To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!

Josh Bressers Podcasts

Josh Bressers public [search 0]
Related Topics
Tech Software Development Hacking Security Tech News Securitypodcast News Security Weekly Productions
More
Download the App!
Get it on App Store Get it on Google Play
show episodes
 
Artwork

1
Paul's Security Weekly (Audio)

Security Weekly Productions

Unsubscribe
Unsubscribe
 Weekly
 
If you're looking for a bunch of us cybersecurity nerds to get together and talk shop, then Paul’s Security Weekly is for you. This show features interviews with folks in the cybersecurity community; technical segments, which are just that, very technical; and cybersecurity news, which is an open discussion forum for the hosts to express their opinions about the latest cybersecurity headlines, breaches, new exploits and vulnerabilities, “not” politics, “cyber” policies and more. The topics v ...
  continue reading
 
Artwork

1
Security Weekly Podcast Network (Audio)

Security Weekly Productions

Unsubscribe
Unsubscribe
 Daily
 
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
  continue reading
 
Loading …
show series
 
Artwork

1
How do we patch the right things? - Josh Bressers - PSW #840 2:58:57

Play Pause
2:58:57
Play Pause
  Play later
  Play later
  Lists
  Liked
2:58:57
 
Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such as: Mitre Att&ck - Don't get me wrong, this is a great project and Ada…
  continue reading
 
Artwork

1
How to Make the World Quantum Safe - Vadim Lyubashevsky - ESW Vault 46:10

Play Pause
46:10
Play Pause
  Play later
  Play later
  Lists
  Liked
46:10
 
Check out this episode from the ESW Vault, hand picked by main host Adrian Sanabria! This episode was initially published on April 21 2023. Quantum computers are scaling rapidly. Soon, they will be powerful enough to solve previously unsolvable problems. But they come with a global challenge: fully-realized quantum computers will be able to break s…
  continue reading
 
Artwork

1
Hacker Heroes - Mark Loveless - PSW Vault 1:32:39

Play Pause
1:32:39
Play Pause
  Play later
  Play later
  Lists
  Liked
1:32:39
 
Exploring the Hacking Landscape with Mark Loveless, AKA SimpleNomad Dive into the intricate world of cybersecurity with our featured guest, Mark Loveless, widely known by his handle SimpleNomad. With a rich history in the realm of information security, Mark is a seasoned professional, researcher, and thought leader. Mark's journey spans decades, ma…
  continue reading
 
Artwork

1
Hacker Heroes - Mark Loveless - PSW Vault 1:32:39

Play Pause
1:32:39
Play Pause
  Play later
  Play later
  Lists
  Liked
1:32:39
 
Exploring the Hacking Landscape with Mark Loveless, AKA SimpleNomad Dive into the intricate world of cybersecurity with our featured guest, Mark Loveless, widely known by his handle SimpleNomad. With a rich history in the realm of information security, Mark is a seasoned professional, researcher, and thought leader. Mark's journey spans decades, ma…
  continue reading
 
Artwork

1
Leadership Lessons from the First 100 Episodes of CISO Stories - Todd Fitzgerald - BSW Vault 29:02

Play Pause
29:02
Play Pause
  Play later
  Play later
  Lists
  Liked
29:02
 
Check out this episode from the BSW Vault, hand picked by main host Matt Alderman! This episode was initially published on November 29, 2022. Todd Fitzgerald, author of CISO Compass and host of CISO Stories, joins BSW to share his top leadership lessons from the first 100 episodes of CISO Stories. Todd interviews CISOs and gains insights into their…
  continue reading
 
Artwork

1
Close the Security Theater: Enter Resilience - Kelly Shortridge - ASW Vault 37:48

Play Pause
37:48
Play Pause
  Play later
  Play later
  Lists
  Liked
37:48
 
Check out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on May 9, 2023. What does software resilience mean? Why is status quo application security unfit for the modern era of software? How can we move from security theater to security chaos engineering? This segment answers these quest…
  continue reading
 
Artwork

1
Building AI BOMs - Helen Oakley - PSW #841 3:01:47

Play Pause
3:01:47
Play Pause
  Play later
  Play later
  Lists
  Liked
3:01:47
 
Larry and Helen walk us through the AI supply chain landscape. Learn what goes into building and using AI models and the dangers that could lurk within. Segment Resources: Community efforts on AIBOM topic: https://github.com/aibom-squad This week: I want all the firmware, its not just TP-Link, CVEs for malware, BLE and your health, faking your own …
  continue reading
 
Artwork

1
Building AI BOMs - Helen Oakley - PSW #841 3:01:47

Play Pause
3:01:47
Play Pause
  Play later
  Play later
  Lists
  Liked
3:01:47
 
Larry and Helen walk us through the AI supply chain landscape. Learn what goes into building and using AI models and the dangers that could lurk within. Segment Resources: Community efforts on AIBOM topic: https://github.com/aibom-squad This week: I want all the firmware, its not just TP-Link, CVEs for malware, BLE and your health, faking your own …
  continue reading
 
Artwork

1
What asset management (ITAM) looks like outside cybersecurity - Danny Jenkins, Ed Skoudis, Jeremy Boerger, Maor Bin - ESW #374 1:44:09

Play Pause
1:44:09
Play Pause
  Play later
  Play later
  Lists
  Liked
1:44:09
 
The top priority on the CIS Critical Security Controls list has never changed: inventory and control of enterprise assets. Yet it remains one of the most challenging controls to implement, much less master. The refrain, "you can't secure what you don't know about" is as old as information security itself. Complicating this task is the fact that imp…
  continue reading
 
Artwork

1
Changing the Course of IoT's Future from Its Insecure Past - Paddy Harrington - ASW #297 1:04:28

Play Pause
1:04:28
Play Pause
  Play later
  Play later
  Lists
  Liked
1:04:28
 
IoT devices are notorious for weak designs, insecure implementations, and a lifecycle that mostly ignores patching. We look at external factors that might lead to change, like the FCC's cybersecurity labeling for IoT. We explore the constraints that often influence poor security on these devices, whether those constraints are as consequential given…
  continue reading
 
Artwork

1
The Changing Risk Landscape: CISO Liability - Darren Shou - BSW #362 1:07:35

Play Pause
1:07:35
Play Pause
  Play later
  Play later
  Lists
  Liked
1:07:35
 
How are personal liability and indemnification impacting the CISO role? Darren Shou, Chief Strategy Officer from RSA Conference, describes the current landscape of CISO liability and the challenges facing CISOs today. He discusses the implications of the SEC's recent actions, including the charges against SolarWinds' CISO, and the growing trend of …
  continue reading
 
Artwork

1
The end of the road for some cyber startups & making detection actually work! - Vivek Bhandari, Vivek Ramachandran, Mike Lyborg, Brandon Potter - ESW #373 2:26:35

Play Pause
2:26:35
Play Pause
  Play later
  Play later
  Lists
  Liked
2:26:35
 
This week, in the enterprise security news, A funding that looks like an acquisition And two for-sure acquisitions Rumors that there are funding problems for early stage cyber startups, and we’ll see a lot more acquisitions before the end of the year Speaking of rumors, Crowdstrike did NOT like last week’s Action1 acquisition rumor! Shortening dete…
  continue reading
 
Artwork

1
How do we patch the right things? - Josh Bressers - PSW #840 2:58:57

Play Pause
2:58:57
Play Pause
  Play later
  Play later
  Lists
  Liked
2:58:57
 
Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such as: Mitre Att&ck - Don't get me wrong, this is a great project and Ada…
  continue reading
 
Artwork

1
The Fallout and Lessons Learned from the CrowdStrike Fiasco - Shimon Modi, Jeff Pollard, Allie Mellen, Boaz Barzel - ASW #296 1:21:54

Play Pause
1:21:54
Play Pause
  Play later
  Play later
  Lists
  Liked
1:21:54
 
This week, Jeff Pollard and Allie Mellen join us to discuss the fallout and lessons learned from the CrowdStrike fiasco. They explore the reasons behind running in the kernel, the challenges of software quality, and the distinction between a security incident and an IT incident. They also touch on the need to reduce the attack surface and the impor…
  continue reading
 
Artwork

1
Why Cyber Resilience Matters - Andrew Harding, Theresa Lanowitz - BSW #361 1:03:24

Play Pause
1:03:24
Play Pause
  Play later
  Play later
  Lists
  Liked
1:03:24
 
What are the barriers to cyber resilience today? Why is it so difficult? And what is coming next, that will generate resilience challenges further down the line? After five years of focusing on the short- and medium-term future of cybersecurity and edge, this year, LevelBlue wanted to understand what is preventing cyber resilience—and what business…
  continue reading
 
Artwork

1
Cybersecurity Myths - Eugene Spafford - PSW #839 3:08:31

Play Pause
3:08:31
Play Pause
  Play later
  Play later
  Lists
  Liked
3:08:31
 
Early on in his career Spaf was working with microcode and continued to work on technical projects. As time went on he realized that focusing on the non-technical work, such as policies and shaping our thinking, would help move the needle. Borrowing concepts from his book on the subject, we will delve into some cybersecurity myths such as: Are user…
  continue reading
 
Artwork

1
Highlights from BlackHat/DefCon, Vulnerabilities, and Cyber Marketing Challenges - Brett Stone-Gross, Rakesh Nair, Rekha Shenoy, Marty Momdjian - ESW #372 2:08:47

Play Pause
2:08:47
Play Pause
  Play later
  Play later
  Lists
  Liked
2:08:47
 
In this conversation, the hosts discuss patchless patching, vulnerabilities in the Windows TCP/IP stack, and the trustworthiness of Microsoft. They highlight the challenges of marketing in the cybersecurity industry and the importance of building trust with customers. The conversation also touches on the need for vendors to prioritize security and …
  continue reading
 
Artwork

1
Cybersecurity Myths - Eugene Spafford - PSW #839 3:08:31

Play Pause
3:08:31
Play Pause
  Play later
  Play later
  Lists
  Liked
3:08:31
 
Early on in his career Spaf was working with microcode and continued to work on technical projects. As time went on he realized that focusing on the non-technical work, such as policies and shaping our thinking, would help move the needle. Borrowing concepts from his book on the subject, we will delve into some cybersecurity myths such as: Are user…
  continue reading
 
Artwork

1
When Appsec Needs to Start Small - Kalyani Pawar, Danny Jenkins, Nikos Kiourtis - ASW #295 1:08:53

Play Pause
1:08:53
Play Pause
  Play later
  Play later
  Lists
  Liked
1:08:53
 
Startups and small orgs don't have the luxury of massive budgets and large teams. How do you choose an appsec approach that complements a startup's needs while keeping it secure. Kalyani Pawar shares her experience at different ends of an appsec maturity spectrum. In complex software ecosystems, individual application risks are compounded. When it …
  continue reading
 
Artwork

1
Security Money: Crowdstrike Crashes the Index - BSW #360 1:03:11

Play Pause
1:03:11
Play Pause
  Play later
  Play later
  Lists
  Liked
1:03:11
 
This week, it’s time for security money, our quarterly review of the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. This quarter, Crowdstrike crashes the index, as Thoma Bravo acquires another index company. The index is currently made up of the following 25 pure play cybersecurity pu…
  continue reading
 
Artwork

1
AI Red Teaming and AI Safety - Sounil Yu, Amanda Minnich - ESW #371 2:18:23

Play Pause
2:18:23
Play Pause
  Play later
  Play later
  Lists
  Liked
2:18:23
 
In this interview we explore the new and sometimes strange world of redteaming AI. I have SO many questions, like what is AI safety? We'll discuss her presence at Black Hat, where she delivered two days of training and participated on an AI safety panel. We'll also discuss the process of pentesting an AI. Will pentesters just have giant cheatsheets…
  continue reading
 
Artwork

1
Downgrades and Attacking Security Things & Things Not to Miss at BH/DC - Trent Lo - PSW #838 3:07:57

Play Pause
3:07:57
Play Pause
  Play later
  Play later
  Lists
  Liked
3:07:57
 
This week, Downgrade attacks, bootloader fun, check your firmware before you wreck your firmware, you've got mail server issues, Ivanti is the new Rhianna, you should update your BIOS, Openwrt dominates, and attacking the security tools for fun and profit! Learn what is most interesting at hacker summer camp this year! Visit https://www.securitywee…
  continue reading
 
Artwork

1
Downgrades and Attacking Security Things & Things Not to Miss at BH/DC - Trent Lo - PSW #838 3:07:57

Play Pause
3:07:57
Play Pause
  Play later
  Play later
  Lists
  Liked
3:07:57
 
This week, Downgrade attacks, bootloader fun, check your firmware before you wreck your firmware, you've got mail server issues, Ivanti is the new Rhianna, you should update your BIOS, Openwrt dominates, and attacking the security tools for fun and profit! Learn what is most interesting at hacker summer camp this year! Visit https://www.securitywee…
  continue reading
 
Artwork

1
Building Successful Security Champions Programs - Marisa Fagan - ASW #294 1:10:17

Play Pause
1:10:17
Play Pause
  Play later
  Play later
  Lists
  Liked
1:10:17
 
Even though Security Champions programs look very different across organizations and maturity levels, they share core principles for becoming successful. Marisa shares her experience in building these programs to foster a positive security culture within companies. She explains the incentives and rewards that lead to more engagement from champions …
  continue reading
 
Artwork

1
Say Easy, Do Hard - Job Search Strategies for CISOs - Part 1 - Merlin Namuth, Brad Rager - BSW #359 57:05

Play Pause
57:05
Play Pause
  Play later
  Play later
  Lists
  Liked
57:05
 
Inspired by my co-host Jason Albuquerque, this quarter's Say Easy, Do Hard segment is Job Search Strategies for CISOs. In part 1, we discuss the challenges facing the CISO role and it's hiring. As CISOs leave the role, the position is not necessarily being refilled. How will this impact future CISO hiring? Inspired by my co-host Jason Albuquerque, …
  continue reading
 
Artwork

1
Cybersecurity's Love Affair with Distractions - Fred Wilmot, Dani Woolf - ESW #370 2:18:08

Play Pause
2:18:08
Play Pause
  Play later
  Play later
  Lists
  Liked
2:18:08
 
Remember 20 years ago? When we were certain SIEMs would grant our cybersecurity teams superpowers? Or 10 years ago, when we were sure that NGAV would put an end to malware as we knew it? Or 15 years ago, when we were sure that application control would put an end to malware as we knew it? Or 18 years ago, when NAC would put an end to unauthorized n…
  continue reading
 
Artwork

1
PK Fail - John Loucaides - PSW #837 3:22:11

Play Pause
3:22:11
Play Pause
  Play later
  Play later
  Lists
  Liked
3:22:11
 
John is one of the foremost experts in UEFI and joins us to talk about PK Fail! What happens when a vendor in the supply chain accidentally loses a key? It's one of the things that keeps me up at night. Well, now my nightmare scenario has come true as a key has been leaked. Learn how and why and what you can do about it in this segment! Hacking tra…
  continue reading
 
Artwork

1
PK Fail - John Loucaides - PSW #837 3:22:11

Play Pause
3:22:11
Play Pause
  Play later
  Play later
  Lists
  Liked
3:22:11
 
John is one of the foremost experts in UEFI and joins us to talk about PK Fail! What happens when a vendor in the supply chain accidentally loses a key? It's one of the things that keeps me up at night. Well, now my nightmare scenario has come true as a key has been leaked. Learn how and why and what you can do about it in this segment! Hacking tra…
  continue reading
 
Artwork

1
A CISO's Perspective on AI, Appsec, and Changing Behaviors - ASW #293 45:18

Play Pause
45:18
Play Pause
  Play later
  Play later
  Lists
  Liked
45:18
 
Modern appsec isn't modern because security tools got shifted in one direction or another, or because teams are finding and fixing more vulns. It's modern because appsec is meeting developer needs and supporting the business. Paul Davis talks about how AI is (and isn't) changing appsec, the KPIs that reflect outcomes rather than being busy, and the…
  continue reading
 
Artwork

1
Identity Security Posture Management - Allan Alford, Dor Fledel - BSW #358 1:02:51

Play Pause
1:02:51
Play Pause
  Play later
  Play later
  Lists
  Liked
1:02:51
 
Identity, the security threat that keeps on giving. For the 17th year in a row, identity is one of the top threats identified in the Verizon DBIR. Why? Dor Fledel, Senior Director of Product Management at Okta and Co-Founder of Spera, joins Business Security Weekly to discuss the challenges of identity and how to solve them. From numerous disparate…
  continue reading
 
Artwork

1
Generative AI (as used by defenders AND attackers) will Drive SOC Evolution - Greg Notch, Edward Wu - ESW #369 1:58:49

Play Pause
1:58:49
Play Pause
  Play later
  Play later
  Lists
  Liked
1:58:49
 
The emergence of generative AI has caused us to rethink things on two fronts: how we consume threat detection data, as defenders how we need to shift our thinking and approaches to prepare for attackers' newfound GenAI capabilities But wait - is GenAI even useful for defenders or attackers? We'll dive deep into the state of AI as it pertains to sec…
  continue reading
 
Loading …

Quick Reference Guide

Top Podcasts
The Bill Simmons Podcast
PTI
First Take
Marketplace
Comedy of the Week
The Bugle
How Did This Get Made?
Doug Loves Movies
Planet Money
TED Talks Daily
NBC Nightly News with Lester Holt
The World This Hour
Daily Boost Motivation and Coaching
Radiolab
Science Friday
This American Life
Criminal
Sword and Scale
In The Dark
Player FM logo
Help/FAQ | Upgrade | Advertise
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2024 | Sitemap | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox