惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Martin Fowler
Martin Fowler
L
LINUX DO - 最新话题
P
Proofpoint News Feed
Cyberwarzone
Cyberwarzone
Know Your Adversary
Know Your Adversary
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
L
Lohrmann on Cybersecurity
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Security Latest
Security Latest
T
The Exploit Database - CXSecurity.com
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
P
Privacy & Cybersecurity Law Blog
K
Kaspersky official blog
The Last Watchdog
The Last Watchdog
Webroot Blog
Webroot Blog
Scott Helme
Scott Helme
T
Threat Research - Cisco Blogs
C
Cyber Attacks, Cyber Crime and Cyber Security
WordPress大学
WordPress大学
L
LINUX DO - 热门话题
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - Franky
V
Visual Studio Blog
O
OpenAI News
AI
AI
Hacker News: Ask HN
Hacker News: Ask HN
V2EX - 技术
V2EX - 技术
GbyAI
GbyAI
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Simon Willison's Weblog
Simon Willison's Weblog
S
Schneier on Security
Spread Privacy
Spread Privacy
Y
Y Combinator Blog
I
InfoQ
H
Hackread – Cybersecurity News, Data Breaches, AI and More
T
Threatpost
C
Cybersecurity and Infrastructure Security Agency CISA
F
Fortinet All Blogs
C
CERT Recently Published Vulnerability Notes
T
The Blog of Author Tim Ferriss
C
Check Point Blog
Apple Machine Learning Research
Apple Machine Learning Research
有赞技术团队
有赞技术团队
人人都是产品经理
人人都是产品经理
N
News and Events Feed by Topic
Project Zero
Project Zero
小众软件
小众软件
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
B
Blog
G
Google Developers Blog

Security Weekly Podcast Network (Audio)

Security Weekly Podcast Network (Audio): Why AI Just Broke Traditional IT Security as Leaders Clash Over AI Security Weekly Podcast Network (Audio): Dune References, FAT, Claude, ZhiPu, PolinRider, RentaBot, Sony, Aaran Leyland & More - SWN #596 Security Weekly Podcast Network (Audio): Defense-in-depth strategies for securing mobile applications - Ryan Lloyd - ASW #390 Security Weekly Podcast Network (Audio): Mastering agent permissions and Identiverse interviews - Howard Ting, Ajay Gupta, Sandy Bird, Amir Ofek - ESW #466 Security Weekly Podcast Network (Audio): Beyond the AI Hype, Cyber Readiness in the Age of AI - Gibb Witham - SWN #595 Security Weekly Podcast Network (Audio): Linux Tech Segment & Vulnerabilities Galore - PSW #933 Security Weekly Podcast Network (Audio): Performance Through People as Executives Struggle and Mentorship Matters - Greg Hoffman - BSW #454 Security Weekly Podcast Network (Audio): AI Cocaine Recipes, Russian Hack, Scattered Spider, Cisco, Amazon Q – Aaran Leyland - SWN #594 Security Weekly Podcast Network (Audio): Reducing Attack Surface & Evaluating Efficiency in Agents - Itamar Apelblat, David Goldschlag - ASW #389 Security Weekly Podcast Network (Audio): Fixing pentesting, Meta is destroying its engineering org, the weekly news - Adriel Desautels - ESW #465 Security Weekly Podcast Network (Audio): AI Brain Harvest, Fortibleed, Win 10, Blacksite, Windchill, Cisco, BB-8, Josh Marpet - SWN #593 Security Weekly Podcast Network (Audio): Cloud Visibility, Fortibleed, hacking things the easy way - Sandy Bird - PSW #932 Security Weekly Podcast Network (Audio): The Strategic Human Firewall as AI Impacts Regulations, Cyber Pros, and Employees - Robert Siciliano - BSW #453 Security Weekly Podcast Network (Audio): Turing, BODS, Struwwelpeter, EO-14409, VBScript, Pixemsmash, Cloudflare, Aaran Leylan - SWN #592 Security Weekly Podcast Network (Audio): How AI Is Reshaping Identity Security at the Infrastructure Layer - Amit Masand, Neha Duggal, Ev Kontsevoy - ASW #388 Security Weekly Podcast Network (Audio): Navigating Shadow AI in the Enterprise, Verizon Security Weekly Podcast Network (Audio): LLMS, Identity, EDR, JiGong, QiLin, Warlock, with Rob Allen from Threatlocker... - Rob Allen - SWN #591 Security Weekly Podcast Network (Audio): GPS, PCI, ARCH, OH MY! - PSW #931 Security Weekly Podcast Network (Audio): Enterprise Browers in the Age of AI as CISO Role Changes and Leaders Harness Stress - Arunesh Chandra - BSW #452 Security Weekly Podcast Network (Audio): TSME, ARCH, Maine, Fable, PANOS, Doug Security Weekly Podcast Network (Audio): Why Does It Matter Who or What Created the Code? - Matias Madou - ASW #387 Security Weekly Podcast Network (Audio): Safe AI at scale, what happens after initial access, and the weekly enterprise news - Albert Estevez Polo, Shiva Pillay - ESW #463 Security Weekly Podcast Network (Audio): Phones, Sarlaccs, Maine, Chinese Sites, Ivanti, Bitlocker, Peoplesoft, and More - SWN #589 Security Weekly Podcast Network (Audio): Trolling Microsoft With Vulnerabilities - PSW #930 Security Weekly Podcast Network (Audio): Innovation Without Data Security Risk as AI Unlocks Budgets and Identity Challenges - Tony Kelly - BSW #451 Security Weekly Podcast Network (Audio): Geinbot, SolarWinds, Brave, UNK_Deaddrop, durabletask, Insta, Aaran Leyland... - SWN #588 Security Weekly Podcast Network (Audio): Scanner Results Are a Starting Point. Here Security Weekly Podcast Network (Audio): The State of AI in SecOps, the Unintended Consequences of Vulnmaxxing, and the News - Filip Stojkovski - ESW #462 Security Weekly Podcast Network (Audio): Local AI, Salesforce, Fluttershell, Aspose, http/2, Cisco, Used Tech, Josh Marpet - SWN #587 Security Weekly Podcast Network (Audio): Security Researchers Are Threat Actors - PSW #929 Security Weekly Podcast Network (Audio): Scaling to $100M as the Security Weekly Index Hits an All Time High - Joshua Gould - BSW #450 Security Weekly Podcast Network (Audio): Heraclitus, AI LLMs, SSO, TTP, NetLogon, PAN-OS, AI Cost, Aaran Leyland... - SWN #586 Security Weekly Podcast Network (Audio): BadHost, Dead CTFs, Exploding NPMs, and the Verizon DBIR - ASW #385 Security Weekly Podcast Network (Audio): Helping defense Security Weekly Podcast Network (Audio): Sidhe, GreyVibe, Claude, Lightwell, Eclipse, Kimsuky, Obscure Beliefs, Josh Marpet - SWN #585 Security Weekly Podcast Network (Audio): Linux Supply Chain How-To - PSW #928 Security Weekly Podcast Network (Audio): What Security Leaders Should Expect from RSAC - Joseph Blankenship - BSW #449 Security Weekly Podcast Network (Audio): Listening, Drupal, TTE, KEV, Mythos, Megalodon, Badanov, MFA, Pope Leo, Aaran Leyland - SWN #584 Security Weekly Podcast Network (Audio): AppSec Conversations on Agents, LLMs, and OWASP from RSAC - Merritt Maxim, Scott Clinton, Janet Worthington - ASW #384 Security Weekly Podcast Network (Audio): Visibility with EDR/MDR is still important, Security Weekly Podcast Network (Audio): TVs, Old York, Flipper One, Ubiquity, Underminr, CISOs, GitHub, Josh Marpet... - SWN #583 Security Weekly Podcast Network (Audio): FCC, Github, MiniShai-hulud, Stated of Supply Chain, Itron, CRA, NIS2, and more!! - PSW #927 Security Weekly Podcast Network (Audio): Shift to Prevention and Enforcement as We Repeat Security Mistakes With AI - Rob Allen - BSW #448 Security Weekly Podcast Network (Audio): My Mother the Car, AI Slop, Nginx, Polyscope, Drupal, , GitHub, Aaran Leyland... - SWN #582 Security Weekly Podcast Network (Audio): The State of AI & AppSec - Keith Hoodlet - ASW #383 Security Weekly Podcast Network (Audio): AI Has a data problem, cascading breaches, and the weekly news - Dimitri Sirota - ESW #459 Security Weekly Podcast Network (Audio): Cisco, Canvas, Microsoft, Exchange 0-Days, NPM Backdoors, GPT-5.5 and more... - SWN #581 Security Weekly Podcast Network (Audio): You Security Weekly Podcast Network (Audio): Optimize Legal Operations as the CISO Role Changes to Address Skills Gaps and AI - Walter Scott Wilkens - BSW #447 Security Weekly Podcast Network (Audio): Tomato, JDownloader, TempPCP, Bad Vibes, Dirty Frag, Giedi Prime, Aaran Leyland... - SWN #580 Security Weekly Podcast Network (Audio): Why Basic Security Practices Still Work - Rob Allen - ASW #382 Security Weekly Podcast Network (Audio): The impact of Mythos and Florida Man, confidence gaps, phishing, & AI adoption - Chris Wallis, Deepen Desai, Erich Kron - ESW #458 Security Weekly Podcast Network (Audio): Canvas, Shai-Hulud, QuasarRat, 0Days, Anthropic, Aaran Leyland, and EU Compliance! - SWN #579 Security Weekly Podcast Network (Audio): Getting Rid of Your VPN - Rob Allen - PSW #925 Security Weekly Podcast Network (Audio): Teach to Sell and Two Interviews from RSAC 2026 from Dropzone AI and Microsoft - Dan Rochon, Arunesh Chandra, Edward Wu - BSW #446 Security Weekly Podcast Network (Audio): Zino, 0auth, VSS, Mental Health Hackers, 3 Days of KEV, Copy/Fail, AI, Aaran Leyland - SWN #578 Security Weekly Podcast Network (Audio): Keeping Up With the OWASP GenAI Project - Scott Clinton - ASW #381 Security Weekly Podcast Network (Audio): Post Quantum Migration Struggles, AI Threats, and Modern Defenses - HD Moore, Ramin Farassat, Eyal Benishti, Daniel dos Santos, Bobby Ford - ESW #457 Security Weekly Podcast Network (Audio): DOS, Seneca the Younger, Outlook, CopyFail, cPanel, QR, Ruby, Go, Talkie, Josh Marpet - SWN #577 Security Weekly Podcast Network (Audio): FIRESTARTER - PSW #924 Security Weekly Podcast Network (Audio): The Next Frontier: Autonomous Security and RSAC Interviews from Quantro & SandboxAQ - Marc Manzano, Mark Hughes, Mehul Revankar - BSW #445 Security Weekly Podcast Network (Audio): Elfsmasher, PYPI, Facebook, Glassworm, Medtronic, OpenSSH, Sararimen, Aaran Leyland - SWN #576 Security Weekly Podcast Network (Audio): Top 10 Web Hacking Techniques of 2025 and a Hint for 2026 - James Kettle - ASW #380 Security Weekly Podcast Network (Audio): Rethinking Security from the OS Up in the Age of AI and more RSAC 2026 Interviews - Karen Heart, Sachin Jade, Phil Calvin, Craig Sanderson, Travis Wong - ESW #456 Security Weekly Podcast Network (Audio): Scylla &Charybdis, Kyber, Trigonia, Namastex, GitHub, Crypto, Cables, Aaran Leyland - SWN #575 Security Weekly Podcast Network (Audio): Back to (or Start) Fundamentals? - Rajesh Khazanchi - PSW #923 Security Weekly Podcast Network (Audio): From Shame to Fame: Changing Behaviors and RSAC Interviews from Tanium and Illumio - Andrew Rubin, Craig Taylor, Tim Morris - BSW #444 Security Weekly Podcast Network (Audio): Robosawmill, Gentleman, Vercel, GitHub, Claude, RS232, Josh Marpet, and More... - SWN #574 Security Weekly Podcast Network (Audio): The Human Aspect of Red Teams - Brian Fox, Tom Tovar, T. Gwyddon Security Weekly Podcast Network (Audio): Making AI actually work in the enterprise and more RSAC Conference 2026 interviews - Camellia Chan, Aamir Lakhani, Jim Spignardo, Jody Brazil, Ely Abramovitch - ESW #455 Security Weekly Podcast Network (Audio): Dougbot, RedSun, ATHR, Vishing, Cisco, Google, Chrome, Severance, Shor, Josh Marpet.. - SWN #573 Security Weekly Podcast Network (Audio): The AI "Vulnpocolypse" Is Real? - PSW #922 Security Weekly Podcast Network (Audio): Not All CISO Gigs Are Created Equal and RSAC Interviews from ESET and Mimecast - Rob Juncker, Joanna Chen, Tony Anscombe - BSW #443 Security Weekly Podcast Network (Audio): Zuckbot, Rockstar, Klaude, Browsers Galore, Microsoft 365, ATC, Kieran Human and more - Kieran Human - SWN #572 Security Weekly Podcast Network (Audio): Securing Software Security Weekly Podcast Network (Audio): We catch up on the news, including AI vuln hunting; also more RSAC interviews! - John Wilson, Mark Lambert, Georges Bossert, Samuel Hassine - ESW #454 Security Weekly Podcast Network (Audio): Staypuft, Claude, One Pixel, deepfakes, Raccoon, BOFH, Satoshi Nakamoto, Josh Marpet. - SWN #571 Security Weekly Podcast Network (Audio): AI Makes All Bug Shallow? - PSW #921 Security Weekly Podcast Network (Audio): Zero Trust Readiness and Two RSAC 2026 Interviews from Fenix24 and Absolute Security - John Bruggeman, Christy Wyatt, John Anthony Smith - BSW #442 Security Weekly Podcast Network (Audio): Cthullu, BlueHammer, NK, CUPs, Axios, Fortinet, Cognitive Surrender, Aaran Leyland - SWN #570 Security Weekly Podcast Network (Audio): AppSec News Roundup on Claude Code Leak, Axios NPM Compromise, Secure Design - Idan Plotnik, Raj Mallempati - ASW #377 Security Weekly Podcast Network (Audio): Battling payment fraud with tokenization and executive interviews from RSAC 2026 - Jimmy White, Thyaga Vasudevan, Brian Oh, Mickey Bresman, Ashish Jain - ESW #453 Security Weekly Podcast Network (Audio): DexterBot, Darksword, Eviltokens, Tubular Bells, Claude, Drift, Gmail, Josh Marpet... - SWN #569 Security Weekly Podcast Network (Audio): What Is A Router? (And all things AI) - PSW #920 Security Weekly Podcast Network (Audio): Executive Paralysis and Two Pre-Recorded RSAC 2026 Interviews from DigiCert and Okta - Amit Sinha, Ann Marie van den Hurk, Matt Immler - BSW #441 Security Weekly Podcast Network (Audio): Beyond the Hype: Cyber Readiness, Zero Trust, and an Unscripted Conversation - Rob Allen, Gibb Witham - SWN #568 Security Weekly Podcast Network (Audio): Developing the Skills Needed for Modern Software Development - Keith Hoodlet, Shashwat Sehgal, Ron Rasin - ASW #376 Security Weekly Podcast Network (Audio): Oops, all Interviews: Switching to Cyber, CISO Reflections, and the State of TPCRM - Alexandre Sieira, Lenny Zeltser, Helen Patton - ESW #452 Security Weekly Podcast Network (Audio): Scam Baiting, AI, and the New Grift Economy, Part 2 - Rinoa Poison - SWN #567 Security Weekly Podcast Network (Audio): Scanning The Internet with Linux Tools - PSW #919 Security Weekly Podcast Network (Audio): Say Easy, Do Hard - Crypto-Agility - BSW #440 Security Weekly Podcast Network (Audio): Scam Baiting, AI, and the New Grift Economy, Part 1 - Rinoa Poison - SWN #566 Security Weekly Podcast Network (Audio): Why Proactive Security Is Far Better Than Patching - Erik Nost - ASW #375 Security Weekly Podcast Network (Audio): Can AI help critical infrastructure, the state of the cyber market, and weekly news - Mike Privette, Kara Sprague - ESW #451 Security Weekly Podcast Network (Audio): Ahab and Peewee Herman, Zoom, Vibe Hacking, SharePoint, Meta, AgeID, Josh Marpet - SWN #565 Security Weekly Podcast Network (Audio): Hacking IP KVMs & Reversing with Radare2 - Sergi Àlvarez - PSW #918 Security Weekly Podcast Network (Audio): Language of the Board as CISO-Board Time Falls Short and CISOs Struggle with Risk - Ben Wilcox - BSW #439 Security Weekly Podcast Network (Audio): AI Spicy Mode, Steam, Glassworm, Samsung, Stryker, Waymo, Cole Porter, and More - SWN #564 Security Weekly Podcast Network (Audio): Creating Better Security Guidance and Code with LLMs - Mark Curphey - ASW #374 Security Weekly Podcast Network (Audio): AI Governance, new book (Code War) from Allie Mellen, and the weekly news! - Jeremy Snyder, Allie Mellen - ESW #450
Security Weekly Podcast Network (Audio): Modern AppSec: OWASP SAMM, AI Secure Coding, Threat Modeling & Champions - Sebastian Deleersnyder, Dustin Lehr, James Manico, Adam Shostack - ASW #362
2025-12-23 · via Security Weekly Podcast Network (Audio)

Dec 23, 2025

Using OWASP SAMM to assess and improve compliance with the Cyber Resilience Act (CRA) is an excellent strategy, as SAMM provides a framework for secure development practices such as secure by design principles and handling vulns.

Segment Resources:

As genAI becomes a more popular tool in software engineering, the definition of “secure coding” is changing. This session explores how artificial intelligence is reshaping the way developers learn, apply, and scale secure coding practices — and how new risks emerge when machines start generating the code themselves. We’ll dive into the dual challenge of securing both human-written and AI-assisted code, discuss how enterprises can validate AI outputs against existing security standards, and highlight practical steps teams can take to build resilience into the entire development pipeline. Join us as we look ahead to the convergence of secure software engineering and AI security — where trust, transparency, and tooling will define the future of code safety.

Segment Resources:

Understand the history of threat modeling with Adam Shostack. Learn how threat modeling has evolved with the Four Question Framework and can work in your organizations in the wake of the AI revolution.

Whether you're launching a formal Security Champions program or still figuring out where to start, there's one truth every security leader needs to hear: You already have allies in your org -- they're just waiting to be activated. In this session, we’ll explore how identifying and empowering your internal advocates is the fastest, most sustainable way to drive security culture change. These are your early adopters: the developers, engineers, and team leads who already “get it,” even if their title doesn’t say “security.”

We’ll unpack:

  • Why you need help from people outside the security org to actually be effective
  • Where to find your natural allies (hint: it starts with listening, not preaching)
  • How to support and energize those allies so they influence the majority
  • What behavioral science tells us about spreading change across an organization

Segment Resources:

This interview is sponsored by the OWASP GenAI Security Project. Visit https://securityweekly.com/owaspappsec to watch all of CyberRisk TV's interviews from the OWASP 2025 Global AppSec Conference!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-362