PSWEpisode628

From Paul's Security Weekly
Jump to: navigation, search

Recorded November 21, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.


  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
    • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
    • Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.


    Interview: Peter Liebert, Liebert Security - 6:00-6:30PM

    Peter Liebert is the CEO of the security consulting company Liebert Security and is acting Commander for the California State Guard Cyber Operations forces. Previously Peter served as the California State CISO where he was the primary state government authority charged with ensuring the confidentiality, integrity, and availability of state systems and applications, and ensured the protection of state information assets serving the nearly 30 million California residents. It was in this role that he won SC Media's CSO of the year and Statescoop's Up and Comer award. Prior to his role in the State he served in the U.S. Military as both an officer and a civilian working in organizations including United States Cyber Command and the Office of the Secretary of Defense Cyber Policy division. He holds multiple degrees and numerous industry certifications.

    Segment Topic:
    The Next Generation of SOCs: DevSecOps, Automation and breaking the model

    Segment Description:
    After working in and with SOCs for the majority of my career, as well as building one from the ground up for the State of California, there are some lessons learned that can be shared with the wider community. The first is how to leverage automation and devsecops methodologies in your SOC and the second is how to break out of the traditional Tier 1-3 model.



    Interview: Dave Kennedy, TrustedSec - 6:30PM-7:00PM

    Dave Kennedy
    is the Founder & CEO of TrustedSec.
    David Kennedy is founder of TrustedSec and Binary Defense Systems. Both organizations focus on the betterment of the security industry from an offense and a defense perspective. David also served as a board of director for the ISC2 organization. David was the former CSO for a Diebold Incorporated where he ran the entire INFOSEC program. David is a co-author of the book "Metasploit: The Penetration Testers Guide", the creator of the Social-Engineer Toolkit (SET), Artillery, and several popular open source tools. David has been interviewed by several news organizations including CNN, Fox News, MSNBC, CNBC, Katie Couric, and BBC World News. David is the co-host of the social-engineer podcast and on several additional podcasts. David has testified in front of Congress on two occasions on the security around government websites. David is one of the founding authors of the Penetration Testing Execution Standard (PTES); a framework designed to fix the penetration testing industry. Prior to the private sector, David worked for the United States Marine Corps and deployed to Iraq twice for intelligence related missions.

    Segment Topic:
    Coalfire Incident and DerbyCon


    Security News - 7:30-8:30PM

    Paul's Stories

    1. Amazon tells senators it isn't to blame for Capital One breach
    2. DNS-over-HTTPS is coming to Windows 10
    3. A critical flaw in Jetpack exposes millions of WordPress sites
    4. Throwback Thursday: See if you can wriggle out of this one
    5. Disney Plus Blames Past Hacks for User Accounts Sold Online | SecurityWeek.Com
    6. Why Multifactor Authentication Is Now a Hacker Target
    7. California IoT security law: What it means and why it matters - Help Net Security
    8. D-Link Adds More Buggy Router Models to Wont Fix List
    9. If You Love Your Wi-Fi, Secure It - OpenDNS Umbrella Blog
    10. I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned
    11. Microsoft Will Bring DNS Over HTTPS (DoH) to Windows | SecurityWeek.Com
    12. Intel Patched 77 Vulnerabilities in November 2019 Platform Update
    13. How the Linux kernel balances the risks of public bug disclosure
    14. Hacking Python Applications
    15. 13 Security Pros Share Their Most Valuable Experiences
    16. Office 365 Admins Targeted in Ongoing Phishing Scam

    Lee's Stories

    1. Thousands of hacked Disney+ accounts for sale

    Matt's Stories




    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+