Recorded December 2, 2019 at G-Unit Studios in Rhode Island!
- Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
- OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
- We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
- Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.
Interview: Sandy Carielli, Forrester Research
Sandy is a principal analyst at Forrester advising security and risk professionals on application security, with a particular emphasis on the collaboration among security and risk, application development, operations, and business teams. Her research covers topics such as proactive security design, security testing in the software delivery lifecycle, protection of applications in production environments, and remediation of hardware and software flaws.
Sandy has over 15 years of experience in the security industry, working in software engineering, consulting, product management, and technology strategy roles. Her most recent experience was at Entrust Datacard, where she guided the organization’s technology strategy and researched the impact of emerging technologies on the business. Prior to that, Sandy was director of product management at RSA, where she was responsible for the SecurID and Data Protection portfolio. Sandy spent four years as a consultant at @stake, where she conducted application architecture assessments, penetration tests, and code reviews for enterprise customers and recommended risk mitigation strategies based on her findings. Sandy began her career as a software engineer at BBN Technologies and CyberTrust Solutions. Sandy is a coauthor of the Industrial Internet Consortium’s IoT Security Maturity Model and has spoken at RSA Conference, SOURCE Boston, ISSA International, and many other regional security events.
Sandy has a ScB in mathematics from Brown University and an MBA from the MIT Sloan School of Management.
Discuss the impact of good and bad bots on enterprises and how it is both a security and customer experience problem. Review how the bot management marketing is evolving and how WAFs are buying up or partnering with bot management tools to expand their reach.
Bugs, Breaches, and More!
If you build it, they will come
Learning & Tools
Food for Thought
- Analysis of Jira Bug Stresses Impact of SSRF in Public Cloud
- DevSecOps Adoption and the Web Security Myth