Podcast appearances and mentions of paul asadoorian

Recently, I had the pleasure of chatting with Paul Asadoorian, Principal Security Researcher at Eclypsium and the host of the legendary Paul's Security Weekly podcast. Our conversation dove into the often-murky waters of embedded systems and the Internet of Things (IoT), sparked by a specific vulnerability discussion on Paul's show concerning reference code for the popular ESP32 microcontroller. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-05-embedded-security-with-paul-asadoorian/

Episode 76. Join us on this episode of All Quiet on the Second Front as guest host Enrique Oti welcomes Paul Asadoorian, Principal Security Researcher at Eclypsium. During this episode, they dive into the often overlooked world of firmware security, exploring how vulnerabilities at this foundational level pose significant risks not just to our military and national security, but also to healthcare, food supply chains, and more. Discover how Paul's work seeks to transform the precarious nature of trust in our digital components into a more secure reality, ensuring the integrity of the devices we depend on every day.What's happening on the Second Front: Firmware security risks and vulnerabilitiesTransforming false trust into true securityBalancing and operationalizing security & complianceConnect with Paul:LinkedIn: Paul AsadoorianConnect with Enrique: LinkedIn: Enrique Oti

Howdy, y'all, and welcome to The Cyber Ranch Podcast!  Our guest is Michael Santarcangelo, Founder and President at Security Catalyst.  He's a former podcaster – co-creator of Business Security Weekly, he even did a stint on Down the Security Rabbit Hole with Raf and James.  True fact, hearing Santa (as his friends call him) and Paul Asadoorian on Business Security Weekly is what inspired Allan to become a podcaster in the first place!  But "Santa" (as his friends call him) has done the practitioner and the leader things as well, and got his start way back on the Global Security Team at Andersen Consulting… Santa joins Drew and Allan to discuss effective communication… The communication problem we're trying to solve is not the one we think it is! “Communicating the value of cybersecurity” - What doe that mean really? Clarity vs. Communication, Message received and understood...  It's clarity of thinking, action, and outcomes that create the ability to communicate effectively. If that is the case, then what matters is how do OTHERS measure our success and how is that aligned or not with our own perceptions? How do we measure success in communication?   Is is how they measure it? What is the goal of communication? (And why do we say that instead of ‘the goal of good communication'? How do we get perspectives?  (We ask). Y'all be good now!  

Check out this interview from the PSW Vault, hand picked by main host Paul Asadoorian! This segment was originally published on February 4, 2013. Dr. Spafford is one of the senior, most recognized leaders in the field of computing. He has an on-going record of accomplishment as a senior advisor and consultant on issues of security and intelligence, education, cybercrime and computing policy to a number of major companies, law enforcement organizations, academic and government agencies... [With] over three decades of experience as a researcher and instructor, Professor Spafford has worked in software engineering, reliable distributed computing, host and network security, digital forensics, computing policy, and computing curriculum design. Dr. Spafford is a professor with an appointment in Computer Science at Purdue University, where he has been a member of the faculty since 1987. Spaf's new book, Cybersecurity Myths and Misperceptions, is available at https://informit.com/cybermyths  Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/vault-psw-4 

Check out this interview from the PSW Vault, hand picked by main host Paul Asadoorian! This segment was originally published on February 4, 2013. Dr. Spafford is one of the senior, most recognized leaders in the field of computing. He has an on-going record of accomplishment as a senior advisor and consultant on issues of security and intelligence, education, cybercrime and computing policy to a number of major companies, law enforcement organizations, academic and government agencies... [With] over three decades of experience as a researcher and instructor, Professor Spafford has worked in software engineering, reliable distributed computing, host and network security, digital forensics, computing policy, and computing curriculum design. Dr. Spafford is a professor with an appointment in Computer Science at Purdue University, where he has been a member of the faculty since 1987.   Spaf's new book, Cybersecurity Myths and Misperceptions, is available at https://informit.com/cybermyths  Show Notes: https://securityweekly.com/vault-psw-4 

