One Stone is a student-run, not-for-profit organization that combines service and charitable giving with experiential learning to fulfill community needs in a way that transforms both the recipient and student providers of the service. One Stone is starting a high school, beginning in the fall of 2016. This podcast will cover a variety of topics about One Stone's programs, as well as the new high school.
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Sermons from Evansburg Baptist Church, Evansburg Alberta Canada
…
continue reading
1
Let’s Get Real About Where AI can Help SecOps & AI, Automation & Low-Code - Mike Lyborg, Brandon Potter - ESW #373
32:22
32:22
Play later
Play later
Lists
Like
Liked
32:22
Swimlane and GenAI Join Swimlane CISO, Mike Lyborg and Security Weekly’s Mandy Logan as they cut through the AI peanut butter! While Generative AI is the not-so-new hot topic, it's also not the first time the cybersecurity industry has embraced emerging technology that can mimic human actions. Security automation and its ability to take action on b…
…
continue reading
1
Faking your own death, Fake Reviews, Solar Winds, Recall, Winux, Kubernetes, and More - SWN #409
31:03
31:03
Play later
Play later
Lists
Like
Liked
31:03
Faking your death, Fake Reviews, Solar Winds, AWS, Recall, Winux, Kubernetes, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-409
…
continue reading
1
Faking your own death, Fake Reviews, Solar Winds, Recall, Winux, Kubernetes, and More - SWN #409
31:12
31:12
Play later
Play later
Lists
Like
Liked
31:12
Faking your death, Fake Reviews, Solar Winds, AWS, Recall, Winux, Kubernetes, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-409
…
continue reading
1
The end of the road for some cyber startups & making detection actually work! - ESW #373
1:17:53
1:17:53
Play later
Play later
Lists
Like
Liked
1:17:53
This week, in the enterprise security news, A funding that looks like an acquisition And two for-sure acquisitions Rumors that there are funding problems for early stage cyber startups, and we’ll see a lot more acquisitions before the end of the year Speaking of rumors, Crowdstrike did NOT like last week’s Action1 acquisition rumor! Shortening dete…
…
continue reading
1
The end of the road for some cyber startups & making detection actually work! - Vivek Bhandari, Vivek Ramachandran, Mike Lyborg, Brandon Potter - ESW #373
2:26:35
2:26:35
Play later
Play later
Lists
Like
Liked
2:26:35
This week, in the enterprise security news, A funding that looks like an acquisition And two for-sure acquisitions Rumors that there are funding problems for early stage cyber startups, and we’ll see a lot more acquisitions before the end of the year Speaking of rumors, Crowdstrike did NOT like last week’s Action1 acquisition rumor! Shortening dete…
…
continue reading
1
Vulnerabilities, Vulnerabilities Everywhere - PSW #840
1:56:39
1:56:39
Play later
Play later
Lists
Like
Liked
1:56:39
This week: YAVD: Yet Another Vulnerable Driver, why bring your own when one already exists, backdoors in MIFARE Classic, wireless hacking tips, AMD sinkclose vulnerability will keep running, you down with SLDP yea you know me, Phrack!, IoTGoats, Pixel vulnerabilities, leaking variables, a DEF CON talk that was not cancelled, Telnet is still a thing…
…
continue reading
1
How do we patch the right things? - Josh Bressers - PSW #840
2:58:57
2:58:57
Play later
Play later
Lists
Like
Liked
2:58:57
Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such as: Mitre Att&ck - Don't get me wrong, this is a great project and Ada…
…
continue reading
1
How do we patch the right things? - PSW #840
1:02:37
1:02:37
Play later
Play later
Lists
Like
Liked
1:02:37
Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such as: Mitre Att&ck - Don't get me wrong, this is a great project and Ada…
…
continue reading
1
Secure Web Gateways Have Failed Us & Using AI to Prevent the Next CrowdStrike Outage - Vivek Ramachandran, Vivek Bhandari - ESW #373
36:38
36:38
Play later
Play later
Lists
Like
Liked
36:38
SquareX With employees spending most of their working hours on the browser, web attacks are one of the biggest attack vectors today. Yet, both enterprises and security vendors today aren’t focused on securing the browser – a huge risk given that attackers can easily bypass Secure Web Gateways, SASE and SSE solutions. This segment will demonstrate t…
…
continue reading
1
Navigating the Path to Maturity & AI is helping combat cyber threats - Shimon Modi, Boaz Barzel - ASW #296
39:21
39:21
Play later
Play later
Lists
Like
Liked
39:21
As development cycles shorten and more responsibilities shift to developers, application security (AppSec) is rapidly evolving. Organizations are increasingly building mature programs that automate and enhance AppSec, moving beyond manual processes. In this discussion, we explore how organizations are adapting their AppSec practices, highlighting t…
