POPULARITY
Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs. Segment Resources: - [AppSec Indicator Spring 2023 edition | Invicti](https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand) This segment is sponsored by Invicti. Visit [securityweekly.com/invicti](https://securityweekly.com/invicti) to learn more about them! In the news, two XSS vulns via postMessage methods in Azure, how to choose (and move on from) a web research topic, OpenSSF finances a security developer-in-residence for Python, more infosec myths, free cybersecurity training resources. Visit [securityweekly.com/asw](https://securityweekly.com/asw) for all the latest episodes! Follow us on Twitter: [@SecWeekly](https://www.twitter.com/secweekly) Like us on Facebook: [facebook.com/secweekly](https://www.facebook.com/secweekly) Visit https://securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-245
Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs. Segment Resources: - [AppSec Indicator Spring 2023 edition | Invicti](https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand) This segment is sponsored by Invicti. Visit [securityweekly.com/invicti](https://securityweekly.com/invicti) to learn more about them! In the news, two XSS vulns via postMessage methods in Azure, how to choose (and move on from) a web research topic, OpenSSF finances a security developer-in-residence for Python, more infosec myths, free cybersecurity training resources. Visit [securityweekly.com/asw](https://securityweekly.com/asw) for all the latest episodes! Follow us on Twitter: [@SecWeekly](https://www.twitter.com/secweekly) Like us on Facebook: [facebook.com/secweekly](https://www.facebook.com/secweekly) Visit https://securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-245
Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs. Segment Resources: AppSec Indicator Spring 2023 edition: https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand) This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-245
Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs. Segment Resources: AppSec Indicator Spring 2023 edition: https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand) This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-245
Some of the most famous hacking tools in the market are Nmap (Network Mapper), Nessus, Nikto, Kismet, NetStumbler, Acunetix, Netsparker, and Intruder, Nmap, Metasploit, Aircrack-Ng, etc.
Benjamin will discuss securing iframes with the sandbox attribute. This segment is sponsored by Acunetix. Visit https://securityweekly.com/acunetix to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw709
Benjamin will discuss securing iframes with the sandbox attribute. This segment is sponsored by Acunetix. Visit https://securityweekly.com/acunetix to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw709
This week, we kick off the show with a technical segment, all about working with NMAP Vuln Scanning & Flan! In the Security News: Lightning cables that steal passwords, Malicious Code in your VRAM, creating a “TJ Hooper” for infosec, Linux 5.14, “Unhackable Wii” has been hacked, Hackers vs. Dictators & more!!! Finally, we have a pre-recorded interview featuring Benjamin Mussle, Senior Security Researcher at Acunetix, who joined to discuss I-Frame security! Show Notes: https://securityweekly.com/psw709 Visit https://securityweekly.com/acunetixto learn more about them! Visit https://www.securityweekly.com/pswfor all the latest episodes! Visit https://securityweekly.com/acmto sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we kick off the show with a technical segment, all about working with NMAP Vuln Scanning & Flan! In the Security News: Lightning cables that steal passwords, Malicious Code in your VRAM, creating a “TJ Hooper” for infosec, Linux 5.14, “Unhackable Wii” has been hacked, Hackers vs. Dictators & more!!! Finally, we have a pre-recorded interview featuring Benjamin Mussle, Senior Security Researcher at Acunetix, who joined to discuss I-Frame security! Show Notes: https://securityweekly.com/psw709 Visit https://securityweekly.com/acunetix to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, in our first segment, we welcome Ed Rossi, Vice President of Product Management, Asset Inventory & Discovery at Qualys, to talk about Reinventing Asset Inventory for Security! Then, in the Enterprise News, SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks, Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection, Microsoft puts PCs in the cloud with Windows 365, some funding and acquisition updates from Sysdig, AttackIQ, Stytch, SentinelOne, & more! Finally, we wrap up the show with two micro interviews from RSAC2021 featuring Mark Ralls from Acunetix by Invicti, and Wayne Haber from GitLab! Show Notes: https://securityweekly.com/esw235 Segment Resources: CSAM free trial: https://www.qualys.com/forms/cybersecurity-asset-management/ CSAM video overview: https://vimeo.com/551723071 Webpage: https://www.qualys.com/apps/cybersecurity-asset-management/ Visit https://securityweekly.com/qualys to learn more about them! Visit https://securityweekly.com/acunetix to learn more about them! Visit https://securityweekly.com/gitlab to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, in our first segment, we welcome Ed Rossi, Vice President of Product Management, Asset Inventory & Discovery at Qualys, to talk about Reinventing Asset Inventory for Security! Then, in the Enterprise News, SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks, Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection, Microsoft puts PCs in the cloud with Windows 365, some funding and acquisition updates from Sysdig, AttackIQ, Stytch, SentinelOne, & more! Finally, we wrap up the show with two micro interviews from RSAC2021 featuring Mark Ralls from Acunetix by Invicti, and Wayne Haber from GitLab! Show Notes: https://securityweekly.com/esw235 Segment Resources: CSAM free trial: https://www.qualys.com/forms/cybersecurity-asset-management/ CSAM video overview: https://vimeo.com/551723071 Webpage: https://www.qualys.com/apps/cybersecurity-asset-management/ Visit https://securityweekly.com/qualys to learn more about them! Visit https://securityweekly.com/acunetix to learn more about them! Visit https://securityweekly.com/gitlab to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities. In this segment, Mark talks about the best starting point for organizations to get back on track and prioritize your web app security. This segment is sponsored by Acunetix. Visit https://securityweekly.com/acunetix to learn more about them! Security can be somewhat of a mystery at a lot of organizations. Most companies choose to be tight-lipped about the security measures they have implemented. Rightfully so, there is an underlying fear that publicizing your security efforts could make you more vulnerable to security attacks and damage your reputation with your customers. However, there is another way. Transparency can be your ally in security. This segment is sponsored by GitLab. Visit https://securityweekly.com/gitlab to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw235
The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities. In this segment, Mark talks about the best starting point for organizations to get back on track and prioritize your web app security. This segment is sponsored by Acunetix. Visit https://securityweekly.com/acunetix to learn more about them! Security can be somewhat of a mystery at a lot of organizations. Most companies choose to be tight-lipped about the security measures they have implemented. Rightfully so, there is an underlying fear that publicizing your security efforts could make you more vulnerable to security attacks and damage your reputation with your customers. However, there is another way. Transparency can be your ally in security. This segment is sponsored by GitLab. Visit https://securityweekly.com/gitlab to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw235
The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities, as shown in the latest Acunetix by Invicti Web Application Vulnerability Report. In this segment, Ryan will discuss the main results, the trends that might have caused them, and advise how you can protect your organization against vulnerabilities that can negatively impact your business. In the Leadership and Communications section, 6 ways to spur cybersecurity board engagement, 5 key qualities of successful CISOs, and how to develop them, 4 Actions Transformational Leaders Take, and more! Show Notes: https://securityweekly.com/bsw216 Segment Resources: The Invicti AppSec Indicator, Spring 2021 Edition: Acunetix Web Vulnerability Report https://www.acunetix.com/white-papers/acunetix-web-application-vulnerability-report-2021/ Visit https://securityweekly.com/netsparker to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities, as shown in the latest Acunetix by Invicti Web Application Vulnerability Report. In this segment, Ryan will discuss the main results, the trends that might have caused them, and advise how you can protect your organization against vulnerabilities that can negatively impact your business. In the Leadership and Communications section, 6 ways to spur cybersecurity board engagement, 5 key qualities of successful CISOs, and how to develop them, 4 Actions Transformational Leaders Take, and more! Show Notes: https://securityweekly.com/bsw216 Segment Resources: The Invicti AppSec Indicator, Spring 2021 Edition: Acunetix Web Vulnerability Report https://www.acunetix.com/white-papers/acunetix-web-application-vulnerability-report-2021/ Visit https://securityweekly.com/netsparker to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities, as shown in the latest Acunetix by Invicti Web Application Vulnerability Report. In this segment, Ryan will discuss the main results, the trends that might have caused them, and advise how you can protect your organization against vulnerabillties that can negatively impact your business. Segment Resources: The Invicti AppSec Indicator, Spring 2021 Edition: Acunetix Web Vulnerability Report https://www.acunetix.com/white-papers/acunetix-web-application-vulnerability-report-2021/ This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw216
The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities, as shown in the latest Acunetix by Invicti Web Application Vulnerability Report. In this segment, Ryan will discuss the main results, the trends that might have caused them, and advise how you can protect your organization against vulnerabillties that can negatively impact your business. Segment Resources: The Invicti AppSec Indicator, Spring 2021 Edition: Acunetix Web Vulnerability Report https://www.acunetix.com/white-papers/acunetix-web-application-vulnerability-report-2021/ This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw216
In this episode: knowing your audience - discussing the IR impact how did this happen? how deep do you want to tailor your potential discussion? Every level must be asking "what, when, why, how?", not just those in the trenches does the level of incident mean that communication scales accordingly? And much more! Dr. Catherine J. Ullman (@investigatorchi) Incident Response communications Reminders: Patreon Jeff T. just became a $2 patron! Accepted to CircleCityCon on IR communications! Bsides Rochester Security B-Sides Rochester Spoke at SeaSec meetups: Qualys Update on Accellion FTA Security Incident | Qualys Security Blog Security Advisory | SolarWinds Family Educational Rights and Privacy Act (FERPA) It’s important to share necessary information with senior level people and higher ups, but is there a thing as ‘oversharing’? How do you toe the line between oversharing and nothing at all? In higher Ed, are you beholden to different disclosure requirements than businesses? What is Server Side Request Forgery (SSRF)? | Acunetix 13 Beautiful Tools to Create Status Pages for your Business (geekflare.com) Laying communication groundwork Status pages (notifying users) Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #AmazonMusic: https://brakesec.com/amazonmusic #Spotify: https://brakesec.com/spotifyBDS #Pandora: https://brakesec.com/pandora #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel: http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site: https://brakesec.com/bdswebsite #iHeartRadio App: https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec
Dr. Catherine J. Ullman (@investigatorchi) Incident Response communications Reminders: Patreon Jeff T. just became a $2 patron! Accepted to CircleCityCon on IR communications! Bsides Rochester Security B-Sides Rochester Spoke at SeaSec meetups: Qualys Update on Accellion FTA Security Incident | Qualys Security Blog Security Advisory | SolarWinds Family Educational Rights and Privacy Act (FERPA) It’s important to share necessary information with senior level people and higher ups, but is there a thing as ‘oversharing’? How do you toe the line between oversharing and nothing at all? In higher Ed, are you beholden to different disclosure requirements than businesses? What is Server Side Request Forgery (SSRF)? | Acunetix 13 Beautiful Tools to Create Status Pages for your Business (geekflare.com) Laying communication groundwork Status pages (notifying users) Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #AmazonMusic: https://brakesec.com/amazonmusic #Spotify: https://brakesec.com/spotifyBDS #Pandora: https://brakesec.com/pandora #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel: http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site: https://brakesec.com/bdswebsite #iHeartRadio App: https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec
This week, first we talk Enterprise News, discussing Acunetix new data retention policies, 5 things you should ask your web app pen test provider, Microsoft's open source tool for sniffing out Windows 10 bugs, Datadog unveils support for distributed tracing for AWS Step Functions via AWS X-Ray, and Gravwell's Data Fusion platform breaks the mold of legacy data ingestion engines! In our second segment, we welcome Ferruh Mavituna, CEO of Netsparker, to discuss Current Security Needs Of Modern Enterprise Companies! In our final segment, we welcome Jimmy Mesta, Director of Security Research at Signal Sciences, to discuss Securing Enterprise Digital Transformations! Show Notes: https://securityweekly.com/esw199 Visit https://securityweekly.com/netsparker to learn more about them! Visit https://securityweekly.com/signalsciences to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Acunetix new data retention policies, 5 Things to Ask Your Web App Pen Test Provider, Microsoft's open source tool for sniffing out Windows 10 bugs, Datadog unveils support for distributed tracing for AWS Step Functions via AWS X-Ray, Gravwell's Data Fusion platform breaks the mold of legacy data ingestion engines, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw199
This week, first we talk Enterprise News, discussing Acunetix new data retention policies, 5 things you should ask your web app pen test provider, Microsoft's open source tool for sniffing out Windows 10 bugs, Datadog unveils support for distributed tracing for AWS Step Functions via AWS X-Ray, and Gravwell's Data Fusion platform breaks the mold of legacy data ingestion engines! In our second segment, we welcome Ferruh Mavituna, CEO of Netsparker, to discuss Current Security Needs Of Modern Enterprise Companies! In our final segment, we welcome Jimmy Mesta, Director of Security Research at Signal Sciences, to discuss Securing Enterprise Digital Transformations! Show Notes: https://securityweekly.com/esw199 Visit https://securityweekly.com/netsparker to learn more about them! Visit https://securityweekly.com/signalsciences to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Acunetix new data retention policies, 5 Things to Ask Your Web App Pen Test Provider, Microsoft's open source tool for sniffing out Windows 10 bugs, Datadog unveils support for distributed tracing for AWS Step Functions via AWS X-Ray, Gravwell's Data Fusion platform breaks the mold of legacy data ingestion engines, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw199
This week, we welcome Mark Ralls, President and Chief Operating Officer at Acunetix, to discuss The Evolution of Enterprise Web Apps and Its Impact on Web Security! In our second segment, we welcome Brian Kelly, Head of Conjur Engineering for CyberArk, for a Technical Segment on Secretless And The End Of Application Secrets As We Know Them! In our final segment, we air a pre recorded interview with Steve Wylie, General Manager at Black Hat, discussing An overview of Black Hat USA 2020! Show Notes: https://securityweekly.com/esw191 Visit https://securityweekly.com/cyberark to learn more about them! Visit https://securityweekly.com/acunetix to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Mark Ralls, President and Chief Operating Officer at Acunetix, to discuss The Evolution of Enterprise Web Apps and Its Impact on Web Security! In our second segment, we welcome Brian Kelly, Head of Conjur Engineering for CyberArk, for a Technical Segment on Secretless And The End Of Application Secrets As We Know Them! In our final segment, we air a pre recorded interview with Steve Wylie, General Manager at Black Hat, discussing An overview of Black Hat USA 2020! Show Notes: https://securityweekly.com/esw191 Visit https://securityweekly.com/cyberark to learn more about them! Visit https://securityweekly.com/acunetix to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Dan DeCloss, President and CEO of PlexTrac, to talk about Enhancing Vulnerability Management By Including Penetration Testing Results! In the Security News, Hospital-busting hacker crew may be behind ransomware attack that made Honda halt car factories, 3 common misconceptions about PCI compliance, SMBleed could allow a remote attacker to leak kernel memory, Kubernetes Falls to Cryptomining via Machine-Learning Framework, and The F-words hidden superpower: How Repeating it can increase your pain threshold! In our Final Segment, we air a Pre-Recorded Interview with Ben Mussler, Senior Security Researcher at Acunetix, discussing New Web Technology and its Impact on Automated Security Testing! Show Notes: https://wiki.securityweekly.com/PSWEpisode655 To learn more about PlexTrac, visit: https://securityweekly.com/plextrac Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Dan DeCloss, President and CEO of PlexTrac, to talk about Enhancing Vulnerability Management By Including Penetration Testing Results! In the Security News, Hospital-busting hacker crew may be behind ransomware attack that made Honda halt car factories, 3 common misconceptions about PCI compliance, SMBleed could allow a remote attacker to leak kernel memory, Kubernetes Falls to Cryptomining via Machine-Learning Framework, and The F-words hidden superpower: How Repeating it can increase your pain threshold! In our Final Segment, we air a Pre-Recorded Interview with Ben Mussler, Senior Security Researcher at Acunetix, discussing New Web Technology and its Impact on Automated Security Testing! To learn more about PlexTrac, visit: https://securityweekly.com/plextrac Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://wiki.securityweekly.com/PSWEpisode655
Acunetix: Automation as a Solution for Web Application Security - Mark Ralls - RSAC 2020 Mark Ralls, President and Chief Operating Officer at Acunetix, discusses web security challenges in small and medium enterprises and how automation can help fill the skills gap. To schedule a demo with Acunetix, visit: https://securityweekly.com/acunetix Netsparker: How to Scale Web Application Security - Kevin Gallagher - RSAC 2020 Kevin Gallagher, Chief Revenue Officer at Netsparker, discusses how to scale web application security including asset discovery, application scanning, prioritization of results, and more! To get a demo of NetSparker, please visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode176
This week, we talk Enterprise News, to talk about Fortinet Introducing Self-Learning AI Appliance for Sub-Second Threat Detection Enterprise IT World, GreatHorn Offers Free Email Protection for 60 Days, ZeroNorth raises $10M to further expand engineering, customer support and sales, WordPress to get automatic updates for plugins and themes, and more!! In our second segment, we air two pre recorded interviews with Mehul Revanker of SaltStack and Utsav Sanghani of Synopsys from RSAC 2020! In our final segment, we air two more pre recorded interviews from the RSAC2020, with Kevin Gallagher of Netsparker and Mark Ralls of Acunetix! To request a demo with SaltStack, visit: https://securityweekly.com/saltstack To get a demo of Synopsys, please visit: https://securityweekly.com/synopsys To schedule a demo with Acunetix, visit: https://securityweekly.com/acunetix To get a demo of NetSparker, please visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about Fortinet Introducing Self-Learning AI Appliance for Sub-Second Threat Detection Enterprise IT World, GreatHorn Offers Free Email Protection for 60 Days, ZeroNorth raises $10M to further expand engineering, customer support and sales, WordPress to get automatic updates for plugins and themes, and more!! In our second segment, we air two pre recorded interviews with Mehul Revanker of SaltStack and Utsav Sanghani of Synopsys from RSAC 2020! In our final segment, we air two more pre recorded interviews from the RSAC2020, with Kevin Gallagher of Netsparker and Mark Ralls of Acunetix! To request a demo with SaltStack, visit: https://securityweekly.com/saltstack To get a demo of Synopsys, please visit: https://securityweekly.com/synopsys To schedule a demo with Acunetix, visit: https://securityweekly.com/acunetix To get a demo of NetSparker, please visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Acunetix: Automation as a Solution for Web Application Security - Mark Ralls - RSAC 2020 Mark Ralls, President and Chief Operating Officer at Acunetix, discusses web security challenges in small and medium enterprises and how automation can help fill the skills gap. To schedule a demo with Acunetix, visit: https://securityweekly.com/acunetix Netsparker: How to Scale Web Application Security - Kevin Gallagher - RSAC 2020 Kevin Gallagher, Chief Revenue Officer at Netsparker, discusses how to scale web application security including asset discovery, application scanning, prioritization of results, and more! To get a demo of NetSparker, please visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode176
This week, millions of utility customers passwords stored in plain text, Google ditches passwords in latest android devices, online validation services vulnerable to digital signature spoofing attacks, flaws in 4G and 5G allow snooping on calls, and TurboTax hit with credential stuffing attack and tax returns were compromised! Nicholas Sciberras from Acunetix joins us for expert commentary on how hackers created social media work after a bug report was ignored! To GET A FREE 14-DAY TRIAL of Acunetix, visit: https://securityweekly.com/acunetix Full Show Notes: https://wiki.securityweekly.com/HNNEpisode209 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, millions of utility customers passwords stored in plain text, Google ditches passwords in latest android devices, online validation services vulnerable to digital signature spoofing attacks, flaws in 4G and 5G allow snooping on calls, and TurboTax hit with credential stuffing attack and tax returns were compromised! Nicholas Sciberras from Acunetix joins us for expert commentary on how hackers created social media work after a bug report was ignored! To GET A FREE 14-DAY TRIAL of Acunetix, visit: https://securityweekly.com/acunetix Full Show Notes: https://wiki.securityweekly.com/HNNEpisode209 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Google ditches passwords in latest Android devices, ICANN calls for wholesale DNSSEC deployment, Flaws in 4G and 5G allow snooping on calls, pinpointing device location, TurboTax Hit with credential stuffing attack, and much more! To GET A FREE 14-DAY TRIAL of Acunetix, visit: https://securityweekly.com/acunetix Full Show Notes: https://wiki.securityweekly.com/HNNEpisode209 Visit http://hacknaked.tv to get all the latest episodes!
Benjamin Daniel Mussleris the Senior Security Researcher at Acunetix. Benjamin will come on the show to talk about Web App Scanning with authentication. To learn more about Acunetix, visit: https://securityweekly.com/acunetix Full Show Notes: https://wiki.securityweekly.com/Episode592 Follow us on Twitter: https://www.twitter.com/securityweekly
This week, we welcome Benjamin Daniel Mussler, Senior Security Researcher at Acunetix to talk about Web App Scanning with Authentication! In our second segment, the Security Weekly hosts will discuss the Future of Security, such as major changes, evolving threats, and security culture! In the Security News, 5 tips for access control from an ethical hacker, Japan is to hunt down citizens insecure IoT devices, kid tracking watches allow attackers to monitor real time location data, and Imperva mitigated a DDoS attack that generated 500 million packets per second! Full Show Notes: https://wiki.securityweekly.com/Episode592 Visit https://www.securityweekly.com/psw for all the latest episodes! To learn more about Acunetix, visit: https://www.acunetix.com/securityweekly/ Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Benjamin Daniel Mussleris the Senior Security Researcher at Acunetix. Benjamin will come on the show to talk about Web App Scanning with authentication. Full Show Notes: https://wiki.securityweekly.com/Episode592 Follow us on Twitter: https://www.twitter.com/securityweekly
This week, we welcome Benjamin Daniel Mussler, Senior Security Researcher at Acunetix to talk about Web App Scanning with Authentication! In our second segment, the Security Weekly hosts will discuss the Future of Security, such as major changes, evolving threats, and security culture! In the Security News, 5 tips for access control from an ethical hacker, Japan is to hunt down citizens insecure IoT devices, kid tracking watches allow attackers to monitor real time location data, and Imperva mitigated a DDoS attack that generated 500 million packets per second! Full Show Notes: https://wiki.securityweekly.com/Episode592 Visit https://www.securityweekly.com/psw for all the latest episodes! To learn more about Acunetix, visit: https://www.acunetix.com/securityweekly/ Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Aleksei Tiurin is the Senior Security Researcher for Acunetix. He is performing a technical segment on reverse proxies using weblogic, Tomcat, and Nginx. To learn more about Acunetix, go to: www.acunetix.com/securityweekly Full Show Notes: https://wiki.securityweekly.com/ASW_Episode42 Follow us on Twitter: https://www.twitter.com/securityweekly
This week, Keith and Paul interview Aleksei Tiurin, Senior Security Researcher at Acunetix! Aleksei joins Keith and Paul this week for a Technical Segment on reverse proxies using WebLogic, Nginx, and Tomcat! In the Application Security News, hackers are opening SMB ports on routers to infect PC’s with NSA malware, bug detectives whip up smarter version of classic AFL fuzzer to hunt code vulnerabilities, malware & rogue users can spy on some apps' HTTPS crypto, exploiting developer infrastructure is insanely easy, and more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode42 To learn more about Acunetix, go to: www.acunetix.com/securityweekly Visit https://www.securityweekly.com/asw for all the latest episodes! Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter! Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul interview Aleksei Tiurin, Senior Security Researcher at Acunetix! Aleksei joins Keith and Paul this week for a Technical Segment on reverse proxies using WebLogic, Nginx, and Tomcat! In the Application Security News, hackers are opening SMB ports on routers to infect PC’s with NSA malware, bug detectives whip up smarter version of classic AFL fuzzer to hunt code vulnerabilities, malware & rogue users can spy on some apps' HTTPS crypto, exploiting developer infrastructure is insanely easy, and more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode42 To learn more about Acunetix, go to: www.acunetix.com/securityweekly Visit https://www.securityweekly.com/asw for all the latest episodes! Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter! Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Aleksei Tiurin is the Senior Security Researcher for Acunetix. He is performing a technical segment on reverse proxies using weblogic, Tomcat, and Nginx. To learn more about Acunetix, go to: www.acunetix.com/securityweekly Full Show Notes: https://wiki.securityweekly.com/ASW_Episode42 Follow us on Twitter: https://www.twitter.com/securityweekly
