Podcasts
-
Risk & Repeat: Payment card security a growing concern
In this week's Risk & Repeat podcast, SearchSecurity editors discuss new research from Verizon on payment card security and the effectiveness of PCI DSS compliance for enterprises.
-
Risk & Repeat: Alternative infosec conferences on the rise
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how smaller, more targeted infosec conferences are making a name for themselves in the shadow of much larger events.
-
Risk & Repeat: Was the DNC hack an inside job?
In this week's Risk & Repeat podcast, SearchSecurity editors examine claims from intelligence veterans that the DNC hack was an inside job, and not the work of Russian hackers.
-
Risk & Repeat: MalwareTech indictment raises questions
In this week's Risk & Repeat podcast, SearchSecurity editors explore the FBI's case against security researcher Marcus Hutchins, better known as MalwareTech.
-
Risk & Repeat: Voting machine hacking brings good and bad news
In this week's Risk & Repeat podcast, SearchSecurity editors look back at DEFCON 2017's voting machine hacking and what it could mean for the future of U.S. election security.
-
Risk & Repeat: Black Hat 2017 highlights
In this week's Risk & Repeat podcast, SearchSecurity editors recap Black Hat 2017 and discuss some of the big news from the event, including the Broadpwn remote exploit.
-
Risk & Repeat: Why are Amazon S3 buckets spilling on the web?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the series of enterprise data leaks through misconfigured Amazon S3 buckets and what should be done about them.
-
Risk & Repeat: Kaspersky Lab removed from GSA Schedule 70
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Trump administration's removal of Kaspersky Lab from the GSA Schedule 70 for federal IT contracts.
-
Risk & Repeat: Should IAM systems be run by machine learning?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the identity and access management industry and how machine learning algorithms could govern IAM systems.
-
Risk & Repeat: NotPetya ransomware raises the stakes
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the NotPetya ransomware, its impact and the growing trend of sophisticated ransomware attacks.
-
Risk & Repeat: RNC voter database left open to the public
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how the Republican National Committee's voter database was accidentally exposed in an Amazon S3 bucket.
-
Risk & Repeat: Symantec, Mozilla spar over certificate issuance
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Mozilla's suggested deadline for Symantec to turn over its certificate issuance operations.
-
Risk & Repeat: Comey warns of more election hacking
In this week's Risk & Repeat podcast, SearchSecurity editors discuss former FBI Director James Comey's testimony on election hacking and election interference from Russia.
-
Risk & Repeat: Shadow Brokers launch zero-day exploit service
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Shadow Brokers' monthly service for zero-day exploits and how it may affect enterprise security efforts.
-
Risk & Repeat: GDPR compliance clock is ticking
In this week's Risk & Repeat podcast, SearchSecurity editors discuss GDPR compliance and how the EU law will affect enterprise data privacy and security across the globe.
-
Risk & Repeat: Microsoft slams NSA over EternalBlue
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Microsoft's sharp criticism of the NSA over the EternalBlue Windows vulnerability and WannaCry ransomware.
-
Using threat intelligence tools to prevent attacks on your enterprise
Using threat intelligence tools can help your enterprise stay one step ahead of attackers and possible threats. Learn how threat intelligence can be used in your company.
-
Risk & Repeat: WannaCry ransomware worm shakes tech industry
In this week's Risk & Repeat podcast, SearchSecurity editors look at the devastation caused by the WannaCry ransomware worm and discuss how it could have been prevented.
-
Risk & Repeat: Reviewing Trump's cybersecurity executive order
This week's Risk & Repeat podcast looks at President Trump's cybersecurity executive order and how it aims to address federal government and critical infrastructure issues.
-
Risk & Repeat: Critical Windows bug triggers disclosure debate
This week's Risk & Repeat podcast looks at how a simple tweet about a Windows bug from Project Zero researcher Tavis Ormandy sparked a debate about vulnerability disclosure.
-
Risk & Repeat: Symantec offers plan to restore certificate trust
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Symantec's continued struggles with certificate trust, and what Mozilla and Google are doing about it.
-
Risk & Repeat: More Equation Group cyberweapons leaked
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the latest round of Equation Group cyberweapons and how Microsoft patched them.
-
Risk & Repeat: Mozilla joins the Symantec certificate authority debate
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss mounting pressure on the Symantec certificate authority business to provide answers about its practices.
-
Risk & Repeat: Juniper's Kevin Walker on SDN security challenges
In this episode of SearchSecurity's Risk & Repeat podcast, Kevin Walker, Juniper Networks' security chief technology and strategy officer, talks about SDN security challenges.
-
Risk & Repeat: Strong encryption under fire again
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the latest round of the encryption debate and what it means for apps that use strong encryption.
-
Risk & Repeat: Google slams Symantec certificates
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Google's proposed plan to distrust Symantec certificates following more allegations of mis-issuance.
-
Risk & Repeat: Accused Yahoo hackers indicted
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the indictments of the alleged Yahoo hackers and how the attackers minted Yahoo authentication cookies.
-
Risk & Repeat: Leak of CIA hacking tools creates confusion
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the confusion around WikiLeaks' release of government documents regarding CIA hacking tools.
-
Risk & Repeat: Does the Amazon S3 outage raise security flags?
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Amazon Simple Storage Service outage and why the incident may have security implications.
-
Risk & Repeat: Cloudflare bug poses incident response challenges
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Cloudflare bug that leaked an undetermined amount of customer data over several months.
-
Risk & Repeat: RSA Conference 2017 highlights and trends
In this episode of SearchSecurity's Risk & Repeat podcast, editors recap RSA Conference 2017 and discuss how the show addressed many security problems, but had very few answers.
-
Top three steps to ensure security in big data environments
Ensuring security in big data implementations remains a problem for most enterprises. Learn about the reasons why this is, and how your company can protect sensitive data.
-
Risk & Repeat: Pentagon cybersecurity under fire
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Pentagon cybersecurity amid reports of misconfigured servers at the U.S. Department of Defense.
-
Risk & Repeat: Bad Symantec certificates strike again
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the discovery of more bad Symantec certificates and what it means for the antivirus software maker.
-
Risk & Repeat: Windows SMB warning raises questions, concerns
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the Shadow Brokers' alleged exploit for Windows SMB and what it means for both enterprises and Microsoft.
-
Risk & Repeat: Doxware emerges as a new threat to data privacy
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the emergence of doxware and extortionware and what that means for enterprises and their employees.
-
Risk & Repeat: CES Cybersecurity Forum tackles passwords, IoT
In this episode of SearchSecurity's Risk & Repeat podcast, editors highlight the topics discussed at the CES Cybersecurity Forum, as well as new technologies showcased at the event.
-
Risk & Repeat: Corero on DDoS defense in the IoT era
In this episode of SearchSecurity's Risk & Repeat podcast, Dave Larson of Corero Network Security discusses how DDoS defense has shifted to deal with IoT threats.
-
Risk & Repeat: Tatu Ylonen on solving SSH security woes
In this episode of SearchSecurity's Risk & Repeat podcast, SSH creator Tatu Ylonen talks about the SSH security issues facing enterprises today and how they should be addressed.
-
Risk & Repeat: Second Yahoo data breach uncovered
In this episode of SearchSecurity's Risk & Repeat podcast, the editors discuss the second major Yahoo data breach and what it means for both the company and its users.
-
Risk & Repeat: Avalanche crimeware as a service busted
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the takedown of Avalanche, the crimeware as a service operation, and why the victory may be short lived.
-
Risk & Repeat: IoT botnets spreading, evolving
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the newest developments around IoT botnets and the threats they pose to users, devices and enterprises.
-
Risk & Repeat: Rapid7 tackles IoT threats, vulnerabilities
In this episode of SearchSecurity's Risk & Repeat podcast, Tod Beardsley and Rebekah Brown of Rapid7 talk about the IoT threat landscape and improving IoT device security.
-
Risk & Repeat: Will Rule 41 changes become cybersecurity law?
In this Risk & Repeat podcast, SearchSecurity editors discuss the controversial Rule 41 changes and what they mean for law federal enforcement and cybersecurity practices.
-
Risk & Repeat: Yahoo data breach details emerge
In this Risk & Repeat podcast, SearchSecurity editors discuss new information on the Yahoo data breach, including how counterfeit cookies may have been used by attackers.
-
Preventing trusted users from misusing their privileges
Users with privileged accounts have the ability to make critical changes to your enterprise system. Find out how to control trusted users and prevent malicious actions.
-
Risk & Repeat: Windows zero-day sparks disclosure debate
In this Risk & Repeat podcast, SearchSecurity editors discuss the recent Windows zero-day flaw, Microsoft's criticism of Google over the vulnerability disclosure, and more.
-
Risk & Repeat: Breaking down the latest Mirai IoT botnet attacks
In this Risk & Repeat podcast, SearchSecurity editors discuss the latest information on the Mirai IoT botnet and the latest DDoS attacks, and what it means for enterprise security.
-
Risk & Repeat: DNS DDoS attacks raise concerns over IoT devices
In this Risk & Repeat podcast, SearchSecurity editors discuss the DDoS DNS attacks on Dyn and what they mean for DNS providers, IoT device manufacturers and enterprises.
-
Risk & Repeat: IoT attacks on the rise
In this Risk & Repeat podcast, SearchSecurity editors discuss the new wave of IoT attacks and what they mean for enterprises, security vendors and device manufacturers.
-
Risk & Repeat: US accuses Russia of state-sponsored cyberattacks
In this Risk & Repeat podcast, SearchSecurity editors discuss cyber attribution following the U.S. government's claim that Russia is behind recent state-sponsored cyberattacks.
-
Risk & Repeat: Yahoo breach response, security practices criticized
In this Risk & Repeat podcast, SearchSecurity editors discuss the Yahoo breach and questions and criticism regarding the company's enterprise security practices.
-
Risk & Repeat: More Symantec vulnerabilities emerge
In this Risk & Repeat podcast, SearchSecurity editors discuss the latest Symantec vulnerabilities reported by Google Project Zero and the Shadow Brokers' Cisco exploit.
-
Risk & Repeat: MobileIron's James Plouffe on Mr. Robot, mobile threats
In this Risk & Repeat podcast, SearchSecurity talks with James Plouffe, lead solutions architect at MobileIron and a technical advisor for the television series 'Mr. Robot.'
-
Risk & Repeat: OPM breach report sheds light on infosec failings
In this Risk & Repeat podcast, SearchSecurity editors discuss the recent OPM breach report from Congress and what it means for the state of federal government cybersecurity.
-
Risk & Repeat: Breaking down the Intel Security sale
In this Risk & Repeat podcast, SearchSecurity editors discuss the $3.1 billion Intel Security sale and what it means for the infosec industry, the McAfee brand and Intel.
-
Risk & Repeat: Voter database hacks trigger election concerns
In this Risk & Repeat podcast, SearchSecurity editors discuss the recent cyberattacks on state voter databases and what they could mean for this election season.
-
Risk & Repeat: Shadow Brokers' dump shakes IT industry
In part two of Risk & Repeat's podcast on the Equation Group, SearchSecurity editors discuss the zero-day vulnerabilities discovered in the Shadow Brokers' data dump.
-
Risk & Repeat: Equation Group hack raises questions for NSA
In this Risk & Repeat podcast, SearchSecurity editors discuss the mystery behind the recent Equation Group hack and the motives and identity of the Shadow Brokers.
-
Risk & Repeat: Highlights and lowlights from Black Hat 2016
In this Risk & Repeat podcast, SearchSecurity editors discuss the good and bad news from Black Hat 2016 in Las Vegas, including critical flaws in web protocols.
-
Risk & Repeat: Malicious Tor nodes caught snooping
In this Risk & Repeat podcast, SearchSecurity editors discuss the discovery of malicious Tor secretly collecting information on users and what it means for the project.
-
Risk & Repeat: ASN.1 compiler jeopardizes mobile networks
In this Risk & Repeat podcast, SearchSecurity editors discuss the newly disclosed ASN.1 compiler flaw and its implications for mobile communications and network carriers.
-
Risk & Repeat: How bad is the httpoxy vulnerability?
In this Risk & Repeat podcast, SearchSecurity editors analyze the httpoxy vulnerability and discuss why it took so long to uncover and address a 15-year-old security flaw.
-
Risk & Repeat: Catching the Pokémon GO app permissions flaw
In this Risk & Repeat podcast, SearchSecurity editors try to catch some answers to the controversy around the Pokémon GO app and its permissions flaw.
-
Clinton email server probe highlights government security issues
In this Risk & Repeat podcast, SearchSecurity editors discuss the security lessons of the Hillary Clinton email server probe and the state of federal government cybersecurity.
-
Risk & Repeat: More critical Symantec vulnerabilities emerge
In this Risk & Repeat podcast, SearchSecurity editors discuss a new Google Project Zero report on yet another round of critical Symantec vulnerabilities.
-
Risk & Repeat: Acer data breach shows payment security shortcomings
In this Risk & Repeat podcast, SearchSecurity editors discuss the recent Acer data breach and the questions it raises about the company's payment security practices.
-
Risk & Repeat: Can the Symantec-Blue Coat deal succeed?
In this Risk & Repeat podcast, SearchSecurity editors discuss Symantec's big move to acquire Blue Coat Systems and what it means for both security vendors.
-
Ransomware worm raises concerns for enterprise security
In this Risk & Repeat podcast, SearchSecurity editors break down the discovery of the ZCryptor ransomware worm and what it means for future ransomware threats.
-
Android security policies all enterprises should adopt
Securing Android devices in the enterprise can seem like an uphill task. Applying these Android security policies might reduce the struggle security professionals face.
-
Cyberextortion reaches new heights with bug poaching
In this Risk & Repeat podcast, SearchSecurity editors discuss how a cyberextortion campaign is targeting enterprises that don't have official bug bounty programs.
-
Crypto-confusion: The search for the real bitcoin creator continues
In this Risk & Repeat podcast, SearchSecurity editors discuss Craig Wright's failed effort to prove he is bitcoin creator Satoshi Nakamoto and what that means for cryptocurrency.
-
Symantec vulnerability raises big questions for antivirus industry
SearchSecurity's Risk & Repeat podcast discusses the Symantec vulnerability disclosed by Google Project Zero and what the bug means for the antivirus industry.
-
IAM strategy: Update to work with new technologies
Your organization needs to make decisions about its IAM strategy in order to keep up with the new technologies its deploying. Steps to take begin at the policy level.
-
Top five tips for perimeterless network perimeter security
As enterprise networks go perimeterless, new network perimeter security strategies gain importance. Expert Johna Till Johnson shares five top tips for perimeterless protection.
-
Five ways to prepare employees for social engineering scams
Social engineering scams are abundant, proper preparation and training is key to avoiding the danger. Expert David Sherry discusses social engineering basics and explains how to keep employees out of harm's way.
-
How network traffic analysis helps defeat advanced malware
In this podcast learn how advanced malware works and why network traffic analysis is essential to protect your enterprise's network.
-
New authentication technologies can help boost online success
What authentication technologies make logging in both simple and secure, for customers and companies? This podcast explores authentication techniques that can boost sales and security.
-
Podcast: Explaining CISSP value to infosec pros
Shon Harris of Logical Security offers an insider's perspective on the real value of the CISSP certification and why it has become the gold standard in security certifications.
-
Debunking the myths of authenticated vulnerability scans
When it comes to authenticated vulnerability scans, there are many misunderstandings about the technology that leave organizations wary. Security expert Kevin Beaver explains what to expect from your scans.
-
The top five employee responsibilities in a BYOD security strategy
Behind any successful enterprise BYOD strategy are employees who do the right things.
-
Five key security analytics reports and how to build them
There are security analytics reports so effective you should run them daily. Listen to this podcast to learn what they are and how to build them.
-
Virtual desktop security: Exploring VDI security features
Virtual desktop security is a critical concern for any deployment. VDI security capabilities include encryption application and virtual sandboxing.
-
Fact or fiction: Endpoint threat protection controls that work
In this podcast, Mike Rothman discusses threat protection myths and how to ensure enterprise endpoint security controls are effective.
-
Podcast: Trey Ford on Black Hat 2012 security conference
Security expert Trey Ford talks about the upcoming the Black Hat security conference. Ford is general manager of Black Hat 2012.
-
DNSSEC deployments: The top 5 concerns and how to avoid them
A DNSSEC deployment is possibly the best mitigation for cache poisoning attacks. Learn how to avoid the top five concerns in DNSSEC deployments.
-
Top 5 mistakes to avoid during log management implementations
In this podcast, learn about five key issues to avoid in log management implementations so you can make the most of security event logs to augment your organization’s security posture.
-
Verizon DBIR 2012 overview, attack mitigation strategies
Christopher Porter of Verizon explains some of the findings from the Verizon 2012 Data Breach Investigations Report. This year, hacktivists had a big impact on the numbers.
-
Countdown: Top five ways to prevent a security lapse from becoming a security breach
In this podcast, learn five information security mistakes organizations often make that lead to data breaches, and how to bring resources to bear quickly to mitigate mistakes and avoid a breach.
-
Top Five Ways to Detect Unwanted Data in the Enterprise
Our file servers, workstations, flash drives and cloud services all contain massive amounts of data, driven by the fact that storage has quickly become an inexpensive commodity. It’s often cheaper to just keep everything than to expend time and energy sorting through outdated, irrelevant or inapplicable data. However, this practice can dramatically increase risk to the enterprise by increasing the amount of data vulnerable to an attack. In this podcast, we look at five ways that you can detect the presence of unwanted data in your environment.
-
Information security podcasts
Download these weekly information security podcasts covering the top news and issues enterprise infosec pros care about to your PC or favorite mp3 player.
-
Read-only domain controllers: What are they and why should I care?
Learn the concept of a read-only domain controller and why security professionals should recommend its use in their enterprises.
-
Top 5 leading-edge authentication technologies
Listen to this podcast to learn about the top five leading edge authentication technologies, including facial recognition software, HSPD12 Smart Card, Authentication as a Service, personal portable security devices, and the credit card OTP form factor.
-
Fact or fiction: Pros and cons of database encryption
According to our latest survey of more than 608 enterprise security pros, 80% of enterprises say protecting data is more important in 2007 than last year, and 72% admit they need a better strategy. SearchSecurity.com is responding to this growing need with a multi-lesson Data Protection Security School to help you formulate a comprehensive strategy to secure sensitive info throughout your network. When you are encrypting data within a database you have two basic choices: encrypting the entire database or encrypting specific fields at the data level. This podcast explains the pros and cons of each approach.