RSAC 2021

Phishing reports have become the standard for measuring security awareness, and yet breaches keep happening. Something is broken. Knowing how to recognize a phishing attempt is a tiny part of creating a security-focused culture and protecting your business from attacks. This segment is sponsored by...

With the SolarWinds attack, supply chain attacks have been in the spotlight. Alyssa Feola joins us to discuss Cyber Supply Chain Risk Management.

Of particular interest to me from our newly published “The Forrester Tech Tide™: Zero Trust Threat Detection And Response, Q2 2021” are what look like the final acts of several solutions once considered vital detection and response point products. While automated malware analysis (sandboxing) and ne...

Ed Skoudis joins us to discuss recent attacks against software integrity, including: - open source libraries - session tracking for single sign on - weak crypto - machine learning (ML) algorithms used to detect malware - ransomware attacks - how they are evolving

Prior to building a web security program, you have to have a plan. How does one create that plan? In this segment, Kevin will focus on some concrete steps to help you create an AppSec plan using a simple framework. This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparke...

Against the ubiquitous backdrop of Zero Trust initiatives, we have all come to accept the motto of "Verify, then trust". Yet, here we are building an entire stack of Zero Trust enabled technologies, upon a broken implicit-trust foundation. Nowhere is this risk more apparent, than at the device and f...

Organizations continue to struggle understanding what Zero Trust is, how they move towards it, and ultimately how they implement it. There's been a lot of co-opting of the term and practitioners are so tired of it and sometimes react in disgust or think that it's marketing noise. I'd like to talk ab...

Threat hunters are under increased pressure to rapidly analyze, classify, detect and respond to malicious files. ReversingLabs is stepping forward to address these needs with its new Malware Lab Solution. The ReversingLabs Malware Lab solution powers the next generation of threat hunting by deliveri...

Why is third-party risk still such a challenge? Are companies using recent risk events (pandemic, solar winds, Colonial pipeline) as an opportunity to get better at risk management? How can firms better prepare for attacks to their third-party ecosystem? Segment Resources: https://go.forrester...

The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities. In this segment, Mark talks about the best starting point for organizations to get back on track and prioritize your web app security. h...

“Behind the scenes of the cyber fight” – talking about the good on the defender side, taking down cyber criminal supply chains, partnerships, taking down ransomware gangs. This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them!

Security professionals must protect their organizations from the five shifts which will persist after the pandemic: 1) customers will demand safety and convenience; 2) brands will create hybrid experiences; 3) stakeholders will build the future of work; 4) smart firms will retire technical debt; and...

The development life cycle as we know it is rapidly changing, and today’s AppSec testing needs to keep up with shorter and faster processes. A shift-left approach is no longer enough to protect web assets - you need much more dynamic tools and ways of working. We want to talk about why enterpris...

Cloud security, the next frontier. How do we build resilient services in the cloud and secure them. Ganesh Pai, CEO at Uptycs, joins us to discuss a new perspective on cloud security resilience. This segment is sponsored by Uptycs. Visit https://securityweekly.com/uptycs to learn more about ...

Security can be somewhat of a mystery at a lot of organizations. Most companies choose to be tight-lipped about the security measures they have implemented. Rightfully so, there is an underlying fear that publicizing your security efforts could make you more vulnerable to security attacks and damage...

A former Gartner analyst, Frank Catucci will share his thoughts on the latest application security trends that will impact the markets in 2021.

The cyber risk ratings market, comprised of companies providing a security rating based on what they can see of your external infrastructure is controversial. In my latest evaluative New Wave looking at this market, we identified a number of issues meaning this market is not ready for the prime time...

Scott Crawford joins us to discuss some of the most frequent trends in the security industry today, including high profile incidents and their impact on the industry.

Data privacy and Web security teams are converging across enterprises and we are seeing more Privacy use cases like cookie banner consent and limiting data sharing (vendors like Facebook, Google etc. are capturing sensitive user data, accessing cameras, microphones, geolocation etc.) via security po...

The truth is, most web app and API security tools were designed for a very different era. A time before developers and security practitioners worked together, before applications were globally distributed and API-based. But attackers are developers too, and they aren’t bogged down by the limitations...

In security, regions can impact available technical capabilities, manpower, and other resources. This has been felt more than ever in African countries given the dramatic shift to remote work during the pandemic. Allie's talk with Kerissa Varma dissects and compares regional responses to COVID from ...

We are seeing API related breaches almost weekly - Experian, John Deere, Peleton, Starbucks, etc. Why are we seeing so many of these, and how do we need to change our thinking to improve API security? What makes this difficult?

Whether the human element means creating a toxic-free environment for your people, navigating the maze of organizational politics and detractors, building the human firewall, or marketing security: people and culture are central to security. We will discuss some tips to help listeners focus their pe...