Best Qnap Podcasts (2024)

1
Advising The President On Cyber-Physical Resilience - Philip Venables - PSW #826 2:50:30

22m ago2:50:30

2:50:30

On February 27, 2024, PCAST (President’s Council of Advisors on Science and Technology) sent a report to the President with recommendations to bolster the resilience and adaptability of the nation’s cyber-physical infrastructure resources. Phil was part of the team that worked on the report and comes on the show to talk about what was recommended a…

1
Autonomous - I don't think that word means what you think it means - Adam Shostack, Ely Kahn - ESW #359 1:57:31

3h ago1:57:31

1:57:31

A clear pattern with startups getting funding this week are "autonomous" products and features. Automated detection engineering Autonomously map and predict malicious infrastructure ..."helps your workforce resolve their own security issues autonomously" automated remediation automated compliance management & reporting I'll believe it when I see it…

1
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland... - SWN #380 37:02

16m ago37:02

37:02

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-380

1
Sustainable Funding of Open Source Tools - Mark Curphey, Simon Bennetts - ASW #282 1:17:57

9m ago1:17:57

1:17:57

How can open source projects find a funding model that works for them? What are the implications with different sources of funding? Simon Bennetts talks about his stewardship of Zed Attack Proxy and its journey from OWASP to OpenSSF to an Open Source Fellowship with Crash Override. Mark Curphy adds how his experience with OWASP and the appsec commu…

1
What does DoD’s CMMC Requirement Mean for American Businesses - Edward Tuorinsky, Mike Lyborg - BSW #347 1:04:41

18m ago1:04:41

1:04:41

Since 2016, we been hearing about the impending impact of CMMC. But so far, it's only been words. That looks to be changing. Edward Tourinsky, Founder & Managing Principal at DTS, joins Business Security Weekly to discuss the coming impact of CMMC v3. Edward will cover: The background of CMMC Standardization of CMMC CMMC v3 changes and implementati…

1
Win 95, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland... - SWN #379 34:41

1h ago34:41

34:41

Win 95, Cheat Lab, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-379

1
From Hackers to Streakers - How Counterintelligence Teams are Protecting the NFL - Joe McMann - ESW #358 1:47:19

15m ago1:47:19

1:47:19

Protecting a normal enterprise environment is already difficult. What must it be like protecting a sports team? From the stadium to merch sales to protecting team strategies and even the players - securing an professional sports team and its brand is a cybersecurity challenge on a whole different level. In this interview, we'll talk to Joe McMann a…

1
PCI 4.0 - Winn Schwartau - PSW #825 2:07:44

24h ago2:07:44

2:07:44

Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) puts greater emphasis on application security than did previous versions of the standard. It also adds a new “customized approach” option that allows merchants and other entities to come up with their own ways to comply with requirements, and which also has implications for a…

1
Duo, Steganography, Roku, Palo Alto, Putty, Cerebral, IPOs, SanDisk, & Josh Marpet - SWN #378 33:35

2d ago33:35

33:35

Duo, Steganography, Roku, Palo Alto, Putty, Cerebral, IPOs, SanDisk, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-378

1
Demystifying Security Engineering Career Tracks - Karan Dwivedi - ASW #281 1:03:23

2d ago1:03:23

1:03:23

There are as many paths into infosec as there are disciplines within infosec to specialize in. Karan Dwivedi talks about the recent book he and co-author Raaghav Srinivasan wrote about security engineering. There's an appealing future to security taking on engineering roles and creating solutions to problems that orgs face. We talk about the breadt…

1
From Idea to Success: How to Operationalize a Startup from Zero to Exit - Seth Spergel - BSW #346 55:40

3d ago55:40

55:40

Startup founders dream of success, but it's much harder than it looks. As a former founder, I know the challenges of cultivating an idea, establishing product market fit, growing revenue, and finding the right exit. Trust me, it doesn't always end well. In this interview, we welcome Seth Spergel, Managing Partner at Merlin Ventures, to discuss how …

