Fix your dumb misconfigurations, AI isn't people, and the weekly news - Danny Jenkins, Wendy Nather - ESW #436

Interview with Danny Jenkins: How badly configured are your endpoints?

Misconfigurations are one of the most overlooked areas in terms of security program quick wins. Everyone freaks out about vulnerabilities, patching, and exploits.

Meanwhile, security tools are misconfigured. Thousands of unused software packages increase remediation effort and attack surface. The most basic misconfigurations lead to breaches. Threatlocker spotted this opportunity and have extended their agent-based product to increase attention on these common issues.

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more!

Interview with Wendy Nather: Recalibrating how we think about AI

AI and the case for toxic anthropomorphism. When Wendy coined this phrase on Mastodon a few weeks ago, I knew that she had hit on something important and that we needed to discuss it on this podcast.

We were lucky to find some time for Wendy to come on the show!

Quick note: while this was not a sponsored segment, 1Password IS currently a sponsor of this podcast. That doesn't really change the conversation any, except that I have to be nice to Wendy. But why would anyone ever be mean to Wendy???

Weekly Enterprise News

Finally, in the enterprise security news,

1. Dozens of funding rounds over the past two weeks
2. Windows is becoming an Agentic OS? We talk about what that actually means.
3. Some great free tools
4. the latest cyber insurance trends
5. we analyze some recent breaches
6. the stop hacklore campaign
7. some essays worth reading
8. and a how a whole country dropped off the internet, because someone forgot to pay a GoDaddy invoice

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-436