Security Weekly Podcast Network (Video)

Simplifying The Process Of Identifying, Assessing & Mitigating Risks: Liam Downward, CEO of CYRISMA, talks about burdensome technologies that generate bloat within any organization, high licensing costs along with the long deployment times. All of these affect the ROI on organizational resources Time, Money, and People. This segment is sponsored by CYRISMA. Visit https://securityweekly.com/cyrisma to learn more about them! Get 10% off your monthly bill when you sign up! Visit: https://www.cyrisma.com Summarizing the BlackHat Threat Intelligence Report: Matthew Gardiner, Principal Security Strategist, from Mimecast will provide and overview of Mimecast and the results of their Threat Intelligence Report, BlackHat USA Edition, August 2020. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastbh to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw202

Learn about some of the latest techniques attackers are using when phishing and vishing, including how to protect your users! This segment is sponsored by Rapid7. Visit https://securityweekly.com/rapid7 to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw202

Bad Neighbor Vulnerability, FireEye Announced 'Mandiant Advantage: Threat Intelligence' SaaS-based Offering, Aqua's Trivy Now Available as a GitHub Action, Datadog adds Deployment Tracking to its APM to prevent outages related to bad code deploys, and Tenable and the Center for Internet Security Enter Partnership to Bolster Cyber Hygiene Across Public and Private Sectors! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw202

While we're on the topic of doing business with the federal government, we'll provide an update on the goings on of Cybersecurity Maturity Model Certification (CMMC). We've invited Mike Brooks to stay with us for this conversation to talk about the status, success, (failure?) of this new program designed to provide a maturity path for cybersecurity programs of organizations wishing to conduct business with the federal government. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/scw47

Mike Brooks will talk to us about his transition from cybersecurity roles in the DoD to roles in the private sector. He currently works as vCISO for Abacode, a company that is providing a next-generation Managed Cybersecurity & Compliance Provider (MCCP) service. Leveraging a unified platform that automates not only security controls but compliance reporting. Mike will discuss his experiences, his views, and his take on various compliance disciplines, particularly what is required to conduct business with the federal government as well as what lends itself to automation. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/scw47

In the Leadership and Communications section, we go off script. Michael Santarcangelo joins me for a discussion on leadership. I want to review the 4 C's of Leadership: 1. Culture 2. Collaboration 3. Communication 4. Cultivation Michael shares some of his approaches and ideas. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw191

Typical security teams have 20-50 technologies, and enough staff to be expert in about 3 of them. This makes taming complexity very challenging - the short staffing is showing no signs of letting up. How do we choose which defensive technologies are truly essential? This segment is sponsored by RedSeal. Visit https://securityweekly.com/redseal to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw191

Redefining Impossible: XSS without arbitrary JavaScript, API flaws in an "unconventional" smart device, Facebook Bug Bounty Announces "Hacker Plus", Anti-Virus Vulnerabilities, and Chrome Introduces Cache Partitioning! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw125

Managing passwords is a critical developer task. Developers tasked with building or augmenting legacy authentication systems have a daunting task when facing modern adversaries. This session will review some of the changes suggested in NIST SP800-63b the "Digital Identity Guideline on Authentication and Lifecycle Management regarding password policy". Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw125

US Air Force slaps Googly container tech on yet another war machine to 'run advanced ML algorithms', Rare Firmware Rootkit Discovered Targeting Diplomats, NGOs, Hackers exploit Windows Error Reporting service in new fileless attack, HP Device Manager vulnerabilities may allow full system takeover, Malware exploiting XML-RPC vulnerability in WordPress, and it's the 10 year anniversary of Stuxnet: Is Your Operational Technology Safe? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw669