Vulnerability management, Application security, Compliance, Remote access, Security awareness

Thunderstruck – PSW #655

This week, we welcome back Dan DeCloss, President and CEO of PlexTrac, to talk about Enhancing Vulnerability Management By Including Penetration Testing Results! In the Security News, Hospital-busting hacker crew may be behind ransomware attack that made Honda halt car factories, 3 common misconceptions about PCI compliance, SMBleed could allow a remote attacker to leak kernel memory, Kubernetes Falls to Cryptomining via Machine-Learning Framework, and The F-words hidden superpower: How Repeating it can increase your pain threshold! In our Final Segment, we air a Pre-Recorded Interview with Ben Mussler, Senior Security Researcher at Acunetix, discussing New Web Technology and its Impact on Automated Security Testing!

To learn more about PlexTrac, visit: https://securityweekly.com/plextrac

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Enhancing Vulnerability Management By Including Penetration Testing Results – Dan DeCloss – PSW #655

We’ll discuss how organizations can improve their vulnerability management life cycle and demo some quick ways to get started with vulnerability management and combining penetration test results. Then walking through the whole life cycle of a vulnerability.

To learn more about PlexTrac, visit: https://securityweekly.com/plextrac

Sponsored By

PlexTrac

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Guest

Dan DeCloss
Dan DeCloss
Founder / CEO & President at PlexTrac

Dan has over 15 years of experience in cybersecurity. Dan started his career in the Department of Defense and then moved on to consulting where he worked for various companies. Prior to PlexTrac, Dan was the Director of Cybersecurity for Scentsy where he and his team built the security program out of its infancy into a best-in-class program. Dan has a master’s degree in Computer Science from the Naval Postgraduate School with an emphasis in Information Security. Additionally, Dan holds the OSCP and CISSP certifications.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Jeff Man
Jeff Man
#HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Scott Lyons
Scott Lyons
CEO at Red Lion
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

2. OSS Vulnerabilities, UPnP Flaws, & 0-Days for Bad People – PSW #655

Hospital-busting hacker crew may be behind ransomware attack that made Honda halt car factories, 3 common misconceptions about PCI compliance, SMBleed could allow a remote attacker to leak kernel memory, Kubernetes Falls to Cryptomining via Machine-Learning Framework, and The F-words hidden superpower: How Repeating it can increase your pain threshold!

Announcements

  • Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Jeff Man
Jeff Man
#HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Scott Lyons
Scott Lyons
CEO at Red Lion
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

3. New Web Technology & Impact on Automated Security Testing – Benjamin Daniel Mussler – PSW #655

As web applications have evolved from static HTML pages into fully-fledged applications with a native feel to them, web browsers continue to provide developers with truly novel functionality. The resulting paradigm shift from merely rendering web pages to acting as an OS-agnostic abstraction layer poses unique challenges to everyone involved with web application security, including automated web application security scanning solutions.

Announcements

  • Join us June 29th for a webcast with Tyler Robinson and Beau Bullock to learn how to pivot into the world of Crypto security. Visit https://securityweekly.com/webcasts to register with only your name and email! Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

Benjamin Daniel Mussler
Benjamin Daniel Mussler
Senior Security Researcher at Acunetix

Web Application Security Researcher at Acunetix

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Matt Alderman
Matt Alderman
Executive Director at CyberRisk Alliance
Scott Lyons
Scott Lyons
CEO at Red Lion
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element
prestitial ad