Security Weekly Podcast Network (Audio)
Technology
Today, we discuss the state of attack surface across the Internet. We've known for decades now that putting an insecure service on the public Internet is a recipe for disaster, often within minutes. How has this knowledge changed the publicly accessible Internet? We find out when we talk to Censys's Aidan Holland today.
We've reached an inflection point in security. There are a handful of organizations regularly and successfully stopping cyber attacks. Most companies haven't gotten there, however. What separates these two groups? Why does it seem like we're still failing as an industry, despite seeming to collectively have all the tools, intel, and budget we've asked for?
Kelly Shortridge has studied this problem in depth. She has created tools (https://www.deciduous.app/), and written books (https://www.securitychaoseng.com/) to help the community approach security challenges in a more logical and structured way. We'll discuss what hasn't worked for infosec in the past, and what Kelly thinks might work as we go into the future.
During the news today, we went deep down the rabbithole of discussing security product efficacy. Adrian still doesn't believe in enterprise browsers beyond Google Chrome, but can't deny that Talon got a pretty favorable exit considering the state of the market. We see the first major exit for cybersecurity insuretechs, and discuss a few notable funding rounds.
We discuss Kelly Shortridge's essay on the origins and nature of the term "security" and what it means. Stephen Schmidt suggests 6 questions every board should ask their CISO, we explore Cyentia Labs' meta analysis of MITRE ATT&CK techniques, and Phil Venables shares some hilarious takes on infosec stereotypes.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/esw-339
Gold Pressed Latinum, VBScript, ORBS, Rockwell, Chrome, SKY, Aaran Leyland, and More - SWN #389
BCNF, Azure, Roaring Kitty, Hugging Face, Okta, Linux, Oracle, Josh Marpet... - SWN #390
Open Source Software Supply Chain Security & The Real Crisis Behind XZ Utils - Idan Plotnik, Luis Villa, Erez Hasson - ASW #287
Emotional Intelligence for Cyber Leaders - James Doggett, Jessica Hoffman, Sivan Tehila - BSW #352
A CISO’s Perspective, Defending Against AI & Ransomware Evolution - Kris Lahiri, Jim Broome, Mike Lyborg - ESW Vault
Securing Backups - SWN Vault
Achieving Cyber Resilience, External Cybersecurity & Risk Reduction - Margarita Barrero, Andy Grolnick, Alexandre Sieira - ESW Vault
Exploring the latest FortiGuard Labs Threat Report - Derek Manky - ESW Vault
Hacker Heroes - Josh Corman - PSW Vault
Securing Shadow Apps & Protecting Data - Guy Guzner, Pranava Adduri - ASW Vault
Collecting Bounties and Building Communities - Ben Sadeghipour - ASW Vault
College Degrees - SWN Vault
Shifting Third Party Risk & What You Need to Know About PCI DSS 4.0 - Lynn Marks, Paul Valente - BSW Vault
The VC Perspective: Embracing Uncertainty & Staying the Course - Alberto Yépez - BSW Vault
This Week: short on funding, long on research and analysis & RSAC Interviews - ESW #363
Pen Testing As A Service - Seemant Sehgal - PSW #830
SWN #388- Big Tech, Fighting a Junta, Keylogger in Microsoft , APT Hackers, Free Laundry, Joshua Marpet & more
Node.js Secure Coding - Oliver Tavakoli, Chris Thomas, Liran Tal - ASW #286
Security Money: Rubrick Saves The Index As It Continues To Climb - Jim Simpson, Theresa Lanowitz - BSW #351
Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast