Information security podcasts

Listen to this week's podcasts

P O D C A S T D E S C R I P T I O N S

• Security Wire Weekly recaps the week's top news in the world of information security, plus features interviews with industry luminaries, experts and information security pros just like you. RSS Feed
• Newsmaker is an occasional interview series featuring in-depth technical knowledge and industry analysis from one of information security's leading visionaries. RSS Feed
• Threat Monitor is a semimonthly tip that focuses on current information security threats, including hack attacks, viruses, worms, Trojans, backdoors, bots, spyware and DDoS, and provides you with the tactics required to defend against them. RSS Feed
• Security360 offers fresh perspectives from more than one source -- from vendors, experts and infosec pros -- on a variety of complex information security issues. RSS Feed
• Meet the Security Squad. In this podcast series, the writers and editors of SearchSecurity.com and Information Security magazine debate today's hot-button security issues. RSS Feed

Our featured Security School podcasts are tutorials led by infosec experts who offer tips and tactics to help with the latest information security challenges.

Secure Reads and Hot Type: Security books in audio are regular podcast series that feature chapters from popular information security books, read by the authors themselves. Hot Type podcasts exclusively feature books from authors affiliated with publishers Addison-Wesley and Prentice Hall.

Use the players below to stream each podcast to your desktop, or click on the links to subscribe to our podcast feeds and download these podcasts to your desktop or MP3 player.

Metasploit creator H.D. Moore
Metasploit creator H.D. Moore talks about the future of the attack platform. Also Cisco's Dave Dalvia on security and the Smart Grid.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of November 9, 2009

Security certifications pay remains strong
David Foote of Foote Partners on his latest skill and certification research. Security skills remain strong despite the bad economy.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of November 2, 2009

Squad: Tokenization, Phishing and the Feds
SearchSecurity editors discuss the importance of Microsoft's record breaking number of October vulnerabilities, the federal government's plan to hire 1,000 cybersecurity pros, the FBI's crackdown on a massive phishing ring and the latest payment industry tokenization plans.

Download MP3 | Subscribe to all of our podcasts

Podcasts for the week of October 26, 2009

Silon Trojan strikes Internet Explorer users
Amit Klein, CTO of Trusteer Inc. on a new two-headed Trojan striking Inernet Explorer users to steal login credentials.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of October 19, 2009

Heartland CIO on PCI, E3 project
Heartland Payment Systems CIO Steve Elefant talks about the processor's new E3 security processes, end-to-end encryption, deployment and adoption issues.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of October 12, 2009

Nuke and pave to eradicate botnets
Security researcher Gunter Ollmann of Damballa discusses the scourge of dangerous enterprise botnets and why the only method to eradicate them is by a method he calls "nuke and pave."

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of October 5, 2009

Exploring encryption, DLP
Richard Jacobs, chief technology officer of Sophos on encryption for compliance, DLP and the case for involving end users in security decisions.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of September 28, 2009

Threat Monitor -- Oct. 1, 2009
An enterprise strategy for Web application security threats
People Security founder Hugh Thompson reviews the tools and tactics, from routine assessments to Web application firewalls, that are essential to an application security strategy.
Watch the full video interview with Hugh Thompson.

Download MP3 | Subscribe to our security podcasts

Podcasts for the week of September 21, 2009

Digital forensics, breach incident response
Jim Jaeger, a retired Air Force brigadier general who heads the digital forensics operation at defense industry giant General Dynamics, explains best practices around data breach response and digital forensics.

Download MP3 | Subscribe to Security Wire Weekly

Squad: Privacy gone awry
SearchSecurity editors discuss Internet privacy issues, the Apache disclosure, VMworld and Apple security.

Download MP3 | Subscribe to all of our podcasts

Podcasts for the week of September 14, 2009

SANS Top Cybersecurity Risks
Experts discuss the findings of the SANS Institute 2009 Top Cyber Risks Report. The SANS report, The Top Cyber Security Risks found that IT security professionals are failing to adequately address client-side application flaws and website vulnerabilities. Meanwhile, cybercriminals are using spear phishing attacks and automated SQL injection attacks to infect employee machines and ultimately gain access to company networks.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of September 7, 2009

DNSSEC – Challenges and pitfalls
Security experts and officials involved in DNSSEC implementations share their successes and the challenges they face.

Program notes:
DNSSEC deployments gain momentum since Kaminsky DNS bug

Kaminsky interview: DNSSEC addresses cross-organizational trust and security

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of August 31, 2009

VMworld 2009: Virtualization security
Eric Ogren of The Ogren Group talks about the focus on security fundamentals and some virtualization technologies that increase security including virtual desktops. Ogren is attending VMworld this week in San Francisco.

Download MP3 | Subscribe to Security Wire Weekly

Threat Monitor -- September 3, 2009
How a corporate Twitter policy can combat social network threats
Despite the recent security risks, there is no reason to completely shut down Twitter use in the enterprise. There are, however, important policy controls and technologies that need to be put in place before you let the microblogging site into your organization.

Download MP3 | Subscribe to our security podcasts

Podcasts for the week of August 24, 2009

Security job market heating up
SearchSecurity.com's Carolyn Gibney interviews David Foote of Foote Partners on his latest skills and certification data. Foote says there's reason for those in the security industry to be optimistic.

Download MP3 | Subscribe to Security Wire Weekly

Squad: The QSA and the Heartland breach
Editors discuss the missing federal cybersecurity coordinator, the recent debate over comments made by Heartland CEO Robert Carr blaming the PCI QSA for the breach and whether the U.S. Marines should ban social networks.

Download MP3 | Subscribe to all of our podcasts

Podcasts for the week of August 17, 2009

Threat Monitor -- August 20, 2009
Cyberwarfare and the enterprise: Is the threat real?
Recently, there has been a great deal of press about massive botnets and killer denial-of-service attacks. So how concerned should you really be about cyberwarfare? The threat is real, says contributor Sherri Davidoff, but the underlying problems are weaknesses in our own infrastructure.

Download MP3 | Subscribe to our security podcasts

Breach highlights secure coding needs
Jim Molini, a Microsoft security professional and longtime security expert, explains his work as the key architect of a new secure software certification. Also, Forrester Research analyst Rob Whiteley talks about weighing risks versus attempting to secure all data.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of August 10, 2009

Microsoft fixes ActiveX troubles, kill-bit bypass
Security researcher David Dewey of IBM ISS explains his team's discovery of interoperability flaws affecting Microsoft and third-party vendors. Dewey estimates that as many as 10,000 components on the Internet may be affected.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of July 27, 2009

Black Hat 2009: Researchers converge; Conficker update
Michael Mimoso, editor of Information Security magazine and Robert Westervelt, news editor of SearchSecurity.com, discuss what to expect at this year's Black Hat conference. Also, listen to an interview with Mikko H. Hyppönen of F-Secure. Hyppönen plans to give an update on Conficker during a presentation at Black Hat. Visit our Black Hat 2009 news coverage page at: searchsecurity.com/blackhat2009.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of July 20, 2009

Detecting and investigating insider fraud
Insider fraud is a continuing battle for financial institutions but the economic recession has increased the risk. In this 17-minute podcast, Brenda Buetow, a certified fraud examiner and senior manager of forensic services at Crowe Horwath LLP, describes cases she's investigated and offers tips for detecting fraud and the employees most likely to commit fraud.

Download MP3 | Subscribe to Security Wire Weekly

Serious Adobe Flash flaw being exploited
Purewire principal researcher Paul Royal explains the ins and outs of the latest Adobe Flash vulnerability. The flaw is being exploited via PDF files and drive-by attacks. Adobe said it plans to fix the flaw by July 30.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of July 13, 2009

Squad: TJX, Black Hat and Social Security numbers
The SearchSecurity.com editors discuss TJX's settlment with 41 states over its data breach, Juniper's decision to pull a Black Hat presentation and whether our Social Security numbers are at risk

Download MP3 | Subscribe to all of our podcasts

Microsoft Patch Tuesday, ActiveX risks
Sheldon Malm and Josh Abraham of Rapid7 explain some of the serious vulnerabilities addressed by Microsoft this month. Also, Eric Voskuil of BeyondTrust on ways to protect against ActiveX vulnerabilities. Microsoft has been dealing with a slew of ActiveX flaws of late.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of July 6, 2009

New Microsoft 0day
Jack Walsh, network IPS program manager for ICSA Labs discusses the latest Microsoft zero-day and his firm's research into the attack methods. Read the full story.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of June 29, 2009

Threat Monitor -- July 2, 2009
How to defend against rogue DHCP server malware
Rogue DHCP server malware is a new twist on an old concept. The good news is that effective threat mitigation strategies exist; the bad news is that many organizations haven't bothered to deploy them.

Download MP3 | Subscribe to our security podcasts

Twitter bugs, DNSSEC and browser security
Like it or not Web-based social networking services are here to stay. Amit Klein, founder and chief technology officer of Trusteer talks about the latest Twitter threats, how browser makers are responding to phishing and other attacks and the adoption of DNSSEC.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of June 22, 2009

Veiled darknet unveiled; TJX settles dispute
Security researcher Matt Wood of HP talks about a new browser-based darknet he co-developed called Veiled. Also, Pete Lindstrom of Spire Security on TJX's latest data breach news.

Download MP3 | Subscribe to Security Wire Weekly

Threat Monitor -- June 22, 2009
When BIOS updates become malware attacks
Most security pros don't give the system BIOS a second thought, or even a first one, but today's BIOS types are highly susceptible to malicious hackers. Information security threats expert Sherri Davidoff explains how attackers can plant BIOS malware and how security pros can thwart such attacks.

Download MP3 | Subscribe to our security podcasts

Podcasts for the week of June 15, 2009

Special Report: How to find jobs in information security
Is the recession holding back your career plans? In this free 30-minute podcast, experts Lee Kushner and Mike Murray offer infosec job advice that will help you survive and thrive in tough times.

Download MP3 | Subscribe to Security Wire Weekly

Click fraud threatens Web advertising
Click fraud is threatening online advertising, according to experts. This week, Anchor Intelligence lead scientist Daniel Walling and Richard Sim, vice president of product management talk about how fraudsters are getting more sophisticated. Also Jeremiah Grossman of WhiteHat Security explains why it's so easy for people to carry out click fraud.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of June 8, 2009

Squad: Obama, ISP shutdowns and Web security threats
SearchSecurity.com editors discuss the Obama administration's cybersecurity plans, the FTC shutdown of Triple Fiber Network and what IT security pros can do to address the growing threat posed by the use of social networks and other Web-based services.

Download MP3 | Subscribe to all of our podcasts

Social networking threats
Security consultant Lenny Zeltser of Savvis Security Consulting Services explains the threats posed by employee use of social networking websites and what security pros can do to address them. Zeltser is a faculty member at the SANS Institute. Also, a brief overview of Microsoft Patch Tuesday.

Download MP3 | Subscribe to Security Wire Weekly

Security Newsmakers: Sophos CEO Steve Munford
Steve Munford took over Sophos' leadership as the U.K.-based AV company mounted an aggressive effort to expand its market share, particularly in North America, against industry giants Symantec and McAfee. Munford was president of ActiveState when it was acquired by Sophos in 2003 and served as president for North America from 2003-2005.

In this interview, Information Security magazine's Neil Roiter talks with Munford about the company's acquisition and integration of encryption vendor Utimaco and Sophos strategy for leveraging the acquisition to boost sales in North America and Europe. Munford describes how Sophos engineering culture helps it integrate acquisitions and develop technology in-house.

Download MP3 | Subscribe to Security Newsmakers and our other security podcasts

Hot Type: Keatron Evans on advanced hack attacks
Chained Exploits
In our "Hot Type" podcast this month, Keatron Evans, author of Chained Exploits, explains how attackers can create fake websites and phishing scams that trick employees -- even your boss -- into downloading malicious Trojans that monitor your computer activity.

Download MP3 | Subscribe to "Hot Type" and other security podcasts

After listening to the podcast, read an excerpt from Chapter 2: Discover what your boss is looking at.

Podcasts for the week of June 1, 2009

The Obama Cybersecurity Plan
Information Security magazine's Michael Mimoso reports on the Obama cybersecurity announcement. He speaks with security luminary Howard Schmidt, Paul Kocher, chief scientist of Cryptography Research and Unisys CISO Patricia Titus.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of May 25, 2009

White House cybersecurity czar faces big challenges
Security luminary Bruce Schneier and former cybersecurity czars Amit Yoran and Gregory Garcia share their views on a possible new White House cybersecurity czar. UK-based Paul Wood, senior analyst at Symantec's MessageLabs, gives the international perspective.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of May 18, 2009

Defeating hackers is hard
Sophos senior security consultant Graham Cluley talks about the antivirus industry, the threat landscape, the Conficker worm and why it has been difficult to defeat international cybercriminal gangs.

Download MP3 | Subscribe to Security Wire Weekly

Threat Monitor -- May 21, 2009
Threat Monitor: Cybercrime and threat management
It's no secret that cybercrime is an ever-growing issue for today's security professionals, but what roles and responsibilities need to change as a result of the glut in illicit cyber activity? In this podcast, Bill Boni, VP of information security and technology at Motorola, discusses the changing landscape of cybercrime, and how to react to it.

Download MP3 | Subscribe to our security podcasts

Podcasts for the week of May 11, 2009

Botnet threats and countermeasures
AT&T Labs' Brian Rexroad shares how the telecommunications giant detects and defends its network against botnets. Rexroad talks about the most prevalent botnets being monitored, including Conficker, how privacy concerns strain detection and eradication efforts and explains how future technologies could be used to battle the cybercriminals behind the threat. Rexroad is principal architect at AT&T Labs.

Download MP3 | Subscribe to Security Wire Weekly

Squad: Data breach burn-out
SearchSecurity.com editors discuss whether the Berkeley data breach warranted so much news coverage and whether people are becoming desensitized to data breaches. Also, Heartland Payment Systems' push for better industry wide security and whether software vendors should push silent updates to users.

Download MP3 | Subscribe to all of our podcasts

Podcasts for the week of May 4, 2009

Security Wire Weekly: Kodak CISO on virtualization, compliance
Eastman Kodak CISO Bruce Jones on compliance issues, cloud computing and virtualization use. Also, security analyst Eric Ogren on virtualization and other trends from the 2009 RSA Conference.

Download MP3 | Subscribe to Security Wire Weekly

Security skills and certification pay
SearchSecurity.com's Carolyn Gibney interviews David Foote of Foote Partners LLC about the firm's latest skills and certification pay research. Some security skills are holding their own in the tough economy.

Download MP3 | Subscribe to Security Wire Weekly

Security Squad: Federal cybersecurity defenses
In this edition, SearchSecurity editors talk about the electrical grid compromise, restructuring of the federal cybersecurity authorities, who to blame for the Conficker hype and recent criticisms of the Payment Card Industry Data Security Standard.

Download MP3 | Subscribe to all of our podcasts

Threat Monitor -- May 7, 2009
Threat Monitor: How to find and stop automated SQL injection attacks
Automated SQL injection worms use search engines to filter through vulnerable Web servers. In this podcast, Jamie Gamble and Patrick Szeto explains how to keep your website off of the malware's radar.

Download MP3 | Subscribe to our security podcasts

Podcasts for the week of April 26, 2009

Incident response and forensics
Trend Micro buys Third Brigade. Also Agile Risk Management's Matthew Shannon talks about incident response best practices, including ways to accelerate the process, how compliance enables better incident response, and what makes a successful incident response.

Download MP3 | Subscribe to Security Wire Weekly

Security Newsmakers: RSA cryptographer Ari Juels on RFID, encryption
SearchSecurity.com's Neil Roiter interviews well known cryptographer Ari Juels about RFID security, cloud storage innovations and his new novel.

Download MP3 | Subscribe to Security Newsmakers and our other security podcasts

Podcasts for the week of April 19, 2009

Kaspersky sees Internet IDs ahead
Kaspersky Lab CEO Eugene Kaspersky predicts that one day people will need an ID card to access the Internet. In this wide ranging interview at the 2009 RSA Conference, Kaspersky talks about the Conficker worm, attacker sophistication and tracking cybercriminals.

Download MP3 | Subscribe to Security Wire Weekly

AJAX platform injects security
Kyle Adams and Al Huizenga of new startup Mykonos talk about their new platform that injects security into the software development lifecycle for AJAX applications. Also, security expert David Mortman on cloud computing.

Download MP3 | Subscribe to Security Wire Weekly

PCI Council readying new virtualization requirements
In an interview at the 2009 RSA Conference, Troy Leach, technical director of the PCI Security Standards Council, said the organization is exploring ways to address the security challenges with virtualization and cloud computing. He said new requirements are likely."

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of April 12, 2009

Threat Monitor -- April 16, 2009
Threat Monitor: Virtualization: Disruptive technologies
Virtualization promises enterprises amazing cost-saving benefits, but what about the inherent security threats? In this video series, renowned security researchers Chris Hoff, Rich Mogull and Dino Dai Zovi discuss the greatest threats to virtualized environments, including some you might not expect.

Download MP3 | Subscribe to our security podcasts

RSA preview: Google makes its case for defending the cloud
Eric Feignebaum, director of security for Google Apps, asserts cloud computing can be as secure as or even more secure than traditional corporate security. Feigenbaum will participate in a panel at the 2009 RSA Conference, "Cloud computing – secure enough for primetime today?"

Download MP3 | Subscribe to Security Wire Weekly

RSA preview: Budget issues to dominate
Andreas Antonopoulos of Nemertes Research, Charles Kolodgy of IDC and Chenxi Wang of Forrester Research talk about the major trends to dominate the RSA Conference. Shrinking budgets, application security, virtualization and encryption could dominate the event, the industry analysts said.

Download MP3 | Subscribe to Security Wire Weekly

Security Newsmakers: Enrique Salem takes charge at Symantec
Enrique Salem, who took over as Symantec CEO for the retiring John Thompson on April 4, talks about the Symantec he worked for in the 1990s, the Symantec he inherits today, and the Symantec he envisions for the future.

Download MP3 | Subscribe to Security Newsmakers and our other security podcasts

Podcasts for the week of April 6, 2009

Security Wire Weekly: Cloud computing security
Jim Reavis of the Cloud Security Alliance talks about the new organization's goals and the challenges ahead for cloud computing. Also, David Goldstone of Goodwin Procter on the failure of data breach class action lawsuits.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of March 29, 2009

Threat Monitor -- April 2, 2009
Threat Monitor: Short-lived Web malware: Fading fad or future trend?
Attackers are increasingly spreading their malicious code through fly-by-night websites that seem legitimate to unsuspecting users, but are actually laden with malware. Marcos Christodonte II explains how short-lived Web malware works, and how enterprises can use Web filtering, honeytokens and good policy to mitigate the threat.

Download MP3 | Subscribe to our security podcasts

Is Conficker worth the hype?
We talk about the hype surrounding the Conficker worm with Pete Lindstrom, research director at Spire Security. Also, Dave Marcus of McAfee joins us to talk about malware in a down economy.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of March 22, 2009

OWASP security benchmark study; Mobile threats real?
Boaz Gelbord, who heads the OWASP Security Spending Benchmarks project, explains the survey results. Also, Ivan Arce of Core Security Technologies talks about smartphone threats and penetration testing.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of March 15, 2009

Hot Type -- Mar. 19, 2009
The Truth about Identity Theft
In the latest edition of "Hot Type: Security Books in Audio," author Jim Stickley reveals just how easy it is for a cybercriminal to get a hold of employee passwords.

Download MP3 | Subscribe to "Hot Type" and other security podcasts

After listening to the podcast, read an excerpt from Chapter 11: Social Engineering.

Jose Nazario on botnets, cyberwarfare
Security expert Lenny Zeltser gives tips on how to appropriately respond to a security incident. Also, a discussion on the relaunch of the L0phtCrack password cracking tool with Chris Wysopal of Veracode.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of March 8, 2009

Jose Nazario on botnets, cyberwarfare
Botnets are being used more frequently to silence political dissenters, explains Jose Nazario of Arbor Networks. Nazario has been studying the rise of botnets as a tool used in cyberwarfare.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of March 1, 2009

Security Wire Weekly: PCI Council officials mull latest breaches
PCI Council general manager Bob Russo and Council chairman Lib de Veyra talk about the PCI Council's goals in 2009 and the council's role in the latest data breaches. Also, a discussion about virtualization security with Steve Herrod of VMware.

Download MP3 | Subscribe to Security Wire Weekly

Threat Monitor -- March 5, 2009
Threat Monitor: How to use (almost) free tools to find sensitive data
No matter how much security awareness training employees get, some of them will still store sensitive data in insecure places. As a security manager, finding that data becomes of paramount importance -- but how to do it? In this tip, John Soltys offers advice on ways to find insecurely stored data.

Download MP3 | Subscribe to our security podcasts

Podcasts for the week of February 22, 2009

Security Wire Weekly: Attacks against SSL
In this podcast, cryptography expert Taher Elgamal of Axway Inc. defends SSL in the wake of research that bypasses it. Elgamal's research led to the development of SSL.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of February 15, 2009

Threat Monitor -- February 19, 2009
Threat Monitor: How to block adult websites from enterprise users by logging content
Inappropriate content has always been a problem for enterprise security teams. What are some best practices for blocking adult content and websites from systems? In this security management tip, learn strategies for keeping users' Web habits in check.

Download MP3 | Subscribe to our security podcasts

Security Wire Weekly: Chris Wysopal on secure coding
In this podcast, secure coding expert Chris Wysopal talks about dynamic and static testing and the state of secure software development tools. Wysopal also explains why he's a big proponent of the SANS/CWE Top 25 Dangerous Programming Errors List.

Download MP3 | Subscribe to Security Wire Weekly

Security Newsmakers: Why top lists don't work
In this podcast, Gary McGraw of Cigital explains why the CWE/SANS Top 25 dangerous programming errors list will fail to have a major effect on secure software development.

Download MP3 | Subscribe to Security Newsmakers and our other security podcasts

Podcasts for the week of February 8, 2009

Top cybersecurity priorities for the Obama administration
In this podcast, Core Security's Tom Kellermann, who served on the Commission for Cybersecurity for the 44th Presidency, talks about President Obama's cybersecurity priorities. Also, Gary McGraw of Cigital explains why the CWE/SANS Top 25 list won't do much to aid secure software development.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of February 1, 2009

Data breach cost analysis
The average cost of data breaches is rising as companies struggle to contain data leakage, explains Larry Ponemon of the Ponemon Institute. Also, Henry Helgeson, CEO of payment processor Merchant Warehouse, talks about PCI and encryption in the wake of the Heartland breach.

Download MP3 | Subscribe to Security Wire Weekly

Threat Monitor -- February 5, 2009
Threat Monitor: Are Windows Vista security features up to par?
Expert Michael Cobb explains why attempts to bypass Windows Vista memory protections don't necessarily mean that the operating system lacks security.

Download MP3 | Subscribe to our security podcasts

Podcasts for the week of January 26, 2009

Microsoft Conficker dangers ahead
In this podcast, Thomas Cross, X-Force security researcher for IBM ISS, discusses the possible dangers posed by the Conficker/Downadup worm. Researchers are waiting for the payload.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of January 19, 2009

Security Wire Weekly: Heartland data security breach
In this podcast, Gartner Analayst Avivah Litan talks about the Heartland data breach. Also, a discussion with Ernst & Young's Sagi Leizerov on data privacy in the retail industry.

Download MP3 | Subscribe to Security Wire Weekly

Security Squad: Are vulnerability lists helpful?
In this podcast, the editorial team debates the usefulness of the CWE/SANS Top 25 List, the state of virtualization security and they discuss the top cybersecurity news stories of 2008.

Download MP3 | Subscribe to all of our podcasts

Podcasts for the week of January 12, 2009

Security Wire Weekly: Top 25 dangerous coding errors
Security experts explain the new Top 25 Errors list. Includes Bob Martin of MITRE Corp., Paul Kurtz, a principal author of the U.S. National Strategy to Secure Cyberspace and application security testers Jacob West of Fortify Software and Chris Wysopal of Veracode.

Download MP3 | Subscribe to Security Wire Weekly

Podcasts for the week of January 5, 2009

Threat Monitor -- January 8, 2009
Threat Monitor: Future security threats: Enterprise attacks of 2009
Expert John Strand reviews what's in store for 2009, including new weapons, old vulnerabilities, and new takes on old attack techniques.

Download MP3 | Subscribe to our security podcasts

Network access control: A look ahead
Patrick Wheeler of Symantec looks back at the market for NAC technologies in 2008 and explains what he sees ahead in 2009.

Download MP3 | Subscribe to Security Wire Weekly

INFORMATION SECURITY PODCAST ARCHIVES
2008 podcasts
2007 podcasts
2006 podcasts
2005 podcasts