Security Weekly Podcast Network (Video)

We've been working on this Python project that will use the Nmap Python library to scan the local network, enumerate select systems and devices, try to login with default or known credentials, and send a Slack message if it finds anything. The initial release is here: https://github.com/SecurityWeekly/netslackbot Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw715

The business of Security is gaining in maturity, from being an obscure corner of IT to becoming a core part of the C-Suite. How is this transformation happening and what can we learn from the similar trend that occurred in IT for the last decade? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw715

Over the last year, The Record has published several interviews between security analysts and cybercriminals. This includes representatives from REvil, BlackMatter, and Marketo. The interviews have uncovered the gangs' motivations, targets, and tactics, and have been cited by officials including White House Deputy National Security Advisor Anne Neuberger. This segment is sponsored by Devo. Visit https://securityweekly.com/devo to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw247

This Week in the Enterprise Security News: HelpSystems Acquires PhishLabs, Elastic and Optimyze, The Leading Indicators of a Great Info/Cybersecurity Program, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw247

There are tons of cybersecurity job openings for folks with 3-5 years of experience, but where are the junior roles? How are people getting their initial 3-5 years in? Josh and the ESW hosts discuss the finer points and challenges of breaking into InfoSec via the analyst path. - As mentors: where do we struggle with our mentees? - There are a million certs and degree programs - which are worth the time and money? - How can folks learn and hone cybersecurity skills prior to getting a job in InfoSec? We've even included a handy cheat sheet full of recommendations and resources: https://securityweekly.com/wp-content/uploads/2021/10/Starting-a-Cybersecurity-Career-Cheat-Sheet.pdf This segment is sponsored by Devo. Visit https://securityweekly.com/devo to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw247

We're getting closer to the Q1 2022 release of PCI DSS 4.0, which is expected to differ from the current PCI DSS 3.2.1 version in a few key ways. This includes giving organizations more options in how they become compliant, along with customized implementation. In this podcast, Chris Pin, VP of Privacy and Compliance at PKWARE, will discuss what customized implementation means for organizations, additional changes to 4.0, and why they're important. And, while PCI 3.2.1 won't be retired until 2024, it's a good idea for companies to get started now with their 4.0 compliance strategy. After all, the road to compliance could be a long one, and 2025 will be here before we know it! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw91

We're getting closer to the Q1 2022 release of PCI DSS 4.0, which is expected to differ from the current PCI DSS 3.2.1 version in a few key ways. This includes giving organizations more options in how they become compliant, along with customized implementation. In this podcast, Chris Pin, VP of Privacy and Compliance at PKWARE, will discuss what customized implementation means for organizations, additional changes to 4.0, and why they're important. And, while PCI 3.2.1 won't be retired until 2024, it's a good idea for companies to get started now with their 4.0 compliance strategy. After all, the road to compliance could be a long one, and 2025 will be here before we know it! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw91

Zero Trust has quickly become a cybersecurity mandate and also the most abused term in the industry. The core tenants of Zero Trust are rooted in the ability to deliver secure access, which is arguably the foundation and fundamentals of any Zero Trust architecture. Hence the rise of Zero Trust Network Access and demise of legacy access solutions like VPNs. In this episode, we discuss the role of Zero Trust Network Access in strengthening and simplifying access controls for today's hybrid workforce as they connect from anywhere to multi-cloud, on-premises and even legacy applications. This includes how to reduce the attack surface due to digital sprawl and even reduce complexity for improved user-experience and operational efficiency. This segment is sponsored by Appgate. Visit https://securityweekly.com/appgate to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw236

The Security Weekly 25 Index hits an all-time high for the third straight quarter! In this segment, Matt, Jason, and Ben break down the cybersecurity market winners and losers, in both the public and private markets! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw236

This Week in the AppSec News: View source good / vuln bad, IoT bad / rick-roll good, analyzing the iOS 15.0.2 patch to develop an exploit, bypassing reviews with GitHub Actions, & more NIST DevSecOps guidance! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw170