Security Weekly Podcast Network (Video)

At Carnegie Mellon University we are designing a usable security and privacy label for smart devices to help consumers make informed choices about Internet of Things device purchases and encourage manufacturers to disclose their privacy and security practices. The label includes information on privacy and security practices of the smart device, such as the type of data the device collects and whether or not the device gets automatic security updates. Based on research with both consumers and experts, we have designed a two-layer label that includes a simple, understandable primary layer for consumers and a more detailed secondary layer that includes information important to experts. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode645

Matt and the Security Weekly crew will discuss how the interaction between network engineers and security operations has changed over the years, as well as the value of the network when identifying security threats and performing remediation. For more information on VIAVI Solutions, visit: https://securityweekly.com/viavi Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode645

Tod Beardsley, research director, will discuss some of the trends in Internet scanning and attacker behavior given there are new Windows vulnerabilities and the workforce working from home. Should you re-train your User Behavior Analytics (UBA) and/or rely on other technologies? To learn more about Rapid7 or to get a free trial, visit: https://securityweekly.com/rapid7 Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode177

The cybersecurity challenges created by remote workforces and what it takes to deliver security to remote workers while avoiding impacting business operations. How do you continue vulnerability and patch management across endpoints and servers when everyone is working from home? To learn more about Qualys, visit: https://securityweekly.com/qualys Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode177

How to Write an Automated Test Framework in a Million Little Steps, Qualys remote endpoint protection solution helps enterprises secure remote workforces, Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering, Kaspersky Security for Microsoft Office 365 adds protection for SharePoint Online and Microsoft Teams and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode177

Customer perspective on the three topics discussed with RSA in first segment Also: -What is your view of security vs. compliance vs. risk? -What drives your security program initiatives? -What are the biggest challenges in administering a security program? To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode22

David Walter from RSA will join us to discuss the following: -The shift in the enterprise from compliance-based focused initiatives to risk-based ones -Regulatory changes that are impacting organizations security program/management efforts -Challenges/Successes associated with automating compliance monitoring efforts/continuous compliance monitoring To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode22

In the leadership and communications section, Real Leaders: Abraham Lincoln and the Power of Emotional Discipline, Social Distancing: 15 Ideas for How to Stay Sane, Rethink Your Relationship with Your Vendors, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode167

How do you protect your assets commensurate with their value if you lack situational awareness of everything communicating on your network thanks to IoT, rogue cloud instances, and shadow IT? If we can agree that EDR doesn't give the full picture, what can the security industry do to combat this challenge both from a technological and a process/culture perspective? Jeff will discuss how asset and risk management is changing and open up a conversation around how the CIA Triad has and is evolving. For more information, visit: https://securityweekly.com.extrahop Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode167

Static application security testing (SAST) is critical for uncovering and eliminating issues in proprietary code. However, over 60% of the code in an average application today is composed of open source components. SAST isn't designed to find open source vulnerabilities (CVEs) or identify open source licenses. And manually maintaining a repository of approved open source components for developers is inefficient and time-consuming. That's where software composition analysis (SCA) comes in. Introducing a new functionality within the Code Sight IDE plugin that combines SAST and SCA in one place to enable secure development. For more information, visit: https://securityweekly.com/synopsys Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode101