Podcast appearances and mentions of adrian sanabria

Check out this episode from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on December 22, 2023. We're excited to give an end-of-year readout on the performance of the cybersecurity industry with Mike Privette, founder of Return on Security and author of the weekly Security, Funded newsletter. This year, this podcast has leaned heavily on the Security, Funded newsletter to prep for our news segment, as it provides a great summary of all the funding and M&A events going on each week. In this segment, we look back at 2023, statistics for the year, comparisons to 2022, interesting insights, predictions, and more! Segment Resources: Mike's blog; Return on Security: https://www.returnonsecurity.com/ Mike's newsletter; Security, Funded: https://www.returnonsecurity.com/subscribe Show Notes: https://securityweekly.com/vault-esw-17

Check out this episode from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on December 22, 2023. We're excited to give an end-of-year readout on the performance of the cybersecurity industry with Mike Privette, founder of Return on Security and author of the weekly Security, Funded newsletter. This year, this podcast has leaned heavily on the Security, Funded newsletter to prep for our news segment, as it provides a great summary of all the funding and M&A events going on each week. In this segment, we look back at 2023, statistics for the year, comparisons to 2022, interesting insights, predictions, and more! Segment Resources: Mike's blog; Return on Security: https://www.returnonsecurity.com/ Mike's newsletter; Security, Funded: https://www.returnonsecurity.com/subscribe Show Notes: https://securityweekly.com/vault-esw-17

Check out this episode from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on December 22, 2023. We're excited to give an end-of-year readout on the performance of the cybersecurity industry with Mike Privette, founder of Return on Security and author of the weekly Security, Funded newsletter. This year, this podcast has leaned heavily on the Security, Funded newsletter to prep for our news segment, as it provides a great summary of all the funding and M&A events going on each week. In this segment, we look back at 2023, statistics for the year, comparisons to 2022, interesting insights, predictions, and more! Segment Resources: Mike's blog; Return on Security: https://www.returnonsecurity.com/ Mike's newsletter; Security, Funded: https://www.returnonsecurity.com/subscribe Show Notes: https://securityweekly.com/vault-esw-17

Check out this episode from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on December 22, 2023. We're excited to give an end-of-year readout on the performance of the cybersecurity industry with Mike Privette, founder of Return on Security and author of the weekly Security, Funded newsletter. This year, this podcast has leaned heavily on the Security, Funded newsletter to prep for our news segment, as it provides a great summary of all the funding and M&A events going on each week. In this segment, we look back at 2023, statistics for the year, comparisons to 2022, interesting insights, predictions, and more! Segment Resources: Mike's blog; Return on Security: https://www.returnonsecurity.com/ Mike's newsletter; Security, Funded: https://www.returnonsecurity.com/subscribe Show Notes: https://securityweekly.com/vault-esw-17

Check out this episode from the ESW Vault, hand picked by main host Adrian Sanabria! This episode was initially published on April 21 2023. Quantum computers are scaling rapidly. Soon, they will be powerful enough to solve previously unsolvable problems. But they come with a global challenge: fully-realized quantum computers will be able to break some of the most widely-used security protocols in the world. Dr. Vadim Lyubashevsky will discuss how quantum-safe cryptography protects against this potential future. Segment Resources: IBM Quantum Safe: https://www.ibm.com/quantum/quantum-safe IBM scientists help develop NIST's quantum-safe standards: https://research.ibm.com/blog/nist-quantum-safe-protocols Government and industry experts recommend moving to quantum-safe cryptography: https://research.ibm.com/blog/economist-quantum-safe-replay Show Notes: https://securityweekly.com/vault-esw-16

Check out this episode from the ESW Vault, hand picked by main host Adrian Sanabria! This episode was initially published on April 21 2023. Quantum computers are scaling rapidly. Soon, they will be powerful enough to solve previously unsolvable problems. But they come with a global challenge: fully-realized quantum computers will be able to break some of the most widely-used security protocols in the world. Dr. Vadim Lyubashevsky will discuss how quantum-safe cryptography protects against this potential future. Segment Resources: IBM Quantum Safe: https://www.ibm.com/quantum/quantum-safe IBM scientists help develop NIST's quantum-safe standards: https://research.ibm.com/blog/nist-quantum-safe-protocols Government and industry experts recommend moving to quantum-safe cryptography: https://research.ibm.com/blog/economist-quantum-safe-replay Show Notes: https://securityweekly.com/vault-esw-16

Check out this episode from the ESW Vault, hand picked by main host Adrian Sanabria! This episode was initially published on April 21 2023. Quantum computers are scaling rapidly. Soon, they will be powerful enough to solve previously unsolvable problems. But they come with a global challenge: fully-realized quantum computers will be able to break some of the most widely-used security protocols in the world. Dr. Vadim Lyubashevsky will discuss how quantum-safe cryptography protects against this potential future. Segment Resources: IBM Quantum Safe: https://www.ibm.com/quantum/quantum-safe IBM scientists help develop NIST's quantum-safe standards: https://research.ibm.com/blog/nist-quantum-safe-protocols Government and industry experts recommend moving to quantum-safe cryptography: https://research.ibm.com/blog/economist-quantum-safe-replay Show Notes: https://securityweekly.com/vault-esw-16

Check out this episode from the ESW Vault, hand picked by main host Adrian Sanabria! This episode was initially published on April 21 2023. Quantum computers are scaling rapidly. Soon, they will be powerful enough to solve previously unsolvable problems. But they come with a global challenge: fully-realized quantum computers will be able to break some of the most widely-used security protocols in the world. Dr. Vadim Lyubashevsky will discuss how quantum-safe cryptography protects against this potential future. Segment Resources: IBM Quantum Safe: https://www.ibm.com/quantum/quantum-safe IBM scientists help develop NIST's quantum-safe standards: https://research.ibm.com/blog/nist-quantum-safe-protocols Government and industry experts recommend moving to quantum-safe cryptography: https://research.ibm.com/blog/economist-quantum-safe-replay Show Notes: https://securityweekly.com/vault-esw-16

This may be controversial, however, we've been privately discussing how organizations benefit from penetration testing and vulnerability scanning. Do you still need these services as a critical part of your security program? Can't you just patch stuff that is missing patches? Tune in for a lively debate! Zyxl NAS devices are under attack and the exploit is pretty simple, A new UEFI vulnerability with a name that some people don't like, that time you setup a load balancer and forgot about it, I love it when there is a vulnerability in a Wifi driver, Polyfill is filling the Internet with supply chain vulnerabilities, open source doesn't mean more secure, what happens when there is a vulnerability in your bootload, The Red Hat Linux kernel model is broken, when disclosure goes wrong, and more IoT router vulnerabilities. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-833

This may be controversial, however, we've been privately discussing how organizations benefit from penetration testing and vulnerability scanning. Do you still need these services as a critical part of your security program? Can't you just patch stuff that is missing patches? Tune in for a lively debate! Show Notes: https://securityweekly.com/psw-833

This may be controversial, however, we've been privately discussing how organizations benefit from penetration testing and vulnerability scanning. Do you still need these services as a critical part of your security program? Can't you just patch stuff that is missing patches? Tune in for a lively debate! Zyxl NAS devices are under attack and the exploit is pretty simple, A new UEFI vulnerability with a name that some people don't like, that time you setup a load balancer and forgot about it, I love it when there is a vulnerability in a Wifi driver, Polyfill is filling the Internet with supply chain vulnerabilities, open source doesn't mean more secure, what happens when there is a vulnerability in your bootload, The Red Hat Linux kernel model is broken, when disclosure goes wrong, and more IoT router vulnerabilities. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-833

This may be controversial, however, we've been privately discussing how organizations benefit from penetration testing and vulnerability scanning. Do you still need these services as a critical part of your security program? Can't you just patch stuff that is missing patches? Tune in for a lively debate! Show Notes: https://securityweekly.com/psw-833

Sometimes infosec problems can be summarized succinctly, like "patching is hard". Sometimes a succinct summary sounds convincing, but is based on old data, irrelevant data, or made up data. Adrian Sanabria walks through some of the archeological work he's done to dig up the source of some myths. We talk about some of our favorite (as in most disliked) myths to point out how oversimplified slogans and oversimplified threat models lead to bad advice -- and why bad advice can make users less secure. Segment resources: https://www.oreilly.com/library/view/cybersecurity-myths-and/9780137929214/ The OWASP Top 10 gets its first update after a year, Metasploit gets its first rewrite (but it's still in Perl), PHP adds support for prepared statements, RSA Conference puts passwords on notice while patching remains hard, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-279

Sometimes infosec problems can be summarized succinctly, like "patching is hard". Sometimes a succinct summary sounds convincing, but is based on old data, irrelevant data, or made up data. Adrian Sanabria walks through some of the archeological work he's done to dig up the source of some myths. We talk about some of our favorite (as in most disliked) myths to point out how oversimplified slogans and oversimplified threat models lead to bad advice -- and why bad advice can make users less secure. Segment resources: https://www.oreilly.com/library/view/cybersecurity-myths-and/9780137929214/ Show Notes: https://securityweekly.com/asw-279

Sometimes infosec problems can be summarized succinctly, like "patching is hard". Sometimes a succinct summary sounds convincing, but is based on old data, irrelevant data, or made up data. Adrian Sanabria walks through some of the archeological work he's done to dig up the source of some myths. We talk about some of our favorite (as in most disliked) myths to point out how oversimplified slogans and oversimplified threat models lead to bad advice -- and why bad advice can make users less secure. Segment resources: https://www.oreilly.com/library/view/cybersecurity-myths-and/9780137929214/ The OWASP Top 10 gets its first update after a year, Metasploit gets its first rewrite (but it's still in Perl), PHP adds support for prepared statements, RSA Conference puts passwords on notice while patching remains hard, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-279

Sometimes infosec problems can be summarized succinctly, like "patching is hard". Sometimes a succinct summary sounds convincing, but is based on old data, irrelevant data, or made up data. Adrian Sanabria walks through some of the archeological work he's done to dig up the source of some myths. We talk about some of our favorite (as in most disliked) myths to point out how oversimplified slogans and oversimplified threat models lead to bad advice -- and why bad advice can make users less secure. Segment resources: https://www.oreilly.com/library/view/cybersecurity-myths-and/9780137929214/ Show Notes: https://securityweekly.com/asw-279

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on September 22, 2021. Chris will discuss the relevance of intelligence and threat hunting today and how they work together. He will also talk about his EASY framework for creating impactful intelligence and its relation to hunting! Show Notes: https://securityweekly.com/vault-esw-8

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on September 22, 2021. Chris will discuss the relevance of intelligence and threat hunting today and how they work together. He will also talk about his EASY framework for creating impactful intelligence and its relation to hunting! Show Notes: https://securityweekly.com/vault-esw-8

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on September 22, 2021. Chris will discuss the relevance of intelligence and threat hunting today and how they work together. He will also talk about his EASY framework for creating impactful intelligence and its relation to hunting! Show Notes: https://securityweekly.com/vault-esw-8

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on September 22, 2021. Chris will discuss the relevance of intelligence and threat hunting today and how they work together. He will also talk about his EASY framework for creating impactful intelligence and its relation to hunting! Show Notes: https://securityweekly.com/vault-esw-8

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on November 18, 2022. This segment will focus on (1) Why Did Sephora Get Fined $1.2M and Why Are They on Probation? (2) Why Data Privacy is Being Overhauled in 2023 (and How You Can Be Ready) Segment Resources: https://www.consumerreports.org/electronics-computers/privacy/i-said-no-to-online-cookies-websites-tracked-me-anyway-a8480554809/  https://www.geekwire.com/2022/the-bittersweet-serendipity-that-gave-these-two-startup-leaders-a-shared-mission-in-online-privacy/ https://www.boltive.com/blog/why-having-a-consent-management-platform-is-not-enough https://www.boltive.com/blog/bracing-for-2023-privacy-laws https://ceoworld.biz/2022/07/03/three-ways-your-data-is-leaking-in-advertising-and-how-to-avoid-it/   Show Notes: https://securityweekly.com/vault-esw-4  Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly  

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on November 18, 2022. This segment will focus on (1) Why Did Sephora Get Fined $1.2M and Why Are They on Probation? (2) Why Data Privacy is Being Overhauled in 2023 (and How You Can Be Ready) Segment Resources: https://www.consumerreports.org/electronics-computers/privacy/i-said-no-to-online-cookies-websites-tracked-me-anyway-a8480554809/  https://www.geekwire.com/2022/the-bittersweet-serendipity-that-gave-these-two-startup-leaders-a-shared-mission-in-online-privacy/ https://www.boltive.com/blog/why-having-a-consent-management-platform-is-not-enough https://www.boltive.com/blog/bracing-for-2023-privacy-laws https://ceoworld.biz/2022/07/03/three-ways-your-data-is-leaking-in-advertising-and-how-to-avoid-it/   Show Notes: https://securityweekly.com/vault-esw-4  Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on November 18, 2022. This segment will focus on (1) Why Did Sephora Get Fined $1.2M and Why Are They on Probation? (2) Why Data Privacy is Being Overhauled in 2023 (and How You Can Be Ready) Segment Resources: https://www.consumerreports.org/electronics-computers/privacy/i-said-no-to-online-cookies-websites-tracked-me-anyway-a8480554809/  https://www.geekwire.com/2022/the-bittersweet-serendipity-that-gave-these-two-startup-leaders-a-shared-mission-in-online-privacy/ https://www.boltive.com/blog/why-having-a-consent-management-platform-is-not-enough https://www.boltive.com/blog/bracing-for-2023-privacy-laws https://ceoworld.biz/2022/07/03/three-ways-your-data-is-leaking-in-advertising-and-how-to-avoid-it/   Show Notes: https://securityweekly.com/vault-esw-4 

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on November 18, 2022. This segment will focus on (1) Why Did Sephora Get Fined $1.2M and Why Are They on Probation? (2) Why Data Privacy is Being Overhauled in 2023 (and How You Can Be Ready) Segment Resources: https://www.consumerreports.org/electronics-computers/privacy/i-said-no-to-online-cookies-websites-tracked-me-anyway-a8480554809/  https://www.geekwire.com/2022/the-bittersweet-serendipity-that-gave-these-two-startup-leaders-a-shared-mission-in-online-privacy/ https://www.boltive.com/blog/why-having-a-consent-management-platform-is-not-enough https://www.boltive.com/blog/bracing-for-2023-privacy-laws https://ceoworld.biz/2022/07/03/three-ways-your-data-is-leaking-in-advertising-and-how-to-avoid-it/   Show Notes: https://securityweekly.com/vault-esw-4   

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on August 11, 2022. Following in the footsteps of an attacker and uncovering their digital footprints, this episode will uncover an attacker's techniques used and how they went from zero to full domain admin compromise, which resulted in a nasty ransomware incident. It will also cover general lessons learned from Ransomware Incident Response.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-3 

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on August 11, 2022. Following in the footsteps of an attacker and uncovering their digital footprints, this episode will uncover an attacker's techniques used and how they went from zero to full domain admin compromise, which resulted in a nasty ransomware incident. It will also cover general lessons learned from Ransomware Incident Response.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-3 

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on August 11, 2022. Following in the footsteps of an attacker and uncovering their digital footprints, this episode will uncover an attacker's techniques used and how they went from zero to full domain admin compromise, which resulted in a nasty ransomware incident. It will also cover general lessons learned from Ransomware Incident Response.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-3 

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on August 11, 2022. Following in the footsteps of an attacker and uncovering their digital footprints, this episode will uncover an attacker's techniques used and how they went from zero to full domain admin compromise, which resulted in a nasty ransomware incident. It will also cover general lessons learned from Ransomware Incident Response.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-3 

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on September 29, 2021.   No Man is an Island. Neither can a security program exist without interconnections and strong relationships to the rest of the business. Yet, over and over again I meet Security Leaders that thrive on designing security fiefdoms with large moats, and one bridge that they roll down only when they intend to roll out a new technology, initiative or need budget authority. There is no amount of authority or power that can provided to a CISO that makes he or she immunized against the need for communication, collaboration and diplomacy with peers, users and Senior Executives.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-2 

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on September 29, 2021.   No Man is an Island. Neither can a security program exist without interconnections and strong relationships to the rest of the business. Yet, over and over again I meet Security Leaders that thrive on designing security fiefdoms with large moats, and one bridge that they roll down only when they intend to roll out a new technology, initiative or need budget authority. There is no amount of authority or power that can provided to a CISO that makes he or she immunized against the need for communication, collaboration and diplomacy with peers, users and Senior Executives.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-2 

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on September 29, 2021.   No Man is an Island. Neither can a security program exist without interconnections and strong relationships to the rest of the business. Yet, over and over again I meet Security Leaders that thrive on designing security fiefdoms with large moats, and one bridge that they roll down only when they intend to roll out a new technology, initiative or need budget authority. There is no amount of authority or power that can provided to a CISO that makes he or she immunized against the need for communication, collaboration and diplomacy with peers, users and Senior Executives.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-2 

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on September 29, 2021.   No Man is an Island. Neither can a security program exist without interconnections and strong relationships to the rest of the business. Yet, over and over again I meet Security Leaders that thrive on designing security fiefdoms with large moats, and one bridge that they roll down only when they intend to roll out a new technology, initiative or need budget authority. There is no amount of authority or power that can provided to a CISO that makes he or she immunized against the need for communication, collaboration and diplomacy with peers, users and Senior Executives.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-2 

Phrenology, Barracuda, MoveIt, Lazarus, Minecraft, ChatGPT, Adrian Sanabria, and More on this edition of the Security Weekly News.  Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly  Like us on Facebook: https://www.facebook.com/secweekly  Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-303

Phrenology, Barracuda, MoveIt, Lazarus, Minecraft, ChatGPT, Adrian Sanabria, and More on this edition of the Security Weekly News.   Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-303 

Phrenology, Barracuda, MoveIt, Lazarus, Minecraft, ChatGPT, Adrian Sanabria, and More on this edition of the Security Weekly News.  Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly  Like us on Facebook: https://www.facebook.com/secweekly  Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-303

Phrenology, Barracuda, MoveIt, Lazarus, Minecraft, ChatGPT, Adrian Sanabria, and More on this edition of the Security Weekly News.   Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-303 

Check out this interview from the ESW VAULT, hand picked by main host Adrian Sanabria! This segment was originally published on October 21, 2021. The Record has published several interviews with cybercriminals, courtesy The Record's Russian-speaking analyst, Dmitry Smilyanets (https://therecord.media/author/dmitry-smilyanets). These interviews have included representatives from REvil, BlackMatter, and Marketo. The interviews have uncovered the gangs' motivations, targets, and tactics, and have been cited by officials, including White House Deputy National Security Advisor Anne Neuberger. We talk with Adam Janofsky, founder and Editorial Director of The Record about what it's like to start a vendor-sponsored media outlet (The Record is funded by Recorded Future), and what they've learned by interviewing the bad guys. This segment is sponsored by Devo. Visit https://securityweekly.com/devo to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-1 

Check out this interview from the ESW VAULT, hand picked by main host Adrian Sanabria! This segment was originally published on October 21, 2021. The Record has published several interviews with cybercriminals, courtesy The Record's Russian-speaking analyst, Dmitry Smilyanets (https://therecord.media/author/dmitry-smilyanets). These interviews have included representatives from REvil, BlackMatter, and Marketo. The interviews have uncovered the gangs' motivations, targets, and tactics, and have been cited by officials, including White House Deputy National Security Advisor Anne Neuberger. We talk with Adam Janofsky, founder and Editorial Director of The Record about what it's like to start a vendor-sponsored media outlet (The Record is funded by Recorded Future), and what they've learned by interviewing the bad guys. This segment is sponsored by Devo. Visit https://securityweekly.com/devo to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-1 

Check out this interview from the ESW VAULT, hand picked by main host Adrian Sanabria! This segment was originally published on October 21, 2021. The Record has published several interviews with cybercriminals, courtesy The Record's Russian-speaking analyst, Dmitry Smilyanets (https://therecord.media/author/dmitry-smilyanets). These interviews have included representatives from REvil, BlackMatter, and Marketo. The interviews have uncovered the gangs' motivations, targets, and tactics, and have been cited by officials, including White House Deputy National Security Advisor Anne Neuberger. We talk with Adam Janofsky, founder and Editorial Director of The Record about what it's like to start a vendor-sponsored media outlet (The Record is funded by Recorded Future), and what they've learned by interviewing the bad guys. This segment is sponsored by Devo. Visit https://securityweekly.com/devo to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-1 

Check out this interview from the ESW VAULT, hand picked by main host Adrian Sanabria! This segment was originally published on October 21, 2021. The Record has published several interviews with cybercriminals, courtesy The Record's Russian-speaking analyst, Dmitry Smilyanets (https://therecord.media/author/dmitry-smilyanets). These interviews have included representatives from REvil, BlackMatter, and Marketo. The interviews have uncovered the gangs' motivations, targets, and tactics, and have been cited by officials, including White House Deputy National Security Advisor Anne Neuberger. We talk with Adam Janofsky, founder and Editorial Director of The Record about what it's like to start a vendor-sponsored media outlet (The Record is funded by Recorded Future), and what they've learned by interviewing the bad guys. This segment is sponsored by Devo. Visit https://securityweekly.com/devo to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-1 

This episode is a bit scary.  Adrian Sanabria, who on an earlier show busted many cybersecurity myths, is back again, this time analyzing the impact of Large Language Model Artificial Intelligence on a hypothesized skills gap on the bad guy side. Premise One: Given how many organizations that are vulnerable and that have NOT been breached, the bad guys are suffering the same skills gap we are. Premise Two: Exploit attacks (think of exploits as ransomware, data hostage situations, threats to publish breached data, etc.) can benefit from LLM AI. It's really that simple a connecting of the dots.  Adrian and Allan deconstruct the steps of an exploit attack, analyze the capabilities of LLM AI and cross-reference the two. If they are right, then we have a burden of leveraging and learning LLM AI ourselves, as quickly as possible... Sponsored by our good friends at Dazz: Dazz takes the pain out of the cloud remediation process using automation and intelligence to discover, reduce, and fix security issues—lightning fast. Visit Dazz.io/demo and see for yourself.

In this episode of Phishy Business, Mimecast CMO and guest host Norman Guadagno, chats to four different people at this year's RSA Conference in San Francisco. Our guests were interviewed in our very own podcast recording studio at the Mimecast booth. In part one of this two-part episode, we learn more about our guests' roles, their companies, and the cool things they're working on. We also discuss what was trending at this year's show and how the conference has evolved over the years. Did we mention ChatGPT? That was brought up once or twice too! Our guests for part one: Adrian Sanabria, podcast host of Enterprise Security Weekly, (1:14 – 13:30) Pam Cyr, vice president of technical partnerships at Palo Alto Networks (14:00 – 25:23), Michael Smith, CISO at HKS, Inc. (25:41 – 38:35) and Michiel Prins, co-founder and head of professional services at HackerOne (39:17 – 51:27). In ‘ChatGPT buzz + much more from the RSAC show floor' we discuss: The major trends from this year's conference How ChatGPT is being used now – and what the future could hold Technology partnerships and how they benefit organizations Cybersecurity resources to learn more about security and coding Why cybersecurity is a great field to go into

On this episode of the Cybersecurity Defenders podcast we have a focused discussion on ransomware with Paul Ihme, Co-Founder and Managing Principle at Soteria Security Solutions and Advisory.Paul is a cybersecurity professional with experience in federal and private environments. Wide array of expertise in multiple information technology domains, specializing in penetration testing, vulnerability assessments, and security incident response.The blog article, "Ransomware Is Irrelevant (Wait WHAT?!)" written by Adrian Sanabria that is referenced in the podcast can be viewed here. The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

This week, Joe, Paul, Jason ABQ and guest Adrian Sanabria discuss what they have been smoking, we will have Cigar news, Stogie Geek Ratings, and stuff you might need to know! E-mail joeh@stogiegeeks.com or drew@stogiegeeks.com with questions and comments! Full Show Notes: https://stogiegeeks.com/376 Follow us on Twitter: @stogiegeeks Facebook: https://www.facebook.com/stogiegeeks Instagram: https://instagram.com/stogiegeeks Show Notes: https://stogiegeeks.com/sg388

This week, Joe, Paul, Jason ABQ and guest Adrian Sanabria discuss what they have been smoking, we will have Cigar news, Stogie Geek Ratings, and stuff you might need to know! E-mail joeh@stogiegeeks.com or drew@stogiegeeks.com with questions and comments! Full Show Notes: https://stogiegeeks.com/376 Follow us on Twitter: @stogiegeeks Facebook: https://www.facebook.com/stogiegeeks Instagram: https://instagram.com/stogiegeeks Follow us on Twitter: @stogiegeeks Show Notes: https://stogiegeeks.com/sg376

Most of the myths and lies in InfoSec take hold because they seem correct or sound logical. Similar cognitive biases make it possible for even the most preposterous conspiracy theories to become commonly accepted in some groups. This is a talk about the importance of critical thinking and checking sources in InfoSec. Our industry is relatively new and constantly changing. Too often, we operate more off faith and hope than fact or results. Exhausted and overworked defenders often don't have the time to seek direct evidence for claims, question sources, or test theories for themselves. Resources - https://www.usenix.org/conference/enigma2023/presentation/sanabria - https://www.usenix.org/sites/default/files/conference/protected-files/enigma2023_slides_sanabria.pdf - https://yourbias.is - Discuss: What Makes a Good Breach Response? - ESW #303: https://www.youtube.com/watch?v=5RpZiVu3xEs   The aviation equivalent of ASCII art, a memory safety issue in OpenSSH that might not be terrible, a format string in F5 that might be terrible, a new MITRE framework for supply chain security, programming languages and secure code   Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/asw228

Most of the myths and lies in InfoSec take hold because they seem correct or sound logical. Similar cognitive biases make it possible for even the most preposterous conspiracy theories to become commonly accepted in some groups. This is a talk about the importance of critical thinking and checking sources in InfoSec. Our industry is relatively new and constantly changing. Too often, we operate more off faith and hope than fact or results. Exhausted and overworked defenders often don't have the time to seek direct evidence for claims, question sources, or test theories for themselves. Resources - https://www.usenix.org/conference/enigma2023/presentation/sanabria - https://www.usenix.org/sites/default/files/conference/protected-files/enigma2023_slides_sanabria.pdf - https://yourbias.is - Discuss: What Makes a Good Breach Response? - ESW #303: https://www.youtube.com/watch?v=5RpZiVu3xEs   Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw228

Most of the myths and lies in InfoSec take hold because they seem correct or sound logical. Similar cognitive biases make it possible for even the most preposterous conspiracy theories to become commonly accepted in some groups. This is a talk about the importance of critical thinking and checking sources in InfoSec. Our industry is relatively new and constantly changing. Too often, we operate more off faith and hope than fact or results. Exhausted and overworked defenders often don't have the time to seek direct evidence for claims, question sources, or test theories for themselves. Resources - https://www.usenix.org/conference/enigma2023/presentation/sanabria - https://www.usenix.org/sites/default/files/conference/protected-files/enigma2023_slides_sanabria.pdf - https://yourbias.is - Discuss: What Makes a Good Breach Response? - ESW #303: https://www.youtube.com/watch?v=5RpZiVu3xEs   The aviation equivalent of ASCII art, a memory safety issue in OpenSSH that might not be terrible, a format string in F5 that might be terrible, a new MITRE framework for supply chain security, programming languages and secure code   Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/asw228

Most of the myths and lies in InfoSec take hold because they seem correct or sound logical. Similar cognitive biases make it possible for even the most preposterous conspiracy theories to become commonly accepted in some groups. This is a talk about the importance of critical thinking and checking sources in InfoSec. Our industry is relatively new and constantly changing. Too often, we operate more off faith and hope than fact or results. Exhausted and overworked defenders often don't have the time to seek direct evidence for claims, question sources, or test theories for themselves. Resources - https://www.usenix.org/conference/enigma2023/presentation/sanabria - https://www.usenix.org/sites/default/files/conference/protected-files/enigma2023_slides_sanabria.pdf - https://yourbias.is - Discuss: What Makes a Good Breach Response? - ESW #303: https://www.youtube.com/watch?v=5RpZiVu3xEs   Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw228

Adrian talks to us about why the security industry needs more myth-busters and more feedback loops. He talks about the allure of the industry because everything is new and changing. Also how the old adage that knowing thy past can help understand future trends. The need to know how things work, and understand how different events can effect the world is a huge driver for success in the cybersecurity industry and for Adrian. He touches on knowing when to outsource and being able to prioritize those things. He talks about a YT video about the concept of an "expert" and how that inspired him, as well as the idea of 10,000 hours required. The big thing missing from this model is feedback loops. A big chunk of that feedback information that would be helpful to make everyone better, isn't getting to the people or vendors that need it most. He ends on the idea of how important it is being proactive vs reactive. That way engineers and defenders can act proactively to protect and save lives, money, etc.   Connect with Adrian: https://www.linkedin.com/in/adrian-sanabria/ Visit Tenchi Security: https://www.tenchisecurity.com/   Visit Short Arms website: https://www.shortarmsolutions.com/    You can follow us at: Linked In: https://www.linkedin.com/company/shortarmsolutions  YouTube: https://www.youtube.com/channel/UCjUNoFuy6d1rouj_SBg3Qkw/featured  Twitter: https://twitter.com/ShortArmSAS

Adrian talks to us about why the security industry needs more myth-busters and more feedback loops. He talks about the allure of the industry because everything is new and changing. Also how the old adage that knowing thy past can help understand future trends. The need to know how things work, and understand how different events can effect the world is a huge driver for success in the cybersecurity industry and for Adrian. He touches on knowing when to outsource and being able to prioritize those things. He talks about a YT video about the concept of an "expert" and how that inspired him, as well as the idea of 10,000 hours required. The big thing missing from this model is feedback loops. A big chunk of that feedback information that would be helpful to make everyone better, isn't getting to the people or vendors that need it most. He ends on the idea of how important it is being proactive vs reactive. That way engineers and defenders can act proactively to protect and save lives, money, etc.   Connect with Adrian: https://www.linkedin.com/in/adrian-sanabria/ Visit Tenchi Security: https://www.tenchisecurity.com/   Visit Short Arms website: https://www.shortarmsolutions.com/    You can follow us at: Linked In: https://www.linkedin.com/company/shortarmsolutions  YouTube: https://www.youtube.com/channel/UCjUNoFuy6d1rouj_SBg3Qkw/featured  Twitter: https://twitter.com/ShortArmSAS

Adrian Sanabria, Director of Product Management at Tenchi Security, arrives at the Ranch this week to debunk cyber myths and expose industry lies. Using his background running Security Weekly Labs at Cyber Risk Alliance, Adrian explains the lack of cohesive product testing happening in the cyber world, and delves into the research he's done to get to the bottom of cyber's most elusive statistics. Do 60% of small businesses go out of business after a breach? Adrian has an answer that just might surprise you.    Timecoded Guide: [00:00] Introducing Adrian and his journey with Cyber Risk Alliance [06:47] Buying awards and lying about customers [13:24] Finding the source of fake cyber statistics [24:28] The lies of vulnerability management and security awareness training [30:58] Explaining Adrian's It's Time to Kill the Pen Test talk  [40:41] Creating a money-making concept for debunking cyber myths   Sponsor Links: Thank you to our sponsor Axonius for bringing this episode to life! Manual asset inventory just doesn't cut it anymore. That's where Axonious comes in. Take control of security complexities by uncovering gaps in your organization. Sign up for a free walk through of the platform at Axonius.com/Get-A-Tour Can you tell me about your product testing lab with Cyber Risk Alliance?  We often hear the startup motto of “fake it ‘til you make it,” but Adrian wasn't aware of how pervasive that concept was in cyber until he began his work with 451 Security. After encountering numerous professionals that expressed complaints and confusion with products on the market, Adrian wanted to break into the world of product testing— and the Security Weekly Labs were born. With a focus on external attack surface management and network vulnerability scanners, Adrian sought to find the truth behind the product vendors were selling him— and what he discovered strongly influenced his future.  “When we talk about myths and lies, it's not just straight up lies, right? At some point, they're faking it till they make it, and they get to a point where it's just too late to turn back. And then, it starts to get a little bit more insidious.”    Are vendors going far enough to fake customers and awards?  Not only are vendors “faking it” in a startup sense, some vendors have gotten right to the point of lying about the awards they've received and the high profile customers they've worked with. Adrian explains that buying and lying about awards has become a common practice within the cyber world, where certain businesses have let the marketing of winning an award override the legitimacy of their own success. While some companies may ignorantly feel drawn in by meaningless awards, more insidious industry liars have already mastered pulling out their credit card to buy what they want to win “You can actually even fill in the name of the category you want to win an award for, you can just make up your own category. You drop a credit card and they send you a trophy. Some of these fake awards even have award ceremonies.”   Where do these cybersecurity statistics come from, and how do we validate them? 60% of small businesses go out of business after a breach— but do they really? Adrian's exposition of cyber lies leaves no stone unturned, even when it comes to mystery statistics. Where did these numbers come from, and why would millions of businesses be more impacted by security breaches than fraud? After interacting with statistics like this with a shocking frequency, Adrian has even taken to Twitter on numerous occasions to call out companies marketing with fake stats and reveal his own research findings.  “​​There are people that have just hinged their reputations and their careers on some of these myths…And it's not that companies don't get hurt by breaches, but it benefits no one to make up stats, or to push this narrative.”   Is it time to kill the pen test?  There's a lot of things done in cyber that might not have a place for everyone. Pen testing is near the end of Adrian's list, but he's quick to point out that the pen test process needs to change. Unfortunately, the bulk of what any organization is paying for when they run a pen test are vulnerability scans and report paperwork. Explaining a concept he developed with his friend and co-founder Kyle at Savage Security, Adrian explains that the modern-day pen test needs to look more like purple teaming and focus on prioritizing what really needs to be fixed. “A lot of companies have pen tests, because they don't know what else to do with their security budget. You could apply that more broadly. A lot of people have a security budget, and they buy what they see their peers buy and do what analysts tell them to do.” ------------- Links: Learn more about Adrian Sanabria on LinkedIn and Twitter Check out Tenchi Security on LinkedIn and the Tenchi Security website Follow Allan Alford on LinkedIn and Twitter Purchase a Cyber Ranch Podcast T-Shirt at the Hacker Valley Store  Continue this conversation on our Discord Listen to more from the Hacker Valley Studio and The Cyber Ranch Podcast

In this episode Adrian and I continue our discussion from RSA. If you haven't listened to that episode yet I recommend you start with part one.  I hope everyone enjoys it! If you enjoy the podcast please go leave a review on the platform you listen, like it & share the podcast. You can also follow the podcast on social media at the links below. Follow the Podcast on Social Media!Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcastPatreon: https://www.patreon.com/SecurityUnfilteredPodcastAdrians Links:https://www.linkedin.com/in/adrian-sanabria/https://securityweekly.com/category-shows/enterprise-security-weekly/Dev InterruptedBehind every successful tech company is an engineering org. We tell their story.Listen on: Apple Podcasts Spotify The Godfrey PodcastWelcome to mindset and self-development podcast. Dedicated to impacting life and...Listen on: Apple Podcasts Spotify The Reformed Financial Advisor Learn from a CFP® the why and how of integrating Bitcoin into your financial plan .Listen on: Apple Podcasts SpotifySupport the show

In this episode I talk with Adrian who is a Security Weekly Podcast Host. Our conversation was amazing but it was far too short due to other scheduling commitments. This is part 1 of our conversation. I hope everyone enjoys it! If you enjoy the podcast please go leave a review on the platform you listen, like it & share the podcast. You can also follow the podcast on social media at the links below.  Follow the Podcast on Social Media! Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast Patreon: https://www.patreon.com/SecurityUnfilteredPodcast Adrians Links: https://www.linkedin.com/in/adrian-sanabria/ https://securityweekly.com/category-shows/enterprise-security-weekly/Support the show

#CISOThursdays​: Breaking Into Cybersecurity + Adrian Sanabria 10.14.21 Join us as we discuss recent news and hot topics in security. The crew is ready for a lively discussion with our guest Adrian Sanabria. About Breaking Into Cybersecurity: This series was created by Renee Small & ☁️ Christophe Foulon ☁️ to share stories of how the most recent cybersecurity professionals are breaking into the industry. Our special editions are us talking to experts in their fields and cyber gurus who share their experiences of helping others break in. #cybersecurity​ #breakingintocybersecurity​ #securitypeeps​ #informationsecurity​ #ChrisFoulon​ #ReneeSmall​ _________________________________________ About the hosts: Renee Small is the CEO of Cyber Human Capital, one of the leading human resources business partners in the field of cybersecurity, and author of the Amazon #1 best-selling book, Magnetic Hiring: Your Company's Secret Weapon to Attracting Top Cyber Security Talent. She is committed to helping leaders close the cybersecurity talent gap by hiring from within and helping more people get into the lucrative cybersecurity profession. https://www.linkedin.com/in/reneebrownsmall/ Download a free copy of her book at magnetichiring.com/book Christophe Foulon focuses on helping to secure people and processes with a solid understanding of the technology involved. He has over 10 years as an experienced Information Security Manager and Cybersecurity Strategist with a passion for customer service, process improvement, and information security. He has significant experience in optimizing the use of technology while balancing the implications to people, processes, and information security by using a consultative approach. https://www.linkedin.com/in/christophefoulon/ Find out more about CPF-Coaching at https://cpf-coaching.com • Podcast: https://anchor.fm/breakingintocybersecurity • YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity --- Support this podcast: https://anchor.fm/breakingintocybersecurity/support

This Week Dr. Doug talks: Facebook BGP, Disabled Vets, Coinbase, Cybermonth, Windows 11, Python Ransomware, fake plumbuses, & the Special Guest Expert Commentary of Adrian Sanabria on this episode of the Security Weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn155

This Week Dr. Doug talks: Facebook BGP, Disabled Vets, Coinbase, Cybermonth, Windows 11, Python Ransomware, fake plumbuses, & the Special Guest Expert Commentary of Adrian Sanabria on this episode of the Security Weekly News!   Show Notes: https://securityweekly.com/swn155 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This Week Dr. Doug talks: Facebook BGP, Disabled Vets, Coinbase, Cybermonth, Windows 11, Python Ransomware, fake plumbuses, & the Special Guest Expert Commentary of Adrian Sanabria on this episode of the Security Weekly News!   Show Notes: https://securityweekly.com/swn155 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

There are billions of dollars spent on security product marketing. Yet, thousands of breaches happen every year at companies running products that claim to keep you safe. The problem is that we have no established system for figuring out whether these products actually work. This lack of oversight creates a more vulnerable environment for everyone.In this episode, Adrian Sanabria, founder of CyberRisk Alliance, discusses the things we can do to better assess products and invest in solutions that actually work. Show Links Check out CyberRisk Alliance and follow them on LinkedIn Connect with Adrian Sanabria on LinkedIn or Twitter Follow IRONSCALES on LinkedIn or Twitter Connect with Brendon Rod on LinkedIn ----------------------------- We're stronger together.Keep connected with CyberSecurity Heroes at Apple Podcasts, Spotify, Stitcher and Google Podcast.Catch all the links to the episode below or search for #CyberSecurityHeroes in your favorite podcast player. Sounder: Apple Spotify: CyberSecurity Heroes is brought to you by IRONSCALES. An email security platform powered by AI, enhanced by thousands of customer security teams and built around detecting and removing threats in the inbox. We offer a service that is fast to deploy, easy to operate and is unparalleled in the ability to stop all types of email threats, including advanced attacks like BEC, ATO and more. Learn more at ironscales.com

 Host Tanya Janca   learns what it's like to do Cybersecurity Product testing and reviews at Security Weekly Labs with guest Adrian Sanabria!  Thank you to our sponsor Checkmarx! https://www.checkmarx.com/ Buy Tanya's new book on Application Security: Alice and Bob learn Application Security Don't forget to check out We Hack Purple Academy's NEW courses, Join our Cyber Security community: https://community.wehackpurple.com/ A safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter here: https://newsletter.wehackpurple.com/ Find us on Apple Podcast, Overcast + Pod 

This week, we kick off the show with the Security News: Is the cyber NTSB a good thing?, Russian virtual keyboard for the win, information should be free, hang on while I unplug the Internet, security MUST be taken seriously, poison the water hole to poison the water, bombing hackers, how industry best practices have failed us?, publishing exploits is still a good thing regardless of what the studies say, & more! Then, we have a Technical Segment featuring our own Adrian Sanabria, & Sounil Yu from JupiterOne! Then we wrap up the show with a pre-recorded interview with ‘Wheel’ on the “21 Nails“ Exim Mail Server Vulns!   Show Notes: https://securityweekly.com/psw695 Segment Resources: https://blog.qualys.com/vulnerabilities-research/2021/05/04/21nails-multiple-vulnerabilities-in-exim-mail-server   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we kick off the show with the Security News: Is the cyber NTSB a good thing?, Russian virtual keyboard for the win, information should be free, hang on while I unplug the Internet, security MUST be taken seriously, poison the water hole to poison the water, bombing hackers, how industry best practices have failed us?, publishing exploits is still a good thing regardless of what the studies say, & more! Then, we have a Technical Segment featuring our own Adrian Sanabria, & Sounil Yu from JupiterOne! Then we wrap up the show with a pre-recorded interview with ‘Wheel’ on the “21 Nails“ Exim Mail Server Vulns!   Show Notes: https://securityweekly.com/psw695 Segment Resources: https://blog.qualys.com/vulnerabilities-research/2021/05/04/21nails-multiple-vulnerabilities-in-exim-mail-server   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week Javvad and Erich welcome a long time friend and former colleague of Javvad's, Adrian Sanabria to the show as they discuss news around the takedown of the the Emotet group, a new phishing toolkit that dynamically changes brands and other news from they cybersecurity world. Adrian also discusses his new job and how it will change the future of infosec tool product reviews. Don't forget to like and subscribe for more great weekly content!  Adrian's Social Media: Twitter: @sawaba LinkedIn: https://www.linkedin.com/in/adrian-sanabria/ OnlyFans: TBD Stories from the show: Emotet Takedown: https://www.bbc.com/news/technology-55826258 New Phishing Toolkit: https://www.zdnet.com/article/new-cybercrime-tool-can-build-phishing-pages-in-real-time/ Krebs on Solarwinds: https://krebsonsecurity.com/2021/01/solarwinds-what-hit-us-could-hit-others/ The Sonicwall Problem: https://threatpost.com/sonicwall-breach-zero-days-in-remote-access/163290/ The Security Products We Deserve: https://youtu.be/GHuQC1qLnJ4

We're continuing the discussion with Adrian Sanabria and exploring if and how the plans for CRA/Security Weekly will impact the Security & Compliance Weekly audience!   Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/scw52

This week, we have the pleasure of welcoming the newest member of the CRA/Security Weekly family, Adrian Sanabria! What is his role at Security Weekly, and what is the plan for rolling things out over the next 12-18 months? We'll continue the discussion with Adrian Sanabria and explore if and how the plans for CRA/Security Weekly will impact the Security & Compliance Weekly audience!   Show Notes: https://wiki.securityweekly.com/scw52 Visit https://www.securityweekly.com/scw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

An Interview with the newest member of the CRA/Security Weekly family, Adrian Sanabria! What is his role at Security Weekly, and what is the plan for rolling things out over the next 12-18 months?   Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/scw52

This week, we have the pleasure of welcoming the newest member of the CRA/Security Weekly family, Adrian Sanabria! What is his role at Security Weekly, and what is the plan for rolling things out over the next 12-18 months? We'll continue the discussion with Adrian Sanabria and explore if and how the plans for CRA/Security Weekly will impact the Security & Compliance Weekly audience!   Show Notes: https://wiki.securityweekly.com/scw52 Visit https://www.securityweekly.com/scw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Should possessing malware be illegal in itself? How did a Russian cryptocurrency exchange millionaire lose his fortune? And what on earth are Amazon Ring doorbell cams up to now? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Lisa Forte. And don't miss our special featured interview with Adrian Sanabria, all about Thinkst Canary. Visit https://www.smashingsecurity.com/163 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes. Remember: Subscribe on Castbox, Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Adrian Sanabria and Lisa Forte.

Adrian is an Advocate at Thinkst, the company behind the awesome and much loved Thinkst Canary. A former practitioner, PCI QSA, penetration tester, industry analyst and entrepreneur, he has explored many angles of the security industry, attempting to understand what makes it tick and what makes it fail. Adrian is an outspoken researcher that doesn't shy away from uncomfortable truths. He loves to write about the industry, tell stories and still sees the glass as half full. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode160

Adrian is an Advocate at Thinkst, the company behind the awesome and much loved Thinkst Canary. A former practitioner, PCI QSA, penetration tester, industry analyst and entrepreneur, he has explored many angles of the security industry, attempting to understand what makes it tick and what makes it fail. Adrian is an outspoken researcher that doesn't shy away from uncomfortable truths. He loves to write about the industry, tell stories and still sees the glass as half full. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode160

This week, we talk Enterprise News, talking about how Trustwave offers threat detection and response for Microsoft Azure, LogRhythm offers migration service to Splunk customers to address security challenges, CrowdStrikes Falcon security platform lands on AWS, and how GitLab plans to ban hires in China and Russia due to espionage concerns! In our second segment, we welcome back Adrian Sanabria, Advocate at Thinkst, to discuss Enterprise Deception and how Thinkst is helping in the security space! In our final segment, we welcome Tim Callan, Senior Fellow at Sectigo, to talk about Quantum Computing & what its arrival means for IT, traditional computing, and infosec!   Show Notes: https://wiki.securityweekly.com/ESWEpisode160 To learn more about Thinkst, visit: https://securityweekly.com/canary   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we talk Enterprise News, talking about how Trustwave offers threat detection and response for Microsoft Azure, LogRhythm offers migration service to Splunk customers to address security challenges, CrowdStrikes Falcon security platform lands on AWS, and how GitLab plans to ban hires in China and Russia due to espionage concerns! In our second segment, we welcome back Adrian Sanabria, Advocate at Thinkst, to discuss Enterprise Deception and how Thinkst is helping in the security space! In our final segment, we welcome Tim Callan, Senior Fellow at Sectigo, to talk about Quantum Computing & what its arrival means for IT, traditional computing, and infosec!   Show Notes: https://wiki.securityweekly.com/ESWEpisode160 To learn more about Thinkst, visit: https://securityweekly.com/canary   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Each year, security firm NopSec publishes their annual State of Vulnerability Risk Management Report, analyzing all of the vulnerabilities listed in the National Vulnerability Database, the NVD, along with those uploaded to their own platform by their clients. They consider a number of factors, including CVSS score, description, type, and vendor affected, to see which factors contribute to vulnerabilities being incorporated into malware and exploited in the wild. For this year’s report, NopSec invited Recorded Future to contribute their unique insights into how geopolitics affect government run vulnerability databases. Joining us today are Sanja Nedic, data scientist at NopSec, and Adrian Sanabria, VP of strategy and product marketing at NopSec.

Each year, security firm NopSec publishes their annual State of Vulnerability Risk Management Report, analyzing all of the vulnerabilities listed in the National Vulnerability Database, the NVD, along with those uploaded to their own platform by their clients. They consider a number of factors, including CVSS score, description, type, and vendor affected, to see which factors contribute to vulnerabilities being incorporated into malware and exploited in the wild. For this year's report, NopSec invited Recorded Future to contribute their unique insights into how geopolitics affect government run vulnerability databases. Joining us today are Sanja Nedic, data scientist at NopSec, and Adrian Sanabria, VP of strategy and product marketing at NopSec.

Paul and John welcome Adrian Sanabria, Director of Research for Savage Security; Dave Kennedy, Founder of TrustedSec, Binary Defense, and DerbyCon; and Security Weekly's very own Jeff Man! Paul and John have a group discussion with Adrian, Jeff, and Dave on Penetration Testing! Full Show Notes: https://wiki.securityweekly.com/ES_Episode94 Visit http://securityweekly.com/esw for all the latest episodes!

This week, on a Special Edition of Enterprise Security Weekly, Paul and John welcome Adrian Sanabria, Director of Research for Savage Security; Dave Kennedy, Founder of TrustedSec, Binary Defense, and DerbyCon; and Security Weekly's very own Jeff Man, for a group discussion on Penetration Testing! In the Enterprise News, we have updates from Qualys, Twistlock, Fortinet, Tenable, and more on this episode of Enterprise Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode94   Visit https://www.securityweekly.com/esw for all the latest episodes!   →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

This week, on a Special Edition of Enterprise Security Weekly, Paul and John welcome Adrian Sanabria, Director of Research for Savage Security; Dave Kennedy, Founder of TrustedSec, Binary Defense, and DerbyCon; and Security Weekly's very own Jeff Man, for a group discussion on Penetration Testing! In the Enterprise News, we have updates from Qualys, Twistlock, Fortinet, Tenable, and more on this episode of Enterprise Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode94   Visit https://www.securityweekly.com/esw for all the latest episodes!   →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

Paul and John welcome Adrian Sanabria, Director of Research for Savage Security; Dave Kennedy, Founder of TrustedSec, Binary Defense, and DerbyCon; and Security Weekly's very own Jeff Man! Paul and John have a group discussion with Adrian, Jeff, and Dave on Penetration Testing! Full Show Notes: https://wiki.securityweekly.com/ES_Episode94 Visit http://securityweekly.com/esw for all the latest episodes!

The penetration test, or pen test as it's commonly referred to, is one of the great necessary evils in Infosec today.  My guest for this episode is Adrian Sanabria, who has an interesting thought - let's kill the pen test!  Adrian has been in the industry for quite some time in quite a variety of roles, so he has some great experience and insights to share.  Let's see what his replacement for a pen test entitles! Some links of interest: Adrian's Twitter: @sawaba Savage Security: https://www.savagesec.com/ BSides Knoxville: https://bsidesknoxville.com/ Penetration Testing Execution Standard (PTES): http://www.pentest-standard.org/index.php/Main_Page Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time.Find out more at http://purplesquadsec.com

This week, former analyst and security industry veteran Adrian Sanabria joins James & Rafal to talk about some of the hype in our industry. From current events, to learning lessons, to the on-going master-class in bullsh*t we convince ourselves of - this podcast is a riveting (although slightly longer) episode of free-flowing discussion.   Highlights from this week's show include... We discuss #eFail - and the circus maximus of ridiculousness that it currently is Adrian gives us some views on believing our own nonsense We attempt to discuss how we got to this point Much more!

Killing the Pen Test & BSides Knoxville (with Adrian Sanabria) Advanced Persistent Security Podcast Episode 44 Guests: Adrian Sanabria April 26, 2018 If you enjoy this podcast, be sure to give ... The post Killing the Pen Test & BSides Knoxville (with Adrian Sanabria) first appeared on Advanced Persistent Security. --- Send in a voice message: https://podcasters.spotify.com/pod/show/the-osintion/message Support this podcast: https://podcasters.spotify.com/pod/show/the-osintion/support

Killing the Pen Test & BSides Knoxville (with Adrian Sanabria) Advanced Persistent Security Podcast Episode 44 Guests: Adrian Sanabria April 26, 2018 If you enjoy this podcast, be sure to give ...

Adrian is the Research Director and Co-Founder of Savage Security. He spent a decade building security programs and defending large financial firms. He also spent many years as a consultant, performing penetration tests, PCI audits and other security-related assessments. He joins Paul and the crew this week for an interview! Full Show Notes: https://wiki.securityweekly.com/Episode556 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

This week, we interview Adrian Sanabria, Co-Founder and Research Director of Savage Security! In the Topic Segment, Penetration Testing Is Dead; Long Live Penetration Testing! In the news, we have updates from Drupal, Facebook, NSA, Microsoft, and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode556   Visit https://www.securityweekly.com/psw for all the latest episodes!

Adrian is the Research Director and Co-Founder of Savage Security. He spent a decade building security programs and defending large financial firms. He also spent many years as a consultant, performing penetration tests, PCI audits and other security-related assessments. He joins Paul and the crew this week for an interview! Full Show Notes: https://wiki.securityweekly.com/Episode556 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

This week, we interview Adrian Sanabria, Co-Founder and Research Director of Savage Security! In the Topic Segment, Penetration Testing Is Dead; Long Live Penetration Testing! In the news, we have updates from Drupal, Facebook, NSA, Microsoft, and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode556   Visit https://www.securityweekly.com/psw for all the latest episodes!

Welcome to Episode 13 of the Digital Guardian Podcast! Special guest Adrian Sanabria joins our hosts Will Gragido and Thomas Fischer to discuss the current state of the security market and how buyers and professionals alike can help increase transparency in the industry.