A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
http://www.brakeingsecurity.com
Gesamtlänge aller Episoden: 16 days 13 hours 58 minutes
recommended podcasts
2017-015-Being a 'security expert' vs. 'security aware'
This week, we have a little story time. Developers should be aware of the kinds of vulnerabilities their code can be attacked with. XSS, Buffer overflows, heap overflows, etc should be terms that they understand. But is it enough that they are 'aware'...
2017-014-Policy_writing_for_the_masses-master_fingerprints_and_shadowbrokers
So, I (Bryan) had a bit of a work issue to discuss. It has become one of my myriad jobs at work to write up some policies. In and of itself, it's not particularly fun work, and for whatever reason, this is causing me all kinds of issues. So this week...
2017-013-Multi-factor Auth implementations, gotchas, and solutions with Matt
Most everyone uses some kind of Multi-factor or '2 Factor Authentication". But our guest this week (who is going by "Matt" @infosec_meme)... Wanted to discuss some gotchas with regard to 2FA or MFA, the issues that come from over-reliance on 2FA,...
2017-012-UK Gov Apprenticeship infosec programs with Liam Graves
One of our Slackers (people who hang with us on our Slack Channel) mentioned that he was writing exam materials for one of the programs created by the UK Government to train high school and/or people headed to university in skills without the...
2017-011-Software Defined Perimeter with Jason Garbis
We talked with Jason Garbis this week about Software Defined Perimeter (SDP). Ever thought about going completely without needing a VPN? Do you think I just made a crazy suggestion and am off my medications? Google has been doing it for years, and...
2017-010-Authors Amanda Berlin and Lee Brotherston of the "Defensive Security Handbook"
Our very own Ms. Berlin and Mr. Lee Brotherston (), veteran of the show, co-authored an #O'Reilly book called the "Defensive Security Handbook" We talk with Amanda and Lee (or Lee and Amanda :D ) about why they wrote the book, how people should use...
2017-009-Dave Kennedy talks about CIAs 'Vault7', ISC2, and Derbycon updates!
Wikileaks published a cache of documents and information from what appears to be a wiki from the Central Intelligence Agency (CIA). This week, we discuss the details of the leak (as of 11Mar 2017), and how damaging it is to blue teamers. To help us,...
2017-008-AWS S3 outage, how it should color your IR scenarios, and killing the 'whiteboard' interview
If you were under a rock, you didn't hear about the outage that #Amazon #Web Services (#AWS) suffered at the hands of sophisticated, nation-state... wah? "an authorized #S3 team #member using an established #playbook executed a command which was...
2017-007- Audio from Bsides Seattle 2017
Bryan had the pleasure of attending his 3rd Bsides Seattle a few weeks ago. Lots of great speakers, great discussion. We have 3 interviews here this week: Justin Case (@jcase) discusses some of his talk about hacking the Google Pixel, an HTC produced...
2017-006- Joel Scambray, infosec advice, staying out from in front of the train, and hacking exposed
Joel Scambray joined us this week to discuss good app design, why it's so difficult, and what can be done to fix it when possible. Joel also co-authored many of the "Hacking Exposed" series of books. We ask him about other books that could come from...