A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
http://www.brakeingsecurity.com
Gesamtlänge aller Episoden: 16 days 13 hours 58 minutes
recommended podcasts
episode 21: Derek Rook, redteam tactics, blue/redteam comms, and detection of testing
**If Derek told you about us at SANS, send a DM to @brakeSec or email for an invite to our slack** OSCP/HtB/VulnHub is a game... designed to have a tester find a specific nugget of information to pivot or gain access to greater power on the...
episode 23: James Nelson from Illumio, cyber resilence, business continuity
James Nelson, VP of Infosec, Illumio How has COVID-19 changed cybersecurity? Why is cyber resilience especially important now? What are the most important steps to ensure cyber-resiliency? How do you talk to business leaders about investing in...
episode 24: Bit of news, Ripple20 vulns, IoT Security, windows error codes, captchas used for evil, Marine Momma
How would we map this against the MITRE matrix? Are there any MITRE attack types that are so similar that one attack can be two different things in the matrix? Check out our Store on...
episode 25: Cognizant breach, maze ransomware, PAN-OS CVE 2020-2021, SAML authentication walkthrough
Thank you to Marcus Carey for his excellent guidance and leadership this week. Cognizant breach: Maze ransomware write-up: PAN-OS CVE 2020-2021 - We have been made aware of a serious issue with SAML on Palo Alto Networks PAN-OS...
episode 26: WISP PSA, PAN-OS vuln redux, F5 has a bad weekend, vuln scoring, Twitter advice, and more!
1st: WISP.org PSA from Rachel Tobac (@racheltobac) & @wisporg talking about #shareTheMicInCyber #SAML PAN-OS: F5 vulnerability: F5 Mitigation (if patching is not immediately possible): Redirect 404 /...
episode 27: RIPPLE20 Report, supply chain security, responsible disclosure, software development, and vendor care.
Whitepaper: [blog] Build your own custom TCP/IP stack: Another custom TCP/IP stack: RIPPLE 20 Whitepaper: Agenda: Part 1: Background on the report Why is it called RIPPLE20? What’s the RIPPLE about? Communications with Treck (and...
episode 28: Shlomi Oberman, RIPPLE20 report, responsible disclosure, and supply chain security woes (part2)
Whitepaper: [blog] Build your own custom TCP/IP stack: Another custom TCP/IP stack: RIPPLE 20 Whitepaper: Agenda: Part 1: Background on the report Why is it called RIPPLE20? What’s the RIPPLE about? Communications...
episode 29: Brad Spengler, Linux kernel security in the past 10 years, software dev practices in Linux
WISP.org PSA at 35m56s - 37m 19s Agenda:Bio/background Why are you here (topic discussion) What is the Linux Security Summit North America Questions from the meeting invite: This only affects people who want to use a custom...
episode 30: Mick Douglas, Defenses against powercat, offsec tool release, SRUM logs, and more!
WISP.org donation page: Mick Douglas (@bettersafetynet on Twitter) Powercat: Netcat in a powershell environment Defenses against powercat? LolBins: Sigma ruleset: ElasticSearch bought Endgame; Twitter DM to @bettersafetynet:Hey... I...
episode 31: Allan Friedman, SBOM, software transparency, and knowing how the sausage is made
Ms. Berlin: Tabletop D&D exercise Blumira is hiring Allan Friedman - Director of Cybersecurity Initiatives, NTIA, US Department of Commerce NTIA.gov - National Telecommunications and Information Administration SBOM guidance...