Identity Resilience: The Next Frontier in Security - Hed Kovetz, Ray Zadjmool, Jeff Margolies - BSW #350
Security Weekly Podcast Network (Audio)
Release Date: 05/13/2024
Security Weekly Podcast Network (Audio)
Trust in Microsoft, Apple, and the Holy AI, Amen, Moonstone Sleet, Cheating, Joshua Marpet, and More, on this edition of the Security Weekly News. Visit for all the latest episodes! Show Notes:
info_outline GenAI, Security, and More Lies - Aubrey King - PSW #832Security Weekly Podcast Network (Audio)
We will discuss LLM security in general and some of the issues covered in the OWASP Top 10 for LLMs! Segment Resources: Skyrocketing IoT vulnerabilities, bricked computers?, MACBORG!, raw dogging source code, PHP strikes again and again, if you have a Netgear WNR614 replace it now, Arm Mali, new OpenSSH feature, weird headphones, decrypting firmware, and VPNs are still being hacked! Visit for all the latest episodes! Show Notes:
info_outline Buzz Aldrin, the Gray Lady, Veeam, Microsoft squared, Nvidia, Josh Marpet... - SWN #392Security Weekly Podcast Network (Audio)
Buzz Aldrin punches me in the face, the Gray Lady, Veeam, Microsoft squared, Nvidia, Hardware, Pentests, Josh Marpet, and more on this Edition of the Security Weekly News. Visit for all the latest episodes! Show Notes:
info_outline Microsoft Recall's Security & Privacy, Hacking Web APIs, Secure Design Pledge - ASW #288Security Weekly Podcast Network (Audio)
Looking at use cases and abuse cases of Microsoft's Recall feature, examples of hacking web APIs, CISA's secure design pledge, what we look for in CVEs, a nod to PHP's history, and more! Visit for all the latest episodes! Show Notes:
info_outline The State of the Cybersecurity Market, At Least According to Gartner - Vivek Ramachandran, Carl Froggett, Padraic O'Reilly - BSW #353Security Weekly Podcast Network (Audio)
Did you miss Gartner Security & Risk Management last week in National Harbor, MD? Don't worry, Padraic O'Reilly, Founder and Chief Innovation Officer at CyberSaint, joins us to discuss the hot topics that were presented at the conference last week, including: Artificial Intelligence(AI) Continuous Threat Exposure Management(CTEM) Identity & Access Management (IAM) Cyber Risk Padraic will also discuss the changing role of the CISO, at least in the eyes of Gartner. Don't miss this recap. This segment is sponsored by CyberSaint . Visit to learn more about them! The recent rise in...
info_outline AI, Lockbit, Veeam, Club Penguin, Kali, Commando Cat, HugeGraph, Aaran Leyland... - SWN #391Security Weekly Podcast Network (Audio)
Burning AI, Lockbit, Veeam, Club Penguin, Kali, Commando Cat, HugeGraph, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit for all the latest episodes! Show Notes:
info_outline Interest in Identity Security is Spiking - John Shier, Will Lin, Christopher Harrell, Jim Broome - ESW #364Security Weekly Podcast Network (Audio)
"Identity security has been around forever though", you might be thinking. Allow me to clarify. Identity is the largest cybersecurity product category, but most of it is focused on identity governance, authentication, multi-factor, etc. Very little of it is focused on operational identity security. It's this trend, where we recently (within the last 2 years) started seeing the ITDR (Identity Threat Detection and Response) acronym that we'll be focused on today. Particularly: Why is this trend/spike occurring now? What was or is missing to do identity security properly? What does the future of...
info_outline Whose Vulnerability Is It Anyway? - Josh Bressers - PSW #831Security Weekly Podcast Network (Audio)
Josh comes on the show to discuss all things related to vulnerability tracking and scoring, including the current issues with various systems and organizations including NIST, CVE, Mitre, CVSS, NVD, and more! Segment Resources: NVD blog post Josh wrote: Josh's Latest post: Josh's podcasts: This week: Take on the upstream, how hard is it to patch end-of-life software, hack millions of routers, take over millions of routers, 0-days, and no responses, hack Taylor Swift wristbands, can you detect that covert channel?, and breach reports from Ticketmaster, Snowflake, Santander, and TikTok,...
info_outline Gold Pressed Latinum, VBScript, ORBS, Rockwell, Chrome, SKY, Aaran Leyland, and More - SWN #389Security Weekly Podcast Network (Audio)
Gold Pressed Latinum, VBScript, ORBS, Rockwell, Chrome, SKY, Aaran Leyland, and More on this edition of the Security Weekly News. Visit for all the latest episodes! Show Notes:
info_outline BCNF, Azure, Roaring Kitty, Hugging Face, Okta, Linux, Oracle, Josh Marpet... - SWN #390Security Weekly Podcast Network (Audio)
Boyce Codd Normal Form, Azure, Roaring Kitty, Hugging Face, Okta, Linux, Oracle, Josh Marpet and more, are on this edition of the Security Weekly News. Visit for all the latest episodes! Show Notes:
info_outlineIn today's enterprises, the Identity Access Management (IAM) System is the key to a business' critical operations. But that IAM environment is more vulnerable than most security executives realize.
Segment Resources: https://www.mightyid.com/articles/the-r-in-itdr-the-missing-piece-in-identity-threat-detection-and-response
https://www.mightyid.com/download-am-i-covered
https://www.mightyid.com/articles/vegas-under-cyber-attack-what-went-wrong
This segment is sponsored by MightyID. Visit https://securityweekly.com/mightyid to learn more about them!
AI is more than just a buzzword. Done right, AI can improve decision making and scale your identity security platform to manage every identity, human and machine, physical and digital. Learn about how Saviynt’s #1 Identity Security platform is leveraging a variety of AI capabilities to enhance the user experience and improve identity security and compliance, bringing AI to life in a practical, market leading way to drive value for our customers.
Segment Resources: https://saviynt.com/blog/analytics-ai-automation-and-abstraction-pioneering-the-next-chapter-in-identity-security/
This segment is sponsored by Saviynt. Visit https://www.securityweekly.com/saviyntrsac to learn more about them!
The common misperception that identity infrastructure and IAMs like Active Directory, Okta, or Ping can adequately secure the entire identity infrastructure is to blame for the continued barrage of cyber and ransomware attacks. Yes, each of these vendors has security controls baked into their solution, however they cannot extend those controls outside their environments to provide visibility, context, and protection beyond their walls. Hackers use the gaps between these tools to move throughout a company and evade detection. We don't expect Dell or Lenovo to protect our entire suite of endpoints. Nor do expect a single cloud provider to protect all your clouds; we rely on Wiz for that. Identity infrastructure remains the most unprotected part of the technology stack and needs dedicated protection, as organizations already apply for cloud, endpoints, or networks. Watch this conversation with Hed Kovetz as he takes us through why identity security remains the most unprotected part of the security stack, and what needs to change to advance the state of cybersecurity.
Segment Resources: https://www.silverfort.com/the-identity-underground-report/
This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw-350