Aleksei Tiurin is the Senior Security Researcher for Acunetix. Aleksei is giving a technical segment on insecure deserialization in Java/JVM and explains what polymorphism is. Aleksei Tiurin is a security researcher and pentester with over 8 years of experience in penetration testing and with a particular focus on ERP and banking systems and Windows-networks. To learn more about Acunetix, go to: https://www.acunetix.com/securityweekly Full Show Notes: https://wiki.securityweekly.com/Episode581 →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly
Aleksei Tiurin is the Senior Security Researcher for Acunetix. Aleksei is giving a technical segment on insecure deserialization in Java/JVM and explains what polymorphism is. Aleksei Tiurin is a security researcher and pentester with over 8 years of experience in penetration testing and with a particular focus on ERP and banking systems and Windows-networks. To learn more about Acunetix, go to: https://www.acunetix.com/securityweekly Full Show Notes: https://wiki.securityweekly.com/Episode581 →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly
Tenable Researcher Reveals Extended MikroTik Router Vulnerability, Wi-Fi versions will get names people can actually understand, don't accept Facebook's 2nd friend request, Google Plus exposed 500,000 users data, Weak passwords are being banned in California, and Code execution bug in malicious repositories resolved by Git Project! Juxin Dyrmishi Brigjaj of Acunetix joins us for expert commentary to talk about the resurgence of XSS after the big British Airways and NewEgg Hack! All that and more, on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode192 Sponsor Landing Page: https://www.acunetix.com/securityweekly/ Visit http://hacknaked.tv to get all the latest episodes!
This week, Tenable researcher reveals extended MikroTik Router Vulnerability, Wi-Fi versions will get names people can actually understand, don't accept Facebook's 2nd friend request, Google Plus exposed 500,000 users data, weak passwords are being banned in California, and code execution bug in malicious repositories resolved by Git Project! Juxin Dyrmishi Brigjaj of Acunetix joins us for expert commentary to talk about the resurgence of XSS after the big British Airways and NewEgg Hack! All that and more, on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode192 Sponsor Landing Page: https://www.acunetix.com/securityweekly/ Visit https://www.securityweekly.com/hnn for all the latest episodes! Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, Tenable researcher reveals extended MikroTik Router Vulnerability, Wi-Fi versions will get names people can actually understand, don't accept Facebook's 2nd friend request, Google Plus exposed 500,000 users data, weak passwords are being banned in California, and code execution bug in malicious repositories resolved by Git Project! Juxin Dyrmishi Brigjaj of Acunetix joins us for expert commentary to talk about the resurgence of XSS after the big British Airways and NewEgg Hack! All that and more, on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode192 Sponsor Landing Page: https://www.acunetix.com/securityweekly/ Visit https://www.securityweekly.com/hnn for all the latest episodes! Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
James Jardine provides an overview of Dynamic Analysis and why it is important. Like any automation, there are pros and cons. Listen to find out why dynamic analysis is useful. Some links to some dynamic analysis options that are available: WhiteHat Security (http://www.whitehatsec.com) HP - Web Inspect (http://www8.hp.com/us/en/software-solutions/webinspect-dynamic-analysis-dast/) IBM App Scan (http://www-03.ibm.com/software/products/en/appscan) Veracode (http://www.veracode.com) Acunetix (https://www.acunetix.com/)
После перерыва на отпуска и майские праздники мы снова вернулись и решили продолжить разговор о информационной безопасности с Денисом Макрушиным. Что представляет собой рынок киберпреступности, кто туда приходит и чем занимается, способы заработка на честных пользователях, механизмы защиты своих сервисов от взлома и многое другое. Инсайды с темной стороны. В выпуске: - Чем айтишник может заниматься на темной стороне. Роли киберпреступников. - Какие услуги распространены на рынке киберпреступности. Виды преступлений. - Техники осуществления взломов и отъема денег у честных граждан. - Как защититься от всей этой пакости. Ссылки: - Сканер уязвимостей веб-приложений Acunetix - Сканер уязвимостей XSpider - SWATing-атака на Брайана Кребса Гости подкаста: Денис Макрушин (difezza) Podsafe: J.1.0 - Frozen Paradise