Osquery, Netflix, & Mozilla – Application Security Weekly #66

[embedded content] Mozilla pushes a patch onto an Array, Netflix shares a stream of patches, Breach to bankruptcy for healthcare company, Osquery becomes a foundational tool, Avoiding DevOps dangers, and Assigning DevOps directions! News Bugs, Breaches, and More! If you build it, they will come Food for Thought Full Show Notes Follow us on Twitter: https://www.twitter.com/securityweekly John Kinsella – Vice President of Container Security, Qualys. Matt Alderman – CEO, Security…

June 24, 2019
Read More >>

Don’t Ignore APIs – Application Security Weekly #66

[embedded content] API are now over 80% of the HTTP traffic and enterprise application breaches through compromised APIs are mounting!. A guide to API Security. They also discuss Public VS Private APIs and if the best practice should be segregation of the two. Full Show Notes Follow us on Twitter: https://www.twitter.com/securityweekly Matt Alderman – CEO, Security Weekly. John Kinsella – Vice President of Container Security, Qualys. Mike Shema – Product…

June 24, 2019
Read More >>

AttackDefense Labs Platform – Paul’s Security Weekly #609

[embedded content] We interview Vivek Ramachandran, who is the Founder & CEO of Pentester Academy. Pentester Academy, our AttackDefense Labs platform and other topics. Vivek will show a demo of their AttackDefense labs. We also have a free community security for your users to try out without requiring a subscription or credit card. Full Show NotesFollow us on Twitter: https://www.twitter.com/securityweekly Doug White – Professor, Roger Williams University. Paul Asadorian –…

June 21, 2019
Read More >>

Purple Teaming, SCYTHE – Paul’s Security Weekly #609

[embedded content] We welcome back Bryson Bort, who is the Founder/CEO of GRIMM. Bryson will be talking about Purple Teaming, Top Attack Simulation Scenarios, and Testing Command & Control Channels. To learn more about SCYTHE, visit: https://securityweekly.com/scytheFull Show Notes Follow us on Twitter: https://www.twitter.com/securityweekly Jeff Man – Sr. InfoSec Consultant, Online Business Systems. Paul Asadorian – CTO, Security Weekly. Joff Thyer – Security Analyst, Black Hills Information Security. Lee Neely…

June 21, 2019
Read More >>

Border Control, Russia, & Scams – Paul’s Security Weekly #609

[embedded content] In the Security News, how not to prevent a cyberwar with Russia, the case against knee-jerk installation of Windows patches, U.S. customs and Border Protection data breach is the result of a supply chain attack, and a phishing scam that hacks 2 factor authentication! Paul’s Stories 5 Keys to Improve Your Cybersecurity Censorship vs. the memes Engineer’s ‘Smart Speaker Firewall’ isolates Alexa devices in a snap How Not…

June 21, 2019
Read More >>

Inheriting Someone Else’s Code

[embedded content] Paul will talk about the challenges of inheriting someone else’s code. Paul will discuss 5 tips: Use an IDE, Variable Usage, Jump To Implementation and Declaration, Global Search, and Inspection. I’ve spent the past few weeks updating software. I was not the primary developer, mostly I was working with other people’s code. I ran into several challenges, here are some tips for when you are in this situation:…

June 20, 2019
Read More >>

Challenges of Healthcare Security – Enterprise Security Weekly #142

[embedded content] Security in a healthcare environment takes on many unusual aspects that other industries do not typically deal with. From patient restraints to drug diversion to the highest workplace violence rates in any US industry, healthcare is one of the most complex and challenging security environments to maintain. Full Show Notes Visit https://securityweekly.com/esw for all the latest episodes! Lee Neely – Senior Cyber Analyst , Lawrence Livermore National Laboratory….

June 20, 2019
Read More >>

Enterprise News – Enterprise Security Weekly #142

[embedded content] In the Enterprise News, Docker desktop for Windows 10 will soon switch to WSL 2, Netskope introduces Zero-Trust secure access to private enterprise applications, 10 notable security acquisitions of 2019, and can your patching strategy keep up with the demands of open source? Docker Desktop for Windows 10 Will Soon Switch to WSL 2 Aqua Security announces container vulnerabilities detecting and blocking solution in industry first. – DevOps…

June 20, 2019
Read More >>

Yubico, Tufin, & Venmo – Hack Naked News #223

[embedded content] This week, prevent the impact of a Linux worm, Yubico recalls FIPS Yubikey tokens after flaw discovered, how fraudulent domains hide in plain site, Samsung reminds rabble to scan smart TV’s for viruses and makes them forget, and the scraping of millions of Venmo transactions in a privacy warning to consumers! In the expert commentary, we welcome Sagi Bar-Zva, Strategic pre-Sales Manager from Tufin to talk about Using…

June 18, 2019
Read More >>

Azure & Cloud Migration For CISOs – Business Security Weekly #132

[embedded content] Jeremy Winter is the Director, Azure Management at Microsoft Azure. He joins us to talk about what CSOs & CISOs need to know about Azure + Cloud migration Tips + Mythbusting cloud security issues. This episode of Business Security Weekly will focus on what CSOs and CISOs need to know about Azure. Additionally, Jeremy will touch upon the best cloud migration tips and mythbust cloud security issues. Full…

June 18, 2019
Read More >>