Security Weekly Podcast Network (Audio)

Manual secure code reviews can be tedious and time intensive if you're just going through checklists. There's plenty of room for linters and compilers and all the grep-like tools to find flaws. Louis Nyffenegger describes the steps of a successful code review process. It's a process that starts with understanding code, which can even benefit from an LLM assistant, and then applies that understanding to a search for developer patterns that lead to common mistakes like mishandling data, not enforcing a control flow, or not defending against unexpected application states. He explains how finding...

Security Weekly Podcast Network (Audio)

Interview with Dave Lewis Organizations believe they have a firm grip on security with SSO and corporate IT policies, but in reality, shadow IT lurks in the background—expanding attack surfaces and exposing sensitive data. Employees bypass security controls for the sake of convenience, while SSO fails to provide the comprehensive security net organizations expect. Talk about the critical weaknesses in traditional SSO implementations, how shadow IT thrives under the radar, and why enterprises continue to experience data breaches despite security investments. Can cover real-world examples of...

Security Weekly Podcast Network (Audio)

Broadcom is coming for you, Direct Send, N0auth, UNFI, Cisco, Oneclik, Russ Beauchemin, and More on this episode of the Security Weekly News. Visit for all the latest episodes! Show Notes:

Security Weekly Podcast Network (Audio)

This conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber warfare, the persistent threat of default passwords, and the integration of open source tools in enhancing security measures. The conversation delves into various aspects of cybersecurity, focusing on aircraft tracking, data filtering, the evolution of vulnerability management, and the role of AI in enhancing security...

Security Weekly Podcast Network (Audio)

In this episode, Mandy Logan, Summer Craze Fowler, Jason Albuquerque, and Jeff Pollard of Forrester discuss the challenges and strategies for CISOs in navigating volatility in the security landscape. They emphasize the importance of building relationships within the organization, particularly with the CFO, to manage budgets effectively. The conversation also covers the significance of communicating security needs in terms of compliance and customer requirements, maximizing budget through flex spending, and the role of automation and AI in enhancing security operations. Additionally, they...

Security Weekly Podcast Network (Audio)

In this episode of Security Weekly News, Doug White discusses various cybersecurity threats, including the Salt Typhoon and Spark Kitty malware, the implications of Microsoft's decision to drop support for old hardware drivers, and the potential increase in cyber threats from Iran. The conversation also covers the alarming 16 billion password leak and the evolving landscape of password security, including the rise of passkeys and the challenges posed by AI in misinformation and social engineering. Visit for all the latest episodes! Show Notes:

Security Weekly Podcast Network (Audio)

Fuzzing has been one of the most successful ways to improve software quality. And it demonstrates how improving software quality improves security. Artur Cygan shares his experience in building and applying fuzzers to barcode scanners, smart contracts, and just about any code you can imagine. We go through the useful relationship between unit tests and fuzzing coverage, nudging fuzzers into deeper code paths, and how LLMs can help guide a fuzzer into using better inputs for its testing. Resources Visit for all the latest episodes! Show Notes:

Security Weekly Podcast Network (Audio)

In fast-paced, shared device environments like healthcare, manufacturing, and other critical industries, traditional access management approaches are falling short, quietly eroding both security and productivity. This episode explores how outdated methods, like shared credentials and clunky logins, create friction, increase risk, and undermine compliance. We’ll discuss what a modern, strategic access management approach looks like and how passwordless authentication solutions are closing the gap between security and usability. To learn more about passwordless authentication in healthcare and...

Security Weekly Podcast Network (Audio)

Donut Holes, clickfix, rapperbots, bad devs, war, Doug Rants about Backups, and More on this episode of the Security Weekly News. Visit for all the latest episodes! Show Notes:

Security Weekly Podcast Network (Audio)

This week: * The true details around Salt Typhoon are still unknown * The search for a portable pen testing device * Directories named "hacker2" are suspicious * Can a $24 cable compete with a $180 cable? * Hacking Tesla wall chargers * Old Zyxel exploits are new again * Hacking Asus drivers * Stealing KIAs - but not like you may think * Fake articles * Just give everything to LLMs, like Nmap * Retiring Floppy disks * An intern leaked secrets * Discord link hijacking * Cray vs. Raspberry PI * More car hacking with BMW Visit for all the latest episodes! Show Notes: