Podcast
Security Weekly Podcast Network (Video)
Hosted by Security Weekly Productions · EN
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape.
Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
82episodes
Episodes
Newest firstAll episodes
FCC, Github, MiniShai-hulud, Stated of Supply Chain, Itron, CRA, NIS2, and more!! - PSW #927
2w ago02:02:28Tap to summarizeIn the security news this week: FCC router bans and the hidden firmware update problem Why extending support timelines actually improves security Github supply chain concerns and the evolving SBOM ecosystem CRA and NIS2 compliance deadlines are getting very real The EU Cyber Resilience Act's 24-hour vulnerability disclosure requirement Security regulation: vertical vs horizontal compliance models Vehicle-to-load EV systems powering homes during outages Solar, batteries, AI farms, and the future economics of electricity Data centers consuming regional power grids BitLocker "Yellow Key" fallout and large-scale remediation challenges AI-generated PowerShell fixes and the rise of vibe scripting Linux kernel exploits, module jail, and default deny strategies Medical biometric data theft and why fingerprints are terrible passwords Interpol cybercrime operations across the MENA region OT security, connected vehicles, and accepting real-world risk The crew also discusses threat intelligence obligations under the CRA, the operational realities of patching at enterprise scale, the economics of secure-by-default systems, and why making security cheaper than insecurity might finally move the industry forward. Show Notes: https://securityweekly.com/psw-927
Transcribe →
Shift to Prevention and Enforcement as We Repeat Security Mistakes With AI - Rob Allen - BSW #448
2w ago01:02:32Tap to summarizeOver the last decade, cybersecurity heavily invested in EDR, XDR, SIEM, telemetry, and SOC-driven operations. We stopped asking how to stop attacks and started asking how fast we could detect them. However, Mythos and frontier models have changed that paradigm. How do you detect a -7 day vulnerability? Detection and response cannot keep, so what's the answer? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss why cybersecurity is shifting from detection and response to prevention and enforcement. As attackers accelerate through automation and AI, organizations are revisiting prevention-focused controls. Rob will discuss why organizations need to adopt application allowlisting, Zero Trust, Ringfencing, and policy enforcement to reduce attacker freedom before execution occurs. Prevention-first security is the only way to decrease the AI attack surface. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, What CISOs need to land a board role, The Security Mistakes Being Repeated With AI, When Senior Leaders Lack People Skills, Transformations Fail, and more! Show Notes: https://securityweekly.com/bsw-448
Transcribe →
My Mother the Car, AI Slop, Nginx, Polyscope, Drupal, , GitHub, Aaran Leyland... - SWN #582
2w ago00:38:33Tap to summarizeMy Mother the Car, AI Slop, Nginx, Polyscope, Drupal, GitHub, Aaran Leyland, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-582
Transcribe →
The State of AI & AppSec - Keith Hoodlet - ASW #383
2w ago01:02:56Tap to summarizeThis year has been a dichotomy of established secure design fundamentals and burgeoning chaos of LLM-driven vuln discovery. Keith Hoodlet returns to share his latest observations on what the recent news about Mythos, models, and harnesses means for appsec. He walks through the problems of misalignment, the potential development doom that looms behind a volume of vulns, and what modern code creation looks like. Along the way we touch on the economics of tokens and the principles behind secure software. Keith gave a preview of his upcoming presentation (May 22nd) on these topics. Check out https://securing.dev/about/ for the slides and more of his writing on appsec. Show Notes: https://securityweekly.com/asw-383
Transcribe →
AI Has a data problem, cascading breaches, and the weekly news - Dimitri Sirota - ESW #459
2w ago01:36:29Tap to summarizeInterview with Dimitri Sirota from BigID Most organizations think AI risk lives in the model – or the identity. It doesn't. It lives in the data. In this episode, BigID's CEO reframes the conversation: why legacy access controls are breaking down, why visibility into sensitive data is the missing foundation, and what it takes to govern humans and machines under a single, accountable framework. Segment Resources: BigID's Agent Access Management Guide BigID's podcast, CTRL + ALT + AI This Week's Topic: Cascading Breaches We're seeing more and more 3rd and 4th party attacks that chain through multiple layers of compromised tools and services. In this topic segment, we discuss the two main aspects of this trend: How we can stop the chain of breaches from a third party library, vendor, or service provider How this might get handled at the legal, contractual, and organizational levels We discuss two big recent examples: Sonicwall's 2025 breach of their cloud firewall configuration backup service The compromise of Aqua Security's widely used Trivy open source tool The Weekly Enterprise News Finally, in the enterprise security news, Funding and M&A courtesy of the Security, Funded newsletter We have evidence that attackers are leveraging AI now (this sounds like old news, but there was little to no evidence before, when people were claiming this) The Angry admin problem emerges again Vulnerability information is getting crazy to keep up with Breach information is getting crazy to keep up with You can give your Agents an allowance now - don't spend it all in one place Are vulnerabilities sparse or dense? Mythos, as a model, isn't all that special Deploy your own deception sensors! Japan made something weird. Again. All that and more, on this episode of Enterprise Security Weekly. This segment is sponsored by BigID. Visit https://securityweekly.com/bigid to learn more about them! Show Notes: https://securityweekly.com/esw-459
Transcribe →
Cisco, Canvas, Microsoft, Exchange 0-Days, NPM Backdoors, GPT-5.5 and more... - SWN #581
3w ago00:33:59Tap to summarizeCisco Catalyst, Canvas, Exchange 0-Days, BitLocker Bypass, Mini Shai Hulud, Node IPC, Patch Tuesday, GPT-5.5, Supply Chain Attacks, and More on the Security Weekly News Show Notes: https://securityweekly.com/swn-581
Transcribe →
You're not going to patch your way out of this - PSW #926
3w ago02:02:53Tap to summarizeThis week: New Yellowkey bitlocker bypass and what it means for you Hackers can run you over with a robot lawnmower FCC says new things about routers, again Glitching with AI almost no false positives AI thought it was evil DirtyFrag and the sad state of Linux LPEs You can buy better tools, perfect security, and other lies The Canvas breach Hackers can still take over trains Baby monitors, on the Internet! dnsmasq flaws I am now paying attention to Swordfish A neat vulnerability for ransomware Mythos, Curl, and how to do secure software Various ways to use AI to find bugs, spoiler, you don't need Mythos Show Notes: https://securityweekly.com/psw-926
Transcribe →
Optimize Legal Operations as the CISO Role Changes to Address Skills Gaps and AI - Walter Scott Wilkens - BSW #447
3w ago00:53:45Tap to summarizeLegal departments are under continual pressure to solve problems effectively and integrate innovative technology all while reducing costs and complexity. Enter cybersecurity, a complex and potentially costly risk. How should legal departments prepare? Walter Wilkens, Head of Delivery, North America at DWF Legal Operations, joins Business Security Weekly to discuss how legal operations can help optimize your legal department by eliminating bottlenecks, identifying and fixinginefficiencies and developing processes tailored to enhance your team's performance. Walter will discuss how you can move from a lack of coordination to a structured legal operations to address cyber incidents before and after the event. In the leadership and communications segment, The Art of Security: It Is Time to Rethink the CISO's Role, The Best Leaders Embrace the Role of Supporting Character, Empathetic Leadership Can Make or Break AI Adoption, and more! Show Notes: https://securityweekly.com/bsw-447
Transcribe →
Tomato, JDownloader, TempPCP, Bad Vibes, Dirty Frag, Giedi Prime, Aaran Leyland... - SWN #580
3w ago00:35:07Tap to summarizeTomato, JDownloader, TempPCP, Bad Vibes, Dirty Frag, Marketing, Shai Haluds, Giedi Prime, Aaran Leyland, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-580
Transcribe →
Why Basic Security Practices Still Work - Rob Allen - ASW #382
3w ago01:11:53Tap to summarizeIf you have to ditch your entire appsec strategy because you expect 2026 to bring more vulns more quickly, then you probably didn't have a good strategy in the first place. Rob Allen shares how the mentality of "assume breach" doesn't have to be a defeatist attitude and can instead be a way to change a catastrophic breach into a more contained one. We also talk about proactive security and what an "avoid breach" attitude could look like, including how to apply the macro lessons of default deny and network isolation to writing secure code. Resources https://www.threatlocker.com/blog/the-claude-mythos-preview-proves-now-is-the-time-for-zero-trust?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=claudemythosaswq226&utmcontent=claudemythosasw-&utm_term=podcast https://www.threatlocker.com/capabilities/zero-trust-network-access?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=ztnaq226&utmcontent=ztna-&utm_term=podcast https://www.threatlocker.com/capabilities/zero-trust-cloud-access?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=ztcaq226&utmcontent=ztca-&utm_term=podcast This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/asw-382
Transcribe →