Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo
show episodes
 
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
  continue reading
 
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly.
  continue reading
 
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly.
  continue reading
 
Loading …
show series
 
Segment 1: Fastly Interview In this week's interview segment, we talk to Marshall Erwin about the state of cybersecurity, particularly when it comes to third party risk management, and whether we're ready for the next big SolarWinds or Crowdstrike incident. These big incidents have inspired executive orders, the Secure by Design initiative, and eve…
  continue reading
 
This week in the security news: Android catches up to iOS with its own lockdown mode Just in case, there is a new CVE foundation Branch privilege injection attacks My screen is vulnerable The return of embedded devices to take over the world - 15 years later Attackers are going after MagicINFO Hacking Starlink Mitel SIP phones can be hacked Reversi…
  continue reading
 
In the leadership and communications section, How CISOs can talk cybersecurity so it makes sense to executives, Firms to spend more on GenAI than security in 2025, Europe leads shift from cyber security ‘headcount gap’ to skills-based hiring, and more! Next, pre-recorded interviews from RSAC Conference 2025, including: This segment is sponsored by …
  continue reading
 
Developers are relying on LLMs as coding assistants, so where are the LLM assistants for appsec? The principles behind secure code reviews don't really change based on who write the code, whether human or AI. But more code means more reasons for appsec to scale its practices and figure out how to establish trust in code, packages, and designs. Rey …
  continue reading
 
In this episode, Erika Dean dives into the evolution of attack surface management (ASM) in financial tech. From foundational strategies to future-focused threats, she explores how shifts in the fintech landscape demand deeper organizational awareness, ongoing tabletop exercises, and proactive preparation. This segment is sponsored by Axonius. Visit…
  continue reading
 
Segment 1 - Secrets and their role in infrastructure security From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygiene, discuss emerging patterns for secure secret management at scale, …
  continue reading
 
Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun Some magic info on MagicINFO Vulnerability Management Zombies There is a backdoor in your e-commerce Airborne: vulnerabilities in AirPlay Bring your own installer - crafty EDR bypass The Signal clone used by US government officials: shocker…
  continue reading
 
In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (lik…
  continue reading
 
Deepfake Porn Bots, Skype, dd, Venom Spider, CISA, IT Helpdesk, Rob Allen, and more on the Security Weekly News. Segment Resources: https://cybersecuritynews.com/cyber-security-company-ceo-arrested/ This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweek…
  continue reading
 
We catch up on news after a week of BSidesSF and RSAC Conference. Unsurprisingly, AI in all its flavors, from agentic to gen, was inescapable. But perhaps more surprising (and more unfortunate) is how much the adoption of LLMs has increased the attack surface within orgs. The news is heavy on security issues from MCPs and a novel alignment bypass a…
  continue reading
 
Now in its 18th year, the Verizon Business DBIR is one of the industry’s longest standing and leading reports on the current cybersecurity landscape. This year’s report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and ex…
  continue reading
 
The PSW crew discusses tips, tricks, and traps for using AI and LLMs. We discuss a wide range of AI-related topics, including how to utilize AI tools for writing, coding, data analysis, website design, and more! Some key takeaways include: AI has rapidly shifted from novelty to an essential tool in security and other fields. Paid AI versions offer …
  continue reading
 
In today’s ever-evolving business landscape, organizations face diverse risks, including cyber risks, that can significantly affect their operations and overall prosperity. Aligning risk management strategies with organizational objectives is crucial for effectively mitigating these potential threats and fostering sustainable growth. Easier said th…
  continue reading
 
In this live recording from BSidesSF we explore the factors that influence a secure design, talk about how to avoid the bite of UX dragons, and why designs should put classes of vulns into dungeons. But we can't threat model a secure design forever and we can't oversimplify guidance for a design to be "more secure". Kalyani Pawar and Jack Cable joi…
  continue reading
 
In this week's enterprise security news, Lots of funding announcements as we approach RSA New products The M-Trends also rudely dropped their report the same day as Verizon Supply chain threats Windows Recall is making another attempt MCP server challenges Non-human identities A startup post mortem Remember that Zoom outage a week or two ago? The c…
  continue reading
 
As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how emplo…
  continue reading
 
Beating the AI Game, Ripple (not that one), Numerology, Darcula, Special Guests, and More, on this edition of the Security Weekly News. Special Guests from Hidden Layer to talk about this article: https://www.forbes.com/sites/tonybradley/2025/04/24/one-prompt-can-bypass-every-major-llms-safeguards/ Show Notes: https://securityweekly.com/swn-471…
  continue reading
 
The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patchin…
  continue reading
 
AI Governance, the next frontier for AI Security. But what framework should you use? ISO/IEC 42001 is an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within organizations. It is designed for entities providing or utilizin…
  continue reading
 
Loading …
Listen to this show while you explore
Play