Security Wire Weekly

We will be phasing out this RSS feed. Go to SearchSecurity.com/podcast to get the new Security Wire Weekly feed. Thanks for listening. In this edition, David Foote of Foote Partners shares his latest research on the value of IT security job skills and certifications. Also a wrap up of the news from Black Hat 2007.Download Security Wire Weekly

Security researchers Brian Chess and Jacob West of Fortify Software discuss penetration testing, secure software development and their latest book. Also, a researcher warns that attackers could threaten Vista users by exploiting Teredo, an IPv6 tunneling tool enabled by default in the latest Windows OS. We will be phasing out this RSS feed. Go to SearchSecurity.com/podcast to get the new Security Wire Weekly feed. Thanks for listening.Download mp3

SearchSecurity.com editors discuss the state of Apple iPhone security, Google’s continued march into the security market and vulnerability disclosure in the wake of the eBay like vulnerability auction site, WabiSabiLabi.Download Security Squad

Chris Haddad, director of technical architecture at the Burton Group lays out some of the serious threats facing Web services and service oriented architecture development. Also, a review of the week’s news. Download Security Wire Weekly

Amichai Shulman from Imperva describes a flaw his organization discovered in the Oracle E-Business Suite. The flaw was patched Tuesday as part of Oracle's July 2007 CPU. Also, a summary of this week's top IT security news.Download Security Wire Weekly

Information Security magazine editors Neil Roiter and Michael Mimoso discuss Google's foray into the security market and whether companies should turn to database encryption to meet the PCI Data Security Standard in the wake of the TJX data security breach. Also the editors discuss whether the "month of" security flaw Web sites are helpful in securing software or just shameless publicity by security researchers. And finally, SearchSecurity.com News Writer Bill Brenner provides analysis from the Gartner IT Security Summit in Washington. (Runtime: 23:51)Download Security Squad

Security researchers Tom Cross and David Dewey of IBM's Internet Security Systems X-Force research team discuss their team's discovery of the Microsoft Active Directory flaw and Microsoft's latest round of patches. Plus, a summary of the week's IT security news.Download Security Wire Weekly

SearchSecurity.com reports from the Burton Group Catalyst Conference in San Francisco. Diana Kelley, vice president and service director at the Burton Group, explains the scope of a PCI audit and how some auditors are pitching products and services. Dan Jones, director of IT at the University of Colorado, explains his school's ongoing PCI compliance initiatives.Download Security Wire Weekly

SearchSecurity.com reports from the Burton Group Catalyst Conference in San Francisco. Burton Group vice president Phil Schacter sums up the day's sessions on open and secure network architectures. Conference attendees talk about their security concerns including identity management and risk assessments.Download Security Wire Weekly

Cisco executives discuss the acquisition of security vendor IronPort, plus a look at how one IT shop moved into the Vista fast lane despite compatibility problems.Download Security Wire Weekly

This week, former Microsoft CISO Karen Worstell talks about the current state of security. Also, more consolidation in the security market with HP acquiring SPI Dynamics and PatchLink merging with SecureWave.Download Security Wire Weekly

Eric Schultze, chief security architect of Shavlik Technologies helps prioritize Microsoft’s Patch Tuesday Bulletins. Jack Danahy, chief technology officer and founder of Ounce Labs discusses Microsoft’s proactive security posture and how it has affected security in the software development lifecycle. Also, a summary of this week's news.Download Security Wire Weekly

Senior News Writer Bill Brenner reports from the Gartner IT Summit in Washington. Bryan Sartin, Cybertrust’s vice president of investigative response talks about his company’s merger with Verizon. Bruce Schneier, chief technology officer of BT Counterpane, and Lloyd Hession, CSO of BT Radianz talk about life after their mergers with British Telecom. Also, a review of the week’s news. Download Security Wire Weekly

In this brief interview at the Gartner IT Summit in Washington, Yuval Ben-Itzhak, chief technology officer of security vendor Finjan talks about a newly discovered hacking technique used by attackers to avoid detection. (Runtime 3:56)Download Security Wire Weekly Special Edition

SearchSecurity.com editors discuss whether Microsoft should abandon Patch Tuesday, whether blogging is a security threat to corporate systems, the state of Wi-Fi security and Verizon's acquisition of CyberTrust.Download Security Squad Roundtable

Snort creator and Sourcefire founder Marty Roesch talks about last year's failed Check Point acquisition and his decision to take Sourcefire public. Also, a summary of this week's news.Download Security Wire Weekly

Andy Jones, a researcher with the UK-based Information Security Forum, explains how to develop an effective security strategy to deal with large projects and defend the budget. Paul Adamonis, director of security solutions at Forsythe Security talks about how to navigate industry consolidation by developing a buying strategy; and Sandra Kay Miller gives her observations of the industry and explains why some companies may not fare well in this era of consolidation. (Runtime: 25:01).Download Security360

Security consultant Don Ulsch of Jefferson-Wells discusses the risk of blogging on company-owned mobile devices. Also, a summary of this week's news.Download Security Wire Weekly

Core Security's Ivan Arce discusses the pros and cons of penetration testing, "month-of" flaw disclosure projects and hacking contests. Also, a summary of this week's news.Download Security Wire Weekly

Mark Allen, a patch analyst with Shavlik Technologies discusses Microsoft’s recent updates, including the zero-day DNS patch and the Exchange and Internet Explorer updates. Plus, a summary of this week's IT security news.Download Security Wire Weekly

In the debut edition of SearchSecurity.com's Security Squad roundtable news-talk podcast, editors debate the growing concern about Apple security and whether Apple really cares about keeping its products secure, the emergence of Google hacking as an enterprise data security threat and the pros and cons of "dumbing down" the PCI Data Security Standard. Download MP3

Sven Krasser from Secure Computing discusses new and dangerous techniques the bad guys are working into image spam. Plus, a summary of this week's IT security news.Download Security Wire Weekly.