The Threatpost Podcast
Technology Podcasts
Threatpost editor Lindsey O'Donnell discusses security threats, attacks, vulnerability research and trends with a variety of industry executives, researchers and experts.
Location:
United States
Description:
Threatpost editor Lindsey O'Donnell discusses security threats, attacks, vulnerability research and trends with a variety of industry executives, researchers and experts.
Twitter:
@threatpost
Language:
English
Episodes
Inside the Hackers’ Toolkit
8/9/2022
There is no question that companies are in the sights of would-be criminals looking to exploit them. While companies look at solutions and trainings to help keep the perimeter secure, the biggest fail point is often the employees, AKA the human element.
In this Threatpost podcast, sponsored by Egress, we sit down with Jack Chapman to discuss the steps and tactics that companies can take to stay one step ahead of their adversaries.
During our conversation, we discuss:
Duration:00:15:59
Being prepared for adversarial attacks
6/2/2022
There is no question that the level of threats facing today’s businesses continues to change on a daily basis. So what are the trends that CISOs need to be on the lookout for?
For this episode of the Threatpost podcast, I am joined by Derek Manky, , Chief Security Strategist & VP Global Threat Intelligence, Fortinet’s FortiGuard Labs to discuss the threats facing CISOs along with more.
During the course of our discussion, we dive into:
We also lay out what CISOs need to consider when laying out and producing their threat action plan.
Duration:00:22:01
The State of Secrets Sprawl
5/6/2022
Can I tell you a secret? Will you keep it between us?
You’ve probably said this or heard this when it comes to friends and family. However, do you also know that secret keeping, or lack thereof is one of the biggest issues that businesses face?
According to the recent The State of the Secret Sprawl from GitGuardian further defines the breadth of business secrets.
“A secret can be any sensitive data that we want to keep private. When discussing secrets in the context of software development, secrets generally refer to digital authentication credentials that grant access to services, systems and data. These are most commonly API keys, usernames and passwords, or security certificates. Secrets are what tie together different building blocks of a single application by creating a secure connection between each component. Secrets grant access to the most sensitive systems.”
In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and more, along with as ways that developers can keep their code safe.
For the full report, click here.
Duration:00:16:49
The Truth Behind ‘Mythical’ MacOS Malware – Podcast
3/31/2022
Duration:00:18:51
A Blockchain Primer and a Bored Ape Headscratcher – Podcast
3/30/2022
Duration:00:27:31
Cyberattackers Put the Pedal to the Metal – Podcast
3/28/2022
Duration:00:18:31
Top 3 Attack Trends in API Security – Podcast
3/23/2022
Duration:00:21:04
Reporting Mandates to Clear Up Feds' Hazy Look into Threat Landscape – Podcast
3/16/2022
It’s about time, AttackIQ’s Jonathan Reiber said about 24H/72H report deadlines mandated in the new spending bill: Visibility into adversary behavior has been muck.
Duration:00:21:08
Staff Think Conti Group Is a Legit Employer – Podcast
3/14/2022
The ransomware group’s benefits – monthly bonuses, fines, employee of the month, performance reviews and top-notch training materials – might be better than your own company’s, says BreachQuest’s Marco Figueroa.
Duration:00:39:51
Multi-Ransomwared Victims Have It Coming
3/7/2022
There's a yawning gap between IT decision makers' confidence about security vs. their concession that repeated incidents are their own fault, says ExtraHop's Jamie Moles.
Duration:00:28:08
Russia Leaks Data From a Thousand Cuts–Podcast
3/3/2022
It’s not just Ukraine: Threat intel experts are seeing a flood of data on Russian military, nukes and crooks, even with the Conti ransomware gang having shuttered its leaking Jabber chat server.
Duration:00:17:40
Securing Data With a Frenzied Remote Workforce–Podcast
2/25/2022
Stock your liquor cabinets and take a shot whenever you hear GitLab Staff Security Researcher Mark Loveless say “Zero Trust.”
Duration:00:27:22
The Art of Non-boring Cybersec Training–Podcast
2/24/2022
With human error being the common factor in most cyberattacks, employee training has got to get better. To that end, Trustwave cybersec training expert Darren Van Booven explains the importance of fish stress balls and management buy-in.
Duration:00:19:49
Killing Cloud Risk by Bulletproofing App Security: Podcast
2/16/2022
Applications are the most preferred vectors for cybercriminals. Yet no single team or process can assure the rollout of safe cloud applications. From code design to unit testing to deployment, teams and tools have to work together to detect risks early while keeping the pipeline of digital products moving.
Alex Rice, CTO at HackerOne and Johnathan Hunt, VP of Security at GitLab, help development teams evolve their processes to build security directly into their workflows for smooth and safe cloud app rollouts.
They dropped by the Threatpost podcast recently to share tips on DevSecOps, including:
How to build a continual testing, monitoring, and feedback processes to drive down application risk.Developing a continuous approach to application security and DevOps security tools.Why collaboration and continual feedback is essential across development, cloud and security teams.
…as well as how to deal with the boatload of animosity between development and security teams. One tip: Assume positive intent!
Duration:00:06:34
How to Buy Precious Patching Time as Log4j Exploits Fly
12/14/2021
Threatpost podcast: Cybereason CTO Yonatan Striem-Amit shares details about the company's vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show having been disclosed.
Duration:00:19:55
Podcast: Could the Zoho Flaw Trigger the Next SolarWinds?
10/18/2021
Duration:00:11:01
DDoS Attacks Are a Flourishing Business for Cybercrooks – Podcast
9/14/2021
Imperva’s Peter Klimek visited Threatpost podcast to discuss the evolution of DDoS attacks: They started out as inconveniences but evolved to the point where attackers can disrupt businesses for as little as the price of a cup of coffee,
Duration:00:24:08