RSAC 2021 Subscribe

Incident Response, Application security, Identity

Recent Attacks Against Software Integrity – Ed Skoudis – RSA21 #4

May 20, 2021

Ed Skoudis joins us to discuss recent attacks against software integrity, including:

open source libraries
session tracking for single sign on
weak crypto
machine learning (ML) algorithms used to detect malware
ransomware attacks - how they are evolving

Full episode and show notes

Guest

Ed Skoudis

President of SANS Technology Institute, Director of Holiday Hack Challenge at SANS Institute & Counter Hack

http://counterhack.com/

Ed Skoudis has taught cyber incident response and advanced penetration testing techniques to more than 12,000 cybersecurity professionals. He is a SANS Faculty Fellow and the lead for the SANS Penetration Testing Curriculum. His courses distill the essence of real-world, front-line case studies he accumulates because he is consistently one of the first experts brought in to provide after-attack analysis on major breaches where credit card and other sensitive financial data is lost.

Host

Paul Asadoorian

Principal Security Evangelist at Eclypsium

https://securitypodcaster.com

Related

Managed Services

From Hackers to Streakers – How Counterintelligence Teams are Protecting the NFL – Joe McMann – ESW #358

April 18, 2024

Protecting a normal enterprise environment is already difficult. What must it be like protecting a sports team? From the stadium to merch sales to protecting team strategies and even the players - securing an professional sports team and its brand is a cybersecurity challenge on a whole different level. In this interview, we'll talk to Joe McMann ...

Tips for a Successful Cyber Resilience Program – Olusegun Opeyemi-Ajayi – CSP #169

April 9, 2024

The cybersecurity threat landscape is constantly evolving, and experience has shown that everyone and every organization is prone to being breached. How do you prepare for what seems inevitable? You assume breach and plan accordingly. Cyber resilience has become a top priority as organizations figure out how to build a network that can either conti...

Incident Response

What can we do today to prevent tomorrow’s breach? – Michael Mumcuoglu – ESW #352

March 7, 2024

Defenders spend a lot of time and money procuring and implementing security controls. At the heart of SecOps and the SOC are technologies like XDR, SIEM, and SOAR. How do we know these technologies are going to detect or prevent attacks? Wait for the annual pen test? Probably not a good idea. In this segment, we'll talk with Michael Mumcuoglu ab...