Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this episode of This Week in NET, we talk with Daniele Molteni, Director of Product Management for Cloudflare’s WAF, about how Cloudflare responded within hours to a newly disclosed React Server Components vulnerability — deploying global protection before the public advisory was even released.

Discover how LevelBlue and Tenable are transforming cybersecurity in this exclusive fireside chat featuring Michael Vaughn, Director of Product Management at LevelBlue, and Greg Goetz, VP of Global Strategic Partners at Tenable.

On this episode of Masters of Data, Adam sits down with Zoe Hawkins and David Girvin to talk AppSec programs that don't suck. David's hot take from his 1Password and Red Canary days? AppSec is a people problem, not a tooling problem—stop being the person devs dodge at standup. We cover the essentials: build relationships first, threat model based on actual business risk (not your anxiety), and ditch the "shift left" obsession with scanning everything. Instead, start with offensive testing that finds vulnerabilities attackers can actually exploit.

Reusing passwords across multiple accounts sets you up for failure. That’s why we make creating and storing strong, unique passwords simple.

The quickest way to lose your WhatsApp? Sending someone a code you thought was “no big deal.” If it shows up on your phone, it’s meant for your account, no matter who asks. Protect it like your group chats depend on it (because they do).

Learn how to understand, combat, and even create synthetic media in this essential deepfake training session with Perry Carpenter, KnowBe4's Chief Human Risk Management Strategist. Deepfakes and synthetic media are no longer futuristic threats—they are here now, and organizations are already experiencing deepfake-related attacks. A May 2024 study showed that 25.9% of organizations have experienced deepfake-related attacks, with other indicators suggesting the number may be closer to 90%. It is high time to prepare people to deal with this evolving threat.

Phishing remains one of the most common ways attackers try to breach enterprise environments. Traditional tools often detect these attempts too late, giving attackers time to gain a foothold. In this demo, you’ll see how the Cato SASE Cloud Platform stops phishing attempts in real time. Cato inspects every click, evaluates threats instantly, and blocks malicious sites before they load, without slowing users down.

How do you find React2Shell vulnerabilities or detect React2Shell attacks in real environments? In this video, Corelight cloud security researcher David Burkett walks through how to threat hunt React2Shell by focusing on post-exploitation behavior at the network level. Instead of relying on exploit signatures, the approach uses application baselining and network traffic analysis to identify abnormal behavior.

“It is also a common trap of giving inexperienced customers a false sense of security…”~Navigating Supply Chain Cyber Risk TPRM processes today are filled with thousands of pages of questionnaires, assessments, and more, but does that status quo really help secure your vendor ecosystem? Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Alex Golbin (Co-Author, Navigating Supply Chain Cyber Risk) as they chat about.