Check out this interview from the PSW Vault, hand picked by main host Paul Asadoorian! This segment was originally published on February 4, 2013. Dr. Spafford is one of the senior, most recognized leaders in the field of computing. He has an on-going record of accomplishment as a senior advisor and consultant on issues of security and intelligence, education, cybercrime and computing policy to a number of major companies, law enforcement organizations, academic and government agencies... [With] over three decades of experience as a researcher and instructor, Professor Spafford has worked in software engineering, reliable distributed computing, host and network security, digital forensics, computing policy, and computing curriculum design. Dr. Spafford is a professor with an appointment in Computer Science at Purdue University, where he has been a member of the faculty since 1987. Spaf's new book, Cybersecurity Myths and Misperceptions, is available at https://informit.com/cybermyths  Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly  Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/vault-psw-4 

Check out this interview from the PSW Vault, hand picked by main host Paul Asadoorian! This segment was originally published on February 4, 2013. Dr. Spafford is one of the senior, most recognized leaders in the field of computing. He has an on-going record of accomplishment as a senior advisor and consultant on issues of security and intelligence, education, cybercrime and computing policy to a number of major companies, law enforcement organizations, academic and government agencies... [With] over three decades of experience as a researcher and instructor, Professor Spafford has worked in software engineering, reliable distributed computing, host and network security, digital forensics, computing policy, and computing curriculum design. Dr. Spafford is a professor with an appointment in Computer Science at Purdue University, where he has been a member of the faculty since 1987.   Spaf's new book, Cybersecurity Myths and Misperceptions, is available at https://informit.com/cybermyths  Show Notes: https://securityweekly.com/vault-psw-4 

Paul Asadoorian, OG security podcaster and host of the popular Paul's Security Weekly podcast, joins us in this episode to talk about his career as one of the original security podcasters. Paul's been podcasting for more than 17 years! Paul also shares with us some of his greatest hacking stories and don't miss our lively […] The post Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian appeared first on Shared Security Podcast.

Check out this interview from the PSW VAULT, hand picked by main host Paul Asadoorian! This segment was originally published on April 9, 2013.   Bill Cheswick logged into his first computer in 1968. Seven years later, he was graduated from Lehigh University in 1975 with a degree resembling Computer Science. Ches has worked on (and against) operating system security for over 35 years. He is probably best known for "Firewalls and Internet Security; Repelling the Wily Hacker", co-authored with Steve Bellovin, which help train the first generation of Internet security experts.    Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/vault-psw-2 

Check out this interview from the PSW VAULT, hand picked by main host Paul Asadoorian! This segment was originally published on April 9, 2013.   Bill Cheswick logged into his first computer in 1968. Seven years later, he was graduated from Lehigh University in 1975 with a degree resembling Computer Science. Ches has worked on (and against) operating system security for over 35 years. He is probably best known for "Firewalls and Internet Security; Repelling the Wily Hacker", co-authored with Steve Bellovin, which help train the first generation of Internet security experts.    Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/vault-psw-2 

Check out this interview from the PSW VAULT, hand picked by main host Paul Asadoorian! This segment was originally published on April 9, 2013.   Bill Cheswick logged into his first computer in 1968. Seven years later, he was graduated from Lehigh University in 1975 with a degree resembling Computer Science. Ches has worked on (and against) operating system security for over 35 years. He is probably best known for "Firewalls and Internet Security; Repelling the Wily Hacker", co-authored with Steve Bellovin, which help train the first generation of Internet security experts.    Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/vault-psw-2 

Check out this interview from the PSW VAULT, hand picked by main host Paul Asadoorian! This segment was originally published on April 9, 2013.   Bill Cheswick logged into his first computer in 1968. Seven years later, he was graduated from Lehigh University in 1975 with a degree resembling Computer Science. Ches has worked on (and against) operating system security for over 35 years. He is probably best known for "Firewalls and Internet Security; Repelling the Wily Hacker", co-authored with Steve Bellovin, which help train the first generation of Internet security experts.    Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/vault-psw-2 

Check out this interview from the PSW VAULT, hand picked by main host Paul Asadoorian! This segment was originally published on October 18, 2015. L0pht Heavy Industries was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area. We learn about the history of the L0pht and the future.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/vault-psw-1

Check out this interview from the PSW VAULT, hand picked by main host Paul Asadoorian! This segment was originally published on October 18, 2015. L0pht Heavy Industries was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area. We learn about the history of the L0pht and the future.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/vault-psw-1

Check out this interview from the PSW VAULT, hand picked by main host Paul Asadoorian! This segment was originally published on October 18, 2015. L0pht Heavy Industries was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area. We learn about the history of the L0pht and the future.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/vault-psw-1

Check out this interview from the PSW VAULT, hand picked by main host Paul Asadoorian! This segment was originally published on October 18, 2015. L0pht Heavy Industries was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area. We learn about the history of the L0pht and the future.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/vault-psw-1

We're aren't recording this holiday week, so enjoy this PSW throwback episode! Main host Paul Asadoorian selected this episode to share as it's still relevant to the hacker community today. PSW366 was recorded June of 2016 with Gary McGraw. 

We're aren't recording this holiday week, so enjoy this PSW throwback episode! Main host Paul Asadoorian selected this episode to share as it's still relevant to the hacker community today. PSW366 was recorded June of 2016 with Gary McGraw. 

On this week's Cyber Report, sponsored by Fortress Information Security, Jeff Man, who was one of the first group of “Red Team” hackers at the National Security Agency's “Pit” to improve US government security and is now a senior security consultant at IT services company Online Business Systems and the co-host of the Paul's Security Weekly podcast along with Paul Asadoorian, discusses lessons from his nearly 40-year career including what constitutes a hacker, how threats and defenses have changed over his career, the balance of power between attacks and defenders, training a new generation of talent, the right partnership between government and industry, the efficacy of a certification approach to security, the threat posed by social media sites like TikTok and more with Defense & Aerospace Report Editor Vago Muradian.

In Episode 25 of Tattoos, Code, and Data Flows, Matt Rose interviews , Paul Asadoorian, Firmware Security Evangelist at Eclypsium. Paul Asadoorian spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. He is the founder of the Security Weekly podcast network, offering freely available shows on the topics of information security and hacking. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones. Paul and Matt talk about: ↳ The lack of updates from firmware ↳ Building a management interface into your device ↳ Most common security issues with firmware ↳ Supply chain risk vs firmware risk And so much more. Be sure to listen to this episode, and so many of our other great episodes by hitting the follow button. Make sure to like and subscribe to the episode. We hope you enjoy it!

Podcast: Paul's Security Weekly (Podcast-Only) (LS 28 · TOP 10% what is this?)Episode: PSW #748 - Lesley CarhartPub date: 2022-07-22This week in our first segment, we are thrilled to welcome Lesley (@hacks4pancakes) back to the show! In this segment, we'll dig into some ICS security topics including some recent threats, monitoring ICS networks for security, incident response for ICS, and more! Then, in the Security News for this week: heat waves and outages, GPS trackers are vulnerable, cracks in the Linux firewall, bas password crackers, microcode decryptors, SATA antennas, Okta vulnerabilities not vulnerabilities, updates on former CIA agent and Vault 7 leaks, decompiler explorer, and Tuxedo brings to market a liquid cooled laptop, & more! Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!  https://securityweekly.com/psw748The podcast and artwork embedded on this page are from Paul Asadoorian, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

This week Paul Asadoorian joins me to explain vulnerabilities within our computer processors with potential solutions. Direct support for this podcast comes from our privacy services, online training, and new books for 2022: Extreme Privacy (4th Edition) and  Open Source Intelligence Techniques (9th Edition). More details can be found at IntelTechniques.com. Thank you for keeping this show ad-free and sponsor-free. Listen to PAST episodes at https://inteltechniques.com/podcast.html SHOW NOTES: INTRO: None NEWS & UPDATES: https://inteltechniques.com/tools/ https://inteltechniques.com/workbook.html https://unredactedmagazine.com/ PROCESSOR ATTACKS EXPLAINED: Paul Asadoorian https://twitter.com/securityweekly https://eclypsium.com/2022/07/26/firmware-security-realizations-part-1-secure-boot-and-dbx/ https://github.com/mjg59/mei-amt-check https://github.com/chipsec/chipsec.git https://github.com/intel/INTEL-SA-00075-Linux-Detection-And-Mitigation-Tools https://github.com/ptresearch/mmdetect https://github.com/corna/me_cleaner/ Free Guides: https://inteltechniques.com/links.html Affiliate Links: Extreme Privacy (4th): https://amzn.to/3D6aiXp ProtonMail: https://go.getproton.me/aff_c?offer_id=7&aff_id=1519 ProtonVPN: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=277 PIA Dedicated IP VPN: https://www.privateinternetaccess.com/ThePSOSHOW SimpleLogin Masked Email: https://simplelogin.io?slref=osint Silent Pocket Bags & Wallets: https://slnt.com/discount/IntelTechniques

In this episode, I talk with the founder of Security Weekly Podcast Paul Asadoorian and we discuss how he grew that into being a firmware security expert. We had a great conversation and I hope everyone enjoys it! If you enjoy the podcast please go leave a review on the platform you listen, like it & share the podcast. You can also follow the podcast on social media at the links below.Follow the Podcast on Social Media!Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcastPatreon: https://www.patreon.com/SecurityUnfilteredPodcastPaul's Links:https://www.linkedin.com/in/paulasadoorian/https://securityweekly.com/category-shows/paul-security-weekly/Content JefeA podcast that helps online business owners make better content and more money.Listen on: Apple Podcasts Spotify The Business SamuraiIf you enjoy the how-tos and behind the scenes of different businesses and industries.Listen on: Apple Podcasts SpotifySupport the show

This month, Chris Hadnagy and Ryan MacDougall are joined by Paul Asadoorian.  Paul is the founder of Security Weekly, a security podcast network. Paul spends time “in the trenches” coding in Python, testing security products and evaluating and implementing open-source software. Paul's career began by implementing security programs for a lottery company and then a large university. As Product Evangelist for Tenable Network Security, Paul also built a library of materials on the topic of vulnerability management. When not hacking IoT devices, web applications or Linux, Paul can be found researching his next set of headphones, devices for smoking meat, and e-bikes. November 15, 2021.  00:00 – Intro  Social-Engineer.com Managed Voice Phishing  Managed Email Phishing  Adversarial Simulations   Social-Engineer channel on SLACK  CLUTCH  innocentlivesfoundation.org  Human Behavior Conference  03:34 – Paul Asadoorian Intro  05:08 – How did you get started in infosec?  13:19 – When did you decide you were going to start a podcast?  24:26 – What have you learned from the guests you've had on your podcasts over all of these years?  27:00 – What is your perspective on the shifting of hacking culture in the community?  34:53 – What are the best qualities someone could have to be attractive to a potential employer in this industry?  37:14 – How do we get the younger generation to have the qualities we are not seeing?  41:38 – Who is your greatest mentor?  Laurie Baker  Stephen Northcutt @ SANS  Ed Skoudis @ SANS  46:00 – Book Recommendations  Code Girls The Phoenix Project The Unicorn Project Countdown to Zero Day The Cuckoo's Egg Cyberpunk 51:00 – Guest Wrap Up  https://securityweekly.com    www.twitter.com/securityweekly  53:31 – Outro  innocentlivesfoundation.org

In this segment Paul and Larry attempt to confirm or deny that Nzyme performs intelligent device fingerprinting and behavioral analytics to detect rogue actors. Classic signature-based detection methods are just too easy to circumvent in WiFi environments.   Show Notes: https://securityweekly.com/psw711 Visit https://www.securityweekly.com/psw for all the latest episodes!

In this segment Paul and Larry attempt to confirm or deny that Nzyme performs intelligent device fingerprinting and behavioral analytics to detect rogue actors. Classic signature-based detection methods are just too easy to circumvent in WiFi environments.   Show Notes: https://securityweekly.com/psw711 Visit https://www.securityweekly.com/psw for all the latest episodes!

This week on Privacy Please, Gabe, and I have on the OG in Security Podcasting and the Chief Innovation Officer at CyberRisk Alliance, Mr. Paul Asadoorian! Show highlights:We talk about a lot in this episode with a very wide range of topics ranging from security and podcasting to Wu-Tang for the kids. We cover Paul's story, where and when Security Weekly originally started, his progressions, challenges, company growth, mergers, data security and privacy shop talk, deep dark secrets, and much more! Link:https://www.linkedin.com/in/paulasadoorian/

This week in the Security News: Trust no one, its all about the information, so many Windows vulnerabilities and exploits, so. many., Saudi Aramco data for sale, Sequoia, a perfectly named Linux vulnerability, is Microsoft a national security threat?, Pegasus and clickless exploits for iOS, homoglyph domain takedowns, when DNS configuration goes wrong and a backdoor in your backdoor!Trust no one, its all about the information, so many Windows vulnerabilities and exploits, so. many., Saudi Aramco data for sale, Sequoia, a perfectly named Linux vulnerability, is Microsoft a national security threat?, Pegasus and clickless exploits for iOS, homoglyph domain takedowns, when DNS configuration goes wrong and a backdoor in your backdoor!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw703

CyberMarket.com is a marketplace where CyberSecurity Consultancies and clients can find each other. There is a growing trend where CyberSecurity Consultants recognize the gap between what they are worth to a consultancy as being sold out for a daily rate compared to what they get paid. There are a number of consultants who are leaving consultancies to start the next generation of independent / boutique consultancies but they don't have a sales pipeline and sales staff like their old consultancies do. CyberMarket.com is a place to help facilitate the sales pipeline for cybersecurity consultancies of various sizes. Segment Resources: https://www.cybermarket.com There is a blog at https://www.cybermarket.com/homes/blog where an article to help people to start up their own cybersecurity consultancy can be found.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw703

Safety in online dating spaces is an issue the dating industry has grappled with for some time; with the surge of dating app usage during the pandemic, the demand for dating apps to take responsibility and ensure safer online interactions is at an all-time high. RealMe is a technology platform that hopes to solve this problem on dating apps (and other online marketplaces) by providing in-app background checks that aggregate publicly available information on criminal records, sex offender status, personal reviews, and more.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw703

This week in the Security News: Trust no one, its all about the information, so many Windows vulnerabilities and exploits, so. many., Saudi Aramco data for sale, Sequoia, a perfectly named Linux vulnerability, is Microsoft a national security threat?, Pegasus and clickless exploits for iOS, homoglyph domain takedowns, when DNS configuration goes wrong and a backdoor in your backdoor!Trust no one, its all about the information, so many Windows vulnerabilities and exploits, so. many., Saudi Aramco data for sale, Sequoia, a perfectly named Linux vulnerability, is Microsoft a national security threat?, Pegasus and clickless exploits for iOS, homoglyph domain takedowns, when DNS configuration goes wrong and a backdoor in your backdoor!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw703

In the Enterprise News, SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks, Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection, Microsoft puts PCs in the cloud with Windows 365, some funding and acquisition updates from Sysdig, AttackIQ, Stytch, SentinelOne, & more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw235

Safety in online dating spaces is an issue the dating industry has grappled with for some time; with the surge of dating app usage during the pandemic, the demand for dating apps to take responsibility and ensure safer online interactions is at an all-time high. RealMe is a technology platform that hopes to solve this problem on dating apps (and other online marketplaces) by providing in-app background checks that aggregate publicly available information on criminal records, sex offender status, personal reviews, and more.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw703

CyberMarket.com is a marketplace where CyberSecurity Consultancies and clients can find each other. There is a growing trend where CyberSecurity Consultants recognize the gap between what they are worth to a consultancy as being sold out for a daily rate compared to what they get paid. There are a number of consultants who are leaving consultancies to start the next generation of independent / boutique consultancies but they don't have a sales pipeline and sales staff like their old consultancies do. CyberMarket.com is a place to help facilitate the sales pipeline for cybersecurity consultancies of various sizes. Segment Resources: https://www.cybermarket.com There is a blog at https://www.cybermarket.com/homes/blog where an article to help people to start up their own cybersecurity consultancy can be found.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw703

Security teams relying on asset inventory from their IT counterparts can be a challenge due to a lack of security context for assets. This gap can lead to missed opportunities to identify and fix asset-centric issues like EOL or unauthorized software that they can address even before running their vulnerability management program. Ed will discuss the role asset inventory plays in your overall security strategy. This will include the importance of security context for IT assets, which teams benefit from the information, how to identify and assess the health of critical databases and how to effectively implement a cybersecurity asset management practice. Segment Resources: CSAM free trial: https://www.qualys.com/forms/cybersecurity-asset-management/ CSAM video overview: https://vimeo.com/551723071 Webpage: https://www.qualys.com/apps/cybersecurity-asset-management/   This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw235

In the Enterprise News, SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks, Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection, Microsoft puts PCs in the cloud with Windows 365, some funding and acquisition updates from Sysdig, AttackIQ, Stytch, SentinelOne, & more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw235

Security teams relying on asset inventory from their IT counterparts can be a challenge due to a lack of security context for assets. This gap can lead to missed opportunities to identify and fix asset-centric issues like EOL or unauthorized software that they can address even before running their vulnerability management program. Ed will discuss the role asset inventory plays in your overall security strategy. This will include the importance of security context for IT assets, which teams benefit from the information, how to identify and assess the health of critical databases and how to effectively implement a cybersecurity asset management practice. Segment Resources: CSAM free trial: https://www.qualys.com/forms/cybersecurity-asset-management/ CSAM video overview: https://vimeo.com/551723071 Webpage: https://www.qualys.com/apps/cybersecurity-asset-management/   This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw235  

Eclypsium researchers identified vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS. This disconnect impacted 129 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs. With cyber-attacks on the rise, firmware security, while often overlooked, might be the next battleground for attackers who continue to target enterprise VPNs and other network devices. Segment Resources: https://eclypsium.com/2021/06/24/biosdisconnect/   This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw702

In this segment of Paul's Security Weekly, Paul and crew interview Jack Rhysider about how he got his start in Information Security, the projects and careers he worked on over the years, and how he transitioned from a Network Security Engineer to the host of Darknet Diaries Podcast. Segment Resources: https://darknetdiaries.com/   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw702

This week, we kick off the show with an interview featuring Scott Scheferman, Principal Strategist at Eclypsium, to talk about The BIOS Disconnect and vulnerabilities affecting the BIOSConnect feature within the Dell Client BIOS! Next up, we welcome Jack Rhysider, Podcaster and Host of the Darknet Diaries Podcast, to discuss the The Journey from a Network Security Engineer to a Podcast Host! In the Security News, the White House Announces a Ransomware Task Force, how much money Microsoft has paid out to security researchers last year, Amazon rolls out encryption for Ring doorbells, how a backdoor in popular KiwiSDR product gave root to a project developer for years, Trickbot Malware Returns with a new VNC Module to Spy on its Victims, and some of the absolute funniest quotes about cyber security & tech in 2021!   Show Notes: https://securityweekly.com/psw702 Segment Resources: https://eclypsium.com/2021/06/24/biosdisconnect/ Visit https://securityweekly.com/eclypsium to learn more about them! https://darknetdiaries.com/   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

In this segment of Paul's Security Weekly, Paul and crew interview Jack Rhysider about how he got his start in Information Security, the projects and careers he worked on over the years, and how he transitioned from a Network Security Engineer to the host of Darknet Diaries Podcast. Segment Resources: https://darknetdiaries.com/   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw702

Eclypsium researchers identified vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS. This disconnect impacted 129 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs. With cyber-attacks on the rise, firmware security, while often overlooked, might be the next battleground for attackers who continue to target enterprise VPNs and other network devices. Segment Resources: https://eclypsium.com/2021/06/24/biosdisconnect/   This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw702

This week, we kick off the show with an interview featuring Scott Scheferman, Principal Strategist at Eclypsium, to talk about The BIOS Disconnect and vulnerabilities affecting the BIOSConnect feature within the Dell Client BIOS! Next up, we welcome Jack Rhysider, Podcaster and Host of the Darknet Diaries Podcast, to discuss the The Journey from a Network Security Engineer to a Podcast Host! In the Security News, the White House Announces a Ransomware Task Force, how much money Microsoft has paid out to security researchers last year, Amazon rolls out encryption for Ring doorbells, how a backdoor in popular KiwiSDR product gave root to a project developer for years, Trickbot Malware Returns with a new VNC Module to Spy on its Victims, and some of the absolute funniest quotes about cyber security & tech in 2021!   Show Notes: https://securityweekly.com/psw702 Segment Resources: https://eclypsium.com/2021/06/24/biosdisconnect/ Visit https://securityweekly.com/eclypsium to learn more about them! https://darknetdiaries.com/   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul Asadoorian is a security veteran that has spent time “in the trenches” implementing comprehensive security programs across a wide array of industries. A proven cybersecurity leader and innovator, Paul founded “Security Weekly” – a podcast network providing free knowledge for the entire security community to benefit from. As former Product Evangelist for Tenable, Paul built a library of materials on the topic of vulnerability management. He has also spent time as an instructor for The SANS Institute, an IANS faculty member and has presented at security conferences including RSA, Derbycon, BruCon, SOURCE Conference and more.I run into him at the bar, and we chat about his journey into cyber, the ability to deliver quality content to his audience while staying ahead of the game, his thoughts on vulnerability researchers, the public portrayal of hackers, and the one finding you'd see in a gap analysis of the entire cybersecurity industry.Tony the Bartender cranks up a “King's Jubilee”.Support the show (https://www.patreon.com/barcodepodcast)

Deep dive on the data broker industry, and how new threats are stemming from the widespread availability of employee/personal information publicly for sale at data broker websites.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw701

Deep dive on the data broker industry, and how new threats are stemming from the widespread availability of employee/personal information publicly for sale at data broker websites.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw701

Offensive Security expert Jim O'Gorman talks through his own career progression and training, revealing what it takes to be successful in infosec. He also covers key learning tracks and gives concrete examples of job roles available to those who prove themselves through industry certifications and other means.   This segment is sponsored by Offensive Security. Visit https://securityweekly.com/offSec to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw700

Offensive Security expert Jim O'Gorman talks through his own career progression and training, revealing what it takes to be successful in infosec. He also covers key learning tracks and gives concrete examples of job roles available to those who prove themselves through industry certifications and other means.   This segment is sponsored by Offensive Security. Visit https://securityweekly.com/offSec to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw700

In 2020, cyber criminals used cloud apps, the cover of a pandemic, and a newly embraced work-from-home culture to serve up ransomware, steal data, and disrupt how companies do business. The year is over, but the challenges and risks remain. In this interview featuring Cisco's Doni Brass, we lay out how companies and their IT teams can stave off threats in the cloud app discovery process, stop data from landing in the wrong hands, and identify and block cloud malware that can cost both time and treasure! Segment Resources: What attacks aren't you seeing? - https://learn-umbrella.cisco.com/ebook-library/what-attacks-arent-you-seeing?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy20-q3-content-ebook-what-cyber-attacks-arent-you-seeing The modern cybersecurity landscape: Scaling for threats in motion - https://learn-umbrella.cisco.com/technical-paper-library/the-modern-cybersecurity-landscape-scaling-for-threats-in-motion?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy21-q2-content-technical-papers-the-modern-cybersecurity-landscape Cloud Security Buyers Guide - https://learn-umbrella.cisco.com/ebook-library/cloud-security-buyers-guide?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy21-q2-content-ebook-cloud-security-buyers-guide   This segment is sponsored by Cisco Umbrella. Visit https://securityweekly.com/ciscoumbrella to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw232

In 2020, cyber criminals used cloud apps, the cover of a pandemic, and a newly embraced work-from-home culture to serve up ransomware, steal data, and disrupt how companies do business. The year is over, but the challenges and risks remain. In this interview featuring Cisco's Doni Brass, we lay out how companies and their IT teams can stave off threats in the cloud app discovery process, stop data from landing in the wrong hands, and identify and block cloud malware that can cost both time and treasure! Segment Resources: What attacks aren't you seeing? - https://learn-umbrella.cisco.com/ebook-library/what-attacks-arent-you-seeing?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy20-q3-content-ebook-what-cyber-attacks-arent-you-seeing The modern cybersecurity landscape: Scaling for threats in motion - https://learn-umbrella.cisco.com/technical-paper-library/the-modern-cybersecurity-landscape-scaling-for-threats-in-motion?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy21-q2-content-technical-papers-the-modern-cybersecurity-landscape Cloud Security Buyers Guide - https://learn-umbrella.cisco.com/ebook-library/cloud-security-buyers-guide?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy21-q2-content-ebook-cloud-security-buyers-guide   This segment is sponsored by Cisco Umbrella. Visit https://securityweekly.com/ciscoumbrella to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw232