Security Weekly Podcast Network (Video)

Managing the Minimization of a Container Attack Surface - Neil Carpenter - ASW #344

A smaller attack surface should lead to a smaller list of CVEs to track, which in turn should lead to a smaller set of vulns that you should care about. But in practice, keeping something like a container image small has a lot of challenges in terms of what should be considered minimal. Neil Carpenter shares advice and anecdotes on what it takes to refine a container image and to change an org's expectations that every CVE needs to be fixed. Show Notes: https://securityweekly.com/asw-344

Rethinking risk based vulnerability management, Black Hat expo insights, and the news - Snehal Antani - ESW #420

Interview with Snehal Antani - Rethinking Risk-Based Vulnerability Management Vulnerability management is broken. Organizations basically use math to turn a crappy list into a slightly less crappy list, and the hardest part of the job as a CIO is deciding what NOT to fix. There has to be a better way, and there is... Segment Resources: https://horizon3.ai/intelligence/blogs/vulnerability-management-is-broken-there-is-a-better-way/ This segment is sponsored by Horizon3.ai. Visit https://securityweekly.com/horizon3 to learn more about them! Topic - Andy Ellis's Black Hat Expo Experience Andy Ellis visited every booth at Black Hat. Every. Single. One. He wrote up what he learned and we discuss his findings! https://www.duha.co/state-of-security-vendors-blackhat-2025/ News Finally, in the enterprise security news, Tons of handy new and free tools! is cybersecurity really at the latter stages of consolidation? new books is our obsession with risk quantification hurting our credibility? AI trends is there an impending AI layoff-pocalypse? we explain the kids’ favorite new term: Clanker All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-420

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More... - SWN #503

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-503

Hackberry PIs and Other Hacker Things - PSW #887

We kick things off with a deep dive into the Hackberry PI and how to build one. Then in the security news: Will Perplexity buy Chrome? ESP32 Bus Pirates Poisoned telemetry Docker image security Fully Open Source Quantum Sensors Securing your car, Flippers, and show me the money Bringing your printer and desktop to Starbucks Paying a ransom? You need approval AI: Shield or Spear? No authentication? That's a problem Transient Bugs: A realistic threat? You can run Linux And who still uses AOL dial-up? Show Notes: https://securityweekly.com/psw-887

Defending Trust & Reputation as CISOs and Leaders Prepare Their AI Strategy - Santosh Nair - BSW #408

As brands grow more digital, the threats grow more personal. Attackers impersonate executives, spin up fake websites, and leak sensitive data — hurting business reputations and breaking customer trust. How do you defend your organization's reputation and customers' trust? Santosh Nair, Co-Founder and CTO at Styx Intelligence, joins Business Security Weekly to discuss how to defend trust and reputation in the age of AI. Santosh will cover both the company and executive challenges of defending against the latest AI attacks, including: Impersonations and Deepfakes Employee Scams Financial Fraud Segment Resources: - https://styxintel.com/blog/what-is-brand-protection/ - https://styxintel.com/blog/brand-impersonation-hurts-business/ - https://styxintel.com/blog/social-engineering-tactics/ In the leadership and communications section, Mind the overconfidence gap: CISOs and staff don’t see eye to eye on security posture, Your AI Strategy Needs More Than a Single Leader, Avoid These Communication Breakdowns When Launching Strategic Initiatives, and more! Show Notes: https://securityweekly.com/bsw-408