Video Library
-
How to use WPScan to provide WordPress plug-in security
Mike McLaughlin displays the abilities of WPScan and the simplicity the tool offers in assessing the security of WordPress plug-ins and avoiding related security vulnerabilities.
-
Enterprise file integrity software benefits
In this video, Spryo Malaspinas offers a primer on file integrity software basics and file integrity monitoring software benefits for enterprises.
-
EDRM: Bolstering content management security
Learn about implementing enterprise EDRM and how this technology combo supports enterprise content management security.
-
Web application attacks: Types and countermeasures
Video: Matasano Security's Cory Scott covers Web application attack types and how they target different layers of an application.
-
Revitalizing endpoint security with VDI desktops
Implementing VDI desktops provides an opportunity to re-architech endpoint security and management. Learn how in this supercast with Eric Ogren.
-
NSA’s Sager: Firms must seek to disrupt cyberattacks
The NSA’s Tony Sager discusses the likelihood of ‘digital Pearl Harbor’ and how to prepare for cyberattacks by cost-effectively disrupting attackers.
-
NSA’s Sager on recent breach trends, APT hype
The NSA’s Tony Sager discusses macro trends of 2011 security breaches, why advanced persistent threat hype isn’t justified, and infosec lessons learned from his wife and kids.
-
Video: Dan Guido on rethinking infosec threat analysis
Information security threat analysis is fundamentally flawed, said Dan Guido of iSEC Partners. He says the Exploit Intelligence Project hopes to change that.
-
Inside the NSA trusted computing strategy
The NSA’s Tony Sager discusses the NSA trusted computing strategy and the importance of finding cost-effective ways to disrupt potential attackers.
-
(ISC)2 director on group's strategy, women in infosec
(ISC)2 Executive Director W. Hord Tipton discusses (ISC)2 training, strategy, new initiatives and how it’s helping women in information security.
-
MGH security director on the business case for security
Bonnie Michelman, security chief for Massachusetts General Hospital, discusses making the security business case to executives.
-
(ISC)2 chief on CISSP test transparency, criticism
(ISC)2 Executive Director Hord Tipton on why a CISSP cert is still valuable, CISSP test transparency and the board of directors election process.
-
Realities of dealing with Web app security flaws
If you have Web apps, odds are you have Web app vulnerabilities. In this interview, Mike Rothman discusses what to do about them.
-
Granado on the benefits of pen testing, human hacking
Ernst & Young’s Jose Granado discusses the benefits of penetration testing and the importance of including “human hacking” as well.
-
Black Hat 2011: SSL is broken, researcher says
Configuration issues and other errors mire the SSL implementations of thousands of legitimate websites, according to research conducted by SSL Labs, a research arm of Qualys Inc.
-
Black Hat 2011: Database threats and mitigations
Databases have come under increased attacks in recent months from hacktivist groups and cybercriminals. Learn how to apply the appropriate security technologies to defend your database.
-
Black Hat: Android attacks and smartphone privacy leaks
Neil Daswani and his team demonstrated a drive-by attack on an Android smartphone and discussed behavioral analysis of more than 10,000 Android applications.
-
Black Hat 2011: SIM rule maker on attacks and defenses
LogRhythm Labs explains their new rules for the vendor’s SIM appliances.
-
Attack vectors, vulnerabilities and malware analysis
Rodrigo Branco talks about vulnerabilities, malware sophistication and whether the move to cloud-based services will change the way cybercriminals work.
-
Dan Guido on penetration testing; intrusion analysis
The iSec Partners consultant talks about his penetration testing courses at NYU, his research on intrusion analysis and rethinking intrusion defense.