1
Combadges, SISENSE, Microsoft, CISA, Lastpass, Palo Alto, Broadband, Aaran and More - SWN #377 30:44

6d ago30:44

30:44

Combadges, SISENSE, Microsoft, Malware Next-Gen, Lastpass, Palo Alto, Broadband, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-377

1
Understanding KillNet and Recent Waves of DDoS Attacks - Michael Smith - ESW #357 1:42:25

7d ago1:42:25

1:42:25

In the days when Mirai emerged and took down DynDNS, along with what seemed like half the Internet, DDoS was as active a topic in the headlines as it was behind the scenes (check out Andy Greenberg's amazing story on Mirai on Wired). We don't hear about DDoS attacks as much anymore. What happened? Well, they didn't go away. DDoS attacks are a more …

1
Digging Into Supply Chain Security - James McMurry - PSW #824 3:00:28

7d ago3:00:28

3:00:28

Jim joins the Security Weekly crew to discuss all things supply chain! Given the recent events with XZ we still have many topics to explore, especially when it comes to practical advice surrounding supply chain threats. Ahoi new VM attacks ahead! HTTP/2 floods, USB Hid and run, forwarded email tricks, attackers be scanning, a bunch of nerds write s…

1
Dronepocalypse, Microsoft, DLINK, Home Depot, Phishing, NIST, VenomRat, Josh Marpet - SWN #376 35:45

9d ago35:45

35:45

Dronepocalypse, Privacy, Microsoft, DLINK, Home Depot, Phishing, NIST, VenomRat, Josh Marpet, and more, are on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-376

1
Lessons That The XZ Utils Backdoor Spells Out - Farshad Abasi - ASW #280 1:00:18

9d ago1:00:18

1:00:18

We look into the supply chain saga of the XZ Utils backdoor. It's a wild story of a carefully planned long con to add malicious code to a commonly used package that many SSH connections rely on. It hits themes from social engineering and abuse of trust to obscuring the changes and suppressing warnings. It also has a few lessons about software devel…

1
MacVoices #24099: MVL - The AT&T Hack; India Wants Apple To Unlock An iPhone 22:04

17d ago22:04

22:04

Another week, another hack. The MacVoices Live! panel of Chuck Joiner, Dave Ginsburg, Brian Flanigan-Arthurs, Marty Jencius, Eric Bolden, Jeff Gamet, and Guy Serle discuss AT&T’s loss of customer data that has a bit of history to it, as well as a request from India to unlock an iPhone of a political figure. (Spoiler: they said no.) [embed]http://tr…

1
MacVoices #24098: MVL - Agreeing To Disagree About App Store Fees 29:22

10d ago29:22

29:22

Chuck Joiner, David Ginsburg, Ben Roethig, Jim Rea, Marty Jencius, Brian Flanigan-Arthurs, Web Bixby, Mark Fuccio, and Jeff Gamet conclude a MacVoices Live! conversation about how Apple’s App Store fee critics are charging pretty much the same thing for similar services. That led to a debate over how free apps on the App Store fit into the equation…

1
MacVoices #24097: MVL - China's Chip Ban; Inflection Team Goes to Microsoft 12:17

10d ago12:17

12:17

The MacVoices Live! crew of Chuck Joiner, David Ginsburg, Ben Roethig, Jim Rea, Marty Jencius, Brian Flanigan-Arthurs, Web Bixby, Mark Fuccio, and Jeff Gamet have a few thoughts on China’s banning of Intel and AMD chips in government computers, and the way Microsoft “acquired” the Inflection team. A simple hiring, or a dodge around the regulators? …

1
Understanding the Cybersecurity Ecosystem - Ross Haleliuk - BSW #345 1:00:53

16d ago1:00:53

1:00:53

In this discussion, we focus on vendor/tool challenges in infosec, from a security leader's perspective. To quote our guest, Ross, "running a security program is often confused with shopping". You can't buy an effective security program any more than you can buy respect, or a black belt in kung fu (there might be holes in these examples, but you ho…

1
SEXi, Powerhost, Acuity, Layerslider, JSOutProx, Byakugan, Josh Marpet, and More - SWN #375 33:04

13d ago33:04

33:04

SEXi, AI Dreams, Powerhost, Acuity, Layerslider, JSOutProx, Byakugan, Josh Marpet, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-375

1
XZ - Backdoors and The Fragile Supply Chain - PSW #823 2:52:20

14d ago2:52:20

2:52:20

As most of you have probably heard there was a scary supply chain attack against the open source compression software called "xz". The security weekly hosts will break down all the details and provide valuable insights. https://blog.qualys.com/vulnerabilities-threat-research/2024/03/29/xz-utils-sshd-backdoor https://gynvael.coldwind.pl/?id=782 http…

1
Getting Vulnerability Management Back on the Rails - Patrick Garrity - ESW #356 1:57:23

14d ago1:57:23

1:57:23

NVD checked out, then they came back? Maybe? Should the xz backdoor be treated as a vulnerability? Is scan-driven vulnerability management obsolete when it comes to alerting on emerging threats? What were some of the takeaways from the first-ever VulnCon? EPSS is featured in over 100 security products, but is it properly supported by those that ben…

1
MacVoices #24096: MVL - The DOJ Legal Action Against Apple (2) 33:10

15d ago33:10

33:10

The MacVoices Live! discussion of the DOJ’s action against Apple continues as Chuck Joiner, David Ginsburg, Ben Roethig, Jim Rea, Marty Jencius, Brian Flanigan-Arthurs, Web Bixby, Mark Fuccio, and Jeff Gamet examine some of the more unusual aspects of the pleadings, what Apple’s response will be, and how the media is addressing the developments. (P…

1
MacVoices #24095: MVL - The DOJ Legal Action Against Apple (1) 31:35

21d ago31:35

31:35

MacVoices Live! digs into the DOJ action against Apple to try to understand what is behind it. Chuck Joiner, David Ginsburg, Ben Roethig, Jim Rea, Marty Jencius, Brian Flanigan-Arthurs, Web Bixby, Mark Fuccio, and Jeff Gamet consider the made-up categories of the iPhone market, the questionable quality of the complaint as a competent legal document…

1
Lena, XZ, WallEscape, AT&T, OWASP, Google, Microsoft, AI, Josh Marpet, and More - SWN #374 32:57

16d ago32:57

32:57

Lena, XZ, WallEscape, AT&T, OWASP, Google, Microsoft, AI, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-374

1
Infosec Myths, Mistakes, and Misconceptions - Adrian Sanabria - ASW #279 1:00:57

17d ago1:00:57

1:00:57

Sometimes infosec problems can be summarized succinctly, like "patching is hard". Sometimes a succinct summary sounds convincing, but is based on old data, irrelevant data, or made up data. Adrian Sanabria walks through some of the archeological work he's done to dig up the source of some myths. We talk about some of our favorite (as in most dislik…

1
CISO Soul Searching: Navigating the Evolving Role of the CISO - Harold Rivas - BSW #344 56:52

16d ago56:52

56:52

Harold Rivas has held multiple CISO roles. In his current CISO role, he's championing Trellix's overall mission to address the issues CISOs face every day, encouraging information sharing and collaborative discussions among the CISO community to help address challenges and solve real problems together - part of this is through Trellix's Mind of the…

1
MacVoices #24094: MVL - More Switcher Evidence; LinkedIn's Gaming Motivations 22:18

17d ago22:18

22:18

Chuck Joiner, Brian Flanigan-Arthurs, Eric Bolden, Marty Jencius, Jim Rea, Jeff Gamet, and David Ginsburg wrap up a MacVoices Live! discussion by talking about the latest report on switching to the Mac, as well as what might be behind LinkedIn’s announcement that they are adding gaming to their platform. This edition of MacVoices is supported by Ma…

1
Why cyber hygiene requires curious talent - Clea Ostendorf - ESW #355 1:45:43

20d ago1:45:43

1:45:43

Many years ago, I fielded a survey focused on the culture of cybersecurity. One of the questions asked what initially drew folks to cybersecurity as a career. The most common response was a deep sense of curiosity. Throughout my career, I noticed another major factor in folks that brought a lot of value to security teams: diversity. Diversity of pe…

1
Electric Sheep, Exchange, Darcula, NuGet, Rockwell, FTX, Aaran Leyland, and More - SWN #373 37:13

20d ago37:13

37:13

AI Dreams of Electric Sheep, Exchange, Darcula, NuGet, Rockwell, FTX, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-373

1
MacVoices #24093: A Year of TV+ Talk 28:08

23d ago28:08

28:08

Charlotte Henry and Chuck Joiner celebrate a year of the TV+ Talk collaboration by looking at how Apple TV+ has evolved since its beginnings, their original content moving to other services, a recent article citing the quality of the service, and more. Show Notes: Chapters: 00:00 TV Plus Talk Anniversary Reflections 01:46 Apple TV+ Quality Recognit…

1
MacVoices #24092: MacVoices Update - 2024-03 10:38

22d ago10:38

10:38

The 2024-03 MacVoices Update includes an explanation of why there are monthly updates, an evolution of MacVoices Live! for our non-live listeners and viewers, why MacVoices Magazine is picking up steam again, and the monthly Support Report. Show Notes: Support: Become a MacVoices Patron on Patreon http://patreon.com/macvoices Enjoy this episode? Ma…

1
Are we winning? - Jason Healey - PSW #822 3:00:55

21d ago3:00:55

3:00:55

Jason Healey comes on the show to discuss new ideas on whether the new national cybersecurity strategy is working. Segment Resources: DEFRAG Hacker Film Festival short documentary (https://youtu.be/NYvHWcQsIRE) on hackers and their favorite films. For educational purposes only, as we don’t have the rights to the clips. YouTube link to Wargames even…

1
MacVoices #24091: MVL - Roku's Onerous Terms; Apple, Google, and AI; AirTags Under Fire…Again The privacy theme rolls on as Chuck Joiner, Brian Flanigan-Arthurs, Eric Bolden, Marty Jencius, Jim Rea, Jeff ... 27:17

22d ago27:17

27:17

The privacy theme rolls on as Chuck Joiner, Brian Flanigan-Arthurs, Eric Bolden, Marty Jencius, Jim Rea, Jeff Gamet, and David Ginsburg look at the almost unbelievable Terms of Service in the most recent Roku update and how it applies to which Roku device/channel/app. Then, the MacVoices panel delivers some initial thoughts on what appears to be a …

1
MacVoices #24090: MVL - Would You Rent An Printer That HP Monitors? 36:16

29d ago36:16

36:16

Our privacy theme continues as the MacVoices Live! panel looks at HP’s new option to rent a printer. Is that a good idea given the seemingly onerous contract terms, let alone the possible privacy concerns over an always-connected-to-the-Internet printer? Chuck Joiner, Brian Flanigan-Arthurs, Eric Bolden, Marty Jencius, Jim Rea, Jeff Gamet, and Davi…

1
Patrick Stewart, Colorama, Strelastealer, CVSS scores, CHUDS, Josh Marpet, and more - SWN #372 30:05

23d ago30:05

30:05

Patrick Stewart, Colorama, Strelastealer, CVSS scores, CHUDS, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-372

1
Apps Gone Wild: Re-thinking App and Identity Security for SaaS - Guy Guzner - BSW #343 1:03:21

23d ago1:03:21

1:03:21

With hundreds or thousands of SaaS apps to secure with no traditional perimeter, Identity becomes the focal point for SaaS Security in the modern enterprise. Yet with Shadow IT, now recast as Business-Led IT, quickly becoming normal practice, it’s more complicated than trying to centralize all identities with an Identity Provider (IdP) for Single S…

1
MacVoices #24089: MVL - A Personal Hacking Story 19:10

29d ago19:10

19:10

Chuck Joiner, Brian Flanigan-Arthurs, Eric Bolden, Marty Jencius, and Jim Rea discuss the hacking of a panel member’s Instagram account, along with what appeared to be an attack on his Facebook account. They discuss scams, other personal experiences with compromises, and a couple information pieces that caught their attention. This edition of MacVo…

Podcasts Worth a Listen

Qnap Podcasts

Podcasts Worth a Listen

Quick Reference Guide