…
continue reading
1
Dangerous books, Microsoft plus, NPD, Solar Winds, Jenkins, and more... - SWN #408
27:57
27:57
Play later
Play later
Lists
Like
Liked
27:57
Dangerous books, Microsoft Plus, NPD, Solar Winds, Jenkins, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-408
…
continue reading
1
The Fallout and Lessons Learned from the CrowdStrike Fiasco - Allie Mellen, Jeff Pollard - ASW #296
42:38
42:38
Play later
Play later
Lists
Like
Liked
42:38
This week, Jeff Pollard and Allie Mellen join us to discuss the fallout and lessons learned from the CrowdStrike fiasco. They explore the reasons behind running in the kernel, the challenges of software quality, and the distinction between a security incident and an IT incident. They also touch on the need to reduce the attack surface and the impor…
…
continue reading
1
The Fallout and Lessons Learned from the CrowdStrike Fiasco - Shimon Modi, Jeff Pollard, Allie Mellen, Boaz Barzel - ASW #296
1:21:54
1:21:54
Play later
Play later
Lists
Like
Liked
1:21:54
This week, Jeff Pollard and Allie Mellen join us to discuss the fallout and lessons learned from the CrowdStrike fiasco. They explore the reasons behind running in the kernel, the challenges of software quality, and the distinction between a security incident and an IT incident. They also touch on the need to reduce the attack surface and the impor…
…
continue reading
1
Dangerous books, Microsoft plus, NPD, Solar Winds, Jenkins, and more... - SWN #408
27:57
27:57
Play later
Play later
Lists
Like
Liked
27:57
Dangerous books, Microsoft Plus, NPD, Solar Winds, Jenkins, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-408
…
continue reading
1
Navigating Innovation and Risk & Any Browser Can Be A Secure Enterprise Browser - Theresa Lanowitz, Andrew Harding - BSW #361
33:23
33:23
Play later
Play later
Lists
Like
Liked
33:23
While CISOs are often responsible for technology implementation, they are not getting the support they need at a strategic level. The Accelerator found that 73% of CISOs expressed concern over cybersecurity becoming unwieldy, requiring risk-laden tradeoffs, compared to only 58% of both CIOs and CTOs. Understanding the C-suite’s business priorities …
…
continue reading
1
Why Cyber Resilience Matters - Andrew Harding, Theresa Lanowitz - BSW #361
1:03:24
1:03:24
Play later
Play later
Lists
Like
Liked
1:03:24
What are the barriers to cyber resilience today? Why is it so difficult? And what is coming next, that will generate resilience challenges further down the line? After five years of focusing on the short- and medium-term future of cybersecurity and edge, this year, LevelBlue wanted to understand what is preventing cyber resilience—and what business…
…
continue reading
1
Why Cyber Resilience Matters - Theresa Lanowitz - BSW #361
30:05
30:05
Play later
Play later
Lists
Like
Liked
30:05
What are the barriers to cyber resilience today? Why is it so difficult? And what is coming next, that will generate resilience challenges further down the line? After five years of focusing on the short- and medium-term future of cybersecurity and edge, this year, LevelBlue wanted to understand what is preventing cyber resilience—and what business…
…
continue reading
1
Operational Resilience in Healthcare & Zscaler Uncovers Record-Breaking Ransom - Marty Momdjian, Brett Stone-Gross - ESW #372
32:10
32:10
Play later
Play later
Lists
Like
Liked
32:10
Many cybersecurity experts are calling recent attacks on healthcare more sophisticated than ever. One attack disrupted prescription drug orders for over a third of the U.S. and has cost $1.5 billion in incident response and recovery services. Separately, an operator of over 140 hospitals and senior care facilities in the U.S. was also victimized. T…
…
continue reading
1
Devo Launches New Capabilities & Revolutionizing Cyber Resilience - Rakesh Nair, Rekha Shenoy - ESW #372
31:43
31:43
Play later
Play later
Lists
Like
Liked
31:43
Devo, the security analytics company, recently launched data orchestration, a data analytics cloud, and security operations center (SOC) workflow enhancements. Enterprise security teams are struggling with growing data volumes—and they’re also up against headcount and budget constraints. These solutions offer security teams data control, cost optim…
…
continue reading
1
Quantum AI Drones, Ransomhub, Pixel, Mad Liberator, the return of Russ Beauchemin... - SWN #407
40:01
40:01
Play later
Play later
Lists
Like
Liked
40:01
Quantum AI Drones, Ransomhub, Pixel, Mad Liberator, the return of Russ Beauchemin, and More on the Security Weekly News Show Notes: https://securityweekly.com/swn-407
…
continue reading
1
Quantum AI Drones, Ransomhub, Pixel, Mad Liberator, the return of Russ Beauchemin... - SWN #407
