Illuminating Data Blind Spots, Topic, Enterprise News - Tony Kelly - ESW #437

Illuminating Data Blind Spots, Topic, Enterprise News - Tony Kelly - ESW #437

Author: Security Weekly Productions December 15, 2025 Duration: 1:49:42
Enterprise Security Weekly (Video)
NewsTechnology

Interview Segment: Tony Kelly

Illuminating Data Blind Spots

As data sprawls across clouds and collaboration tools, shadow data and fragmented controls have become some of the biggest blind spots in enterprise security. In this segment, we'll unpack how Data Security Posture Management (DSPM) helps organizations regain visibility and control over their most sensitive assets.

Our guest will break down how DSPM differs from adjacent technologies like DLP, CSPM, and DSP, and how it integrates into broader Zero Trust and cloud security strategies. We'll also explore how compliance and regulatory pressures are shaping the next evolution of the DSPM market—and what security leaders should be doing now to prepare.

Segment Resources:

https://static.fortra.com/corporate/pdfs/brochure/fta-corp-fortra-dspm-br.pdf

This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them!

Topic Segment: We've got passkeys, now what?

Over this year on this podcast, we've talked a lot about infostealers. Passkeys are a clear solution to implementing phishing and theft-resistant authentication, but what about all these infostealers stealing OAuth keys and refresh tokens? As long as session hijacking is as simple as moving a cookie from one machine to another, securing authentication seems like solving only half the problem. Locking the front door, but leaving a side door unlocked.

After doing some research, it appears that there has been some work on this front, including a few standards that have been introduced:

  1. DBSC (Device Bound Session Credentials) for browsers
  2. DPoP (Demonstrating Proof of Possession) for OAuth applications

We'll address a few key questions in this segment: 1. how do these new standards help stop token theft? 2. how broadly have they been adopted?

Segment Resources:

News Segment

Show Notes: https://securityweekly.com/esw-437


Hosted by Adrian Sanabria, Enterprise Security Weekly (Video) is a deep dive into the complex world of protecting large organizations. This isn't just a headline recap; it's a practical, analyst-level discussion for security professionals who need to understand the "why" behind the news. Each episode from Security Weekly Productions brings together a seasoned panel including co-hosts like Katie Teitler-Santullo, Ayman Elsawah, Jason Wood, Jackie McGuire, and Sean Metcalf to dissect emerging threats, architectural shifts, and the tools that promise to help. You'll hear candid evaluations as they put security vendors and their claims under the microscope, separating hype from genuine utility. The conversation revolves around actionable intelligence and strategic trends that empower defenders to build more resilient environments. Tuning into this podcast provides a consistent, informed perspective that cuts through the noise of the daily alert cycle, offering clarity and context that's often hard to find. It’s a video format that adds a layer of connection and detail to these technical discussions, making complex topics more accessible. If your work involves making critical decisions about enterprise security posture, this series serves as a vital resource for staying informed and ahead of the curve.
Author: Language: English Episodes: 100

Official website RSS
instagramyoutubediscordlinkedinspotifygithub
Enterprise Security Weekly (Video)
Podcast Episodes

12345...10»