May 8 2012 7:11PM GMT
Posted by: Robert Westervelt
web application security,
Security Wire Weekly,
secure software development
Business logic flaws are costly to detect but even more costly if they are exploited, says application security expert Dan Kuykendall, CTO of NTOBJECTives Inc. Manual testing can detect the issues before cybercriminals can take advantage of the flawed functionality.

Security Wire Weekly [20:35m]:
Play Now |
Play in Popup
Apr 25 2012 8:40PM GMT
Posted by: Robert Westervelt
Verizon DBIR 2012,
Security Wire Weekly,
Security Squad
In this edition of Security Squad, the editors discusses the 2012 Verizon DBIR findings that have been hyped and misconstrued and why only 8% of organizations make a breach discovery with internal technologies. Also, a discussion on how the message delivered at a recent conference by several security luminaries fell flat.

Security Squad [26:47m]:
Play Now |
Play in Popup
Apr 12 2012 8:11PM GMT
Posted by: Robert Westervelt
mobile device protection,
Security Wire Weekly,
mobile device security,
mobile security
Do you think you need a mobile device management platform? Think again, said Darrin Reynolds, vice president of information security at Diversified Agency Services. A formal policy should come first. Reynolds explains that security essentials can be done with existing systems.

Security Wire Weekly [15:03m]:
Play Now |
Play in Popup
Apr 3 2012 12:47PM GMT
Posted by: Robert Westervelt
security spending,
Security Wire Weekly,
pen testing
Dave Kennedy, CSO of Diebold Inc. and a noted penetration tester talks about the need for enterprises to have more effective penetration tests and to stop buying the latest security technology. It doesn’t work, he told attendees at the 2012 InfoSec World Conference and Expo. Kennedy said businesses should base their pen testing requirements from the Penetration Testing Execution Standard (PTES) and hold pen testers responsible for meeting the standard.

Security Wire Weekly [18:09m]:
Play Now |
Play in Popup
Mar 29 2012 2:46PM GMT
Posted by: Robert Westervelt
SIEM,
Security Wire Weekly,
Log management
Chris Petersen founder and CTO of LogRhythm talks about the SIEM market, the challenges for enterprises to get beyond compliance and shares his thoughts on the future of SIEM with deeper analytics. The interview was conducted last month at RSA Conference 2012.

Security Wire Weekly [15:56m]:
Play Now |
Play in Popup
Mar 22 2012 7:35PM GMT
Posted by: Robert Westervelt
Verizon DBIR 2012,
Verizon DBIR,
data breach,
data breach management
Christopher Porter of Verizon explains some of the findings from the Verizon 2012 Data Breach Investigations Report. This year, hacktivists had a big impact on the numbers. Attacks are mainly less sophisticated and more automated in nature, Porter said.

Security Wire Weekly [17:37m]:
Play Now |
Play in Popup
Mar 8 2012 1:10PM GMT
Posted by: Robert Westervelt
RSA Conference 2012,
RSA 2012,
Security Squad
Pete Lindstrom of Spire Security joins the editorial team in a discussion about the themes that emerged at RSA Conference 2012. Big data resonated at this year’s conference, but what does it mean? Also, the team talks about the specter of mobile security and whether application security gets overshadowed at the annual event.

Security Squad [35:06m]:
Play Now |
Play in Popup
Mar 2 2012 8:39AM GMT
Posted by: Robert Westervelt
SCADA,
Security Wire Weekly
Andy Purdy, chief cybersecurity strategist at CSC shares his views on SCADA vulnerabilities and sharing threat intelligence data at RSA Conference 2012. A member of the team that developed the U.S. National Strategy to Secure Cyberspace in 2003, Purdy later served as cybersecurity czar overseeing the NCSD in the Department of Homeland Security and the US-CERT.

Security Wire Weekly:
Play Now |
Play in Popup
Feb 15 2012 11:02PM GMT
Posted by: Robert Westervelt
RSA Conference 2012,
Security Squad
The SearchSecurity team previews the 2012 RSA Conference. Hacktivism and numerous high-profile attacks, including the RSA SecurID breach could take center stage at this year’s conference. Targeted attacks, SCADA system weaknesses and mobile security challenges are likely to be the emerging topics in San Francisco.

Security Squad [23:54m]:
Play Now |
Play in Popup