1B valuation, ZeroNorth unites security and DevOps teams with Defect Density Dashboard, and much more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw206

Chronicle brings Google-scale threat detection to enterprises with the debut of its threat detection solution, Chronicle Detect. It includes a rules engine that operates at the speed of search, a powerful rules language optimized to describe complex threat behavior, and a regular stream of new rules and indicators, built by our elite research team. Chronicle Detect makes it easy for enterprises to move from legacy security tools to a modern threat detection system. This segment is sponsored by Chronicle. Visit https://securityweekly.com/chronicle to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw206