Putting a stop to ungoverned, unauthorized shadow access. by Byron Acohido

RSAC Fireside Chat: Reinforcing ‘Identity and Access Management’ to expose ‘shadow access’

The world of Identity and Access Management (IAM) is rapidly evolving. Related: Stopping IAM threats IAM began 25 years ago as a method to systematically grant human users access to company IT ...
Meta's $1.3 Billion Fine, AI Hoax Hysteria, Montana's TikTok Ban

Meta’s $1.3 Billion Fine, AI Hoax Hysteria, Montana’s TikTok Ban

In this episode, we discuss Meta’s record-breaking $1.3 billion fine by the EU for unlawfully transferring user data, shedding light on the increasing risks faced by tech companies in violating privacy rules ...
RSAC Fireside Chat: Uptycs emulates Google, Akamai to protect cloud-native apps and endpoints

RSAC Fireside Chat: Uptycs emulates Google, Akamai to protect cloud-native apps and endpoints

The inadequacy of siloed security solutions is well-documented. Related: Taking a security-first path The good news is that next-gen security platforms designed to unify on-prem and cloud threat detection and remediation are, ...
Red teaming a country: Lessons learned from Sakura Samurai's Indian government hack investigation

Red teaming a country: Lessons learned from Sakura Samurai’s Indian government hack investigation

In the midst of the COVID-19 pandemic, John Jackson was looking for ways to stay busy. Jackson is a renowned offensive security consultant and the founder of Sakura Samurai, a (now defunct) ...
Embedding mobile app security at the semiconductor layer by Byron Acohido

RSAC Fireside Chat: The need to stop mobile apps from exposing API keys, user credentials in runtime

As digital transformation accelerates, Application Programming Interfaces (APIs) have become integral to software development – especially when it comes to adding cool new functionalities to our go-to mobile apps. Related: Collateral damage ...
Artificial Ignorance & Pen Testing - Kevin Johnson - PSW #785

Google Now Supports Passkeys, Risky New Top Level Domains, Twitter’s Encryption Dilemma

In this episode, we explore the arrival of passwordless Google accounts that use “passkeys,” which offer enhanced usability and security. We discuss the benefits of passkeys over traditional passwords, but also why ...
The case for shifting to containing, instead of blocking, ransomware by Byron Acohido

RSAC Fireside Chat: Counteracting Putin’s weaponizing of ransomware — with containment

The ransomware plague endures — and has arisen as a potent weapon in geopolitical conflicts. Related: The Golden Age of cyber espionage Cyber extortion remains a material threat to organizations of all ...
RSAC Fireside Chat: Upgrading containment to counter Putin’s weaponizing of ransomware

RSAC Fireside Chat: Upgrading containment to counter Putin’s weaponizing of ransomware

The ransomware plague endures — and has arisen as a potent weapon in geopolitical conflicts. Related: The Golden Age of cyber espionage Cyber extortion remains a material threat to organizations of all ...
How Verimatrix is directing streamed content security at mobile apps by Byron Acohido

RSAC Fireside Chat: Deploying Hollywood-tested content protection to improve mobile app security

Your go-to mobile apps aren’t nearly has hackproof as you might like to believe. Related: Fallout of T-Mobile hack Hackers of modest skill routinely bypass legacy security measures, even two-factor authentication, with ...

BTS #10 – Learning About Firmware Security – Xeno Kovah

| | Podcasts
Firmware security is a deeply technical topic, that’s hard to get started in. In this talk, Xeno will discuss some past work in firmware security, and how he has organized resources such ...