Enterprise Security Weekly (Video)

tj-actions Lessons Learned, US Cyber Offense, this week's enterprise security news - Dimitri Stiliadis - ESW #417


Listen Later

Interview Segment - Lessons Learned from the tj-actions GitHub Action Supply Chain Attack with Dimitri Stiliadis

Breach analysis is one of my favorite topics to dive into and I’m thrilled Dimitri is joining us today to reveal some of the insights he’s pulled out of this GitHub Actions incident. It isn’t an overstatement to say that some of the lessons to be learned from this incident represent fundamental changes to how we architect development environments.

Why are we talking about it now, 4 months after it occurred? In the case of the Equifax breach, the most useful details about the breach didn’t get released to the public until 18 months after the incident. It takes time for details to come out, but in my experience, the learning opportunities are worth the wait.

Topic Segment - Should the US Go on the Cyber Offensive?

Triggered by an op-ed from Dave Kennedy, the discussion of whether the US should launch more visible offensive cyber operations starts up again. There are a lot of factors and nuances to discuss here, and a lot of us have opinions here. We'll see if we can do any of it justice in 15 minutes.

News Segment

Finally, in the enterprise security news,

  1. We discuss the latest fundings
  2. a few acquisitions
  3. a vibe coding campfire story
  4. how to hack AI agents
  5. zero-days in AI coding apps
  6. more AI zero days
  7. why Ivanti vulns are still alive and well in Japan
  8. how wiper commands made their way into Amazon’s AI coding agent
  9. it seems like vulnerabilities and AI are pairing up in this week’s news stories!

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-417

...more
View all episodesView all episodes
Download on the App Store

Enterprise Security Weekly (Video)By Security Weekly Productions

  • 4.7
  • 4.7
  • 4.7
  • 4.7
  • 4.7

4.7

3 ratings


More shows like Enterprise Security Weekly (Video)

View all
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

639 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

370 Listeners

Grumpy Old Geeks by Jason DeFillippo & Brian Schulmeister with Dave Bittner

Grumpy Old Geeks

6,019 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,013 Listeners

Security Weekly News (Video) by Security Weekly Productions

Security Weekly News (Video)

5 Listeners

Smashing Security by Graham Cluley

Smashing Security

314 Listeners

Up First from NPR by NPR

Up First from NPR

56,021 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

163 Listeners

Talkin' About [Infosec] News, Powered by Black Hills Information Security by Black Hills Information Security

Talkin' About [Infosec] News, Powered by Black Hills Information Security

94 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

76 Listeners

Cloud Security Podcast by Cloud Security Podcast Team

Cloud Security Podcast

59 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

128 Listeners