Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Player FM - Internet Radio Done Right
156 subscribers
Checked 1d ago
Added ten years ago
Content provided by Security Weekly Productions and Security Weekly. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions and Security Weekly or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to Security Weekly Podcast Network (Video)
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Daily Deals
Penetration Tests: useful, pointless, harmful, required, ineffective? - Phillip Wylie - ESW #398
Manage episode 471749892 series 72776
Content provided by Security Weekly Productions and Security Weekly. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions and Security Weekly or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Penetration tests are probably the most common and recognized cybersecurity consulting services. Nearly every business above a certain size has had at least one pentest by an external firm.
Here's the thing, though - the average ransomware attack looks an awful lot like the bog standard pentest we've all been purchasing or delivering for years. Yet thousands of orgs every year fall victim to these attacks. What's going on here? Why are we so bad at stopping the very thing we've been training against for so long?
This Interview with Phillip Wylie will provide some insight into this! Spoiler: a lot of the issues we had 10, even 15 years ago remain today.
Segment resources:
- Phillip's talk, Optimal Offensive Security Programs from Dia de los Hackers last fall
Show Notes: https://securityweekly.com/esw-398
4468 episodes
ShareManage episode 471749892 series 72776
Content provided by Security Weekly Productions and Security Weekly. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions and Security Weekly or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Penetration tests are probably the most common and recognized cybersecurity consulting services. Nearly every business above a certain size has had at least one pentest by an external firm.
Here's the thing, though - the average ransomware attack looks an awful lot like the bog standard pentest we've all been purchasing or delivering for years. Yet thousands of orgs every year fall victim to these attacks. What's going on here? Why are we so bad at stopping the very thing we've been training against for so long?
This Interview with Phillip Wylie will provide some insight into this! Spoiler: a lot of the issues we had 10, even 15 years ago remain today.
Segment resources:
- Phillip's talk, Optimal Offensive Security Programs from Dia de los Hackers last fall
Show Notes: https://securityweekly.com/esw-398
4468 episodes
All episodes
×
1 Orange Drop Caps, apps, Veeam, jobs, Heathrow, vpentest, Aaran Leyland, and More... - SWN #461 33:05
33:05 
Play Later 
Play Later 
Lists 
Like 
Liked33:05
Play Later Play Later Lists Like LikedOrange Drop Caps, apps, Veeam, jobs, Heathrow, vpentest, Aaran Leyland, and More are on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-461
This week: Compliance, localization, blah blah, the Greatest Cybersecurity Myth Ever Told, trolling Microsoft with a video, Github actions give birth to a supply chain attack, prioritizing security research, I'm tired of 0-Days that are not 0-Days, sticking your head in the sand and believing everything is fine, I'm excited about AI crawlers, but some are not, Room 641A, a real ESP32 vulnerability, do we need a CVE for every default credential?, smart Flipper Zero add-ons, one more reason why people fear firmware updates, no more Windows 10, you should use Linux, and I have a Linux terminal in my pocket, now what? Show Notes: https://securityweekly.com/psw-866…
1 Smart Cybersecurity Spending, as CISOs Architect Resilience and Grade Themselves - BSW #387 28:21
28:21 Play Later Play Later Lists Like Liked28:21
Play Later Play Later Lists Like LikedIn the leadership and communications segment, Smart cybersecurity spending and how CISOs can invest where it matters, Grading CISOs: Effective Metrics and Personal Growth Strategies, The Pandemic Proved that Remote Leadership Works, and more! Show Notes: https://securityweekly.com/bsw-387
1 Breaking Down Human-Element Breaches To Improve Cybersecurity - Jinan Budge - BSW #387 37:52
37:52 Play Later Play Later Lists Like Liked37:52
Play Later Play Later Lists Like LikedOrganizations continue to suffer from security breaches, too many of which contain a human element. But there’s no consistent definition of the risk posed by human-related breaches, and recommendations are often limited to security awareness and training (SA&T). Understanding the depth and breadth of human-related breaches is critical to implementing adequate security controls within organizations. Jinan Budge, Research Director at Forrester, joins Business Security Weekly to discuss their Best Practice Report on Deconstructing Human-Element Breaches. Jinan will cover the breadth of human-related breaches, including: Social Engineering Human Error Loss/Theft of Physical Assets Social Media Compromise Insider Risk Deep Fake Scams Gen AI Misuse Narrative Attacks and why Security and Awareness Training is not the sole answer to solving human-related breaches. Join us, this discuss may get a little dicey. Segment Resources: https://www.forrester.com/blogs/breaking-down-human-element-breaches-to-improve-cybersecurity/ Show Notes: https://securityweekly.com/bsw-387…
1 Angry Iguana, Squid Bot, Bruted, 0Auth, Dragon Medical, Clippy 2.0, CISA, Josh Marpet - SWN #460 35:05
35:05 Play Later Play Later Lists Like Liked35:05
Play Later Play Later Lists Like LikedAngry Iguana, Squid Bot 9000, Bruted, 0Auth, Dragon Medical One, Clippy 2.0, CISA, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-460
1 Redlining the Smart Contract Top 10 - Shashank . - ASW #322 53:01
53:01 Play Later Play Later Lists Like Liked53:01
Play Later Play Later Lists Like LikedThe crypto world is rife with smart contracts that have been outsmarted by attackers, with consequences in the millions of dollars (and more!). Shashank shares his research into scanning contracts for flaws, how the classes of contract flaws have changed in the last few years, and how optimistic we can be about the future of this space. Segment Resources: https://scs.owasp.org https://scs.owasp.org/sctop10/ https://solidityscan.com/web3hackhub https://www.web3isgoinggreat.com Show Notes: https://securityweekly.com/asw-322…
1 Security doesn't trust AI, but startups are using it to write 95% of their code - ESW #398 36:09
36:09 Play Later Play Later Lists Like Liked36:09
Play Later Play Later Lists Like LikedIn this week's enterprise security news, Knostic raises funding The real barriers to AI adoption for security folks What AI is really getting used for in the wild Early stage startup code bases are almost entirely AI generated Hacking your employer never seems to go well should the CISO be the chief resiliency officer? proof we still need more women in tech All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-398…
1 Your Cloud is a Mess, and We Explore 5 Reasons Why - Marina Segal - ESW #398 32:16
32:16 Play Later Play Later Lists Like Liked32:16
Play Later Play Later Lists Like LikedIt takes months to get approvals and remediate cloud issues. It can take months to fix even critical vulnerabilities! How could this be? I thought the cloud was the birthplace of agile/DevOps, and everything speedy and scalable in IT? How could cloud security be struggling so much? In this interview we chat with Marina Segal, the founder and CEO of Tamnoon - a company she founded specifically to address these problems. Segment Resources: Gartner prediction: By 2025, 75% of new CSPM purchases will be part of an integrated CNAPP offering. This highlights the growing importance of CNAPP solutions. https://www.wiz.io/academy/cnapp-vs-cspm Cloud security skills gap: Even well-intentioned teams may inadvertently leave their systems vulnerable due to the cybersecurity skills shortage. https://eviden.com/publications/digital-security-magazine/cybersecurity-predictions-2025/top-cloud-security-trends/ CNAPP market growth: The CNAPP market is expected to grow from $10.74 billion in 2025 to $59.88 billion by 2034, indicating a significant increase in demand for these solutions. https://eviden.com/publications/digital-security-magazine/cybersecurity-predictions-2025/top-cloud-security-trends/ Challenges in Kubernetes security: CSPMs and CNAPPs may have gaps in addressing Kubernetes-specific security issues, which could be relevant to the skills gap discussion. https://www.armosec.io/blog/kubernetes-security-gap-cspm-cnapp/ Addressing the skills gap: Investing in training to bridge the cybersecurity skills gap and leveraging CNAPP platforms that combine advanced tools are recommended strategies. https://www.fortinet.com/blog/business-and-technology/navigating-todays-cloud-security-challenges Tamnoon's State of Remediation 2025 report Show Notes: https://securityweekly.com/esw-398…
1 Penetration Tests: useful, pointless, harmful, required, ineffective? - Phillip Wylie - ESW #398 32:12
32:12 Play Later Play Later Lists Like Liked32:12
Play Later Play Later Lists Like LikedPenetration tests are probably the most common and recognized cybersecurity consulting services. Nearly every business above a certain size has had at least one pentest by an external firm. Here's the thing, though - the average ransomware attack looks an awful lot like the bog standard pentest we've all been purchasing or delivering for years. Yet thousands of orgs every year fall victim to these attacks. What's going on here? Why are we so bad at stopping the very thing we've been training against for so long? This Interview with Phillip Wylie will provide some insight into this! Spoiler: a lot of the issues we had 10, even 15 years ago remain today. Segment resources: Phillip's talk, Optimal Offensive Security Programs from Dia de los Hackers last fall Show Notes: https://securityweekly.com/esw-398…
1 AI Bad, PHP, RDP, SuperBlack, VT, Deepseek, MassJacker, Roblox, Aaran Leyland... - SWN #459 29:09
29:09 Play Later Play Later Lists Like Liked29:09
Play Later Play Later Lists Like LikedAI Bad, PHP, Remote Desktop, SuperBlack, Deepseek, Volt Typhoon, MassJacker, Roblox, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-459
1 AI Is Oversharing and Leaking Data - Sounil Yu - PSW #865 2:07:50
2:07:50 Play Later Play Later Lists Like Liked2:07:50
Play Later Play Later Lists Like LikedSounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user’s need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic’s solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools. In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"! Segment Resources: * https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage * https://www.knostic.ai/what-we-do Show Notes: https://securityweekly.com/psw-865…
1 CISO vs. CIO, as CISOs Are Opting for Consulting Gigs and Cyber Pros Look for Change - BSW #386 24:42
24:42 Play Later Play Later Lists Like Liked24:42
Play Later Play Later Lists Like LikedIn the leadership and communications segment, CISO vs. CIO: Where security and IT leadership clash (and how to fix it), The CISO's bookshelf: 10 must-reads for security leaders, The CISO's bookshelf: 10 must-reads for security leaders, and more! Show Notes: https://securityweekly.com/bsw-386
1 The Counterfeit Problem: How Blockchain Is Revolutionizing Brand Protection - Noam Krasniansky - BSW #386 38:08
38:08 Play Later Play Later Lists Like Liked38:08
Play Later Play Later Lists Like LikedNoam Krasniansky, the visionary founder of Komposite Blockchain, joins Business Security Weekly to explore Web3's transformative potential. Noam delves into the basics of blockchain technology, Bitcoin and the meteoric rise of Ethereum, and the critical role of decentralized systems in safeguarding brands against counterfeiting—a global issue costing companies $1.7 Trillions annually. The conversation will shed light on blockchain can be designed to enhance transactional efficiency and security. Noam highlights how verification technologies are key to combating counterfeiting, protecting intellectual property, and fostering trust in an increasingly digital economy. He also provides practical insights into how businesses and individuals can embrace blockchain innovations, redefining digital ownership, the making of new wealth, and empowering communities. In today’s dynamic markets, innovation is essential to maintaining a competitive edge. As Web3 technologies rapidly advance, businesses must adapt or risk falling behind. Understanding the foundational principles of blockchain is no longer optional—it’s a necessity. Segment Resources: 1) https://finance.yahoo.com/news/komposite-blockchain-launches-whitepaper-bridge-163600646.html 2) https://www.youtube.com/watch?v=OOokN0XwpWE 3) https://rumble.com/v66x6ly-interview-komposite-a-fix-for-blockchain-limitations.html Show Notes: https://securityweekly.com/bsw-386…
1 Brains, kill switch, parking fees, CobaltStrike, Minja, Allstate, GitHub, Josh Marpet - SWN #458 33:08
33:08 Play Later Play Later Lists Like Liked33:08
Play Later Play Later Lists Like LikedBrains, kill switch, unpaid parking, Cobalt Strike, Minja, Allstate, GitHub, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-458
1 Skype Hangs Up, Android Backdoors, Jailbreak Research, Pretend AirTags, Wallbleed - ASW #321 33:17
33:17 Play Later Play Later Lists Like Liked33:17
Play Later Play Later Lists Like LikedSkype hangs up for good, over a million cheap Android devices may be backdoored, parallels between jailbreak research and XSS, impersonating AirTags, network reconnaissance via a memory disclosure vuln in the GFW, and more! Show Notes: https://securityweekly.com/asw-321
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Daily Deals
Similar to Security Weekly Podcast Network (Video)
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
