A free podcast about cybersecurity, vulnerability management, and the CVE Program.
…
continue reading
The Commission on Rehabilitation Counselor Certification presents "Inside Rehabilitation Counseling," a series of conversations with the professionals, educators, and thought-leaders working in the specialized field of rehabilitation counseling.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
The hosts discuss hacker gadgets! We'll cover what we've been hacking on lately and discuss gadgets we want to work on in the future and other gadgets we want to get our hands on. Paul has been working with some M5Stack devices, a guide can be found here: https://securitypodcaster.com/m5stack-hacking-guide/ We will cover the Clockwork PI "uConsole"…
…
continue reading
1
Security Money: Of Course Okta Should Be In The Index - BSW #374
51:48
51:48
Play later
Play later
Lists
Like
Liked
51:48
This week, it's time for Security Money. Of course Okta should be in the Security Weekly 25 Index, Duh! Here are all the companies that now comprise the index: SCWX Secureworks Corp PANW Palo Alto Networks Inc CHKP Check Point Software Technologies Ltd. RBRK Rubrik Inc GEN Gen Digital Inc FTNT Fortinet Inc AKAM Akamai Technologies, Inc. FFIV F5 Inc…
…
continue reading
1
ISIS, Enron, Tor, Scams, Wintermute, Zabbix, Josh Marpet and more... - SWN #434
35:29
35:29
Play later
Play later
Lists
Like
Liked
35:29
ISIS, Enron, Tor, Scams, Wintermute, Zabbix, Josh Marpet and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-434
…
continue reading
1
Adding Observability with OpenTelemetry - Adriana Villela - ASW #309
1:10:55
1:10:55
Play later
Play later
Lists
Like
Liked
1:10:55
Observability is a lot more than just sprinkling printf statements throughout a code base. Adriana Villela explains principles behind logging, traceability, and metrics and how the OpenTelemetry project helps developers gather this useful information. She also provides suggestions on starting logging from scratch, how to avoid information overload,…
…
continue reading
1
2023 Funding and Acquisition Summary with Return on Security - Mike Privette - ESW Vault
43:56
43:56
Play later
Play later
Lists
Like
Liked
43:56
Check out this episode from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on December 22, 2023. We're excited to give an end-of-year readout on the performance of the cybersecurity industry with Mike Privette, founder of Return on Security and author of the weekly Security, Funded newsletter. This ye…
…
continue reading
Check out this episode from the SWN Vault, originally published on February 13, 2019! This Secure Digital Life episode was hand-picked by main host Doug White. Well, there are a lot of terms that are around in Cyber these days. I think we could do shows every week for a while and never get through them all. From AI to Zero Day Exploits, there are a…
…
continue reading
1
2nd Edition: How to Measure Anything in Cybersecurity Risk - Doug Hubbard - BSW Vault
37:40
37:40
Play later
Play later
Lists
Like
Liked
37:40
Check out this episode from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on Jan 24, 2023. Richard Seiersen and our guest, Doug Hubbard, are finishing the second edition of How to Measure Anything in Cybersecurity Risk. Doug is here to share the success of the first edition and preview the second editi…
…
continue reading
1
Fixing how cybersecurity products are bought and sold - Mariana Padilla - ESW #385
1:52:17
1:52:17
Play later
Play later
Lists
Like
Liked
1:52:17
This is a topic our hosts are very passionate about, and we're excited to discuss with Mariana Padilla, co-founder and CEO of Hackerverse. She wants to change how cybersecurity sales works, with a focus on making the process more transparent and ideally demonstrating a product's efficacy before buyers even need to talk to a sales team. We'll discus…
…
continue reading
1
Tesla, Druids, Salt Typhoon, North Korea, Amazon, Microsoft, Google, Joshua Marpet... - SWN #433
33:15
33:15
Play later
Play later
Lists
Like
Liked
33:15
Tesla, Druids, Salt Typhoon, North Korea, Amazon, Microsoft, Google, Joshua Marpet, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-433
…
continue reading
1
Confessions of a Cyber Criminal Stalker - Ken Westin - PSW #852
2:56:26
2:56:26
Play later
Play later
Lists
Like
Liked
2:56:26
Black Hats & White Collars: We know criminal hacking is big business because we've spied on them! Ken comes on the show to talk about chasing and stalking criminals, even if it means sacrificing some of your own personal safety. Fast cars kill people, Apple 0-Days, memory safety, poisoning the well, babble babble and malware that tries really hard …
…
continue reading
1
Biometric Frontiers: Unlocking The Future Of Engagement - Andras Cser, Enza Iannopollo - ASW #308
1:10:32
1:10:32
Play later
Play later
Lists
Like
Liked
1:10:32
This week's interview dives deep into the state of biometrics with two Forrester Research analysts! This discussion compares and contrasts regional approaches to biometrics; examine the security challenges and benefits of their implementation; and reveal how biometrics holds the keys to a range of engagement models of the future. Andras Cser dives …
…
continue reading
1
Google DeGoogled, Hammerbarn, Blofeld, VMWare, DeepData, SafePay, Josh Marpet and... - SWN #432
32:11
32:11
Play later
Play later
Lists
Like
Liked
32:11
Google DeGoogled, Hammerbarn, Blofeld, VMWare, DeepData, SafePay, Josh Marpet and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-432
…
continue reading
1
Similarities Between SOX And SEC's Cyber Rule - Padraic O'Reilly - BSW #373
47:25
47:25
Play later
Play later
Lists
Like
Liked
47:25
The Sarbanes-Oxley (SOX) Act was a watershed moment in corporate governance, fundamentally altering how companies approached financial reporting and internal operational controls. By holding executives personally accountable for the accuracy of financial reports, SOX restored investor confidence in the wake of corporate malfeasance. The SEC's new c…
…
continue reading
1
Granny Bots, Microsoft, Shrinklocker, SlugResin, BlueSky, Aaran Leyland, and More... - SWN #431
32:12
32:12
Play later
Play later
Lists
Like
Liked
32:12
Granny Bots, Microsoft, Shrinklocker, SlugResin, BlueSky, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-431
…
continue reading
1
AI and the Autonomous SOC - Separating Hype from Reality - Justin Beals, Itai Tevet - ESW #384
1:56:05
1:56:05
Play later
Play later
Lists
Like
Liked
1:56:05
There have been a lot of bold claims about how generative AI and machine learning will transform the SOC. Ironically, the SOC was (arguably) invented only because security products failed to make good on bold claims. The cybersecurity market is full of products that exist only to solve the problems created by other security products (Security Analy…
…
continue reading
1
No CVE and No Accountability - Ed Skoudis - PSW #851
2:43:50
2:43:50
Play later
Play later
Lists
Like
Liked
2:43:50
Alright, so we dove deep into some pretty wild stuff this week. We started off talking about zip files inside zip files. This is a variation of old-school zip file tricks, and the latest method described here is still causing headaches for antivirus software. Then we geeked out about infrared signals and the Flipper Zero, which brought back memorie…
…
continue reading
1
Modernizing AppSec - Melinda Marks - ASW #307
1:09:29
1:09:29
Play later
Play later
Lists
Like
Liked
1:09:29
In this week's interview, Melinda Marks' joins us to discuss her latest research. Her recent report Modernizing Application Security to Scale for Cloud-Native Development delves into many aspects and trends affecting AppSec as it matures, particularly in cloud-first organizations. We also discuss the fuzzy line between "cloud-native" AppSec and eve…
…
continue reading
1
Struwwelpeter, Krampus, Flutter, Apple, DLink, C++, Josh Marpet and more... - SWN #430
33:19
33:19
Play later
Play later
Lists
Like
Liked
33:19
Struwwelpeter, Krampus, Flutter, Apple, DLink, C++, Josh Marpet and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-430
…
continue reading
1
How to Combat the CISO Mental Health Crisis - Ram Movva - BSW #372
58:23
58:23
Play later
Play later
Lists
Like
Liked
58:23
Stress in cybersecurity is an industrywide problem. The CISO role is one of the most stressful in any organization. And the stress levels are at an all time high, leading to a mental health crisis. How should CISOs cope with this stress and improve their mental health? Ram Movva, CEO & Founder at Securin, joins Business Security Weekly to discuss t…
…
continue reading
1
Robo-Turing, BlueNoroff, Palo Alto, German Law, Fabric, Cisco, Bans, Aaran Leyland... - SWN #429
32:39
32:39
Play later
Play later
Lists
Like
Liked
32:39
Robo-Turing, BlueNoroff, Palo Alto, German Law, Fabric, Cisco, Banning Things, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-429
…
continue reading
1
Cybersecurity Budgets: the Journey from Reactive to Proactive - Todd Thiemann, Theresa Lanowitz - ESW #383
2:01:03
2:01:03
Play later
Play later
Lists
Like
Liked
2:01:03
CISOs struggle more with reactive budgets than CIOs or CTOs. It's not that part of the CISO's budget shouldn't be reactive, it's certainly necessary to an extent. The problem is when proactive measures suffer as a result. In this interview, we'll discuss some of the causes behind this and some strategies for breaking out of this loop. This segment …
…
continue reading
1
Cybersecurity For Schools - Kayne McGladrey - PSW #850
2:47:43
2:47:43
Play later
Play later
Lists
Like
Liked
2:47:43
We chatted with Kayne about education systems security, funding for cyber tools and services, and what the future of education might look like to fill more cyber roles. In the news: Pacific Rim, Linux on Windows for attackers, one of the worst cases of a former employee's retaliation, Zery-Day FOMO, we predicted that, hacking for fun, working hard …
…
continue reading
1
Tariffs, Pygmy Goat, Schneider, SQLite, Deepfakes, Military AI, Josh Marpet... - SWN #428
32:53
32:53
Play later
Play later
Lists
Like
Liked
32:53
Tariffs, Pygmy Goat, Schneider, SQLite and Dixie Flatline, Deepfakes, Military AI, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-428
…
continue reading
1
Bug bounties, vulnerability disclosure, PTaaS, fractional pentesting - Grant McCracken - ASW #306
1:05:35
1:05:35
Play later
Play later
Lists
Like
Liked
1:05:35
After spending a decade working for appsec vendors, Grant McKracken wanted to give something back. He saw a gap in the market for free or low-cost services for smaller organizations that have real appsec needs, but not a lot of means to pay for it. He founded DarkHorse, who offers VDPs and bug bounties to organizations of all sizes for free, or for…
…
continue reading
1
Planning A Merger Or Acquisition? Ask These Five Cyber Questions First - Craig Davies - BSW #371
1:05:15
1:05:15
Play later
Play later
Lists
Like
Liked
1:05:15
Merger and acquisition (M&A) activity in finally starting to pick up. Although the allure of financial gains and market expansion drives these deals, the digital age demands a rigorous assessment of cybersecurity risks accompanying such mergers. Unanticipated cyber issues, like dormant malware or inconsistent access controls, can transform an ideal…
…
continue reading
1
Recall, Russia, Win 10, Phish n Ships, Midnight Blizzard, Rob Allen, and More... - Rob Allen - SWN #427
36:50
36:50
Play later
Play later
Lists
Like
Liked
36:50
Recall III: the Re-Re-Recalling, Russia, Win 10, Phish n Ships, Midnight Blizzard, Emerald Whale, Rob Allen, and More, on this edition of the Security Weekly News. Segment Resources: https://www.bleepingcomputer.com/news/security/unitedhealth-says-data-of-100-million-stolen-in-change-healthcare-breach/ This segment is sponsored by ThreatLocker. Vis…
…
continue reading
1
What if securing buildings was as easy as your smartphone? - Damon McDougald, Blaine Frederick, Punit Minocha - ESW #382
2:06:19
2:06:19
Play later
Play later
Lists
Like
Liked
2:06:19
The future is here! Imagine if you could get into the office, a datacenter, or even an apartment building as easily as you unlock your smartphone. Alcatraz AI is doing exactly that with technology that works similarly to how smartphones unlock using your face. It works in the dark, if you shave off your beard, and so quickly you don't even need to …
…
continue reading
1
Shadow IT and Security Debt - Dave Lewis - PSW #849
2:50:27
2:50:27
Play later
Play later
Lists
Like
Liked
2:50:27
We had the pleasure of finally having Dave Lewis on the show to discuss shadow IT and security debt. Dave shared some fascinating insights from his long career in cybersecurity, emphasizing the importance of addressing fundamental security issues and the human aspect of security. We delved into the challenges of managing shadow IT, the complexities…
…
continue reading
1
Halloween, TikTok, Telcos, Win 11, Five Eyes, AWS, France, ChatGPT, and more... - SWN #426
36:50
36:50
Play later
Play later
Lists
Like
Liked
36:50
Halloween, TikTok Rip Off, Telcos, Win 11, Five Eyes, AWS, France, ChatGPT, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-426
…
continue reading
1
The CISO Mindset, Top Strategies, and Mandating Office Presence Without Purpose - David Bradbury, Erin Baudo Felter - BSW #370
1:03:37
1:03:37
Play later
Play later
Lists
Like
Liked
1:03:37
In the leadership and communications segment, The CISO Mindset: A Strategic Guide for Aspiring CEOs and The Board Members, The Top Strategy to Earn More Respect at Work: A Leadership Expert’s Proven Method, The Problem with Mandating Office Presence Without Purpose, and more! Identity continues to be one of the most used attack vectors by cybercrim…
…
continue reading
1
Making TLS More Secure, Lessons from IPv6, LLMs Finding Vulns - Arnab Bose, Shiven Ramji - ASW #305
1:22:48
1:22:48
Play later
Play later
Lists
Like
Liked
1:22:48
Better TLS implementations with Rust, fuzzing, and managing certs, appsec lessons from the everlasting transition to IPv6, LLMs for finding vulns (and whether fuzzing is better), and more! Also check out this presentation from BSides Knoxville that we talked about briefly, https://youtu.be/DLn7Noex_fc?feature=shared Generative AI has been the talk …
…
continue reading
1
Tourists, Fortis, apps, TLP, AWS, Google, Chatbots, Aaran Leyland, and More... - SWN #425
35:07
35:07
Play later
Play later
Lists
Like
Liked
35:07
Tourist Abuse, Fortis, apps, TLP, AWS, Google, Chatbots, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-425
…
continue reading
1
Transforming the Defender's Dilemma into the Defender's Advantage - Charlotte Wylie, Bhawna Singh, Lenny Zeltser - ESW #381
1:50:15
1:50:15
Play later
Play later
Lists
Like
Liked
1:50:15
Ever heard someone say, "the attacker only has to be right once, but the defender has to get it right every time"? On this episode, we'll dispel that myth. There is some truth to the saying, but only with regards to initial access to the target's environment. Once on the inside, the attacker's advantage flips to the defender. Call it the 'Home Alon…
…
continue reading
1
Secure By Default - How do we get there? - Andy Syrewicze - PSW #848
3:06:32
3:06:32
Play later
Play later
Lists
Like
Liked
3:06:32
Andy drops some Microsoft Windows and 365 knowledge as we discuss the details on how we get to secure by default in our Windows and cloud environments. This week: The USB Army Knife that won't break the budget, I don't want to say EDR is useless (but there I said it), Paul's list of excellent hacking tips, FortiJump - an RCE that took a while to be…
…
continue reading
1
Doom Brain, E2EE, OT, Adload, Cisco, VMware, internet archive, Josh Marpet ... - SWN #424
29:57
29:57
Play later
Play later
Lists
Like
Liked
29:57
Doom on a Human Brain, E2EE, OT, Adload, Cisco, VMware, Internet Archive, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-424
…
continue reading
1
Aligning Tech Execs on Cyber Resilience - Theresa Lanowitz - BSW #369
1:01:21
1:01:21
Play later
Play later
Lists
Like
Liked
1:01:21
Getting C-Suite execs aligned on cyber resilience and cybersecurity can be a challenge. LevelBlue's recent Futures™️ report sought to uncover the barriers that prevent companies from achieving cyber resilience in the enterprise today. The report not only surveyed C-Suite execs (CIOs, CTOs, and CISOs), but non-C-Suite leaders from engineering and ar…
…
continue reading
1
The Complexities, Configurations, and Challenges in Cloud Security - Scott Piper - ASW #304
1:17:25
1:17:25
Play later
Play later
Lists
Like
Liked
1:17:25
Building cloud native apps doesn't mean you're immune to dealing with legacy systems. Cloud services have changed significantly over the last decade, both in the security controls available to them and the sheer volume of services that CSPs provide. Scott Piper shares some history of cloud security, the benefits of account separation, and how ratch…
…
continue reading
1
Stealing, Kubernetes, Passkeys, SolarWinds, Intel, Sextortion, and... - SWN #423
33:22
33:22
Play later
Play later
Lists
Like
Liked
33:22
Stealing Pencils, Kubernetes, Passkeys, SolarWinds, Intel, North Koreans, Sextortion, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-423
…
continue reading
1
Cybersecurity Success is Business Success - Renuka Nadkarni, Theresa Lanowitz - ESW #380
1:46:37
1:46:37
Play later
Play later
Lists
Like
Liked
1:46:37
Secure by design is more than just AppSec - it addresses how the whole business designs systems and processes to be effective and resilient. The latest report from LevelBlue on Cyber Resilience reveals security programs that are reactive, ill-equipped, and disconnected from IT and business leaders. Most security problems are out of security teams' …
…
continue reading
1
Effective Operational Outcomes - Ken Dunham - PSW #847
