Security doesn't trust AI, but startups are using it to write 95% of their code - ESW #398

Enterprise Security Weekly (Video)

Player FM - Internet Radio Done Right

21 subscribers

הוסף לפני nine שנים

תוכן מסופק על ידי Security Weekly Productions. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Security Weekly Productions או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

Species Unite

1
Richard (Kudo) Couto: The Hidden Horror Behind a Billion-Dollar Brand 42:18

לפני 4 ימים42:18

הפעל מאוחר יותר

רשימות

לייק

אהבתי

42:18

“I used to be the largest dairy consumer on the planet. I used to eat so much dairy and meat. The more that I looked into the dairy industry, the more that I saw that it was the singular, most inhumane industry on the planet, that we've all been lied to, including myself, for years. I always believed that the picture on the milk carton, the cow standing next to her calf in the green field with the red barn in the back was true. It’s certainly the complete opposite.” – Richard (Kudo) Couto Richard (Kudo) Couto is the founder of Animal Recovery Mission (ARM), an organization solely dedicated to investigating extreme animal cruelty cases. ARM has led high-risk undercover operations that have resulted in the shutdown of illegal slaughterhouses, animal fighting rings, and horse meat trafficking networks. Recently, they released a damning investigation into two industrial dairy farms outside of Phoenix, Arizona supplying milk to Coca-Cola’s Fairlife brand. What they uncovered was systemic animal abuse, environmental violations, and a devastating betrayal of consumer trust. While Fairlife markets its products as being sourced "humanely," ARM’s footage tells a very different story—one of suffering, abuse, and corporate complicity. Despite the evidence, this story has been largely ignored by mainstream media—likely due to Coca-Cola’s massive influence and advertising dollars.…

לפני שנה 36:09

MP4•בית הפרקים

In this week's enterprise security news,

Knostic raises funding
The real barriers to AI adoption for security folks
What AI is really getting used for in the wild
Early stage startup code bases are almost entirely AI generated
Hacking your employer never seems to go well
should the CISO be the chief resiliency officer?
proof we still need more women in tech

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-398

1087 פרקים

#Tech #Tech News #Paul Asadoorian #Security Weekly #News #Video #Security News

Security doesn't trust AI, but startups are using it to write 95% of their code - ESW #398

Enterprise Security Weekly (Video)

21 subscribers

published לפני שנה

שתפו

MP4•בית הפרקים

In this week's enterprise security news,

Knostic raises funding
The real barriers to AI adoption for security folks
What AI is really getting used for in the wild
Early stage startup code bases are almost entirely AI generated
Hacking your employer never seems to go well
should the CISO be the chief resiliency officer?
proof we still need more women in tech

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-398

1087 פרקים

#Tech #Tech News #Paul Asadoorian #Security Weekly #News #Video #Security News

כל הפרקים

1
The reason for Zoom's outage is crazy, huge funding amounts before RSA - ESW #404 40:37

לפני 5 ימים40:37

40:37

In this week's enterprise security news, Lots of funding announcements as we approach RSA New products The M-Trends also rudely dropped their report the same day as Verizon Supply chain threats Windows Recall is making another attempt MCP server challenges Non-human identities A startup post mortem Remember that Zoom outage a week or two ago? The cause is VERY interesting All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-404…

1
The Future of Access Management - Jeff Shiner - ESW #404 39:05

לפני 5 ימים39:05

39:05

As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how employees access sensitive business data. In this episode of Security Weekly, Jeff Shiner, CEO of 1Password, joins us to discuss the future of access management and how organizations must move beyond traditional IAM and MDM solutions. He’ll explore the need for Extended Access Management, a modern approach that ensures every identity is authentic, every device is healthy, and every application sign-in is secure, including the unmanaged ones. Tune in to learn how security teams can bridge the Access-Trust Gap while empowering employees with frictionless security. Show Notes: https://securityweekly.com/esw-404…

1
Reviewing the Verizon 2025 Data Breach Investigations Report - ESW #404 40:42

לפני 6 ימים40:42

40:42

In this topic segment, we discuss the most interesting insights from the 2025 edition of Verizon's DBIR. You can grab your own copy of the report at https://verizon.com/dbir Show Notes: https://securityweekly.com/esw-404

1
Tailscale rakes it in, CVE dead to us, cool Chrome extensions, dog saves toddler - ESW #403 57:56

לפני 12 ימים57:56

57:56

In the enterprise security news, lots of funding, but no acquisitions? New companies new tools including a SecOps chrome plugin and a chrome plugin that tells you the price of enterprise software prompt engineering tips from google being an Innovation Sandbox finalist will cost you Security brutalism CVE dumpster fires and a heartwarming story about a dog, because we need to end on something happy! All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-403…

1
The past, present, and future of enterprise AI - Pravi Devineni - ESW #403 39:13

לפני 12 ימים39:13

39:13

In this interview, we're excited to speak with Pravi Devineni, who was into AI before it was insane . Pravi has a PhD in AI and remembers the days when machine learning (ML) and AI were synonymous. This is where we'll start our conversation: trying to get some perspective around how generative AI has changed the overall landscape of AI in the enterprise. Then, we move on to the topic of AI safety and whether that should be the CISO's job, or someone else's. Finally, we'll discuss the future of AI and try to end on a positive or hopeful note! Show Notes: https://securityweekly.com/esw-403…

1
Patch It Like You Stole It: Vulnerability Management Lifestyle Choices - Matthew Toussain - ESW #403 34:44

לפני 13 ימים34:44

34:44

What a time to have this conversation! Mere days from the certain destruction of CVE, averted only in the 11th hour, we have a chat about vulnerability management lifecycles. CVEs are definitely part of them. Vulnerability management is very much a hot mess at the moment for many reasons. Even with perfectly stable support from the institutions that catalog and label vulnerabilities from vendors, we'd still have some serious issues to address, like: disconnects between vulnerability analysts and asset owners gaps and issues in vulnerability discovery and asset management different options for workflows between security and IT: which is best? patching it like you stole it Oh, did we mention Matt built an open source vuln scanner? https://sirius.publickey.io/ Show Notes: https://securityweekly.com/esw-403…

1
The rise of MSSPs, CVE drama, Detection Engineering How-To & Doggie Survival Skills - ESW #402 51:20

לפני 19 ימים51:20

51:20

In the enterprise security news, new startup funding what happened to the cybersecurity skills shortage? tools for playing with local GenAI models CVE assignment drama a SIEM-agnostic approach to detection engineering pitch for charity a lost dog that doesn’t want to be found All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-402…

1
What is old is new again: default deny on the endpoint - Danny Jenkins - ESW #402 36:20

לפני 19 ימים36:20

36:20

Default deny is an old, and very recognizable term in security. Most folks that have been in the industry for a long time will associate the concept with firewall rules. The old network firewalls, positioned between the public Internet and private data centers, however, were relatively uncomplicated and static. Most businesses had a few hundred firewall rules at most. The idea of implementing default deny principles elsewhere were attempted, but without much success. Internal networks (NAC), and endpoints (application control 1.0) were too dynamic for the default deny approach to be feasible. Vendors built solutions, and enterprises tried to implement them, but most gave up. Default deny is still an ideal approach to protecting assets and data against attacks - what it needed was a better approach. An approach that could be implemented at scale, with less overhead. This is what we’ll be talking to Threatlocker’s CEO and co-founder, Danny Jenkins, about on this episode. They seemed to have cracked the code here and are eager to share how they did it. This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/esw-402…

1
I SIEM, you SIEM, we all SIEM for a Data Security Strategy - Colby DeRodeff - ESW #402 35:43

לפני 20 ימים35:43

35:43

We wanted security data? We got it! Now, what the heck do we DO with all of it? The core challenge of security operations, incident response, and even compliance is still a data management and analysis problem. Which is why we’re seeing companies like Abstract Security pop up to address some of these challenges. Abstract just released a comprehensive eBook on security data strategy, linked below, and you don’t even need to give up an email address to read it! In this interview, we’ll talk through some of the highlights: Challenges Myths Pillars of a data security strategy Understanding the tools available Segment Resources A Leader’s Guide to Security Data Strategy eBook Show Notes: https://securityweekly.com/esw-402…

1
Best of Cyber April Fools, Tons of Free Tools, runZero positioned to disrupt? - ESW #401 49:54

לפני 26 ימים49:54

49:54

This week, in the enterprise security news, we check the vibes we check the funding we check runZero’s latest release notes tons of free tools! the latest TTPs supply chain threats certs won’t save you GRC needs disruption the latest Rippling/Deel drama All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-401…

1
How attackers exploit identity gaps to get into your cloud and SaaS - Paul Nguyen - ESW #401 43:15

לפני 27 ימים43:15

43:15

You might know them from their excellent research work on groups like Scattered Spider, or their refreshing branding/marketing style, but Permiso is laying some impressive groundwork for understanding and defending against identity and cloud-based attacks. In this interview, we talk with co-founder and co-CEO Paul Nguyen about understanding the threats against some of cybercriminals' favorite attack surface, insider threats, and non-human identity compromise. Segment Resources: This blog post from our threat research team on Scattered Spider shows how threat actors move laterally in an environment across identity providers, Iaas, PaaS and SaaS environments, and how this lateral movement ultimately creates blind spots for many security teams This great talk by Ian Ahl, from fwd:cloudsec 2024, touches on a lot of great TTPs used by attackers in IDPs and in the cloud Another blog, When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying and another, What Security Teams Can Learn From The Rippling/Deel Lawsuit: Intent Lies in Search Logs Show Notes: https://securityweekly.com/esw-401…

1
Soft skills for engineers - Evgeniy Kharam - ESW #401 30:15

לפני 27 ימים30:15

30:15

When we use the phrase "talent gap" in cybersecurity, we're usually talking about adding headcount. For this interview, however, we're focusing on a gap that is evident within existing teams and practitioners - the often misunderstood soft skills gap. Side note: I really hate the term "soft skills". How about we call them "fundamental business skills", or "invaluable career advancement skills"? Hmm, doesn't quite roll off the tongue the same. Soft skills can impact everything , as they impose the limits of how we interact with our world. That goes for co-worker interactions, career advancements, and how we're perceived by our peers and community. It doesn't matter how brilliant you might be - without soft skills, your potential could be severely limited. Did you know that soft skills issues contributed to the Equifax breach? We'll also discuss how fear is related to some of the same limitations and challenges as soft skills. Segment Resources: https://www.softskillstech.ca/ Order the Book Show Notes: https://securityweekly.com/esw-401…

1
The toughest decisions CISOs have to make, MCP servers, Napster's comeback - ESW #400 55:15

לפני 5 weeks55:15

55:15

In this week's enterprise security news, Big funding for Island Is DLP finally getting disrupted? By something that works? We learn all about Model Context Protocol servers Integrating SSO and SSH! Do we have too many cybersecurity regulations? Toxic cybersecurity workplaces Napster makes a comeback this week, we’ve got 50% less AI and 50% more co-hosts All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-400…

1
The Top Trends Shaping Identity and Access Management in 2025 - Geoff Cairns - ESW #400 30:55

לפני 5 weeks30:55

30:55

In this interview, we feature some research from Geoff Cairns, an analyst at Forrester Research. This is a preview to the talk he'll be giving at Identiverse 2025 in a few months. We won't have time to cover all the trends, but there are several here that I'm excited to discuss! Deepfake Detection Difficult Zero Trust Agentic AI Phishing resistant MFA adoption Identity Verification Machine Identity Decentralized Identity Post Quantum Shared Signals Segment Resources: The Top Trends Shaping Identity And Access Management In 2025 - (Forrester subscription required) Show Notes: https://securityweekly.com/esw-400…

1
Setting up your SIEM for success - Pitfalls to preclude and tips to take - Neil Desai - ESW #400 32:16

לפני 5 weeks32:16

32:16

A successful SIEM deployment depends on a lot more than implementing the SIEM correctly. So many other things in your environment have an impact on your chances of a successful SIEM. Are the right logs enabled? Is your EDR working correctly? Would you notice a sudden increase or decrease in events from critical sources? What can practitioners do to ensure the success of their SIEM deployment? This segment is sponsored by Graylog. Visit https://securityweekly.com/graylog to learn more about them! Show Notes: https://securityweekly.com/esw-400…

ברוכים הבאים אל Player FM!

Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.

תקשיבו ל-500+ נושאים

21 subscribers

דומה לEnterprise Security Weekly (Video)

Amazon eGift Card - Amazon Logo (Animated)

TurboTax Deluxe 2024 Tax Software, Federal & State Tax Return [PC/MAC Download]

Mini Mic Pro Wireless Microphone for iPhone, iPad, Android, Lavalier Microphone for Video Recording - 2 Pack iPhone Mic Crystal Clear Recording with USB-C for Podcast, ASMR

פודקאסטים ששווה להאזין

Enterprise Security Weekly (Video) « » Security doesn't trust AI, but startups are using it to write 95% of their code - ESW #398

Security doesn't trust AI, but startups are using it to write 95% of their code - ESW #398

פודקאסטים ששווה להאזין

ברוכים הבאים אל Player FM!

OneOdio Wired Over Ear Headphones Hi-Res Studio Monitor & Mixing DJ Stereo Headsets with 50mm Drivers and 1/4 to 3.5mm Jack for AMP Computer Recording Podcast Keyboard Guitar Laptop - Black

GOOACC - GRC-33 240PCS Bumper Retainer Clips Car Plastic Rivets Fasteners Push Retainer Kit Most Popular Sizes Auto Push Pin Rivets Set -Door Trim Panel Fender Clips for GM Ford Toyota Honda Chrysler

WaterWipes Plastic-Free Original Baby Wipes, 99.9% Water Based Wipes, Unscented & Hypoallergenic for Sensitive Skin, 60 Count (Pack of 12), Packaging May Vary

TurboTax Premier 2024 Tax Software, Federal & State Tax Return [PC/MAC Download]

דומה לEnterprise Security Weekly (Video)

מדריך עזר מהיר

Enterprise Security Weekly (Video) « »
Security doesn't trust AI, but startups are using it to write 95% of their code - ESW #398