Security Weekly Podcast Network (Video)

The use of Application Control - commonly referred to as whitelisting or Zero Trust Execution - is considered to be a robust and essential Cloud Workload Protection strategy, largely due to the high predictability of cloud environments. But it does not prevent all cyber attacks. Attackers can exploit vulnerabilities in trusted applications or utilize whitelisted apps for malicious intent - referred to as Living off the Land (LotL). App Control also presents some operational headaches for cloud security teams, requiring strict and often unrealistic policies. We will discuss how to build a robust Application Control strategy for your workloads that is informed by these challenges. This segment is sponsored by Intezer. Show Notes: https://wiki.securityweekly.com/bsw181 Visit https://securityweekly.com/intezer to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes!

This week, SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers, Introducing Google Cloud Confidential Computing with Confidential VMs, Internet of Things devices: Stick to these security rules or you could face a ban, Google Cloud Unveils 'Confidential VMs' to Protect Data in Use, and more! Show Notes: https://wiki.securityweekly.com/asw115 Visit https://www.securityweekly.com/asw for all the latest episodes!

Digital transformation is taking the IT industry by storm. As the pace of adoption of public cloud increases, security posture management and governance is usually not top of the mind of cloud engineering teams. Cost of leaving the misconfiguration undetected and not rectified sure adds up and what to say about compromise to reputation. Biarca Patrol grew organically in close collaboration with our customers to address this gap. Biarca Patrol is now being offered widely. Show Notes: https://wiki.securityweekly.com/asw115 Visit https://www.securityweekly.com/asw for all the latest episodes!

Microsoft fixes critical wormable RCE SigRed in Windows DNS servers, Zoom Addresses Vanity URL Zero-Day, Docker attackers devise clever technique to avoid detection,a massive DDoS Attack Launched Against Cloudflare in Late June, Critical Vulnerabilities Can Be Exploited to Hack Cisco Small Business Routers, and what you need to know about the Twitter Mega Hack! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw658

The guys welcome our newest host to the family. John Snyder will replace Matt Alderman on Security and Compliance Weekly. Tune in to hear about how John made the jump from being a trial lawyer in New York to founding AGNES Intelligence, a forensic AI firm that has perfected the application of unsupervised machine learning! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw658

With advent of Internet of Things (IoT) and emerging cloud technologies, ensuring continued cybersecurity at scale is a challenging task. An ever growing increase in demand of cybersecurity workforce makes the problem even more challenging. In this talk we will explore how autonomous solutions based on Artificial Intelligence (AI) and Machine Learning (ML) can help in bridging the gap, by automating current cybersecurity tools and techniques. We will also discuss if current AI solutions can be practical at scale or simply marketing/media hype. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw658

We continue the discussion with Brian Tremblay, a former auditor who "got religion" when he began to understand the complexities of security and how compliance could help or hinder security program efforts in organizations. We'll also talk about what Brian is doing at Onapsis, and how Onapsis is trying to help solve the problem. To learn more about Onapsis, visit: https://securityweekly.com/onapsis Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode35

Auditor turned security professional joins Security & Compliance Weekly to talk about how security misconfigurations and vulnerabilities can lead to compliance problems and the need for organizations to adopt a process of continuous compliance. Learn the best practices leaders can use to identify, monitor, and mitigate compliance risks related to their most critical business applications. To learn more about Onapsis, visit: https://securityweekly.com/onapsis Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode35

In the Leadership and Communications section, I'm a CISO, what's next?, The Upside of Virtual Board Meetings, The new cybersecurity priorities of 2020, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode180

This week, it's our quarterly Security Money update of the Security Weekly 25 Index and the Nasdaq. At the close on July 10th, 2020: - SW25 Index is 1,437.23, which is an increase of 43.72% - NASDAQ Index is 10,617.44, which is an increase of 60.01% Both indexes closed at an all time high on July 10th, 2020 Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode180