Security Weekly Podcast Network (Video)
Security Weekly Productions
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape.
Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
Episodes
Mentioned books
Oct 5, 2020 • 36min
Things Every Developer Should Know About Security - Chris Romeo - ASW #124
Developers are at the center of properly securing applications. A large number of security issues bury developers. We must understand the things every developer must know about security in order to help them. We must practice developer empathy, walking a mile in their shoes. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw124
Oct 3, 2020 • 1h 43min
Ryuk Ransomware Attack, Windows XP Server Leak, & Potential Return to 'Hackers' - PSW #668
In the Security News, Rumored Windows XP Source Code Leaked Online, Hospitals hit by countrywide ransomware attack, China-linked 'BlackTech' hackers start targeting U.S, a 13-year-old student was arrested for hacking school computers, Who caused the 14 state Monday 911 outage, and A Return to 'Hackers' Is "Being Actively Considered," Says Director! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw668
Oct 2, 2020 • 44min
Intrusion Detection Honeypots: Detection Through Deception - Chris Sanders - PSW #668
Intrusion Detection Honeypots are fake services, data, and tokens placed inside the network to lure attackers into interacting with them to give away their presence. If you can control what the attacker sees and thinks, you can control what the attacker does. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw668
Oct 2, 2020 • 37min
NGINX As An RTMP Proxy - PSW #668
Paul will discuss his process for creating a docker container for running NGINX as an RTMP proxy for streaming video to multiple services; complete with SSL and authentication. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw668
Oct 1, 2020 • 39min
Vulnerability Management & the Art of Prioritization of Risk - SCW #45
There was a pretty extensive discussion on the Discord server during last week's show that we thought was appropriate to discuss on air. Josh kicked off the discussion by asking, "Anybody know any vulnerability remediation timeline guidance? Formalized, scientifically based stuff?" Josh further clarified, "just trying to find the science behind why and when I should give a crap about vulnerabilities". He finally stated, "I am troubled by the lack of empirically based standards of remediation timing, remediation prioritization, remediation adjustment/offsets based on compensating controls." This launched a multi-threaded conversation that touched on vulnerability management, how to pass various compliance audits/assessments, the many vendors that have latched on to "prioritization" of vulnerabilities, or simply "Risk-Based Vulnerability Management". Of course, PCI became a focal point for much of the discussion because of the mention of vulnerability management, compensating controls, remediation timing, etc. - all of which is addressed within the PCI DSS (despite what Quadling thinks). We're going to try to find consensus on the problem, possible solutions (based on recognized sources), and provide advice. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/scw45
Sep 30, 2020 • 34min
Data Centric Security - Liam Downward - SCW #45
Do we know where our sensitive data is located? Is the system that hosts this data free from vulnerabilities, and is it securely configured? How do we assign accountability through mitigation plans to meet compliance mandates? This segment is sponsored by CYRISMA. Visit https://securityweekly.com/cyrisma to learn more about them! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/scw45
Sep 30, 2020 • 30min
6 Types of CISO, Habits of Highly Effective CISOs, 10 Key Security Projects - BSW #189
In the Leadership and Communications section, 6 types of CISO and the companies they thrive in, What are the habits of highly effective CISOs, Cybersecurity is Not a Four-Letter Word, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw189
Sep 29, 2020 • 28min
State of the Managed Detection & Response Market - Ryan Benson - BSW #189
What makes MDR different from MSSP? What makes a good MDR provider? How do you decide to build your own capabilities, hire an MSSP or ally with an MDR? This segment is sponsored by deepwatch. Visit https://securityweekly.com/deepwatch to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw189
Sep 29, 2020 • 29min
Bypassing TikTok's MFA, Instragram RCE, & Chrome Security Updates - ASW #123
6 Things to Know About the Microsoft 'Zerologon' Flaw, You can bypass TikTok's MFA by logging in via a browser, Instagram RCE: Code Execution Vulnerability in Instagram App for Android and iOS, Shopify discloses security incident caused by two rogue employees, and Microsoft Advances DevOps Agenda! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw123
Sep 28, 2020 • 35min
The Difference Between Finding Vulns & Securing Apps - ASW #123
There's a big difference between finding vulns and securing apps. When we hear the phrase "shift left", what are we actually shifting? Maybe there's something more that security can learn when we look at the vulns popularized by the OWASP Top 10 and the major breaches DevOps teams are dealing with in cloud environments. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw123
