Security Weekly Podcast Network (Video)

Chris will discuss the relevance of intelligence and threat hunting today and how they work together. He will also talk about his EASY framework for creating impactful intelligence and its relation to hunting! Show Notes: https://securityweekly.com/esw243 Visit https://www.securityweekly.com/esw for all the latest episodes!

A common ratio between Appsec and development teams is 1:100 (1 Security Engineer for every 100 developers). Scaling Appsec teams, especially when it comes to security testing, becomes challenging. We would like to have a discussion around this topic, highlighting things that are definitely part of the solution. Show Notes: https://securityweekly.com/esw243 This segment is sponsored by Probely. Visit https://securityweekly.com/probelyto learn more about them! Visit https://www.securityweekly.com/eswfor all the latest episodes!

"Hacktivism" is a controversial term with several meanings. The word was coined to characterize electronic direct action as working toward social change by combining programming skills with critical thinking. But just as hack can sometimes mean cyber crime, hacktivism can be used to mean activism that is malicious, destructive, and undermining the security of the Internet as a technical, economic, and political platform. Show Notes: https://securityweekly.com/scw87 Visit https://www.securityweekly.com/scw for all the latest episodes!

"Hacktivism" is a controversial term with several meanings. The word was coined to characterize electronic direct action as working toward social change by combining programming skills with critical thinking. But just as hack can sometimes mean cyber crime, hacktivism can be used to mean activism that is malicious, destructive, and undermining the security of the Internet as a technical, economic, and political platform. Show Notes: https://securityweekly.com/scw87 Visit https://www.securityweekly.com/scw for all the latest episodes!

This Week, in the Leadership and Communications section: Boards rethink incident response playbook as ransomware surges, How CISOs and CIOs should share cybersecurity ownership, How CISOs are Building a Modern Cybersecurity Partnership, & more! Show Notes: https://securityweekly.com/bsw232 Visit https://www.securityweekly.com/bswfor all the latest episodes!

It's no surprise that Zero Trust initiatives are increasing in importance in both the public and private sectors. New cybersecurity mandates and a boom in remote work due to COVID-19 are just two of the most common factors driving this demand. While the need for adopting Zero Trust is evident, the path to success is not. In this episode, we discuss important considerations for planning, implementing, operating, and securing a Zero Trust deployment––more rapidly and with lower risk. This includes the vital role end-to-end visibility and frictionless collaboration between IT ops teams play across Zero Trust rollout phases. Show Notes: https://securityweekly.com/bsw232 Segment Resources: Learn more about implementing Zero Trust: https://www.extrahop.com/solutions/security/zero-trust/?uniqueid=CC07532818&utm_source=security-weekly&utm_medium=podcast&utm_campaign=2021-q3-zero-trust-backlink&utm_content=webpage&utm_term=no-term&utm_region=global&utm_product=security&utm_funnelstage=top&utm_version=no-version This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahopto learn more about them! Visit https://www.securityweekly.com/bswfor all the latest episodes!

This week in the AppSec News, Mike and John talk: RCE in Azure OMI, punching a hole in iMessage BlastDoor, Travis CI exposes sensitive environment variables, keeping code ownership accurate, deploying security as a product, IoT Device Criteria (aka nutrition labels), & more! Show Notes: https://securityweekly.com/asw166 Visit https://www.securityweekly.com/aswfor all the latest episodes!

Modern software development demands a different approach to application security. Contrast's developer-first Application Security Platform empowers developers to accelerate the release of secure code with highly accurate results that include context-aware, how-to-fix vulnerability remediation guidance. Show Notes: https://securityweekly.com/asw166 Segment Resources: 2021 Application Security Observability Report: https://view-su2.highspot.com/viewer/612ff3a8c6485f4687834782 White Paper: Pipeline-native Scanning for Modern Application Development https://view-su2.highspot.com/viewer/612ff3e4cc0bb2392d968b25 DevSecOps Requires a Platform Approach to Application Security https://view-su2.highspot.com/viewer/612ff42ecb2d1b6cd60f3f65 This segment is sponsored by Contrast Security. Visit https://securityweekly.com/contrast to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes!

This week in the Security News: Anonymous hacks Epik (with a K), Fuzzing Close-Source Javascript Engines, ForcedEntry, 8 Websites that can replace computer software, REvil decryptor key released, Microsoft fixes Critical vulnerability in Linux App, Drone accidentally delivers drug paraphernalia to high schoolers, & more! Show Notes: https://securityweekly.com/psw710 Visit https://www.securityweekly.com/psw for all the latest episodes!

Brakeman is a free static analysis security tool specifically designed for Ruby on Rails applications. It analyzes Rails application code to find security issues at any stage of development. Justin first released Brakeman in 2010. In 2018, the commercial version, "Brakeman Pro", was acquired by Synopsys. Brakeman continues to be a very popular security tool for Rails, with tens of thousands of downloads per day. Show Notes: https://securityweekly.com/psw710 https://github.com/presidentbeef/brakeman Visit https://www.securityweekly.com/psw for all the latest episodes!