Best Ripple The One Stone Podcast Podcasts (2024)

1
Let’s Get Real About Where AI can Help SecOps & AI, Automation & Low-Code - Mike Lyborg, Brandon Potter - ESW #373 32:22

1h ago32:22

32:22

Swimlane and GenAI Join Swimlane CISO, Mike Lyborg and Security Weekly’s Mandy Logan as they cut through the AI peanut butter! While Generative AI is the not-so-new hot topic, it's also not the first time the cybersecurity industry has embraced emerging technology that can mimic human actions. Security automation and its ability to take action on b…

1
Faking your own death, Fake Reviews, Solar Winds, Recall, Winux, Kubernetes, and More - SWN #409 31:03

3h ago31:03

31:03

Faking your death, Fake Reviews, Solar Winds, AWS, Recall, Winux, Kubernetes, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-409

1
Faking your own death, Fake Reviews, Solar Winds, Recall, Winux, Kubernetes, and More - SWN #409 31:12

1h ago31:12

31:12

Faking your death, Fake Reviews, Solar Winds, AWS, Recall, Winux, Kubernetes, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-409

1
The end of the road for some cyber startups & making detection actually work! - ESW #373 1:17:53

3h ago1:17:53

1:17:53

This week, in the enterprise security news, A funding that looks like an acquisition And two for-sure acquisitions Rumors that there are funding problems for early stage cyber startups, and we’ll see a lot more acquisitions before the end of the year Speaking of rumors, Crowdstrike did NOT like last week’s Action1 acquisition rumor! Shortening dete…

1
The end of the road for some cyber startups & making detection actually work! - Vivek Bhandari, Vivek Ramachandran, Mike Lyborg, Brandon Potter - ESW #373 2:26:35

32m ago2:26:35

2:26:35

This week, in the enterprise security news, A funding that looks like an acquisition And two for-sure acquisitions Rumors that there are funding problems for early stage cyber startups, and we’ll see a lot more acquisitions before the end of the year Speaking of rumors, Crowdstrike did NOT like last week’s Action1 acquisition rumor! Shortening dete…

1
Vulnerabilities, Vulnerabilities Everywhere - PSW #840 1:56:39

1h ago1:56:39

1:56:39

This week: YAVD: Yet Another Vulnerable Driver, why bring your own when one already exists, backdoors in MIFARE Classic, wireless hacking tips, AMD sinkclose vulnerability will keep running, you down with SLDP yea you know me, Phrack!, IoTGoats, Pixel vulnerabilities, leaking variables, a DEF CON talk that was not cancelled, Telnet is still a thing…

1
How do we patch the right things? - Josh Bressers - PSW #840 2:58:57

8m ago2:58:57

2:58:57

Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such as: Mitre Att&ck - Don't get me wrong, this is a great project and Ada…

1
How do we patch the right things? - PSW #840 1:02:37

3h ago1:02:37

1:02:37

Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such as: Mitre Att&ck - Don't get me wrong, this is a great project and Ada…

1
Secure Web Gateways Have Failed Us & Using AI to Prevent the Next CrowdStrike Outage - Vivek Ramachandran, Vivek Bhandari - ESW #373 36:38

1d ago36:38

36:38

SquareX With employees spending most of their working hours on the browser, web attacks are one of the biggest attack vectors today. Yet, both enterprises and security vendors today aren’t focused on securing the browser – a huge risk given that attackers can easily bypass Secure Web Gateways, SASE and SSE solutions. This segment will demonstrate t…

1
Navigating the Path to Maturity & AI is helping combat cyber threats - Shimon Modi, Boaz Barzel - ASW #296 39:21

21m ago39:21

39:21

As development cycles shorten and more responsibilities shift to developers, application security (AppSec) is rapidly evolving. Organizations are increasingly building mature programs that automate and enhance AppSec, moving beyond manual processes. In this discussion, we explore how organizations are adapting their AppSec practices, highlighting t…

1
Dangerous books, Microsoft plus, NPD, Solar Winds, Jenkins, and more... - SWN #408 27:57

3d ago27:57

27:57

Dangerous books, Microsoft Plus, NPD, Solar Winds, Jenkins, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-408

1
The Fallout and Lessons Learned from the CrowdStrike Fiasco - Allie Mellen, Jeff Pollard - ASW #296 42:38

2h ago42:38

42:38

This week, Jeff Pollard and Allie Mellen join us to discuss the fallout and lessons learned from the CrowdStrike fiasco. They explore the reasons behind running in the kernel, the challenges of software quality, and the distinction between a security incident and an IT incident. They also touch on the need to reduce the attack surface and the impor…

1
The Fallout and Lessons Learned from the CrowdStrike Fiasco - Shimon Modi, Jeff Pollard, Allie Mellen, Boaz Barzel - ASW #296 1:21:54

9m ago1:21:54

1:21:54

This week, Jeff Pollard and Allie Mellen join us to discuss the fallout and lessons learned from the CrowdStrike fiasco. They explore the reasons behind running in the kernel, the challenges of software quality, and the distinction between a security incident and an IT incident. They also touch on the need to reduce the attack surface and the impor…

1
Dangerous books, Microsoft plus, NPD, Solar Winds, Jenkins, and more... - SWN #408 27:57

4h ago27:57

27:57

Dangerous books, Microsoft Plus, NPD, Solar Winds, Jenkins, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-408

1
Navigating Innovation and Risk & Any Browser Can Be A Secure Enterprise Browser - Theresa Lanowitz, Andrew Harding - BSW #361 33:23

7h ago33:23

33:23

While CISOs are often responsible for technology implementation, they are not getting the support they need at a strategic level. The Accelerator found that 73% of CISOs expressed concern over cybersecurity becoming unwieldy, requiring risk-laden tradeoffs, compared to only 58% of both CIOs and CTOs. Understanding the C-suite’s business priorities …

1
Why Cyber Resilience Matters - Andrew Harding, Theresa Lanowitz - BSW #361 1:03:24

8m ago1:03:24

1:03:24

What are the barriers to cyber resilience today? Why is it so difficult? And what is coming next, that will generate resilience challenges further down the line? After five years of focusing on the short- and medium-term future of cybersecurity and edge, this year, LevelBlue wanted to understand what is preventing cyber resilience—and what business…

1
Why Cyber Resilience Matters - Theresa Lanowitz - BSW #361 30:05

1d ago30:05

30:05

What are the barriers to cyber resilience today? Why is it so difficult? And what is coming next, that will generate resilience challenges further down the line? After five years of focusing on the short- and medium-term future of cybersecurity and edge, this year, LevelBlue wanted to understand what is preventing cyber resilience—and what business…

1
Operational Resilience in Healthcare & Zscaler Uncovers Record-Breaking Ransom - Marty Momdjian, Brett Stone-Gross - ESW #372 32:10

8h ago32:10

32:10

Many cybersecurity experts are calling recent attacks on healthcare more sophisticated than ever. One attack disrupted prescription drug orders for over a third of the U.S. and has cost $1.5 billion in incident response and recovery services. Separately, an operator of over 140 hospitals and senior care facilities in the U.S. was also victimized. T…

1
Devo Launches New Capabilities & Revolutionizing Cyber Resilience - Rakesh Nair, Rekha Shenoy - ESW #372 31:43

6d ago31:43

31:43

Devo, the security analytics company, recently launched data orchestration, a data analytics cloud, and security operations center (SOC) workflow enhancements. Enterprise security teams are struggling with growing data volumes—and they’re also up against headcount and budget constraints. These solutions offer security teams data control, cost optim…

1
Quantum AI Drones, Ransomhub, Pixel, Mad Liberator, the return of Russ Beauchemin... - SWN #407 40:01

4d ago40:01

40:01

Quantum AI Drones, Ransomhub, Pixel, Mad Liberator, the return of Russ Beauchemin, and More on the Security Weekly News Show Notes: https://securityweekly.com/swn-407

1
Quantum AI Drones, Ransomhub, Pixel, Mad Liberator, the return of Russ Beauchemin... - SWN #407 40:01

12m ago40:01

40:01

Quantum AI Drones, Ransomhub, Pixel, Mad Liberator, the return of Russ Beauchemin, and More on the Security Weekly News Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-407

1
Highlights from BlackHat/DefCon, Vulnerabilities, and Cyber Marketing Challenges - ESW #372 1:05:47

4d ago1:05:47

1:05:47

In this conversation, the hosts discuss patchless patching, vulnerabilities in the Windows TCP/IP stack, and the trustworthiness of Microsoft. They highlight the challenges of marketing in the cybersecurity industry and the importance of building trust with customers. The conversation also touches on the need for vendors to prioritize security and …

1
Cybersecurity Myths - Eugene Spafford - PSW #839 3:08:31

23h ago3:08:31

3:08:31

Early on in his career Spaf was working with microcode and continued to work on technical projects. As time went on he realized that focusing on the non-technical work, such as policies and shaping our thinking, would help move the needle. Borrowing concepts from his book on the subject, we will delve into some cybersecurity myths such as: Are user…

1
LPE FTW - PSW #839 2:02:20

15h ago2:02:20

2:02:20

This week: Option ROMS are a novel way to compromise a system at the lowest level, Sinkclose opens AMD processors up to attacks, at home in your firmware exploiting SMM complete with examples, Sonos speakers get hacked and enable attackers to listen in on your conversations, DEF CON badges use new chips and are not without controversy, lasers that …

1
Highlights from BlackHat/DefCon, Vulnerabilities, and Cyber Marketing Challenges - Brett Stone-Gross, Rakesh Nair, Rekha Shenoy, Marty Momdjian - ESW #372 2:08:47

4d ago2:08:47

2:08:47

In this conversation, the hosts discuss patchless patching, vulnerabilities in the Windows TCP/IP stack, and the trustworthiness of Microsoft. They highlight the challenges of marketing in the cybersecurity industry and the importance of building trust with customers. The conversation also touches on the need for vendors to prioritize security and …

1
Cybersecurity Myths - Eugene Spafford - PSW #839 1:06:28

21h ago1:06:28

1:06:28

Early on in his career Spaf was working with microcode and continued to work on technical projects. As time went on he realized that focusing on the non-technical work, such as policies and shaping our thinking, would help move the needle. Borrowing concepts from his book on the subject, we will delve into some cybersecurity myths such as: Are user…

1
Reducing Supply Chain Risk & What’s lurking in your phone? - Danny Jenkins, Nikos Kiourtis - ASW #295 34:30

6h ago34:30

34:30

In complex software ecosystems, individual application risks are compounded. When it comes to mitigating supply chain risk, identifying backdoors or unintended vulnerabilities that can be exploited in your environment is just as critical as staying current with the latest hacking intel. Understand how to spot and reduce the risk to your environment…

1
When Appsec Needs to Start Small - Kalyani Pawar, Danny Jenkins, Nikos Kiourtis - ASW #295 1:08:53

9m ago1:08:53

1:08:53

Startups and small orgs don't have the luxury of massive budgets and large teams. How do you choose an appsec approach that complements a startup's needs while keeping it secure. Kalyani Pawar shares her experience at different ends of an appsec maturity spectrum. In complex software ecosystems, individual application risks are compounded. When it …

1
DEFCON Hijinx, AMD, Ukraine, FreeBSD, OpenVPN, the Pwnie Awards, Josh Marpet... - SWN #406 29:13

10h ago29:13

29:13

DEFCON Hijinx, AMD, Ukraine, FreeBSD, OpenVPN, the Pwnie Awards, Josh Marpet, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-406

1
DEFCON Hijinx, AMD, Ukraine, FreeBSD, OpenVPN, the Pwnie Awards, Josh Marpet... - SWN #406 29:13

7d ago29:13

29:13

DEFCON Hijinx, AMD, Ukraine, FreeBSD, OpenVPN, the Pwnie Awards, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-406

1
When Appsec Needs to Start Small - Kalyani Pawar - ASW #295 34:22

8d ago34:22

34:22

Startups and small orgs don't have the luxury of massive budgets and large teams. How do you choose an appsec approach that complements a startup's needs while keeping it secure. Kalyani Pawar shares her experience at different ends of an appsec maturity spectrum. Show Notes: https://securityweekly.com/asw-295…

Podcasts Worth a Listen

Ripple The One Stone Podcast

Podcasts Worth a Listen

Quick Reference Guide