Security Weekly Podcast Network (Video)

Phillip will discuss his passion for offensive cybersecurity education, mentoring, and getting started in pentesting. He co-authored a book based on his conference talk "The Pentester Blueprint: Starting a Career as an Ethical Hacker." He will also talk about his community involvement with the Innocent Lives Foundation, The Pwn School Project, and Hacking is NOT a Crime. His book: https://www.wiley.com/en-us/The+Pentester+BluePrint%3A+Starting+a+Career+as+an+Ethical+Hacker-p-9781119684305 The Pwn School Project meetup: https://pwnschool.com/ INE (https://ine.com), Phillip's employer offers a free starter pass for training in four different areas of technology; Penetration Testing Student, Getting started in networking, Azure fundamentals, first steps in data science with Python: https://checkout.ine.com/starter-pass Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw685

This week, the merger between Thycotic and Centrify shakes up privileged access management. Insights into SentinelOne's IPO plans reveal emerging funding trends. Discover new security innovations for Active Directory and email protection, alongside frustration over bot-related fraud in e-commerce. YubiKey introduces passwordless support, while ongoing discussions dissect effective cybersecurity tools and the significance of continuous monitoring. A mix of serious issues and playful geography banter adds a lighthearted twist to the serious cybersecurity landscape.

LexisNexis Risk Solutions recently released its biannual Cybercrime Report covering July 2020 through December 2020, which details how the evolving threat landscape created new opportunities for cybercriminals around the world, particularly as they targeted new online users. Analysis shows that the under 25 age group is most vulnerable to fraud attacks while the oldest age group is second most vulnerable and loses the most money. The stark risk at both ends of the age spectrum emphasizes the importance for companies to protect both new-to-digital and vulnerable customers when transacting online in 2021. The report also provides a full year review which highlights how 2020 saw an overall decline in human-initiated attacks, while bot attacks accelerated. Press release: https://risk.lexisnexis.com/about-us/press-room/press-release/20200223-biannual-cybercrime-report The LexisNexis Risk Solutions Cybercrime Report: https://risk.lexisnexis.com/insights-resources/research/cybercrime-report Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw218

Many security teams have accepted their Intrusion Detection Systems (IDS) as little more than a compliance check-off. IDS reliance on bi-modal signatures is brittle, easily evaded by attackers, and often referred to as an alert canon. In this talk, we'll be discussing what is missing from traditional IDS and how to easily fill the security gaps with NG-IDS capabilities with modern network detection and response (NDR). This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw218

Assuming Nickel and Mike survived the first segment, we're asking them for practical advice in this segment on how to consider and ultimately select the right cyber insurance program for you. We're looking for the usual suspects, gotchas, and recommended actions. Suggested reading: - https://www.psafinancial.com/2020/03/covid-19-5-cybersecurity-risks-you-need-to-consider/ - https://www.psafinancial.com/2019/06/psa-insurance-financial-services-launches-turnkey-cyber-risk-management-solution-for-smbs/ - https://www.psafinancial.com/2018/04/cyber-insurance-your-backstop-in-your-cyber-incident-response/ Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw63

Nickel Lietzau and Mike Volk have heard that we are not huge fans of cyber insurance on SCW, and they have graciously agreed to subject themselves to our scrutiny. In the first segment we'll touch on common myths and misconceptions about Cyber Insurance and let Nickel and Mike set us straight. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw63

In the leadership and communications section, Financial Targets Don't Motivate Employees, Texas power outage flags need to revisit business continuity, Security job candidate background checks: What you can and can't do, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw207

What are some best practices for preparing for a security incident? David Chamberlin, Managing Director at CRA, Inc., joins Business Security Weekly to discuss preparation for a security incident and how to develop a communications plan that's simple and effective. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw207

This week on the Application Security News, Implementation pitfalls in parsing JSON, finding all forms of a flaw with CodeQL, more educational resources for hacking apps, engineering and product management practices for DevOps, & more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw141

In looking at how to do application security right we talk about understanding the difference between defining types of security testing and the goals that security testing should be aiming for. Plus, we highlight how doing security right also means shifting left in terms of addressing security issues in the design phase. And throughout all this is the importance of being able to communicate security principles and how your design and testing reduces risk. Register for the DevSecOps eSummit for which Ted will be a panelist: https://onlinexperiences.com/Launch/QReg.htm?ShowUUID=5673DA7C-B8C2-4A3E-B675-C6BBF45DC04F Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw141