For the latest in computer security news, hacking, and research! We sit around, drink beer, and talk security. Our show will feature technical segments that show you how to use the latest tools and techniques. Special guests appear on the show to enlighten us and change your perspective on information security.
A look at the current state of enterprise security solutions, including new products, features and industry reporting. Hosted by Paul Asadoorian and John Strand.
Security news, interviews, how-to technical segments. For security professionals by security professionals. We Hack Naked.
The straight up security news in 20 minutes or less! Links to all news articles are included here.
Security news, interviews, how-to technical segments. For security professionals by security professionals. We Hack Naked.
A look at the current state of enterprise security solutions, including new products, features and industry reporting. Hosted by Paul Asadoorian, Matt Alderman and John Strand.
The straight up security news in 20 minutes or less! Get the latest reports on breaches, security research, new vulnerabilities and more!
If you’re looking to understand the business of security, then Business Security Weekly is your show! Matt and Paul cover security for senior managers and executives, including business challenges, leadership, and communications! Our special guests provide unique perspectives on real problems and solutions to help organizations secure their environments effectively. Learn how to build your security program, solve real problems, learn leadership skills and so much more!
The latest in computer security news, hacking, and research! We sit around, drink beer, and talk security. Note: This is only Paul's Security Weekly, recording once per week and typically 2 hour shows.
A
Application Security Weekly (Audio)


1
Application Security Weekly (Audio)
Mike Shema, John Kinsella, Matt Alderman - Security Weekly
Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application ...
Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application ...
If you’re looking to understand the business of security, then Business Security Weekly is your show! Matt, Jason, and Paul cover security for senior managers and executives, including business challenges, leadership, and communications! Our special guests provide unique perspectives on real problems and solutions to help organizations secure their environments effectively. Learn how to build your security program, solve real problems, learn leadership skills and so much more!
Geeks Kickin' Ash! Tune into the Stogie Geeks show for interviews, cigar reviews, and how-to segments!
Want to learn about all of the latest security tools and techniques? This is the show for you! We show you how to install, configure and use a wide variety of security tools for both offense and defense. Whether you are a penetration tester or defending enterprise networks, this show will help you
Want to learn about all of the latest security tools and techniques? This is the show for you! We show you how to install, configure and use a wide variety of security tools for both offense and defense. Whether you are a penetration tester or defending enterprise networks, this show will help you
Are you overwhelmed by all of the "cyber" security threats and potential solutions? Learn how to protect yourself and all of your devices from evil hackers, viruses, ransomware, fraud, account hijacking and more! Let us be your guide to security and privacy online. We’ll help you understand how attackers are bypassing security and practical ways to protect yourself online. Whether you are a seasoned technology geek, or just had your first experience with a virus on your PC, this podcast is f ...
The show all about cigars and cigar smoking! Cigar reviews, including every price range, from new to vintage. Paul and Joe Hozempa talk about the latest cigar news, cigars we've smoked, and how-to segments. Its all about cigars! Geeks Kickin' Ash!
The Social-Engineer Podcast is about humans. Understanding how we interact, communicate and relay information can help us protect, mitigate and understand social engineering attacks
Are you overwhelmed by all of the "cyber" security threats and potential solutions? Learn how to protect yourself and all of your devices from evil hackers, viruses, ransomware, fraud, account hijacking and more! Let us be your guide to security and privacy online. We’ll help you understand how attackers are bypassing security and practical ways to protect yourself online. Whether you are a seasoned technology geek, or just had your first experience with a virus on your PC, this podcast is f ...
G
Getting the Real Work Done in Cybersecurity (Video)


1
Getting the Real Work Done in Cybersecurity (Video)
Security Weekly
Join an all-star cast — including Dan DeCloss and Shawn Scott from PlexTrac, Paul Asadoorian and Tyler Robinson from Security Weekly, and Bryson Bort from SCYTHE — for a podcast mini-series focused on getting the real work done in cybersecurity. These four episodes will consider the perspectives of red, blue, and purple teamers alike in tracking signal through the noise to identify and prioritize the right things. Additionally, we’ll show off how PlexTrac empowers all types of security pros ...
G
Getting the Real Work Done in Cybersecurity (Audio)


1
Getting the Real Work Done in Cybersecurity (Audio)
Security Weekly
Join an all-star cast — including Dan DeCloss and Shawn Scott from PlexTrac, Paul Asadoorian and Tyler Robinson from Security Weekly, and Bryson Bort from SCYTHE — for a podcast mini-series focused on getting the real work done in cybersecurity. These four episodes will consider the perspectives of red, blue, and purple teamers alike in tracking signal through the noise to identify and prioritize the right things. Additionally, we’ll show off how PlexTrac empowers all types of security pros ...
P
Paul's Security Weekly TV


1
Attack Surface Management & Experience in the Age of Security - ESW #279
27:48
27:48
Play later
Play later
Lists
Like
Liked
27:48
Over the past year, we’ve seen more buzz develop around attack surface management. In fact, major analyst firms Forrester and Gartner recently released research about this topic. But what exactly is it? In this segment, join Mark St. John, LookingGlass’s SVP of Product, to learn more about how to define your attack surface, how to manage it, and ho…
P
Paul's Security Weekly TV


1
“The Road to Data Theft is Paved with Identities” - Len Noe - ESW #279
45:22
45:22
Play later
Play later
Lists
Like
Liked
45:22
Extortion, business disruption, and monumental payouts. We’ll cover trends in attacker “innovation” and role of identities and credentials. This segment is sponsored by CyberArk. Visit https://securityweekly.com/cyberark to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekl…
E
Enterprise Security Weekly (Video)


1
Attack Surface Management & Experience in the Age of Security - ESW #279
27:48
27:48
Play later
Play later
Lists
Like
Liked
27:48
Over the past year, we’ve seen more buzz develop around attack surface management. In fact, major analyst firms Forrester and Gartner recently released research about this topic. But what exactly is it? In this segment, join Mark St. John, LookingGlass’s SVP of Product, to learn more about how to define your attack surface, how to manage it, and ho…
P
Paul's Security Weekly TV


1
What's New With PCI v4.0 - Jeff Man - ESW #279
45:02
45:02
Play later
Play later
Lists
Like
Liked
45:02
PCI DSS v4.0 was released on March 31st, 2022 and we've got Jeff Man joining us today to discuss some of the more notable changes that folks should be aware of. Some great resources from Jeff and his employer on PCI 4.0: https://info.obsglobal.com/pci-4.0-resources And the PCI Council's own summary of changes between PCI 3.2.1 and 4.0: https://secu…
S
Security Weekly News (Video)


1
Ant-Man, IOT APTs, Open Sea, Microsoft, Jenkins, SFC, & Zuo Rat - Wrap Up - SWN #221
28:53
28:53
Play later
Play later
Lists
Like
Liked
28:53
This week in the Security News Dr. Doug talks: Ant-Man Anal Attack, IOTAPTs, OpenSea, Microsoft, Jenkins, SFC, and Zuorat, as well as all the show Wrap Ups from this week! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn221
E
Enterprise Security Weekly (Video)


1
“The Road to Data Theft is Paved with Identities” - Len Noe - ESW #279
45:22
45:22
Play later
Play later
Lists
Like
Liked
45:22
Extortion, business disruption, and monumental payouts. We’ll cover trends in attacker “innovation” and role of identities and credentials. This segment is sponsored by CyberArk. Visit https://securityweekly.com/cyberark to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekl…
P
Paul's Security Weekly TV


Veteran cybersecurity journalist and author Joseph Menn, now at the Washington Post, talks about his books and the best reporting on hacking and defense today. Since he began writing on the subject in 1999, Menn has broken some of the biggest stories in the industry and written two of most widely read books in the Cybersecurity Canon. Segment Resou…
P
Paul's Security Weekly TV


1
Destructive Firmware, Keys to the Kingdom, the Device Level, & 5 CyberSec Myths - PSW #746
1:59:38
1:59:38
Play later
Play later
Lists
Like
Liked
1:59:38
In the Security News for this week: ICS training bill, 5 myths, VoIP devices and ransomware, miracle exploits, UnRAR and Zimbra, guess what the most common weakness is, security at the device level is NOT simple, keys to the kingdom, and HP says Destructive firmware attacks pose a significant threat to businesses! Visit https://www.securityweekly.c…
E
Enterprise Security Weekly (Video)


1
What's New With PCI v4.0 - Jeff Man - ESW #279
45:02
45:02
Play later
Play later
Lists
Like
Liked
45:02
PCI DSS v4.0 was released on March 31st, 2022 and we've got Jeff Man joining us today to discuss some of the more notable changes that folks should be aware of. Some great resources from Jeff and his employer on PCI 4.0: https://info.obsglobal.com/pci-4.0-resources And the PCI Council's own summary of changes between PCI 3.2.1 and 4.0: https://secu…
P
Paul's Security Weekly (Video-Only)


1
Destructive Firmware, Keys to the Kingdom, the Device Level, & 5 CyberSec Myths - PSW #746
1:59:38
1:59:38
Play later
Play later
Lists
Like
Liked
1:59:38
In the Security News for this week: ICS training bill, 5 myths, VoIP devices and ransomware, miracle exploits, UnRAR and Zimbra, guess what the most common weakness is, security at the device level is NOT simple, keys to the kingdom, and HP says Destructive firmware attacks pose a significant threat to businesses! Visit https://www.securityweekly.c…
P
Paul's Security Weekly (Video-Only)


Veteran cybersecurity journalist and author Joseph Menn, now at the Washington Post, talks about his books and the best reporting on hacking and defense today. Since he began writing on the subject in 1999, Menn has broken some of the biggest stories in the industry and written two of most widely read books in the Cybersecurity Canon. Segment Resou…
S
Security Weekly News (Video)


1
AI, Kubernetes, Skimming, US Law, OpenSSL, & Alexa - SWN #220
29:05
29:05
Play later
Play later
Lists
Like
Liked
29:05
This week, Dr. Doug talks: AI, Kubernetes, Skimming, US Law, OpenSSL, the expert commentary of Jason Wood & more on the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn220
P
Paul's Security Weekly TV


1
Security Consolidation & Beyond the CyberSec Motions - Malcolm Harkins, Paul McKay - BSW #267
32:07
32:07
Play later
Play later
Lists
Like
Liked
32:07
There was a time when the perceived wisdom was to buy best of breed security technologies and that would do for your security program. Trouble of is, none of it integrates with each other or your wider IT. With budgets getting tighter, security pros are being asked to look again at big portfolio security providers and work out whether they can use …
P
Paul's Security Weekly TV


1
The VC Perspective: Embracing Uncertainty & Staying the Course - Alberto Yépez - BSW #267
38:48
38:48
Play later
Play later
Lists
Like
Liked
38:48
Forgepoint Capital’s Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are…
B
Business Security Weekly (Video)


1
Security Consolidation & Beyond the CyberSec Motions - Malcolm Harkins, Paul McKay - BSW #267
32:07
32:07
Play later
Play later
Lists
Like
Liked
32:07
There was a time when the perceived wisdom was to buy best of breed security technologies and that would do for your security program. Trouble of is, none of it integrates with each other or your wider IT. With budgets getting tighter, security pros are being asked to look again at big portfolio security providers and work out whether they can use …
A
Application Security Weekly (Video)


1
More Fuzzing, a Decade of OT Security, & Top Threats to Cloud Computing - ASW #202
37:58
37:58
Play later
Play later
Lists
Like
Liked
37:58
This week in the AppSec News: Lessons learned from fuzzing, OT:ICEFALL report on insecure designs, CSA's Top Threats to Cloud Computing, Twitter apologizes for misusing data collection, & State of Open Source Security report! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw202…
P
Paul's Security Weekly TV


1
More Fuzzing, a Decade of OT Security, & Top Threats to Cloud Computing - ASW #202
37:58
37:58
Play later
Play later
Lists
Like
Liked
37:58
This week in the AppSec News: Lessons learned from fuzzing, OT:ICEFALL report on insecure designs, CSA's Top Threats to Cloud Computing, Twitter apologizes for misusing data collection, & State of Open Source Security report! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw202…
A
Application Security Weekly (Video)


1
How GraphQL & Template Injection Threats Influence App Architectures - Mike Benjamin - ASW #202
37:21
37:21
Play later
Play later
Lists
Like
Liked
37:21
Both GraphQL and template engines have the potential for injection attacks, from potentially exposing data due to weak authorization in APIs to the slew of OGNL-related vulns in Java this past year. We take a look at both of these technologies in order to understand the similarities in what could go wrong, while also examining the differences in ho…
P
Paul's Security Weekly TV


1
How GraphQL & Template Injection Threats Influence App Architectures - Mike Benjamin - ASW #202
37:21
37:21
Play later
Play later
Lists
Like
Liked
37:21
Both GraphQL and template engines have the potential for injection attacks, from potentially exposing data due to weak authorization in APIs to the slew of OGNL-related vulns in Java this past year. We take a look at both of these technologies in order to understand the similarities in what could go wrong, while also examining the differences in ho…
B
Business Security Weekly (Video)


1
The VC Perspective: Embracing Uncertainty & Staying the Course - Alberto Yépez - BSW #267
38:48
38:48
Play later
Play later
Lists
Like
Liked
38:48
Forgepoint Capital’s Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are…
P
Paul's Security Weekly TV


1
Stopping Phishing Attacks & A Fresh Approach to Reducing Cyber Risk - Chris Cleveland, Mehul Revankar - ESW #278
32:43
32:43
Play later
Play later
Lists
Like
Liked
32:43
PIXM stops phishing attacks at point of click with computer vision in the browser, protecting users from phishing beyond the mailbox in any application. With the launch of PIXM Mobile, PIXM is now delivering this capability on iPhones as well as desktop devices. Segment Resources: https://pixmsecurity.com/mobile/ This segment is sponsored by Pixm. …
P
Paul's Security Weekly TV


1
IBM Acquires Randori, Quantum Devices, Microsoft Defender, & RapidFort - ESW #278
40:29
40:29
Play later
Play later
Lists
Like
Liked
40:29
Then, in the enterprise security news, CyberInt raises $28M for attack surface detection, RapidFort raises $8.5M for… pre-attack surface detection? Managing and monitoring your quantum devices? Making sure you don’t lose access to your crypto wallets, IBM acquires Randori, Contrast Security makes some of their tools free, Rumble adds more interesti…
E
Enterprise Security Weekly (Video)


1
Stopping Phishing Attacks & A Fresh Approach to Reducing Cyber Risk - Chris Cleveland, Mehul Revankar - ESW #278
32:43
32:43
Play later
Play later
Lists
Like
Liked
32:43
PIXM stops phishing attacks at point of click with computer vision in the browser, protecting users from phishing beyond the mailbox in any application. With the launch of PIXM Mobile, PIXM is now delivering this capability on iPhones as well as desktop devices. Segment Resources: https://pixmsecurity.com/mobile/ This segment is sponsored by Pixm. …
P
Paul's Security Weekly TV


1
Plastic Bags, NSA Playsets, Megs Insecure, PHP Strikes Back, & Gamification - PSW #745
1:57:23
1:57:23
Play later
Play later
Lists
Like
Liked
1:57:23
In the Security News for this week: appliances with holes, gamification and its pitfalls, false rocket sirens, PHP strikes again, new laws we may actually agree with, hacking jacuzzis, Icefall and the state of ICS security, Adobe is blocking anti-virus, Mega is Mega insecure, Microcorruption CTF and DIY NSA playset! Visit https://www.securityweekly…
P
Paul's Security Weekly TV


1
Breaking Through Vendor Barriers: Product Data as a Service - Tim Morris - ESW #278
41:22
41:22
Play later
Play later
Lists
Like
Liked
41:22
Introducing the concept of Tanium Data as a Service. When you've got a product like Tanium, that collects so much useful data - why would you want to keep it within Tanium? The 'Data-as-a-Service' model aims to increase the value of the Tanium product by safely sharing its data with other teams, tools, and groups within a customer's organization. T…