Player FM - Internet Radio Done Right
156 subscribers
Checked 2d ago
Dodano ten lat temu
Treść dostarczona przez Security Weekly Productions and Security Weekly. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Security Weekly Productions and Security Weekly lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Player FM - aplikacja do podcastów
Przejdź do trybu offline z Player FM !
Przejdź do trybu offline z Player FM !
Security Weekly Podcast Network (Video)
Oznacz wszystkie jako (nie)odtworzone ...
Manage series 72776
Treść dostarczona przez Security Weekly Productions and Security Weekly. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Security Weekly Productions and Security Weekly lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
…
continue reading
4476 odcinków
Oznacz wszystkie jako (nie)odtworzone ...
Manage series 72776
Treść dostarczona przez Security Weekly Productions and Security Weekly. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Security Weekly Productions and Security Weekly lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
…
continue reading
4476 odcinków
Wszystkie odcinki
×S
Security Weekly Podcast Network (Video)


1 Mrtentacle, Morphing Meerkat, Tor, VMWare, Waymo, Oracle, Aaran Leyland, and more... - SWN #463 29:26
29:26
Na później
Na później
Listy
Polub
Polubione29:26
Mrtentacle, Morphing Meerkat, Tor, VMWare, Waymo, Oracle, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-463
S
Security Weekly Podcast Network (Video)


1 SignalGate and How Not To Protect Secrets - PSW #867 2:07:11
2:07:11
Na później
Na później
Listy
Polub
Polubione2:07:11
How do we handle scope creep for vulnerabilities?, find the bugs before it hits the real world, risk or hype vulnerabilities, RTL-SDR in a browser, using AI to hack AI and protect AI, 73 vulnerabilities of which 0 patches have been issued, Spinning Cats, bypassing WDAC with Teams and JavaScript, Rust will solve all the security problems, did you hear some Signal chats were leaked?, ingress nginx, robot dogs, what happens to your 23andme data?, Oracle's cloud was hacked, despite what Oracle PR says, inside the SCIF, and cvemap to the rescue. Show Notes: https://securityweekly.com/psw-867…
S
Security Weekly Podcast Network (Video)


1 The Pace of Investments Requires Better Risk Management, Boards Challenged, & More - BSW #388 1:07:22
1:07:22
Na później
Na później
Listy
Polub
Polubione1:07:22
Cybersecurity teams were under increasing strain in 2024. To alleviate this burden, 2025 will see greater reliance on automation to streamline workflows, enhance threat detection, and accelerate incident response. But some of these investments may come with risks. Greg Sullivan, Founding Partner at CIOSO Global, joins Business Security Weekly to discuss how the pace of investment will require better risk management. Greg will cover topics, including: The seismic C-level shift in interest will require a top-down approach to cybersecurity. The focus will shift from external cybersecurity solutions to building in-house resilience. The critical criteria needed to drive more refined defenses, smarter resource allocation, and wiser cybersecurity investments. In the leadership and communications segment, Boards Challenged to Embrace Cybersecurity Oversight, Why Cybersecurity Needs More Business-Minded Leaders, How to Build a Cybersecurity Resume that Gets You Hired, and more! Show Notes: https://securityweekly.com/bsw-388…
S
Security Weekly Podcast Network (Video)


1 Curdled Miscreant, VanHelsing, MFA, Room 237, MFA, Velora, 23nMe, Josh Marpet... - SWN #462 31:13
31:13
Na później
Na później
Listy
Polub
Polubione31:13
Curdled Miscreant, VanHelsing, MFA, Room 237, MFA, Velora, 23nMe, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-462
S
Security Weekly Podcast Network (Video)


1 Finding a Use for GenAI in AppSec - Keith Hoodlet - ASW #323 54:08
54:08
Na później
Na później
Listy
Polub
Polubione54:08
LLMs are helping devs write code, but is it secure code? How are LLMs helping appsec teams? Keith Hoodlet returns to talk about where he's seen value from genAI, where it fits in with tools like source code analysis and fuzzers, and where its limitations mean we'll be relying on humans for a while. Those limitations don't mean appsec should dismiss LLMs as a tool. It means appsec should understand how things like context windows might limit a tool's security analysis to a few files, leaving a security architecture review to humans. Segment resources: https://securing.dev/posts/ai-security-reasoning-and-bias/ https://seclists.org/dailydave/2025/q1/0 https://arxiv.org/pdf/2409.16165 https://arxiv.org/pdf/2410.05229 https://nicholas.carlini.com/writing/2025/thoughts-on-future-ai.html Show Notes: https://securityweekly.com/asw-323…
S
Security Weekly Podcast Network (Video)


1 Google picks up a Wiz kid, GitHub’s malicious actions, Agentic AI is sus - ESW #399 47:49
47:49
Na później
Na później
Listy
Polub
Polubione47:49
This week, JP Bourget from Blue Cycle is with us to discuss Building the SOC of the Future Then, Michael Mumcuoglu (Moom-cuoglu) from CardinalOps joins us to talk about improving detection engineering. In the enterprise security news, Google bets $32B on a Wiz Kid Cybereason is down a CEO, but $120M richer EPSS version 4 is out Github supply chain attacks all over A brief history of supply chain attacks Why you might want to wait out the Agentic AI trend Zyxel wants you to throw away their (old) products HP printers are quantum resilient (and no one cares) A giant rat is my hero All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-399…
S
Security Weekly Podcast Network (Video)


1 We need better detection feedback loops - Michael Mumcuoglu - ESW #399 31:34
31:34
Na później
Na później
Listy
Polub
Polubione31:34
It feels like forever ago, but in the mid-2010s, we collectively realized, as an industry, that prevention was never going to be enough. Some attacks were always going to make their way through. Then ransomware got popular and really drove this point home. Detection engineering is a tough challenge, however. Where do we start? Which attacks should we build detections for? How much of the MITRE ATT&CK matrix do we need to cover? How often do these detections need to be reviewed and updated? Wait, are any of our detections even working? In this interview with Michael Mumcuoglu, we'll discuss where SecOps teams get it wrong. We'll discuss common pitfalls, and strategies for building more resilient and effective detections. Again, as an industry, we need to understand why ransomware attacks keep going unnoticed, despite attackers using routine techniques and tools that we see over and over and over again. Show Notes: https://securityweekly.com/esw-399…
S
Security Weekly Podcast Network (Video)


1 Building the SOC of the Future - JP Bourget - ESW #399 31:22
31:22
Na później
Na później
Listy
Polub
Polubione31:22
What does a mature SecOps team look like? There is pressure to do more with less staff, increase efficiency and reduce costs. JP Bourget's experience has led him to believe that the answer isn't a tool upgrade, it's better planning, architecture, and process. In this interview, we'll discuss some of the common mistakes SecOps teams make, and where to start when building the SOC of the future. Show Notes: https://securityweekly.com/esw-399…
S
Security Weekly Podcast Network (Video)


1 Orange Drop Caps, apps, Veeam, jobs, Heathrow, vpentest, Aaran Leyland, and More... - SWN #461 33:05
33:05
Na później
Na później
Listy
Polub
Polubione33:05
Orange Drop Caps, apps, Veeam, jobs, Heathrow, vpentest, Aaran Leyland, and More are on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-461
S
Security Weekly Podcast Network (Video)


1 Its Not Really A 0-Day - PSW #866 2:14:34
2:14:34
Na później
Na później
Listy
Polub
Polubione2:14:34
This week: Compliance, localization, blah blah, the Greatest Cybersecurity Myth Ever Told, trolling Microsoft with a video, Github actions give birth to a supply chain attack, prioritizing security research, I'm tired of 0-Days that are not 0-Days, sticking your head in the sand and believing everything is fine, I'm excited about AI crawlers, but some are not, Room 641A, a real ESP32 vulnerability, do we need a CVE for every default credential?, smart Flipper Zero add-ons, one more reason why people fear firmware updates, no more Windows 10, you should use Linux, and I have a Linux terminal in my pocket, now what? Show Notes: https://securityweekly.com/psw-866…
S
Security Weekly Podcast Network (Video)


1 Smart Cybersecurity Spending, as CISOs Architect Resilience and Grade Themselves - BSW #387 28:21
28:21
Na później
Na później
Listy
Polub
Polubione28:21
In the leadership and communications segment, Smart cybersecurity spending and how CISOs can invest where it matters, Grading CISOs: Effective Metrics and Personal Growth Strategies, The Pandemic Proved that Remote Leadership Works, and more! Show Notes: https://securityweekly.com/bsw-387
S
Security Weekly Podcast Network (Video)


1 Breaking Down Human-Element Breaches To Improve Cybersecurity - Jinan Budge - BSW #387 37:52
37:52
Na później
Na później
Listy
Polub
Polubione37:52
Organizations continue to suffer from security breaches, too many of which contain a human element. But there’s no consistent definition of the risk posed by human-related breaches, and recommendations are often limited to security awareness and training (SA&T). Understanding the depth and breadth of human-related breaches is critical to implementing adequate security controls within organizations. Jinan Budge, Research Director at Forrester, joins Business Security Weekly to discuss their Best Practice Report on Deconstructing Human-Element Breaches. Jinan will cover the breadth of human-related breaches, including: Social Engineering Human Error Loss/Theft of Physical Assets Social Media Compromise Insider Risk Deep Fake Scams Gen AI Misuse Narrative Attacks and why Security and Awareness Training is not the sole answer to solving human-related breaches. Join us, this discuss may get a little dicey. Segment Resources: https://www.forrester.com/blogs/breaking-down-human-element-breaches-to-improve-cybersecurity/ Show Notes: https://securityweekly.com/bsw-387…
S
Security Weekly Podcast Network (Video)


1 Angry Iguana, Squid Bot, Bruted, 0Auth, Dragon Medical, Clippy 2.0, CISA, Josh Marpet - SWN #460 35:05
35:05
Na później
Na później
Listy
Polub
Polubione35:05
Angry Iguana, Squid Bot 9000, Bruted, 0Auth, Dragon Medical One, Clippy 2.0, CISA, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-460
S
Security Weekly Podcast Network (Video)


1 Redlining the Smart Contract Top 10 - Shashank . - ASW #322 53:01
53:01
Na później
Na później
Listy
Polub
Polubione53:01
The crypto world is rife with smart contracts that have been outsmarted by attackers, with consequences in the millions of dollars (and more!). Shashank shares his research into scanning contracts for flaws, how the classes of contract flaws have changed in the last few years, and how optimistic we can be about the future of this space. Segment Resources: https://scs.owasp.org https://scs.owasp.org/sctop10/ https://solidityscan.com/web3hackhub https://www.web3isgoinggreat.com Show Notes: https://securityweekly.com/asw-322…
S
Security Weekly Podcast Network (Video)


1 Security doesn't trust AI, but startups are using it to write 95% of their code - ESW #398 36:09
36:09
Na później
Na później
Listy
Polub
Polubione36:09
In this week's enterprise security news, Knostic raises funding The real barriers to AI adoption for security folks What AI is really getting used for in the wild Early stage startup code bases are almost entirely AI generated Hacking your employer never seems to go well should the CISO be the chief resiliency officer? proof we still need more women in tech All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-398…
Zapraszamy w Player FM
Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.