Gesamtlänge aller Episoden: 16 days 13 hours 58 minutes
Shreeraj Shah (@shreeraj on Twitter) came on this week to give us a run-down of some of the issues with HTML5? How can a new standard actually be worse than something like Flash? And why would a standard not address existing OWASP issues, and even...
When we wanted to have Martin Fisher on, it was to discuss 'Security Mandate vs. Security Influence'. We wanted to discuss why companies treat compliance as more important, and if it's only because business requires it to be done. And if infosec is a...
Once you find a vulnerability, how do you handle patching it? Especially when devs have their own work to do, there are only so many man hours in a sprint or development cycle, and the patching process could take up a good majority of that if the vuln...
Checkbox Security... checklists required to follow by compliance people and many security people have to fall in line, because they often have no choice. But what if there was a way to use compliance requirements to get beyond the baseline of...
After last week's discussion of end-user training in the SANS top 20 security controls, we realized that it would be great to discuss how a company involved in training does proper training. So we hit up our sponsor at Cybrary.it to discuss...
For long time listeners of the podcast, back when Brian and I wanted to do the podcast, we were working at the same company, and the first podcast we did was on hashes. Bob story: Bob was getting tired of explaining what MD5, SHA1, SHA2...
End User training. Lots of companies have need of regular security training. Many treat it as a checkbox for compliance requirements, once a year. With the way training is carried out in many organizations, is it any wonder why phishing...
Katherine Carpenter is a privacy consultant who has worked all over the world helping to develop guidelines for ethical medical research, sharing of anonymized data, and helping companies understand privacy issues association with storing and sharing...
In an incident response, the need for clear communication is key to effective management of an incident. This week, we had Mick Douglas, DFIR instructor at SANS, and Jarrod Frates, who is a pentester at InGuardians, and has great experience...
Strap yourselves in ladies and Gentlemen. With Mr. Boettcher gone on "vacation" this week, I needed some help with the podcast, and boy did we pick a doozy. If you're a fan of Turing Complete algorithms, frankly, who isn't ;) , we had Ms....