Best Sandy Lynn Podcasts (2024)

1
Producing Secure Code by Leveraging AI - Stuart McClure - ASW #291 1:09:02

31m ago1:09:02

1:09:02

How can LLMs be valuable to developers as an assistant in finding and fixing insecure code? There are a lot of implications in trusting AI or LLMs to not only find vulns, but in producing code that fixes an underlying problem without changing an app's intended behavior. Stuart McClure explains how combining LLMs with agents and RAGs helps make AI-i…

1
Solving the Complexities of Cyber Insurance for SMBs - Brian Fritton - BSW #356 1:06:15

1h ago1:06:15

1:06:15

Cyber insurance underwriting is all over the map. With such a variation in application requirements, how should small and medium businesses prepare to receive the best policy for the price? Brian Fritton joins Business Security Weekly to discuss a systematic approach to preparing for cyber insurance. By working with the underwriters, this approach …

1
Saint David Bowie and Our Lady of Done With Your Eternal Bullshit 35:18

1h ago35:18

35:18

In this episode, we discover that Charon, Ferryman of the Dead, has a new ride, and we hear about the Immaculate Reception of Ex-Sister Agnes with a guest appearance by Saint David Bowie and Our Lady of Done with Your Eternal Bullshit. Join me, Asteria Blackwell, as we dive once more into the Stories from the Lost Library, hosted by Elysium Public …

1
Autobahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More... - SWN #397 34:19

18h ago34:19

34:19

Wir fahren auf der AutoBahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-397

1
Joiners, Movers, Leavers, and Failures: Why is Identity Management Still Struggling? - Henrique Teixeira - ESW #367 1:31:28

22h ago1:31:28

1:31:28

I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone backwards a bit, with the addition of cloud SaaS, mobile devices, and …

1
RFID hacking & More Vulnerability Shenanigans - Iceman - PSW #834 3:30:33

2d ago3:30:33

3:30:33

Bats in your headset, Windows Wifi driver vulnerabilities, Logitech's dongles, lighthttpd is heavy with vulnerabilities, node-ip's not vulnerability, New Intel CPU non-attacks, Blast Radius, Flipper Zero alternatives, will OpenSSH be exploited, emergency Juniper patches, and the D-Link botnet grows. Iceman comes on the show to talk about RFID and N…

1
State Of Application Security 2024 - Sandy Carielli, Janet Worthington - ASW #290 1:12:41

4d ago1:12:41

1:12:41

Sandy Carielli and Janet Worthington, authors of the State Of Application Security 2024 report, join us to discuss their findings on trends this year! Old vulns, more bots, and more targeted supply chain attacks -- we should be better at this by now. We talk about where secure design fits into all this why appsec needs to accelerate to ludicrous sp…

1
Zotac, Eldorado, Donex, Qlins, Ticketmaster, AI, Physical Security, Aaran Leyland... - SWN #396 34:06

4d ago34:06

34:06

Zotac, Eldorado, Donex, Qlins, Ticketmaster, AI, Physical Security, Aaran Leyland, and more, are on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-396

1
Technology Rationalization in Cybersecurity - Max Shier - BSW #355 1:00:30

5d ago1:00:30

1:00:30

On average, CISOs manage 50-75 security products. Many of these products have either not been deployed or only partially deployed, while others overlap of products. How do CISOs effectively consolidate their products to a manageable size? Max Shier, Chief Information Security Officer at Optiv Security, joins Business Security Weekly to discuss tech…

1
Binary - SWN Vault 25:56

8d ago25:56

25:56

Check out this interview from the SWN Vault, hand picked by main host Doug White! This segment was originally published on July 20, 2017. Doug talks about how to count from zero to one! Show Notes: https://securityweekly.com/vault-swn-18

1
Hacker Heroes - Joe Grand - PSW Vault 1:43:58

10d ago1:43:58

1:43:58

Exploring the Hardware Hacking Realm with Joe Grand, AKA Kingpin Joe Grand, also known by his hacker pseudonym "Kingpin," stands as a prominent figure in the cybersecurity landscape. With an extensive background in hardware hacking, reverse engineering, and embedded systems, Joe has carved a niche for himself as a respected authority in the field. …

1
How To Avoid Being Phished - SWN Vault 46:06

11d ago46:06

46:06

Check out this interview from the SWN Vault, hand picked by main host Doug White! This Secure Digital Life segment was originally published on March 6, 2017. Have you ever wondered what phishing is? Do you know what spear phishing attacks are? Doug and Russ explain how to protect yourself from phishing scams in the inaugural episode of Secure Digit…

1
CISOs 2023 Planning Guide: Forecast The Recession's Impact On Your Program - Jeff Pollard - BSW Vault 33:21

12d ago33:21

33:21

Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on October 11, 2022. As 2023 approaches, security leaders are hard at work preparing their budgets, identifying their projects, and setting their priorities for the next twelve months. At the same time, the growth mode days of …

1
MoveIT, Entrust, Fed Reserve, ISPs, Volt Typhoon & More - Chris Wolski - SWN #395 29:10

15d ago29:10

29:10

Healthcare and malware, MoveIT, Chrome won't trust Entrust, the discovery of Volt Typhoon, & more on this episode of the Security Weekly News! Segment Resources: https://therecord.media/volt-typhoon-targets-underestimated-cisa-says Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-395…

1
The risks and best practices of deploying AI to an enterprise - Martin Roesch, Anurag Lal - ESW #366 2:16:26

15d ago2:16:26

2:16:26

We all might be a little worn out on this topic, but there's no escaping it. Executives want to adopt GenAI and it is being embedded into nearly every software product we use in both our professional and personal lives. In this interview, Anurag joins us to discuss how his company evaluated and ultimately integrated AI-based technologies into their…

1
Do We Need Penetration Testing and Vulnerability Scanning? - Josh Bressers, Adrian Sanabria - PSW #833 2:51:52

16d ago2:51:52

2:51:52

This may be controversial, however, we've been privately discussing how organizations benefit from penetration testing and vulnerability scanning. Do you still need these services as a critical part of your security program? Can't you just patch stuff that is missing patches? Tune in for a lively debate! Zyxl NAS devices are under attack and the ex…

1
Baltimore, GPS Jammed, US bans, ARM, YouTube, Kraken and Joshua Marpet - SWN #394 30:07

18d ago30:07

30:07

Baltimore, GPS Jammed, US bans, ARM, YouTube, Kraken and Joshua Marpet, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-394

1
Building a Successful API Security Strategy - Luke Babarinde, Bhawna Singh - BSW #354 1:04:51

18d ago1:04:51

1:04:51

With 71% of web traffic coming from API calls last year and the average organization maintaining 613 API endpoints, a robust strategy is needed to protect APIs against automated threats and business logic attacks. Tune in as Luke Babarinde, Global Solution Architect, shares the key steps to building a successful API security strategy. This segment …

1
OAuth 2.0 from Protecting APIs to Supporting Authorization & Authentication - Aaron Parecki - ASW #289 1:01:09

19d ago1:01:09

1:01:09

OAuth 2.0 is more than just a single spec and it's used to protect more than just APIs. We talk about challenges in maintaining a spec over a decade of changing technologies and new threat models. Not only can OAuth be challenging to secure by default, but it's not even always inter-operable. Segment Resources: https://oauth.net/2.1 https://oauth.n…

1
Access vs Actions, Beyond Traditional IGA, Remote Identity Verification, & Fraud - Tim Prendergast, Damon Tompkins, Andrew Bud, Chris Meyer - ESW Vault 58:32

22d ago58:32

58:32

Traditional approaches to access management are no longer sufficient to safeguard enterprise security. Tim will explain why the most effective approach to modern enterprise security requires a Zero Trust model that extends beyond just access to encompass every action, no matter how minor. Tim will describe the importance of implementing a Zero Trus…

1
Cybersecurity In College - SWN Vault 38:26

22d ago38:26

38:26

Check out this interview from the SWN Vault, hand picked by main host Doug White! This Secure Digital Life segment was originally published on June 19, 2018. This week, Doug and Russ interview Matthew Silva, President and Founder of the Cybersecurity and Intel Club at Roger Williams University! They talk about majoring in Cybersecurity vs. Computer…

1
iShield Key Experience, Automated (PKI) Infrastructure, & GenAI Identity Attacks - Kevin Fadaie, Roni Bliss, David Mahdi - ESW Vault 44:48

22d ago44:48

44:48

FIDO security keys are not new in the authentication workflow. They have been around now for 10 years. What is new is the combination of the most secure multi-factor authentication method not only for logical but also for physical access control with the highest FIPS140-3 security certification in the market. Segment Resources: Video "Swissbit iShi…

1
Bringing Autonomy to AppSec - Dr. David Brumley - ESW Vault 32:22

23d ago32:22

32:22

Log4j, solar winds, tesla hacks, and the wave of high profile appsec problems aren’t going to go away with current approaches like SAST and SCA. Why? They are: -40 years old, with little innovation -Haven’t solved the problem. In this segment, we talk about fully autonomous application security. Vetted by DARPA in the Cyber Grand Challenge, the app…

1
Hacker Heroes - Dave Aitel - PSW Vault 1:29:24

24d ago1:29:24

1:29:24

Exploring the Strategic Minds in Cybersecurity: A Conversation with Dave Aitel Welcome to an enlightening episode of our podcast, where we sit down with Dave Aitel, a prominent figure in the cybersecurity landscape. With a robust background in offensive security and an extensive career spanning various facets of the industry, Dave brings a wealth o…

1
Back To School: Networking 101 - SWN Vault 26:29

26d ago26:29

26:29

Check out this interview from the SWN Vault, hand picked by main host Doug White! This Secure Digital Life segment was originally published on September 25, 2018. This week, Russ takes the reigns in the absence of Dr. Doug to talk about Networking 101! We are going to go back to school to examine how networking and the internet actually work. Russ …

1
Learning EBPF - Liz Rice - ASW Vault 37:16

26d ago37:16

37:16

Check out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on April 4, 2023. Following on from her successful title "Container Security", Liz has recently authored "Learning eBPF", published by O'Reilly. eBPF is a revolutionary kernel technology that is enabling a whole new generation of …

1
Zero Trust Is Not A SKU - Saša Zdjelar - BSW Vault 32:47

26d ago32:47

32:47

Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on August 9, 2022. Zero Trust is the security buzzword of the moment, and while it is a very powerful approach, nearly every enterprise security product on the market – and some that aren’t even security products — are saying t…

1
The City Dionysia Festival, and an Unexpected Visit From Charon 36:00

1M ago36:00

36:00

Welcome back to the best formerly lost but now found Library of Elysium, located in the only spot in the world that is half in the Underworld, and half in the Living World. My name is Asteria Blackwell, and I am the High Priestess of the Library of Elysium. Join me as I journey into the forgotten depths and into a world of tales hidden within these…

1
Shared irresponsibilities and the importance of product privacy: Apple vs Microsoft - Mark Batchelor, Vibhuti Sinha, Chris Simmons, Gerry Gebel, Ajay Gupta, Tarvinder Sembhi - ESW #365 2:41:25

29d ago2:41:25

2:41:25

This week, we've got data security being both funded AND acquired. We discuss Lacework's fall from unicorn status and why rumors that it went to Fortinet for considerably more than Wiz was willing to pay make sense. Microsoft Recall and Apple Intelligence are the perfect bookends for a conversation about the importance of handling consumer privacy …

1
Trust in Microsoft, Apple, and the Holy AI, Moonstone Sleet, Cheating, Joshua Marpet - SWN #393 34:13

30d ago34:13

34:13

Trust in Microsoft, Apple, and the Holy AI, Amen, Moonstone Sleet, Cheating, Joshua Marpet, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-393

1
GenAI, Security, and More Lies - Aubrey King - PSW #832 2:54:18

30d ago2:54:18

2:54:18

We will discuss LLM security in general and some of the issues covered in the OWASP Top 10 for LLMs! Segment Resources: https://genai.owasp.org/ Skyrocketing IoT vulnerabilities, bricked computers?, MACBORG!, raw dogging source code, PHP strikes again and again, if you have a Netgear WNR614 replace it now, Arm Mali, new OpenSSH feature, weird headp…

1
Buzz Aldrin, the Gray Lady, Veeam, Microsoft squared, Nvidia, Josh Marpet... - SWN #392 32:23

1M ago32:23

32:23

Buzz Aldrin, the Gray Lady, Veeam, Microsoft squared, Nvidia, Hardware, Pentests, Josh Marpet, and more on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-392

1
Microsoft Recall's Security & Privacy, Hacking Web APIs, Secure Design Pledge - ASW #288 38:36

1M ago38:36

38:36

Looking at use cases and abuse cases of Microsoft's Recall feature, examples of hacking web APIs, CISA's secure design pledge, what we look for in CVEs, a nod to PHP's history, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-288…

1
The State of the Cybersecurity Market, At Least According to Gartner - Vivek Ramachandran, Carl Froggett, Padraic O'Reilly - BSW #353 1:04:11

1M ago1:04:11

1:04:11

Did you miss Gartner Security & Risk Management last week in National Harbor, MD? Don't worry, Padraic O'Reilly, Founder and Chief Innovation Officer at CyberSaint, joins us to discuss the hot topics that were presented at the conference last week, including: Artificial Intelligence(AI) Continuous Threat Exposure Management(CTEM) Identity & Access …

1
AI, Lockbit, Veeam, Club Penguin, Kali, Commando Cat, HugeGraph, Aaran Leyland... - SWN #391 35:26

1M ago35:26

35:26

Burning AI, Lockbit, Veeam, Club Penguin, Kali, Commando Cat, HugeGraph, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-391

1
Interest in Identity Security is Spiking - John Shier, Will Lin, Christopher Harrell, Jim Broome - ESW #364 2:31:08

1M ago2:31:08

2:31:08

"Identity security has been around forever though", you might be thinking. Allow me to clarify. Identity is the largest cybersecurity product category, but most of it is focused on identity governance, authentication, multi-factor, etc. Very little of it is focused on operational identity security. It's this trend, where we recently (within the las…

1
Whose Vulnerability Is It Anyway? - Josh Bressers - PSW #831 2:43:47

1M ago2:43:47

2:43:47

Josh comes on the show to discuss all things related to vulnerability tracking and scoring, including the current issues with various systems and organizations including NIST, CVE, Mitre, CVSS, NVD, and more! Segment Resources: NVD blog post Josh wrote: https://anchore.com/blog/navigating-the-nvd-quagmire/ Josh's Latest post: https://opensourcesecu…

1
Gold Pressed Latinum, VBScript, ORBS, Rockwell, Chrome, SKY, Aaran Leyland, and More - SWN #389 36:17

1M ago36:17

36:17

Gold Pressed Latinum, VBScript, ORBS, Rockwell, Chrome, SKY, Aaran Leyland, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-389

1
BCNF, Azure, Roaring Kitty, Hugging Face, Okta, Linux, Oracle, Josh Marpet... - SWN #390 34:55

1M ago34:55

34:55

Boyce Codd Normal Form, Azure, Roaring Kitty, Hugging Face, Okta, Linux, Oracle, Josh Marpet and more, are on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-390

1
Open Source Software Supply Chain Security & The Real Crisis Behind XZ Utils - Idan Plotnik, Luis Villa, Erez Hasson - ASW #287 1:12:08

1M ago1:12:08

1:12:08

Open source has been a part of the software supply chain for decades, yet many projects and their maintainers remain undersupported by the companies that consume them. The security responsibilities for project owners has increased not only in dealing with security disclosures, but in maintaining secure processes backed by strong authentication and …

1
Emotional Intelligence for Cyber Leaders - James Doggett, Jessica Hoffman, Sivan Tehila - BSW #352 1:00:56

1M ago1:00:56

1:00:56

Since the 1995 publication of Daniel Goleman’s international bestseller Emotional Intelligence, Why It Can Matter More Than IQ, a global movement has developed to bring “EQ” into practice in businesses, schools, and communities around the globe. But what is its impact on Cybersecurity? In this interview, we welcome Jessica Hoffman, Deputy CISO for …

1
The Hidden Heart of the Lost Library of Elysium 38:10

1M ago38:10

38:10

My name is Asteria Blackwell, and I am the High Priestess of the Library of Elysium - a library once lost for eons but now found. Join me as I journey into the forgotten depths and into a world of tales hidden within these sacred halls. Like a modern-day Virgil, I have become a guide to this magical space - and in this episode, we travel to the dar…

1
A CISO’s Perspective, Defending Against AI & Ransomware Evolution - Kris Lahiri, Jim Broome, Mike Lyborg - ESW Vault 46:35

1M ago46:35

46:35

In this interview, join Swimlane Chief Information Security Officer, Mike Lyborg, and host Akira Brand as we discuss the value of cybersecurity marketplaces from a CISO perspective. Through insightful discussions, unpack the connection between outcomes-driven solutions and tangible business KPIs. This segment is sponsored by Swimlane. Visit https:/…

1
Securing Backups - SWN Vault 20:13

1M ago20:13

20:13

Check out this episode from the Secure Digital Life Vault, hand picked by main host Doug White! This segment was originally published on June 14, 2017. Doug and Russ talk about different types of backups, how they work and out-of-band strategies. Show Notes: https://securityweekly.com/vault-swn-14

1
Achieving Cyber Resilience, External Cybersecurity & Risk Reduction - Margarita Barrero, Andy Grolnick, Alexandre Sieira - ESW Vault 48:15

1M ago48:15

48:15

Organizations today are overwhelmed with the sheer magnitude of potential cybersecurity threats and there is plenty of vendor buzz around AI in Security products, but what is the reality? Threat detection and incident response (TDIR) strategy and execution have never been more critical and are essential in maintaining cyber resilience and strengthe…

1
Exploring the latest FortiGuard Labs Threat Report - Derek Manky - ESW Vault 40:53

2M ago40:53

40:53

As a special treat for this week's vault episode, we set up a conversation with Derek Manky to discuss Fortinet's FortiGuard Labs Threat Report. This is a bi-annual report put out by FortiGuard Labs, and in my opinion, it just keeps getting better and better. The report is chock full of actionable information and insights. It answered all my questi…

1
Hacker Heroes - Josh Corman - PSW Vault 1:10:35

2M ago1:10:35

1:10:35

Making The World A More Secure Place: Joshua Corman's Journey and Insights Welcome to an insightful podcast episode featuring Joshua Corman, a prominent figure in the realm of cybersecurity. With a wealth of experience and a keen understanding of the evolving threat landscape, Joshua has established himself as a thought leader and influencer in the…

1
Securing Shadow Apps & Protecting Data - Guy Guzner, Pranava Adduri - ASW Vault 30:32

2M ago30:32

30:32

With hundreds or thousands of SaaS apps to secure with no traditional perimeter, Identity becomes the focal point for SaaS Security in the modern enterprise. Yet with Shadow IT, now recast as Business-Led IT, quickly becoming normal practice, it’s more complicated than trying to centralize all identities with an Identity Provider (IdP) for Single S…

1
Collecting Bounties and Building Communities - Ben Sadeghipour - ASW Vault 36:23

2M ago36:23

36:23

Check out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on April 18, 2023. We talk with Ben about the rewards, hazards, and fun of bug bounty programs. Then we find out different ways to build successful and welcoming communities. Show Notes: https://securityweekly.com/vault-asw-9…

1
College Degrees - SWN Vault 23:56

2M ago23:56

23:56

Check out this episode from the Secure Digital Life Vault, hand picked by main host Doug White! This segment was originally published on June 8, 2017. Doug and Russ swim the warm waters of academia, college degrees, types of degrees, and whether or not you need one. Show Notes: https://securityweekly.com/vault-swn-13…

Podcasts Worth a Listen

Sandy Lynn Podcasts

Podcasts Worth a Listen

Quick Reference Guide