Security Weekly Podcast Network (Video)

How are personal liability and indemnification impacting the CISO role? Darren Shou, Chief Strategy Officer from RSA Conference, describes the current landscape of CISO liability and the challenges facing CISOs today. He discusses the implications of the SEC's recent actions, including the charges against SolarWinds' CISO, and the growing trend of personal liability for security leaders. Darren will also highlight comparisons between the roles of CISOs and CFOs, highlighting what security professionals can learn from their financial counterparts in handling risks and responsibilities. Finally, he explores how to build an effective coalition, both internally with company executives and externally with peers. In this ever changing risk landscape, it takes a village, and Darren shares his vision for how to build that village. Show Notes: https://securityweekly.com/bsw-362

Swimlane and GenAI Join Swimlane CISO, Mike Lyborg and Security Weekly's Mandy Logan as they cut through the AI peanut butter! While Generative AI is the not-so-new hot topic, it's also not the first time the cybersecurity industry has embraced emerging technology that can mimic human actions. Security automation and its ability to take action on behalf of humans have paved the way for generative AI to be trusted (within reason). The convergence and maturity of these technologies now have the potential to revolutionize how SecOps functions while force-multiplying SOC teams. This segment is sponsored by Swimlane. Visit https://securityweekly.com/swimlanebh to learn more about them! Swimlane and ProCircular ProCircular, is a security automaton power-user and AI early adopter. Hear from Swimlane customer, Brandon Potter, CTO at ProCircular, about how use of Swimlane, has helped his organization increase efficiency, improve security metrics and ultimately grow their customer base without increasing headcount. Segment Resources: ProCircular Case Study ProCircular Web Site This segment is sponsored by Swimlane. Visit https://securityweekly.com/swimlanebh to learn more about them! Show Notes: https://securityweekly.com/esw-373

Faking your death, Fake Reviews, Solar Winds, AWS, Recall, Winux, Kubernetes, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-409

This week: YAVD: Yet Another Vulnerable Driver, why bring your own when one already exists, backdoors in MIFARE Classic, wireless hacking tips, AMD sinkclose vulnerability will keep running, you down with SLDP yea you know me, Phrack!, IoTGoats, Pixel vulnerabilities, leaking variables, a DEF CON talk that was not cancelled, Telnet is still a thing, More CNAs, and the last thing Flint Michigan needed was a ransomware attack! Show Notes: https://securityweekly.com/psw-840

This week, in the enterprise security news, A funding that looks like an acquisition And two for-sure acquisitions Rumors that there are funding problems for early stage cyber startups, and we'll see a lot more acquisitions before the end of the year Speaking of rumors, Crowdstrike did NOT like last week's Action1 acquisition rumor! Shortening detection engineering feedback loops HoneyAgents More reflections on Black Hat 2024 The attacker does NOT just have to get it right once and the defender does NOT have to get it right every time Remember BEC scams? Yeah, they're still enterprise enemy #1 All that and more, in the news this week on Enterprise Security Weekly! Show Notes: https://securityweekly.com/esw-373

Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such as: Mitre Att&ck - Don't get me wrong, this is a great project and Adam and team is doing a great job. However, its not a complete picture as we can't possibly know about every attack vector (or can we?). People seem to think if they cover everything in the framework they will be secure. You can't cover everything in the framework because each technique can be utilized by an attack in a hundred different ways. CVSS - Anyone can apply a score, but who is correct? Good that we have a way to score things, but then people will just use this as a basis for what they patch and what they do not. Also, chaining vulnerabilities is a thing, but we seem to lack any way to assign a score to multiple vulnerabilities at once (different from a technique). Also, some things don't get a CVE, how are you tracking, assessing risk, and patching these? CISA KEV - Again, love the project and Tod is doing amazing work. However, what about things that do not get a CVE? Also, how do you track every incident of an attacker doing something in the wild? Also, there is frequency, just because something got exploited once, does that mean you need to patch it right away? How are we tracking how often something is exploited as it is not just a binary "yes, its exploited" or "no, it is not". EPSS - I do like the concept and Wade and Jay are doing amazing work. However, there seems to be a "gut reaction" thing going on where we do see things being exploited, but the EPSS score is low. How can we get better at predicting? We certainly have enough data, but are we collecting the right data to support a model that can tell us what the attackers will do next? Show Notes: https://securityweekly.com/psw-840

