Podcasts about assetdiscovery

Security teams relying on asset inventory from their IT counterparts can be a challenge due to a lack of security context for assets. This gap can lead to missed opportunities to identify and fix asset-centric issues like EOL or unauthorized software that they can address even before running their vulnerability management program. Ed will discuss the role asset inventory plays in your overall security strategy. This will include the importance of security context for IT assets, which teams benefit from the information, how to identify and assess the health of critical databases and how to effectively implement a cybersecurity asset management practice. Segment Resources: CSAM free trial: https://www.qualys.com/forms/cybersecurity-asset-management/ CSAM video overview: https://vimeo.com/551723071 Webpage: https://www.qualys.com/apps/cybersecurity-asset-management/   This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw235

In light of recent events and the pressures of the digital world, the landscape is finally shifting towards risk. The opportunity for cyber risk profiling, standardization, and seamless collaboration between CISOs, CIOs, and business-side leadership has come. Padraic O'Reilly, Co-Founder and CPO of CyberSaint discusses what he's learned from working with members of the Global 500 to achieve truly continuous compliance and risk management, and how CyberSaint is delivering Cyber Risk Automation with it's CyberStrong platform.   In the Leadership and Communications section, How much does a CEO or business leader need to know about cybersecurity, How businesses can drive innovation while delivering operational excellence, 6 resume mistakes CISOs still make, and more!   Show Notes: https://securityweekly.com/bsw224 To learn more about CyberSaint, please visit: https://securityweekly.com/cybersaint Visit https://www.securityweekly.com/bsw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Security teams relying on asset inventory from their IT counterparts can be a challenge due to a lack of security context for assets. This gap can lead to missed opportunities to identify and fix asset-centric issues like EOL or unauthorized software that they can address even before running their vulnerability management program. Ed will discuss the role asset inventory plays in your overall security strategy. This will include the importance of security context for IT assets, which teams benefit from the information, how to identify and assess the health of critical databases and how to effectively implement a cybersecurity asset management practice. Segment Resources: CSAM free trial: https://www.qualys.com/forms/cybersecurity-asset-management/ CSAM video overview: https://vimeo.com/551723071 Webpage: https://www.qualys.com/apps/cybersecurity-asset-management/   This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw235  

In light of recent events and the pressures of the digital world, the landscape is finally shifting towards risk. The opportunity for cyber risk profiling, standardization, and seamless collaboration between CISOs, CIOs, and business-side leadership has come. Padraic O'Reilly, Co-Founder and CPO of CyberSaint discusses what he's learned from working with members of the Global 500 to achieve truly continuous compliance and risk management, and how CyberSaint is delivering Cyber Risk Automation with it's CyberStrong platform.   In the Leadership and Communications section, How much does a CEO or business leader need to know about cybersecurity, How businesses can drive innovation while delivering operational excellence, 6 resume mistakes CISOs still make, and more!   Show Notes: https://securityweekly.com/bsw224 To learn more about CyberSaint, please visit: https://securityweekly.com/cybersaint Visit https://www.securityweekly.com/bsw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

In light of recent events and the pressures of the digital world, the landscape is finally shifting towards risk. The opportunity for cyber risk profiling, standardization, and seamless collaboration between CISOs, CIOs, and business-side leadership has come. Padraic O'Reilly, Co-Founder and CPO of CyberSaint discusses what he's learned from working with members of the Global 500 to achieve truly continuous compliance and risk management, and how CyberSaint is delivering Cyber Risk Automation with it's CyberStrong platform. Segment Resources: CyberSaint website: www.cybersaint.io Gartner Cool vendor report: https://www.cybersaint.io/gartner-cool-vendor-in-cyber-it-risk-management-download   This segment is sponsored by CyberSaint. Visit https://securityweekly.com/cybersaint to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw224

In light of recent events and the pressures of the digital world, the landscape is finally shifting towards risk. The opportunity for cyber risk profiling, standardization, and seamless collaboration between CISOs, CIOs, and business-side leadership has come. Padraic O'Reilly, Co-Founder and CPO of CyberSaint discusses what he's learned from working with members of the Global 500 to achieve truly continuous compliance and risk management, and how CyberSaint is delivering Cyber Risk Automation with it's CyberStrong platform. Segment Resources: CyberSaint website: www.cybersaint.io Gartner Cool vendor report: https://www.cybersaint.io/gartner-cool-vendor-in-cyber-it-risk-management-download This segment is sponsored by CyberSaint. Visit https://securityweekly.com/cybersaint to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw224

The crown jewels are those assets representing the highest value to the organization and deserve the greatest investment to protect. Join this podcast to learn the importance of protecting these crown jewels throughout the information life cycle. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Steve_Durbin_Article.pdf Durbin,S. 2019. Protecting the “Crown Jewels”. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 77. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleadersFollow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Phil Attfield, CEO and founder at Sequitur Labs, discusses his engineering roots and curius nature that led him to developing software tools and in-house products for modeling, synthesis and verification of telecom and network equipment hardware at Nortel. Phil the challenges involved in development of large-scale security policy and management frameworks and the key security elements of the IoT device lifecycle from design, to build, to sustaining securely.   Show Notes: https://securityweekly.com/csp24 Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

What does it mean to protect the attack surface? What's the difference between attack surface protection vs. attack surface management? Rob Gurzeev, CEO and Founder at Cycognito, joins us to discuss why attack surface monitoring needs to run across the entire infrastructure. It's not just about open ports, but finding the assets that are exposed or exploitable, or abandoned, that create the greatest risk.   This segment is sponsored by CyCognito. Visit https://securityweekly.com/cycognito to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw698

What does it mean to protect the attack surface? What's the difference between attack surface protection vs. attack surface management? Rob Gurzeev, CEO and Founder at Cycognito, joins us to discuss why attack surface monitoring needs to run across the entire infrastructure. It's not just about open ports, but finding the assets that are exposed or exploitable, or abandoned, that create the greatest risk.   This segment is sponsored by CyCognito. Visit https://securityweekly.com/cycognito to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw698

This week, we kick off the show with an interview featuring Gene Erik, Senior Product Officer at Xcape, Inc, to talk OpenWRT for Enterprise and Labs! Then, Rob Gurzeev, CEO and Co-Founder of CyCognito joins for a technical segment all about Protecting the Attack Surface! In the Security News, Microsoft patches 6 Zero-Days under active attack, US seizes $2.3 million Colonial Pipeline paid to ransomware attackers, the largest password compilation of all time leaked online with 8.4 billion entries, how to pwn a satellite, one Fastly customer triggered internet meltdown, and I got 99 problems, but my NAC ain't one!   Show Notes: https://securityweekly.com/psw698 Segment Resources: Visit https://securityweekly.com/cycognito to learn more about them! Company Website Link: https://xcapeinc.com/ Topic Link: https://openwrt.org/ Commercial Product for Topic Link: https://www.gl-inet.com/ Personal CI/CD Projects Link: https://gitlab.com/fossdevops Personal GitLab Link: https://gitlab.com/geneerik   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we kick off the show with an interview featuring Gene Erik, Senior Product Officer at Xcape, Inc, to talk OpenWRT for Enterprise and Labs! Then, Rob Gurzeev, CEO and Co-Founder of CyCognito joins for a technical segment all about Protecting the Attack Surface! In the Security News, Microsoft patches 6 Zero-Days under active attack, US seizes $2.3 million Colonial Pipeline paid to ransomware attackers, the largest password compilation of all time leaked online with 8.4 billion entries, how to pwn a satellite, one Fastly customer triggered internet meltdown, and I got 99 problems, but my NAC ain't one!   Show Notes: https://securityweekly.com/psw698 Segment Resources: Visit https://securityweekly.com/cycognito to learn more about them! Company Website Link: https://xcapeinc.com/ Topic Link: https://openwrt.org/ Commercial Product for Topic Link: https://www.gl-inet.com/ Personal CI/CD Projects Link: https://gitlab.com/fossdevops Personal GitLab Link: https://gitlab.com/geneerik   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Ira Winkler, CISO at Skyline Technology Solutions, recounts his amazing journey from wannabe astronaught to NSA intelligence analyst, social engineer, systems hacker and author and some of the crazy things that happened along the way. Ira is considered one of the world's most influential security professionals and has been named a “Modern Day James Bond” - a title he earned by performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the World, investigated cybercrimes against them, and then telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost-effective security programs and increase security awareness.   Show Notes: https://securityweekly.com/csp20 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

This week, we welcome Dan Tentler, Executive Founder at Phobos Group, to discuss Attack Surface Discovery and Enumeration! In the second segment, we welcome back Sumedh Thakar, CEO at Qualys, to talk about Digital Transformation's Impact On IT Asset Visibility! In the Security News, Paul and the Crew talk: Establishing Confidence in IoT Device Security: How do we get there?, JBS hack latest escalation of Russia-based aggression ahead of June 16 Putin summit, why Vulnerability Management is the Key to Stopping Attacks, Overcoming Compliance Issues in Cloud Computing, Attack on meat supplier came from REvil, ransomware's most cutthroat gang, WordPress Plugins Are Responsible for 98% of All Vulnerabilities, and more!   Show Notes: https://securityweekly.com/psw697 Segment Resources: View the CyberSecurity Asset Management video: https://vimeo.com/551723071/7cc671fc38 Read our CEO's blog on CyberSecurity Asset Management: https://blog.qualys.com/qualys-insights/2021/05/18/reinventing-asset-management-for-security Read the detailed blog on CyberSecurity Asset Management: https://blog.qualys.com/product-tech/2021/05/18/introducing-cybersecurity-asset-management https://phobos.io/orbital Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Dan Tentler, Executive Founder at Phobos Group, to discuss Attack Surface Discovery and Enumeration! In the second segment, we welcome back Sumedh Thakar, CEO at Qualys, to talk about Digital Transformation's Impact On IT Asset Visibility! In the Security News, Paul and the Crew talk: Establishing Confidence in IoT Device Security: How do we get there?, JBS hack latest escalation of Russia-based aggression ahead of June 16 Putin summit, why Vulnerability Management is the Key to Stopping Attacks, Overcoming Compliance Issues in Cloud Computing, Attack on meat supplier came from REvil, ransomware's most cutthroat gang, WordPress Plugins Are Responsible for 98% of All Vulnerabilities, and more!   Show Notes: https://securityweekly.com/psw697 Segment Resources: View the CyberSecurity Asset Management video: https://vimeo.com/551723071/7cc671fc38 Read our CEO's blog on CyberSecurity Asset Management: https://blog.qualys.com/qualys-insights/2021/05/18/reinventing-asset-management-for-security Read the detailed blog on CyberSecurity Asset Management: https://blog.qualys.com/product-tech/2021/05/18/introducing-cybersecurity-asset-management https://phobos.io/orbital Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week In the Security News, Paul and the Crew talk: Establishing Confidence in IoT Device Security: How do we get there?, JBS hack latest escalation of Russia-based aggression ahead of June 16 Putin summit, why Vulnerability Management is the Key to Stopping Attacks, Overcoming Compliance Issues in Cloud Computing, Attack on meat supplier came from REvil, ransomware's most cutthroat gang, WordPress Plugins Are Responsible for 98% of All Vulnerabilities, and more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw697

This week In the Security News, Paul and the Crew talk: Establishing Confidence in IoT Device Security: How do we get there?, JBS hack latest escalation of Russia-based aggression ahead of June 16 Putin summit, why Vulnerability Management is the Key to Stopping Attacks, Overcoming Compliance Issues in Cloud Computing, Attack on meat supplier came from REvil, ransomware's most cutthroat gang, WordPress Plugins Are Responsible for 98% of All Vulnerabilities, and more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw697

We've let the compliance world drive security for so long there are folks that literally have no idea what 'reasonably secure' looks or feels like because they've never seen it before.   Segment Resources: phobos.io/orbital   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw697

Over the past year, organizations have rapidly accelerated their digital transformation by leveraging technologies such as cloud and container that support the shift to IoT and a remote workforce. Implementing these technologies has led to considerable growth in the number of IT assets deployed within the enterprise. Traditionally, IT oversees the management of these assets and focuses on administration responsibilities like inventory, software support, and license oversight. Sumedh will discuss why the shift to digital calls for a new approach to asset visibility. Segment Resources: View the CyberSecurity Asset Management video: https://vimeo.com/551723071/7cc671fc38 Read our CEO's blog on CyberSecurity Asset Management: https://blog.qualys.com/qualys-insights/2021/05/18/reinventing-asset-management-for-security Read the detailed blog on CyberSecurity Asset Management: https://blog.qualys.com/product-tech/2021/05/18/introducing-cybersecurity-asset-management   This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw697

Over the past year, organizations have rapidly accelerated their digital transformation by leveraging technologies such as cloud and container that support the shift to IoT and a remote workforce. Implementing these technologies has led to considerable growth in the number of IT assets deployed within the enterprise. Traditionally, IT oversees the management of these assets and focuses on administration responsibilities like inventory, software support, and license oversight. Sumedh will discuss why the shift to digital calls for a new approach to asset visibility. Segment Resources: View the CyberSecurity Asset Management video: https://vimeo.com/551723071/7cc671fc38 Read our CEO's blog on CyberSecurity Asset Management: https://blog.qualys.com/qualys-insights/2021/05/18/reinventing-asset-management-for-security Read the detailed blog on CyberSecurity Asset Management: https://blog.qualys.com/product-tech/2021/05/18/introducing-cybersecurity-asset-management   This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw697

We've let the compliance world drive security for so long there are folks that literally have no idea what 'reasonably secure' looks or feels like because they've never seen it before. Segment Resources: phobos.io/orbital   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw697

This week, we kick off the show with the Security News: Is the cyber NTSB a good thing?, Russian virtual keyboard for the win, information should be free, hang on while I unplug the Internet, security MUST be taken seriously, poison the water hole to poison the water, bombing hackers, how industry best practices have failed us?, publishing exploits is still a good thing regardless of what the studies say, & more! Then, we have a Technical Segment featuring our own Adrian Sanabria, & Sounil Yu from JupiterOne! Then we wrap up the show with a pre-recorded interview with ‘Wheel’ on the “21 Nails“ Exim Mail Server Vulns!   Show Notes: https://securityweekly.com/psw695 Segment Resources: https://blog.qualys.com/vulnerabilities-research/2021/05/04/21nails-multiple-vulnerabilities-in-exim-mail-server   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week in the Security News: Is the cyber NTSB a good thing?, Russian virtual keyboard for the win, information should be free, hang on while I unplug the Internet, security MUST be taken seriously, poison the water hole to poison the water, bombing hackers, how industry best practices have failed us?, publishing exploits is still a good thing regardless of what the studies say, and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw695

This week, we kick off the show with the Security News: Is the cyber NTSB a good thing?, Russian virtual keyboard for the win, information should be free, hang on while I unplug the Internet, security MUST be taken seriously, poison the water hole to poison the water, bombing hackers, how industry best practices have failed us?, publishing exploits is still a good thing regardless of what the studies say, & more! Then, we have a Technical Segment featuring our own Adrian Sanabria, & Sounil Yu from JupiterOne! Then we wrap up the show with a pre-recorded interview with ‘Wheel’ on the “21 Nails“ Exim Mail Server Vulns!   Show Notes: https://securityweekly.com/psw695 Segment Resources: https://blog.qualys.com/vulnerabilities-research/2021/05/04/21nails-multiple-vulnerabilities-in-exim-mail-server   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week in the Security News: Is the cyber NTSB a good thing?, Russian virtual keyboard for the win, information should be free, hang on while I unplug the Internet, security MUST be taken seriously, poison the water hole to poison the water, bombing hackers, how industry best practices have failed us?, publishing exploits is still a good thing regardless of what the studies say, and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw695

What is top of mind for CISOs in a year where cyber threats are getting sophisticated? Cross platform and cross domain visibility across LAN, WAN, Cloud, and Edge. Jonathan Nguyen-Duy, Vice President, Field CISO Team at Fortinet, shares his insights from other CISOs and the need for a unified security fabric. This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw217

What is top of mind for CISOs in a year where cyber threats are getting sophisticated? Cross platform and cross domain visibility across LAN, WAN, Cloud, and Edge. Jonathan Nguyen-Duy, Vice President, Field CISO Team at Fortinet, shares his insights from other CISOs and the need for a unified security fabric. This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw217

This week, Alex Chaveriat, Chief Innovation Officer at Tuik Security Group, joins us for an interview where he tells us "How Hacking Naked Changed His Life"! Then, I will take you through attack surface mapping with AMASS! In the Security News, President Biden issues a 34-page executive order on Cybersecurity, Did you hear about the pipeline hack?, New/Old Wifi vulnerabilities, get this Apple didn't want to talk about a malware attack that exposed users, fake Amazon review database, why ad-hoc scanning is not enough, distroless linux, wormable windows bug, codered 2.0 perhaps?, the cryptowars continue and more!   Show Notes: https://securityweekly.com/psw694 Segment Resources: https://youtube.com/alexchaveriat Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Alex Chaveriat, Chief Innovation Officer at Tuik Security Group, joins us for an interview where he tells us "How Hacking Naked Changed His Life"! Then, I will take you through attack surface mapping with AMASS! In the Security News, President Biden issues a 34-page executive order on Cybersecurity, Did you hear about the pipeline hack?, New/Old Wifi vulnerabilities, get this Apple didn't want to talk about a malware attack that exposed users, fake Amazon review database, why ad-hoc scanning is not enough, distroless linux, wormable windows bug, codered 2.0 perhaps?, the cryptowars continue and more!   Show Notes: https://securityweekly.com/psw694 Segment Resources: https://youtube.com/alexchaveriat Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week in the Security News: President Biden issues a 34-page executive order on Cybersecurity, Did you hear about the pipeline hack?, New/Old Wifi vulnerabilities, get this Apple didn't want to talk about a malware attack that exposed users, fake Amazon review database, why ad-hoc scanning is not enough, distroless linux, wormable windows bug, codered 2.0 perhaps?, and the cryptowars continue!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw694

This week in the Security News: President Biden issues a 34-page executive order on Cybersecurity, Did you hear about the pipeline hack?, New/Old Wifi vulnerabilities, get this Apple didn't want to talk about a malware attack that exposed users, fake Amazon review database, why ad-hoc scanning is not enough, distroless linux, wormable windows bug, codered 2.0 perhaps?, and the cryptowars continue!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw694

Learn how to use Amass to collect information about your Internet exposed assets. We'll cover usage of the configuration file (heavily), then put it altogether by integrating Nmap and a screenshot tool called Eyewitness.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw694

Learn how to use Amass to collect information about your Internet exposed assets. We'll cover usage of the configuration file (heavily), then put it altogether by integrating Nmap and a screenshot tool called Eyewitness.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw694

This week, In the first segment, we welcome Damon Small, Technical Director of Security Consulting at NCC Group, for an interview covering the Florida Water Treatment Facility Hack, and the Convergence of OT & IT! Next up, Artisom Holub, Senior Security Analyst and Austin McBride, Data Scientist, from Cisco Umbrella join to talk about some Chart Topping Threats and How Attacks will rage in 2021! In the Enterprise Security News: XM Cyber Announces Integration with Palo Alto Network's Cortex XSOAR, API Security Lessons Learned, Cycode Raises $20 Million, HelpSystems Acquires Beyond Security, Accurics Terrascan integrates with the Argo Project, Cequence Security API Sentinel 2.0, Seclore Security24 protects sensitive data, Who’s Really Behind the Colonial Pipeline Cyberattack?, Forcepoint acquires Cyberinc, Sophos launches industry’s only XDR solution for endpoint, server, firewall and email security?, and more!   Show Notes: https://securityweekly.com/esw227 Visit https://securityweekly.com/ciscoumbrella to learn more about them!   Segment Resources: https://newsroom.nccgroup.com/news/insight-florida-citys-water-supply-attack-420952 https://www.cnn.com/2021/02/13/us/florida-hack-remote-access/index.html   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, In the first segment, we welcome Damon Small, Technical Director of Security Consulting at NCC Group, for an interview covering the Florida Water Treatment Facility Hack, and the Convergence of OT & IT! Next up, Artisom Holub, Senior Security Analyst and Austin McBride, Data Scientist, from Cisco Umbrella join to talk about some Chart Topping Threats and How Attacks will rage in 2021! In the Enterprise Security News: XM Cyber Announces Integration with Palo Alto Network's Cortex XSOAR, API Security Lessons Learned, Cycode Raises $20 Million, HelpSystems Acquires Beyond Security, Accurics Terrascan integrates with the Argo Project, Cequence Security API Sentinel 2.0, Seclore Security24 protects sensitive data, Who’s Really Behind the Colonial Pipeline Cyberattack?, Forcepoint acquires Cyberinc, Sophos launches industry’s only XDR solution for endpoint, server, firewall and email security?, and more!   Show Notes: https://securityweekly.com/esw227 Visit https://securityweekly.com/ciscoumbrella to learn more about them!   Segment Resources: https://newsroom.nccgroup.com/news/insight-florida-citys-water-supply-attack-420952 https://www.cnn.com/2021/02/13/us/florida-hack-remote-access/index.html   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

What lessons can others still learn from the attack on the Florida water treatment facility? How does this incident shine a light on cybersecurity risks associated with the convergence of OT and IT? And what can be done to mitigate these risks? Segment Resources: https://newsroom.nccgroup.com/news/insight-florida-citys-water-supply-attack-420952 https://www.cnn.com/2021/02/13/us/florida-hack-remote-access/index.html   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw227

What lessons can others still learn from the attack on the Florida water treatment facility? How does this incident shine a light on cybersecurity risks associated with the convergence of OT and IT? And what can be done to mitigate these risks? Segment Resources: https://newsroom.nccgroup.com/news/insight-florida-citys-water-supply-attack-420952 https://www.cnn.com/2021/02/13/us/florida-hack-remote-access/index.html   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw227

Software Bill of Materials (SBOM) are used to describe the list of ingredients for the software that organizations create or acquire. There's a rapidly expanding community of adopters, implementers, and producers that are creating, consuming, and analyzing them en mass. What are the benefits of SBOMs and what types of risk that can be identified through their use? Segment Resources: https://cyclonedx.org/ https://www.ntia.gov/sbom https://owasp.org/scvs https://dependencytrack.org/   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw226

Software Bill of Materials (SBOM) are used to describe the list of ingredients for the software that organizations create or acquire. There's a rapidly expanding community of adopters, implementers, and producers that are creating, consuming, and analyzing them en mass. What are the benefits of SBOMs and what types of risk that can be identified through their use? Segment Resources: https://cyclonedx.org/ https://www.ntia.gov/sbom https://owasp.org/scvs https://dependencytrack.org/   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw226

Cyber accountability is often overlooked by Board of Directors and the C-Suite. They tend to turn a blind eye to their cyber security mandates or avoid the issue. But as Solarwinds, MS Exchange and many other security incidents prove it, it’s not a strategy. In the Leadership and Communications section, Outgunned CISOs navigate complex obstacles to keep rising attacks from turning into breaches, How to write a cyberthreat report executives can really use, Creating and rolling out an effective cyber security strategy, and more!   Show Notes: https://securityweekly.com/bsw214 Visit https://www.securityweekly.com/bsw for all the latest episodes! Segment Resources: www.VigiTrust.com https://forbesbooks.com/mathieu-gorge/   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly  

Cyber accountability is often overlooked by Board of Directors and the C-Suite. They tend to turn a blind eye to their cyber security mandates or avoid the issue. But as Solarwinds, MS Exchange and many other security incidents prove it, it’s not a strategy. In the Leadership and Communications section, Outgunned CISOs navigate complex obstacles to keep rising attacks from turning into breaches, How to write a cyberthreat report executives can really use, Creating and rolling out an effective cyber security strategy, and more!   Show Notes: https://securityweekly.com/bsw214 Visit https://www.securityweekly.com/bsw for all the latest episodes! Segment Resources: www.VigiTrust.com https://forbesbooks.com/mathieu-gorge/   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly  

In the Enterprise News for this week, Darktrace targets listing for early May, KKR-backed cybersecurity firm KnowBe4 aims for $3 Billion valuation in U.S. IPO, Dell spins off VMware to fuel post-pandemic PC growth opportunities, lots of funding announcements, and more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw224

This week, we welcome Jeff Deininger, a Principal Cloud Security Engineer, joins us and will use a simulated attack to demonstrate how advanced threat detection works with commonplace architectural elements to deny attackers the crucial traction needed to establish a foothold at the beginning of a campaign, leaving attackers feeling like they are inescapably 'walking on ice'. Phishing links are getting past existing protections and clicked. How do you prevent these attacks? In this segment, Chris Cleveland, CEO at Pixm, will demonstrate how computer vision protection in the browser stops these attacks in real time and how you can know your own gaps. In the Enterprise News for this week, Darktrace targets listing for early May, KKR-backed cybersecurity firm KnowBe4 aims for $3 Billion valuation in U.S. IPO, Dell spins off VMware to fuel post-pandemic PC growth opportunities, lots of funding announcements, and more!   Show Notes: https://securityweekly.com/esw224 Segment Resources: Threat Report: https://pixm.net/wp-content/uploads/2021/03/Pixm-Q4-2020-Threat-Report.pdf Visit https://securityweekly.com/extrahop to learn more about them! Visit https://securityweekly.com/pixm to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Jeff Deininger, a Principal Cloud Security Engineer, joins us and will use a simulated attack to demonstrate how advanced threat detection works with commonplace architectural elements to deny attackers the crucial traction needed to establish a foothold at the beginning of a campaign, leaving attackers feeling like they are inescapably 'walking on ice'. Phishing links are getting past existing protections and clicked. How do you prevent these attacks? In this segment, Chris Cleveland, CEO at Pixm, will demonstrate how computer vision protection in the browser stops these attacks in real time and how you can know your own gaps. In the Enterprise News for this week, Darktrace targets listing for early May, KKR-backed cybersecurity firm KnowBe4 aims for $3 Billion valuation in U.S. IPO, Dell spins off VMware to fuel post-pandemic PC growth opportunities, lots of funding announcements, and more!   Show Notes: https://securityweekly.com/esw224 Segment Resources: Threat Report: https://pixm.net/wp-content/uploads/2021/03/Pixm-Q4-2020-Threat-Report.pdf Visit https://securityweekly.com/extrahop to learn more about them! Visit https://securityweekly.com/pixm to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

In the Enterprise News for this week, Darktrace targets listing for early May, KKR-backed cybersecurity firm KnowBe4 aims for $3 Billion valuation in U.S. IPO, Dell spins off VMware to fuel post-pandemic PC growth opportunities, lots of funding announcements, and more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw224

In the Leadership and Communications section, Federal Reserve Chairman Says Cyber-Risk a Top Threat to National Economy, What Good Leaders Do When Replacing Bad Leaders, My Ten Rules for Work-Life Balance, and more!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw213

In the Leadership and Communications section, Federal Reserve Chairman Says Cyber-Risk a Top Threat to National Economy, What Good Leaders Do When Replacing Bad Leaders, My Ten Rules for Work-Life Balance, and more!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw213

In the second segment, the SCW hosts will continue the discussion with Raf and hopefully come up with some guidance on what can be done to make vulnerability management work better.   Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw67

The SCW hosts discuss Rafal Los' recent blog post "Vulnerability Management is Still a Mess" (https://blogwh1t3rabbit.medium.com/vulnerability-management-is-still-a-mess-27519ffcecc0). In the first segment, we will learn all about Rafal's cybersecurity background and why vulnerability management has not evolved in line with the technology.   Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw67

The SCW hosts discuss Rafal Los' recent blog post "Vulnerability Management is Still a Mess" ( https://blogwh1t3rabbit.medium.com/vulnerability-management-is-still-a-mess-27519ffcecc0 ). In the first segment, we will learn all about Rafal's cybersecurity background and why vulnerability management has not evolved in line with the technology. In the second segment, the SCW hosts will continue the discussion with Raf and hopefully come up with some guidance on what can be done to make vulnerability management work better.   Show Notes: https://securityweekly.com/scw67 Visit https://www.securityweekly.com/scw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly