State of Modern Application Security: 6 Key Takeaways For 2022
In this Expert Insight, Harshil Parikh, CEO of Tromzo, reveals findings from the company's recent State of Modern Application Security Report, a survey of 400 appsec professionals. The post State of Modern Application Security: 6...
Episode 233: Unpacking Log4Shell’s Un-coordinated Disclosure Chaos
In this episode of the podcast (#233) Mark Stanislav, a Vice President at the firm Gemini, joins Paul to talk about what went wrong with disclosure of Log4Shell, the critical, remote...
Episode 232: Log4j Won’t Go Away (And What To Do About It.)
In this episode of the podcast (#232), Tomislav Peričin of the firm ReversingLabs joins us to talk about Log4Shell, the vulnerability in the ubiquitous Log4j Apache library. Tomislav tells us why...
Episode 229: BugCrowd’s Casey Ellis On What’s Hot In Bug Hunting
We talk with Casey Ellis, founder and CTO of BugCrowd about how the market for software bugs has changed since the first bug bounty programs emerged nearly 20 years ago, and...
Spotlight: When Ransomware Comes Calling
With the attention given to the threats posed by ransomware, why do organizations still fall victim to these attacks? Max Henderson, the Manager of Incident Response at Pondurance joins us to...
Episode 226: The Cyber Consequences Of Our Throw Away Culture
We speak with John Shegerian of ERI about his new book: “The Insecurity of Everything” and how our e-waste may be exposing sensitive data to other nations. The post Episode 226: The...
DEF CON: Security Holes in Deere, Case IH Shine Spotlight on Agriculture Cyber Risk
A demonstration at DEF CON of glaring flaws in software by agricultural equipment giants John Deere and Case IH raise the specter of remote, software-based attacks that could cripple farms and...
Spotlight: Securing the Great Resignation with Code 42
Mark Wojtasiak, the Vice President of Security Industry research at Code42 joins us to talk about how companies can handle the security risks that accompany the COVID-inspired “great resignation” in corporate...
Episode 220: Unpacking The Kaseya Attack And Securing Device Identities on the IoT
In this episode of the podcast, sponsored by Trusted Computing Group we dig deep on this week’s ransomware attack on the Kaseya IT management software with Adam Meyers of CrowdStrike and...
Dispute Over Data Leak Highlights Legal Risks for UK Researchers
An expensive, months-long legal tussle between a UK engineer and a healthcare non-profit is spurring calls for reform to the country’s 30 year-old Computer Misuse Act, which Dyke and others contend...