Podcasts about EDR

  • 322PODCASTS
  • 739EPISODES
  • 49mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • May 27, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about EDR

Show all podcasts related to edr

Latest podcast episodes about EDR

Downtime - The Mountain Bike Podcast
Enduro Is Back, Is It Bigger and Better Than Ever?

Downtime - The Mountain Bike Podcast

Play Episode Listen Later May 27, 2025 76:35


Enduro is back and it feels like it might be turning a corner. After a couple of tough seasons, there's a real sense of momentum building in the sport, and we're here for it. In this episode, I'm joined by Greg Callaghan and Morgane Charre, two riders who've been at the sharp end of Enduro racing for years, to dig into the first two rounds of the 2025 EDR season. We're talking big changes: the return of two-day racing, a fresh energy in the pits, and a crop of new talent shaking things up. Greg and Morgane share their experiences from Pietra and Poland so we get the low down on what went on. We get into everything from course design and recovery strategies to weather chaos, injuries, and the impact of a brand new documentary series that's got people talking. There's still a way to go, but if the start of the season is anything to go by, Enduro's future is looking a whole lot brighter. So it's time to sit back, hit play and listen to this episode with Morgane Charre and Greg Callaghan. You can also watch this episode on YouTube here. You can follow Morgane on Instagram @morganecharre. Greg is @greg_callaghan on Instagram and you can find his YouTube channel here. To be in with the chance of winning a set of Magura Gustav Pros and a Wahoo ELEMNT BOLT bike computer, fill out our audience survey here before the end of June 2025. Podcast Stuff Supporting Partners Magura With the new Gustav Pro, Magura have produced the ultimate gravity and ebike brake. With all the power you could ever need, delivered with incredible modulation, you never need to question your brakes again. Head to magura.com and check them out. Wahoo Head to wahoofitness.com to check out Wahoo's brand new ELEMNT BOLT and ROAM bike computers. From tracking your rides, through navigation, to sharing the results, Wahoo have got you covered with easy to use, lightweight computers with incredible battery life. Listener Offers Downtime listeners can now get 10% off of Stashed Space Rails. Stashed is the ultimate way to sort your bike storage. Their clever design means you can get way more bikes into the same space and easily access whichever one you want to ride that day. If you have 2 or more bikes in your garage, they are definitely worth checking out. Just head to stashedproducts.com/downtime and use the code DOWNTIME at the checkout for 10% off your entire order. And just so you know, we get 10% of the sale too, so it's a win win. Patreon I would love it if you were able to support the podcast via a regular Patreon donation. Donations start from as little as £3 per month. That's less than £1 per episode and less than the price of a take away coffee. Every little counts and these donations will really help me keep the podcast going and hopefully take it to the next level. To help out, head here. Merch If you want to support the podcast and represent, then my webstore is the place to head. All products are 100% organic, shipped without plastics, and made with a supply chain that's using renewable energy. We now also have local manufacture for most products in the US as well as the UK. So check it out now over at downtimepodcast.com/shop. Newsletter If you want a bit more Downtime in your life, then you can join my newsletter where I'll provide you with a bit of behind the scenes info on the podcast, interesting bits and pieces from around the mountain bike world, some mini-reviews of products that I've been using and like, partner offers and more. You can do that over at downtimepodcast.com/newsletter. Follow Us Give us a follow on Instagram @downtimepodcast or Facebook @downtimepodcast to keep up to date and chat in the comments. For everything video, including riding videos, bike checks and more, subscribe over at youtube.com/downtimemountainbikepodcast. Are you enjoying the podcast? If so, then don't forget to follow it. Episodes will get delivered to your device as soon as it's available an...

The CyberWire
Pandas with a purpose. [Research Saturday]

The CyberWire

Play Episode Listen Later May 24, 2025 20:20


This week, we are joined by Deepen Desai, Zscaler's Chief Security Officer and EVP of Cyber and AI Engineering, taking a dive deep into Mustang Panda's latest campaign. Zscaler ThreatLabz uncovered new tools used by Mustang Panda, including the backdoors TONEINS, TONESHELL, PUBLOAD, and the proxy tool StarLoader, all delivered via phishing. They also discovered two custom keyloggers, PAKLOG and CorKLOG, and an EDR evasion tool, SplatCloak, highlighting the group's focus on surveillance, persistence, and stealth in cyberespionage operations.4o. The research can be found here: Latest Mustang Panda Arsenal: ToneShell and StarProxy | P1 Latest Mustang Panda Arsenal: PAKLOG, CorKLOG, and SplatCloak | P2 Learn more about your ad choices. Visit megaphone.fm/adchoices

Research Saturday
Pandas with a purpose.

Research Saturday

Play Episode Listen Later May 24, 2025 20:20


This week, we are joined by Deepen Desai, Zscaler's Chief Security Officer and EVP of Cyber and AI Engineering, taking a dive deep into Mustang Panda's latest campaign. Zscaler ThreatLabz uncovered new tools used by Mustang Panda, including the backdoors TONEINS, TONESHELL, PUBLOAD, and the proxy tool StarLoader, all delivered via phishing. They also discovered two custom keyloggers, PAKLOG and CorKLOG, and an EDR evasion tool, SplatCloak, highlighting the group's focus on surveillance, persistence, and stealth in cyberespionage operations.4o. The research can be found here: Latest Mustang Panda Arsenal: ToneShell and StarProxy | P1 Latest Mustang Panda Arsenal: PAKLOG, CorKLOG, and SplatCloak | P2 Learn more about your ad choices. Visit megaphone.fm/adchoices

Paul's Security Weekly
Malware Laced Printer Drivers - PSW #875

Paul's Security Weekly

Play Episode Listen Later May 22, 2025 121:59


This week in the security news: Malware-laced printer drivers Unicode steganography Rhode Island may sue Deloitte for breach. They may even win. Japan's active cyber defense law Stop with the ping LLMs replace Stack Overflow - ya don't say? Aggravated identity theft is aggravating Ivanti DSM and why you shouldn't use it EDR is still playing cat and mouse with malware There's a cellular modem in your solar gear Don't slack on securing Slack XSS in your mail SIM swapping and the SEC Ivanti and libraries Supercomputers in space! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-875

Spotlight Podcast - Private Equity International
Infrastructure's digital age

Spotlight Podcast - Private Equity International

Play Episode Listen Later May 22, 2025 26:19


This episode is sponsored by Edmond de Rothschild and Palistar Capital and first appeared on The Infrastructure Investor Podcast  Digital infrastructure is developing rapidly, turbocharged first by the coronavirus pandemic and now by advances in artificial intelligence, which have turned data centres into arguably the hottest investment in infrastructure at the moment. The sector also includes fibre and towers, both of which are also attracting strong investor interest. This episode focuses on the growth of – and opportunities within – digital infrastructure's three key subsectors. Jean-Francis Dusch, global head of infrastructure and structured finance at EdR, and Josh Oboler, investment partner at Palistar Capital, explore how AI is transforming the data centre landscape, where to find the best opportunities in fibre, and why towers continue to make such a good investment.

Paul's Security Weekly (Podcast-Only)
Malware Laced Printer Drivers - PSW #875

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later May 22, 2025 121:59


This week in the security news: Malware-laced printer drivers Unicode steganography Rhode Island may sue Deloitte for breach. They may even win. Japan's active cyber defense law Stop with the ping LLMs replace Stack Overflow - ya don't say? Aggravated identity theft is aggravating Ivanti DSM and why you shouldn't use it EDR is still playing cat and mouse with malware There's a cellular modem in your solar gear Don't slack on securing Slack XSS in your mail SIM swapping and the SEC Ivanti and libraries Supercomputers in space! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-875

The CyberWire
Targeting schools is not cool.

The CyberWire

Play Episode Listen Later May 8, 2025 36:31


The LockBit ransomware gang has been hacked. Google researchers identify a new infostealer called Lostkeys. SonicWall is urging customers to patch three critical device vulnerabilities. Apple patches a critical remote code execution flaw. Cisco patches 35 vulnerabilities across multiple products. Iranian hackers cloned a German modeling agency's website to spy on Iranian dissidents. Researchers bypass SentinelOne's EDR protection. Education tech firm PowerSchool faces renewed extortion. CrowdStrike leans into AI amidst layoffs. Our guest is Caleb Barlow, CEO of Cyberbit, discussing the mixed messages of the cyber skills gaps. Honoring the legacy of Joseph Nye. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Caleb Barlow, CEO of Cyberbit, who is discussing the mixed messages of the cyber skills gaps. Selected Reading LockBit ransomware gang hacked, victim negotiations exposed (Bleeping Computer) Russian state-linked Coldriver spies add new malware to operation (The Record) Fake AI Tools Push New Noodlophile Stealer Through Facebook Ads (Hackread) SonicWall urges admins to patch VPN flaw exploited in attacks (Bleeping Computer) Researchers Details macOS Remote Code Execution Vulnerability - CVE-2024-44236 (Cyber Security News) Cisco IOS XE Wireless Controllers Vulnerability Enables Full Device Control for Attackers (Cyber Security News) Cisco Patches 35 Vulnerabilities Across Several Products (SecurityWeek) Iranian Hackers Impersonate as Model Agency to Attack Victims (Cyber Security News) Hacker Finds New Technique to Bypass SentinelOne EDR Solution (Infosecurity Magazine) CrowdStrike trims workforce by 5 percent, aims to rely on AI (The Register) Despite ransom payment, PowerSchool hacker now extorting individual school districts (The Record)  Joseph Nye, Harvard professor, developer of “soft power” theory, and an architect of modern international relations, dies at 88 (Harvard University)  Nye Lauded for Cybersecurity Leadership (The Belfer Center for Science and International Affairs at Harvard University) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Paul's Security Weekly
Are You Down With RDP? - PSW #873

Paul's Security Weekly

Play Episode Listen Later May 8, 2025 124:49


Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun Some magic info on MagicINFO Vulnerability Management Zombies There is a backdoor in your e-commerce Airborne: vulnerabilities in AirPlay Bring your own installer - crafty EDR bypass The Signal clone used by US government officials: shocker: has been hacked AI slop vulnerability reporting Bricking iPhones with a single line of code Hacking planet technology Vibe hacking for the win? Cybersecurity CEO arrested for deploying malware Hello my perverted friend FastCGI - fast, but vulnerable Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-873

Paul's Security Weekly (Podcast-Only)
Are You Down With RDP? - PSW #873

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later May 8, 2025 124:49


Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun Some magic info on MagicINFO Vulnerability Management Zombies There is a backdoor in your e-commerce Airborne: vulnerabilities in AirPlay Bring your own installer - crafty EDR bypass The Signal clone used by US government officials: shocker: has been hacked AI slop vulnerability reporting Bricking iPhones with a single line of code Hacking planet technology Vibe hacking for the win? Cybersecurity CEO arrested for deploying malware Hello my perverted friend FastCGI - fast, but vulnerable Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-873

Paul's Security Weekly (Video-Only)
Are You Down With RDP? - PSW #873

Paul's Security Weekly (Video-Only)

Play Episode Listen Later May 8, 2025 124:49


Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun Some magic info on MagicINFO Vulnerability Management Zombies There is a backdoor in your e-commerce Airborne: vulnerabilities in AirPlay Bring your own installer - crafty EDR bypass The Signal clone used by US government officials: shocker: has been hacked AI slop vulnerability reporting Bricking iPhones with a single line of code Hacking planet technology Vibe hacking for the win? Cybersecurity CEO arrested for deploying malware Hello my perverted friend FastCGI - fast, but vulnerable Chapters: 0:00 Opening and introductions 2:43 Panel introductions and conference recaps 4:46 Conference announcements and Corncon discussion 8:05 RSAC 2025 recap and vulnerability management trends 15:44 RDP credential revocation flaw in Windows 11 34:57 Apple AirPlay "wormable" vulnerabilities and third-party device risks 44:10 Signal clone breach used by US officials (TeleMessage incident) 55:38 Supply chain attack: Magento extensions backdoor 66:12 "Hello my perverted friend": Sextortion scam analysis 72:10 Security culture and phishing awareness at home 75:25 Digital signage vulnerabilities: Samsung MagicInfo 81:41 Threat hunting tradecraft and blue team operations 88:38 AI slop in vulnerability reporting and vibe hacking 98:59 Apple notification DoS and sandbox bypass 101:24 VMware licensing controversy and alternatives 107:14 CEO arrested for planting malware in hospital systems 116:06 FastCGI vulnerabilities in embedded/IoT systems 122:12 Rooting Android phones and device locking 124:08 Closing and outro Show Notes: https://securityweekly.com/psw-873

Paul's Security Weekly
C-Suite Gaps, Cybersecurity is not Working to Solve Exposures and Supply Chain Risks - Dr. Aleksandr Yampolskiy, Lenny Zeltser - BSW #394

Paul's Security Weekly

Play Episode Listen Later May 7, 2025 64:40


In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (like EDR, MDR, and XDR) effectively handle threats within an organization, but leave a gap regarding third-party risk. SecurityScorecard created the Supply Chain Detection and Response category to empower organizations to shift from being reactive and uncertain to confidently and proactively protecting their entire supply chain. What is Supply Chain Detection and Response (SCDR)?: https://securityscorecard.com/blog/what-is-supply-chain-detection-and-response/ Learn more about continuous supply chain cyber risk detection and response: https://securityscorecard.com/why-securityscorecard/supply-chain-detection-response/ Claim Your Free SCDR Assessment: https://securityscorecard.com/get-started-scdr/#form This segment is sponsored by Security Scorecard. Visit https://securityweekly.com/securityscorecardrsac for more information on how SecurityScorecard MAX and Supply Chain Detection and Response can help your organization identify and resolve supply chain risks. In this interview, Axonius CISO Lenny Zeltser shares the vision behind Axonius Exposures, the company's latest innovation in unified risk management. Launched ahead of RSA Conference 2025, Exposures tackles one of the most persistent challenges in cybersecurity today: making sense of fragmented risk signals to drive confident, actionable decision-making. Lenny will discuss how Exposures unifies security findings, asset intelligence, and business context in a single platform — giving security teams the clarity and automation they need to prioritize what truly matters. He'll also explore what this launch means for Axonius' mission, the evolution of cyber asset management, and how organizations can move from reactive security postures to proactive, risk-based strategies. Want to see how Axonius Exposures gives you the clarity to take action on your most critical risks? Visit https://securityweekly.com/axoniusrsac to learn more and schedule a personalized demo. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-394

Business Security Weekly (Audio)
C-Suite Gaps, Cybersecurity is not Working to Solve Exposures and Supply Chain Risks - Dr. Aleksandr Yampolskiy, Lenny Zeltser - BSW #394

Business Security Weekly (Audio)

Play Episode Listen Later May 7, 2025 64:40


In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (like EDR, MDR, and XDR) effectively handle threats within an organization, but leave a gap regarding third-party risk. SecurityScorecard created the Supply Chain Detection and Response category to empower organizations to shift from being reactive and uncertain to confidently and proactively protecting their entire supply chain. What is Supply Chain Detection and Response (SCDR)?: https://securityscorecard.com/blog/what-is-supply-chain-detection-and-response/ Learn more about continuous supply chain cyber risk detection and response: https://securityscorecard.com/why-securityscorecard/supply-chain-detection-response/ Claim Your Free SCDR Assessment: https://securityscorecard.com/get-started-scdr/#form This segment is sponsored by Security Scorecard. Visit https://securityweekly.com/securityscorecardrsac for more information on how SecurityScorecard MAX and Supply Chain Detection and Response can help your organization identify and resolve supply chain risks. In this interview, Axonius CISO Lenny Zeltser shares the vision behind Axonius Exposures, the company's latest innovation in unified risk management. Launched ahead of RSA Conference 2025, Exposures tackles one of the most persistent challenges in cybersecurity today: making sense of fragmented risk signals to drive confident, actionable decision-making. Lenny will discuss how Exposures unifies security findings, asset intelligence, and business context in a single platform — giving security teams the clarity and automation they need to prioritize what truly matters. He'll also explore what this launch means for Axonius' mission, the evolution of cyber asset management, and how organizations can move from reactive security postures to proactive, risk-based strategies. Want to see how Axonius Exposures gives you the clarity to take action on your most critical risks? Visit https://securityweekly.com/axoniusrsac to learn more and schedule a personalized demo. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-394

Business Security Weekly (Video)
C-Suite Gaps, Cybersecurity is not Working to Solve Exposures and Supply Chain Risks - Lenny Zeltser, Dr. Aleksandr Yampolskiy - BSW #394

Business Security Weekly (Video)

Play Episode Listen Later May 7, 2025 64:40


In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (like EDR, MDR, and XDR) effectively handle threats within an organization, but leave a gap regarding third-party risk. SecurityScorecard created the Supply Chain Detection and Response category to empower organizations to shift from being reactive and uncertain to confidently and proactively protecting their entire supply chain. What is Supply Chain Detection and Response (SCDR)?: https://securityscorecard.com/blog/what-is-supply-chain-detection-and-response/ Learn more about continuous supply chain cyber risk detection and response: https://securityscorecard.com/why-securityscorecard/supply-chain-detection-response/ Claim Your Free SCDR Assessment: https://securityscorecard.com/get-started-scdr/#form This segment is sponsored by Security Scorecard. Visit https://securityweekly.com/securityscorecardrsac for more information on how SecurityScorecard MAX and Supply Chain Detection and Response can help your organization identify and resolve supply chain risks. In this interview, Axonius CISO Lenny Zeltser shares the vision behind Axonius Exposures, the company's latest innovation in unified risk management. Launched ahead of RSA Conference 2025, Exposures tackles one of the most persistent challenges in cybersecurity today: making sense of fragmented risk signals to drive confident, actionable decision-making. Lenny will discuss how Exposures unifies security findings, asset intelligence, and business context in a single platform — giving security teams the clarity and automation they need to prioritize what truly matters. He'll also explore what this launch means for Axonius' mission, the evolution of cyber asset management, and how organizations can move from reactive security postures to proactive, risk-based strategies. Want to see how Axonius Exposures gives you the clarity to take action on your most critical risks? Visit https://securityweekly.com/axoniusrsac to learn more and schedule a personalized demo. Show Notes: https://securityweekly.com/bsw-394

It's a Numbers Game
EP099 – Enhancing Cyber Defence: Insights from Nick O'Donovan

It's a Numbers Game

Play Episode Listen Later May 6, 2025 27:05


In this episode, we reconnect with Nick O'Donovan, who provides an overview of Huntress' operations, particularly their growth and expansion into Europe, with a focus on enhancing relationships with MSPs. He highlights Huntress' efforts in recruiting and maintaining a strong team, despite industry challenges, and the success of their recent roadshow series. Nick also discusses the company's product offerings, including EDR, Microsoft 365 identity protection, security awareness, phishing solutions, and a SIEM offering. Key topics covered include the importance of affordable security solutions for small to medium businesses, the integration with Microsoft Defender, and Huntress' innovative Neighbourhood Watch program. The episode concludes with valuable advice for MSPs on improving their closure rates for upselling security products to clients.    00:00 Introduction and Reconnection  00:26 Overview of Huntress  01:02 Huntress' European Expansion  01:43 Roadshow Success and Community Engagement  03:14 Recruitment Challenges and Strategies  04:25 Neighbourhood Watch Program  08:15 Approaching Cybersecurity as an MSP  16:50 Security Awareness Training  20:37 Final Thoughts and Tips for MSPs    Connect with Nick O'Donovan on LinkedIn by clicking here –https://www.linkedin.com/in/nicholasodonovan    Connect with Daniel Welling on LinkedIn by clicking here – https://www.linkedin.com/in/daniel-welling-54659715/     Connect with Adam Morris on LinkedIn by clicking here – https://www.linkedin.com/in/adamcmorris/   Visit The MSP Finance Team website, simply click here – https://www.mspfinanceteam.com/    We look forward to catching up with you on the next one. Stay tuned! 

ITSPmagazine | Technology. Cybersecurity. Society
What Endpoint Security Isn't Catching: Why Network Visibility Still Matters | A Brand Story with Brian Dye from Corelight | An On Location RSAC Conference 2025 Brand Story

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Apr 30, 2025 18:49


At RSAC Conference 2025, Sean Martin catches up with Brian Dye, CEO of Corelight, to explore a recurring truth in cybersecurity: attackers adapt, and defenders must follow suit. In this episode, Dye lays out why traditional perimeter defenses and endpoint controls alone are no longer sufficient—and why it's time for security teams to look back toward the network for answers.Beyond the Perimeter: Visibility as a Force MultiplierAccording to Dye, many organizations are still relying on security architectures that were top-of-the-line a decade ago. But attackers have already moved on. They're bypassing endpoint detection and response (EDR) tools, exploiting unmanaged devices, IoT, and edge vulnerabilities. What's left exposed is the network itself—and that's where Corelight positions itself: providing what Dye calls “ground truth” through network-based visibility.Rather than rearchitecting environments or pushing intrusive solutions, Corelight integrates passively through out-of-line methods like packet brokers or traffic mirroring. The goal? Rich, contextual, retrospective visibility—without disrupting the network. This capability has proven essential for responding to advanced threats, including lateral movement and ransomware campaigns where knowing exactly what happened and when can mean the difference between paying a ransom or proving there's no real damage.Three Layers of Network InsightDye outlines a layered approach to detection:1. Baseline Network Activity – High-fidelity summaries of what's happening.2. Raw Detections – Behavioral rules, signatures, and machine learning.3. Anomaly Detection – Identifying “new and unusual” activity with clustering math that filters out noise and highlights what truly matters.This model supports teams who need to correlate signals across endpoints, identities, and cloud environments—especially as AI-driven operations expand the attack surface with non-human behavior patterns.The Metrics That MatterDye points to three critical success metrics for teams:• Visibility coverage over time.• MITRE ATT&CK coverage, especially around lateral movement.• The percentage of unresolved cases—those embarrassing unknowns that drain time and confidence.As Dye shares, organizations that prioritize network-level visibility not only reduce uncertainty, but also strengthen every other layer of their detection and response strategy.Learn more about Corelight: https://itspm.ag/coreligh-954270Note: This story contains promotional content. Learn more.Guest: Brian Dye, Chief Executive Officer, Corelight | https://www.linkedin.com/in/brdye/ResourcesLearn more and catch more stories from Corelight: https://www.itspmagazine.com/directory/corelightLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, brian dye, network, visibility, ransomware, detection, cybersecurity, soc, anomalies, baselining, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

Security Unfiltered
Browser Security Unveiled: John Carse on SquareX & Cyber Career Insights

Security Unfiltered

Play Episode Listen Later Apr 27, 2025 48:22 Transcription Available


Send us a text In this episode, Joe sits down with John Carse, Field CISO at SquareX, to dive into the often-overlooked world of browser security and the evolving landscape of cybersecurity. Recorded despite a 12-hour time difference (Singapore to the US!), John shares:The Browser Security Gap: Why 85% of user time in browsers is a growing risk for SaaS and cloud environments .SquareX's Solution: How SquareX acts as an EDR for browsers, detecting and responding to threats like polymorphic extensions .Career Journey: From early IT days to field CISO, John reveals how foundational IT skills (help desk, field services) make better cyber professionals .Real-World Insights: Lessons from working with the US Navy and the importance of understanding IT systems for effective cybersecurity . Check Your Browser Security: Visit SquareX Browser Security to assess your controls. Learn More About SquareX: Explore their solution at sqrx.com. Connect with John: Find him on X @JohnCarseChapters00:00 Introduction and Time Zone Challenges02:54 John Carse's Journey into IT06:05 Transitioning to Cybersecurity08:46 The Importance of Customer Service in IT11:36 Formative Experiences in Help Desk and Field Services14:35 Understanding IT Systems for Cybersecurity23:51 The Interplay Between IT Skills and Cybersecurity24:41 The Role of Security Engineers in IT28:43 Understanding the Complexity of Cybersecurity29:33 Exploring the Field CISO Role32:55 The Browser as a Security Frontier42:07 Challenges in SaaS Security46:20 The Importance of Browser Security AwarenessSubscribe for more cybersecurity insights and career tips! Share your thoughts in the comments—how are you securing your browser? Digital Disruption with Geoff Nielson Discover how technology is reshaping our lives and livelihoods.Listen on: Apple Podcasts SpotifySupport the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast

ITSPmagazine | Technology. Cybersecurity. Society
No Manuals, No Shortcuts: Inside the Offensive Security Mindset at White Knight Labs | A White Knight Labs Brand Story With Co-Founders John Stigerwalt And Greg Hatcher

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Apr 25, 2025 47:54


We've been in enough conversations to know when something clicks. This one did — and it did from the very first moment.In our debut Brand Story with White Knight Labs, we sat down with co-founders John Stigerwalt and Greg Hatcher, and what unfolded was more than a company intro — it was a behind-the-scenes look at what offensive security should be.John's journey is the kind that earns your respect quickly: he started at the help desk and worked his way to CISO, before pivoting into red teaming and co-founding WKL. Greg's path was more unconventional — from orchestral musician to Green Beret to cybersecurity leader. Two very different stories, but a shared philosophy: learn by doing, adapt without a manual, and never take the easy route when something meaningful is on the table.That mindset now defines how White Knight Labs works with clients. They don't sell cookie-cutter pen tests. Instead, they ask the right question up front: How does your business make money? Because if you can answer that, you can identify what a real-world attacker would go after. Then they simulate it — not in theory, but in practice.Their ransomware simulation service is a perfect example. They don't just show up with a scanner. They emulate modern adversaries using Cobalt Strike, bypassing endpoint defenses with in-house payloads, encrypting and exfiltrating data like it's just another Tuesday. Most clients fail the test — not because they're careless, but because most simulations aren't this real.And that's the point.White Knight Labs isn't here to help companies check a box. They're here to expose the gaps and raise the bar — because real threats don't play fair, and security shouldn't pretend they do.What makes them different is what they don't do. They're not an all-in-one shop, and they're proud of that. They won't touch IR for major breaches — they've got partners for that. They only resell hardware and software they've personally vetted. That honesty builds credibility. That kind of focus builds trust.Their training programs are just as intense. Between live DEF CON courses and their online platform, they're giving both new and experienced professionals a chance to train the way they operate: no shortcuts, no watered-down certs, just hard-earned skills that translate into real-world readiness.Pass their ODPC certification, and you'll probably get a call — not because they need to check a hiring box, but because it proves you're serious. And if you can write loaders that bypass real defenses? You're speaking their language.This first conversation with John and Greg reminded us why we started this series in the first place. It's not just about product features or service offerings — it's about people who live and breathe what they do, and who bring that passion into every test, every client call, and every training they offer.We've got more stories with them on the way. But if this first one is any sign of what's to come, we're in for something special.⸻Learn more about White Knight Labs: Guests:John Stigerwalt | Founder at White Knight Labs | Red Team Operations Leader | https://www.linkedin.com/in/john-stigerwalt-90a9b4110/Greg Hatcher | Founder at White Knight Labs | SOF veteran | Red Team | https://www.linkedin.com/in/gregoryhatcher2/White Knight Labs Website | https://itspm.ag/white-knight-labs-vukr______________________Keywords: penetration testing, red team, ransomware simulation, offensive security, EDR bypass, cybersecurity training, White Knight Labs, advanced persistent threat, cybersecurity startup, DEF CON training, security partnerships, cybersecurity services______________________ResourcesVisit the White Knight Labs Website to learn more: https://itspm.ag/white-knight-labs-vukrLearn more and catch more stories from White Knight Labs on ITSPmagazine: https://www.itspmagazine.com/directory/white-knight-labsLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

ITSPmagazine | Technology. Cybersecurity. Society
From Phishing to Full Compromise in Under an Hour: Automation Is Fueling the Next Wave of Cyber Threats | A LevelBlue Brand Story with Kenneth Ng

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Apr 18, 2025 36:02


LevelBlue's latest Threat Trends Report pulls no punches: phishing, malware, and ransomware attacks are not just continuing—they're accelerating. In this episode of ITSPmagazine's Brand Story podcast, hosts Sean Martin and Marco Ciappelli are joined by Kenneth Ng, a threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team, to unpack the findings and recommendations from the report.Phishing as a Service and the Surge in Email CompromisesOne of the most alarming trends highlighted by Kenneth is the widespread availability of Phishing-as-a-Service (PhaaS) kits, including names like RaccoonO365, Mamba 2FA, and Greatness. These kits allow attackers with little to no technical skill to launch sophisticated campaigns that bypass multi-factor authentication (MFA) by hijacking session tokens. With phishing attacks now leading to full enterprise compromises, often through seemingly innocuous Microsoft 365 access, the threat is more serious than ever.Malware Is Smarter, Simpler—and It's Spreading FastMalware, particularly fake browser updates and credential stealers like Lumma Stealer, is also seeing a rise in usage. Kenneth points out the troubling trend of malware campaigns that rely on basic user interactions—like copying and pasting text—leading to full compromise through PowerShell or command prompt access. Basic group policy configurations (like blocking script execution for non-admin users) are still underutilized defenses.Ransomware: Faster and More Automated Than EverThe speed of ransomware attacks has increased dramatically. Kenneth shares real-world examples where attackers go from initial access to full domain control in under an hour—sometimes in as little as ten minutes—thanks to automation, remote access tools, and credential harvesting. This rapid escalation leaves defenders with very little room to respond unless robust detection and prevention measures are in place ahead of time.Why This Report MattersRather than presenting raw data, LevelBlue focuses on actionable insights. Each major finding comes with recommendations that can be implemented regardless of company size or maturity level. The report is a resource not just for LevelBlue customers, but for any organization looking to strengthen its defenses.Be sure to check out the full conversation and grab the first edition of the Threat Trends Report ahead of LevelBlue's next release this August—and stay tuned for their updated Futures Report launching at RSA Conference on April 28.Learn more about LevelBlue: https://itspm.ag/levelblue266f6cNote: This story contains promotional content. Learn more.Guest: Kenneth Ng, threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team | On LinkedIn: https://www.linkedin.com/in/ngkencyber/ResourcesDownload the LevelBlue Threat Trends Report | Edition One: https://itspm.ag/levelbyqdpLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Risky Business
Snake Oilers: Pangea, Cosive and Sysdig

Risky Business

Play Episode Listen Later Apr 17, 2025 47:45


In this edition of Snake Oilers three vendors pitch host Patrick Gray on their tech: Pangea: Guardrails and security for AI agents and applications (https://pangea.cloud) Worried about your AI apps going rogue, being mean to your customers or even disclosing sensitive information? Pangea exists to address these risks. Fascinating stuff. Cosive: A threat intelligence company that can host your MISP server in AWS. CloudMISP! (https://www.cosive.com/snakeoilers) Are you running a MISP server on some old hardware under a desk in your SOC? There's a better way! Cosive can run it for you on AWS so you can just use it instead of wrestling with maintaining it. They also do some CTI consulting to help you get better use out of MISP. Sysdig: A Linux runtime security platform (https://sysdig.com/) The modern Windows network is an all-singing, all-dancing, perfectly orchestrated, EDR-protected ballet. The modern Linux production environment… isn't. Find out how Sysdig can help you get some visibility and control over your Linux fleet. This episode is also available on Youtube. Show notes

Paul's Security Weekly
You Should Just Patch - PSW #869

Paul's Security Weekly

Play Episode Listen Later Apr 10, 2025 125:21


In the security news this week: You should really just patch things, the NVD backlog, Android phones with malware pre-installed, so convenient, keyloggers and a creepy pharmacist, snooping on federal workers, someone stole your browser history, NSA director fired, deputy director of NSA also fired, CrushFTP the saga continues, only steal the valid credit cards, another post that vanished from the Internet, hiding in NVRAM, protecting the Linux kernel, you down with MCP?, more EOL IoT, bypassing kernel protections, when are you ready for a pen test, red team and bug bounty, what EDR is really missing, and based on this story you should just patch everything all the time! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-869

Paul's Security Weekly TV
You Should Just Patch - PSW #869

Paul's Security Weekly TV

Play Episode Listen Later Apr 10, 2025 125:21


In the security news this week: You should really just patch things, the NVD backlog, Android phones with malware pre-installed, so convenient, keyloggers and a creepy pharmacist, snooping on federal workers, someone stole your browser history, NSA director fired, deputy director of NSA also fired, CrushFTP the saga continues, only steal the valid credit cards, another post that vanished from the Internet, hiding in NVRAM, protecting the Linux kernel, you down with MCP?, more EOL IoT, bypassing kernel protections, when are you ready for a pen test, red team and bug bounty, what EDR is really missing, and based on this story you should just patch everything all the time! Show Notes: https://securityweekly.com/psw-869

Paul's Security Weekly (Podcast-Only)
You Should Just Patch - PSW #869

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later Apr 10, 2025 125:21


In the security news this week: You should really just patch things, the NVD backlog, Android phones with malware pre-installed, so convenient, keyloggers and a creepy pharmacist, snooping on federal workers, someone stole your browser history, NSA director fired, deputy director of NSA also fired, CrushFTP the saga continues, only steal the valid credit cards, another post that vanished from the Internet, hiding in NVRAM, protecting the Linux kernel, you down with MCP?, more EOL IoT, bypassing kernel protections, when are you ready for a pen test, red team and bug bounty, what EDR is really missing, and based on this story you should just patch everything all the time! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-869

Paul's Security Weekly (Video-Only)
You Should Just Patch - PSW #869

Paul's Security Weekly (Video-Only)

Play Episode Listen Later Apr 10, 2025 125:21


In the security news this week: You should really just patch things, the NVD backlog, Android phones with malware pre-installed, so convenient, keyloggers and a creepy pharmacist, snooping on federal workers, someone stole your browser history, NSA director fired, deputy director of NSA also fired, CrushFTP the saga continues, only steal the valid credit cards, another post that vanished from the Internet, hiding in NVRAM, protecting the Linux kernel, you down with MCP?, more EOL IoT, bypassing kernel protections, when are you ready for a pen test, red team and bug bounty, what EDR is really missing, and based on this story you should just patch everything all the time! Show Notes: https://securityweekly.com/psw-869

Cyber Security Today
Cybersecurity Month-End Review: Oracle Breach, Signal Group Chat Incident, and Global Cybersecurity Regulations

Cyber Security Today

Play Episode Listen Later Apr 5, 2025 48:19 Transcription Available


In this episode of the cybersecurity month-end review, host Jim Love is joined by Daina Proctor from IBM in Ottawa, Randy Rose from The Center for Internet Security from Saratoga Springs, and David Shipley, CEO of Beauceron Security from Fredericton. The panel discusses major cybersecurity stories from the past month, including the Oracle Cloud breach and its communication failures, the misuse of Signal by U.S. government officials, and global cybersecurity regulation efforts such as the UK's new critical infrastructure laws. They also cover notable incidents like the Kuala Lumpur International Airport ransomware attack and the NHS Scotland cyberattack, the continuous challenges of EDR bypasses, and the importance of fusing anti-fraud and cybersecurity efforts. The discussion emphasizes the need for effective communication and stringent security protocols amidst increasing cyber threats. 00:00 Introduction and Panelist Introductions 01:25 Oracle Cloud Breach: A Case Study in Incident Communication 10:13 Signal Group Chat Controversy 20:16 Leadership and Cybersecurity Legislation 23:30 Cybersecurity Certification Program Overview 24:27 Challenges in Cybersecurity Leadership 24:59 Importance of Data Centers and MSPs 26:53 UK Cybersecurity Bill and MSP Standards 28:09 Cyber Essentials and CMMC Standards 32:47 EDR Bypasses and Small Business Security 39:32 Ransomware Attacks on Critical Infrastructure 43:34 Law Enforcement and Cybercrime 47:24 Conclusion and Final Thoughts

Exploit Brokers - Hacking News
HN59 - Microsoft AI Discovers 20 Zero-Day Vulnerabilities in Bootloaders!

Exploit Brokers - Hacking News

Play Episode Listen Later Apr 3, 2025 19:22


@BEERISAC: CPS/ICS Security Podcast Playlist
The CISO & Talent Crisis: Turnover Meets OT Cybersecurity Gaps

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Apr 2, 2025 26:22


Podcast: Industrial Cybersecurity InsiderEpisode: The CISO & Talent Crisis: Turnover Meets OT Cybersecurity GapsPub date: 2025-04-01Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Dino and Craig dive deep into the disturbing talent exodus in cybersecurity. The discussion is sparked by Gartner's prediction that 25% of cybersecurity professionals will leave the field in the next year. They explore the growing gap between IT and OT teams, the lack of CISO influence in executive leadership, and the friction between cybersecurity goals and operational uptime. With real-world anecdotes and hard-hitting insights, they unpack everything from rogue assets and malware in OT environments to the challenges of implementing EDR tools in live production lines. Whether you're a CISO, CIO, or plant manager, this episode offers a candid look at the complex dynamics of securing industrial environments — and how collaboration is the only path forward.Chapters:00:00:00 – Kicking Off with a Brutal Reality Check on Cybersecurity00:01:06 – Gartner Says 25% of Cyber Pros Are Leaving — Here's Why That Matters00:03:15 – IT vs OT: The Culture Clash Still Killing Cyber Progress00:09:35 – Why the Wrong Service Partner Could Be Your Biggest Risk00:14:05 – Malware, Rogue Assets, and the Ugly Truth About Your Plant Floor00:18:22 – Real Strategies for Fixing the IT/OT Disconnect (Without Killing Uptime)00:24:06 – Stop Talking. Start Acting. What Cyber Leaders Need to Do TodayLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity Insider NewsletterDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Velta Technology, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Paul's Security Weekly
Setting up your SIEM for success - Pitfalls to preclude and tips to take - Geoff Cairns, Neil Desai - ESW #400

Paul's Security Weekly

Play Episode Listen Later Mar 31, 2025 118:15


A successful SIEM deployment depends on a lot more than implementing the SIEM correctly. So many other things in your environment have an impact on your chances of a successful SIEM. Are the right logs enabled? Is your EDR working correctly? Would you notice a sudden increase or decrease in events from critical sources? What can practitioners do to ensure the success of their SIEM deployment? This segment is sponsored by Graylog. Visit https://securityweekly.com/graylog to learn more about them! In this interview, we feature some research from Geoff Cairns, an analyst at Forrester Research. This is a preview to the talk he'll be giving at Identiverse 2025 in a few months. We won't have time to cover all the trends, but there are several here that I'm excited to discuss! Deepfake Detection Difficult Zero Trust Agentic AI Phishing resistant MFA adoption Identity Verification Machine Identity Decentralized Identity Post Quantum Shared Signals Segment Resources: The Top Trends Shaping Identity And Access Management In 2025 - (Forrester subscription required) In this week's enterprise security news, Big funding for Island Is DLP finally getting disrupted? By something that works? We learn all about Model Context Protocol servers Integrating SSO and SSH! Do we have too many cybersecurity regulations? Toxic cybersecurity workplaces Napster makes a comeback this week, we've got 50% less AI and 50% more co-hosts All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-400

Enterprise Security Weekly (Audio)
Setting up your SIEM for success - Pitfalls to preclude and tips to take - Geoff Cairns, Neil Desai - ESW #400

Enterprise Security Weekly (Audio)

Play Episode Listen Later Mar 31, 2025 118:15


A successful SIEM deployment depends on a lot more than implementing the SIEM correctly. So many other things in your environment have an impact on your chances of a successful SIEM. Are the right logs enabled? Is your EDR working correctly? Would you notice a sudden increase or decrease in events from critical sources? What can practitioners do to ensure the success of their SIEM deployment? This segment is sponsored by Graylog. Visit https://securityweekly.com/graylog to learn more about them! In this interview, we feature some research from Geoff Cairns, an analyst at Forrester Research. This is a preview to the talk he'll be giving at Identiverse 2025 in a few months. We won't have time to cover all the trends, but there are several here that I'm excited to discuss! Deepfake Detection Difficult Zero Trust Agentic AI Phishing resistant MFA adoption Identity Verification Machine Identity Decentralized Identity Post Quantum Shared Signals Segment Resources: The Top Trends Shaping Identity And Access Management In 2025 - (Forrester subscription required) In this week's enterprise security news, Big funding for Island Is DLP finally getting disrupted? By something that works? We learn all about Model Context Protocol servers Integrating SSO and SSH! Do we have too many cybersecurity regulations? Toxic cybersecurity workplaces Napster makes a comeback this week, we've got 50% less AI and 50% more co-hosts All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-400

Telecom Reseller
From MSP to Cybersecurity Powerhouse: How Seceon is Enabling Partners to Deliver Enterprise-Grade Security at Scale, Podcast

Telecom Reseller

Play Episode Listen Later Mar 31, 2025


Podcast with Chandra Pandey, Founder & CEO, Seceon – recorded at MSP Summit, Channel Partners 2025 At the 2025 MSP Summit in Las Vegas, Seceon founder and CEO Chandra Pandey shared how his company is reshaping cybersecurity delivery for MSPs and MSSPs. Speaking with Doug Green, publisher of Technology Reseller News, Pandey outlined a powerful vision: giving MSPs the tools to provide better-than-enterprise-grade security at a price point even the smallest customers can afford. “Threat actors don't care which vendor you use—they know how to get around siloed tools. You need a platform that works in real time, across all telemetry, with built-in remediation.” Founded over a decade ago, Seceon was built from the ground up as a cybersecurity platform, not a patchwork of point solutions. The result is a fully integrated stack that ingests application, network, and endpoint telemetry in real time, correlates context with global threat intelligence, and automatically neutralizes threats—through auto-remediation or actionable, guided response. Pandey emphasized Seceon's multi-tenant, multi-tiered architecture, designed specifically to empower MSPs to deliver advanced protection with minimal overhead. For MSPs, that means onboarding hundreds of customers quickly and cost-effectively, while building long-term stickiness and recurring revenue. A featured case study discussed during the podcast tells the story of a mid-sized MSP that suffered a significant breach while using conventional SIEM and EDR tools. After transitioning to Seceon, the company not only secured its infrastructure, but transformed its business—growing revenue by triple digits and achieving 60%+ margins by reselling advanced cyber services through Seceon's platform. “It's not just margin for profit—it's margin to invest in people, deliver better service, and grow. That's the power of platform-based cybersecurity.” Pandey's message to the channel at MSP Summit was clear: cybersecurity is no longer a luxury reserved for the enterprise. With Seceon, MSPs can deliver superior protection to SMBs and SMEs—and thrive doing it. Learn more: www.seceon.com

Paul's Security Weekly TV
Setting up your SIEM for success - Pitfalls to preclude and tips to take - Neil Desai - ESW #400

Paul's Security Weekly TV

Play Episode Listen Later Mar 30, 2025 32:16


A successful SIEM deployment depends on a lot more than implementing the SIEM correctly. So many other things in your environment have an impact on your chances of a successful SIEM. Are the right logs enabled? Is your EDR working correctly? Would you notice a sudden increase or decrease in events from critical sources? What can practitioners do to ensure the success of their SIEM deployment? This segment is sponsored by Graylog. Visit https://securityweekly.com/graylog to learn more about them! Show Notes: https://securityweekly.com/esw-400

Enterprise Security Weekly (Video)
Setting up your SIEM for success - Pitfalls to preclude and tips to take - Neil Desai - ESW #400

Enterprise Security Weekly (Video)

Play Episode Listen Later Mar 30, 2025 32:16


A successful SIEM deployment depends on a lot more than implementing the SIEM correctly. So many other things in your environment have an impact on your chances of a successful SIEM. Are the right logs enabled? Is your EDR working correctly? Would you notice a sudden increase or decrease in events from critical sources? What can practitioners do to ensure the success of their SIEM deployment? This segment is sponsored by Graylog. Visit https://securityweekly.com/graylog to learn more about them! Show Notes: https://securityweekly.com/esw-400

Risk Management Show
Revolutionizing Vulnerability Management: Insights from Joe Silva

Risk Management Show

Play Episode Listen Later Mar 28, 2025 14:17


In this episode of Global Risk Community Chat, we discussed revolutionizing vulnerability management with Joe Silva, the co-founder and CEO of Spektion. Joe shares his expertise in cybersecurity, drawing from his extensive experience as the former global CISO at JLL and cybersecurity leader at TransUnion.  Spektion is transforming the way organizations manage vulnerabilities by leveraging runtime behavior analysis to address risks beyond traditional CVE-based systems. Joe explains how their innovative approach helps enterprises understand software exploitability, prioritize risks, and integrate with existing tools like EDR, XDR, and SIEM. He also shares actionable insights for CISOs, risk managers, and security executives to enhance their vulnerability management strategies while reducing manual efforts and resource strain. If you want to be our guest or suggest someone for an upcoming episode, send your email to info@globalriskconsult.com with the subject line “Guest Proposal.”  Don't miss this insightful conversation on risk management, cybersecurity, and the future of vulnerability solutions.

Cloud Security Podcast
Detection Engineering with Google Cloud

Cloud Security Podcast

Play Episode Listen Later Mar 20, 2025 42:31


Detection rules aren't just for fun—they're critical for securing cloud environments. But are you using them the right way? In this episode, Ashish Rajan sits down with David French, Staff Adoption Engineer for Security at Google Cloud, to break down how organizations can scale Detection as Code across AWS, Azure, and Google Cloud.Why prevention isn't enough—and how detection fills the gapThe biggest mistakes in detection rules that could blow up your SOCHow to scale detections across hundreds (or thousands) of cloud accountsThe ROI of Detection as Code—why security leaders should careCommon low-hanging fruit detections every cloud security team should implementDavid has spent over a decade working in detection engineering, threat hunting, and building SIEM & EDR products. He shares real-world insights on how companies can improve their detection strategies and avoid costly security missteps.Guest Socials: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠David's LinkedinPodcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(03:06) What is Detection as Code?(03:41) What was before Detection as Code?(05:36) Business ROI for doing Detection as Code?(07:49) Building Security Operations in Google Cloud(12:41) Threat Detection for different type of workload(14:54) What is Google SecOps?(20:36) Different kinds of Detection people can create(24:46) Scaling Detection across many Google Cloud accounts(28:47) The role of Data Pipeline in Detection(31:44) Detections people can start with(34:14) Stages of maturity for detection(36:43) Skillsets for Detection Engineering(39:32) The Fun Section

Irish Tech News Audio Articles
Integrity360 expands into France with acquisition of Holiseum

Irish Tech News Audio Articles

Play Episode Listen Later Mar 20, 2025 5:58


Continuing its global expansion plan, Integrity360 has acquired leading cyber security specialist Holiseum headquartered in Paris, France. The terms of the transaction were not disclosed. The acquisition will enable Integrity360 to accelerate its growth in France and continental Europe, and significantly provide a new and exciting services practice focused on Operational Technology ("OT") and Internet of Things ("IoT") technologies which complement Integrity360's existing service practices. Those include cyber risk and assurance, cyber security testing, incident response, infrastructure, Microsoft cyber, payments compliance, and a highly comprehensive range of cyber security managed services including managed detection and response ("MDR") solutions. Holiseum will continue to operate from its existing three facilities in France but with the benefit of the full resources and capability of the wider Integrity360 business. Holiseum, founded in 2018, is a highly respected and well-established cybersecurity consultancy that specialises in critical and industrial infrastructure. It serves approx. 80 customers throughout France and selected international locations from facilities in Paris and Nimes including organisations operating in the energy, infrastructure, manufacturing, transport and financial sectors. In particular, Holiseum is an expert in OT technology and has helped many global corporate and infrastructure organisations secure and evolve their OT environment and associated IT estates. Holiseum's reputation is underpinned by several security accreditations from ANSSI - the National Cybersecurity Agency of France - including PASSI (cybersecurity audit services) and PACS (cybersecurity support and consulting) - where Holiseum is one of the first three certified organisations in France. Holiseum's portfolio of services include audit, training, investigation and a full suite of OT consulting solutions. Securing critical infrastructures is a high priority for many governments and corporate organisations across the globe due to the alarming rise in attacks on industrial and energy infrastructure. Leading industry analyst Gartner has commented that such attacks could result in the weaponisation of OT environments to seriously harm human life. Despite the tightening of the regulatory environment with the introduction of cyber security frameworks including NIS2 (Network and Information Security 2) and DORA (Digital Operational Resilience Act) the challenge of continuously securing critical infrastructure remains acute. Holiseum will form a major new practice within Integrity360 dedicated to the mission of aiding, protecting and supporting both government and industrial infrastructure. The existing Holiseum team of 32 will be rapidly expanded in France and across all other Integrity360 markets in support of this mission. In addition, Holiseum's headquarters in Paris will form a new regional hub for the group from which it will deliver the full suite of Integrity360 services, and during 2025 an additional Paris based SOC (Security Operations Centre) will be launched to join the existing network of six SOCs across EMEA (Dublin, Stockholm, Naples, Sofia, Madrid and Cape Town). The SOC teams deliver a wide-ranging set of managed services for customers including EDR, XDR and MDR (Endpoint Detection and Response, Extended Detection and Response, and Managed Detection and Response). Integrity360's innovative range of services have been recognised on multiple occasions by Gartner, namely as a Representative Vendor in the Gartner market guide for Managed Detection and Response services. The addition of Holiseum brings group revenues to over €160m and a dedicated cybersecurity team of over 700 employees. Further innovation and demand for its services across the EMEA region will expand group revenues in 2025 across all territories. Ian Brown, Executive Chairman at Integrity360 commented: "We are very excited to be welcoming the team from Hol...

Resilient Cyber
Resilient Cyber w/ Lior Div & Nate Burke - Agentic AI & the Future of Cyber

Resilient Cyber

Play Episode Listen Later Mar 17, 2025 36:25


In this episode, we sit down with Lior Div and Nate Burke of 7AI to discuss Agentic AI, Service-as-Software, and the future of Cybersecurity. Lior is the CEO/Co-Founder of 7AI and a former CEO/Co-Founder of Cybereason, while Nate brings a background as a CMO with firms such as Axonius, Nagomi, and now 7AI.Lior and Nate bring a wealth of experience and expertise from various startups and industry-leading firms, which made for an excellent conversation.We discussed:The rise of AI and Agentic AI and its implications for cybersecurity.Why the 7AI team chose to focus on SecOps in particular and the importance of tackling toil work to reduce cognitive overload, address workforce challenges, and improve security outcomes.The importance of distinguishing between Human and Non-Human work, and why the idea of eliminating analysts is the wrong approach.Being reactive and leveraging Agentic AI for threat hunting and proactive security activities.The unique culture that comes from having the 7AI team in-person on-site together, allowing them to go from idea to production in a single day while responding quickly to design partners and customer requests.Challenges of building with Agentic AI and how the space is quickly evolving and growing.Key perspectives from Nate as a CMO regarding messaging around AI and getting security to be an early adopter rather than a laggard when it comes to this emerging technology.Insights from Lior on building 7AI compared to his previous role, founding Cybereason, which went on to become an industry giant and leader in the EDR space.

Paul's Security Weekly
AI Is Oversharing and Leaking Data - Sounil Yu - PSW #865

Paul's Security Weekly

Play Episode Listen Later Mar 13, 2025 127:50


Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user's need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic's solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools. In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"! Segment Resources: https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage https://www.knostic.ai/what-we-do Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-865

Paul's Security Weekly TV
AI Is Oversharing and Leaking Data - Sounil Yu - PSW #865

Paul's Security Weekly TV

Play Episode Listen Later Mar 13, 2025 127:50


Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user's need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic's solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools. In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"! Segment Resources: * https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage * https://www.knostic.ai/what-we-do Show Notes: https://securityweekly.com/psw-865

Paul's Security Weekly (Podcast-Only)
AI Is Oversharing and Leaking Data - Sounil Yu - PSW #865

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later Mar 13, 2025 127:50


Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user's need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic's solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools. In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"! Segment Resources: * https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage * https://www.knostic.ai/what-we-do Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-865

Paul's Security Weekly (Video-Only)
AI Is Oversharing and Leaking Data - Sounil Yu - PSW #865

Paul's Security Weekly (Video-Only)

Play Episode Listen Later Mar 13, 2025 127:50


Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user's need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic's solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools. In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"! Segment Resources: * https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage * https://www.knostic.ai/what-we-do Show Notes: https://securityweekly.com/psw-865

Black Hills Information Security
2025-03-10 — Agent A.I.

Black Hills Information Security

Play Episode Listen Later Mar 12, 2025 64:11


00:00 - PreShow Banter™ — Agent A.I.07:35 - BHIS - Talkin' Bout [infosec] News 2025-03-1010:47 - Story # 1: 12 Chinese hackers charged with US Treasury breach — and much, much more15:25 - Story # 2: Signal President Meredith Whittaker calls out agentic AI as having ‘profound' security and privacy issues25:33 - Story # 3: X/Twitter is down for a third time today27:33 - Story # 4: Developer sabotaged ex-employer with kill switch activated when he was let go33:37 - Story # 5: Undocumented commands found in Bluetooth chip used by a billion devices45:37 - Story # 6: Cybercrime's Cobalt Strike Use Plummets 80% Worldwide46:19 - Story # 7: Majority of Orgs Hit by AI Cyber-Attacks as Detection Lags55:01 - Story # 8: Ransomware gang encrypted network from a webcam to bypass EDR

Cyber Security Headlines
Company hacked via webcam, Toronto Zoo update, federal contractor obligations

Cyber Security Headlines

Play Episode Listen Later Mar 7, 2025 8:33


Ransomware gang bypasses EDR via a webcam Toronto Zoo updates January 2024 attack damage House bill requires federal contractors to implement vulnerability disclosure policies  Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com. Then add: Find the stories behind the headlines at CISOseries.com.  

Systems Simplified
Cybersecurity Systems That Every Business Needs To Stay Secure With Matthew Connor

Systems Simplified

Play Episode Listen Later Mar 7, 2025 33:41


Matthew Connor is the Founder and CEO of CyberLynx, a company specializing in cybersecurity and professional IT services for growing businesses. He began his programming career at 12, working as a coder for his father's company, which sparked his passion for technology. Previously known as Your IT Department, CyberLynx focuses on protecting businesses from ransomware while offering premium IT support. Before launching his company, Matthew served as a human intelligence officer in the US Army for 17 years. In this episode: Cyber threats are evolving rapidly, and many business owners feel overwhelmed by the risks. With cybercriminals using sophisticated AI-driven attacks, even small companies are vulnerable to data breaches, financial fraud, and operational shutdowns. How can businesses implement effective cybersecurity systems without breaking the bank? According to cybersecurity expert Matthew Connor, protecting a business from cyber threats starts with simple, affordable steps. Companies can implement AI-backed endpoint detection and response (EDR) systems to monitor threats in real time. Additionally, security operations centers allow you to receive alerts of potential threats and fraudsters. Matthew also highlights the need for continuous employee training to prevent human error, which accounts for most security breaches. In this episode of Systems Simplified, Adi Klevit interviews Matthew Connor, Founder and CEO of CyberLynx, about creating strong cybersecurity processes for businesses. Matthew shares tips for preventing phishing, best practices for email security, and why systemizing cybersecurity promotes long-term business resilience.

Risky Business
Risky Business #781 -- How Bybit oopsied $1.4bn

Risky Business

Play Episode Listen Later Feb 26, 2025 62:40


On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news: North Korea pulls off a 1.5 billion dollar crypto heist Apple pulls Advanced Data Protection from the UK Black Basta ransomware gang's internal chats leak Russians snoop on Signal with QR codes And Myanmar ships thousands of freed scam compound workers to Thailand Regular guest Lina Lau joins to discuss her work reading Chinese incident response reports on WeChat, and how that has people thinking that … she outed the NSA? This week's episode is sponsored by Airlock Digital, and allow-listing tragics Daniel Schell and David Cottingham are along with an amusing tale of using Windows' own allow-listing software to block EDR from loading. This episode is also available on Youtube. Show notes Hackers drained $1.4 billion of cryptocurrency from Bybit exchange, CEO confirms | The Record from Recorded Future News CertiK - Bybit Incident Technical Analysis Hackers use ‘sophisticated' macOS malware to steal cryptocurrency, Microsoft says | The Record from Recorded Future News EU sanctions North Korean tied to Lazarus group over involvement in Ukraine war | The Record from Recorded Future News Sanctions: Iranians Flock to Crypto; Int'l Actions Target Russia - Chainalysis Apple turns off iCloud encryption feature in UK following reported government legal order | The Record from Recorded Future News Swedish authorities seek backdoor to encrypted messaging apps | The Record from Recorded Future News Leaked chat logs expose inner workings of secretive ransomware group - Ars Technica Russian state hackers spy on Ukrainian military through Signal app | The Record from Recorded Future News Meta Sues Alleged Violent Extortionist For Holding Instagram Accounts Hostage Weathering the storm: In the midst of a Typhoon Thailand to take in 7,000 rescued from illegal cyber scam hubs in Myanmar | The Record from Recorded Future News Genea confirms cyber breach after ‘unauthorised third party' accesses data | news.com.au — Australia's leading news site Managed healthcare defense contractor to pay $11 million over alleged cyber failings | The Record from Recorded Future News Botnet looks for quiet ways to try stolen logins in Microsoft 365 environments | The Record from Recorded Future News Director-General's Annual Threat Assessment 2025 | ASIO An inside look at NSA (Equation Group) TTPs from China's lense

ITSPmagazine | Technology. Cybersecurity. Society
Redefining Zero Trust: “Near Zero Trust” | A Real-World Success Story Through Proactive Security | A Zero Trust World Conversation with Avi Solomon | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Feb 26, 2025 15:37


The latest episode of the On Location series, recorded at ThreatLocker's Zero Trust World 2025 in Orlando, brings forward a deep and practical conversation about implementing Zero Trust principles in real-world environments. Hosted by Marco Ciappelli and Sean Martin, this episode features Avi Solomon, CIO of a law firm with nearly 30 years in IT and a strong focus on cybersecurity.The Journey to Proactive SecurityAvi Solomon shares his experience transitioning from traditional security models to a proactive, preventive approach with ThreatLocker. With a background in engineering, consulting, and security (CISSP certified), Solomon outlines his initial concerns with reactive endpoint detection and response (EDR) solutions. While EDR tools act as a secondary insurance policy, he emphasizes the need for a preventive layer to block threats before they manifest.Solomon's firm adopted ThreatLocker a year ago, replacing a legacy product to integrate its proactive security measures. He highlights the platform's maturation, including network control, storage control, application whitelisting, and cloud integration. The shift was not only a technological change but also a cultural one, aligning with the broader philosophy of Zero Trust—approaching security with a mindset that nothing within or outside the network should be trusted by default.Implementing Zero Trust with EaseA standout moment in the episode is Solomon's recount of his implementation process. His conservative approach included running ThreatLocker in observation mode for two months before transitioning fully to a secure mode. When the switch was finally flipped, the result was remarkable—zero disruptions, no pushback from users, and a smooth transition to a less risky security posture. Solomon attributes this success to ThreatLocker's intuitive deployment and adaptive learning capabilities, which allowed the system to understand normal processes and minimize false positives.Redefining Zero Trust: “Near Zero Trust”Solomon introduces a pragmatic take on Zero Trust, coining the term “Near Zero Trust” (NZT). While achieving absolute Zero Trust is an ideal, Solomon argues that organizations should strive to get as close as possible by layering strategic solutions. He draws a clever analogy comparing Zero Trust to driving safely before relying on a seatbelt—proactive behavior backed by reactive safeguards.Tune in to the full episode to explore more of Avi Solomon's insights, hear stories from the conference floor, and learn practical approaches to embedding Zero Trust principles in your organization's security strategy.Guest: Avi Solomon, Chief Information Officer at Rumberger | Kirk | On LinkedIn: https://www.linkedin.com/in/aviesolomon/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

BLUEPRINT
SOC Dashboards Done Right with Ryan Thompson

BLUEPRINT

Play Episode Listen Later Feb 18, 2025 63:02


Click here to send us your ideas and feedback on Blueprint!In this episode, we sit down with Ryan Thompson, a seasoned expert in building dashboards that actually detect real threats—not just look pretty. With experience at Elastic, Alert Logic, and top EDR vendors, Ryan shares deep insights into the science behind effective dashboards and how security teams can cut through the noise to find the threats on your network.We cover:Why most SOC dashboards fail to deliver real insights—and how to fix them.The right way to structure dashboards for SIEM, EDR, and threat hunting.How to visualize security data effectively to make detection faster.The balance between automation, alerts, and analyst intuition.If you're a SOC analyst, detection engineer, or security leader looking to elevate your dashboard game and sharpen your cyber threat detection skills, this is an episode you won't want to miss!Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: Blue Team Fundamentals - Security Operations and Analysis LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn

Paul's Security Weekly
Evolving the SOC: Automating Manual Work while Maintaining Quality at Scale - Allie Mellen, Tim MalcomVetter - ESW #394

Paul's Security Weekly

Play Episode Listen Later Feb 17, 2025 115:17


We've got a few compelling topics to discuss within SecOps today. First, Tim insists it's possible to automate a large amount of SecOps work, without the use of generative AI. Not only that, but he intends to back it up by tracking the quality of this automated work with an ISO standard unknown to cybersecurity. I've often found useful lessons and wisdom outside security, so I get excited when someone borrows from another, more mature industry to help solve problems in cyber. In this case, we'll be talking about Acceptable Quality Limits (AQL), an ISO standard quality assurance framework that's never been used in cyber. Segment Resources: Introducing AQL for cyber. AQL - How we do it An AQL 'calculator' you can play around with We couldn't decide what to talk to Allie about, so we're going with a bit of everything. Don't worry - it's all related and ties together nicely. First, we'll discuss AI and automation in the SOC - Allie is covering this trend closely, and we want to know if she's seeing any results yet here. Next, we'll discover SecOps data management - the blood that delivers oxygen to the SOC muscles. Finally, we'll discuss MITRE's recent EDR evaluations - there was some contention around some vendors claiming to ace the test and we're going to get the tea on what's really going on here! For each of these three topics, these are the blog posts they correspond with if you want to learn more: Generative AI Will Not Fulfill Your Autonomous SOC Hopes (Or Even Your Demo Dreams) If You're Not Using Data Pipeline Management For Security And IT, You Need To Go Beyond The MITRE ATT&CK Evaluation To The True Cost Of Alert Volumes In this week's enterprise security news, we've got 5 acquisitions Tines gets funding new tools and DFIR reports to check out A legal precedent that could hurt AI companies AI garbage is in your code repos the dark side of security leadership HIPAA fines are broken Salt Typhoon is having a great time Don't use ChatGPT for legal advice!!!!! All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-394

Enterprise Security Weekly (Audio)
Evolving the SOC: Automating Manual Work while Maintaining Quality at Scale - Allie Mellen, Tim MalcomVetter - ESW #394

Enterprise Security Weekly (Audio)

Play Episode Listen Later Feb 17, 2025 115:17


We've got a few compelling topics to discuss within SecOps today. First, Tim insists it's possible to automate a large amount of SecOps work, without the use of generative AI. Not only that, but he intends to back it up by tracking the quality of this automated work with an ISO standard unknown to cybersecurity. I've often found useful lessons and wisdom outside security, so I get excited when someone borrows from another, more mature industry to help solve problems in cyber. In this case, we'll be talking about Acceptable Quality Limits (AQL), an ISO standard quality assurance framework that's never been used in cyber. Segment Resources: Introducing AQL for cyber. AQL - How we do it An AQL 'calculator' you can play around with We couldn't decide what to talk to Allie about, so we're going with a bit of everything. Don't worry - it's all related and ties together nicely. First, we'll discuss AI and automation in the SOC - Allie is covering this trend closely, and we want to know if she's seeing any results yet here. Next, we'll discover SecOps data management - the blood that delivers oxygen to the SOC muscles. Finally, we'll discuss MITRE's recent EDR evaluations - there was some contention around some vendors claiming to ace the test and we're going to get the tea on what's really going on here! For each of these three topics, these are the blog posts they correspond with if you want to learn more: Generative AI Will Not Fulfill Your Autonomous SOC Hopes (Or Even Your Demo Dreams) If You're Not Using Data Pipeline Management For Security And IT, You Need To Go Beyond The MITRE ATT&CK Evaluation To The True Cost Of Alert Volumes In this week's enterprise security news, we've got 5 acquisitions Tines gets funding new tools and DFIR reports to check out A legal precedent that could hurt AI companies AI garbage is in your code repos the dark side of security leadership HIPAA fines are broken Salt Typhoon is having a great time Don't use ChatGPT for legal advice!!!!! All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-394

Paul's Security Weekly TV
A SecOps Medley: we talk automation, AI, data management, and EDR evaluations - Allie Mellen - ESW #394

Paul's Security Weekly TV

Play Episode Listen Later Feb 17, 2025 32:08


We couldn't decide what to talk to Allie about, so we're going with a bit of everything. Don't worry - it's all related and ties together nicely. First, we'll discuss AI and automation in the SOC - Allie is covering this trend closely, and we want to know if she's seeing any results yet here. Next, we'll discover SecOps data management - the blood that delivers oxygen to the SOC muscles. Finally, we'll discuss MITRE's recent EDR evaluations - there was some contention around some vendors claiming to ace the test and we're going to get the tea on what's really going on here! For each of these three topics, these are the blog posts they correspond with if you want to learn more: Generative AI Will Not Fulfill Your Autonomous SOC Hopes (Or Even Your Demo Dreams) If You're Not Using Data Pipeline Management For Security And IT, You Need To Go Beyond The MITRE ATT&CK Evaluation To The True Cost Of Alert Volumes Show Notes: https://securityweekly.com/esw-394

Queen City Improvement Bureau
Feb 06 2025 - Surprise Guest

Queen City Improvement Bureau

Play Episode Listen Later Feb 7, 2025


In the first half, the tale of two municipal corporations. There is CSIR who is to die! And there is EDR who you will listen to and wish you were dead! In the second half, we have a surprise guest. AND IF YOU DO NOT WANT THE SURPRISE GUEST'S IDENTITY SPOILED READ NO FURTHER! okay… the surprise guest is new councillor Mark Burton from ward 4. Yes! The "compact urban squalor" guy. We talk to him about the 2025 budget proposal. Then we give him a chance to respond to our two weeks worth of dunking on him. Music by Ryan Hill (aka Guidewire). Originally broadcast on 91.3FM CJTR.

The CyberWire
The end of warrantless searches?

The CyberWire

Play Episode Listen Later Jan 24, 2025 35:00


A federal court finds the FBI's warrantless section 702 searches unconstitutional. The DOJ charges five in a fake IT worker scheme. The Texas Attorney General expands his investigation into automakers' data sharing. CISA highlights vulnerabilities in the aircraft collision avoidance system. Estonia will host Europe's new space cybersecurity testing ground. Hackers use hardware breakpoints to evade EDR detection. Subaru's Starlink connected vehicle service exposed sensitive customer and vehicle data. Asian nations claim progress against criminal cyber-scam camps. Our guest today is Dr. Chris Pierson, Founder and CEO of BlackCloak, with his outlook on 2025. Sticking AI crawlers in the tar pit.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Dr. Chris Pierson, Founder and CEO of BlackCloak, joining us to share trends he sees coming our way in 2025. Selected Reading Court rules FBI's warrantless searches violated Fourth Amendment (Ars Technica) US Charges Five People Over North Korean IT Worker Scheme (SecurityWeek) Texas probes four more car companies over how they collect and sell consumer data (The Record) CISA Warns of Flaws in Aircraft Collision Avoidance Systems (BankInfo Security) ESA - Estonia to host Europe's new space cybersecurity testing ground (European Space Agency) Bypassing EDR Detection by Exploiting Hardware Breakpoints at CPU Level (Cyber Security News) Subaru Starlink Vulnerability Exposed Cars to Remote Hacking (SecurityWeek) China and friends say they're hurting cyber-slave scam camps (The Register) Developer Creates Infinite Maze That Traps AI Training Bots (404 Media)   Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices