I'm Aaron Henriques, a British expat, business investor and entrepreneur who buys simple businesses. I own multiple businesses in the UK and Dubai and am a former police officer. Ready to transform your financial journey and build wealth? You're in the right place! Subscribe for expert Dubai expat tips and join our Opportunity Awaits podcast community. Here, I share my own real-world, no-nonsense, ad-free insights to empower you to seize lucrative opportunities in business and investing. Be ...
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
![Artwork](/static/images/128pixel.png)
1
What I Got Wrong About the 2024 UK Election – My Apology | #21
15:19
15:19
Play later
Play later
Lists
Like
Liked
15:19
Watch on YouTube: https://youtu.be/ZKj0Rz4i8e4 Join Aaron Henriques as he addresses a crucial mistake from his previous video on the UK general election. Discover an unforeseen constituency boundary change in 2023 and understand why it matters. Aaron tackles misconceptions, clarifies his voting stance, and dives into the discrepancies in seat alloc…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
SAPwned, Squarespace Domain Hijacks, AIs Fixing Code, Infosec Investments - ASW #292
28:57
28:57
Play later
Play later
Lists
Like
Liked
28:57
SAPwned demonstrates tenets of tenant isolation, a weak login flow puts Squarespace domains at risk, how AIs might (or might not) be useful for fixing code, getting buy-in for infosec investments, and more! Show Notes: https://securityweekly.com/asw-292
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Risk Management Insights: What CEOs and Boards Really Need - Jeff Recor - BSW #357
32:39
32:39
Play later
Play later
Lists
Like
Liked
32:39
Security is a risk management discipline. No one understand that more than Jeff Recor. Jeff has built risk management practices for Deloitte, Grant Thornton, and Accenture and has recently formed his own risk consulting practice. In this unscripted interview, Jeff will share his insights on the evolution of security as a risk management discipline,…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Killer Robots, Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet and More - SWN #400
34:11
34:11
Play later
Play later
Lists
Like
Liked
34:11
Elon's Killer Robots, Crowdstrike and More Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-400
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Where Generative AI Can Actually Help Security (And Where It Doesn't) - Farshad Abasi, Allie Mellen - ASW #292
1:05:00
1:05:00
Play later
Play later
Lists
Like
Liked
1:05:00
Generative AI has produced impressive chatbots and content generation, but however fun or impressive those might be, they don't always translate to value for appsec. Allie brings some realistic expectations to how genAI is used by attackers and can be useful to defenders. Segment resources: https://www.forrester.com/blogs/generative-ai-will-not-ful…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Where Generative AI Can Actually Help Security (And Where It Doesn't) - Allie Mellen, Farshad Abasi - ASW #292
36:04
36:04
Play later
Play later
Lists
Like
Liked
36:04
Generative AI has produced impressive chatbots and content generation, but however fun or impressive those might be, they don't always translate to value for appsec. Allie brings some realistic expectations to how genAI is used by attackers and can be useful to defenders. Segment resources: https://www.forrester.com/blogs/generative-ai-will-not-ful…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Killer Robots, Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet and More - SWN #400
34:16
34:16
Play later
Play later
Lists
Like
Liked
34:16
Elon's Killer Robots, Crowdstrike and More Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-400
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Closing CISO-CEO Communication Gap Requires a Common Business Language - Sumedh Thakar, Jeff Recor - BSW #357
1:11:22
1:11:22
Play later
Play later
Lists
Like
Liked
1:11:22
Back in April, we covered a story on episode #348 titled "CISO-CEO communication gaps continue to undermine cybersecurity". In that article, Sumedh Thakar, the CEO at Qualys, stated "CISOs must translate technical risks into business impact for CEOs." But he didn't say how. So, we invited him on the show to explain. In this episode, Sumedh walks us…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Closing CISO-CEO Communication Gap Requires a Common Business Language - Sumedh Thakar - BSW #357
39:09
39:09
Play later
Play later
Lists
Like
Liked
39:09
Back in April, we covered a story on episode #348 titled "CISO-CEO communication gaps continue to undermine cybersecurity". In that article, Sumedh Thakar, the CEO at Qualys, stated "CISOs must translate technical risks into business impact for CEOs." But he didn't say how. So, we invited him on the show to explain. In this episode, Sumedh walks us…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Analyzing the CrowdStrike Incident and Its Ripple Effects - SWN #399
42:23
42:23
Play later
Play later
Lists
Like
Liked
42:23
In this episode of Security Weekly News, Dr. Doug White and Josh Marpet delve into the widespread impact of the recent CrowdStrike and Microsoft technical issue, which disrupted various industries, including airlines, DMVs, and hospitals. They discuss the interconnectedness of modern systems, the reliance on automatic updates, and the critical need…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Analyzing the CrowdStrike Incident and Its Ripple Effects - SWN #399
42:17
42:17
Play later
Play later
Lists
Like
Liked
42:17
In this episode of Security Weekly News, Dr. Doug White and Josh Marpet delve into the widespread impact of the recent CrowdStrike and Microsoft technical issue, which disrupted various industries, including airlines, DMVs, and hospitals. They discuss the interconnectedness of modern systems, the reliance on automatic updates, and the critical need…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Rumored Wiz Deal Would be HISTORIC (if it happens), redefining shared responsibility - ESW #368
54:43
54:43
Play later
Play later
Lists
Like
Liked
54:43
In this week's enterprise security news, Google is rumored to be considering acquiring Wiz for $23 BILLION ThreatConnect acquires Polarity XBOW and Sola Security are interesting new companies we’ll discuss What does “shared responsibility” actually mean? Palo Alto probably isn’t going to buy your startup Snowflake-related breaches continue getting …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Jump-starting SOC Analyst Careers, Addressing Cybersecurity Industry Challenges, and Historic Rumors in Enterprise Security - ESW #368
2:06:23
2:06:23
Play later
Play later
Lists
Like
Liked
2:06:23
In this episode of Enterprise Security Weekly, we revisit the insightful book "Jump-start Your SOC Analyst Career" with authors Jarrett Rodrick and Tyler Wall, exploring updates on career paths, opportunities, and the industry's reality. We delve into the myths versus the truths about cybersecurity careers, discussing the viability of high salaries…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
What's wrong with the cybersecurity industry and what we can do about it - Richard Hollis - ESW #368
36:47
36:47
Play later
Play later
Lists
Like
Liked
36:47
On this segment, we're going to zoom all the way out to discuss one of my favorite topics: what's fundamentally wrong with this industry? I believe we're at an inflection point: security teams have budget, staff, and more sway at the board level than ever. The cybersecurity market is doing great - growing at an astonishing rate with cyber startups …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Book Discussion: Jump-start Your SOC Analyst Career - Jarrett Rodrick, Tyler Wall - ESW #368
34:39
34:39
Play later
Play later
Lists
Like
Liked
34:39
Three years after we last discussed this book on episode #221, Jarrett Rodrick returns, joined by co-author Tyler Wall to discuss an update of the book. We talk opportunities and layoffs. Career paths and experience. Degrees, certifications, and home labs. We talk about who cybersecurity is the right field for, and the pros and cons of the industry…
…
continue reading
Find new flaws in UEFI using STASE, combining vulnerabilities to exploit Sonicwall Devices, remote BMC exploits, Netgear patches, and not a lot of information, 22 minutes before exploited, if the secrets were lost, we'd all be in screwed, Exim has not been replaced by something better and its vulnerable, CISA's red team reports, and attackers use d…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
3D Printing For Hackers - David Johnson - PSW #835
1:03:50
1:03:50
Play later
Play later
Lists
Like
Liked
1:03:50
Thinking about getting a 3D printer or have one and need a good primer? Check out this segment, we live 3D print a Captain Crunch whistle and talk all about 3D printing for hackers! Segment Resources: Slides used in this segment: https://files.scmagazine.com/wp-content/uploads/2024/07/3D-Printing-for-Hackers.pdf Major 3D Printer Websites: https://v…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
3D Printing For Hackers - David Johnson - PSW #835
3:01:58
3:01:58
Play later
Play later
Lists
Like
Liked
3:01:58
Thinking about getting a 3D printer or have one and need a good primer? Check out this segment, we live 3D print a Captain Crunch whistle and talk all about 3D printing for hackers! Segment Resources: Slides used in this segment: https://files.scmagazine.com/wp-content/uploads/2024/07/3D-Printing-for-Hackers.pdf Major 3D Printer Websites: https://v…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
A 2024 Appsec Report, Preparing for the AIxCC, Secure Design and Post-Quantum Crypto - ASW #291
35:58
35:58
Play later
Play later
Lists
Like
Liked
35:58
Cloudflare's 2024 appsec report, reasoning about the Cyber Reasoning Systems for the upcoming AIxCC semifinals at DEF CON, lessons in secure design from post-quantum cryptography, and more! Show Notes: https://securityweekly.com/asw-291
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Floppy Disks, Exim, Kaspersky, Darkgate, AT&T, Josh Marpet and more... - SWN #398
29:20
29:20
Play later
Play later
Lists
Like
Liked
29:20
Floppy Disks, Exim, Kaspersky, Darkgate, AT&T, Josh Marpet, and more are on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-398
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Floppy Disks, Exim, Kaspersky, Darkgate, AT&T, Josh Marpet and more... - SWN #398
29:20
29:20
Play later
Play later
Lists
Like
Liked
29:20
Floppy Disks, Exim, Kaspersky, Darkgate, AT&T, Josh Marpet, and more are on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-398
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Producing Secure Code by Leveraging AI - Stuart McClure - ASW #291
1:09:02
1:09:02
Play later
Play later
Lists
Like
Liked
1:09:02
How can LLMs be valuable to developers as an assistant in finding and fixing insecure code? There are a lot of implications in trusting AI or LLMs to not only find vulns, but in producing code that fixes an underlying problem without changing an app's intended behavior. Stuart McClure explains how combining LLMs with agents and RAGs helps make AI-i…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Producing Secure Code by Leveraging AI - Stuart McClure - ASW #291
33:06
33:06
Play later
Play later
Lists
Like
Liked
33:06
How can LLMs be valuable to developers as an assistant in finding and fixing insecure code? There are a lot of implications in trusting AI or LLMs to not only find vulns, but in producing code that fixes an underlying problem without changing an app's intended behavior. Stuart McClure explains how combining LLMs with agents and RAGs helps make AI-i…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Board and CEO Understanding of CyberSecurity as CISOs Grapple with the C-Suite - BSW #356
30:55
30:55
Play later
Play later
Lists
Like
Liked
30:55
In the leadership and communications section, The Board’s understanding of cybersecurity, What does your CEO need to know about cybersecurity?, As CISOs grapple with the C-suite, job satisfaction takes a hit, and more! Show Notes: https://securityweekly.com/bsw-356
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Solving the Complexities of Cyber Insurance for SMBs - Brian Fritton - BSW #356
35:29
35:29
Play later
Play later
Lists
Like
Liked
35:29
Cyber insurance underwriting is all over the map. With such a variation in application requirements, how should small and medium businesses prepare to receive the best policy for the price? Brian Fritton joins Business Security Weekly to discuss a systematic approach to preparing for cyber insurance. By working with the underwriters, this approach …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Solving the Complexities of Cyber Insurance for SMBs - Brian Fritton - BSW #356
1:06:15
1:06:15
Play later
Play later
Lists
Like
Liked
1:06:15
Cyber insurance underwriting is all over the map. With such a variation in application requirements, how should small and medium businesses prepare to receive the best policy for the price? Brian Fritton joins Business Security Weekly to discuss a systematic approach to preparing for cyber insurance. By working with the underwriters, this approach …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Autobahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More... - SWN #397
34:19
34:19
Play later
Play later
Lists
Like
Liked
34:19
Wir fahren auf der AutoBahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-397
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Autobahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More... - SWN #397
34:19
34:19
Play later
Play later
Lists
Like
Liked
34:19
Wir fahren auf der AutoBahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-397
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Joiners, Movers, Leavers, and Failures: Why is Identity Management Still Struggling? - Henrique Teixeira - ESW #367
1:31:28
1:31:28
Play later
Play later
Lists
Like
Liked
1:31:28
I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone backwards a bit, with the addition of cloud SaaS, mobile devices, and …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
More Vulnerability Shenanigans - PSW #834
2:21:14
2:21:14
Play later
Play later
Lists
Like
Liked
2:21:14
Bats in your headset, Windows Wifi driver vulnerabilities, Logitech's dongles, lighthttpd is heavy with vulnerabilities, node-ip's not vulnerability, New Intel CPU non-attacks, Blast Radius, Flipper Zero alternatives, will OpenSSH be exploited, emergency Juniper patches, and the D-Link botnet grows. Show Notes: https://securityweekly.com/psw-834…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Rockyou2024 is a scam, Google has a whoopsie, and AI is giving folks indigestion - ESW #367
58:01
58:01
Play later
Play later
Lists
Like
Liked
58:01
In this week's enterprise security news, Seed rounds are getting huge Lots of funding for niche security vendors Rapid7 acquires Noetic Cyber but Rapid7 is also rumored to sell itself! Slack battles infostealers The loss of Chevron deference impacts cyber Should cybersecurity put up a no vacancy sign? Figma and Google both make some embarrassing mi…
…
continue reading