))
SC Media and Axonius are proud to present this month’s CISO Stories program, where CISOs share tales from the trenches and unpack leadership lessons learned along the way. Hosted by Jessica Hoffman.
…
continue reading
SecurityWeek podcast series. Hear from cybersecurity industry experts and visionaries. Easy listening, great insights..
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly.
…
continue reading
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly.
…
continue reading
1
The State of Cybersecurity Readiness for the Next Big Emergency - Bri Frost, David Aviv, Marshall Erwin - ESW #407
2:12:42
2:12:42
Play later
Play later
Lists
Like
Liked
2:12:42
Segment 1: Fastly Interview In this week's interview segment, we talk to Marshall Erwin about the state of cybersecurity, particularly when it comes to third party risk management, and whether we're ready for the next big SolarWinds or Crowdstrike incident. These big incidents have inspired executive orders, the Secure by Design initiative, and eve…
…
continue reading
1
Steganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More... - SWN #477
33:54
33:54
Play later
Play later
Lists
Like
Liked
33:54
Steganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-477
…
continue reading
This week in the security news: Android catches up to iOS with its own lockdown mode Just in case, there is a new CVE foundation Branch privilege injection attacks My screen is vulnerable The return of embedded devices to take over the world - 15 years later Attackers are going after MagicINFO Hacking Starlink Mitel SIP phones can be hacked Reversi…
…
continue reading
1
CISO Communication and Hiring, as they Combat Threat and Penetration Testing Trends - Derek Manky, Gunter Ollmann - BSW #395
1:06:28
1:06:28
Play later
Play later
Lists
Like
Liked
1:06:28
In the leadership and communications section, How CISOs can talk cybersecurity so it makes sense to executives, Firms to spend more on GenAI than security in 2025, Europe leads shift from cyber security ‘headcount gap’ to skills-based hiring, and more! Next, pre-recorded interviews from RSAC Conference 2025, including: This segment is sponsored by …
…
continue reading
1
Deepfake, South Korea, Moonlander, ChineseAI, FBI, AI damages professional reputation - SWN #476
29:03
29:03
Play later
Play later
Lists
Like
Liked
29:03
Deepfake porn, South Korea, Operation Moonlander, Chinese AI, FBI, AI use damages professional reputation, Joshua Marpet and More Show Notes: https://securityweekly.com/swn-476
…
continue reading
1
Secure Code Reviews, LLM Coding Assistants, and Trusting Code - Rey Bango, Karim Toubba, Gal Elbaz - ASW #330
1:09:38
1:09:38
Play later
Play later
Lists
Like
Liked
1:09:38
Developers are relying on LLMs as coding assistants, so where are the LLM assistants for appsec? The principles behind secure code reviews don't really change based on who write the code, whether human or AI. But more code means more reasons for appsec to scale its practices and figure out how to establish trust in code, packages, and designs. Rey …
…
continue reading
1
Mapping the Modern Attack Surface: Fintech’s Evolving Risk Frontier - Erika Dean - CSP #212
30:47
30:47
Play later
Play later
Lists
Like
Liked
30:47
In this episode, Erika Dean dives into the evolution of attack surface management (ASM) in financial tech. From foundational strategies to future-focused threats, she explores how shifts in the fintech landscape demand deeper organizational awareness, ongoing tabletop exercises, and proactive preparation. This segment is sponsored by Axonius. Visit…
…
continue reading
1
Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406
2:14:05
2:14:05
Play later
Play later
Lists
Like
Liked
2:14:05
Segment 1 - Secrets and their role in infrastructure security From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygiene, discuss emerging patterns for secure secret management at scale, …
…
continue reading
1
Sudo watch, AI Dreams, Kickidler, Powershool, Old Man Router, PSMU, Aaran Leyland... - SWN #475
33:52
33:52
Play later
Play later
Lists
Like
Liked
33:52
Sudo watch this show, Hallucinations, Kickidler, Powershool redux, Old Man Router, PSMU, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-475
…
continue reading
Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun Some magic info on MagicINFO Vulnerability Management Zombies There is a backdoor in your e-commerce Airborne: vulnerabilities in AirPlay Bring your own installer - crafty EDR bypass The Signal clone used by US government officials: shocker…
…
continue reading
1
C-Suite Gaps, Cybersecurity is not Working to Solve Exposures and Supply Chain Risks - Lenny Zeltser, Dr. Aleksandr Yampolskiy - BSW #394
1:04:40
1:04:40
Play later
Play later
Lists
Like
Liked
1:04:40
In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (lik…
…
continue reading
1
Deepfake Porn Bots, Skype, dd, Venom Spider, CISA, IT Helpdesk, Rob Allen... - Rob Allen - SWN #474
36:47
36:47
Play later
Play later
Lists
Like
Liked
36:47
Deepfake Porn Bots, Skype, dd, Venom Spider, CISA, IT Helpdesk, Rob Allen, and more on the Security Weekly News. Segment Resources: https://cybersecuritynews.com/cyber-security-company-ceo-arrested/ This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweek…
…
continue reading
1
AI Era, New Risks: How Data-Centric Security Reduces Emerging AppSec Threats - Idan Plotnik, Vishal Gupta - ASW #329
1:03:03
1:03:03
Play later
Play later
Lists
Like
Liked
1:03:03
We catch up on news after a week of BSidesSF and RSAC Conference. Unsurprisingly, AI in all its flavors, from agentic to gen, was inescapable. But perhaps more surprising (and more unfortunate) is how much the adoption of LLMs has increased the attack surface within orgs. The news is heavy on security issues from MCPs and a novel alignment bypass a…
…
continue reading
1
2025 Security Trends: Identity, Endpoint, Cloud & the Rise of Browser Threats - Hed Kovetz, Vivek Ramachandran, Rob Allen, Jason Mical, Alex Pinto, Lori Robinson - ESW #405
1:42:44
1:42:44
Play later
Play later
Lists
Like
Liked
1:42:44
Now in its 18th year, the Verizon Business DBIR is one of the industry’s longest standing and leading reports on the current cybersecurity landscape. This year’s report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and ex…
…
continue reading
1
Security Weekly News Interviews Leaders of NECCDC competition - SWN #473
32:02
32:02
Play later
Play later
Lists
Like
Liked
32:02
Join us for a special in-person edition of the Security Weekly News! Show Notes: https://securityweekly.com/swn-473
…
continue reading
1
AI Tips, Tricks, and Traps! - PSW #872
1:37:21
1:37:21
Play later
Play later
Lists
Like
Liked
1:37:21
The PSW crew discusses tips, tricks, and traps for using AI and LLMs. We discuss a wide range of AI-related topics, including how to utilize AI tools for writing, coding, data analysis, website design, and more! Some key takeaways include: AI has rapidly shifted from novelty to an essential tool in security and other fields. Paid AI versions offer …
…
continue reading
1
Say Easy, Do Hard - Defining Objectives and Key Results Aligned to Business Goals - BSW #393
49:58
49:58
Play later
Play later
Lists
Like
Liked
49:58
In today’s ever-evolving business landscape, organizations face diverse risks, including cyber risks, that can significantly affect their operations and overall prosperity. Aligning risk management strategies with organizational objectives is crucial for effectively mitigating these potential threats and fostering sustainable growth. Easier said th…
…
continue reading
1
Security Weekly News Interviews Participants and Coaches at NECCDC - SWN #472
33:34
33:34
Play later
Play later
Lists
Like
Liked
33:34
Join us for a special in-person edition of the Security Weekly News! Show Notes: https://securityweekly.com/swn-472
…
continue reading
1
Secure Designs, UX Dragons, Vuln Dungeons - Jack Cable - ASW #328
44:08
44:08
Play later
Play later
Lists
Like
Liked
44:08
In this live recording from BSidesSF we explore the factors that influence a secure design, talk about how to avoid the bite of UX dragons, and why designs should put classes of vulns into dungeons. But we can't threat model a secure design forever and we can't oversimplify guidance for a design to be "more secure". Kalyani Pawar and Jack Cable joi…
…
continue reading
1
The reason for Zoom's outage is crazy, huge funding amounts before RSA - ESW #404
40:37
40:37
Play later
Play later
Lists
Like
Liked
40:37
In this week's enterprise security news, Lots of funding announcements as we approach RSA New products The M-Trends also rudely dropped their report the same day as Verizon Supply chain threats Windows Recall is making another attempt MCP server challenges Non-human identities A startup post mortem Remember that Zoom outage a week or two ago? The c…
…
continue reading
1
The Future of Access Management - Jeff Shiner - ESW #404
39:05
39:05
Play later
Play later
Lists
Like
Liked
39:05
As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how emplo…
…
continue reading
1
Reviewing the Verizon 2025 Data Breach Investigations Report - ESW #404
40:42
40:42
Play later
Play later
Lists
Like
Liked
40:42
In this topic segment, we discuss the most interesting insights from the 2025 edition of Verizon's DBIR. You can grab your own copy of the report at https://verizon.com/dbir Show Notes: https://securityweekly.com/esw-404
…
continue reading
1
Beating the AI Game, Ripple, Numerology, Darcula, Special Guests from Hidden Layer... - Malcolm Harkins, Kasimir Schulz - SWN #471
34:02
34:02
Play later
Play later
Lists
Like
Liked
34:02
Beating the AI Game, Ripple (not that one), Numerology, Darcula, Special Guests, and More, on this edition of the Security Weekly News. Special Guests from Hidden Layer to talk about this article: https://www.forbes.com/sites/tonybradley/2025/04/24/one-prompt-can-bypass-every-major-llms-safeguards/ Show Notes: https://securityweekly.com/swn-471…
…
continue reading
1
Hacking Crosswalks and Attacking Boilers - PSW #871
2:04:15
2:04:15
Play later
Play later
Lists
Like
Liked
2:04:15
The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patchin…
…
continue reading
1
ISO 42001 Certification, CIOs Struggle to Align Strategies, and CISOs Rethink Hiring - Martin Tschammer - BSW #392
1:03:55
1:03:55
Play later
Play later
Lists
Like
Liked
1:03:55
AI Governance, the next frontier for AI Security. But what framework should you use? ISO/IEC 42001 is an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within organizations. It is designed for entities providing or utilizin…
…
continue reading
1
Brains, Elusive Comet, AI Scams, Microsoft Dog Food, Deleting Yourself, Josh Marpet - SWN #470
31:59
31:59
Play later
Play later
Lists
Like
Liked
31:59
Brains, Scams, Elusive Comet, AI Scams, Microsoft Dog Food, Deleting Yourself, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-470
…
continue reading
