Security Weekly Podcast Network (Video‪)‬ Security Weekly

With hundreds or thousands of SaaS apps to secure with no traditional perimeter, Identity becomes the focal point for SaaS Security in the modern enterprise. Yet with Shadow IT, now recast as Business-Led IT, quickly becoming normal practice, it’s more complicated than trying to centralize all identities with an Identity Provider (IdP) for Single Sign-On (SSO). So the question becomes, “How do you enable the business while still providing security oversight and governance?”
This segment is sponsored by Savvy. Visit https://securityweekly.com/savvy to learn more about them!
CISOs encounter challenges in securing data amidst the rapid growth driven by Cloud and GenAI applications. In this segment, we will delve into how Bedrock Security powers frictionless data security, empowering CISOs to securely manage data sprawl, allowing their businesses to operate at optimal speed, without compromising security.
Segment Resources:
Bedrock Security: https://www.bedrock.security/
Bedrock Security X/Twitter: https://twitter.com/bedrocksec
Bedrock Security LinkedIn: https://www.linkedin.com/company/bedrocksec/
House Rx (customer) Case Study: https://tinyurl.com/35v48wx7
Introductory Whitepaper: https://tinyurl.com/5yjeu92b
Innovation Sandbox 2024:  https://www.businesswire.com/news/home/20240402284910/en/Bedrock-Security-Named-RSA-Conference-2024-Innovation-Sandbox-Finalist
 
This segment is sponsored by Bedrock Security. Visit https://securityweekly.com/bedrockrsac to learn more about them!
Show Notes: https://securityweekly.com/vault-asw-10

Check out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on April 18, 2023.
We talk with Ben about the rewards, hazards, and fun of bug bounty programs. Then we find out different ways to build successful and welcoming communities.
Show Notes: https://securityweekly.com/vault-asw-9

Check out this episode from the Secure Digital Life Vault, hand picked by main host Doug White! This segment was originally published on June 8, 2017.
Doug and Russ swim the warm waters of academia, college degrees, types of degrees, and whether or not you need one.
Show Notes: https://securityweekly.com/vault-swn-13

Explore how to transform your third party risk program from a business bottleneck to a business driver. Discover how evidence-based security documentation and AI can streamline risk assessments, completing them in days not months. This data-driven approach will reduce TPRM backlog and allow your security team to move faster, identify risk proactively, and become a business driver for your organization.
This segment is sponsored by VISO TRUST. Visit https://www.securityweekly.com/visotrustrsac to learn more about them!
While client-side resources enable web applications to provide a rich user experience, security teams struggle to gain visibility, insight, and enforcement over them. In this interview, Lynn Marks discusses the latest client-side attack trends observed by Imperva and the pivotal role of client-side protection within PCI DSS 4.0.
This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them!
Show Notes: https://securityweekly.com/vault-bsw-9

Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on June 27, 2022.
Forgepoint Capital’s Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward.
Segment Resources:
Forgepoint’s new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/
Recent exits that Forgepoint supported: - Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint’s blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/)
SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint’s “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/)
LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release: https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint’s blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/ )
Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint’s “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/ )
Show Notes: https://securityweekly.com/vault-bsw-9

Qwiet AI provides real time detection of security vulnerabilities in code along with the best AI generated fixes to aid developers in finding and fixing their code with the addition of AI AutoFix.
This segment is sponsored by Qwiet AI. Visit https://securityweekly.com/qwietrsac to learn more about them!
With scores of security tools implemented, configured, and integrated security teams are overwhelmed while knowing there is still a possibility for a breach. As they work to prioritize threat exposures, it is imperative for organizations to have a clear, context-rich, and up-to-date view of their security posture. Picus Security CTO and Co-founder, Volkan Ertürk, explains how consistent security validation allows security teams to pinpoint gaps, prioritize, and quantify risk so they can reduce threat exposure.
Segment Resources: Picus Red Report 2024: https://www.picussecurity.com/hubfs/Red%20Report%202024/Picus-RedReport-2024.pdf
This segment is sponsored by Picus Security. Visit https://www.securityweekly.com/picusrsac to learn more about them!
Platformization could mean reduction in innovation, reduction in the ability to be flexible, and less competition. But it doesn't have to be this way. Like the IT industry, there are ways for the cybersecurity industry to platformize, but also to have this become a net benefit to the industry as a whole.
Segment Resources: Navigating the SecOps Cloud Platform webinar recording: https://www.youtube.com/watch?v=MbzvLX-W2KY
Recon Infosec Case Study: https://info.limacharlie.io/hubfs/Case%20Studies/LimaCharlieReconInfosecMSSPCase_Study.pdf
Blumira Case Study: https://info.limacharlie.io/hubfs/Case%20Studies/LimaCharlieBlumiraCase_Study.pdf
This segment is sponsored by LimaCharlie. Visit https://securityweekly.com/limacharliersac to learn more about them!
Show Notes: https://securityweekly.com/esw-363