Security Weekly Podcast Network (Video)

"Burn-In: A Novel of the Real Robotic Revolution" (May 26 release) is a new kind of novel+nonfiction. It uses the technothriller format as a way to share real research on the ways that AI+automation will shape our future, but also leave it vulnerable to a new scale of risks. That is, it is a fictional story following an FBI agent as she and a new partner hunt a new kind of terrorist bent on holding the entire city hostage in a way previously impossible. But baked into the story are some 300 macro and micro predictions of the tech and trends that will change our tomorrow, drawn from the latest nonfiction studies to show that it could/will come true (IE, it is a novel, but with endnotes on everything). Think of it as the veggies hidden in the smoothie, to give people a fun/scary read, but also to understand key terms and ideas soon to shape their lives. To get a discounted copy of Burn-In: A Novel of the Real Robotic Revolution, visit: https://800ceoread.com/securityweekly Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode653

The MITRE ATT&CK framework has had a major impact on the cybersecurity industry and has given a defenders a haystack in which to focus their defensive efforts. What's most interesting, perhaps, is where and how these TTPs intersect and how we can use that information to determine patterns and disrupt attacks by analyzing historical datasets. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode653

Security Leadership, Accountability in Security Leadership, and Enforcing Buy-in From the Top! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode185

What is the value of identity in a larger security conversation? Why does CyberArk partner with so many technology vendors? What's the value to you, the customer? It's an opportunity to talk about Privileged Access Management solution integrations with market leading software applications in the vulnerability management, SIEM, storage, discovery, orchestration & response, governance and many other fields. We will discuss why identity is an important part of securing an application - fundamental security principle that is not yet widely considered. To learn more about CyberArk, visit: https://securityweekly.com/cyberark Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode185

This week, MITRE ATT&CK for ICS: A Technical Deep Dive, Tufin Expands Security Automation Capabilities, Strengthen Business and Security Alignment with ThreatConnect, BeyondTrust Privilege Management for Windows and Mac SaaS Accelerates and Enhances Endpoint Security, Re-imaging threat detection, hunting and response with CTI, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode185

In the Security News, Hackers target the air-gapped networks of the Taiwanese and Philippine military, Stored XSS in WP Product Review Lite plugin allows for automated takeovers, Remote Code Execution Vulnerability Patched in VMware Cloud Director, Shodan scan of new preauth RCE shows 450k devices at risk including all QNAP devices, and The 3 Top Cybersecurity Myths & What You Should Know! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode652

HTTP security headers are an easy and effective way to harden your application against all kinds of client side attacks. We'll discuss which security headers there are, what functions they have and how to use them properly. Security Header Whitepaper: https://www.netsparker.com/whitepaper-http-security-headers/ Slide Show: https://securityweekly.com/http-security-headers-in-action/ To learn more about Netsparker, visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode652

The guests on Trust Me I'm Certified have dropped some real knowledge and I'd like to distill that down as well as talk about building technical skills, looking at your career as a 'thing' that needs care and feeding, and the BSidesNH conference. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode652

In this segment we'll discuss why email security is still not a solved problem and how now that people are increasingly working from home, it poses an increased risk. We'll also share some interesting attacks that we've uncovered in the past several weeks since the beginning of shelter-in-place. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode184

Whether it's an external red team, internal red team, vulnerability scanning data, or a self-assessment questionnaire, results from all of these different types of assessments must be tracked and managed. Dan from Plextrac will walk you through how to track and manage all of these activities in one place! To learn more about PlexTrac or to claim your Free Month, visit: https://securityweekly.com/plextrac Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode184