POPULARITY
Hörns Üp 363 - ESP 30 - (04-02-2025) EN EL PROGRAMA DE HOY NOS VISITAN: Los Sex - Porque te vas Automatic Kafka - Immortal Jolly Joker - Broken Glass Sexplosion - Wild Addcited Sinner Rage - Fire´s On Puraposse - Rehen Kaotico - Otra noche Vinodium - ¡Kiero salir! Unbounded Terror - Reviving Ravenblood - Reborn in Darkness The Third Grade - A Glitch in Time Cains Dinasty - 2 Segundos The Genotype - Chronomancer (Respoken) No More Tags - Angel de Fango Easy Rider - Prey El legado de una tragedia - El morador de las Tinieblas Gigatron - El Monolito Headon - Fiesta Pagana PLAYLIST (Spotify) del programa: https://open.spotify.com/playlist/6tZsFj3zo93WlL6Ud2sTyS?si=d02853273f4e4690 Este icono Portada del programa para #SinnerRage Este icono son saludos por parte de los grupos a Hörns ÜP! Videos Saludos de los Grupos (YouTube) --> https://www.youtube.com/@hornsuppodcastspain Síguenos en: Canal de Whatsapp: https://whatsapp.com/channel/0029VaFJWCQJJhzZzHtuYs0i #hornsuppodcast https://hornsup.es Instagram: @hornsuppodcast Twitter: @HornsUp2020 Tiktok: @hornsuppodcast YouTube: https://www.youtube.com/@hornsuppodcastspain Puedes ayudar a Horns Up como nuestros "Fans": Ander, Ricardo, Eric, Charly, Mau, Raspu, Óscar, Pedro, Juankar, Carolina, Moy A.M., Iñaki, Carlos Blasco, Valentín, Baal, José Manuel Ruiz, David García, Rick Bass Baker, Fran, Fonchi, Moy Lora, Carlos Makina, Jesús Jiménez, Esther "Impala" Miguelón, Jorge, Pablo, Pere, xauxa666 !!! Graciassss!! APOYA AL PROGRAMA EN ESTE ENLACE: https://www.ivoox.com/support/835002 #lexlüger #jollyjoker #kingsapo #INVICTI #injector #evilneverlose #kaotiko #eruktogatos #bourbonkings #betweenseconds #witheringthecore #avulsed #darkembrace #cainsdinasty #kilmara #Saurom #tierrasanta #Daeria
Hörns Üp 363 - ESP 30 - (04-02-2025) EN EL PROGRAMA DE HOY NOS VISITAN: Los Sex - Porque te vas Automatic Kafka - Immortal Jolly Joker - Broken Glass Sexplosion - Wild Addcited Sinner Rage - Fire´s On Puraposse - Rehen Kaotico - Otra noche Vinodium - ¡Kiero salir! Unbounded Terror - Reviving Ravenblood - Reborn in Darkness The Third Grade - A Glitch in Time Cains Dinasty - 2 Segundos The Genotype - Chronomancer (Respoken) No More Tags - Angel de Fango Easy Rider - Prey El legado de una tragedia - El morador de las Tinieblas Gigatron - El Monolito Headon - Fiesta Pagana PLAYLIST (Spotify) del programa: https://open.spotify.com/playlist/6tZsFj3zo93WlL6Ud2sTyS?si=d02853273f4e4690 Este icono Portada del programa para #SinnerRage Este icono son saludos por parte de los grupos a Hörns ÜP! Videos Saludos de los Grupos (YouTube) --> https://www.youtube.com/@hornsuppodcastspain Síguenos en: Canal de Whatsapp: https://whatsapp.com/channel/0029VaFJWCQJJhzZzHtuYs0i #hornsuppodcast https://hornsup.es Instagram: @hornsuppodcast Twitter: @HornsUp2020 Tiktok: @hornsuppodcast YouTube: https://www.youtube.com/@hornsuppodcastspain Puedes ayudar a Horns Up como nuestros "Fans": Ander, Ricardo, Eric, Charly, Mau, Raspu, Óscar, Pedro, Juankar, Carolina, Moy A.M., Iñaki, Carlos Blasco, Valentín, Baal, José Manuel Ruiz, David García, Rick Bass Baker, Fran, Fonchi, Moy Lora, Carlos Makina, Jesús Jiménez, Esther "Impala" Miguelón, Jorge, Pablo, Pere, xauxa666 !!! Graciassss!! APOYA AL PROGRAMA EN ESTE ENLACE: https://www.ivoox.com/support/835002 #lexlüger #jollyjoker #kingsapo #INVICTI #injector #evilneverlose #kaotiko #eruktogatos #bourbonkings #betweenseconds #witheringthecore #avulsed #darkembrace #cainsdinasty #kilmara #Saurom #tierrasanta #Daeria
Hörns Üp 358 - ESP 29 (21-01-2025) EN EL PROGRAMA DE HOY NOS VISITAN: Lex Lüger - Saltar al vacio Jolly Joker - I just wanna kiss you (PORTADA) King Sapo - El dios de America Invicti - Our Names Injector - Never enter the core Evil Never Lose - Fucking War Kaotico - Un mal sueño Eruktogatos - Mi locura Bourbon Kings - Haka Between Seconds - Breaking the Chains Whitering the Core - Devilman Avulsed - Lacerate to dominate Dark Embrace - The dark land Cains Dinasty - Rompiendo las lineas de sangre Kilmara - Wildfire Tierra Santa - Excalibur Saurom - El rey que no sabia mandar Daeria - Un poco loco PLAYLIST (Spotify) del programa: https://open.spotify.com/playlist/7h2rJW763BmNxqS5dw8OLU?si=c0e4cc48cfef4eb0 Este icono Portada del programa para #JollyJoker Este icono son saludos por parte de los grupos a Hörns ÜP! Videos Saludos de los Grupos (YouTube) --> https://www.youtube.com/@hornsuppodcastspain Síguenos en: Canal de Whatsapp: https://whatsapp.com/channel/0029VaFJWCQJJhzZzHtuYs0i #hornsuppodcast https://hornsup.es Instagram: @hornsuppodcast Twitter: @HornsUp2020 Tiktok: @hornsuppodcast YouTube: https://www.youtube.com/@hornsuppodcastspain Puedes ayudar a Horns Up como nuestros "Fans": Ander, Ricardo, Eric, Charly, Mau, Raspu, Óscar, Pedro, Juankar, Carolina, Moy A.M., Iñaki, Carlos Blasco, Valentín, Baal, José Manuel Ruiz, David García, Rick Bass Baker, Fran, Fonchi, Moy Lora, Carlos Makina, Jesús Jiménez, Esther "Impala" Miguelón, Jorge, Pablo, Pere, xauxa666 !!! Graciassss!! APOYA AL PROGRAMA EN ESTE ENLACE: https://www.ivoox.com/support/835002 #lexlüger #jollyjoker #kingsapo #INVICTI #injector #evilneverlose #kaotiko #eruktogatos #bourbonkings #betweenseconds #witheringthecore #avulsed #darkembrace #cainsdinasty #kilmara #Saurom #tierrasanta #Daeria
Hörns Üp 358 - ESP 29 (21-01-2025) EN EL PROGRAMA DE HOY NOS VISITAN: Lex Lüger - Saltar al vacio Jolly Joker - I just wanna kiss you (PORTADA) King Sapo - El dios de America Invicti - Our Names Injector - Never enter the core Evil Never Lose - Fucking War Kaotico - Un mal sueño Eruktogatos - Mi locura Bourbon Kings - Haka Between Seconds - Breaking the Chains Whitering the Core - Devilman Avulsed - Lacerate to dominate Dark Embrace - The dark land Cains Dinasty - Rompiendo las lineas de sangre Kilmara - Wildfire Tierra Santa - Excalibur Saurom - El rey que no sabia mandar Daeria - Un poco loco PLAYLIST (Spotify) del programa: https://open.spotify.com/playlist/7h2rJW763BmNxqS5dw8OLU?si=c0e4cc48cfef4eb0 Este icono Portada del programa para #JollyJoker Este icono son saludos por parte de los grupos a Hörns ÜP! Videos Saludos de los Grupos (YouTube) --> https://www.youtube.com/@hornsuppodcastspain Síguenos en: Canal de Whatsapp: https://whatsapp.com/channel/0029VaFJWCQJJhzZzHtuYs0i #hornsuppodcast https://hornsup.es Instagram: @hornsuppodcast Twitter: @HornsUp2020 Tiktok: @hornsuppodcast YouTube: https://www.youtube.com/@hornsuppodcastspain Puedes ayudar a Horns Up como nuestros "Fans": Ander, Ricardo, Eric, Charly, Mau, Raspu, Óscar, Pedro, Juankar, Carolina, Moy A.M., Iñaki, Carlos Blasco, Valentín, Baal, José Manuel Ruiz, David García, Rick Bass Baker, Fran, Fonchi, Moy Lora, Carlos Makina, Jesús Jiménez, Esther "Impala" Miguelón, Jorge, Pablo, Pere, xauxa666 !!! Graciassss!! APOYA AL PROGRAMA EN ESTE ENLACE: https://www.ivoox.com/support/835002 #lexlüger #jollyjoker #kingsapo #INVICTI #injector #evilneverlose #kaotiko #eruktogatos #bourbonkings #betweenseconds #witheringthecore #avulsed #darkembrace #cainsdinasty #kilmara #Saurom #tierrasanta #Daeria
Hoy venimos con todo este percal: Karolina Reaper, Ilegales, Maverick Punk Rock, SomosOnza, Argion, CRUDO, Viajero del tiempo, Factoria Sound, El Perro, Metiendo ruido, Ke Trabaje Rita Podcast, KARNE CRUDA, Invicti, Noxfilia, Garraspera , Memo, @Amaro - grupo, The Hellacopters, Grave Digger, CRYPTA, Hiranya y Ramoncín
Hoy venimos con todo este percal: Karolina Reaper, Ilegales, Maverick Punk Rock, SomosOnza, Argion, CRUDO, Viajero del tiempo, Factoria Sound, El Perro, Metiendo ruido, Ke Trabaje Rita Podcast, KARNE CRUDA, Invicti, Noxfilia, Garraspera , Memo, @Amaro - grupo, The Hellacopters, Grave Digger, CRYPTA, Hiranya y Ramoncín
Especial dedicado a la Asociación Rockin Ladies y a las baterías en este caso del colectivo femenino y Lgtbi. Con la dirección de Oswaldo Martín y la participación de Raquel García y Parys Lácrima. Un programa tan didáctico como entretenido. Edición de Kikemaiden. 01 Lacuna Coil - Spellbound - Drum cover by Paris Lakryma 02 MEGARA - Oxígeno (Aftermovie) 03 Invicti con Marta Grimaldi- Sala X - The Hall Of The Mountain King (Savatage's cover) 04 Rabia Perez - Rabia (Playthrough Paris Lakryma) 05 Baard Kolstad - Leprous - Rewind (Drum Playthrough) 06 Saray Sáez - Come find me 07 Nerea Bassart Trio – Sol 08 Guitar Center Drum-Off 2012 Finalist - Aric Improta 09 CRYPTA - From The Ashes (Drum Playthrough by Luana Dametto) Napalm Records 10 ANKOR - Prisoner [Drum Playthrough by ELENI NOTA] @EleniNotaDrums
Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs. Segment Resources: - [AppSec Indicator Spring 2023 edition | Invicti](https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand) This segment is sponsored by Invicti. Visit [securityweekly.com/invicti](https://securityweekly.com/invicti) to learn more about them! In the news, two XSS vulns via postMessage methods in Azure, how to choose (and move on from) a web research topic, OpenSSF finances a security developer-in-residence for Python, more infosec myths, free cybersecurity training resources. Visit [securityweekly.com/asw](https://securityweekly.com/asw) for all the latest episodes! Follow us on Twitter: [@SecWeekly](https://www.twitter.com/secweekly) Like us on Facebook: [facebook.com/secweekly](https://www.facebook.com/secweekly) Visit https://securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-245
Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs. Segment Resources: - [AppSec Indicator Spring 2023 edition | Invicti](https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand) This segment is sponsored by Invicti. Visit [securityweekly.com/invicti](https://securityweekly.com/invicti) to learn more about them! In the news, two XSS vulns via postMessage methods in Azure, how to choose (and move on from) a web research topic, OpenSSF finances a security developer-in-residence for Python, more infosec myths, free cybersecurity training resources. Visit [securityweekly.com/asw](https://securityweekly.com/asw) for all the latest episodes! Follow us on Twitter: [@SecWeekly](https://www.twitter.com/secweekly) Like us on Facebook: [facebook.com/secweekly](https://www.facebook.com/secweekly) Visit https://securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-245
Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs. Segment Resources: AppSec Indicator Spring 2023 edition: https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand) This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-245
Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs. Segment Resources: AppSec Indicator Spring 2023 edition: https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand) This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-245
Application security is messy and is getting messier. Modern application security teams are struggling to identify what's more important to fix. Cloud security and application security is getting squeezed all together. Modern vulnerability maturity needs a new approach and guidance. Vulnerability management framework and mature defect management is often overlooked as organizations tend to identify issues and stop there. The devil is usually in the details and time gets burned down in identifying who needs to solve what where. Vulnerability Management Maturity Framework has been created to address that. Segment Resources: Framework: https://phoenix.security/vulnerability-management-framework/ Books on metrics: https://phoenix.security/whitepapers-resources/data-driven-application-security-vulnerability-management-are-sla-slo-dead/ Vulnerability aggregation and prioritization https://phoenix.security/whitepapers-resources/whitepaper-vulnerability-management-in-application-cloud-security/ Shift left: https://phoenix.security/shift-everywhere/ Vulnerability management talk: https://phoenix.security/web-vuln-management/ Vulnerability management framework playlist (explained) https://www.youtube.com/playlist?list=PLVlvQpDxsvqHWQfqej5Gs7bOd-cq8JO24 How to act on risk: https://phoenix.security/phoenix-security-act-on-risk-calculation/ Without visibility into your entire web application attack surface and a continuous find and fix strategy, dangerous threats can expose your organization's blind spots and create risk. Invicti analyzes common web application vulnerabilities across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of application vulnerability trends from automated scan results across regions. In this interview, Invicti's Patrick Vandenberg zooms in on the vulnerabilities plaguing organizations, providing insight into this year's report trends, and guidance on how CISOs and AppSec program leaders can create an environment for their teams that mitigates risk. Segment Resources: https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_RSA-CRA-interview-2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand T his segment is sponsored by Invicti. Visit https://securityweekly.com/invictirsac to learn more about them! Flaws in the design and implementation of an application can create business logic vulnerabilities that allow attackers to manipulate legitimate functionality to achieve a malicious goal. What's more, API-related security incidents exploit business logic, the programming that manages communication between the application and the database. In this discussion, Karl Triebes shares what you need to know about business logic attacks to effectively protect against them. This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw239
Without visibility into your entire web application attack surface and a continuous find and fix strategy, dangerous threats can expose your organization's blind spots and create risk. Invicti analyzes common web application vulnerabilities across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of application vulnerability trends from automated scan results across regions. In this interview, Invicti's Patrick Vandenberg zooms in on the vulnerabilities plaguing organizations, providing insight into this year's report trends, and guidance on how CISOs and AppSec program leaders can create an environment for their teams that mitigates risk. Segment Resources: https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_RSA-CRA-interview-2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand This segment is sponsored by Invicti. Visit https://securityweekly.com/invictirsac to learn more about them! Flaws in the design and implementation of an application can create business logic vulnerabilities that allow attackers to manipulate legitimate functionality to achieve a malicious goal. What's more, API-related security incidents exploit business logic, the programming that manages communication between the application and the database. In this discussion, Karl Triebes shares what you need to know about business logic attacks to effectively protect against them. This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw239
Application security is messy and is getting messier. Modern application security teams are struggling to identify what's more important to fix. Cloud security and application security is getting squeezed all together. Modern vulnerability maturity needs a new approach and guidance. Vulnerability management framework and mature defect management is often overlooked as organizations tend to identify issues and stop there. The devil is usually in the details and time gets burned down in identifying who needs to solve what where. Vulnerability Management Maturity Framework has been created to address that. Segment Resources: Framework: https://phoenix.security/vulnerability-management-framework/ Books on metrics: https://phoenix.security/whitepapers-resources/data-driven-application-security-vulnerability-management-are-sla-slo-dead/ Vulnerability aggregation and prioritization https://phoenix.security/whitepapers-resources/whitepaper-vulnerability-management-in-application-cloud-security/ Shift left: https://phoenix.security/shift-everywhere/ Vulnerability management talk: https://phoenix.security/web-vuln-management/ Vulnerability management framework playlist (explained) https://www.youtube.com/playlist?list=PLVlvQpDxsvqHWQfqej5Gs7bOd-cq8JO24 How to act on risk: https://phoenix.security/phoenix-security-act-on-risk-calculation/ Without visibility into your entire web application attack surface and a continuous find and fix strategy, dangerous threats can expose your organization's blind spots and create risk. Invicti analyzes common web application vulnerabilities across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of application vulnerability trends from automated scan results across regions. In this interview, Invicti's Patrick Vandenberg zooms in on the vulnerabilities plaguing organizations, providing insight into this year's report trends, and guidance on how CISOs and AppSec program leaders can create an environment for their teams that mitigates risk. Segment Resources: https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_RSA-CRA-interview-2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand T his segment is sponsored by Invicti. Visit https://securityweekly.com/invictirsac to learn more about them! Flaws in the design and implementation of an application can create business logic vulnerabilities that allow attackers to manipulate legitimate functionality to achieve a malicious goal. What's more, API-related security incidents exploit business logic, the programming that manages communication between the application and the database. In this discussion, Karl Triebes shares what you need to know about business logic attacks to effectively protect against them. This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw239
Without visibility into your entire web application attack surface and a continuous find and fix strategy, dangerous threats can expose your organization's blind spots and create risk. Invicti analyzes common web application vulnerabilities across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of application vulnerability trends from automated scan results across regions. In this interview, Invicti's Patrick Vandenberg zooms in on the vulnerabilities plaguing organizations, providing insight into this year's report trends, and guidance on how CISOs and AppSec program leaders can create an environment for their teams that mitigates risk. Segment Resources: https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_RSA-CRA-interview-2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand This segment is sponsored by Invicti. Visit https://securityweekly.com/invictirsac to learn more about them! Flaws in the design and implementation of an application can create business logic vulnerabilities that allow attackers to manipulate legitimate functionality to achieve a malicious goal. What's more, API-related security incidents exploit business logic, the programming that manages communication between the application and the database. In this discussion, Karl Triebes shares what you need to know about business logic attacks to effectively protect against them. This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw239
With the increased interest and use of AI such as GTP 3/4, ChatGPT, GitHub Copilot, and internal modeling, there comes an array of use cases and examples for increased efficiency, but also inherent security risks that organizations should consider. In this talk, Invicti's CTO & Head of Security Research Frank Catucci discusses potential use cases and talks through real-life examples of using AI in production environments. Frank delves into benefits, as well as security implications, touching on a number of security aspects to consider, including security from the supply chain perspective, SBOMs, licensing, as well as risk mitigation, and risk assessment. Frank also covers some of the types of attacks that might happen as a result of utilizing AI-generated code, like intellectual property leaking via a prompt injection attack, data poisoning, etc. And lastly, Frank shares the Invicti security team's real-life experience of utilizing AI, including early successes and failures. Segment Resources: On-demand webinar on the topic of generative AI - https://www.scmagazine.com/cybercast/generative-ai-understanding-the-appsec-risks-and-how-dast-can-mitigate-them Invicti Research - https://www.invicti.com/blog/web-security/analyzing-security-github-copilot-suggestions/ - https://github.com/svenmorgenrothio/Prompt-Injection-Playground This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Ferrari refuses ransomware, OpenAI deals with security issues from cacheing, video killed a crypto ATM, GitHub rotates their RSA SSH key, bypassing CloudTrail, terms and techniques for measuring AI security and safety Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw234
With the increased interest and use of AI such as GTP 3/4, ChatGPT, GitHub Copilot, and internal modeling, there comes an array of use cases and examples for increased efficiency, but also inherent security risks that organizations should consider. In this talk, Invicti's CTO & Head of Security Research Frank Catucci discusses potential use cases and talks through real-life examples of using AI in production environments. Frank delves into benefits, as well as security implications, touching on a number of security aspects to consider, including security from the supply chain perspective, SBOMs, licensing, as well as risk mitigation, and risk assessment. Frank also covers some of the types of attacks that might happen as a result of utilizing AI-generated code, like intellectual property leaking via a prompt injection attack, data poisoning, etc. And lastly, Frank shares the Invicti security team's real-life experience of utilizing AI, including early successes and failures. Segment Resources: On-demand webinar on the topic of generative AI - https://www.scmagazine.com/cybercast/generative-ai-understanding-the-appsec-risks-and-how-dast-can-mitigate-them Invicti Research - https://www.invicti.com/blog/web-security/analyzing-security-github-copilot-suggestions/ - https://github.com/svenmorgenrothio/Prompt-Injection-Playground This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw234
With the increased interest and use of AI such as GTP 3/4, ChatGPT, GitHub Copilot, and internal modeling, there comes an array of use cases and examples for increased efficiency, but also inherent security risks that organizations should consider. In this talk, Invicti's CTO & Head of Security Research Frank Catucci discusses potential use cases and talks through real-life examples of using AI in production environments. Frank delves into benefits, as well as security implications, touching on a number of security aspects to consider, including security from the supply chain perspective, SBOMs, licensing, as well as risk mitigation, and risk assessment. Frank also covers some of the types of attacks that might happen as a result of utilizing AI-generated code, like intellectual property leaking via a prompt injection attack, data poisoning, etc. And lastly, Frank shares the Invicti security team's real-life experience of utilizing AI, including early successes and failures. Segment Resources: On-demand webinar on the topic of generative AI - https://www.scmagazine.com/cybercast/generative-ai-understanding-the-appsec-risks-and-how-dast-can-mitigate-them Invicti Research - https://www.invicti.com/blog/web-security/analyzing-security-github-copilot-suggestions/ - https://github.com/svenmorgenrothio/Prompt-Injection-Playground This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Ferrari refuses ransomware, OpenAI deals with security issues from cacheing, video killed a crypto ATM, GitHub rotates their RSA SSH key, bypassing CloudTrail, terms and techniques for measuring AI security and safety Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw234
With the increased interest and use of AI such as GTP 3/4, ChatGPT, GitHub Copilot, and internal modeling, there comes an array of use cases and examples for increased efficiency, but also inherent security risks that organizations should consider. In this talk, Invicti's CTO & Head of Security Research Frank Catucci discusses potential use cases and talks through real-life examples of using AI in production environments. Frank delves into benefits, as well as security implications, touching on a number of security aspects to consider, including security from the supply chain perspective, SBOMs, licensing, as well as risk mitigation, and risk assessment. Frank also covers some of the types of attacks that might happen as a result of utilizing AI-generated code, like intellectual property leaking via a prompt injection attack, data poisoning, etc. And lastly, Frank shares the Invicti security team's real-life experience of utilizing AI, including early successes and failures. Segment Resources: On-demand webinar on the topic of generative AI - https://www.scmagazine.com/cybercast/generative-ai-understanding-the-appsec-risks-and-how-dast-can-mitigate-them Invicti Research - https://www.invicti.com/blog/web-security/analyzing-security-github-copilot-suggestions/ - https://github.com/svenmorgenrothio/Prompt-Injection-Playground This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw234
My interview with the band discussing the new album and much more! --- Support this podcast: https://podcasters.spotify.com/pod/show/robert-carrigan/support
In this episode, Richard talks to Michael George, CEO of Invicti Security. They're an accurate automated application security testing platform that scales like no other solution.Michael tells Richard about his past experience of leading Continuum, and what the buyout and merger process was like. He also explains what led him to found Invicti, and how the business helps MSPs. They talk about the importance of a positive company culture and how Michael and the Invicti team build and nurture theirs. Michael also explains the organisation's relationship with the wider cybersecurity company and how it fits in to the MSP market.Richard asks Michael why he thinks that application security testing is so important in modern cybersecurity, the practicalities of solution consolidation in cybersecurity, and how Invicti helps MSPs manage risk in a scalable way.They also look at the good and the bad when it comes to private equity funding for MSP vendors and how to spot red flags, what's next for Invicti and what's next for Michael – including mountain climbing.Mentioned in This EpisodeInvictiConnectWiseJiraJenkinsServiceNowA3Sec SASSmart Solution Consulting GmbHMonogoBulletproofKaseyaLinuxSummit Partners (growth equity firm)Book: David Foster Wallace: Infinite JestDavid Foster Wallace Kenyon College commencement address: This is WaterInvicti's AppSec Indicator reportInvicti's MSSP ProgramInvicti Resources Library
In Episode 84 I interviewed Rusty Sides and Eric Friese of Checkmarx and Ted Rutcsh of Invicti about Application Vulnerability Scanning at the 2022 National Cyber Summit from Huntsville. Before the interviews I go on a slight rant about an NY Times editorial called "Why the FBI is so Far Behind in Cybercrime" (Opinion | Why the F.B.I. Is So Far Behind on Cybercrime - The New York Times (nytimes.com). Needless to say, I have thoughts... Give a listen, tell a friend. Check out the companies interviewed on this episode at www.checkmarx.com and www.invicti.com
Shifting left has been a buzzword in the application security space for several years now, and with good reason – making security an integral part of development is the only practical approach for modern agile workflows. But in their drive to build security testing into development as early as possible, many organizations are neglecting application security in later phases and losing sight of the big picture. In this talk, Invicti's Chief Product Officer Sonali Shah discusses the challenges and misunderstandings around shifting left, and provides tips on how organizations can implement web application security program without tradeoffs throughout the whole application security lifecycle. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw211
Shifting left has been a buzzword in the application security space for several years now, and with good reason – making security an integral part of development is the only practical approach for modern agile workflows. But in their drive to build security testing into development as early as possible, many organizations are neglecting application security in later phases and losing sight of the big picture. In this talk, Invicti's Chief Product Officer Sonali Shah discusses the challenges and misunderstandings around shifting left, and provides tips on how organizations can implement web application security program without tradeoffs throughout the whole application security lifecycle. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw211
Go releases their own curated vuln management resources, OSS-Fuzz finds command injection, Microsoft gets rid of Basic Auth in Exchange, NSA provides guidance on securing SDLC practices, reflections on pentesting, comments on e2e Shifting left has been a buzzword in the application security space for several years now, and with good reason – making security an integral part of development is the only practical approach for modern agile workflows. But in their drive to build security testing into development as early as possible, many organizations are neglecting application security in later phases and losing sight of the big picture. In this talk, Invicti's Chief Product Officer Sonali Shah discusses the challenges and misunderstandings around shifting left, and provides tips on how organizations can implement web application security program without tradeoffs throughout the whole application security lifecycle. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw211
Go releases their own curated vuln management resources, OSS-Fuzz finds command injection, Microsoft gets rid of Basic Auth in Exchange, NSA provides guidance on securing SDLC practices, reflections on pentesting, comments on e2e Shifting left has been a buzzword in the application security space for several years now, and with good reason – making security an integral part of development is the only practical approach for modern agile workflows. But in their drive to build security testing into development as early as possible, many organizations are neglecting application security in later phases and losing sight of the big picture. In this talk, Invicti's Chief Product Officer Sonali Shah discusses the challenges and misunderstandings around shifting left, and provides tips on how organizations can implement web application security program without tradeoffs throughout the whole application security lifecycle. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw211
REvil (or an impostor, or successor) may be back. A Paris-area medical center continues to work to recover from cyber extortion. An assessment of Russian failure (or disinclination) to mount effective cyber campaigns. Cyber criminals find wartime to be a tough time. Josh Ray from Accenture looks at cyber threats to the rail industry. Our guest is Dan Murphy of Invicti making the case that not all vulnerabilities are created equal. And Yandex Taxi's app was hacked in a nuisance attack. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/170 Selected reading. REvil says they breached electronics giant Midea Group (Cybernews) Paralysed French hospital fights cyber attack as hackers lower ransom demand (RFI) French hospital hit by $10M ransomware attack, sends patients elsewhere (BleepingComputer) Hacks tied to Russia and Ukraine war have had minor impact, researchers say (The Record by Recorded Future) Getting Bored of Cyberwar: Exploring the Role of the Cybercrime Underground in the Russia-Ukraine Conflict (arXiv:2208.10629v2) Why Russia's cyber war in Ukraine hasn't played out as predicted (New Atlas) Cyber key in Ukraine war, says spy chief (The Canberra Times) Montenegro Sent Back to Analog by Unprecedented Cyber Attacks (Balkan Insight) Montenegro blames criminal gang for cyber attacks on government (EU Reporter) Ransomware Attack Sends Montenegro Reaching Out to NATO Partners (Bloomberg) “I'm tired of living in poverty” – Russian-Speaking Cyber Criminals Feeling the Economic Pinch (Digital Shadows) Yandex Taxi hack creates huge traffic jam in Moscow (Cybernews) Anonymous hacked Russia's largest taxi firm and caused a massive traffic jam (Daily Star)
Pressured by the speed of innovation, organizations are struggling to achieve the continuous web application security they need in the face of mounting threats and compliance requirements. What does it take in order for your AppSec program to be both effective and agile? In this segment, Ferruh Mavituna, founder and strategic advisor of Invicti Security, discusses best practices to help you implement an effective, agile, and – most importantly – continuous approach to application security. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw205
Pressured by the speed of innovation, organizations are struggling to achieve the continuous web application security they need in the face of mounting threats and compliance requirements. What does it take in order for your AppSec program to be both effective and agile? In this segment, Ferruh Mavituna, founder and strategic advisor of Invicti Security, discusses best practices to help you implement an effective, agile, and – most importantly – continuous approach to application security. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw205
Vuln in an Atlassian Confluence app, "Dirty Dancing" in OAuth flows, security audits of sigstore and slf4j, flaws in fleet management app, conducting tabletop exercises. Pressured by the speed of innovation, organizations are struggling to achieve the continuous web application security they need in the face of mounting threats and compliance requirements. What does it take in order for your AppSec program to be both effective and agile? In this segment, Ferruh Mavituna, founder and strategic advisor of Invicti Security, discusses best practices to help you implement an effective, agile, and – most importantly – continuous approach to application security. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw205
Pressured by the speed of innovation, organizations are struggling to achieve the continuous web application security they need in the face of mounting threats and compliance requirements. What does it take in order for your AppSec program to be both effective and agile? In this segment, Ferruh Mavituna, founder and strategic advisor of Invicti Security, discusses best practices to help you implement an effective, agile, and – most importantly – continuous approach to application security. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw205
Vuln in an Atlassian Confluence app, "Dirty Dancing" in OAuth flows, security audits of sigstore and slf4j, flaws in fleet management app, conducting tabletop exercises. Pressured by the speed of innovation, organizations are struggling to achieve the continuous web application security they need in the face of mounting threats and compliance requirements. What does it take in order for your AppSec program to be both effective and agile? In this segment, Ferruh Mavituna, founder and strategic advisor of Invicti Security, discusses best practices to help you implement an effective, agile, and – most importantly – continuous approach to application security. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw205
HTTP RFCs have evolved: A Cloudflare view of HTTP usage trends, Career Advice and Professional Development, Active Exploitation of Confluence CVE-2022-26134 Seamlessly Connect & Protect Entire IT Ecosystem The new business reality is that everything is connected, and everyone is vulnerable. In today's world, security resilience is imperative, and Cisco believes it requires an open, unified security platform that crosses hybrid multi-cloud environments. Our vision for the Cisco Security Cloud will reshape the way organizations approach and protect the integrity of the entire IT ecosystem. Segment Resources: Cisco Security Resilience: https://www.cisco.com/c/en/us/products/security/security-resilience.html This segment is sponsored by Cisco. Visit https://securityweekly.com/cisco to learn more about them! The Culture Blindspot: Harmonizing DevSecOps Helps Curb Burnout Recent data shows that security and development teams are still stressed, and they're taking that stress home with them. Not only are they spending unnecessary hours addressing security issues that they could have otherwise prevented with modern tools and best practices, but also these teams are taking time out of their personal lives during holidays and on weekends to manage critical issues, contributing to burnout and ultimately churn. There's good news, though: relationships between security and development are steadily improving, and with the right support and modern tooling at hand, you can transform the lives of cybersecurity professionals while also boosting your organization's security posture, too. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw200
HTTP RFCs have evolved: A Cloudflare view of HTTP usage trends, Career Advice and Professional Development, Active Exploitation of Confluence CVE-2022-26134 Seamlessly Connect & Protect Entire IT Ecosystem The new business reality is that everything is connected, and everyone is vulnerable. In today's world, security resilience is imperative, and Cisco believes it requires an open, unified security platform that crosses hybrid multi-cloud environments. Our vision for the Cisco Security Cloud will reshape the way organizations approach and protect the integrity of the entire IT ecosystem. Segment Resources: Cisco Security Resilience: https://www.cisco.com/c/en/us/products/security/security-resilience.html This segment is sponsored by Cisco. Visit https://securityweekly.com/cisco to learn more about them! The Culture Blindspot: Harmonizing DevSecOps Helps Curb Burnout Recent data shows that security and development teams are still stressed, and they're taking that stress home with them. Not only are they spending unnecessary hours addressing security issues that they could have otherwise prevented with modern tools and best practices, but also these teams are taking time out of their personal lives during holidays and on weekends to manage critical issues, contributing to burnout and ultimately churn. There's good news, though: relationships between security and development are steadily improving, and with the right support and modern tooling at hand, you can transform the lives of cybersecurity professionals while also boosting your organization's security posture, too. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw200
Seamlessly Connect & Protect Entire IT Ecosystem The new business reality is that everything is connected, and everyone is vulnerable. In today's world, security resilience is imperative, and Cisco believes it requires an open, unified security platform that crosses hybrid multi-cloud environments. Our vision for the Cisco Security Cloud will reshape the way organizations approach and protect the integrity of the entire IT ecosystem. Segment Resources: Cisco Security Resilience: https://www.cisco.com/c/en/us/products/security/security-resilience.html This segment is sponsored by Cisco. Visit https://securityweekly.com/cisco to learn more about them! The Culture Blindspot: Harmonizing DevSecOps Helps Curb Burnout Recent data shows that security and development teams are still stressed, and they're taking that stress home with them. Not only are they spending unnecessary hours addressing security issues that they could have otherwise prevented with modern tools and best practices, but also these teams are taking time out of their personal lives during holidays and on weekends to manage critical issues, contributing to burnout and ultimately churn. There's good news, though: relationships between security and development are steadily improving, and with the right support and modern tooling at hand, you can transform the lives of cybersecurity professionals while also boosting your organization's security posture, too. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw200
Seamlessly Connect & Protect Entire IT Ecosystem The new business reality is that everything is connected, and everyone is vulnerable. In today's world, security resilience is imperative, and Cisco believes it requires an open, unified security platform that crosses hybrid multi-cloud environments. Our vision for the Cisco Security Cloud will reshape the way organizations approach and protect the integrity of the entire IT ecosystem. Segment Resources: Cisco Security Resilience: https://www.cisco.com/c/en/us/products/security/security-resilience.html This segment is sponsored by Cisco. Visit https://securityweekly.com/cisco to learn more about them! The Culture Blindspot: Harmonizing DevSecOps Helps Curb Burnout Recent data shows that security and development teams are still stressed, and they're taking that stress home with them. Not only are they spending unnecessary hours addressing security issues that they could have otherwise prevented with modern tools and best practices, but also these teams are taking time out of their personal lives during holidays and on weekends to manage critical issues, contributing to burnout and ultimately churn. There's good news, though: relationships between security and development are steadily improving, and with the right support and modern tooling at hand, you can transform the lives of cybersecurity professionals while also boosting your organization's security posture, too. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw200
On this episode of the BragWorthy Culture Podcast, Jordan talks with Mark Ralls, President and COO at Invicti Security. Invicti has been an Applications Security leader for more than 15 years and enables organizations in every industry to continuously scan and secure all of their web apps and APIs, regardless of platform. Invicti provides proof of any vulnerabilities so the client doesn't have to spend time verifying them. Invicti's HQ is in Austin, Texas, and it serves more than 3,500 organizations. Throughout his career, Mark has had the opportunity to build and manage teams and coax great work out of them. He shares hiring tips (he loves candidates that are “his kind of crazy”), the importance of diversity (“the more diverse your team is, the better performing it will be”), what Covid-19 triggered for Invicti (revealed that they were true to their values), and why he thinks it should be called the Great Reckoning, not the Great Resignation. Looking to build your own BragWorthy Culture? Fringe can help. Fringe is the number one lifestyle benefits platform. Give your people the power of choice and save a ton of administrative headaches by consolidating existing vendors and programs into a simple, automated platform. Contact us at https://fringe.us/
In questo episodio, parlo con Matteo Grudina, un grande rievocatore del Friuli che è tra gli iniziatori della nuova ondata di attenzione e ricerca sui Longobardi. Il suo gruppo di rievocatori – gli Invicti Lupi – è conosciuto in tutta Italia e all'estero. Come ci spiegherà Matteo, la frequentazione di luoghi e gruppi rievocativi oltralpe gli ha dato l'ispirazione per sognare in grande: con gli Invicti Lupi, un team di collaboratori – tra i quali il nostro Nicola Bergamo, che ho già intervistato, ricordate? – il regista Simone Vrech ha dato vita al documentario “Langobardi – Alboino e Romans”. Un documentario che è stato presentato sul programma della RAI di Alessandro Barbero – A.c D.c – e che sta mietendo successi in tutto il mondo. Ma Matteo ha anche altri obiettivi di rievocazione, come la costruzione del primo villaggio longobardo. Ce ne parla in questa bella diretta che abbiamo fatto assieme, buon ascolto! ---Per sostenere il podcast: www.patreon.com/italiastoria---Per sapere come acquistare il documentario "Langobardi - Alboino e Romans"http://www.invictilupi.org/?page_id=2317 Hosted on Acast. See acast.com/privacy for more information.
Invicti Solis addresses the most important questions that perplex postmodern humanity and civilization-and in so doing points the way toward the authentic destiny of both. · How can we discover the true heart’s desire in the thicket of conflicting desires that bid for our attention? · How can we discover absolute or objective truth in an age that […] The post Invicti Solis: The Rise of The Unconquered Sun by Gary Bryant appeared first on WebTalkRadio.net.
Invicti Solis addresses the most important questions that perplex postmodern humanity and civilization-and in so doing points the way toward the authentic destiny of both. · How can we discover the true heart’s desire in the thicket of conflicting desires that bid for our attention? · How can we discover absolute or objective truth in an age that […] The post Invicti Solis: The Rise of The Unconquered Sun by Gary Bryant appeared first on WebTalkRadio.net.
Sven will present common vulnerabilities and issues that arise when implementing authentication and authorization in web applications. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw720
Sven will present common vulnerabilities and issues that arise when implementing authentication and authorization in web applications. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw720
Want to know how to do QA testing in the cloud. How does Pokémon go scale to millions of requests? And why is the next generation of application security needed? Find out, the answers to these and all other end and full stack pipeline DevOps automation, testing, performance, testing, security testing, in this episode of the TestGuild new show for the week of October 31st. TIME-STAMPED SHOW NOTES: 00:23 Sponsored by Applitools 00:54 QA Cloud Testing Adrian Brociek Azimo 01:50 Prepare QA Teams for Automation Julia Pottinger 02:37 Postman survey from a Testers Beth Marshall view 03:18 TestAutomationU Angie Jones 100,000 testers! 04:01 Cypress.io new release 04:37 Automation Trends for 2022 05:08 Roblox #SRE performance issues Stephen Townshend 06:46 The Pokémon Company International Priyanka Vergadia James Prompanya 07:47 Autonomous Security Testing David Brumley ForAllSecure, Inc #appsecurity 08:33 625 Million Invicti Security Links mentioned in Today's Episode: *** Applitools free account: https://rcl.ink/xroZw *** 1. https://link.medium.com/hbJCo65bMkb 2. Julia https://bit.ly/3jVZvH5 3. Beth https://bit.ly/3jWIPiK 4. TAU https://prn.to/3GCHgAl 5. Cypress https://bit.ly/3nNEjEf 6. 2022 Trends: https://bit.ly/3nGGIjW 7. Roblox https://bit.ly/2ZIVwa6 8. Pokemon https://bit.ly/31fmoi5 9. Autonomous Security https://bit.ly/3mwwV0K 10. Invicti: https://bit.ly/2ZLMPeU Leave Some - Feedback Did you enjoy this episode? If so, please leave a short review Connect with Us: TestGuild.com AutomationGuild.com YouTube @joecolantonio @testguilds
In the Enterprise Security News, Devo, Dragos, Cato Networks and Aura have all announced $200m or larger funding rounds, TransUnion acquires Sontiq for $638m, Summit Partners acquires Invicti for $625m, Privacy engineering startup Piiano emerges, from stealth mode, Will cybersecurity funding top $20bn for 2021, New US spyware export rules, A silicon valley entrepreneur wants to scan your eyes, All that and don't forget to stick around for the squirrel story on this episode of Enterprise Security Weekly! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw248
In the Enterprise Security News, Devo, Dragos, Cato Networks and Aura have all announced $200m or larger funding rounds, TransUnion acquires Sontiq for $638m, Summit Partners acquires Invicti for $625m, Privacy engineering startup Piiano emerges, from stealth mode, Will cybersecurity funding top $20bn for 2021, New US spyware export rules, A silicon valley entrepreneur wants to scan your eyes, All that and don't forget to stick around for the squirrel story on this episode of Enterprise Security Weekly! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw248
This week, we welcome Jamie Moles, Senior Technical Marketing Manager at ExtraHop, to discuss Decrypt As If Your Security Depends On It! In the Enterprise Security News, Devo, Dragos, Cato Networks and Aura have all announced $200m or larger funding rounds, TransUnion acquires Sontiq for $638m, Summit Partners acquires Invicti for $625m, Privacy engineering startup Piiano emerges, from stealth mode, Will cybersecurity funding top $20bn for 2021, New US spyware export rules, and a silicon valley entrepreneur wants to scan your eyes! In the final segment, we spoke with Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups! Show Notes: https://securityweekly.com/esw248 Visit https://securityweekly.com/extrahop to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jamie Moles, Senior Technical Marketing Manager at ExtraHop, to discuss Decrypt As If Your Security Depends On It! In the Enterprise Security News, Devo, Dragos, Cato Networks and Aura have all announced $200m or larger funding rounds, TransUnion acquires Sontiq for $638m, Summit Partners acquires Invicti for $625m, Privacy engineering startup Piiano emerges, from stealth mode, Will cybersecurity funding top $20bn for 2021, New US spyware export rules, and a silicon valley entrepreneur wants to scan your eyes! In the final segment, we spoke with Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups! Show Notes: https://securityweekly.com/esw248 Visit https://securityweekly.com/extrahop to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Sven will talk about GraphQL APIs. He is going to show common issues that arise from its usage and how to attack GraphQL applications. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw714
Sven will talk about GraphQL APIs. He is going to show common issues that arise from its usage and how to attack GraphQL applications. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw714
This week, we kick off the show with an interview featuring Zach Wasserman, CTO & Co-Founder of Fleet, who joins us to discuss Open Source Endpoint Security with OSquery & Fleet! Then, Sven Morgenroth, Security Researcher at Invicti, joins us for a technical segment on GraphQL!! In the Security News: Following the ransomware money, the Mystery Snail, school cybersecurity is the law, sue anyone, just not security researchers, "hacking" a flight school,, refusing bug bounties in favor of disclosure, Apple still treats researchers like dog poo, prosecuting people for reading HTML, giving up on security and a high school hacking prank that never wants to give you up and won't let you down! Show Notes: https://securityweekly.com/psw714 Segment Resources: Visit https://securityweekly.com/invicti to learn more about them! https://osquery.io https://fleetdm.com Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we kick off the show with an interview featuring Zach Wasserman, CTO & Co-Founder of Fleet, who joins us to discuss Open Source Endpoint Security with OSquery & Fleet! Then, Sven Morgenroth, Security Researcher at Invicti, joins us for a technical segment on GraphQL!! In the Security News: Following the ransomware money, the Mystery Snail, school cybersecurity is the law, sue anyone, just not security researchers, "hacking" a flight school,, refusing bug bounties in favor of disclosure, Apple still treats researchers like dog poo, prosecuting people for reading HTML, giving up on security and a high school hacking prank that never wants to give you up and won't let you down! Show Notes: https://securityweekly.com/psw714 Segment Resources: Visit https://securityweekly.com/invicti to learn more about them! https://osquery.io https://fleetdm.com Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Large organizations develop hundreds of new web applications every year. Some of those deployments are lost in time, and others go wild with high severity vulnerabilities. Forgotten and outdated web applications are a common culprit of successful hack attacks. What can you do to protect your organization? Let's talk about the first step to securing web applications - continuous web asset discovery. Segment Resources: https://www.acunetix.com/blog/docs/benefits-of-web-asset-discovery/ https://www.netsparker.com/features/continous-web-asset-discovery-engine/ This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw242
Large organizations develop hundreds of new web applications every year. Some of those deployments are lost in time, and others go wild with high severity vulnerabilities. Forgotten and outdated web applications are a common culprit of successful hack attacks. What can you do to protect your organization? Let's talk about the first step to securing web applications - continuous web asset discovery. Segment Resources: https://www.acunetix.com/blog/docs/benefits-of-web-asset-discovery/ https://www.netsparker.com/features/continous-web-asset-discovery-engine/ This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw242
Shifting security left is good - but it's an incomplete strategy that often leads to a false sense of security. In this segment, Sonali will discuss how organizations can reduce their risk of breach by embracing the modern AppSec techniques, that will allow development, operations and security teams to work together in order to efficiently and effectively secure all of their applications. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw707
Shifting security left is good - but it's an incomplete strategy that often leads to a false sense of security. In this segment, Sonali will discuss how organizations can reduce their risk of breach by embracing the modern AppSec techniques, that will allow development, operations and security teams to work together in order to efficiently and effectively secure all of their applications. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw707
From call center worker, to coach & trainer, to channel enabler - and now heading up the sales enablement team at Invicti, Spenser says his current role is the best he's ever had. His team motto is ‘we build roads to success', and that extends beyond the sales function. Spenser says: “I very intentionally try to call the department that I run the enablement department rather than sales enablement, because we're here to help the entire revenue organisation and anyone that interacts with customers.” Hear more about this - and his predictions for enablement over the coming year, and more - in this episode of Sales Enablement Innovation.
This week, in our first segment, we welcome Ed Rossi, Vice President of Product Management, Asset Inventory & Discovery at Qualys, to talk about Reinventing Asset Inventory for Security! Then, in the Enterprise News, SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks, Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection, Microsoft puts PCs in the cloud with Windows 365, some funding and acquisition updates from Sysdig, AttackIQ, Stytch, SentinelOne, & more! Finally, we wrap up the show with two micro interviews from RSAC2021 featuring Mark Ralls from Acunetix by Invicti, and Wayne Haber from GitLab! Show Notes: https://securityweekly.com/esw235 Segment Resources: CSAM free trial: https://www.qualys.com/forms/cybersecurity-asset-management/ CSAM video overview: https://vimeo.com/551723071 Webpage: https://www.qualys.com/apps/cybersecurity-asset-management/ Visit https://securityweekly.com/qualys to learn more about them! Visit https://securityweekly.com/acunetix to learn more about them! Visit https://securityweekly.com/gitlab to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, in our first segment, we welcome Ed Rossi, Vice President of Product Management, Asset Inventory & Discovery at Qualys, to talk about Reinventing Asset Inventory for Security! Then, in the Enterprise News, SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks, Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection, Microsoft puts PCs in the cloud with Windows 365, some funding and acquisition updates from Sysdig, AttackIQ, Stytch, SentinelOne, & more! Finally, we wrap up the show with two micro interviews from RSAC2021 featuring Mark Ralls from Acunetix by Invicti, and Wayne Haber from GitLab! Show Notes: https://securityweekly.com/esw235 Segment Resources: CSAM free trial: https://www.qualys.com/forms/cybersecurity-asset-management/ CSAM video overview: https://vimeo.com/551723071 Webpage: https://www.qualys.com/apps/cybersecurity-asset-management/ Visit https://securityweekly.com/qualys to learn more about them! Visit https://securityweekly.com/acunetix to learn more about them! Visit https://securityweekly.com/gitlab to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly