Enterprise Security Weekly (Video)

In fast-paced, shared device environments like healthcare, manufacturing, and other critical industries, traditional access management approaches are falling short, quietly eroding both security and productivity. This episode explores how outdated methods, like shared credentials and clunky logins, create friction, increase risk, and undermine compliance. We’ll discuss what a modern, strategic access management approach looks like ...

Segment 1 - Interview with Rob Allen from ThreatLocker

This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them!

Segment 2 - Topic: Growing Trend - Edge Computing and Hybrid Cloud

Segment 3 - Interviews from RSAC 2025

Cyera

Cyera is the fastest-growing data security company in history, empowering companies to classify, secure, and manage their d...

Segment 1 - Enterprise Security News, Live at IDV

This week, in the enterprise security news,

1. Acquisitions
2. potential IPOs
3. Terminator Salvation in real life
4. First $1B one-employee business?
5. Mikko puts in his notice
6. Pitch Black in real life, and more!

Segment 2 - Interview with Dr. Tina Srivastava

The #1 cause of data breaches is stolen credentials. What if we didn’t store credentials anymore? We explore ...

Segment 1

CTG Interview

Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what’s keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure.

Cyber Resilience in Action: A Guide for Mid...

Segment 1: Erik Bloch Interview

The math on SOC AI just isn't adding up. It's not easy to do the math, either, as each SOC automation vendor is tackling alert fatigue and SecOps assistants a bit differently. Fortunately for us and our audience, Erik Bloch met with many of these vendors at RSAC and is going to share what he learned with us!

Segment 2: Enterprise Weekly News

In this week's enterprise security news, ...

Segment 1: Fastly Interview

In this week's interview segment, we talk to Marshall Erwin about the state of cybersecurity, particularly when it comes to third party risk management, and whether we're ready for the next big SolarWinds or Crowdstrike incident. These big incidents have inspired executive orders, the Secure by Design initiative, and even a memo from JPMorgan Chase's CISO.

We will discuss where Marshall feels li...

Segment 1 - Secrets and their role in infrastructure security

From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygiene, discuss emerging patterns for secure secret management at scale, and shares insights on integrating secrets management into systems design.

T...

Now in its 18th year, the Verizon Business DBIR is one of the industry’s longest standing and leading reports on the current cybersecurity landscape. This year’s report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among ma...

In this week's enterprise security news,

1. Lots of funding announcements as we approach RSA
2. New products
3. The M-Trends also rudely dropped their report the same day as Verizon
4. Supply chain threats
5. Windows Recall is making another attempt
6. MCP server challenges
7. Non-human identities
8. A startup post mortem
9. Remember that Zoom outage a week or two ago? The cause is VERY interesting

All that and more, on this episode of Enterprise ...

As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how employees access sensitive business data.

In this episode of Security Weekly, Jeff Shiner,...

In the enterprise security news,

1. lots of funding, but no acquisitions?
2. New companies
3. new tools
4. including a SecOps chrome plugin
5. and a chrome plugin that tells you the price of enterprise software
6. prompt engineering tips from google
7. being an Innovation Sandbox finalist will cost you
8. Security brutalism
9. CVE dumpster fires
10. and a heartwarming story about a dog, because we need to end on something happy!

All that and more, on ...

In this interview, we're excited to speak with Pravi Devineni, who was into AI before it was insane. Pravi has a PhD in AI and remembers the days when machine learning (ML) and AI were synonymous. This is where we'll start our conversation: trying to get some perspective around how generative AI has changed the overall landscape of AI in the enterprise.

Then, we move on to the topic of AI safety and whether that should be the CISO'...

What a time to have this conversation! Mere days from the certain destruction of CVE, averted only in the 11th hour, we have a chat about vulnerability management lifecycles. CVEs are definitely part of them.

Vulnerability management is very much a hot mess at the moment for many reasons. Even with perfectly stable support from the institutions that catalog and label vulnerabilities from vendors, we'd still have some serious issues...

Default deny is an old, and very recognizable term in security. Most folks that have been in the industry for a long time will associate the concept with firewall rules. The old network firewalls, positioned between the public Internet and private data centers, however, were relatively uncomplicated and static. Most businesses had a few hundred firewall rules at most.

The idea of implementing default deny principles elsewhere were ...

We wanted security data? We got it! Now, what the heck do we DO with all of it?

The core challenge of security operations, incident response, and even compliance is still a data management and analysis problem. Which is why we’re seeing companies like Abstract Security pop up to address some of these challenges.

Abstract just released a comprehensive eBook on security data strategy, linked below, and you don’t even need to give up ...

You might know them from their excellent research work on groups like Scattered Spider, or their refreshing branding/marketing style, but Permiso is laying some impressive groundwork for understanding and defending against identity and cloud-based attacks. In this interview, we talk with co-founder and co-CEO Paul Nguyen about understanding the threats against some of cybercriminals' favorite attack surface, insider threats, and no...