Information security podcasts: 2010 and 2011 archive

Download information security podcasts from SearchSecurity's 2010 and 2011 podcast archive.

 

Podcasts for the week of February 27, 2011
 
Threat Monitor -- March 3, 2011
Security in virtualization: IDS/IPS implementation strategy
Considering virtualization? Take into account that your IDS or IPS may not work the same way in a virtualized environment as it does in a physical one. Expert Dave Shackleford explains how to address this potential problem.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of February 20, 2011

Security Wire Weekly -- February 21, 2011
RSA 2011: Does compliance inhibit security innovation?
Joshua Corman of the 451 Group, Paul Judge of Barracuda Networks and Eric Ogren of the Ogren Group talk about whether compliance inhibits security innovation. Also, Michael S. Mimoso, Editorial Director of SearchSecurity.com gives his thoughts on the 2011 RSA Conference.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of February 13, 2011

Threat Monitor -- February 17, 2011
Enterprise antivirus protection: Is signature AV worth the money?
Enterprises have long relied on signature-based antivirus technology to protect them from information security threats. In many cases, antivirus has been and is the only antimalware protection companies have in place, which unintentionally puts organizations at risk.

Download MP3 | Subscribe to our security podcasts

Security Wire Weekly -- February 17, 2011
RSA 2011: Dan Kaminsky on the ROI of DNSSEC for enterprises
In a brief interview following a presentation on DNSSEC at RSA Conference 2011, network security expert Dan Kaminsky explained why enterprises need to pay attention to DNSSEC deployments. Kaminsky said firms that invest in systems supporting the more secure DNS protocol will eventually be able to deploy better security technologies.

Download MP3 | Subscribe to our security podcasts
 

Podcasts for the week of February 6, 2011

Patrolling the Channel -- February 10, 2011
Planning for RSA Conference 2011: Session suggestions and expo advice
In this podcast, SearchSecurityChannel.com spoke with Kevin McDonald, executive vice president and director of compliance practices at California-based Alvaka Networks Inc. In this interview, McDonald shares his suggestions and tips for getting the most out of the RSA Conference 2011, as well as any other IT security conferences.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of January 30, 2011
 
Security Wire Weekly -- January 31, 2011
NetWitness' CSO on targeted malware
Eddie Schwartz, CSO of network analysis firm NetWitness, talks about targeted malware and the company's new Spectrum malware analysis platform.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of January 23, 2011

Patrolling the Channel -- January 27, 2011
Predictions guide strategic advice for successful IT security business
In this edition of SearchSecurityChannel.com's Patrolling the Channel podcast, we interviewed Jerry Jalaba, vice president of channel sales at Boulder Colo.-based Webroot Software Inc. Jalaba discusses his company's top three predictions that will impact security solution providers, and suggests two strategies that solution providers should be doing now to grow their IT security business in the next 12 months.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of January 16, 2011
 
Security Squad -- January 20, 2011
Threat predictions and browser wars
The SearchSecurity editorial team examines past threat predictions, discusses the prospects for mobile malware and talks about how the browser marketshare wars have leaked into the security space.
Download MP3 | Subscribe to our security podcasts

Threat Monitor -- January 20, 2011
Data breach procedures to stop Gawker-type Web password security leaks
The recent Gawker Media LLC data breach is a good illustration of the various things that can go wrong when an organization isn't prepared and doesn't have a mature information security infrastructure that includes people, processes and technology.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of January 2, 2011

Threat Monitor -- January 6, 2011
Creating a Java security framework that thwarts a Java exploit
The number of attacks on Java is steadily increasing, and many enterprises are unprepared for the threat. Get advice on how to lock down Java from expert Nick Lewis.
Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of December 26, 2010

December 27, 2010
Cybersecurity: Looking back at 2010 - Part 2
Pete Lindstrom, a research director at Spire Security joins the editorial team to talk about the top IT security news stories of 2010, including Microsoft's legal action against Waledac botnet, McAfee DAT File issue, Security Vendor Acquisitions and more!

Download MP3 | Subscribe to Security Wire Weekly

 

Podcasts for the week of December 19, 2010

December 21, 2010
Cybersecurity: Looking back at 2010 - Part 1
Pete Lindstrom, a research director at Spire Security joins the editorial team to talk about the top IT security news stories of 2010, including Google Aurora, Stuxnet, CSIS/McAfee Critical infrastructure survey/study and more!

Download MP3 | Subscribe to Security Wire Weekly

 

Podcasts for the week of December 5, 2010

December 9, 2010
Winn Schwartau on securing mobile devices
Security luminary Winn Schwartau talks about the threats posed by the growing use of smartphones in the workplace and the stuggle faced by IT professionals to properly secure them.

Download MP3 | Subscribe to Security Wire Weekly

Patrolling the Channel -- December 8, 2010
Global business expansion for security VARs
In this edition of SearchSecurityChannel.com's Patrolling the Channel podcast, Jess Ricther, director of sales for Los Angeles-based Lieberman Software Corp., discusses the obvious, and not so obvious, challenges that come with global business expansion for IT security consultants.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of November 28, 2010

Threat Monitor -- December 2, 2010
Why attackers exploit multiple zero-day attacks and how to respond
The Stuxnet worm has received significant media coverage for the large number of different types of systems it has infected. Stuxnet is similar to the Operation Aurora attacks from December 2009 and the Zeus botnet in that it demonstrates cutting-edge techniques in the way malware is created. However, Stuxnet is more sophisticated, primarily because it exploits several zero-day vulnerabilities at once.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of November 14, 2010

Threat Monitor -- November 18, 2010
Web 2.0 threats illustrated
Find out how to reduce the risk of data loss or reputational harm, and learn more about current threats as they relate to Web 2.0 technology, how attackers are monetizing these infrastructures and detailed mitigation techniques.
Download MP3 | Subscribe to our security podcasts

November 16, 2010
How should enterprises respond to firesheep?
The SearchSecurity editorial team talk about how enterprises should respond to the Firesheep Firefox plug-in and employee use of public WiFi points. Also, a discussion on Microsoft's ISP NAC plan and Google extending its bug bounty program.

Download MP3 | Subscribe to Security Wire Weekly

 

Podcasts for the week of November 1, 2010

Threat Monitor -- November 4, 2010
SSL vulnerabilities: Trusted SSL certificate generation for enterprises
Many users and some businesses are overly reliant on SSL, believing it to be a panacea for Web security. Implementing SSL on a website does not protect an organization from all Web security vulnerabilities; it only provides -- in the best case -- an encrypted connection between the client and the server. In this tip, we'll explain why businesses should carefully assess the risks to their environments posed by recently discovered SSL vulnerabilities and what they can do to minimize the risks.
Download MP3 | Subscribe to our security podcasts

November 3, 2010
Malware writers and memory dumping
Jibran Ilyas, a computer forensics investigator and malware researcher and Nicholas J. Percoco, senior vice president of Trustwave's SpiderLabs team talk about malware sophistication and memory dumping techniques.

Download MP3 | Subscribe to Security Wire Weekly

November 2, 2010
Assessing the mobile application security threat
Mike Zusman and Zach Lanier of New York-based security consultancy Intrepidus Group on the growing threat posed by poorly coded mobile applications.

Download MP3 | Subscribe to Security Wire Weekly

November 1, 2010
Payment industry finalizes PCI DSS 2.0
Jeremy King, the European director of the PCI SSC discusses the PCI DSS 2.0 changes in more detail and where the industry is headed.

Download MP3 | Subscribe to Security Wire Weekly

 

Podcasts for the week of October 24, 2010

October 27, 2010
PCI tokenization guidance
Gary Palgon, who leads the PCI SSC Tokenization Working Group, one of four working groups in the PCI SSC's Scoping Special Interest Groups, talks about the road ahead for tokenization technologies.

Download MP3 | Subscribe to Security Wire Weekly

 

Podcasts for the week of October 17, 2010

October 22, 2010
Coping with consumerization of IT
This year's Security 7 Award winners discuss strategies for dealing with the influx of consumer devices into the enterprise and ensuring sensitive data is protected.

Download MP3 | Subscribe to Security Wire Weekly

October 21, 2010
HD Moore on the Stuxnet Trojan
Metasploit creator HD Moore talks about the Stuxnet Trojan, the evolution of malware and his role at Rapid7.

Download MP3 | Subscribe to Security Wire Weekly

October 21, 2010
Compliance versus security
This year's Security 7 Award winners discuss the relationship between security and compliance and whether compliance helps improve security or detracts from it.

Download MP3 | Subscribe to Security Wire Weekly

Threat Monitor -- October 21, 2010
Prevent credit card data compromise via memory-scraping malware
A top objective of the Payment Card Industry Data Security Standard (PCI DSS) is to mitigate the risk of credit card data compromise via persistent storage (e.g. disk) through controls securing the flow of credit card (CC) data. However, the standard controls mandated by PCI DSS, like encryption and network segmentation, for instance, are not necessarily sufficient to address the risk from non-persistent storage of card data, such as when data is stored temporarily as files on a disk or in memory.

Download MP3 | Subscribe to our security podcasts

Patrolling the Channel -- October 20, 2010
IPv6 security issues for solution providers
In this edition of SearchSecurityChannel.com's Patrolling the Channel podcast, Guy Snyder, ICSA Labs Secure Communications Program Manager, discusses when IPv4 addresses may run out, what the government is doing to foster IPv6 adoption and where the security-related IPv6 opportunities are for security solution providers.

Download MP3 | Subscribe to our security podcasts

October 20, 2010
The advanced persistent threat and the state of traditional perimeter protection
This year's Security 7 Award winners discuss targeted attacks and how strategies for securing the network perimeter have changed.

Download MP3 | Subscribe to Security Wire Weekly

 

Podcasts for the week of October 10, 2010

The security-compliance tug-of-war
Bryan E. Simon, senior systems and security specialist at Prince George, BC-based Integris Credit Union, talks about the daily struggles security pros face, including the need to balance security demands with compliance requirements.

Download MP3 | Subscribe to Security Wire Weekly

 

Podcasts for the week of October 3, 2010

Threat Monitor -- October 7, 2010
How to secure GSM phones against cell phone eavesdropping
A recent advancement in attacks on Global System for Mobile Communications (GSM) security has shown that it is now trivial to intercept or record GSM cell phone calls. Anybody with a few thousand dollars and some skill can use the techniques and hardware described by Chris Paget at Defcon to eavesdrop or record GSM cell phone calls.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of September 19, 2010

Big changes ahead for security market?
SearchSecurity.com editors talk with Pete Lindstrom, a longtime security industry observer and research director at Spire Security about the latest security vendor acquisitions and what they mean for the market. Also, should security pros be silenced by their employers?

Download MP3 | Subscribe to Security Wire Weekly

 

Podcasts for the week of September 12, 2010

Threat Monitor -- September 16, 2010
How to build a toolset to avoid Web 2.0 security issues
The collaborative, interactive nature of Web 2.0 technology has great appeal for business, and companies of all sizes and verticals are taking full advantage of social networking sites, free online services and other collaborative Web 2.0 platforms.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of September 1, 2010

Joe Stewart: Botnets are hard to bring down
Botnet and malware expert Joe Stewart explains why it is difficult for security teams to take down botnets. Stewart, director of malware research at SecureWorks talks about the data that can be gleaned from command and control servers and what ISPs are doing to defend against zombie computers.

