Security Weekly Podcast Network (Video)
Security Weekly Productions
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape.
Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
Episodes
Mentioned books
Dec 24, 2019 • 1h 6min
The State of Penetration Testing - PSW #631
Penetration testing has evolved quite a bit in the past year. As defenses shift, and in some cases get much better, attack techniques and landscapes have changed as well. - What has changed in the past year with regards to penetration testing? - What is adversary simulation? What are the benefits? Is the offering and consumption of this service an indication that organizations are getting better at building effective security programs? - How has the increased popularity of breach and attack simulation tools impacted penetration testing? - Has the MITRE attack framework impacted penetration testing? If so, how? - Many advanced penetration testers seem to be keeping their tools private as to avoid detection by endpoint security products. Is this happening, and if so what is the impact? Should we share more? Less? - With so many tools available today for penetration testing, what can blue teams and internal red teams do to prep for an external penetration test? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode631
Dec 23, 2019 • 1h 4min
DevOps and Securing Applications - PSW #632
- Given that DevOps is a process and its execution requires many different tools, how do we get started "doing DevOps"? - What about DevOps allows us to produce more secure applications? - What concepts inside of DevOps do most people lose site of? - What are the major challenges involved in taking an application from traditional development to DevOps? - What are some of the best approaches to making an application more resilient to threats - To ORM or not to ORM? - Which services do you implement yourself vs. using a cloud service? - How do I choose the best secrets vault? - What should I use an orchestrator for and what should I not use an orchestrator for? - How do I build a secure API for my app? - Thoughts on GraphQL vs. REST security implications? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode632
Dec 23, 2019 • 1h 2min
Blue Team Tactics and Techniques - PSW #631
It's often said that attackers need only to get it right once, where defenders have to be right all of the time. Those of us who have worked in a security role as a defender know we don't always get it right, in fact, there are often many exposures in our defenses. This segment will aim to help defenders learn tactics and techniques that are effective and try to answer some of the following questions: - How do you prioritize your defensive efforts? - How do you best detect attacks? - How do you best protect against attacks? - We always say "patch your stuff" but how often should you patch? Which systems should you patch? - What techniques work best to defend against email phishing? - How do you provide a "good enough" level of security for your Active Directory? - What are the fundamentals of defense? How do they differ per environment and organization? - How do you get management to buy-in to your security plans and spending? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode631
Dec 21, 2019 • 40min
Risk-Based Vuln. Mgmt/Threat & Vuln. Mgmt - Jason Rolleston, Michael Roytman - ESW #166
Jason Rolleston, Chief Product Officer at Kenna Security & Michael Roytman, Chief Data Scientist at Kenna Security join Paul, Matt, and Jeff on this week's episode of ESW to discuss how risk-based vulnerability management is transforming the vulnerability management industry by enabling enterprises to understand the true risk of their infrastructure and applications, saving them time and resources by prioritizing efforts around actions that reduce the most risk. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode166
Dec 21, 2019 • 30min
Unify DevOps and SecOps - ESW #166
DevSecOps is all the rage, but what does it really mean? How do you achieve the integration of Security into DevOps? This segment explores the people and process challenges of DevSecOps and where to integrate security seamlessly into the DevOps pipeline. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode166
Dec 20, 2019 • 33min
Enterprise News - ESW #166
In the Enterprise News, we talk about how MITRE updates ATT&CK for the cloud, Ping Identity builds and matures Zero Trust Infrastructures, SaltStack integrates with ServiceNow to deliver Closed-Loop IT and Security Automation, and some acquisition updates from Fortinet, CyberSponse, Guardsquare, Zimperium, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode166
Dec 20, 2019 • 32min
The Joys Of Scoping pt. 2 - Steve Levinson - SCW #11
Steve Levinsonis the Vice President - Risk, Security & Privacy at Online Business Systems. Steve's strong technical and client management skills combined with his holistic approach to risk management resonates with clients and employees alike. To learn more about Online Business Systems, visit: https://securityweekly.com/online Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode11
Dec 19, 2019 • 40min
Leadership Articles - BSW #156
Why Crowdsourcing Often Leads to Bad Ideas, Transforming operations for successful cloud adoption, Do You Need Charisma to Be a Great Public Speaker?, 20 Tools for More Productive Email, and Fight the skills gap with a great upskilling and reskilling strategy. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode156
Dec 18, 2019 • 38min
The Joys Of Scoping - Steve Levinson - SCW #11
Steve Levinsonis the Vice President - Risk, Security & Privacy at Online Business Systems. Steve's strong technical and client management skills combined with his holistic approach to risk management resonates with clients and employees alike. To learn more about Online Business Systems, visit: https://securityweekly.com/online Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode11
Dec 18, 2019 • 29min
Securing the OT - Martin Bally - BSW #156
Martin Bally is a highly accomplished senior global information security officer with more than 20 years of experience in multiple industries. Currently, he is the Chief Information Security Officer for American Axle & Manufacturing where he is responsible for Information, cyber, and product security. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode156
