Security Weekly Podcast Network (Video)

Passwords, keys, and other secrets are becoming an outdated technique for applications to use. They are usually over-privileged, easy to steal, and very hard to handle securely. Developers frequently log them by accident or stash them in unsafe places. The Secretless pattern is a new way of architecting applications that guarantees that the application never handles the secrets it needs to access databases or other secure resources. Secretless architectures open up a whole set of opportunities for a new model of secure application development and governance. This segment is sponsored by CyberArk. Show Notes: https://securityweekly.com/esw191 Visit https://securityweekly.com/cyberark to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes!

Over the last 15 years the web application landscape has changed more dramatically than many might realize, including the exponential growth in the number of web sites, the rise of complex web apps, the growing web traffic through APIs and more. Let's discuss what this means for enterprises web security and how to mitigate a growing cybersecurity risk. Show Notes: https://securityweekly.com/esw191 Visit https://securityweekly.com/acunetix to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes!

PCI Dream Team: Ben Rothke, Jeff Hall, David Mundhenk, Art Cooper answer all of the toughest PCI questions, Part 2! Show Notes: https://wiki.securityweekly.com/scw36 Visit https://www.securityweekly.com/scw for all the latest episodes!

PCI Dream Team: Ben Rothke, Jeff Hall, David Mundhenk, Art Cooper answer all of the toughest PCI questions. Show Notes: https://wiki.securityweekly.com/scw36 Visit https://www.securityweekly.com/scw for all the latest episodes!

In the Leadership and Communications section, CISOs undervalued, overworked, burning out, warns CIISec, The 10 Worst Cybersecurity Strategies, AppSec Becomes A Priority For New CISOs/CSOs, and more! Show Notes: https://wiki.securityweekly.com/bsw181 Visit https://www.securityweekly.com/bsw for all the latest episodes!

The use of Application Control - commonly referred to as whitelisting or Zero Trust Execution - is considered to be a robust and essential Cloud Workload Protection strategy, largely due to the high predictability of cloud environments. But it does not prevent all cyber attacks. Attackers can exploit vulnerabilities in trusted applications or utilize whitelisted apps for malicious intent - referred to as Living off the Land (LotL). App Control also presents some operational headaches for cloud security teams, requiring strict and often unrealistic policies. We will discuss how to build a robust Application Control strategy for your workloads that is informed by these challenges. This segment is sponsored by Intezer. Show Notes: https://wiki.securityweekly.com/bsw181 Visit https://securityweekly.com/intezer to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes!

This week, SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers, Introducing Google Cloud Confidential Computing with Confidential VMs, Internet of Things devices: Stick to these security rules or you could face a ban, Google Cloud Unveils 'Confidential VMs' to Protect Data in Use, and more! Show Notes: https://wiki.securityweekly.com/asw115 Visit https://www.securityweekly.com/asw for all the latest episodes!

Digital transformation is taking the IT industry by storm. As the pace of adoption of public cloud increases, security posture management and governance is usually not top of the mind of cloud engineering teams. Cost of leaving the misconfiguration undetected and not rectified sure adds up and what to say about compromise to reputation. Biarca Patrol grew organically in close collaboration with our customers to address this gap. Biarca Patrol is now being offered widely. Show Notes: https://wiki.securityweekly.com/asw115 Visit https://www.securityweekly.com/asw for all the latest episodes!

Microsoft fixes critical wormable RCE SigRed in Windows DNS servers, Zoom Addresses Vanity URL Zero-Day, Docker attackers devise clever technique to avoid detection,a massive DDoS Attack Launched Against Cloudflare in Late June, Critical Vulnerabilities Can Be Exploited to Hack Cisco Small Business Routers, and what you need to know about the Twitter Mega Hack! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw658

The guys welcome our newest host to the family. John Snyder will replace Matt Alderman on Security and Compliance Weekly. Tune in to hear about how John made the jump from being a trial lawyer in New York to founding AGNES Intelligence, a forensic AI firm that has perfected the application of unsupervised machine learning! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw658