BH2020 Episode #3 – August 05, 2020
Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe
1. A Decade After Stuxnet’s Printer Vulnerability – 11:00 AM-11:15 AM
Description
We will describe the Print Spooler vulnerabilities that are found in Windows OS, and will explain how it’s related to Stuxnet. We will also release several tools. The name of Peleg and Tomer’s talk is entitled “A Decade After Stuxnet’s Printer Vuln: Printing is Still the Stairway to Heaven”, and is scheduled for August 6th at 11am PT during Black Hat 2020!
Guest(s)
Hosts
2. Planning Security Strategy Without The Black Hat Expo? – 11:45 AM-12:00 PM
Sponsored By
Visit https://securityweekly.com/crowdstrike for more information! Description
Visit https://securityweekly.com/crowdstrike for more information!
Description
This year we’ve seen organizations accelerate their so-called digital transformation almost overnight. Now we’re getting to the point where security leaders and business owners need to stop and take stock of what happened, what’s a temporary band aid, and figure out how to build their strategy without the luxury of getting yelled at by vendor booths in Mandalay Bay.
This segment is sponsored by CrowdStrike. Visit https://securityweekly.com/crowdstrike for a totally free trial!
CrowdStrike at Black Hat USA 2020 https://www.crowdstrike.blog/join-crowdstrike-at-black-hat-2020/
Guest(s)
Hosts
3. Defining the Dynamic Application Security Testing Market – 12:30 PM-12:45 PM
Sponsored By
Visit https://securityweekly.com/netsparker for more information! Description
Visit https://securityweekly.com/netsparker for more information!
Description
Dynamic application security testing (DAST) for web applications has come a long way, establishing a niche market with a variety of offerings. In this segment Ferruh will discuss the big differences in DAST solutions available and help you understand which one is a pure DAST that you could rely on the most in this day and age.
This segment is sponsored by Netsparker.
Visit https://securityweekly.com/netsparker to get a trial of the best dynamic application scanning solution on the market!
Guest(s)
Hosts
4. Effectively Protecting Your Users Against Ransomware & Zero-Day Exploits – 01:15 PM-01:30 PM
Sponsored By
Visit https://www.securityweekly.com/threatlocker for more information! Description
Visit https://www.securityweekly.com/threatlocker for more information!
Description
ThreatLocker CEO, Danny Jenkins explains why his new approach of blocking everything that is not trusted and only allowing those applications that are approved, is a cleaner and more comprehensive approach to ensuring malware does not end up on your networks.
During this segment, Danny explains how he’s changing the entire approach and paradigm to cybersecurity.
This segment is sponsored by ThreatLocker.
To effectively protect your users from ransomware and zero-day exploits, visit https://www.securityweekly.com/threatlocker
Segment Resources: https://www.threatlocker.com/resources/stop-ransomware-12-things-you-should-have-done-to-stop-ransomware/ https://www.threatlocker.com/resources/less-hackable-for-small-business-owners/ https://www.youtube.com/threatlocker
Guest(s)
Hosts
5. What’s Next In Work From Home Security? – 02:00 PM-02:15 PM
Sponsored By
Visit https://securityweekly.com/bitsight for more information! Description
Visit https://securityweekly.com/bitsight for more information!
Description
Security professionals need to be thinking of the next evolution of the approach from working from home, specifically focusing on the security of the home network for both employees and third party contractors. Stephen Boyer discusses how to rate the risk of these new attack vectors using data BitSight already has…
To request a security snapshot report, visit: https://securityweekly.com/bitsight
Resources:
https://www.bitsight.com/blog/identifying-unique-risks-of-work-from-home-remote-office-networks
https://www.bitsight.com/blog/coronavirus-pandemic-leads-to-new-and-evolving-cyber-threats
Guest(s)
Hosts
6. The Paramedic’s Guide to Surviving Cybersecurity – 02:45 PM-03:00 PM
Description
The security world is fraught with cases of mental health issues, burnout, substance abuse, and even suicide. We live in a world of threats and responses that trigger the deepest parts of our psyche; with the barriers between “online” and the physical world constantly crumbling. While some deal in theory, many of us deal with real incidents, challenges, and dangers every day and are constantly looking for techniques to respond better while staying saner.
Rich will share the lessons he learned in decades of emergency response and show how to apply them to your security career and daily practice to improve your effectiveness and mental resiliency.
Guest(s)
Hosts
7. Developer Security Champions – 03:30 PM-03:45 PM
Description
Firms that want to secure applications are challenged by understaffed security teams and lack of security awareness on the part of developers. Developer security champions are developers who act as a security point of contact in their team, but programs to create and support them require investment and planning.
Guest(s)
Hosts
8. Third-Party Risk Management (TPRM) – 04:15 PM-04:30 PM
Description
A firm’s network of third-party relationships can be a source of strength and an Achille’s heel, depending on the maturity of their risk management process. Companies have limited or no control over how third-parties secure their technology infrastructure, their applications, and their data, yet they’re on the hook for breaches, cybersecurity incidents, and regulatory fines incurred.
Guest(s)
Hosts
9. The Intersection of Security & Privacy Operations – 05:00 PM-05:15 PM
Sponsored By
Visit https://securityweekly.com/spirion for more information! Description
Visit https://securityweekly.com/spirion for more information!
Description
Are security operations teams prepared to respond to privacy threats? Although you can achieve security without privacy, namely keeping information safeguarded from those that should not have access, you can not keep data private without security. How can we address this challenge?
This segment is sponsored by Spirion.
Visit https://securityweekly.com/spirionbh to learn more about them!
Listners should visit the resources made available by Spirion to help understand how to deal with the challenges of Security and Privacy as they converge: https://info.spirion.com/2020-07-31_WB_TechTalkDPM_LPReg.html