40:01
40:01
Play later
Play later
Lists
Like
Liked
40:01
Quantum AI Drones, Ransomhub, Pixel, Mad Liberator, the return of Russ Beauchemin, and More on the Security Weekly News Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-407
…
continue reading
1
Highlights from BlackHat/DefCon, Vulnerabilities, and Cyber Marketing Challenges - ESW #372
1:05:47
1:05:47
Play later
Play later
Lists
Like
Liked
1:05:47
In this conversation, the hosts discuss patchless patching, vulnerabilities in the Windows TCP/IP stack, and the trustworthiness of Microsoft. They highlight the challenges of marketing in the cybersecurity industry and the importance of building trust with customers. The conversation also touches on the need for vendors to prioritize security and …
…
continue reading
1
Cybersecurity Myths - Eugene Spafford - PSW #839
3:08:31
3:08:31
Play later
Play later
Lists
Like
Liked
3:08:31
Early on in his career Spaf was working with microcode and continued to work on technical projects. As time went on he realized that focusing on the non-technical work, such as policies and shaping our thinking, would help move the needle. Borrowing concepts from his book on the subject, we will delve into some cybersecurity myths such as: Are user…
…
continue reading
This week: Option ROMS are a novel way to compromise a system at the lowest level, Sinkclose opens AMD processors up to attacks, at home in your firmware exploiting SMM complete with examples, Sonos speakers get hacked and enable attackers to listen in on your conversations, DEF CON badges use new chips and are not without controversy, lasers that …
…
continue reading
1
Highlights from BlackHat/DefCon, Vulnerabilities, and Cyber Marketing Challenges - Brett Stone-Gross, Rakesh Nair, Rekha Shenoy, Marty Momdjian - ESW #372
2:08:47
2:08:47
Play later
Play later
Lists
Like
Liked
2:08:47
In this conversation, the hosts discuss patchless patching, vulnerabilities in the Windows TCP/IP stack, and the trustworthiness of Microsoft. They highlight the challenges of marketing in the cybersecurity industry and the importance of building trust with customers. The conversation also touches on the need for vendors to prioritize security and …
…
continue reading
1
Cybersecurity Myths - Eugene Spafford - PSW #839
1:06:28
1:06:28
Play later
Play later
Lists
Like
Liked
1:06:28
Early on in his career Spaf was working with microcode and continued to work on technical projects. As time went on he realized that focusing on the non-technical work, such as policies and shaping our thinking, would help move the needle. Borrowing concepts from his book on the subject, we will delve into some cybersecurity myths such as: Are user…
…
continue reading
1
Reducing Supply Chain Risk & What’s lurking in your phone? - Danny Jenkins, Nikos Kiourtis - ASW #295
34:30
34:30
Play later
Play later
Lists
Like
Liked
34:30
In complex software ecosystems, individual application risks are compounded. When it comes to mitigating supply chain risk, identifying backdoors or unintended vulnerabilities that can be exploited in your environment is just as critical as staying current with the latest hacking intel. Understand how to spot and reduce the risk to your environment…
…
continue reading
1
When Appsec Needs to Start Small - Kalyani Pawar, Danny Jenkins, Nikos Kiourtis - ASW #295
1:08:53
1:08:53
Play later
Play later
Lists
Like
Liked
1:08:53
Startups and small orgs don't have the luxury of massive budgets and large teams. How do you choose an appsec approach that complements a startup's needs while keeping it secure. Kalyani Pawar shares her experience at different ends of an appsec maturity spectrum. In complex software ecosystems, individual application risks are compounded. When it …
…
continue reading
1
DEFCON Hijinx, AMD, Ukraine, FreeBSD, OpenVPN, the Pwnie Awards, Josh Marpet... - SWN #406
29:13
29:13
Play later
Play later
Lists
Like
Liked
29:13
DEFCON Hijinx, AMD, Ukraine, FreeBSD, OpenVPN, the Pwnie Awards, Josh Marpet, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-406
…
continue reading
1
DEFCON Hijinx, AMD, Ukraine, FreeBSD, OpenVPN, the Pwnie Awards, Josh Marpet... - SWN #406
29:13
29:13
Play later
Play later
Lists
Like
Liked
29:13
DEFCON Hijinx, AMD, Ukraine, FreeBSD, OpenVPN, the Pwnie Awards, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-406
…
continue reading
1
When Appsec Needs to Start Small - Kalyani Pawar - ASW #295
34:22
34:22
Play later
Play later
Lists
Like
Liked
34:22
Startups and small orgs don't have the luxury of massive budgets and large teams. How do you choose an appsec approach that complements a startup's needs while keeping it secure. Kalyani Pawar shares her experience at different ends of an appsec maturity spectrum. Show Notes: https://securityweekly.com/asw-295…
…
continue reading