Security Weekly Podcast Network (Video)

An introduction to CyberGRX and how to get companies working together safely and efficiently. Topics: - Third-party risk management and importance for your organization - The nature of bilateral relationships between vendors and enterprises - The evolution of PCI assessments This segment is sponsored by CyberGRX. Visit https://securityweekly.com/cybergrx to learn more about them! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/scw49

In the leadership and communications section, Cybersecurity, a risk to all board of directors , Is The Cybersecurity Industry Selling Lemons? Apparently Lots Of Important CISOs Think it Is, 4 critical strategies for tech leaders in Gartner's CIO agenda, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw193

Silo is a cloud-based web isolation platform that separates the things you care about from the things you cannot trust. In this segment, former CIA cyber security officer Matt Ashburn will demonstrate how Silo protects organizations from malicious web-based content, from ransomware to advanced persistent threats. We'll also see how Silo enables incident response and SOC analysts through security, managed attribution and unified insight into user behavior. This segment is sponsored by Authentic8. Visit https://securityweekly.com/authentic8 to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw193

NSA publishes list of top vulnerabilities currently targeted by Chinese hackers, Nvidia Warns Gamers of Severe GeForce Experience Flaws, Addressing cybersecurity risk in industrial IoT and OT, Firefox 'Site Isolation' feature enters user testing, expected next year, Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser, and Exit Stage Left: Eradicating Security Theater! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw127

With the increased development velocity in cloud environments, cyber resilience is now more important than ever. To achieve cyber resiliency, security needs to be codified through the development life-cycle and security controls need to be implemented through self-healing infrastructure. This segment is sponsored by Accurics. Visit https://securityweekly.com/accurics to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw127

In the Security News, Testing firm NSS Labs closes up shop, stringing vulnerabilities together to pwn the Discord desktop app, a Wordpress plugin aimed at protecting Wordpress does the opposite, the FDA approves the use of a new tool for medical device vulnerability scoring, 8 new hot, steamy, moist cybersecurity certifications, and 5 things you can do to secure your home office without hiring an expert! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw671

In 2020 attackers are increasingly targeting firmware and hardware - going below the operating system to hide from traditional security solutions and gain persistence. Both nation state actors and criminals are exploiting vulnerable, exposed firmware on network and VPN devices, and recently a new UEFI rootkit dubbed #MosaicRegressor was found in the wild. We'll discuss how and why attackers are targeting firmware and hardware, and the steps security professionals can take to gain visibility into this attack surface and protect enterprise devices. This segment is sponsored by Eclypsium. Show Notes: https://wiki.securityweekly.com/psw671 Visit https://securityweekly.com/eclypsium to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes!

Sysmon is a free endpoint monitoring tool published by Microsoft in their sysinternals suite. It generates process creations, network connections, file creations, DNS, and now clipboard monitoring with v12. We'll discuss what's in the events and how to easily visualize and search them with Gravwell's new Sysmon Kit. This segment is sponsored by Gravwell. Show Notes: https://wiki.securityweekly.com/psw671 Visit https://securityweekly.com/gravwell to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes!

deepwatch formally launched its Lens Score app on October 20th. Corey joins us to discuss the app, its future, and how it helps CISOs achieve their security outcomes. Corey will also discuss the deepwatch Series B and how we plan to invest the funds. This segment is sponsored by deepwatch. Visit https://securityweekly.com/deepwatch to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw203

Organizations have millions of vulnerabilities. And our research has shown that those same organizations, large or small, on average, can only fix about one in ten of those vulnerabilities. But as a security practitioner you still need to keep your organization secure, so how do you do that when you can't possibly fix ALL of your vulnerabilities? Ed Bellis will: Review what years of joint research into vulnerability management with the Cyentia Institute uncovered about the scope of the challenge A breakdown in performance factors by industry and platforms Lay out several factors that drive better remediation performance Provide a deeper understanding on the scope of exposures and how risk informs remediation strategies This segment is sponsored by Kenna Security. Visit https://securityweekly.com/kennasecurity to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw203