Best Harish Sharma Podcasts (2024)

1
Discovering a common Salesforce mistake launched this security professional's career - Aaron Costello - ESW #379 31:15

1h ago31:15

31:15

Aaron was already a skilled bug hunter and working at HackerOne as a triage analyst at the time. What he discovered can't even be described as a software bug or a vulnerability. This type of finding has probably resulted in more security incidents and breaches than any other category: the unintentional misconfiguration. There's a lot of conversatio…

1
Community Knowledge Sharing with CyberNest - Ben Siegel, Aaron Costello - ESW #379 1:53:03

37m ago1:53:03

1:53:03

For this interview, Ben from CyberNest joins us to talk about one of my favorite subjects: information sharing in infosec. There are so many amazing skills, tips, techniques, and intel that security professionals have to share. Sadly, a natural corporate reluctance to share information viewed as privileged and private has historically had a chillin…

1
Community Knowledge Sharing with CyberNest - Ben Siegel - ESW #379 28:18

1h ago28:18

28:18

For this interview, Ben from CyberNest joins us to talk about one of my favorite subjects: information sharing in infosec. There are so many amazing skills, tips, techniques, and intel that security professionals have to share. Sadly, a natural corporate reluctance to share information viewed as privileged and private has historically had a chillin…

1
The Code of Honor: Embracing Ethics in Cybersecurity - Ed Skoudis - PSW #846 54:53

5h ago54:53

54:53

"Code of Honor: Embracing Ethics in Cybersecurity" by Ed Skoudis is a book that explores the ethical challenges faced by cybersecurity professionals in today's digital landscape. The book delves into the complex moral dilemmas that arise in the field of cybersecurity, offering guidance on how to navigate these issues while maintaining integrity. Th…

1
The Code of Honor: Embracing Ethics in Cybersecurity - Ed Skoudis - PSW #846 2:14:57

35m ago2:14:57

2:14:57

"Code of Honor: Embracing Ethics in Cybersecurity" by Ed Skoudis is a book that explores the ethical challenges faced by cybersecurity professionals in today's digital landscape. The book delves into the complex moral dilemmas that arise in the field of cybersecurity, offering guidance on how to navigate these issues while maintaining integrity. Th…

1
RCE from Iconv + PHP, Fuzzing a Codec, Fuzzing LLMs, Revisiting Recall - ASW #302 37:03

1h ago37:03

37:03

The many lessons to take away from a 24-year old flaw in glibc and the mastery in crafting an exploit in PHP, changing a fuzzer's configuration to find more flaws, fuzzing LLMs for prompt injection and jailbreaks, security hardening of baseband code, revisiting the threat models in Microsoft's Recall, and more! Show Notes: https://securityweekly.co…

1
Give CISOs a Seat at the Table as CISO Salaries Surge - BSW #367 25:33

20h ago25:33

25:33

In the leadership and communications segment, PwC Urges Boards to Give CISOs a Seat at the Table, CISO Salary Surge: Fewer Job Changes, Bigger Paychecks for Experienced Cybersecurity Leaders, Fostering a cybersecurity-first culture: Key leadership insights for building resilient businesses, and more! Show Notes: https://securityweekly.com/bsw-367…

1
The Future of Zed Attack Proxy - Simon Bennetts, Ori Bendet - ASW #302 1:12:35

12h ago1:12:35

1:12:35

Zed Attack Proxy has been a crucial web app testing tool for decades. It's also had a struggle throughout 2024 to obtain funding that would enable the tool to add more features while remaining true to its open source history. Simon Bennetts, founder of ZAP, and Ori Bendet from Checkmarx update us on that journey, share some exploration of LLM fuzzi…

1
AI, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet... - SWN #420 30:10

13h ago30:10

30:10

AI Fest, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-420

1
The Future of Zed Attack Proxy - Simon Bennetts, Ori Bendet - ASW #302 35:34

15h ago35:34

35:34

Zed Attack Proxy has been a crucial web app testing tool for decades. It's also had a struggle throughout 2024 to obtain funding that would enable the tool to add more features while remaining true to its open source history. Simon Bennetts, founder of ZAP, and Ori Bendet from Checkmarx update us on that journey, share some exploration of LLM fuzzi…

1
The Saga Continues - PSW #846 1:20:12

2d ago1:20:12

1:20:12

Get ready for a wild ride in this week's podcast episode, where we dive into the latest security shenanigans! Default Credentials Gone Wild: We’ll kick things off with a look at how default credential scanners are like that friend who shows up to the party but never brings snacks. They're everywhere, but good luck finding one that actually works! C…

1
AI, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet... - SWN #420 30:10

1d ago30:10

30:10

AI Fest, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-420

1
Run Your Security Program Like an Election Campaign - Kush Sharma - BSW #367 39:48

19h ago39:48

39:48

Does the CISO need to act like a politician? Negotiating budgets, communicating risks, and selling your strategy across the organization does sound a little like a politician. And if that's the case, are you hiring the right campaign staff? Kush Sharma, former CISO for CPR, City of Toronto, and Saputo, joins Business Security Weekly to discuss why …

1
Run Your Security Program Like an Election Campaign - Kush Sharma - BSW #367 1:05:11

17h ago1:05:11

1:05:11

Does the CISO need to act like a politician? Negotiating budgets, communicating risks, and selling your strategy across the organization does sound a little like a politician. And if that's the case, are you hiring the right campaign staff? Kush Sharma, former CISO for CPR, City of Toronto, and Saputo, joins Business Security Weekly to discuss why …

1
Secure the Browser & Vulnerability and Exposure Management - Brian Contos, Neko Papez - ESW #378 31:04

4d ago31:04

31:04

The way we use browsers has changed, so has the way we need to secure them. Using a secure enterprise browser to execute content away from the endpoint, inside a secure cloud browser is a dramatically more effective and cost-effective approach to protect users and secure access. This segment is sponsored by Menlo Security. Visit https://securitywee…

1
Perfctl, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland... - SWN #419 32:36

5d ago32:36

32:36

Perfctl, Warm Cookie, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-419

1
Perfctl, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland... - SWN #419 32:36

5d ago32:36

32:36

Perfctl, Warm Cookie, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-419

1
Nothing Is Safe - PSW #845 2:05:10

5d ago2:05:10

2:05:10

Automated tank gauges are leaking more than just fuel, while CUPS is serving up a steaming hot brew of vulnerabilities. Meanwhile, Supermicro's BMC firmware is giving away root access like it's going out of style. If you thought your Kia was safe, think again - all it takes is a license plate and 30 seconds to turn your car into a hacker's joyride.…

1
Cybersecurity Career Paths: from touring musician to purple teaming at Meta - Jayson Grace - ESW #378 35:32

5d ago35:32

35:32

Our latest in a series of interviews discussing cybersecurity career paths, today we talk to Jayson Grace his path into cybersecurity and his experience building red teams at national labs and purple teams at Meta. We also talk about his community impact, giving talks and building open source tools. Jayson just left Meta for an AI safety startup na…

1
Cybersecurity best practices are the worst, AI indegestion, real time doxxing - ESW #378 1:07:52

6d ago1:07:52

1:07:52

This week in the enterprise security news, we've got: Torq, Tamnoon, and Defect Dojo raise funding Checkmarx acquires ZAP Commvault acquires Clumio Would you believe San Francisco is NOT the most funded metro area for cybersecurity? Auto-doxxing Smart glasses are now possible Meta gets fined $100M for storing plaintext passwords AI coding assistant…

1
Cybersecurity Career Paths: from touring musician to purple teaming at Meta - Neko Papez, Brian Contos, Jayson Grace - ESW #378 2:14:25

6d ago2:14:25

2:14:25

Our latest in a series of interviews discussing cybersecurity career paths, today we talk to Jayson Grace his path into cybersecurity and his experience building red teams at national labs and purple teams at Meta. We also talk about his community impact, giving talks and building open source tools. Jayson just left Meta for an AI safety startup na…

1
Analyzing Malware at Scale - John Hammond - PSW #845 3:07:23

8d ago3:07:23

3:07:23

This episode of Paul Security Weekly features John Hammond, a senior security researcher from Huntress, discussing malware analysis. Hammond dives into the analysis of Ocean Lotus attacks, highlighting the use of stealthy techniques like alternate data streams and DLL side-loading. The conversation also touches on the challenges of combating attack…

1
More Car Hacks, CUPS Vulns, Microsoft's SFI, Memory Safety, Password Complexity - Farshad Abasi - ASW #301 45:57

7d ago45:57

45:57

More remote car control via web interfaces, an RCE in CUPS, Microsoft reduces attack surface, migrating to memory safety, dealing with dependency confusion, getting rid of password strength calculators, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-301…

1
Analyzing Malware at Scale - John Hammond - PSW #845 1:03:12

9d ago1:03:12

1:03:12

This episode of Paul Security Weekly features John Hammond, a senior security researcher from Huntress, discussing malware analysis. Hammond dives into the analysis of Ocean Lotus attacks, highlighting the use of stealthy techniques like alternate data streams and DLL side-loading. The conversation also touches on the challenges of combating attack…

1
Death Stars, Recall, Microsoft, Brocade, AI, Josh Marpet, and more... - SWN #418 29:24

8d ago29:24

29:24

Death Stars are not real or are they?, Recall, Microsoft, Brocade, AI and More and More AI, Josh Marpet, and more on the Cyber Security News. Show Notes: https://securityweekly.com/swn-418

1
Death Stars, Recall, Microsoft, Brocade, AI, Josh Marpet, and more... - SWN #418 29:19

8d ago29:19

29:19

Death Stars are not real or are they?, Recall, Microsoft, Brocade, AI and More and More AI, Josh Marpet, and more on the Cyber Security News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-418

1
How to Attain Zero Trust - Rob Allen - BSW #366 57:58

8d ago57:58

57:58

The zero-trust security model has been billed as an ultra-safe defense against emerging, unrecognized and well-known threats. Unlike perimeter security, it doesn't assume people inside an organization are automatically safe. Instead, it requires every user and device -- inside and out -- to be authorized before any access is granted. Sounds enticin…

1
Underfunding and Leadership Gaps, as AI Replaces CEO and Senate Eyes Healthcare - BSW #366 26:02

8d ago26:02

26:02

In the leadership and communications segment, Underfunding And Leadership Gaps Weaken Cybersecurity Defenses, A Self-Care Checklist for Leaders, Senate bill eyes minimum cybersecurity standards for health care industry, and more! Show Notes: https://securityweekly.com/bsw-366

1
How to Attain Zero Trust - Rob Allen - BSW #366 32:06

9d ago32:06

32:06

The zero-trust security model has been billed as an ultra-safe defense against emerging, unrecognized and well-known threats. Unlike perimeter security, it doesn't assume people inside an organization are automatically safe. Instead, it requires every user and device -- inside and out -- to be authorized before any access is granted. Sounds enticin…

1
Quantum threats, SOC automation, funding trends - ESW #377 44:10

11d ago44:10

44:10

In the Enterprise News, the hosts discuss various trends and challenges in the cybersecurity landscape, including the evolution of terminology, funding trends, the emergence of new startups, and the impact of AI on security practices. They also explore the challenges faced by CISOs, the importance of humor in the industry, and the future of quantum…

1
Oh the Places You'll Go (in Cybersecurity) - Jason Shockey - ESW #377 33:20

12d ago33:20

33:20

We've been hearing a lot lately about how the talent gap in cybersecurity is much more complex than some folks have been making it out to be. While making six figures after going through a six week boot camp might be overselling the cybersecurity job market a bit, it is definitely a complex space with lots of opportunities. Fortunately, we have fol…

Podcasts Worth a Listen

Harish Sharma Podcasts

Podcasts Worth a Listen

Quick Reference Guide