Security Wire Weekly

TippingPoint security researcher Pedram Amini explains why the Sulley fuzzing framework is an important development in the quest to uncover software vulnerabilities. Also, a new flaw is found in Firefox and MIT fixes flaws in its widely-used Kerberos program.

http://media.techtarget.com/audioCast/SECURITY/Security_Wire_Weekly_09_05_07.mp3

Please subscribe to our new feed:

http://feeds.feedburner.com/techtarget/fHup

Security researchers Brian Chess and Jacob West of Fortify Software discuss penetration testing, secure software development and their latest book. Also, a researcher warns that attackers could threaten Vista users by exploiting Teredo, an IPv6 tunneling tool enabled by default in the latest Windows OS. We will be phasing out this RSS feed. Go to SearchSecurity.com/podcast to get the new Security Wire Weekly feed. Thanks for listening.

Download mp3

SearchSecurity officially launched the Security Wire Weekly blog today. Please subscribe to our new RSS feed. The blog hosts our Security Wire Weekly podcasts, which have been in production for nearly two years. Soon we’ll be moving all of our archived podcasts to this blog. We hope the new blog will make it easier for you to communicate with the podcast production team. Now, listeners can respond to each podcast by leaving a comment; we have added a feature in which listeners may post 30-second audio comments in response to a particular podcast. In the future, we’ll also be adding our Security Newsmaker, Security Squad and Security360 podcasts onto the blog, which will be accessible through the same feed. All of our podcasts will continue to be accessible at SearchSecurity.com/podcast. Thanks for listening.

Information Security magazine editors Neil Roiter and Michael Mimoso discuss Google's foray into the security market and whether companies should turn to database encryption to meet the PCI Data Security Standard in the wake of the TJX data security breach. Also the editors discuss whether the "month of" security flaw Web sites are helpful in securing software or just shameless publicity by security researchers. And finally, SearchSecurity.com News Writer Bill Brenner provides analysis from the Gartner IT Security Summit in Washington. (Runtime: 23:51)

Download Security Squad

SearchSecurity.com reports from the Burton Group Catalyst Conference in San Francisco. Diana Kelley, vice president and service director at the Burton Group, explains the scope of a PCI audit and how some auditors are pitching products and services. Dan Jones, director of IT at the University of Colorado, explains his school's ongoing PCI compliance initiatives.

Download Security Wire Weekly

Senior News Writer Bill Brenner reports from the Gartner IT Summit in Washington. Bryan Sartin, Cybertrust’s vice president of investigative response talks about his company’s merger with Verizon. Bruce Schneier, chief technology officer of BT Counterpane, and Lloyd Hession, CSO of BT Radianz talk about life after their mergers with British Telecom. Also, a review of the week’s news.

Download Security Wire Weekly

Andy Jones, a researcher with the UK-based Information Security Forum, explains how to develop an effective security strategy to deal with large projects and defend the budget. Paul Adamonis, director of security solutions at Forsythe Security talks about how to navigate industry consolidation by developing a buying strategy; and Sandra Kay Miller gives her observations of the industry and explains why some companies may not fare well in this era of consolidation. (Runtime: 25:01).

Download Security360