This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
If you're looking for a bunch of us security nerds to get together and talk shop, then Paul’s Security Weekly is for you. This show features interviews with folks in the security community; technical segments, which are just that, very technical; and security news, which is an open discussion forum for the hosts to express their opinions about the latest security headlines, breaches, new exploits and vulnerabilities, “not” politics, “cyber” policies and more. The topics vary greatly and the ...
…
continue reading
For the latest in computer security news, hacking, and research! We sit around, drink beer, and talk security. Our show will feature technical segments that show you how to use the latest tools and techniques. Special guests appear on the show to enlighten us and change your perspective on information security. Note: This is only Paul's Security Weekly, a 2-hour show recorded once per week.
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Do We Need Penetration Testing and Vulnerability Scanning? - Josh Bressers, Adrian Sanabria - PSW #833
2:51:52
2:51:52
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
2:51:52
This may be controversial, however, we've been privately discussing how organizations benefit from penetration testing and vulnerability scanning. Do you still need these services as a critical part of your security program? Can't you just patch stuff that is missing patches? Tune in for a lively debate! Zyxl NAS devices are under attack and the ex…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Do We Need Penetration Testing and Vulnerability Scanning? - Adrian Sanabria, Josh Bressers - PSW #833
1:00:55
1:00:55
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
1:00:55
This may be controversial, however, we've been privately discussing how organizations benefit from penetration testing and vulnerability scanning. Do you still need these services as a critical part of your security program? Can't you just patch stuff that is missing patches? Tune in for a lively debate! Show Notes: https://securityweekly.com/psw-8…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Whose Vulnerability Is It Anyway? - Josh Bressers - PSW #831
2:43:47
2:43:47
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
2:43:47
Josh comes on the show to discuss all things related to vulnerability tracking and scoring, including the current issues with various systems and organizations including NIST, CVE, Mitre, CVSS, NVD, and more! Segment Resources: NVD blog post Josh wrote: https://anchore.com/blog/navigating-the-nvd-quagmire/ Josh's Latest post: https://opensourcesecu…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Is GenAI Having a Rough Time? We check in to see how it's doing. - ESW #366
1:00:24
1:00:24
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
1:00:24
We've made a slight tweak to the news format, only focusing on the most interesting funding and acquisition stories. As always, you can go check out Mike Privette's Return on Security newsletter for the full list of funded and acquired companies every week. This week, we discuss two $100M+ rounds, from Huntress and Semperis. We also discuss NetSPI'…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Shifting Cybersecurity Philosophy from Threat-Centric to Compromise-Centric - Martin Roesch - ESW #366
42:32
42:32
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
42:32
For decades, security teams have been focused on preventing and detecting threats, only to find themselves buried so deep in alerts, they can't detect anything at all! We clearly need a different approach, which will be the topic of our conversation today with Marty. We'll be discussing a shift in philosophy and tactics. We'll discuss whether SecOp…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
MoveIT, Entrust, Fed Reserve, ISPs, Volt Typhoon & More - SWN #395
29:09
29:09
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
29:09
Healthcare and malware, MoveIT, Chrome won't trust Entrust, the discovery of Volt Typhoon, & more on this episode of the Security Weekly News! Segment Resources: https://therecord.media/volt-typhoon-targets-underestimated-cisa-says Show Notes: https://securityweekly.com/swn-395
…
continue reading
![Artwork](/static/images/128pixel.png)
1
MoveIT, Entrust, Fed Reserve, ISPs, Volt Typhoon & More - Chris Wolski - SWN #395
29:10
29:10
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
29:10
Healthcare and malware, MoveIT, Chrome won't trust Entrust, the discovery of Volt Typhoon, & more on this episode of the Security Weekly News! Segment Resources: https://therecord.media/volt-typhoon-targets-underestimated-cisa-says Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-395…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
The risks and best practices of deploying AI to an enterprise - Anurag Lal - ESW #366
33:34
33:34
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
33:34
We all might be a little worn out on this topic, but there's no escaping it. Executives want to adopt GenAI and it is being embedded into nearly every software product we use in both our professional and personal lives. In this interview, Anurag joins us to discuss how his company evaluated and ultimately integrated AI-based technologies into their…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
The risks and best practices of deploying AI to an enterprise - Martin Roesch, Anurag Lal - ESW #366
2:16:26
2:16:26
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
2:16:26
We all might be a little worn out on this topic, but there's no escaping it. Executives want to adopt GenAI and it is being embedded into nearly every software product we use in both our professional and personal lives. In this interview, Anurag joins us to discuss how his company evaluated and ultimately integrated AI-based technologies into their…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Hack all the things, patch all the things - PSW #833
1:50:38
1:50:38
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
1:50:38
Zyxl NAS devices are under attack and the exploit is pretty simple, A new UEFI vulnerability with a name that some people don't like, that time you setup a load balancer and forgot about it, I love it when there is a vulnerability in a Wifi driver, Polyfill is filling the Internet with supply chain vulnerabilities, open source doesn't mean more sec…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Hack all the things, patch all the things - PSW #833
1:50:38
1:50:38
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
1:50:38
Zyxl NAS devices are under attack and the exploit is pretty simple, A new UEFI vulnerability with a name that some people don't like, that time you setup a load balancer and forgot about it, I love it when there is a vulnerability in a Wifi driver, Polyfill is filling the Internet with supply chain vulnerabilities, open source doesn't mean more sec…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Do We Need Penetration Testing and Vulnerability Scanning? - Josh Bressers, Adrian Sanabria - PSW #833
2:51:52
2:51:52
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
2:51:52
This may be controversial, however, we've been privately discussing how organizations benefit from penetration testing and vulnerability scanning. Do you still need these services as a critical part of your security program? Can't you just patch stuff that is missing patches? Tune in for a lively debate! Zyxl NAS devices are under attack and the ex…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Do We Need Penetration Testing and Vulnerability Scanning? - Adrian Sanabria, Josh Bressers - PSW #833
1:00:55
1:00:55
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
1:00:55
This may be controversial, however, we've been privately discussing how organizations benefit from penetration testing and vulnerability scanning. Do you still need these services as a critical part of your security program? Can't you just patch stuff that is missing patches? Tune in for a lively debate! Show Notes: https://securityweekly.com/psw-8…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Shared Responsibility Models, AI in Offensive Security, Apple's Private Cloud Compute - ASW #289
24:10
24:10
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
24:10
Thoughts on shared responsibility models after the Snowflake credential attacks, looking at AI's current and future role in offensive security, secure by design lessons from Apple's Private Cloud Computer, and more! Show Notes: https://securityweekly.com/asw-289
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Baltimore, GPS Jammed, US bans, ARM, YouTube, Kraken and Joshua Marpet - SWN #394
30:16
30:16
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
30:16
Baltimore, GPS Jammed, US bans, ARM, YouTube, Kraken and Joshua Marpet, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-394
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Baltimore, GPS Jammed, US bans, ARM, YouTube, Kraken and Joshua Marpet - SWN #394
30:07
30:07
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
30:07
Baltimore, GPS Jammed, US bans, ARM, YouTube, Kraken and Joshua Marpet, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-394
…
continue reading
![Artwork](/static/images/128pixel.png)
1
OAuth 2.0 from Protecting APIs to Supporting Authorization & Authentication - Aaron Parecki - ASW #289
37:01
37:01
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
37:01
OAuth 2.0 is more than just a single spec and it's used to protect more than just APIs. We talk about challenges in maintaining a spec over a decade of changing technologies and new threat models. Not only can OAuth be challenging to secure by default, but it's not even always inter-operable. Segment Resources: https://oauth.net/2.1 https://oauth.n…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Building a Successful API Security Strategy - Luke Babarinde, Bhawna Singh - BSW #354
1:04:51
1:04:51
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
1:04:51
With 71% of web traffic coming from API calls last year and the average organization maintaining 613 API endpoints, a robust strategy is needed to protect APIs against automated threats and business logic attacks. Tune in as Luke Babarinde, Global Solution Architect, shares the key steps to building a successful API security strategy. This segment …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
AI at Work 2024: C-suite Perspectives on Artificial Intelligence - Bhawna Singh - BSW #354
32:31
32:31
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
32:31
In the age of AI, driving a business forward requires balancing three very significant considerations: growth through innovation, productivity through operational efficiency, and trust through security. To better understand how AI impacts the intersection of security, innovation, and operational efficiency, Okta commissioned an AlphaSights survey o…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Building a Successful API Security Strategy - Luke Babarinde - BSW #354
32:41
32:41
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
32:41
With 71% of web traffic coming from API calls last year and the average organization maintaining 613 API endpoints, a robust strategy is needed to protect APIs against automated threats and business logic attacks. Tune in as Luke Babarinde, Global Solution Architect, shares the key steps to building a successful API security strategy. This segment …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
OAuth 2.0 from Protecting APIs to Supporting Authorization & Authentication - Aaron Parecki - ASW #289
1:01:09
1:01:09
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
1:01:09
OAuth 2.0 is more than just a single spec and it's used to protect more than just APIs. We talk about challenges in maintaining a spec over a decade of changing technologies and new threat models. Not only can OAuth be challenging to secure by default, but it's not even always inter-operable. Segment Resources: https://oauth.net/2.1 https://oauth.n…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Access vs Actions, Beyond Traditional IGA, Remote Identity Verification, & Fraud - Tim Prendergast, Damon Tompkins, Andrew Bud, Chris Meyer - ESW Vault
58:32
58:32
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
58:32
Traditional approaches to access management are no longer sufficient to safeguard enterprise security. Tim will explain why the most effective approach to modern enterprise security requires a Zero Trust model that extends beyond just access to encompass every action, no matter how minor. Tim will describe the importance of implementing a Zero Trus…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Access vs Actions, Beyond Traditional IGA, Remote Identity Verification, & Fraud - Tim Prendergast, Damon Tompkins, Andrew Bud, Chris Meyer - ESW Vault
58:32
58:32
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
58:32
Traditional approaches to access management are no longer sufficient to safeguard enterprise security. Tim will explain why the most effective approach to modern enterprise security requires a Zero Trust model that extends beyond just access to encompass every action, no matter how minor. Tim will describe the importance of implementing a Zero Trus…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Cybersecurity In College - SWN Vault
38:26
38:26
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
38:26
Check out this interview from the SWN Vault, hand picked by main host Doug White! This Secure Digital Life segment was originally published on June 19, 2018. This week, Doug and Russ interview Matthew Silva, President and Founder of the Cybersecurity and Intel Club at Roger Williams University! They talk about majoring in Cybersecurity vs. Computer…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Cybersecurity In College - SWN Vault
38:26
38:26
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
38:26
Check out this interview from the SWN Vault, hand picked by main host Doug White! This Secure Digital Life segment was originally published on June 19, 2018. This week, Doug and Russ interview Matthew Silva, President and Founder of the Cybersecurity and Intel Club at Roger Williams University! They talk about majoring in Cybersecurity vs. Computer…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
iShield Key Experience, Automated (PKI) Infrastructure, & GenAI Identity Attacks - Kevin Fadaie, Roni Bliss, David Mahdi - ESW Vault
44:48
44:48
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب
44:48
FIDO security keys are not new in the authentication workflow. They have been around now for 10 years. What is new is the combination of the most secure multi-factor authentication method not only for logical but also for physical access control with the highest FIPS140-3 security certification in the market. Segment Resources: Video "Swissbit iShi…
…
continue reading