Sign up to save your podcasts
Or
Share ESW #313 - Pablo Zurro, Travis Howerton
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
ESW #313 - Pablo Zurro, Travis Howerton
Fortra's Core Security has conducted it's fourth annual survey of cybersecurity professionals on the usage and perception of pen testing. The data collected provides visibility into the full spectrum of pen testing’s role, helping to determine how these services, tools, and skills must evolve.
Segment Resources:
https://www.fortra.com/resources/guides/2023-pen-testing-report
This segment is sponsored by Fortra's Core Security. Visit https://securityweekly.com/fortracoresecurity to learn more about them!
Compliance with cyber security frameworks such as NIST, PCI, HIPAA, etc. have largely been driven by paper-based processes in Word and Excel. With the rise of cloud computing, containers, and ephemeral systems, paper-based processes can no longer keep up with the speed of business and compliance has become the new bottleneck to progress for highly regulated industries such as government, finance, and energy sector. This session will cover how RegScale is leading a RegOps movement to bring the principles of DevOps to compliance with the world’s first real-time GRC system that enables compliance as code via NIST OSCAL. RegOps seeks to shift compliance left to make it real-time, continuous, and complete so that paperwork is always up to date, self-updating, and takes less manual resources to manage.
Segment Resources:
Website – https://www.regscale.com
Documentation/Learn More – https://regscale.readme.io
In this news segment, we discuss the art of branding/naming security companies, some new cars just out of stealth, 5 startups just out of Y Combinator, and Cybereason's $100M round from Softbank. We also talk new features (Semgrep's new GPT-4 use case), new newsletters, and new reports. We break down Nexx's broken vulnerability disclosure program and its broken products. We also discuss the FDA's new ability to block device certification for security reasons. Android announces rules to make it easier for consumers to delete accounts and remove data when they uninstall apps. IT and Security professionals everywhere are asked not to report breaches, but in some countries more than others. CISOs are more prone to drinking problems, and finally, for our squirrel stories, we discuss a crazy app called Newnew and new ideas in prosthetics.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/esw313
View all episodes
By Security Weekly Productions
4.4
208208 ratings
Fortra's Core Security has conducted it's fourth annual survey of cybersecurity professionals on the usage and perception of pen testing. The data collected provides visibility into the full spectrum of pen testing’s role, helping to determine how these services, tools, and skills must evolve.
Segment Resources:
https://www.fortra.com/resources/guides/2023-pen-testing-report
This segment is sponsored by Fortra's Core Security. Visit https://securityweekly.com/fortracoresecurity to learn more about them!
Compliance with cyber security frameworks such as NIST, PCI, HIPAA, etc. have largely been driven by paper-based processes in Word and Excel. With the rise of cloud computing, containers, and ephemeral systems, paper-based processes can no longer keep up with the speed of business and compliance has become the new bottleneck to progress for highly regulated industries such as government, finance, and energy sector. This session will cover how RegScale is leading a RegOps movement to bring the principles of DevOps to compliance with the world’s first real-time GRC system that enables compliance as code via NIST OSCAL. RegOps seeks to shift compliance left to make it real-time, continuous, and complete so that paperwork is always up to date, self-updating, and takes less manual resources to manage.
Segment Resources:
Website – https://www.regscale.com
Documentation/Learn More – https://regscale.readme.io
In this news segment, we discuss the art of branding/naming security companies, some new cars just out of stealth, 5 startups just out of Y Combinator, and Cybereason's $100M round from Softbank. We also talk new features (Semgrep's new GPT-4 use case), new newsletters, and new reports. We break down Nexx's broken vulnerability disclosure program and its broken products. We also discuss the FDA's new ability to block device certification for security reasons. Android announces rules to make it easier for consumers to delete accounts and remove data when they uninstall apps. IT and Security professionals everywhere are asked not to report breaches, but in some countries more than others. CISOs are more prone to drinking problems, and finally, for our squirrel stories, we discuss a crazy app called Newnew and new ideas in prosthetics.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/esw313
More shows like Security Weekly Podcast Network (Audio)
View all
Freakonomics Radio
32,235 Listeners
Planet Money
30,851 Listeners
Global News Podcast
7,784 Listeners
Hacked
184 Listeners
Security Now (Audio)
2,005 Listeners
Uncanny Valley | WIRED
497 Listeners
Risky Business
371 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
649 Listeners
CyberWire Daily
1,029 Listeners
Paul's Security Weekly (Audio)
17 Listeners
Click Here
422 Listeners
Darknet Diaries
8,088 Listeners
Tech Brew Ride Home
969 Listeners
Cybersecurity Today
178 Listeners
Cybersecurity Headlines
139 Listeners