2:58:09
2:58:09
Play later
Play later
Lists
Like
Liked
2:58:09
New security and vulnerability research is published every day. How can security teams get ahead of the curve and build architecture to combat modern threats and threat actors? Tune-in to a lively discussion about the threat landscape and tips on how to stay ahead of the curve. Segment Resources: https://blog.qualys.com/vulnerabilities-threat-resea…
…
continue reading
1
Perl & PHP Vulns, Fuzzing & Parsers, Protecting Multi-Hosted Tenants, Secure Design - ASW #303
41:59
41:59
Play later
Play later
Lists
Like
Liked
41:59
Looking at vulnerable code in Ivanti (Perl) and Magento (PHP), fuzzing is perfect for parsers, handling tenant isolation when training LLMs, Microsoft's small steps towards secure design, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-303…
…
continue reading
1
Stego, uBlock, PPTP, Log4J, Command Jacking, Windows 10, Feet, Josh Marpet, and More. - SWN #422
30:23
30:23
Play later
Play later
Lists
Like
Liked
30:23
AI Stego, uBlock, PPTP, Log4J rises again, Command Jacking, Windows 10, Principal Skinner's Feet, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-422
…
continue reading
1
Budget Planning Guide 2025: Security And Risk - Jeff Pollard - BSW #368
59:35
59:35
Play later
Play later
Lists
Like
Liked
59:35
In today’s uncertain macroeconomic environment, security and risk leaders need practical guidance on managing existing spending and new budgetary requests. Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team at Forrester Research, joins Business Security Weekly to review Forrester's Budget Planning Guide 2025: Security And…
…
continue reading
1
Cybercab, Golden Jackal, Mamba 2FA, Microsoft, iPhone thieves, esims, Aaran Leyland.. - SWN #421
30:25
30:25
Play later
Play later
Lists
Like
Liked
30:25
Cybercab, Golden Jackal, Mamba 2FA, Multi Microsoft, iPhone thieves, esims, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-421
…
continue reading
1
Community Knowledge Sharing with CyberNest - Ben Siegel, Aaron Costello - ESW #379
1:53:03
1:53:03
Play later
Play later
Lists
Like
Liked
1:53:03
For this interview, Ben from CyberNest joins us to talk about one of my favorite subjects: information sharing in infosec. There are so many amazing skills, tips, techniques, and intel that security professionals have to share. Sadly, a natural corporate reluctance to share information viewed as privileged and private has historically had a chillin…
…
continue reading
1
The Code of Honor: Embracing Ethics in Cybersecurity - Ed Skoudis - PSW #846
2:14:57
2:14:57
Play later
Play later
Lists
Like
Liked
2:14:57
"Code of Honor: Embracing Ethics in Cybersecurity" by Ed Skoudis is a book that explores the ethical challenges faced by cybersecurity professionals in today's digital landscape. The book delves into the complex moral dilemmas that arise in the field of cybersecurity, offering guidance on how to navigate these issues while maintaining integrity. Th…
…
continue reading
1
The Future of Zed Attack Proxy - Simon Bennetts, Ori Bendet - ASW #302
1:12:35
1:12:35
Play later
Play later
Lists
Like
Liked
1:12:35
Zed Attack Proxy has been a crucial web app testing tool for decades. It's also had a struggle throughout 2024 to obtain funding that would enable the tool to add more features while remaining true to its open source history. Simon Bennetts, founder of ZAP, and Ori Bendet from Checkmarx update us on that journey, share some exploration of LLM fuzzi…
…
continue reading
1
AI, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet... - SWN #420
30:10
30:10
Play later
Play later
Lists
Like
Liked
30:10
AI Fest, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-420
…
continue reading
1
Run Your Security Program Like an Election Campaign - Kush Sharma - BSW #367
1:05:11
1:05:11
Play later
Play later
Lists
Like
Liked
1:05:11
Does the CISO need to act like a politician? Negotiating budgets, communicating risks, and selling your strategy across the organization does sound a little like a politician. And if that's the case, are you hiring the right campaign staff? Kush Sharma, former CISO for CPR, City of Toronto, and Saputo, joins Business Security Weekly to discuss why …
…
continue reading
1
Perfctl, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland... - SWN #419
32:36
32:36
Play later
Play later
Lists
Like
Liked
32:36
Perfctl, Warm Cookie, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-419
…
continue reading