Download MP3 | Subscribe to Security Wire Weekly

Threat Monitor -- September 2, 2010
A vulnerability management process for the Windows XP Help Center flaw
For attackers looking to run arbitrary code on Windows XP SP2 and Windows 2003 systems, a recent vulnerability discovered in the Microsoft Windows Help and Support Center could be the key they need if enterprises don't promptly install Microsoft's recent security update.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of Aug. 15, 2010

Threat Monitor -- Aug. 18, 2010
Monitoring strategies for insider threat detection
With so many logging and monitoring tools available, it may seem like detecting illicit insider activity in enterprise organizations should be easier. But the number of malicious insider cases continues to increase, mainly because most insiders who commit fraud, theft, IT sabotage or espionage use authorized access and perform the same types of online actions they perform every day: On the surface, their malicious activity does not look any different than their everyday online activity.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of Aug. 1, 2010

Threat Monitor -- Aug. 4, 2010
Email, website and IP spoofing: How to prevent a spoofing attack
A SearchSecurity.com reader recently asked our threats expert Nick Lewis: Can you describe what a "spoofing attack" is, and if there is any way organizations can protect themselves from this new threat? Listen to Nick's response here.
Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of Jul. 12, 2010

Tracking cloud services problems – Cloutage.org
Jake Kouns of the Open Security Foundation talks about his latest project, Cloutage.org, which aims to track many of the outages, flaws and other issues that plague cloud services.

Download MP3 | Subscribe to Security Wire Weekly

Threat Monitor -- Jul. 15, 2010
KHOBE attack technique: Kernel bypass risk or much ado about nothing?
Some say the KHOBE attack technique is a serious threat looming over enterprises, while others believe it's been greatly over-hyped. Who's right? Nick Lewis offers his analysis.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of Jun. 28, 2010

Threat Monitor -- Jul. 1, 2010
Web 2.0 widgets: Enterprise protection for Web add-ons
Web 2.0 widgets represent a threat vector that should not be overlooked at any enterprise organization. In this tip, Nick Lewis explains what a Web 2.0 widget is, and how companies can protect against them.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of Jun. 14, 2010

Threat Monitor -- Jun. 17, 2010
Zeus botnet analysis: Past, present and future threats
The Zeus botnet isn't showing signs of fading. In fact, it now threatens a wider scope of organizations beyond the banking industry. Expert Nick Lewis offers a Zeus botnet analysis, looking at why it's been so effective, what it's doing now and how to mitigate the risk of falling prey to future Zeus attacks.
Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of May 31, 2010

Threat Monitor -- Jun. 3, 2010
Incident response security plans for advanced persistent threat
Dealing with advanced persistent threat (APT) presents unique challenges. Learn how an incident repsonse program can save your enterprise from APT.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of May 17, 2010

Threat Monitor -- May 20, 2010
Create a data breach response plan in 10 easy steps
Having a solid data breach response plan in place can make the threat of a security breach less intimidating. In this tip, learn 10 steps to an effective data breach response plan.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of May 3, 2010

Threat Monitor -- May. 6, 2010
Defining an incident response process when short staffed
The incident response process can be difficult when short staffed. In this tip, learn how to put together a computer security incident response team by leveraging other departments in your organization.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of April 12, 2010

Threat Monitor -- Apr. 15, 2010
Operation Aurora: Tips for thwarting zero-day attacks, unknown malware
In December 2009, Google, Adobe and other companies were the victims of a damaging cyberattack called Operation Aurora. In this tip, expert Nick Lewis outlines the lessons learned from this attack, and how companies can avoid falling victim to similar attacks.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of March 29, 2010

Threat Monitor -- Apr. 1, 2010
Creating a proactive enterprise security incident response program
Every organization should develop a proactive security incident response program to ensure that when an incident does occur, it can be handled quickly and efficiently. Contributor Marcos Christodonte II explains how.

Download MP3 | Subscribe to our security podcasts

 

Podcasts for the week of March 15, 2010

Threat Monitor -- Mar. 18, 2010
Web application attacks security guide: Preventing attacks and flaws
From buffer overflows to SQL injection, hackers have many techniques at their disposal to attack Web applications, and new methods constantly emerge. This week's podcast edition of Threat Monitor highlights one of the tips from this special Web application attack security guide, entitled: Prevent cross-site scripting hacks with tools, testing.

This was first published in December 2011

Dig deeper on Email and Messaging Threats (spam, phishing, instant messaging)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close