Recorded September 9, 2019 at G-Unit Studios in Rhode Island!
- Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
- OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
- We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
- Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.
Interview: Ty Sbano, Sisense
Ty Sbano is an Information Security leader with over 13 years of experience, mainly in Financial Technology organizations. Currently, Ty is the Cloud Chief Information Security Officer at Sisense, who acquired Periscope Data in May 2019. Ty’s career has been focused on developing application and product security programs for Capital One, JPMorgan Chase, LendingClub, and Target. Key areas of knowledge include developing security champions, threat modeling, secure code training, static code analysis, component analysis, dynamic analysis, penetration testing and red teaming. Ty’s security mentality has been concentrated on enabling engineering and product teams to securely move at the speed of the business to make it a competitive advantage. Ty graduated from Penn State University with a B.S. in Information Science & Technology and from Norwich University with a M.S. in Information Assurance. He currently holds a CISSP, CEH, CCSK and CPT. To learn more, please visit – tysbano.com.
Tools in the DevOps Pipeline, Component Analysis, Anything Application Security
Bugs, Breaches, and More!
- A very deep dive into iOS Exploit chains found in the wild followed by Heap Exploit Development
- Twitter turns off SMS texting after @Jack hijacking
- CVE-2019-15846: Unauthenticated Remote Command Execution Flaw Disclosed for Exim highlights the danger of mishandling escape sequences in strings.
If you build it, they will come
Learning & Tools
- 7 Steps to Web App Security
- Fuzzing 101: Why Bug Hunters Still Love It After All These Years and why you should write fuzzable code
Food for Thought