Enterprise Security Weekly Subscribe

Vulnerability Management, Cloud Security, Application security, Security Staff Acquisition & Development

Crown Jewels – ESW #191

July 24, 2020

Full Audio

View Show Index

Segments

1. The Evolution of Enterprise Web Apps & Its Impact on Web Security – Mark Ralls – ESW #191

Over the last 15 years the web application landscape has changed more dramatically than many might realize, including the exponential growth in the number of web sites, the rise of complex web apps, the growing web traffic through APIs and more. Let's discuss what this means for enterprises web security and how to mitigate a growing cybersecurity risk.

Visit https://securityweekly.com/acunetix to learn more about them!

Announcements

We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

Guest

President and Chief Operating Officer at Acunetix by Invicti

Mark Ralls is President and Chief Operating Officer of Invicti Security, a world leader in web application vulnerability scanning. In this role, Mark leads several functions, including the company’s Marketing team. Prior to joining Invicti, Mark was Managing Director of Business Operations at Vista Consulting Group, the consulting arm of Vista Equity Partners. Prior to joining Vista, Mr. Ralls worked as Senior Vice President of Product Management and Strategy at Social Solutions Global, where he led Product Management and Product Marketing teams and was responsible for driving product strategy for nonprofit and public sector customers. Before his time with Social Solutions, Mr. Ralls worked at SolarWinds, a provider of IT management software, where he served as Group Vice President of Business Applications and Analytics. Prior to SolarWinds, Mr. Ralls worked at the Boston Consulting Group, where he consulted for Fortune 1000 clients across a number of industries and functions.

Hosts

Chief Product Officer at CyberSaint

Paul Asadoorian

Principal Security Researcher at Eclypsium

https://securitypodcaster.com

2. Secretless & the End of Application Secrets as We Know Them – Brian Kelly – ESW #191

Passwords, keys, and other secrets are becoming an outdated technique for applications to use. They are usually over-privileged, easy to steal, and very hard to handle securely. Developers frequently log them by accident or stash them in unsafe places. The Secretless pattern is a new way of architecting applications that guarantees that the application never handles the secrets it needs to access databases or other secure resources. Secretless architectures open up a whole set of opportunities for a new model of secure application development and governance. This segment is sponsored by CyberArk.

Visit https://securityweekly.com/cyberark to learn more about them!

Announcements

Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

Head of Conjur Engineering for CyberArk at CyberArk

http://cyberark.com/

Brian is Head of Conjur Engineering for CyberArk. He leads the R&D teams focused on DevOps integration products. Brian has over 20 years of experience as a software leader, having been a VP of Engineering at multiple technology companies prior to joining CyberArk. He has deep experience in DevOps, cybersecurity, distributed systems, and SaaS. His current professional focus is on increasing the security of application development while also the kind of high velocity that markets now demand.

Hosts

Chief Product Officer at CyberSaint

Paul Asadoorian

Principal Security Researcher at Eclypsium

https://securitypodcaster.com

3. An Overview of Black Hat USA 2020 – Steve Wylie – ESW #191

Tune-in to get the inside scoop on Blackhat 2020! Steve Wylie, Black Hat General Manager, joins us to talk about to what attendees can expect from this year's virtual Blackhat event. Steve discusses the highly-anticipated briefings, trainings, new tracks, community programs, and the all new virtual conference platform.

Announcements

Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guest

General Manager at Black Hat

http://informa.com/

Steve Wylie is a senior business leader with extensive experience in the event industry, leading highly regarded business technology conferences. His background includes launching new conferences focused on the latest technology trends as well as running major industry events around the world. He is currently General Manager over Informa Tech’s Black Hat business, overseeing a portfolio of information security events and leading the company’s overall strategy for the Information Security sector.

Hosts

Chief Product Officer at CyberSaint

Paul Asadoorian

Principal Security Researcher at Eclypsium

https://securitypodcaster.com

Related

Vulnerability Management

Dysentery, TP-Link, Piracy, Calendar Scams, Tencent, TikTok, Aaran Leyland and More.. – SWN #439

December 20, 2024

Dysentery, TP-Link, Piracy, Calendar Scams, Tencent, TikTok, Aaran Leyland, and More, on this edition of the Security Weekly News.

Vulnerability Management

2024 End-of-Year News and Wrapup – ESW #388

December 19, 2024

As we wrap up the year, we have an honest discussion about how important security really is to the business. We discuss some of Katie's predictions for AppSec in 2025, as well as "what sucks" in security!

Vulnerability Management

Vogons, Task Scams, HiatusRat, Cellebrite, Deloitte, Quantum, Aaran Leyland, and More – SWN #438

December 17, 2024

Vogons, Task Scams, HiatusRat, Cellebrite, Deloitte, Quantum, WordPress, Aaran Leyland, and more on the Security Weekly News.