Exploring the practical and exciting alternate realities that can be unleashed through cloud driven transformation and cloud native living and working. Each episode, our hosts Dave, Esmee & Rob talk to Cloud leaders and practitioners to understand how previously untapped business value can be released, how to deal with the challenges and risks that come with bold ventures and how does human experience factor into all of this? They cover Intelligent Industry, Customer Experience, Sustainabili ...
…
continue reading
DevSecOps Podcasts
Practical DevSecOps (a Hysn Technologies Inc. company) offers vendor-neutral and hands-on DevSecOps and Product Security training and certification programs for IT Professionals. Our online training and certifications are focused on modern areas of information security, including DevOps Security, AI Security, Cloud-Native Security, API Security, Container Security, Threat Modeling, and more.
…
continue reading
Expert analysts from Enterprise Management Associates (EMA) discuss the latest technologies impacting cybersecurity.
…
continue reading
About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.
…
continue reading
This is the show by and for DevSecOps practitioners who are trying to survive information overload, get through marketing nonsense, do the right technology bets, help their organizations to deliver value, and last but not the least to have some fun. Tune in for talks about technology, ways of working, and news from DevSecOps. This show is not sponsored by any technology vendor and trying to be as unbiased as possible. We talk like no one is listening! For good or bad :) For more info, show n ...
…
continue reading
Securing the future of DevOps and AI: real talk with industry leaders.
…
continue reading
Chris Romeo and Robert Hurlbut dig into the tips, tricks, projects, and tactics that make various application security professionals successful. They cover all facets of application security, from threat modeling and OWASP to DevOps+security and security champions. They approach these stories in an educational light, explaining the details in a way those new to the discipline can understand. Chris Romeo is the CEO of Devici and a General Partner at Kerr Ventures, and Robert Hurlbut is a Prin ...
…
continue reading
Interviews from Bret Fisher's live show with co-host Nirmal Mehta. Topics cover container and cloud topics like Docker, Kubernetes, Swarm, Cloud Native development, DevOps, SRE, GitOps, DevSecOps, platform engineering, and the full software lifecycle. Full show notes and more info available at https://podcast.bretfisher.com
…
continue reading
Where LLMs, AI Agents, and MCP tools meet DevOps. How can we humans use non-deterministic, often hallucinating LLMs to automate our infrastructure and help us with the job of software lifecycle management? I’m Bret Fisher, and this is the Agentic DevOps podcast. After the invention of AI Agents and the MCP standard in late 2024, I started this podcast in early '25 with a narrow topic focus… to document and advise how AI Agents, MCP tools, and large language models can be used in the real wor ...
…
continue reading
Where Automation Meets Security
…
continue reading
DevOps was always meant to include security, but in reality, the cultures didn’t align—leaving many organizations without a mature DevSecOps strategy. So how do you complete the DevSecOps journey? Join Techstrong and Checkmarx for DevSecOps: Cracking the Code, a new webinar series packed with expert insights and actionable advice to help you successfully evolve from DevOps to DevSecOps.
…
continue reading
Ramblings about W. Edwards Deming in the digital transformation era. The general idea of the podcast is derived from Dr. Demming's seminal work described in his New Economics book - System of Profound Knowledge ( SoPK ). We'll try and get a mix of interviews from IT, Healthcare, and Manufacturing with the goal of aligning these ideas with Digital Transformation possibilities. Everything related to Dr. Deming's ideas is on the table (e.g., Goldratt, C.I. Lewis, Ohno, Shingo, Lean, Agile, and ...
…
continue reading
The OWASP Podcast Series is a recorded series of discussions with thought leaders and practitioners who are working on securing the future for coming generations.
…
continue reading
Audio podcasts on software testing.
…
continue reading
A podcast about Application Security DevSecOps and AppScan. Twice a month, we aim to bring you some technical insights, assorted facts and the latest news from the world of HCL AppScan. Our underlying mission is to deliver continuous application security to the masses.
…
continue reading
A podcast about everything that happens after \`git push\` Justin Garrison & Autumn Nash explore all things DevOps, infra, cloud & running apps in production. Whether you're cloud native, Kubernetes curious, a pro SRE, or just operating a VPS... you'll love coming along for the ride. Some people search for ShipIt or ShipItFM and can't find the show, so now the strings ShipIt and ShipItFM are in our description too.
…
continue reading
A podcast for engineers building and operating modern infrastructure. Powered by Zesty. Hosted by Omer Hamerman and Mark Serdze, The Cron Job explores Kubernetes quirks, cost optimization strategies, scaling, reliability, and the art of keeping things from catching fire in production, all while unpacking the deeper DevOps questions around ownership, automation, and the tradeoffs behind every engineering decision. Tune in for real-world stories, sharp insights, and the occasional infrastructu ...
…
continue reading
Welcome to video version of “Cybersecurity Where You Are,” the podcast of the Center for Internet Security® (CIS®). Cybersecurity affects us all — whether we’re online at home, managing a company, supporting clients, or running a state or local government. Join us on Wednesdays as Sean Atkinson, CISO at CIS, and Tony Sager, SVP & Chief Evangelist at CIS, discuss trends and threats, explore security best practices, and interview experts in the industry. Together, we’ll clarify these issues, c ...
…
continue reading
Step into the DevOps Sauna with Darren Richardson and Pinja Kujala as they explore Agile and DevOps methodologies. Hear from various industry experts and discover how Agile and DevOps principles can transform any part of your business. The DevOps Sauna ensures you have the latest practices and trends to maintain a competitive edge.
…
continue reading
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer. Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated. Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, develop ...
…
continue reading
Each webinar features an SEI researcher discussing their research on software and cybersecurity problems of considerable complexity. The webinar series is a way for the SEI to accomplish its core purpose of improving the state-of-the-art in software engineering and cybersecurity and transitioning this work to the community. The SEI is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University. The SEI Webinar Seri ...
…
continue reading
ePlus helps our clients imagine, implement, and achieve more from technology. Our people are the best in the business — and we're proud to feature them in our podcasts. Our services are backed by thousands of successfully delivered engagements, elite certifications, and awards. And we're pleased to share the talent and perspective of our staff as it relates to today's emerging, transformative technologies. See how we can help you connect the dots between IT investments and business outcomes.
…
continue reading
CISO Insights: The Cybersecurity Leadership Podcast Where Security Leaders Shape Tomorrow’s Defenses Join us for CISO Insights, the definitive podcast for cybersecurity executives navigating today’s evolving threat landscape. Each episode delivers exclusive conversations with industry pioneers and practical frameworks from security leaders. CISO Insights provides actionable intelligence for executives building resilient security programs. We cover everything from board-level risk communicati ...
…
continue reading
Welcome to The Bare Metal Cyber CISSP Audio Course—your comprehensive companion for mastering the Certified Information Systems Security Professional (CISSP) certification. Built for serious cybersecurity professionals and aspiring leaders alike, this Audio Course transforms the eight domains of the CISSP Common Body of Knowledge into clear, structured, and engaging lessons you can learn anytime, anywhere. Each episode blends real-world context, expert insight, and exam-focused explanations ...
…
continue reading
1
Continuous Discussions (#c9d9) - Community Podcast Discussing Agile, DevOps & Continuous Delivery
Electric Cloud
24
1
…
continue reading
Featuring guests from around the world and builders of some of the most exciting technologies on earth, join us as we explore the world of innovation and technology and what we need to do as engineers to keep it safe and secure.
…
continue reading
In these short videos, experts from the Software Engineering Institute (SEI) deliver informative snapshots of our latest research on the changing world of all things cyber. The SEI is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University.
…
continue reading
Lessons from Production brings you real-world stories from tech leaders who’ve been in the trenches. Each episode dives into the challenges, hard-earned lessons, and behind-the-scenes insights from building and scaling technology in production. No fluff, just practical takeaways from experts who’ve lived it.
…
continue reading
The Security Collective is the podcast for leaders tasked with, and interested in, securing technology, people, processes and data for the protection of all. Join best-selling author Claire Pales, together with industry thought leaders who answer your questions about security leadership, trends, technologies, and more. 'The Security Collective' podcast - formerly 'The Secure CIO'
…
continue reading
Welcome to The DevOps Toolchain Show – your go-to podcast for mastering the evolving world of DevOps! Previously known as The TestGuild Performance and SRE Podcast, we dive deep into the latest trends, must-know tools, and cutting-edge techniques shaping modern software delivery. Join industry experts, engineers, and thought leaders as we uncover insights on automation, performance testing, security, CI/CD, AI in DevOps, and everything in between. Whether you're a DevOps practitioner, SRE, o ...
…
continue reading
The IBM Cloud podcast - covering capabilities, methods, and discoveries
…
continue reading
Security Boulevard is the destination for the security community to stay up on the latest news, discussion and analysis. Home of the Security Bloggers Network, Security Boulevard has more security related content than anywhere else on the web.
…
continue reading
CTRL+ALT+DEPLOY is the DevOps podcast for modern engineering leaders navigating what’s now and what’s next. From agentic AI and autonomous DevOps to platform consolidation, cloud performance, and secure software supply chains, we cut through the buzzwords to explore the real-world impact of emerging tools and practices. Each episode features candid conversations with DevOps experts across industries, offering insights and practical takeaways on how to build faster, stay secure, and scale sma ...
…
continue reading
Curious about DevOps? In this podcast series we dive deep into the DevOps culture and chat with friends from small startups and large enterprises about what DevOps looks like in their organizations. Join us weekly to hear about the problems they are solving, how their teams work together, and the tools they are using to get the job done. Subscribe to the show to get into a DevOps State of Mind. This podcast is brought to you by LogDNA, the log management tool for teams that embrace DevOps.
…
continue reading
Welcome to Lessons in Cybersecurity. In this podcast, you’ll find effective strategies and tangible tactics you can apply in your organization to tighten network security. Avishai Wool is a professor at Tel Aviv University and co-founder and CTO of AlgoSec, the world‘s leading application connectivity and security policy company. He has served on the program committees of the leading IEEE and ACM conferences on computer and network security, has published more than 110 research papers and ho ...
…
continue reading
Building a cybersecurity program is complicated. Building one that is equipped to truly enable the organization it serves is another thing altogether. Robert Wood from Sidekick Security interviews security leaders from a diverse set of organizations to talk about program transformations. From team design, technology, compliance versus security, and strategic leadership, learn about how to lead a program transformation of your own from people who have gone through it before.
…
continue reading
"DevOps Chats" by Techstrong Group, the force behind industry-leading platforms like DevOps.com, Cloud Native Now, Security Boulevard, Techstrong.ai, DigitalCxO, and Techstrong.TV, is your premier destination for all things DevOps. Hosted by industry veterans Alan Shimel and Mitchell Ashley, this podcast series delves deep into the world of DevOps, bringing you the latest trends, innovative strategies, and insightful discussions that matter. Each episode of "DevOps Chat" is a journey through ...
…
continue reading
The podcast for Security Architecture Hosted by Moshe Ferber and Ariel Munafo. The world of software development has changed rapidly in the last years due to various factors – Cloud Computing, Digital Transformation, CI/CD & DevOps – they all changed the way we build new applications. Young startups today got access to enterprise-grade infrastructure enabling them to produce scalable, robust applications faster and cheaper. But as companies innovate faster, security challenges arise. The sec ...
…
continue reading
1
#86 - MCP plugins: your next security blind spot?
1:04:54
1:04:54
Play later
Play later
Lists
Like
Liked
1:04:54
Is MCP just another server you need to threat model, patch, and monitor? How do you keep users from over-privileged access, block LLM injection, and stop blind spots? We unpack the VentureBeat article https://venturebeat.com/security/mcp-stacks-have-a-92-exploit-probability-how-10-plugins-became-enterprise with real-world tips. We are always happy …
…
continue reading
1
Episode 16: DevSecOps & Security Integration
21:09
21:09
Play later
Play later
Lists
Like
Liked
21:09
In this episode, Omer and Mark discuss the importance of integrating security into the DevOps culture, specifically focusing on DevSecOps. They explore the responsibilities of developers in ensuring application security, the significance of understanding the OWASP Top 10 vulnerabilities, and the need for actionable security practices. The conversat…
…
continue reading
1
InfoSec Black Friday Certification Deals 2025
11:56
11:56
Play later
Play later
Lists
Like
Liked
11:56
InfoSec Black Friday Deals 2025: Securing the Future of Cybersecurity This special offer broadcast details the InfoSec Black Friday 2025 deals, presenting a limited-time chance to advance cybersecurity careers when the demand for security professionals continues to grow. Tune in to discover how to save up to $500 on certification bundles and receiv…
…
continue reading
1
Orchestrating Security: The DevSecOps Blueprint for 2025
36:08
36:08
Play later
Play later
Lists
Like
Liked
36:08
Driven by a market anticipated to exceed USD 40.6 billion by 2030, DevSecOps Engineers are crucial experts who bridge the gaps between software development, security protocols, and operational efficiency. Successful implementation relies on a socio-technical work system that emphasizes cultural transformation, shared security responsibility, and pr…
…
continue reading
1
Why AI + DevSecOps Is the Future of Software Security With Patrick J. Quilter Jr
35:14
35:14
Play later
Play later
Lists
Like
Liked
35:14
Show notes: Why AI + DevSecOps Is the Future of Software Security With Patrick J. Quilter JrBy Testing Podcast
…
continue reading
1
Episode 17: DevOps Horror Story of the Week
21:53
21:53
Play later
Play later
Lists
Like
Liked
21:53
In this episode of The Crown Job, Omer and Mark delve into the spooky side of technology, sharing horror stories from their experiences in the tech industry. They discuss the recent AWS outage and its bizarre effects on smart mattresses, a ghostly incident in a production environment, a certificate authority crisis, and the challenges of managing c…
…
continue reading
1
Zero Trust to SCADA: Navigating the InfoSec Mandate
14:25
14:25
Play later
Play later
Lists
Like
Liked
14:25
This podcast explores the comprehensive responsibilities of modern InfoSec professionals, ranging from core security operations like vulnerability management across operating systems, network devices, and containers, to ensuring physical security and managing application development standards. Dive deep into emerging and complex domains such as AI …
…
continue reading
1
The Privacy Divide: State Laws, Age Limits, and the Battle for the Under-18 Consumer.
36:11
36:11
Play later
Play later
Lists
Like
Liked
36:11
This episode explores the complex division in state mandates between general consumer privacy laws and specific children’s design codes, which often function as separate acts or amendments. We break down how compliance is determined either by broad, quantitative thresholds like annual gross revenue and high data volume, or by the specific service's…
…
continue reading
1
Cybersecurity Awesomeness Podcast - Episode 135
12:12
12:12
Play later
Play later
Lists
Like
Liked
12:12
Chris Steffen and Ken Buckler from EMA discuss the Cloudflare outage and what availability means in the technology space.By Enterprise Management Associates + DEVOPSdigest
…
continue reading
1
CRLIVE52 Microsoft Ignite 2025: Scaling responsible AI agents with Yina Arenas from Microsoft – Plus Team Ignite 2025 Reflections
1:03:57
1:03:57
Play later
Play later
Lists
Like
Liked
1:03:57
Hello San Francisco - we're arrived for Microsoft Ignite 2025! The #CloudRealities podcast team has landed this week in San Francisco, we're bringing you the best updates right from the heart of the event. Join us to connect AI at scale, cloud modernization, and secure innovation—empowering organizations to become AI-first. Plus, we'll keep you upd…
…
continue reading
1
CRLIVE51 Microsoft Ignite 2025: Undercover Cloud with Alistair Speirs, Microsoft
40:50
40:50
Play later
Play later
Lists
Like
Liked
40:50
Hello San Francisco - we're arrived for Microsoft Ignite 2025! The #CloudRealities podcast team has landed this week in San Francisco, we're bringing you the best updates right from the heart of the event. Join us to connect AI at scale, cloud modernization, and secure innovation—empowering organizations to become AI-first. Plus, we'll keep you upd…
…
continue reading
1
Episode 221: Project Management Thoughts w/ Timm Gleason
45:22
45:22
Play later
Play later
Lists
Like
Liked
45:22
Show notes: Episode 221: Project Management Thoughts w/ Timm GleasonBy Testing Podcast
…
continue reading
1
CRLIVE50 Microsoft Ignite 2025: Safe and responsible agentic implementation with Rob Lefferts, Microsoft
27:18
27:18
Play later
Play later
Lists
Like
Liked
27:18
Hello San Francisco - we're arrived for Microsoft Ignite 2025! The #CloudRealities podcast team has landed this week in San Francisco, we're bringing you the best updates right from the heart of the event. Join us to connect AI at scale, cloud modernization, and secure innovation—empowering organizations to become AI-first. Plus, we'll keep you upd…
…
continue reading
1
CRLIVE49 Microsoft Ignite 2025: Innovating at the frontier with John Link, Microsoft
29:55
29:55
Play later
Play later
Lists
Like
Liked
29:55
Hello San Francisco - we're arrived for Microsoft Ignite 2025! The #CloudRealities podcast team has landed this week in San Francisco, we're bringing you the best updates right from the heart of the event. Join us to connect AI at scale, cloud modernization, and secure innovation—empowering organizations to become AI-first. Plus, we'll keep you upd…
…
continue reading
1
Existential crisis: What is quality engineering? – Ep 112
52:30
52:30
Play later
Play later
Lists
Like
Liked
52:30
Show notes: Existential crisis: What is quality engineering? – Ep 112By Testing Podcast
…
continue reading
1
CRLIVE48 Microsoft Ignite 2025: From business applications to AI business solutions with Jonathan Hunt, Microsoft
24:23
24:23
Play later
Play later
Lists
Like
Liked
24:23
Hello San Francisco - we're arrived for Microsoft Ignite 2025! The #CloudRealities podcast team has landed this week in San Francisco, we're bringing you the best updates right from the heart of the event. Join us to connect AI at scale, cloud modernization, and secure innovation—empowering organizations to become AI-first. Plus, we'll keep you upd…
…
continue reading
1
The Crown Jewels of Governance: Australian Cyber Security Priorities for Boards in 2025-26
12:25
12:25
Play later
Play later
Lists
Like
Liked
12:25
Australia faces a heightened global cyber threat environment driven by geopolitical tensions, with malicious actors continuing to target organizations of all types and sizes, which has led to rising cybercrime costs and serious data breaches. Drawing on guidance from the Australian Signals Directorate (ASD) and the Australian Institute of Company D…
…
continue reading
1
Episode 162: A Managed Approach to a Managed Attack Surface
41:24
41:24
Play later
Play later
Lists
Like
Liked
41:24
In Episode 162 of Cybersecurity Where You Are, Tony Sager sits down with Tina Williams-Koroma, Founder and CEO of TCecure, LLC and CyDeploy, Inc. Together, they discuss why "cyber insecurity is not inevitable" and how organizations can take a managed approach to attack surface management. Along the way, Tina shares her journey from software develop…
…
continue reading
1
CRLIVE47 Microsoft Ignite 2025: The evolution and future of Co-pilot(s) with Rob Cromwell, Microsoft
37:37
37:37
Play later
Play later
Lists
Like
Liked
37:37
Hello San Francisco - we're arrived for Microsoft Ignite 2025! The #CloudRealities podcast team has landed this week in San Francisco, we're bringing you the best updates right from the heart of the event. Join us to connect AI at scale, cloud modernization, and secure innovation—empowering organizations to become AI-first. Plus, we'll keep you upd…
…
continue reading
1
4 Free TestGuild Tools Every Tester Should Be Using with Joe Colantonio
17:14
17:14
Play later
Play later
Lists
Like
Liked
17:14
Show notes: 4 Free TestGuild Tools Every Tester Should Be Using with Joe ColantonioBy Testing Podcast
…
continue reading
1
The Generative Firewall: Securing AI and Using AI for Defense
13:56
13:56
Play later
Play later
Lists
Like
Liked
13:56
This episode explores the transformative challenge of modern security, focusing on how organizations must adapt their strategies to both secure generative AI applications and leverage AI to strengthen existing defenses. We dive into the critical concepts of securing functionally non-deterministic AI systems by implementing external security boundar…
…
continue reading
1
Secure Coding as Critical Thinking Instead of Vulnspotting - Matias Madou - ASW #357
1:03:41
1:03:41
Play later
Play later
Lists
Like
Liked
1:03:41
Secure code should be grounded more in concepts like secure by default and secure by design than by "spot the vuln" thinking. Matias Madou shares his experience in secure coding training and the importance of teaching critical thinking. He also discusses why critical thinking is so closely related to threat modeling and how LLMs can be a tool for h…
…
continue reading
1
Rogue Agents and Railgun Fights: Securing the AI Frontier
42:33
42:33
Play later
Play later
Lists
Like
Liked
42:33
Nation-state hackers are now deploying autonomous AI agents like Claude to execute 80–90% of sophisticated espionage and crime campaigns at machine speed, requiring human intervention at only a few critical decision points. Defenders are thrust into an urgent "AI vs. AI arms race," racing to adopt proactive measures like Google's Big Sleep to detec…
…
continue reading
1
The 90% Attack: Inside the First AI-Orchestrated Cyber Espionage Campaign
12:18
12:18
Play later
Play later
Lists
Like
Liked
12:18
Anthropic revealed on November 13, 2025, that Chinese state-sponsored hackers successfully weaponized its Claude AI system to conduct the first documented AI-orchestrated cyber espionage campaign. The sophisticated operation, which targeted approximately 30 global organizations including technology companies, financial institutions, and government …
…
continue reading
1
Beyond the First Lie: Building Communication Resilience with the RESIST Framework
17:09
17:09
Play later
Play later
Lists
Like
Liked
17:09
Explore the systematic RESIST 3 framework, which guides government communicators through six sequential steps designed to build resilience against the impacts of manipulated, false, and misleading information (MDM). This episode details the crucial "Recognise" stage, where communicators use the FIRST indicators (Fabrication, Identity, Rhetoric, Sym…
…
continue reading
1
AI Testing Made Trustworthy using FizzBee with Jayaprabhakar Kadarkarai
32:10
32:10
Play later
Play later
Lists
Like
Liked
32:10
Show notes: AI Testing Made Trustworthy using FizzBee with Jayaprabhakar KadarkaraiBy Testing Podcast
…
continue reading
1
Cybersecurity Awesomeness Podcast - Episode 134
13:31
13:31
Play later
Play later
Lists
Like
Liked
13:31
Chris Steffen and Ken Buckler from EMA discuss securing AI LLMs.By Enterprise Management Associates + DEVOPSdigest
…
continue reading
Show notes: Quality Career BeginningsBy Testing Podcast
…
continue reading
1
How to Address the Problem of Poorly-Defined Requirements in Software System Design
54:48
54:48
Play later
Play later
Lists
Like
Liked
54:48
This webcast offers a solution to the problem of poorly defined requirements in system design that can lead to software flaws, cost and time overruns, and stakeholder dissatisfaction. We will tell you how to use a structured process called the ATAM (architectural tradeoffs analysis method) to develop a system design by eliciting requirements, scena…
…
continue reading
1
From Perimeter to Pipeline: Securing the OWASP Top 10 in the Cloud Era
13:33
13:33
Play later
Play later
Lists
Like
Liked
13:33
The 2025 OWASP Top 10 reveals a fundamental shift in application security, showing how threats have transformed from simple code flaws like buffer overflows to exploiting the systemic complexity of cloud-native and microservices architectures. This newest list confirms the continued dominance of Broken Access Control (A01) and spotlights the critic…
…
continue reading
1
CR115: Power of data in complex industries with Chris Carter, BAE Systems
44:49
44:49
Play later
Play later
Lists
Like
Liked
44:49
Digital intelligence is reshaping how organizations work, and success depends on integrating multiple domains, using real-time analytics, and ensuring strong cyber protections as data grows and risks increase This week, Dave, Esmee, and Rob talk with Chris Carter, Director - Key Accounts and Australia at BAE Systems Digital Intelligence, to explore…
…
continue reading
Show notes: Episode 220: Spy ReturnsBy Testing Podcast
…
continue reading
1
From BOLA to Bots: Building a Layered API Defense Against the Modern Top 10
40:03
40:03
Play later
Play later
Lists
Like
Liked
40:03
APIs are the "nervous system" of modern applications, making them the number one attack vector, with flaws like Broken Object Level Authorization (BOLA), Broken Object Property Level Authorization (BOPLA), and Broken Function Level Authorization (BFLA) accounting for a high percentage of breaches. This episode delves into the multi-layered "defense…
…
continue reading
1
Episode 161: An Ecosystem-Wide Approach to CNI Resilience
37:42
37:42
Play later
Play later
Lists
Like
Liked
37:42
In Episode 161 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Mishal Makshood, Azure Partner Alliance Manager at the Center for Internet Security® (CIS®), and David Kalish, Sr. Cybersecurity Solutions Engineer at CIS. Together, they explore how CIS Hardened Images® help to secure cloud environments and strengthen critica…
…
continue reading
1
Quality feedback over testing artefacts – Ep 111
51:21
51:21
Play later
Play later
Lists
Like
Liked
51:21
Show notes: Quality feedback over testing artefacts – Ep 111By Testing Podcast
…
continue reading
1
Ransomware, Defaults, and Proactive Defenses - Rob Allen - ASW #356
1:11:26
1:11:26
Play later
Play later
Lists
Like
Liked
1:11:26
Just how bad can things get if someone clicks on a link? Rob Allen joins us again to talk about ransomware, why putting too much attention on clicking links misses the larger picture of effective defenses, and what orgs can do to prepare for an influx of holiday-infused ransomware targeting. Segment resources https://www.bleepingcomputer.com/news/s…
…
continue reading
1
The Algorithmic Adversary: Tracking the Shift to Novel AI-Enabled Malware
15:36
15:36
Play later
Play later
Lists
Like
Liked
15:36
The Google Threat Intelligence Group (GTIG) has identified a significant shift where adversaries are now deploying novel AI-enabled malware in active operations, moving beyond simple productivity gains observed in 2024. This new operational phase includes "Just-in-Time" AI malware, such as PROMPTFLUX and PROMPTSTEAL, that utilize Large Language Mod…
…
continue reading
Show notes: Show notes: QR Podcast – Paul Holland Podcast Site: QR PodcastBy Testing Podcast
…
continue reading
1
Episode 15: DevOps common mistakes and how to avoid them
21:52
21:52
Play later
Play later
Lists
Like
Liked
21:52
In this episode of the Cron Job podcast, hosts Omer and Mark delve into the intricacies of Kubernetes, focusing on common mistakes in resource allocation and container management. They discuss the importance of right-sizing resources, monitoring, and the potential pitfalls of over-provisioning. The conversation also touches on the philosophical asp…
…
continue reading
1
The Scorched Earth CISO: Extinguishing Burnout with AI and Executive Support
43:17
43:17
Play later
Play later
Lists
Like
Liked
43:17
Cybersecurity leaders, including CISOs, face overwhelming job demands and chronic stress, with up to 80% classifying themselves as “highly stressed” due to resource limitations and the ceaseless evolution of threats. This pressure is compounded by alert fatigue—where the relentless influx of noisy, often false-positive alerts causes mental and oper…
…
continue reading
