Security Weekly Podcast Network (Video)

The zero-trust security model has been billed as an ultra-safe defense against emerging, unrecognized and well-known threats. Unlike perimeter security, it doesn't assume people inside an organization are automatically safe. Instead, it requires every user and device -- inside and out -- to be authorized before any access is granted. Sounds enticing, but deployments require major architectural, hardware, and software changes to be successful. Rob Allen, Chief Performance Officer at ThreatLocker, joins Business Security Weekly to discuss how their Zero Trust Endpoint Protection Platform can start to help you attain Zero Trust from your endpoints by: Blocking Untrusted Software, Ringfencing™ Applications, and Dynamically Controlling Network Traffic This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/bsw-366

In the Enterprise News, the hosts discuss various trends and challenges in the cybersecurity landscape, including the evolution of terminology, funding trends, the emergence of new startups, and the impact of AI on security practices. They also explore the challenges faced by CISOs, the importance of humor in the industry, and the future of quantum readiness. The conversation highlights the need for clarity in cybersecurity messaging and the potential for consolidation in the market. Show Notes: https://securityweekly.com/esw-377

We've been hearing a lot lately about how the talent gap in cybersecurity is much more complex than some folks have been making it out to be. While making six figures after going through a six week boot camp might be overselling the cybersecurity job market a bit, it is definitely a complex space with lots of opportunities. Fortunately, we have folks building passion projects like My Cyber Path. When Jason transitioned into cyber from the military, he took note of the path he took. He also noticed how different the path was for many of his peers. Inspired by NIST NICE and other programs designed to help folks get a start in cyber, he created My Cyber Path. My Cyber Path has a very organized approach. There are 12 paths outlined, which fall into 4 main areas. After taking a personality test, this tool suggests the best paths for you. Hmmm, this sounds a lot like the sorting hat in Harry Potter, and there are 4 "houses" you could get put into... coincidence? Segment Resources: My Cyber Path has a free account where people can get matched to a cybersecurity work role based on their interests and personality traits and get access to free areas in the platform without having to save a credit card. https://www.mycyberpath.com/ https://www.mycyberpath.com/auth/register Show Notes: https://securityweekly.com/esw-377

Passwords, CUPS, KIA, Gilbert Gottfried, Salt Typhoon, Rob Allen from ThreatLocker, and More on the Security Weekly News. Segment Resources: https://www.bleepingcomputer.com/news/security/hackers-deploy-ai-written-malware-in-targeted-attacks/ This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/swn-417

Kayla Williams, Chief Security Information Officer at Devo, discussed the role of AI in cybersecurity and the ongoing issue of burnout for SOC analysts. Working with Wakefield Research, Devo discovered that 83% of IT professionals feel burnt out due to stress, lack of sleep, and anxiety. Many also report that their burnout leads to breaches. This segment is sponsored by Devo . Visit https://securityweekly.com/devo to learn more about them! Segment Resources: SOC Analyst Appreciation Day: https://www.socanalystday.com/ Kayla's LinkedIn: https://www.linkedin.com/in/kaylamwilliams1/ Show Notes: https://securityweekly.com/psw-844

The SIEM market has undergone some significant changes this summer. This is a great opportunity to talk about the current state of SIEM! In this conversation, we'll discuss: market changes and terminology: security analytics, data lakes, SIEM what is SOAR's role in the current SIEM market? machine learning and generative AI's role strategies for implementing a SIEM common mistakes that still lead to SIEMs becoming shelfware and much more! Both Seth and Adrian have a long history when it comes to SIEMs, so this conversation will be packed with anecdotes, stories, and lessons learned! This segment is sponsored by Graylog. Visit https://securityweekly.com/graylog to learn more about them! Show Notes: https://securityweekly.com/esw-377

This week in the security news, Dr. Doug and Larry explore various technological advancements and their implications with a healthy dose of nostalgia, particularly focusing on health monitoring through Wi-Fi signals, the misconceptions surrounding 5G connectivity, the importance of understanding internet speed needs, and the cybersecurity threats facing water systems. They also discuss the potential chaos that could arise from infrastructure failures and the vulnerabilities present in automated tank gauges, emphasizing the need for better asset management and security measures. Show Notes: https://securityweekly.com/psw-844

Fuzzing network traffic in OpenWRT, parsing problems lead to GitLab auth bypass, more fuzzing finds vulns in a JPEG parser, and more! Show Notes: https://securityweekly.com/asw-300

C3pbot, Kaspersky, Octo2 Electric Boogaloo, Honkai: Star Rail, ServiceNow, LinkedIn, IoT, Josh Marpet, and more on the Cyber Security News. Show Notes: https://securityweekly.com/swn-416

APIs are essential to modern application architectures, driving rapid development, seamless integration, and improved user experiences. However, their widespread use has made them prime targets for attackers, especially those deploying sophisticated bots. When these bots exploit business logic, they can cause considerable financial and reputational damage. In this discussion, David Holmes offers insights into the latest trends in API and bot attacks and provides strategies to defend against these threats. Segment Resources: The Economic Impact of API and Bot Attacks: https://www.imperva.com/resources/resource-library/reports/the-economic-impact-of-api-and-bot-attacks/ The True Cost of API Insecurity and Bot Attacks in 2024: https://www.imperva.com/resources/resource-library/webinars/the-true-cost-of-api-insecurity-and-bot-attacks-in-2024/ This segment is sponsored by Imperva. Visit https://www.securityweekly.com/imperva to learn more about them! Show Notes: https://securityweekly.com/asw-300