Security Weekly Podcast Network (Video)

John Alfred is a retired Police Officer that directed a Computer Crimes unit for years. This segment will discuss how that unit got developed, what kinds of skills might be useful to develop in your own units, and what sorts of mistakes are often made trying to operate computer crimes units! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw737

In the leadership and communications section, 10 Signs of a Good Security Leader, Toxic Leadership: The Four Horsemen of the Apocalypse, Know Them, 3 Ways to Take Control of Your Cyber Security Career in 2022, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw259

With an ever expanding perimeter, how do organizations address the challenges of hybrid cloud? New threats, increased complexity, and continued fragmentation of security responsibilities makes it harder than ever. Tim Woods, VP Technology Alliances at Firemon, joins BSW to discuss how centralized policy management can provide the visibility, enforcement, and compliance of policies across hybrid cloud environments. This segment is sponsored by FireMon. Visit https://securityweekly.com/firemon to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw259

OAuth tokens compromised, five flaws in a medical robot, lessons from ASN.1 parsing, XSS and bad UX, proactive security & engineering culture at Chime Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw193

We can create top 10 lists and we can count vulns that we find with scanners and pen tests, but those aren't effective metrics for understanding and improving an appsec program. So, what should we focus on? How do we avoid the trap of focusing on the metrics that are easy to gather and shift to metrics that have clear ways that teams can influence them? Segment resources - https://www.philvenables.com/post/10-fundamental-but-really-hard-security-metrics - https://cloud.google.com/blog/products/devops-sre/using-the-four-keys-to-measure-your-devops-performance Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw193

This week in the Enterprise News: Datto to be Acquired by Kaseya for $6.2 Billion, with Funding Led by Insight Partners, Perforce Software Puppet, Synopsys acquires Juniper Networks, Managed detection and response startup Critical Start lands $215M in funding, Thinking About the Future of InfoSec, DuckDuckGo launches Mac app in beta, How I automated my presence in video calls for a week (and nobody knew), Why Do So Many Cybersecurity Products Suck? Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw269

This week in the Security News: Hackers have found a clever new way to steal your Microsoft 365 credentials, Former Ethereum Developer Virgil Griffith Sentenced to 5+ Years in Prison for North Korea Trip, An update to Raspberry Pi OS Bullseye, Bearded Barbie hackers catfish high ranking Israeli officials, & Nginxday! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw736

Security professionals face a variety of challenges on a daily basis. The cybersecurity talent shortage and the so-called Great Resignation can lead to gaps in security, an increase in insider threats and overworked employees, not to mention external threats like hacking and ransomware. Digital forensics can help alleviate these challenges with solutions that collect evidence properly, automate workflows, function in Zero Trust environments and detect and mitigate insider threats. Segment Resources: FTK Over the Air podcast: https://www.exterro.com/ftk-over-the-air-podcast FTK Feature Focus weekly videos: https://youtube.com/playlist?list=PLjlGL4cu_NaM0e7h1RCTJwNnZb-dyUf3B This segment is sponsored by Exterro. Visit https://securityweekly.com/exterro to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw269

With cybersecurity attacks continually on the rise, security teams are under more pressure than ever. It's imperative to use your pen testing resources wisely, leveraging automation capabilities where it makes sense to save time and help conduct more impactful engagements. During this interview, Bob Erdman will discuss how to find the right balance between the reliability and efficiency of pen testing automation with the astuteness and logic of human intervention. Segment Resources: The Truth About Pen Testing Automation - https://www.coresecurity.com/blog/the-truth-abouth-pen-testing-automation Core Impact Rapid Pen Tests - https://www.coresecurity.com/products/core-impact/rapid-pen-tests This segment is sponsored by Core Security, A Help Systems Company. Visit https://securityweekly.com/coresecurity to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw269

Amanda Berlin joins us to discuss what she's been up to since her last appearance on the show. It's only been a couple of years, but a lot has changed in that time. Tune in to hear about what changes the pandemic brought to the vision and operations of Mental Health Hackers, and how they pivoted to a virtual environment during this time. The crew talks about their experience going from traveling to 15-20+ conferences a year, down to hardly any conferences during Covid, and what their future plans are now that in-person events are coming back around. Amanda fills us in on her current role at Blumira, other business ventures, and where you can find her speaking/running a village in the near future! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw736