最高の Network Security ポッドキャスト (2024)

1
Threat Modeling and Understanding Inherent Threats - Adam Shostack - ESW #359 44:34

4h ago44:34

44:34

This is a great interview with Adam Shostack on all things threat modeling. He's often the first name that pops into people's heads when threat modeling comes up, and has created or been involved with much of the foundational material around the subject. Adam recently released a whitepaper that focuses on and defines inherent threats. Resources: He…

1
TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland - SWN #381 38:11

6h ago38:11

38:11

TikTok, Flowmon, Arcane Door, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-381

1
4sight Roundup: News on 4-26-2024 - How We Treat Our Most Vulnerable Patient Populations 20:37

22h ago20:37

20:37

How We Treat Our Most Vulnerable Patient PopulationsDavid W. Johnson and Julie Murchinson break down two new reports on Medicaid disenrollment and health disparities and what we must do to address both chronic failures of the healthcare system on the new episode of the 4sight Health Roundup podcast, moderated by David Burda.Find all of our network …

1
Network Security News Summary for Friday April 26th, 2024 20:28

1d ago20:28

20:28

Honeypot Firewalls; Unplugging PlugX; pfsense and GitLab Updates; Blocking LOLBins @sans_edu Does it matter if iptables isn't running on my honeypot? https://isc.sans.edu/forums/diary/Does%20it%20matter%20if%20iptables%20isn't%20running%20on%20my%20honeypot%3F/30862/ Unplugging PlugX: Singholing the PlugX USB worm botnet https://blog.sekoia.io/unpl…

1
TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland - SWN #381 38:18

6h ago38:18

38:18

TikTok, Flowmon, Arcane Door, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-381

1
How GenAI Can Improve SecOps - Ely Kahn - ESW #359 30:18

16h ago30:18

30:18

We've talked about generative AI in a general sense on our podcast for years, but we haven't done many deep dives into specific security use cases. That ends with this interview, as we discuss how generative AI can improve SecOps with Ely Kahn. Some of the use cases are obvious, while others were a complete surprise to me. Check out this episode if…

1
Your TV Is Scanning You - PSW #826 1:50:13

1d ago1:50:13

1:50:13

This week the crew discusses: When TVs scan your network, bad things can happen, PuTTY is vulnerable, Crush FTP, vulnerabilities that will never be fixed, CVEs are for vulnerabilities silly, you can test for easily guessable passwords too, FlipperZero can steal all your passwords, more XZ style attacks, more reasons why you shouldn't use a smart lo…

1
Autonomous - I don't think that word means what you think it means - ESW #359 43:35

1d ago43:35

43:35

A clear pattern with startups getting funding this week are "autonomous" products and features. Automated detection engineering Autonomously map and predict malicious infrastructure ..."helps your workforce resolve their own security issues autonomously" automated remediation automated compliance management & reporting I'll believe it when I see it…

1
Advising The President On Cyber-Physical Resilience - Philip Venables - PSW #826 2:50:30

1d ago2:50:30

2:50:30

On February 27, 2024, PCAST (President’s Council of Advisors on Science and Technology) sent a report to the President with recommendations to bolster the resilience and adaptability of the nation’s cyber-physical infrastructure resources. Phil was part of the team that worked on the report and comes on the show to talk about what was recommended a…

1
Autonomous - I don't think that word means what you think it means - Adam Shostack, Ely Kahn - ESW #359 1:57:31

1d ago1:57:31

1:57:31

A clear pattern with startups getting funding this week are "autonomous" products and features. Automated detection engineering Autonomously map and predict malicious infrastructure ..."helps your workforce resolve their own security issues autonomously" automated remediation automated compliance management & reporting I'll believe it when I see it…

1
Network Security News Summary for Thursday April 25th, 2024 6:10

2d ago6:10

6:10

NVD API Updates; Cisco Patches and Backdoor; Keyboard App Vulns; node-mysql2 vulns; API Rug Pull - The NIST NVD Database and API https://isc.sans.edu/diary/API%20Rug%20Pull%20-%20The%20NIST%20NVD%20Database%20and%20API%20%28Part%204%20of%203%29/30868 Cisco Patches Vulnerabilities and Discovers Arcane Backdoor https://blog.talosintelligence.com/arca…

1
Advising The President On Cyber-Physical Resilience - Philip Venables - PSW #826 1:00:46

3d ago1:00:46

1:00:46

On February 27, 2024, PCAST (President’s Council of Advisors on Science and Technology) sent a report to the President with recommendations to bolster the resilience and adaptability of the nation’s cyber-physical infrastructure resources. Phil was part of the team that worked on the report and comes on the show to talk about what was recommended a…

1
Follow the Medical Record: Matt Wildman and Don discuss the show moving to MRO Exchange 18:06

3d ago18:06

18:06

During the final episode of Follow the Medical Record, host Don Hardwick interviews MRO's chief commercial officer, Matt Wildman, as they discuss MRO's evolution and transformation from a disclosure management company to a clinical data exchange industry leader. Together, they introduce MRO's newest show, The MRO Exchange: Connecting Healthcare Exe…

1
PayerTalkCE: Addressing Unmet Needs in AMD and DME 34:45

3d ago34:45

34:45

PayerTalkCE™ Presents: Addressing Unmet Needs in AMD and DMEListen in as host Dr. Steve Kheloussi (Highmark, Inc) and guest Dr. Jordan Graff (BDP Eye Center) discuss unmet needs in age-related macular degeneration (AMD) and diabetic macular edema (DME). Among other topics their conversation covers the challenges of patient compliance due to treatme…

1
Network Security News Summary for Wednesday April 24th, 2024 6:22

3d ago6:22

6:22

struts2 devmode scans; Russian PrinterNightmare; Exchange Server Fix; Flowmon Exploit; GuptiMiner; Struts2 devmode Still a Problem Ten Years Later https://isc.sans.edu/forums/diary/Struts%20%22devmode%22%3A%20Still%20a%20problem%20ten%20years%20later%3F/30866/ Analyzing Forest Blizard's Custom Post-Compromise Tool for exploiting CVE-2022-38028 http…

1
XZ & Open Source, PuTTY's Private Keys, LeakyCLI, LLMs Writing Exploits - ASW #282 38:28

3d ago38:28

38:28

CISA chimes in on the XZ Utils backdoor, PuTTY's private keys and maintaining a secure design, LeakyCLI and maintaining secure secrets in CSPs, LLMs and exploit generation, and more! Show Notes: https://securityweekly.com/asw-282

1
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland... - SWN #380 37:02

3d ago37:02

37:02

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-380

1
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland... - SWN #380 37:02

3d ago37:02

37:02

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-380

1
Sustainable Funding of Open Source Tools - Mark Curphey, Simon Bennetts - ASW #282 1:17:57

3d ago1:17:57

1:17:57

How can open source projects find a funding model that works for them? What are the implications with different sources of funding? Simon Bennetts talks about his stewardship of Zed Attack Proxy and its journey from OWASP to OpenSSF to an Open Source Fellowship with Crash Override. Mark Curphy adds how his experience with OWASP and the appsec commu…

1
Sustainable Funding of Open Source Tools - Simon Bennetts, Mark Curphey - ASW #282 39:29

3d ago39:29

39:29

How can open source projects find a funding model that works for them? What are the implications with different sources of funding? Simon Bennetts talks about his stewardship of Zed Attack Proxy and its journey from OWASP to OpenSSF to an Open Source Fellowship with Crash Override. Mark Curphy adds how his experience with OWASP and the appsec commu…

1
Unraveling the "Materiality" Mystery: A CISO's Guide to SEC Compliance - Mike Lyborg - BSW #347 29:45

4d ago29:45

29:45

The new SEC Cyber Security Rules require organizations to be ready to report cyber incidents. But what do you actually need to do? Mike Lyborg, Chief Information Security Officer at Swimlane, joins Business Security Weekly to discuss how to prepare. In this interview he'll discuss the key element of your preparation, including: Quantification Mater…

1
The Digital Patient: Aaron Miri, Chief Digital & Information Officer at Baptist Health 53:09

4d ago53:09

53:09

Host Dr. Joshua Liu, Co-founder & CEO of SeamlessMD, and marketing colleague, Alan Sardana, chat with Aaron Miri, Chief Digital & Information Officer at Baptist Health, about "Empowering Clinicians to Develop with Low-Code Tools, When It's Better to Partner with a Startup v. Rely on the EHR, Consolidating Tech Stack for Efficiency, and more."Find a…

1
What does DoD’s CMMC Requirement Mean for American Businesses - Edward Tuorinsky, Mike Lyborg - BSW #347 1:04:41

4d ago1:04:41

1:04:41

Since 2016, we been hearing about the impending impact of CMMC. But so far, it's only been words. That looks to be changing. Edward Tourinsky, Founder & Managing Principal at DTS, joins Business Security Weekly to discuss the coming impact of CMMC v3. Edward will cover: The background of CMMC Standardization of CMMC CMMC v3 changes and implementati…

1
What does DoD’s CMMC Requirement Mean for American Businesses - Edward Tuorinsky - BSW #347 35:07

4d ago35:07

35:07

Since 2016, we been hearing about the impending impact of CMMC. But so far, it's only been words. That looks to be changing. Edward Tourinsky, Founder & Managing Principal at DTS, joins Business Security Weekly to discuss the coming impact of CMMC v3. Edward will cover: The background of CMMC Standardization of CMMC CMMC v3 changes and implementati…

1
Network Security News Summary for Tuesday April 23th, 2024 6:06

4d ago6:06

6:06

Exposed ICS; Evil XDR; GitLab Comment Bug; Number of Industrial Devices Accessible From Internet Up 30 Thousand over three years https://isc.sans.edu/diary/It%20appears%20that%20the%20number%20of%20industrial%20devices%20accessible%20from%20the%20internet%20has%20risen%20by%2030%20thousand%20over%20the%20past%20three%20years/30860 Evil XDR: Turning…

1
Healthcare Rap: How VillageMD Connects Consumer Insights With Marketing 39:51

5d ago39:51

39:51

How VillageMD Connects Consumer Insights With MarketingEllen Donahue-Dalton, Chief Marketing Officer at VillageMD, speaks with Jared and guest co-host James Gardner about the connection between understanding consumers and marketing healthcare services to them. Along the way, she shares how she believes that younger consumers’ preferences for quick,…

1
Digital Health Talks: Giving Patients the Tools to Manage their Healthcare Experience 22:06

5d ago22:06

22:06

Giving Patients the Tools to Manage their Healthcare Experience: Insights from "Diagnosed"Host: Megan AntonelliGuest: Ed MarxEd Marx's insights from "Diagnosed" provide invaluable guidance for navigating the complexities of the healthcare system, empowering patients, caregivers, and healthcare leaders to drive meaningful change and improve the over…

1
Network Security News Summary for Monday April 22th, 2024 5:36

5d ago5:36

5:36

CVE Changes; CrushFTP 0-Day; GitHub Comment Bug; YubiKey Manager Bug; PAN GlobalProtect Update The CVE's They are A-Changing https://isc.sans.edu/diary/The%20CVE%27s%20They%20are%20A-Changing!/30850 CrushFTP 0-Day Vulnerability https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update https://www.reddit.com/r/crowdstrike/comments/1c88788/situationa…

聞く価値のあるポッドキャスト

ポッドキャスト Network Security

聞く価値のあるポッドキャスト

クイックリファレンスガイド