About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.
…
continue reading
Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizations of all sizes with their cybersecurity needs. If you’re an AppSec professional looking for an opportunity to work with some of the best in the ...
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
1
More Car Hacks, CUPS Vulns, Microsoft's SFI, Memory Safety, Password Complexity - Farshad Abasi - ASW #301
45:57
45:57
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
45:57
More remote car control via web interfaces, an RCE in CUPS, Microsoft reduces attack surface, migrating to memory safety, dealing with dependency confusion, getting rid of password strength calculators, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-301…
…
continue reading
1
Perfctl, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland... - SWN #419
32:36
32:36
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
32:36
Perfctl, Warm Cookie, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-419
…
continue reading
1
Cybersecurity Career Paths: from touring musician to purple teaming at Meta - Neko Papez, Brian Contos, Jayson Grace - ESW #378
2:13:51
2:13:51
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
2:13:51
Our latest in a series of interviews discussing cybersecurity career paths, today we talk to Jayson Grace his path into cybersecurity and his experience building red teams at national labs and purple teams at Meta. We also talk about his community impact, giving talks and building open source tools. Jayson just left Meta for an AI safety startup na…
…
continue reading
1
Analyzing Malware at Scale - John Hammond - PSW #845
3:07:23
3:07:23
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
3:07:23
Segment description coming soon! Segment Resources: - https://www.huntress.com/blog/the-hackers-in-the-arena-the-huntress-ctf-retrospective - https://www.huntress.com/blog/fake-browser-updates-lead-to-boinc-volunteer-computing-software Automated tank gauges are leaking more than just fuel, while CUPS is serving up a steaming hot brew of vulnerabili…
…
continue reading
1
More Car Hacks, CUPS Vulns, Microsoft's SFI, Memory Safety, Password Complexity - Farshad Abasi - ASW #301
45:57
45:57
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
45:57
More remote car control via web interfaces, an RCE in CUPS, Microsoft reduces attack surface, migrating to memory safety, dealing with dependency confusion, getting rid of password strength calculators, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-301…
…
continue reading
1
Death Stars, Recall, Microsoft, Brocade, AI, Josh Marpet, and more... - SWN #418
29:19
29:19
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
29:19
Death Stars are not real or are they?, Recall, Microsoft, Brocade, AI and More and More AI, Josh Marpet, and more on the Cyber Security News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-418
…
continue reading
1
How to Attain Zero Trust - Rob Allen - BSW #366
57:58
57:58
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
57:58
The zero-trust security model has been billed as an ultra-safe defense against emerging, unrecognized and well-known threats. Unlike perimeter security, it doesn't assume people inside an organization are automatically safe. Instead, it requires every user and device -- inside and out -- to be authorized before any access is granted. Sounds enticin…
…
continue reading
1
Passwords, CUPS, KIA, Gilbert Gottfried, Salt Typhoon, Rob Allen from ThreatLocker... - Rob Allen - SWN #417
33:04
33:04
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
33:04
Passwords, CUPS, KIA, Gilbert Gottfried, Salt Typhoon, Rob Allen from ThreatLocker, and More on the Security Weekly News. Segment Resources: https://www.bleepingcomputer.com/news/security/hackers-deploy-ai-written-malware-in-targeted-attacks/ This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more abou…
…
continue reading
1
SIEM: Shakeup in Event Management - What's Happening in the SIEM market today? - Jason Shockey, Seth Goldhammer - ESW #377
1:59:45
1:59:45
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
1:59:45
The SIEM market has undergone some significant changes this summer. This is a great opportunity to talk about the current state of SIEM! In this conversation, we'll discuss: market changes and terminology: security analytics, data lakes, SIEM what is SOAR's role in the current SIEM market? machine learning and generative AI's role strategies for im…
…
continue reading
1
AI in Cyber & Addressing Analyst Burnout - Kayla Williams - PSW #844
2:59:14
2:59:14
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
2:59:14
This week in the security news, Dr. Doug and Larry explore various technological advancements and their implications with a healthy dose of nostalgia, particularly focusing on health monitoring through Wi-Fi signals, the misconceptions surrounding 5G connectivity, the importance of understanding internet speed needs, and the cybersecurity threats f…
…
continue reading
1
C3pbot, Kaspersky, Octo2 , Honkai: Star Rail, ServiceNow, LinkedIn... - SWN #416
29:32
29:32
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
29:32
C3pbot, Kaspersky, Octo2 Electric Boogaloo, Honkai: Star Rail, ServiceNow, LinkedIn, IoT, Josh Marpet, and more on the Cyber Security News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-416
…
continue reading
1
Vulnerable APIs and Bot Attacks: Two Interconnected, Growing Security Threats - David Holmes - ASW #300
1:07:51
1:07:51
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
1:07:51
APIs are essential to modern application architectures, driving rapid development, seamless integration, and improved user experiences. However, their widespread use has made them prime targets for attackers, especially those deploying sophisticated bots. When these bots exploit business logic, they can cause considerable financial and reputational…
…
continue reading
1
Vulnerable APIs and Bot Attacks: Two Interconnected, Growing Security Threats - David Holmes - ASW #300
1:07:51
1:07:51
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
1:07:51
APIs are essential to modern application architectures, driving rapid development, seamless integration, and improved user experiences. However, their widespread use has made them prime targets for attackers, especially those deploying sophisticated bots. When these bots exploit business logic, they can cause considerable financial and reputational…
…
continue reading
1
Authentication and Authorization in the AI Era - Shiven Ramji - BSW #365
1:06:53
1:06:53
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
1:06:53
In the leadership and communications segment, CISA Releases Cyber Defense Alignment Plan for Federal Agencies, UnitedHealth Group CISO: We had to ‘start over’ after Change Healthcare attack, 20 Essential Strategies for Leadership Development Success, and more! AI is bringing productivity gains like we’ve never seen before -- with users, security te…
…
continue reading
1
Shroombots, pagers, Tor, Raptor Train, GRU, Blue Light, Aaran Leyland, and More... - SWN #415
34:59
34:59
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
34:59
Shroombots, pagers, Tor, Raptor Train, GRU, Blue Light, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-415
…
continue reading
1
Do phishing tests do more harm than good? & Speed, Flexibility, and AI - Wolfgang Goerlich, Whitney Young - ESW #376
1:52:31
1:52:31
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
1:52:31
A month ago, my friend Wolfgang Goerlich posted a hot take on LinkedIn that is less and less of a hot take these days. He posted, "our industry needs to kill the phish test",and I knew we needed to have a chat, ideally captured here on the podcast. I've been on the fence when it comes to phishing simulation, partly because I used to phish people as…
…
continue reading
1
Exploding Pagers - Tod Beardsley - PSW #843
2:53:37
2:53:37
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
2:53:37
Apple drops a lawsuit to avoid exposing secrets, what does it mean for the security industry if MS locks down the kernel?, exploding pagers, more things from the past: Adobe Flash exploits, robots get rid of your data, PKFail is still a thing, Android TV malware is back: now with conspiracy theories, DMA attacks, gamers are not nation-state attacke…
…
continue reading
1
Bringing Secure Coding Concepts to Developers - Dustin Lehr - ASW #299
1:02:26
1:02:26
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
1:02:26
When a conference positioned as a day of security for developers has to be canceled due to lack of interest from developers, it's important to understand why there was so little interest and why appsec should reconsider its approach to awareness. Dustin Lehr discusses how appsec can better engage and better deliver security concepts in a way that m…
…
continue reading
1
Back to the office, Void Banshee, ServiceNow, Taiwan, Dlink, C++, Aaran Leyland... - SWN #414
34:40
34:40
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
34:40
Back to the office serfs, Void Banshee, ServiceNow, Taiwan, Dlink, C++, Aaran Leyland, and more on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-414
…
continue reading
1
Bringing Secure Coding Concepts to Developers - Dustin Lehr - ASW #299
1:02:26
1:02:26
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
1:02:26
When a conference positioned as a day of security for developers has to be canceled due to lack of interest from developers, it's important to understand why there was so little interest and why appsec should reconsider its approach to awareness. Dustin Lehr discusses how appsec can better engage and better deliver security concepts in a way that m…
…
continue reading
1
Solving the Cybersecurity Data Problem - Padraic O'Reilly - BSW #364
1:00:54
1:00:54
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
1:00:54
Cybersecurity is complex. We have threats, vulnerabilities, incidents, controls, risks, etc. But how do they all connect together to drive a cyber risk program? As an industry, we've struggled for 20+ years trying to boil this ocean. Maybe we've been going about it the wrong way. Padraic O'Reilly, Founder and Chief Innovation Officer at CyberSaint,…
…
continue reading
1
Li-On, Lazarus, Whatsup, Scattered Spider, Hadooken, Dead People, Aaran Leyland... - SWN #413
31:12
31:12
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
31:12
Through the Fire and Li-On Flames, Lazarus, Whatsup, Scattered Spider, Hadooken, Dead People, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-413
…
continue reading
1
Cybersecurity has too many distractions and can the White House fix BGP? - Harish Peri, Harry Wilson, Darren Guccione - ESW #375
2:30:27
2:30:27
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
2:30:27
This week, in the enterprise security news, Cribl, Zafran, and US states raise funding Cisco, Check Point, Salesforce, and Absolute Software acquire cybersecurity startups AI Security products are picking up steam You probably shouldn’t be too worried about Yubikey cloning Instead, you should be more worried about malicious npm packages! The White …
…
continue reading
1
Recent Cyber Security Laws & Regulations - Lee Kim - PSW #842
3:04:37
3:04:37
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
3:04:37
Lee comes on the show to discuss: EU CRA - https://en.wikipedia.org/wiki/CyberResilienceAct - its impact on bringing products to market and the challenges of enforcing such laws that require products to be "Secure" Recent legislation on disputes for federal agency fines - Chevron deference rule - supreme court decision, uncertainty, more or less cl…
…
continue reading
1
AI Trucks, Solid Concrete, Sonicwall, Progress, Rust, Apple, and more... - SWN #412
30:19
30:19
Später Spielen
Später Spielen
Listen
Gefällt mir
Geliked
30:19
AI Trucks, Solid Concrete, Sonicwall, Progress, Rust, Apple, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-412
…
continue reading