Security Weekly Podcast Network (Video)

BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys, Microsoft Patch Tuesday, Sept. 2020 Edition, XSS->Fix->Bypass: 10000$ bounty in Google Maps, Academics find crypto bugs in 306 popular Android apps, none get patched, using CRYLOGGER to detect crypto misuses dynamically, Remote Code Execution as SYSTEM/root via Backblaze, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw121

Developer friendly appsec; the people, process and culture of DevSecOps. The basics for some and struggles for others. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw121

We welcome special guest Lea Snyder, BSides Boston Organizer, to talk all things BSides Boston 2020 for its 10 year anniversary! In the Security News, Cisco Patches Critical Vulnerability in Jabber for Windows, Expert found multiple critical issues in MoFi routers, TeamTNT Gains Full Remote Takeover of Cloud Instances, Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks, Former NSA chief General Keith Alexander is now on Amazon's board, and the Legality of Security Research is to be Decided in a US Supreme Court Case! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw666

DevOps has gained momentum over the years as its methods have been used by teams worldwide to accelerate application delivery. But where we continue to struggle is in integrating security into this workflow. In this discussion, Sumedh Thakar, president and chief product officer at Qualys, will talk with the Security Weekly Team about the importance of building security into the CI/CD pipeline to ensure the quality of code and to protect the application and data infrastructure. He'll talk about Qualys' own DevOps strategy and the lessons learned as his team built out the DevOps toolchain and how it integrated security best practices within the DevOps lifecycle. This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw666

Every time you deploy a patch nothing has ever gone wrong, right? Most of us have been burned by deploying a patch, causing downtime in your environment, getting in trouble with users and management for causing an outage and having to back out a patch, then re-deploy. The team at Vicarious has a way to apply in-memory virtual patches that mitigate exploitation and do not require binaries to be altered. Tune-in for the full description and demo! This segment is sponsored by Vicarius. Visit https://securityweekly.com/vicarius to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw666

Bradon describes Mimecast's "cloud-based resilience platform." What problem(s) they are solving. How they solve it in a unique/differentiated way and the value to the customers. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecast to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw198

In today's modern enterprise, where traditional security boundaries have all but disappeared, Identity has become the new security perimeter. In this episode, CyberArk Identity Security expert Corey Williams will explore the concept identity security and its key elements, including Privileged Access Management, Multi-factor Authentication, Single Sign-on, and innovations in machine learning and AI - that are powering Identity Security today. Corey will also explore the Identity Security technology landscape and the evolution of Identity, focusing on Identity Security as an enablement tool in the age of remote work arrangements, growing cloud adoption, and everything mobile. This segment is sponsored by CyberArk. Visit https://securityweekly.com/cyberark to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw198

In this engaging discussion, security expert John Strand dives into the latest developments in cybersecurity, highlighting the YubiKey 5C NFC's role in enhancing multi-factor authentication. He shares critical insights on when organizations should consider penetration testing, emphasizing the need for solid cyber hygiene. The conversation also covers the new cloud threat exchange by Netskope and the importance of securing container environments, spotlighting partnerships like Sysdig and VulnDB. Tune in for expert tips on navigating today’s complex security landscape!

Ekran System is a PCI DSS compliance solution that helps you comply with key industry rules and requirements and protect your company from insider threats. This segment is sponsored by Ekran System. Visit https://securityweekly.com/ekran to learn more about them! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/scw42

Ekran System is a universal insider threat protection platform that combines three essential insider security controls: activity monitoring, access management, and identity management. Functionality is provided in a single universal software platform delivering light-weight agents for all types of endpoints. This segment is sponsored by Ekran System. Visit https://securityweekly.com/ekran to learn more about them! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/scw42