Security

What's worse than getting hit with a security breach? Getting hit with an easily preventable one.

  • Podcasts // Mar 2011

    Tom Jenkins on Grails Security

    In this podcast, the speaker explains about Grails security. The speaker explains this popular framework through its paces and describes where it excels and how it handles vulnerabilities found in other approaches.

    Provided By IBM

  • Podcasts // Mar 2011

    Addressing Data Management and IT Infrastructure Challenges in a SharePoint Environment - Podcast

    In this podcast, SharePoint server expert Michael Noel will cover key topics around SharePoint infrastructure sprawl and high-availability, including reasons why SharePoint infrastructure grows quickly, how to address sprawl, high-availability at the web tier and high-availability database tier. Michael will also cover topics such as backup and restore requirements, site...

    Provided By NetApp

  • Podcasts // Jun 2012

    Chesapeake Bay Foundation rescues the bay with NetApp's affordable and efficient solution for mission-enabling IT

    Learn how Chesapeake Bay Foundation optimized their data center infrastructure by creating a technology foundation that meets the challenges of the coming years. They were able to unify their server and storage architecture and implement best practices, rearchitect VMware? environment to gain greater virtualization efficiency; as well as upgrade and...

    Provided By NetApp

  • Podcasts // Jun 2012

    Raven Industries Elevates Corporate Services with Improved Uptime on NetApp - Video

    For Raven Systems, 24/7 systems availability is critical. With NetApp, Raven Systems was able to deliver superior uptime, allowing the Corporate Services division to enhance its service and the business to focus on remaining competitive. Challenges they overcame: performance issues with firmware upgrade cycles, improve storage efficiency and scalability to...

    Provided By NetApp

  • Podcasts // Jan 2014

    Running At 99% Surviging An Application DoS

    Application-level Denial-of-Service (DoS) attacks are a threat to nearly everyone hosting content on the internet. DoS attacks are simple to launch, but can be difficult to defend against. Modern websites are a diverse set of moving parts, and a malicious actor only needs to find the point at which any...

    Provided By SecurityTube.net

  • Podcasts // Jan 2014

    Top Ten Proactive Web Application Controls

    The OWASP proactive control is a \"Top 10 like document\" aimed to help developers build secure applications. In this podcast, the speaker will explain the fundamental controls in critical software categories such as authentication, access control, validation, encoding, query parameterization, data protection, secure requirements, secure architecture and secure design.

    Provided By SecurityTube.net

  • Podcasts // Jan 2014

    HTML5/JS Security

    In this podcast, the speaker explores the vulnerabilities behind JavaScript, including: a new class of vulnerabilities unique only to JavaScript, vulnerabilities in 3rd-party platforms which are exploited through JavaScript code and HTML5 which is considered the NG-Javascript. In turn, HTML5 introduces a new set of vulnerabilities

    Provided By SecurityTube.net

  • Podcasts // Jan 2014

    Million Browser Botnet

    Online advertising networks can be a web hacker's best friend. For mere pennies per thousand impressions (that means browsers) there are service providers who allow the users' to broadly distribute arbitrary JavaScript - even malicious JavaScript. The users' are supposed to use this feature to show ads, to track users,...

    Provided By SecurityTube.net

  • Podcasts // Jan 2014

    Application Security at DevOps Speed and Portfolio Scale

    Software development is moving much faster than application security with new platforms, languages, frameworks, paradigms, and methodologies like agile and Devops. Unfortunately, software assurance hasn't kept up with the times. Although the people making progress in application security, the gains are much slower than the stunning advances in software development.

    Provided By SecurityTube.net

  • Podcasts // Jan 2014

    New and Improved: Hacking Oracle From Web

    In this podcast, the speaker will explain about number of attacks against Oracle database and in almost every other CPU there is a shiny new exploit which allows a malicious database user to gain DBA privileges on the back-end database.

    Provided By SecurityTube.net

  • Podcasts // Jan 2014

    Attacking CAPTCHAs for Fun and Profit

    CAPTCHAs are a potent mechanism to prevent web applications against automated form submissions. To analyze the strength of CAPTHA deployments on the internet, a research spanning hundreds of high traffic websites and several CAPTCHA service providers was conducted.

    Provided By SecurityTube.net

  • Podcasts // Apr 2010

    Preparing for a Cyber Attack

    In this podcast, the speaker will separate the hype from the facts regarding ongoing foreign intrusions into government networks and the targeting of government employees. It will also provide practical advice on how to protect the users' and their organization from the actors orchestrating these intrusions.

    Provided By oreilly

  • Podcasts // May 2010

    Spear Phishing: A Smarter and More Dangerous Social Web

    In this podcast, the speaker explores a future-looking forecast about targeted attacks on identity, email, and data on the internet. What happens when every ad doesn't feel like spam because of increased information sharing and improving analytics? Spear phishing is the next-generation of e-mail phishing - except citizens, companies, and...

    Provided By oreilly

  • Podcasts // May 2010

    Cloud Computing and Security: Can't We All Just Get Along?

    In this podcast, the speaker will offer a framework to analyze security issues, and present a set of best practices toward implementing security in cloud-based applications. Security is considered the primary barrier to cloud computing adoption. Therefore, focusing attention toward minimizing security risks offers the potential for increasing cloud computing...

    Provided By oreilly

  • Podcasts // Apr 2012

    Manually Removing Viruses and Malware from Windows 7

    Getting a virus on the users' computer is a pain and they are becoming ever more difficult to remove. In this podcast, the speaker explains manually and safely removing viruses and malware from the users' computer without damaging their files or windows itself.

    Provided By oreilly

  • Podcasts // Sep 2009

    Cloud Security & Privacy

    In this podcast, the speakers explain about cloud computing's SPI delivery model, and its impact on various aspects of enterprise information security (e.g., infrastructure, data, identity and access management, security management), privacy, and compliance. Also explain the Security-as-a-Service (SaaS) and the impact of cloud computing on corporate IT.

    Provided By oreilly

  • Podcasts // May 2008

    The Top Five Log Analysis Mistakes

    In this podcast, the speaker will explains how to avoid the log analysis mistakes and how to get the most value out of various log files, generated by systems, applications and security devices.

    Provided By oreilly

  • Podcasts // May 2009

    iPhone Hacking - Intermediate & Advanced

    In this podcast, the speakers focus on the iPhone Hacks, involving hardware and software development. They targeted towards people who want to do more hardware and advanced hacks involving software development.

    Provided By oreilly

  • Podcasts // Jan 2010

    Cloud Security Deep Dive

    In this podcast, the speakers explore a deep dive into cloud security issues and focus on three specific aspects: data security; identity management in the cloud and governance in the cloud (in the context of managing a cloud service provider with respect to security obligations).

    Provided By oreilly

  • Podcasts // Jan 2014

    IBM SmartCloud Entry for Power Systems

    The IBM SmartCloud™ Entry on Power Systems™ solution provides a cost-competitive, entry-level private cloud solution that helps speed time to value of your service deployments on your IBM Power Systems servers.

    Provided By IBM

  • Podcasts // Jan 2012

    Getting Started in Web Application Security

    In this podcast, the speaker talks about getting started in Web Application Security. The speaker discusses several tools and resources useful for those that are new to this industry and for seasoned experts.

    Provided By Imperva

  • Podcasts // Jan 2012

    Host of the Network Security Blog and Podcast Series, and QSA

    In this podcast, the speaker talks about the recent webcast from Homeland Security titled "Do the Payment card Industry Data Standards Reduce Cyber Crime." The speaker also shares with one of his perspectives on the changing security industry.

    Provided By Imperva

  • Podcasts // Jan 2012

    Data Security With WAF and DAM: Chad Lorenc of Agilent Talks About How His Use of the Imperva SecureSphere WAF and DAM Solutions Goes Beyond Traditional Firewalling and Monitoring

    In this podcast, the speaker discusses how the Imperva SecureSphere solutions helped the speaker discover critical assets, monitor their operations, and provide an ongoing strategic resource for data security initiatives.

    Provided By Imperva

  • Podcasts // Jan 2012

    Using WAF in Complex, Global Environments

    In this podcast, the speaker discusses about the importance of application security at Vonage. The speaker details several projects that are aimed at protecting Vonage as well as Vonage partners and customers. The speaker also shares his views on application security as it relates to vulnerability scanning, the Imperva SecureSphere...

    Provided By Imperva

  • Podcasts // Jan 2012

    Microsoft IIS WebDAV Remote Authentication Bypass

    In this podcast, the speaker talks about Microsoft Security. This vulnerability is related to Microsoft IIS servers running WebDAV. Amichai goes into detail about the vulnerability, why servers are still vulnerable even though this is a well known exploit, and how attacks can be mitigated with WAF or web application...

    Provided By Imperva

  • Podcasts // Jan 2012

    Convergence of Risk and Security

    In this podcast, the speaker discusses a wide range of subjects related to risk and security converging that who owns risk management, how can solutions like WAF be evaluated by businesses in terms of organizational risk, where is the real value in risk management how important are technical solutions and...

    Provided By Imperva

  • Podcasts // Jan 2012

    WAF, VA, Black Box Testing, and Related Solutions Necessary for a Strong Application Security Posture

    In this podcast, the speaker discusses why Imperva and BeyondSecurity have partnered to offer a combination of WAF, Black Box Testing, and Vulnerability Assessment services together. The speaker discusses several very interesting application security "Stories from the trenches," and shares his perspectives on the evolution of application security.

    Provided By Imperva

  • Podcasts // Jan 2012

    About Bringing Together to Worlds of WAF and VA to Improve Overall Application Security and Reduce Business Risk

    In this podcast, the speaker discusses why Imperva and Whitehat have partnered to offer a blended approach to Web application security through WAF plus VA. The speaker explains that the industry now requires these once diametrically opposed solutions to unite in order to address today's threats and reduce overall business...

    Provided By Imperva

  • Podcasts // Jan 2012

    Compliance and Security Within the Financial Industry

    In this podcast, the speaker discusses about the financial industry, and how security and compliance have been changing. The speaker also touches on financial modernization, the convergence of NIST and ISO, and the risk management continuum.

    Provided By Imperva

  • Podcasts // Jan 2012

    Protecting Web Portals and Bringing Together Security Operations and Development With the Imperva SecureSphere WAF at Telefonica O2 Germany

    In this podcast, the speaker shares his experiences around choosing, implementing and operating the Imperva SecureSphere Web Application Firewall (WAF). The speaker shares a number of examples where WAF helped Telefonica discover and address application vulnerabilities.

    Provided By Imperva

  • Podcasts // Jan 2012

    Insider Threats, Privileged User Abuse and Mitigation Techniques

    In this podcast, the speaker discusses about insider threats. The speaker explores the differences between careless and nefarious insiders and talks about the difficulties of managing risks surrounding privileged users. The speaker also discusses several threat mitigation strategies.

    Provided By Imperva

  • Podcasts // Jan 2012

    Insider Threats

    In this podcast, the speaker discusses extensively about insider threats, shares some stories from the trenches, and discusses the nature of cybercrime. The speaker also covers the importance of sensitive data protection - especially around mission-critical applications and databases.

    Provided By Imperva

  • Podcasts // Jan 2012

    Direct Database SQL Injection Attacks and Mitigation Techniques

    In this podcast, the speaker discusses about Direct Database SQL Injection Attacks and how these attacks are preformed directly through the database interface or through Web applications. The speaker also talks about flaws in stored procedures that make these attacks possible.

    Provided By Imperva

  • Podcasts // Jan 2012

    PCI by the Numbers: Survey Results Explored

    In this podcast, the speaker discusses the results of his latest PCI DSS survey. The speaker talks about a number of fascinating and sometimes anomalistic statistics from the survey results, and shares his views and leanings.

    Provided By Imperva

  • Podcasts // Jan 2012

    Interview With John P. Pironti, President of IP Architects and Interop Chairperson

    In this podcast, the speaker discusses about the relationship between security operations and business risk management. The speaker also shares his views on regulatory compliance and the changing landscape for network and data security professionals.

    Provided By Imperva

  • Podcasts // Jan 2012

    Interview With Joseph Weiss, Industry Expert on Control Systems and Electronic Security

    In this podcast, the speaker discusses about cyber security within industrial control system environments, SCADA, and NERC. The speaker shares a number of perspectives based upon his decades of experience, and some fascinating examples of how incidents related to cyber assets, have negatively impacted SCADA systems, destroyed multi-million dollar assets,...

    Provided By Imperva

  • Podcasts // Jan 2012

    Interview With Raffy Marty - Chief Security Strategist for Splunk and Security Author

    In this podcast, the speaker discusses about the importance of visualization when analyzing network, security, application and database information. The speaker shares several use cases and provides insights on the relevance of visualization as a critical resource for any security practitioner.

    Provided By Imperva

  • Podcasts // Jan 2012

    Interview With Lars Ewe-CTO of Cenzic-WAF

    In this podcast, the speaker discusses the Imperva Cenzic partnership, and why bringing together vulnerability scanning services with Web Application Firewalls (WAF) is critical for application security. The speaker also shares his views on what the future holds for application security overall.

    Provided By Imperva

  • Podcasts // Jan 2012

    Interview With Dana Tamir on Data Discovery, Assessment and Classification

    In this podcast, the speaker discusses about the Imperva SecureSphere DAS (Discovery and Assessment Server) solution. The speaker outlines why this technology is critical to an effective data security strategy, they theory and technical details of how it works, as well as several use cases.

    Provided By Imperva

  • Podcasts // Jan 2012

    Leveraging WAF and DAM for Protecting Data, Securing Servers, Meeting Partner Requirements, Addressing PCI, and Beyond

    In this podcast, the speaker discusses about using Imperva SecureSphere WAF and DAM solutions. The speaker discusses key drivers such as sensitive data protection, securing mission-critical servers, addressing partner concerns over data security from Microsoft, Adobe, and Intuit (which require their partners to have strong data security solutions), and addressing...

    Provided By Imperva