In this Spotlight Podcast, we speak with David Brumley, the Chief Executive Officer at the security firm ForAllSecure and an expert on the use of machine learning and automation to cyber security problems. We talk about the growing demand for security automation tools and how the chronic cyber security talent shortage in North America and elsewhere is driving investment in automation.
Vijay Balasubramaniyan of Pindrop joins us to talk about it. And, in our second segment, Sam Bisbee the CSO of the firm ThreatStack joins us to talk about last month’s hack of the PEAR open source package manager and why data deserialization attacks are a growing threat to projects that use open source components.
In this episode of The Security Ledger podcast (#95): has the Digital Millennium Copyright Act taken us over a bridge too far? We talk with two experts about the case of Eric Lundgren, a celebrated e-waste recycler who has been sentenced to 15 months in prison and fined $50,000 for DMCA violations. Also: we speak with one of the Ivy League students who designed IoT Inspector, software that can analyze your home network for vulnerable devices.
In this episode of the Security Ledger Podcast we do a deep dive into the recent Black Report by NUIX – which flips the script by asking hackers and pen testers their opinions about how they hack firms and what defensive strategies and technologies work best at stopping them. Also: Rami Sass the CEO and co-founder of this week’s sponsor, WhiteSource Software, joins us in the Security Ledger studios to talk about how a white knuckle audit of his company’s open source dependencies eight years ago prompted him to start WhiteSource, which makes a tool for managing the open source software supply chains.
A new joint FBI-DHS report dishes the dirt on recent sophisticated attacks targeting the US energy grid and critical infrastructure, saying third party firms and web sites to gain access to energy and other critical infrastructure networks. It also names a sophisticated hacking group believed to be linked to the government of Russia.
