One Hell of a Show – PSW #666
Full Audio
View Show IndexSegments
1. The Patchless Horseman – Roi Cohen & David Asraf – PSW #666
Every time you deploy a patch nothing has ever gone wrong, right? Most of us have been burned by deploying a patch, causing downtime in your environment, getting in trouble with users and management for causing an outage and having to back out a patch, then re-deploy. The team at Vicarious has a way to apply in-memory virtual patches that mitigate exploitation and do not require binaries to be altered. Tune-in for the full description and demo! This segment is sponsored by Vicarius.
Visit https://securityweekly.com/vicarius to learn more about them!
Sponsored By
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Guests
Roi has over 13 years of experience as a pentester, IT admin, and CISO. In his current Role as Vicarius VP Sales, he helps companies to better product their infrastructure against software vulnerabilities.
David is a graduate of an elite technology unit in the Israeli army and holds a BSc in computer science. He has worked in various security roles and was a lead developer at Checkpoint. Currently, he is a C++ developer @Vicarius, leading multiple research projects.
Hosts
2. Building Security Into the DevOps Lifecycle – Sumedh Thakar – PSW #666
DevOps has gained momentum over the years as its methods have been used by teams worldwide to accelerate application delivery. But where we continue to struggle is in integrating security into this workflow. In this discussion, Sumedh Thakar, president and chief product officer at Qualys, will talk with the Security Weekly Team about the importance of building security into the CI/CD pipeline to ensure the quality of code and to protect the application and data infrastructure. He'll talk about Qualys' own DevOps strategy and the lessons learned as his team built out the DevOps toolchain and how it integrated security best practices within the DevOps lifecycle. This segment is sponsored by Qualys.
Visit https://securityweekly.com/qualys to learn more about them!
Sponsored By
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Guest
As CEO, Sumedh leads the company’s vision, strategic direction and implementation. He joined Qualys in 2003 in engineering and grew within the company, taking various leadership roles focused on helping Qualys deliver on its platform vision. Since 2014, he has served as Chief Product Officer at Qualys, where he oversaw all things product, including engineering, development, product management, cloud operations, DevOps, and customer support. A product fanatic and engineer at heart, he is a driving force behind expanding the platform from Vulnerability Management into broader areas of security and compliance, helping customers consolidate their security stack. This includes the rollout of the game-changing VMDR (Vulnerability Management, Detection and Response) that continually detects and prevents risk to their systems, Multi-Vector EDR, which focuses on protecting endpoints as well as Container Security, Compliance and Web Application Security solutions. Sumedh was also instrumental in the build-up of multiple Qualys sites resulting in a global 24×7 follow-the-sun product team.
Sumedh is a long-time proponent of SaaS and cloud computing. He previously worked at Intacct, a cloud-based financial and accounting software provider. He also worked at Northwest Airlines developing complex algorithms for its yield and revenue management reservation system. Sumedh has a bachelor’s degree in computer engineering with distinction from the University of Pune.
Hosts
3. Chrome Sandbox Exploit, Cisco Jabber CVE, & Lea Snyder w/ BSides Boston – PSW #666
We welcome special guest Lea Snyder, BSides Boston Organizer, to talk all things BSides Boston 2020 for its 10 year anniversary! In the Security News, Cisco Patches Critical Vulnerability in Jabber for Windows, Expert found multiple critical issues in MoFi routers, TeamTNT Gains Full Remote Takeover of Cloud Instances, Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks, Former NSA chief General Keith Alexander is now on Amazon’s board, and the Legality of Security Research is to be Decided in a US Supreme Court Case!
Announcements
BSides Boston is back in action for their 10 year anniversary! The conference will be held on Saturday, September 26th & tickets are only $10! Get yours at https://bsidesbos.org! Some of the Security Weekly team will be in our own channel on the BSides Boston Discord server answering questions and possibly doing some contests!
Guest
Lea Snyder is the lead organizer for BSides Boston. She helped organize the conference in 2014 & 2015 and was the lead organizer for 2016 & 2017. She started volunteering for BSides Seattle in 2016 and quickly joined the organizing team. She is the co-founder of Layer 8 Conference with Patrick Laverty. Lea is passionate about giving back to the security community, creating an atmosphere that is welcoming to all participants, and learning something new along the way.
Hosts
