DevOps, Privacy

Mad Skillz – PSW #645

This week, we welcome Matt Allen, Senior Solutions Engineer at VIAVI Solutions, to discuss Collaboration between NetOps and SecOps in today's world! In our second segment, we welcome Lorrie Cranor, Director of CyLab Security and Privacy Institute at Carnegie Mellon University, to discuss Research on Security and Privacy labels for IoT devices! In the Security News, Two Zoom Zero-Day Flaws Uncovered, Millions of routers running OpenWRT vulnerable to attack, Marriott says 5.2 million guest records were stolen in another data breach, PoC Exploits for CVE-2020-0796 (SMBGhost) Privilege Escalation flaw published, and we welcome our very special guest for tonight, Dave Kennedy, who joins us to talk about Video Chat Client Vulnerability History and the recent Zoom Vulnerabilities!

For more information on VIAVI Solutions, visit: https://securityweekly.com/viavi

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Collaboration Between NetOps and SecOps in Today’s World – Matt Allen – PSW #645

Matt and the Security Weekly crew will discuss how the interaction between network engineers and security operations has changed over the years, as well as the value of the network when identifying security threats and performing remediation.

For more information on VIAVI Solutions, visit: https://securityweekly.com/viavi

Guest

Matt Allen
Matt Allen
Senior Solutions Engineer at Viavi Solutions

Matt Allen is a Senior Solutions Engineer at VIAVI Solutions. Prior to his 8 years at VIAVI, Matt has garnered 20 years of experience in the network engineering and telecommunications space. He holds the following certifications: Amazon Cloud Practictioner, Microsoft Certified Solutions Expert, Cisco Certified Network Associate, Certified Novell Engineer, and most recently Certified Ethical Hacker.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Jeff Man
Jeff Man
Information Security Evangelist at Online Business Systems
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

2. IoT Devices: Security and Privacy Labels Research – Lorrie Cranor – PSW #645

At Carnegie Mellon University we are designing a usable security and privacy label for smart devices to help consumers make informed choices about Internet of Things device purchases and encourage manufacturers to disclose their privacy and security practices. The label includes information on privacy and security practices of the smart device, such as the type of data the device collects and whether or not the device gets automatic security updates. Based on research with both consumers and experts, we have designed a two-layer label that includes a simple, understandable primary layer for consumers and a more detailed secondary layer that includes information important to experts.

Guest

Lorrie Cranor
Lorrie Cranor
Director, CyLab Security and Privacy Institute at Carnegie Mellon University

Lorrie Faith Cranor is the Director and Bosch Distinguished Professor in Security and Privacy Technologies of CyLab and the FORE Systems Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University. She also directs the CyLab Usable Privacy and Security Laboratory (CUPS) and co-directs the MSIT-Privacy Engineering masters program.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Jeff Man
Jeff Man
Information Security Evangelist at Online Business Systems
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

3. Security News – To Zoom or Not to Zoom – PSW #645

This segment will largely focus on the recent Zoom vulnerabilities and the responses from security researchers, the security community and enterprises. Should you stop using Zoom? Tune in to find out! (Hint: Uhm, probably not).

Guest

David Kennedy
David Kennedy
CEO at TrustedSec

David Kennedy is founder of Binary Defense and TrustedSec. Both organizations focus on the betterment of the security industry. David also served as a board of director for the ISC2 organization. David was the former CSO for a Diebold Incorporated where he ran the entire INFOSEC program. David is a co-author of the book “Metasploit: The Penetration Testers Guide”, the creator of the Social-Engineer Toolkit (SET), Artillery, Unicorn, PenTesters Framework, and several popular open source tools. David has been interviewed by several news organizations including CNN, Fox News, MSNBC, CNBC, Katie Couric, and BBC World News. David is the co-host of the social-engineer podcast and on several additional podcasts. David has testified in front of Congress on two occasions on the security around government websites. David is one of the founding authors of the Penetration Testing Execution Standard (PTES); a framework designed to fix the penetration testing industry. David was the co-founder of DerbyCon, a large-scale conference started in Louisville, Kentucky. Prior to the private sector, David worked for the United States Marine Corps and deployed to Iraq twice for intelligence related missions.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Jeff Man
Jeff Man
Information Security Evangelist at Online Business Systems
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security
prestitial ad