Security Weekly Podcast Network (Video)

A ground shaking exposé on the failure of popular cyber risk management methods. This book is the first of a series of spinoffs from Douglas Hubbard's successful first book, How To Measure Anything: Finding the Value of "Intangibles" in Business. Learn more on how to quantify risk in terms of dollars and cents in order to build better "business impact" decision makers, visit: https://hubbardresearch.com/ Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/bsw183

Global spending on cyber security totals over $100 billion per year, with no upper limit in sight as adversaries remain successful at compromising even well-resourced organizations. Why do adversaries remain successful despite advances in security technologies and risk frameworks? As it turns out, an often-overlooked architecture from 30 years ago is a common thread among many successful attacks. By re-thinking the ubiquitous web browser and its connection to the internet, CIOs and CISOs can nearly eliminate their internet risk surface, provide users the tools and access they need, and free up incident responders to focus on more advanced threats. This segment is sponsored by Authentic8. Visit https://www.authentic8.com/bsw to learn more about them! To download your copy of "The Billion Dollar Security Blanket" by Matt Ashburn, visit: https://www.authentic8.com/bsw Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/bsw183

Using Amazon GuardDuty to Protect Your S3, OkCupid Security Flaw Threatens Intimate Dater Details, Florida teen charged as "mastermind" in Twitter hack hitting Biden, Bezos, and others, Sandboxing and Workload Isolation, and Microsoft to remove all SHA-1 Windows downloads next week! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw117

As you go full DevSecOps, where does that leave security operations? Who makes changes that are required? How do you empower (or deputize) app folks or ops folks (DevOps) to make those operational changes? What kind of tooling is going to meet the need for that requirement? DisruptOps puts the concepts into action, empowering developers and ops folks to make the needed security changes quickly, consistently and within the tools they use for their daily tasks. Try it out free of charge and experience the future of security operations. Visit https://disruptops.com/free-evaluation/ Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw117

A Vulnerability that Allowed Brute-Forcing Passwords of Private Zoom Meetings, Russia's GRU Hackers Hit US Government and Energy Targets, a New tool that detects shadow admin accounts in AWS and Azure environments, BootHole Secure Boot Threat Found In Mostly Every Linux Distro, and Windows 8 And 10, and how Hackers Broke Into Real News Sites to Plant Fake Stories! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw660

MIDAS uses unsupervised learning to detect anomalies in a streaming manner in real-time and has become a new baseline. It was designed keeping in mind the way recent sophisticated attacks occur. MIDAS can be used to detect intrusions, Denial of Service (DoS), Distributed Denial of Service (DDoS) attacks, financial fraud and fake ratings. MIDAS combines a chi-squared goodness-of-fit test with the Count-Min-Sketch (CMS) streaming data structures to get an anomaly score for each edge. It then incorporates temporal and spatial relations to achieve better performance. MIDAS provides theoretical guarantees on the false positives and is three orders of magnitude faster than existing state of the art solutions. Check out MIDAS at https://github.com/Stream-AD/MIDAS Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw660

The Gravwell Data Fusion platform is releasing a major update this week. New features make analyzing logs and network data much easier for new users while still keeping the raw power of a unix-like search query pipeline for power users. Gravwell is free for community use and during launch week if you sign up for CE we're bumping the data cap up to 4 GB/day. This segment is sponsored by Gravwell. Visit https://securityweekly.com/gravwell to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw660

Neira Jones discusses how financial services deals with PCI-DSS, other compliance standards, fraud and cyber crime. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw192

Learn about a new paradigm dubbed immutable security. What is immutable security? Why has it become more important than before? Infrastructure is being build and deployed with code, hence we can use this to our advantage and build security in from the start as we've always intended! This segment is sponsored by Accurics. Visit https://securityweekly.com/accurics to learn more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw192

Attivo Networks EDN enhancements prevent attackers from fingerprinting an endpoint, CloudPassage Expands Cloud Security Capabilities for Docker, Kubernetes, and Container-related Services on AWS, Digital Shadows announces integration with Atlassian Jira, LogRhythm Releases Version 7.5 of NextGen SIEM Platform and New Open Collector Technology, Cloudflare releases Workers Unbound, a secure serverless computing platform, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw192