Security Weekly Podcast Network (Video)
Security Weekly Productions
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape.
Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
Episodes
Mentioned books
Apr 26, 2024 • 30min
How GenAI Can Improve SecOps - Ely Kahn - ESW #359
We've talked about generative AI in a general sense on our podcast for years, but we haven't done many deep dives into specific security use cases. That ends with this interview, as we discuss how generative AI can improve SecOps with Ely Kahn. Some of the use cases are obvious, while others were a complete surprise to me. Check out this episode if you're looking for some ideas! This segment is sponsored by SentinelOne. Visit https://securityweekly.com/sentinelone to learn more about them! Show Notes: https://securityweekly.com/esw-359
Apr 26, 2024 • 1h 50min
Your TV Is Scanning You - PSW #826
This week the crew discusses: When TVs scan your network, bad things can happen, PuTTY is vulnerable, Crush FTP, vulnerabilities that will never be fixed, CVEs are for vulnerabilities silly, you can test for easily guessable passwords too, FlipperZero can steal all your passwords, more XZ style attacks, more reasons why you shouldn't use a smart lock, and your keystrokes are showing! Show Notes: https://securityweekly.com/psw-826
Apr 25, 2024 • 44min
Autonomous - I don't think that word means what you think it means - ESW #359
A clear pattern with startups getting funding this week are "autonomous" products and features. Automated detection engineering Autonomously map and predict malicious infrastructure ..."helps your workforce resolve their own security issues autonomously" automated remediation automated compliance management & reporting I'll believe it when I see it. Don't get me wrong, I think we're in desperate need of more automation when it comes to patching and security decision-making. I just don't think the majority of the market has the level of confidence necessary to trust security products to automate things without a human in the loop. The way LimaCharlie is going about it, with their new bi-directional functionality they're talking up right now, might work, as detections can be VERY specific and fine-grained. We've already seen a round of fully automated guardrail approaches (particularly in the Cloud) fail, however. My prediction? Either what we're seeing isn't truly automated, or it will become a part of the product that no one uses - like Metasploit Pro licenses. Show Notes: https://securityweekly.com/esw-359
Apr 24, 2024 • 1h 1min
Advising The President On Cyber-Physical Resilience - Philip Venables - PSW #826
On February 27, 2024, PCAST (President's Council of Advisors on Science and Technology) sent a report to the President with recommendations to bolster the resilience and adaptability of the nation's cyber-physical infrastructure resources. Phil was part of the team that worked on the report and comes on the show to talk about what was recommended and how we implement the suggestions. Show Notes: https://securityweekly.com/psw-826
Apr 23, 2024 • 38min
XZ & Open Source, PuTTY's Private Keys, LeakyCLI, LLMs Writing Exploits - ASW #282
CISA chimes in on the XZ Utils backdoor, PuTTY's private keys and maintaining a secure design, LeakyCLI and maintaining secure secrets in CSPs, LLMs and exploit generation, and more! Show Notes: https://securityweekly.com/asw-282
Apr 23, 2024 • 37min
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland... - SWN #380
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-380
Apr 23, 2024 • 39min
Sustainable Funding of Open Source Tools - Simon Bennetts, Mark Curphey - ASW #282
How can open source projects find a funding model that works for them? What are the implications with different sources of funding? Simon Bennetts talks about his stewardship of Zed Attack Proxy and its journey from OWASP to OpenSSF to an Open Source Fellowship with Crash Override. Mark Curphy adds how his experience with OWASP and the appsec community motivated him to create Crash Override and help projects like ZAP gain the support they deserve. Segment resources: https://crashoverride.com/blog/welcome-zap-to-the-open-source-fellowship https://www.zaproxy.org https://crashoverride.com/blog/are-there-too-many-bubbles-of-similar-security-efforts Show Notes: https://securityweekly.com/asw-282
Apr 23, 2024 • 30min
Unraveling the "Materiality" Mystery: A CISO's Guide to SEC Compliance - Mike Lyborg - BSW #347
The new SEC Cyber Security Rules require organizations to be ready to report cyber incidents. But what do you actually need to do? Mike Lyborg, Chief Information Security Officer at Swimlane, joins Business Security Weekly to discuss how to prepare. In this interview he'll discuss the key element of your preparation, including: Quantification Materiality Evidence Disclosure Show Notes: https://securityweekly.com/bsw-347
Apr 22, 2024 • 35min
What does DoD's CMMC Requirement Mean for American Businesses - Edward Tuorinsky - BSW #347
Since 2016, we been hearing about the impending impact of CMMC. But so far, it's only been words. That looks to be changing. Edward Tourinsky, Founder & Managing Principal at DTS, joins Business Security Weekly to discuss the coming impact of CMMC v3. Edward will cover: The background of CMMC Standardization of CMMC CMMC v3 changes and implementation timelines Best practices to prepare Segment Resources: https://www.federalregister.gov/documents/2023/12/26/2023-27280/cybersecurity-maturity-model-certification-cmmc-program https://www.forbes.com/sites/forbesbusinesscouncil/2024/02/13/the-department-of-defenses-cmmc-requirement-and-what-it-means-for-american-businesses/?sh=7ccbc268b7b5 https://consultdts.com/demystifying-the-cmmc-rule-a-breakdown-of-proposed-regulation/ Show Notes: https://securityweekly.com/bsw-347
Apr 19, 2024 • 35min
Win 95, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland... - SWN #379
Win 95, Cheat Lab, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-379