SquareX With employees spending most of their working hours on the browser, web attacks are one of the biggest attack vectors today. Yet, both enterprises and security vendors today aren't focused on securing the browser – a huge risk given that attackers can easily bypass Secure Web Gateways, SASE and SSE solutions. This segment will demonstrate the importance of a browser-native solution, discuss the limitations of current solutions and how enterprises can better protect their employees from web attacks. Segment Resources: DEF CON talk abstract Enterprise use cases for SquareX Data Sheet Why Browser Native Solutions are better than Cloud Based Proxies Blog on the Many Failures of Secure Web Gateways This segment is sponsored by Square X. Visit https://securityweekly.com/squarexbh to learn how SquareX can protect your employees from web attacks! Tanium The recent CrowdStrike outage and subsequent disruption tested organizations' resiliency and confidence as the world went offline. It served as a reminder that in an increasingly technology-dependent world, things will go wrong – but security leaders can plan accordingly and leverage emerging technologies to help minimize the damage. In this interview, Tanium's Vice President of Product Marketing Vivek Bhandari explains how AI and automation can help with remediation and even prevent similar outages from happening in the future, and breaks down the future of Autonomous Endpoint Management (AEM) as the solution for continuous cyber resilience in the face of disruption. Segment Resources: The Future of Converged Endpoint Management is Autonomous Endpoint Management (AEM) This segment is sponsored by Tanium. Visit https://securityweekly.com/taniumbh to learn more about them! Show Notes: https://securityweekly.com/esw-373

As development cycles shorten and more responsibilities shift to developers, application security (AppSec) is rapidly evolving. Organizations are increasingly building mature programs that automate and enhance AppSec, moving beyond manual processes. In this discussion, we explore how organizations are adapting their AppSec practices, highlighting the challenges and milestones encountered along the way. Key topics include the integration of security into the development lifecycle, the impact of emerging technologies, and strategies for fostering a security-first culture. Boaz Barzel shares his experiences and offers practical advice on overcoming common obstacles, ensuring that security measures keep pace with rapid technological advancements. This segment serves as a comprehensive guide for organizations striving to enhance their AppSec practices and continuously optimize their posture. This segment is sponsored by OX Security. Visit https://securityweekly.com/oxbh to learn more about them! Given the rapid rise of threat actors utilizing AI for cyber-attacks, security teams need advanced AI capabilities more than ever. Shimon will discuss how Dataminr's Pulse for Cyber Risk uses Dataminr's leading multi-modal AI platform to provide the speed and scale required to build enterprise resilience in the modern cyber threat environment. Dataminr's world-leading AI platform helps companies stay informed - performing trillions of daily computations across billions of public data inputs from more than one million unique public data sources encompassing text, image, video, audio and sensor signals to provide real-time information when you need it most. Segment Resources: https://www.dataminr.com/pulse/cyber-risk/?utmsource=google&utmmedium=paidsearch&utmterm=dataminr%20company&utmcampaign=NORAMDIGIBRG-SearchHDRSMajEntDemo&utmsource=google&utmmedium=paidsearch&hsaacc=8657480186&hsacam=958164645&hsagrp=125093879176&hsaad=654125003504&hsasrc=g&hsatgt=kwd-338332441603&hsakw=dataminr%20company&hsamt=p&hsanet=adwords&hsaver=3&gadsource=1&gclid=CjwKCAjwnqK1BhBvEiwAi7o0XxetJ1k8xcqlYk1Pk5Jsr6Adr2yP-9yhNM7oxISq2-Rbz-UunCxSmhoCYfgQAvD_BwE https://www.dataminr.com/resources/on-demand-webinar/why-cyber-physical-convergence-really-matters This segment is sponsored by Dataminr. Visit https://securityweekly.com/dataminrbh to learn more about their world-leading AI platform perform! Show Notes: https://securityweekly.com/asw-296

Dangerous books, Microsoft Plus, NPD, Solar Winds, Jenkins, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-408

This week, Jeff Pollard and Allie Mellen join us to discuss the fallout and lessons learned from the CrowdStrike fiasco. They explore the reasons behind running in the kernel, the challenges of software quality, and the distinction between a security incident and an IT incident. They also touch on the need to reduce the attack surface and the importance of clear definitions in the cybersecurity industry. The conversation explores the need for a product security revolution and the importance of transparency and trust in security vendors. Show Notes: https://securityweekly.com/asw-296