A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
http://www.brakeingsecurity.com
Gesamtlänge aller Episoden: 16 days 13 hours 58 minutes
recommended podcasts
2015-047-Using BSIMM framework to measure the maturity of your software security lifecycle
Business Security in Maturity Model (#BSIMM) is a #framework that is unique in that it gives your company a measuring stick to know how certain industry verticals stack to yours... We didn't want to run through all 4 sections of the BSIMM, so this...
2015-046: Getting Security baked in your web app using OWASP ASVS
During our last podcast with Bill Sempf (@sempf), we were talking about how to get developers to understand how to turn a vuln into a defect and how to get a dev to understand how vulns affect the overall quality of the product. During our...
2015-045: Care and feeding of Devs, podcast edition, with Bill Sempf!
When you receive a #pentest or vuln scan report, we think in terms of #SQLi or #XSS. Take that report to your dev, and she/he sees Egyptian hieroglyphics and we wonder why it's so difficult to get devs to understand. It's a language barrier folks....
2015-044-A MAD, MAD, MAD, MAD Active Defense World w/ Ben Donnelly!
It's a madhouse this week! We invited Ben Donnelly (@zaeyx) back to discuss a new software framework he's crafted, called #MAD Active Defense. Ben wants to make Active Defense simple enough for even the busiest blue teamer. The interface takes it...
2015-043: WMI, WBEM, and enterprise asset management
WMI (Windows Management Instrumentation) has been a part of the Windows Operating system since Windows 95. With it, you can make queries about information on hosts, locally and even remotely. Why are we talking about it? It's use in the enterprise...
2015-042: Log_MD, more malware archaeology, and sifting through the junk
Just before #Derbycon, we invited Michael Gough (@hackerhurricane) to join us on the #podcast. For the last 3-4 months, my co-host Brian and he were engaged in the creation of a software tool that would make #log #analysis of #windows systems...
Derbycon Audio - post-Derby interviews!
In our last bit of Derbycon audio, I discussed DerbyCon experiences with Mr. Boettcher, Magen Wu (@tottenkoph), Haydn Johnson (@haydnjohnson), and Ganesh Ramakrishnan (@hyperrphysics). We find out what they liked, what they didn't like, and you...
Derbycon - A podcast with Podcasters! *explicit*
Mr. Boettcher and I attended Derbycon, and while he was out attending talks, I got invited to do a podcast with some of the other podcasts who were there. Special thanks to Edgar Rojas, Amanda Berlin, Jerry Bell, Andrew Kalat, Paul Coggin, Tim...
2015-040; Defending against HTML 5 vulnerabilities
Last week, we discussed with Shreeraj Shah about HTML5, how it came into being and the fact that instead of solving OWASP issues, it introduces new and wonderful vulnerabilities, like exploiting locally stored web site info using XSS techniques, and...