From Security Weekly Wiki
Jump to navigationJump to search

Recorded January 29, 2020 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Annoucements:

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit to register for free and come join in the fun!
    • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting and clicking the button to join the list! You can also submit your suggestions for guests by going to and submitting the form! We'll review them monthly and reach out if they are a good fit!
    • Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting, selecting the webcast/training drop down from the top menu bar and clicking registration.

    Enterprise News

    1. New Cisco, AppDynamics integration bridges IT and DevOps for app management | ZDNet
    2. Cequence Security Launches CQ botDefense SaaS Silicon Valley Daily
    3. Optimizing Your IT Spend as You Move to the Cloud | Flexera Blog
    4. Newswire & Press Release / Cybereason Launches Free Emotet-Locker Tool to Help Global Organizations and Local and State Governments Combat... - IT Security / Anti-Spam - Cybereason, Inc. | NewswireToday
    5. CloudKnox Security raises $12M to accelerate customer growth and innovation - Help Net Security
    6. Swimlane version 10.0: Reducing mean time to detect and response for security incidents - Help Net Security
    7. Cequence CQ botDefense now available on AWS Marketplace as a SaaS - Help Net Security
    8. Magnet Forensics unveils new solution that simplifies remote forensics investigations - Help Net Security
    9. Cisco launches IoT security architecture to deliver enhanced visibility across IoT and OT environments - Help Net Security
    10. Most AV vendors will continue to support their products under Windows 7 - Help Net Security
    11. Citrix and FireEye Mandiant Launch Indicator of Compromise Scanner
    12. StackRox Announces Google Anthos Support for Hybrid and Multicloud Kubernetes Environments
    13. Sophos Introduces Intercept X for Mobile

    Topic: Migrating Legacy Apps to the Cloud Pt. 1

    Whether you're trying to migrate a "homegrown" application or an open-source tool, getting into containers and to the cloud can be challenging. There are many ways to achieve the same goal, and as always, some not-so-great advice on the Internet. This segment will cover some of the technical details and considerations for moving applications into Docker and eventually into cloud services. We'll review Docker configurations and strategies for building, maintaining and securing containers.

    Interview: Steven Bay, Security On-Demand

    Steven Bay
    is the Director, Security Operations at Security On-Demand.

    Steven Bay has over 16 years of cybersecurity experience, spanning the military, government, consulting, and enterprise security. For 10 of those years he supported the National Security Agency both as a member of the military and a contractor. In 2013 he hired Edward Snowden to a contract position in Hawaii and was his manager when Snowden fled the country with top secret NSA data. Following this he moved into commercial cybersecurity where he provide IR and Threat Intelligence services to Fortune 500 companies, served as a CISO, and today is the Director of Security Operations at Security On-Demand. He also is keynote speaker where shares his story and lessons learned from his Snowden experience at industry groups, corporate events, and student groups.

    Segment Topic:
    Edward Snowden and the Insider Threat

    Segment Description:
    Edward Snowden is a prime example of an Insider Threat. We will discuss insiders and why they are so dangerous, my story with Ed, and lessons we can all apply to both identify and protect ourselves from such threats.

    Segment Resources: