BrakeSec Education Podcast
By Bryan Brake, Amanda Berlin, and Brian Boettcher
Listen to a podcast, please open Podcast Republic app. Available on Google Play Store and Apple App Store.
Category: Tech News
Open in Apple Podcasts
Open RSS feed
Open Website
Rate for this podcast
Subscribers: 215
Reviews: 0
Episodes: 468
Description
A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
| Episode | Date |
|---|---|
|
post-bsides SD discussion, EPSS, the answer I should have given, and 'Lord Brake'
|
Apr 02, 2025 |
|
March23: buy browser extensions, attackers don't need exploits, socvel CTI quiz
|
Mar 24, 2025 |
|
steam distributes malware in game form, RDP open from DOGE servers, hacking a supply chain for 50K
|
Feb 17, 2025 |
|
Tanya Janca Talks secure coding, Semgrep Academy, and community building, and more!
|
Jun 01, 2024 |
|
Josh Grossman - building Appsec programs, bridging security and developer gaps
|
Apr 15, 2024 |
|
Managing messaging with management, becoming a CISO with Mary Gardner from Goldiknox
|
Apr 09, 2024 |
|
p2-accidentalCISO, building trust in new places
|
Feb 13, 2024 |
|
AccidentalCISO on BrakeSecEd, talking Leadership, SaaS development, and Appsec
|
Feb 02, 2024 |
|
1st show of 2024! Our 10th Anniversary...
|
Jan 09, 2024 |
|
Brakesec Call to Action 2023
|
Dec 18, 2023 |
|
How to get more headcount, BLUFFs Vulnerability, and Ranty Clause debuts!
|
Dec 04, 2023 |
|
25Oct - okta breached (again), Energy company hit by supply chain attack, and you can help hire the best people
|
Oct 26, 2023 |
|
Nicole Sundin - CPO at Axio - SEC compliance, usable security, setting up risk mgmt programs
|
Sep 23, 2023 |
|
John Aron, letters of marque, what does a "junior" job look like with AI?
|
Sep 03, 2023 |
|
Megan Roddie - co-author of "Practical Threat Detecion Engineering"
|
Aug 25, 2023 |
|
meeting new people, walking on your keyboard causes issues, even google gets phone numbers wrong.
|
Jul 21, 2023 |
|
Bsides Seattle and Austin, SecureBoot patch, and more
|
May 27, 2023 |
|
lynsey wolf, conducting insider threat investigations, CASB and UEBA utlization to good use.
|
Apr 30, 2023 |
|
3CX supply chain attack, Mark Russinovich and Sysinternals, CISA ransomware notifications, and emotional intelligence
|
Apr 08, 2023 |
|
Dish Network is still busted, John Deere avoiding OSS requests, Is DAST dead?
|
Mar 24, 2023 |
|
Nickolas Means talks about Security, Devops velocity, blameless orgs, and conferences infosec should attend
|
Mar 04, 2023 |
|
SPECIAL INTERVIEW: John Aron and Jerod Brennen
|
Feb 10, 2023 |
|
Layoff discussions, another TMO breach, OneNote Malware, and more!
|
Jan 24, 2023 |
|
GPS car hacks, Google Threat report, notable topics of 2020, satellite threat modelling, twitter breach(?)
|
Jan 10, 2023 |
|
Josh-Whalen-risk-management-data_visualization-tools, value-creating activities -p2
|
Dec 20, 2022 |
|
John Whalen, data visualization tools, risk management, handling org risk-p1
|
Dec 11, 2022 |
|
Interview with Infrared - one of the Seattle Community Network organizers
|
Nov 22, 2022 |
|
JAMBOREE - an Android App testing platform from @operat0r -part2
|
Nov 07, 2022 |
|
JAMBOREE - an Android App testing platform from @operat0r
|
Oct 30, 2022 |
|
07-oct-news-twitch streaming
|
Oct 12, 2022 |
|
Uber Breach, MFA fatigue, who can help communicate biz risk?
|
Sep 19, 2022 |
|
Manual Code reviews/analysis, post-infosec Campout discussion
|
Sep 02, 2022 |
|
Amanda's Sysmon Talk -p2
|
Aug 15, 2022 |
|
Amanda's Sysmon Talk -p1
|
Aug 07, 2022 |
|
Tanya Janca, Securing APIs, finding Security Champions, and accepting Risk
|
Jul 30, 2022 |
|
Tanya Janca on secure coding practices, Swagger docs, and why documentation matters
|
Jul 24, 2022 |
|
PYPI enables 2FA, some devs have a problem with this
|
Jul 14, 2022 |
|
JW Goerlich on Training, phishing exercises, security metrics,getting the most from user training
|
Jul 05, 2022 |
|
RSA conference, Zero Trust, SSO, 2FA, and multi-cloud tenancy with J Goerlich
|
Jun 25, 2022 |
|
jon-dimaggio-part2-threat intel-hacking back-analyzing malware
|
Jun 16, 2022 |
|
Jon DiMaggio_Art-of-cyberwarfare_hacking_back-insider-threat-messaging_P1
|
Jun 09, 2022 |
|
news, infosystir's talk at RSA, conti has an 'image' problem
|
May 24, 2022 |
|
Mieng Lim, Ransomware actions, using insurance to offset risk, good IR/PR comms
|
May 15, 2022 |
|
Mieng-Lim-Ransomware-Best-Practices-p1
|
May 11, 2022 |
|
Mick Douglas on threat intel, customer worries about being hacked, and more
|
May 04, 2022 |
|
news, farmers affected by ransomware, protestware for the 3rd time, trusting opensource
|
Apr 26, 2022 |
|
Mick Douglas discusses What2Log, and guidance in light of Okta incident
|
Apr 21, 2022 |
|
logging analysis, log correlation, and threat analysis dicussion continues - p2
|
Apr 10, 2022 |
|
Amanda and Bryan discusses log analysis, finding, IOCs, and what to do about them.
|
Apr 05, 2022 |
|
Shannon Noonan and Stacey Cameron - process automation -p2
|
Mar 22, 2022 |
|
Shannon Noonan and Stacey Cameron - process automation
|
Mar 12, 2022 |
|
K12SIX-project-Doug_Levin-Eric_Lankford-threat_intel-edusec-p2
|
Mar 01, 2022 |
|
K12SIX's Eric Lankford and Doug Levin on helping schools get added security -p1
|
Feb 22, 2022 |
|
April Wright and Alyssa Miller - IoT platforms, privacy and security, embracing standards
|
Feb 15, 2022 |
|
Alyssa Miller, April Wright, on IoT Privacy & Security, using tech for stalking, what could be done? Part1
|
Feb 07, 2022 |
|
Bit of news, Belarus train system hack, VMware Horizon vulns, edge network device vulns
|
Feb 01, 2022 |
|
April Wright and Alyssa Miller- Open Source sustainabilty
|
Jan 24, 2022 |
|
Amélie Koran and Adam Baldwin discuss OSS sustainability, supply chain security,, governance, and outreach for popular applications - part2
|
Jan 18, 2022 |
|
OSS sustainability, log4j fallout, developer damages own code-p1
|
Jan 12, 2022 |
|
2021-046-Mick Douglas, Log4j vulnerabilities, egress mitigations- part2
|
Dec 23, 2021 |
|
2021-045-Mick Douglas, Log4j vulnerabilities, egress mitigations- part1
|
Dec 16, 2021 |
|
2021-044-Litmoose discusses stalking and protecting yourself
|
Dec 13, 2021 |
|
2021-043- Fred Jennings, Vuln Disclosure policy, VEP, and 0day disclosure - p2
|
Nov 21, 2021 |
|
2021-042- Fred Jennings, VDP, Vuln Equity, And 0day disclosure - p1
|
Nov 21, 2021 |
|
Blumira Sponsor #3 - Emily Eubanks, more actionable events, incident response help, and more
|
Nov 21, 2021 |
|
2021-041-0day disclosure, Randori, FBI email server pwnage
|
Nov 16, 2021 |
|
2021-040-Sweden's parents rebel over poor App design, US government forcing patching of systems, and Vuln chaining
|
Nov 08, 2021 |
|
2021-039-Minimum Viable vendor security sheet, Federal logging requirements, and more!
|
Nov 02, 2021 |
|
SPONSOR-Blumira's Nato Riley on Log Classification, Security Maturity,
|
Nov 01, 2021 |
|
2021-038-Liz Saling, 5 pillars of building a good team
|
Oct 25, 2021 |
|
2021-037-Tony Robinson, leveraging your home lab for job success - Part2
|
Oct 17, 2021 |
|
2021-036-Tony Robinson, twtich breach, @da_667 lab setup new book edition! -part1
|
Oct 14, 2021 |
|
2021-035-GRC selection discussion, TechSecChix, and the 'job description problem'
|
Sep 29, 2021 |
|
2021-034-Khalilah Scott, good GRC tool practices - part1
|
Sep 29, 2021 |
|
2021-033-Kim_Crawley, 8 steps to better security-Part2
|
Sep 20, 2021 |
|
SPONSOR: Blumira's Patrick Garrity
|
Sep 16, 2021 |
|
2021-032--Author_Kim_crawley-8-Simple_Rules_for_Cybersecurity
|
Sep 14, 2021 |
|
2021-031- back in the saddle, conference discussion, company privacy
|
Sep 03, 2021 |
|
2021-030-incident response, business goal alignment, showing value in IR -p2
|
Aug 22, 2021 |
|
2021-029- incident response, PICERL cycle, showing value in IR, aligning with business goals -p1
|
Aug 15, 2021 |
|
2021-028-Rebekah Skeete - social engineering techniques and influences
|
Aug 08, 2021 |
|
2021-027-Black Girls Hack COO Rebekah Skeete!
|
Aug 02, 2021 |
|
2021-026-Triaging threat research, Jira vulns, Serious Sam vuln, Systemd vulns, and HiveNightmare
|
Jul 28, 2021 |
|
2021-025-Dan Borges, Author of Adversarial Techniques from Packt Publishing
|
Jul 19, 2021 |
|
2021-024-Dan Borges, Author of Adversarial Techniques from Packt Publishing
|
Jul 10, 2021 |
|
2021-023-d3fend framework, DLL injection types, more solarwinds infections
|
Jun 30, 2021 |
|
2021-022-github policy updates targeting harmful software, Ms. Berlin discusses WWHF, CVSS discussion
|
Jun 22, 2021 |
|
2021-021-Security Sphynx, ZeroTrust, implementation prep- part2
|
Jun 16, 2021 |
|
2021-020: Security Sphynx, Preparing for ZeroTrust implementation - Part1
|
Jun 06, 2021 |
|
2021-019-Joe Gray, OSINT CTFs, gamifying and motivating to do the right thing
|
May 28, 2021 |
|
2021-018-LawyerLiz, Pres. Biden's EO, and the clueless professor
|
May 22, 2021 |
|
2021-017-Joe Gray on his future book, the OSINT loop, motivators, and gamification - part1
|
May 18, 2021 |
|
2021-016-researchers knowingly add vulnerable code to linux kernel, @pageinsec joins us to discuss -part2
|
May 05, 2021 |
|
2021-015-researchers knowingly add vulnerable code to linux kernel, @pageinsec joins us to discuss -part1
|
Apr 27, 2021 |
|
2021-014-Slipstreaming blocked by Chrome, Slack being used for malware, plus dork and deskjockeys!
|
Apr 13, 2021 |
|
2021-013-Liana_McCrea-Garrison_Yap-cecil_hotel, Elisa_Lam-physical_security-part2
|
Apr 07, 2021 |
|
2021-012-physical security discussion with @geecheethreat and @garrisony75 -pt1
|
Mar 30, 2021 |
|
2021-011- Dr. Catherine J Ullman, the art of communication in an Incident - Part 2
|
Mar 21, 2021 |
|
2021-010- Dr. Catherine J Ullman, the art of communication in an Incident - Part 1
|
Mar 17, 2021 |
|
2021-009-Jasmine_Jackson-TheFluffy007-analyzing_android_apps-FRida-Part2
|
Mar 07, 2021 |
|
2021-008-Jasmine jackson - TheFluffy007, Bio and background, Android App analysis - part 1
|
Mar 02, 2021 |
|
2021-007-News-Google asking for OSS to embrace standards, insider threat at Yandex, Vectr Discussion
|
Feb 21, 2021 |
|
2021-006-Ronnie Watson (@secopsgeek), building a security monitoring system with ELK, and Wazuh - part2
|
Feb 14, 2021 |
|
2021-005-Ronnie Watson (@secopsgeek), building a security monitoring system with ELK, and Wazuh
|
Feb 09, 2021 |
|
2021-004-Danny Akacki talks about Mergers and Acquisitions - Part 2
|
Feb 03, 2021 |
|
2021-003- Danny Akacki, open communications, mergers&acquistions
|
Jan 26, 2021 |
|
2021-002-Elastic Search license changes, Secure RPC patching for windows, ironkey traps man's $270 million in Bitcoin
|
Jan 19, 2021 |
|
2021-001-news, youtuber 'dream' doxxed, solarwind passwords bruteforced, malware attacks
|
Jan 12, 2021 |
|
2020-046-solarwinds-fireeye-breaches-GE-medical-device-issues-and-2021_predictions
|
Dec 17, 2020 |
|
SPONSORED- Nathanael Iversen from Illumio, future of microsegmentation,
|
Dec 07, 2020 |
|
2020-045-Marco Salvati, supporting open source devs, incentivizing leeching companies who don't give back- part2
|
Dec 07, 2020 |
|
2020-044-Marcello Salvati (@byt3bl33d3r), porchetta industries, supporting opensource tool creators, sponsorship model
|
Dec 02, 2020 |
|
2020-043-Software_Defined_Radio-Sebastien_dudek-RF-attacks- IoT and car RF attacks
|
Nov 24, 2020 |
|
SPONSORED Podcast: Katey Wood from Illumio on deployment and using WIndows Filtering Platform
|
Nov 17, 2020 |
|
2020-042-Kim Crawley and Phillip Wylie discuss "Pentester Blueprint", moving into pentesting career
|
Nov 15, 2020 |
|
2020-041- Conor Sherman, IR stories, cost of not prepping for an incident
|
Nov 10, 2020 |
|
2020-040- Jeremy Mio, State of Ohio Election Security
|
Nov 02, 2020 |
|
2020-039-Philip Beyer-leadership- making an impact
|
Oct 28, 2020 |
|
SPONSORED PODCAST: Neil Patel, Illumio on Microsegmentation, and adopting the Zero Trust philosophy
|
Oct 23, 2020 |
|
2020-038-Phil_Beyer-etsy-CISO-leadership-making-an-impact
|
Oct 20, 2020 |
|
2020-037-Katie Moussouris, Implementing VCMM, diversity in job descriptions - Part 2
|
Oct 11, 2020 |
|
2020-036-Katie Moussouris, Vulnerability Coordination Maturity Model, when are you ready for a bug bounty - Part 1
|
Oct 06, 2020 |
|
2020-035-ransomware death in Germany, Zerologon woes, drovorub, and corp data on personal devices
|
Sep 29, 2020 |
|
2020-034-Fortnite account selling, process change agility, IRS wanting to track the 'untrackable'
|
Sep 14, 2020 |
|
2020-033-garmin hack, Tesla employee thwarted IP espionage, Slack RCE payout, and more!
|
Aug 31, 2020 |
|
2020-032-Dr. Allan Friedman, SBOM, Software Transparency, and how the sausage is made - Part 2
|
Aug 24, 2020 |
|
2020-031-Allan Friedman, SBOM, software transparency, and knowing how the sausage is made
|
Aug 18, 2020 |
|
2020-030- Mick Douglas, Defenses against powercat, offsec tool release, SRUM logs, and more!
|
Aug 10, 2020 |
|
2020-029- Brad Spengler, Linux kernel security in the past 10 years, software dev practices in Linux, WISP.org PSA
|
Jul 31, 2020 |
|
2020-028-Shlomi Oberman, RIPPLE20, supply chain security discussion, software bill of materials
|
Jul 24, 2020 |
|
2020-027-RIPPLE20 Report, supply chain security, responsible disclosure, software development, and vendor care.
|
Jul 16, 2020 |
|
2020-026- WISP PSA, PAN-OS vuln redux, F5 has a bad weekend, vuln scoring, Twitter advice, and more!
|
Jul 08, 2020 |
|
2020-025-Cognizant breach, maze ransomware, PAN-OS CVE 2020-2021, SAML authentication walkthrough
|
Jun 29, 2020 |
|
2020-024-Bit of news, Ripple20 vulns, IoT Security, windows error codes, captchas used for evil, Marine Momma
|
Jun 24, 2020 |
|
2020-023-James Nelson from Illumio, cyber resilence, business continuity
|
Jun 17, 2020 |
|
2020-022-Andrew Shikiar, FIDO Alliance, removing password from IoT, and discussing FIDO implementation
|
Jun 10, 2020 |
|
2020-021- Derek Rook, redteam tactics, blue/redteam comms, and detection of testing
|
Jun 01, 2020 |
|
2020-020-Andrew Shikiar - FIDO Alliance - making Cybersecurity more secure
|
May 27, 2020 |
|
2020-019-Masha Sedova, customized training, phishing, ransomware, and privacy implications
|
May 20, 2020 |
|
2020-018- Masha Sedova, bespoke security training, useful metrics to tailor training
|
May 13, 2020 |
|
2020-017-Cameron Smith, business decisions, and how it affects Security
|
May 05, 2020 |
|
2020-016-Cameron Smith, Business decisions and their (in)secure outcomes - Part 1
|
Apr 29, 2020 |
|
2020-015-Tanya_Janca-Using Github Actions in your Devops Environment, workflow automation
|
Apr 21, 2020 |
|
Pwnysec tutorial on all things XSS
|
Apr 21, 2020 |
|
2020-014-Server Side Request Forgery defense, Tanya Janca, AppSec discussion
|
Apr 14, 2020 |
|
2020-013- part 2, education security, ransomware, april mardock, Nathan McNulty, and Jared folkins
|
Apr 07, 2020 |
|
2020-012-April Mardock, Nathan McNulty, Jared Folkins, school security, ransomware attacks
|
Mar 29, 2020 |
|
2020-011-Alyssa miller, deep fakes, threatmodeling for Devops environments, and virtual conferences
|
Mar 25, 2020 |
|
2020-010-Dave Kennedy, offensive security tool release, Derbycom, and Esports
|
Mar 19, 2020 |
|
2020-009-Dave Kennedy, Offensive Tool release (Part 1)
|
Mar 12, 2020 |
|
2020-008-Nemesis_Taylor Mutch
|
Mar 04, 2020 |
|
2020-007-Roberto_Rodriguez-threat_hunting-juypter_notebooks_data-science
|
Feb 26, 2020 |
|
2020-006-Roberto Rodriguez, threat intel, threat hunting, hunter's forge, mordor setup
|
Feb 19, 2020 |
|
2020-005-Marcus J Carey, red team automation, and Tribe of Hackers book series
|
Feb 10, 2020 |
|
2020-004-Marcus Carey, ShmooCon Report, threat simulation
|
Feb 05, 2020 |
|
2020-003- Liz Fong Jones, tracking Pentesters, setting up MFA for SSH, and Developer Advocates
|
Jan 30, 2020 |
|
2020-002-Liz Fong-Jones discusses blog post about Honeycomb.io Incident Response
|
Jan 23, 2020 |
|
2020-001- Android malware, ugly citrix bugs, and Snake ransomware
|
Jan 13, 2020 |
|
2019-046-end of the year, end of the decade, predictions, and how we've all changed
|
Dec 23, 2019 |
|
2019-045-Part 2-Noid, Dave Dittrich, empowered teams, features vs. security
|
Dec 18, 2019 |
|
2019-044-Noid and Dave Dittrich discusses recent keybase woes - Part 1
|
Dec 10, 2019 |
|
2019-043-Bea Hughes, dealing with realistic threats in your org
|
Dec 04, 2019 |
|
2019-042-CircuitSwan, Gitlabs, Job descriptions that don't suck, layer8con
|
Nov 27, 2019 |
|
2019-041-circuitswan, diana initiative, diversity initiatives at conferences
|
Nov 21, 2019 |
|
2019-040-vulns in cisco kit, google's project 'nightmare', healthcare data issues, TAGNW conference update
|
Nov 12, 2019 |
|
2019-039-bluekeep_weaponized-npm_security_cracks-grrcon_report
|
Nov 04, 2019 |
|
2019-038-Deveeshree_Nayak-risk_analysis, and OWASP WIA
|
Oct 30, 2019 |
|
2019-038- Ethical dilemmas with offensive tools, powershell discussion with Lee Holmes - Part2
|
Oct 22, 2019 |
|
2019-037-Lee Holmes, Powershell logging, and why there's an 'execution bypass'
|
Oct 17, 2019 |
|
2019-036-RvrShell-graphql_defense-Part2
|
Oct 09, 2019 |
|
2019-035-Matt_szymanski-attack and defense of GraphQL-Part1
|
Oct 02, 2019 |
|
2019-034- Tracy Maleeff, empathy as a service, derbycon discussion
|
Sep 22, 2019 |
|
2019-033-Part 2 of the Kubernetes security audit discussion (Jay Beale & Aaron Small)
|
Sep 16, 2019 |
|
the last Derbycon Brakesec podcast
|
Sep 07, 2019 |
|
2019-032-kubernetes security audit dicussion with Jay Beale and Aaron Small
|
Aug 31, 2019 |
|
2019-031- Dissecting a Social engineering attack (Part 2)
|
Aug 16, 2019 |
|
2019-030-news, breach of PHI, sephora data breach
|
Aug 09, 2019 |
|
2019-029-dissecting a real Social engineering attack (part 1)
|
Aug 01, 2019 |
|
2019-028-fileless_malware_campaign,privacy issues with email integration-new_zip_bomb_record
|
Jul 24, 2019 |
|
2019-027-GDPR fines for British Airways, FTC fines Facebook, Zooma-palooza
|
Jul 14, 2019 |
|
2019-026-Ben Johnson discusses hanging your shingle, going independent
|
Jul 09, 2019 |
|
2019-025-Ben Johnson discusses identity rights management, and controlling your AuthN/AuthZ issues
|
Jul 02, 2019 |
|
2019-024-Tanya_Janca-mentorship-WoSec_organizations_what-makes-a-good-mentor
|
Jun 24, 2019 |
|
2019-023-Tanya Janca, Dev Slop, DevOps tools for free or cheap
|
Jun 18, 2019 |
|
2019-022-Chris Sanders-Rural_Tech_Fund-embracing_the_ATT&CK_Matrix
|
Jun 09, 2019 |
|
2019-021-Chris Sanders discusses a cognitive crisis, mental models, and dependence on tools
|
Jun 04, 2019 |
|
2019-020-email_security_controls-windows_scheduler
|
May 29, 2019 |
|
2019-019-Securing your RDP and ElasticSearch, InfoSec Campout news
|
May 20, 2019 |
|
2019-018-Lesson's I learned, github breach, ransoming github repos
|
May 14, 2019 |
|
2019-017-K8s Security, Kamus, interview with Omer Levi Hevroni
|
May 05, 2019 |
|
2019-016-Conference announcement, and password spray defense
|
Apr 29, 2019 |
|
2019-015-Kevin_johnson-incident_response_aftermath
|
Apr 22, 2019 |
|
2019-014-Tesla fails encryption, Albany and Sammamish ransomware attacks.
|
Apr 15, 2019 |
|
2019-013-ASVSv4 discussion with Daniel Cuthbert and Jim Manico - Part 2
|
Apr 07, 2019 |
|
2019-012: OWASP ASVSv4 discussion with Daniel Cuthbert and Jim Manico - Part 1
|
Apr 01, 2019 |
|
2019-011-part 2 of our interview with Brian "Noid" Harden
|
Mar 24, 2019 |
|
2019-010-Zach_Ruble-building_a_better_cheaper_C2_infra
|
Mar 18, 2019 |
|
2019-009- Log-MD story, Noid, communicating with Devs and security people-part1
|
Mar 12, 2019 |
|
2019-008-windows retpoline patches, PSremoting, underthewire, thunderclap vuln
|
Mar 04, 2019 |
|
2019-007-bsides_seattle_recap-new_phishing_vector-Kernel_use_after_free_vuln
|
Feb 25, 2019 |
|
2019-006: CSRF, XSS, infosec hypocrites, and the endless cycle
|
Feb 18, 2019 |
|
2019-005: Security Researcher attack, disabling SPECTER, and Systemd discussion
|
Feb 11, 2019 |
|
2019-004-ShmooCon, and Bsides Leeds discussion, Facetime bug (with update), a town for ransom
|
Feb 04, 2019 |
|
2019-003-Liz Rice, creating processes to shift security farther left in DevOps
|
Jan 28, 2019 |
|
2019-002-part 2 of the OWASP IoT Top 10 with Aaron Guzman
|
Jan 22, 2019 |
|
2019-001: OWASP IoT Top 10 discussion with Aaron Guzman
|
Jan 14, 2019 |
|
2018-045: end of the year podcast!
|
Dec 27, 2018 |
|
2018-044: Mike Samuels discusses NodeJS hardening initiatives
|
Dec 18, 2018 |
|
2018-043-Adam-Baldwin, npmjs Director of Security, event stream post mortem, and making your package system more secure
|
Dec 11, 2018 |
|
2018-042-Election security processes in the state of Ohio
|
Dec 03, 2018 |
|
2018-041: part 2 of Kubernetes security insights w/ ian Coldwater
|
Nov 26, 2018 |
|
2018-040- Jarrod Frates discusses pentest processes
|
Nov 19, 2018 |
|
2018-039-Ian Coldwater, kubernetes, container security
|
Nov 12, 2018 |
|
2018-038-InfosecSherpa, security culture,
|
Nov 05, 2018 |
|
2018-037-iWatch save man's life, Alexa detects your mood, and post-derby discussion
|
Oct 22, 2018 |
|
2018-036-Derbycon 2018 Audio with Cheryl Biswas and Tomasz Tula
|
Oct 15, 2018 |
|
2018-035-software bloat is forever; malicious file extensions; WMIC abuses
|
Oct 01, 2018 |
|
2018-034-Pentester_Scenario
|
Sep 25, 2018 |
|
2018-031-Derbycon ticket CTF, Windows Event forwarding, SIEM collection, and missing events... oh my!
|
Sep 01, 2018 |
|
2018-030: Derbycon CTF and Auction info, T-mobile breach suckage, and lockpicking
|
Aug 26, 2018 |
|
2018-029-postsummercamp-future_record_breached-vulns_nofix
|
Aug 17, 2018 |
|
2018-028-runkeys, DNS Logging, derbycon Talks
|
Aug 09, 2018 |
|
2018-027-Godfrey Daniels talks about his book about the Mojave Phonebooth
|
Aug 01, 2018 |
|
2018-026-insurers gathering data, netflix released a new DFIR tool, and google no longer gets phished?
|
Jul 27, 2018 |
|
2018-025-BsidesSPFD, threathunting, assessing risk
|
Jul 19, 2018 |
|
2018-024- Pacu, a tool for pentesting AWS environments
|
Jul 11, 2018 |
|
2018-023: Cydefe interview-DNS enumeration-CTF setup & prep
|
Jul 02, 2018 |
|
2018-022-preventing_insider_threat
|
Jun 26, 2018 |
|
2018-021-TLS 1.3 discussion, Area41 report, wireshark goodness
|
Jun 20, 2018 |
|
2018-020: NIST's new password reqs, Ms. Berlin talks about ShowMeCon, Pwned Passwords
|
Jun 13, 2018 |
|
2018-019-50 good ways to protect your network, brakesec summer reading program
|
Jun 06, 2018 |
|
2018-018-Jack Rhysider, Cryptowars of the 90s, OSINT techniques, and hacking MMOs
|
May 30, 2018 |
|
2018-017- threat models, vuln triage, useless scores, and analysis tools
|
May 23, 2018 |
|
2018-016- Jack Rhysider, DarkNet Diaries, and a bit of infosec history (Part 1)
|
May 15, 2018 |
|
2018-015-Data labeling, data classification, and GDPR issues
|
May 07, 2018 |
|
2018-014- Container Security with Jay Beale
|
Apr 29, 2018 |
|
2018-013-Sigma_malware_report, Verizon_DBIR discussion, proper off-boarding of employees
|
Apr 20, 2018 |
|
2018-012: SIEM tuning, collection, types of SIEM, and do you even need one?
|
Apr 11, 2018 |
|
2018-011: Creating a Culture of Neurodiversity
|
Apr 04, 2018 |
|
2018-010 - The ransoming of Atlanta, Facebook slurping PII, Dridex variants
|
Mar 27, 2018 |
|
2018-009- Retooling for new infosec jobs, sno0ose, Jay Beale, and mentorship
|
Mar 19, 2018 |
|
BDIR-001: Credential stealing emails, How do you protect against it?
|
Mar 12, 2018 |
|
2018-008- ransomware rubes, Defender does not like Kali, proper backups
|
Mar 12, 2018 |
|
2018-007- Memcached DDoS, Secure Framework Documentation, and chromebook hacking
|
Mar 05, 2018 |
|
2018-006- NPM is whacking boxes, code signing, and stability of code
|
Feb 26, 2018 |
|
2018-005-Securing_your_mobile_devices_and_CMS_against_plugin_attacks
|
Feb 14, 2018 |
|
2018-004 - Discussing Bsides Seattle, and Does Autosploit matter?
|
Feb 05, 2018 |
|
BDIR-000 ; The Beginning
|
Jan 29, 2018 |
|
2018-003-Privacy Issues using Crowdsourced services,
|
Jan 27, 2018 |
|
2018-002-John_Nye-Healthcare's_biggest_issues-ransomware
|
Jan 20, 2018 |
|
2018-001- A new year, new changes, same old trojan malware
|
Jan 12, 2018 |
|
2017-SPECIAL005-End of year Podcast with podcasters
|
Dec 23, 2017 |
|
2017-042-Jay beale, Hushcon, Apple 0Day, and BsidesWLG audio
|
Dec 16, 2017 |
|
2017-041- DFIR Hierarchy of Needs, and new malware attacks
|
Dec 08, 2017 |
|
2017-040-Expensify_privacy_issues-Something_is_rotten_at_Apple
|
Nov 30, 2017 |
|
2017-039-creating custom training for your org, and audio from SANS Berlin!
|
Nov 23, 2017 |
|
2017-038- Michael De Libero discusses building out your AppSec Team
|
Nov 15, 2017 |
|
2017-037 - Asset management techniques, and it's importance, DDE malware
|
Nov 08, 2017 |
|
2017-036-Adam Shostack talks about threat modeling, and how to do it properly
|
Oct 29, 2017 |
|
2017-SPECIAL004- SOURCE Conference Seattle 2017
|
Oct 22, 2017 |
|
2017-035-Business_Continuity-After_the_disaster
|
Oct 16, 2017 |
|
2017-SPECIAL003-Audio from Derbycon 2017!
|
Oct 07, 2017 |
|
2017-034-Preston_Pierce, recruiting, job_descriptions
|
Oct 02, 2017 |
|
2017-SPECIAL002-Derbycon-podcast with podcasters (NSF Kids/Work)
|
Sep 27, 2017 |
|
2017-033- Zane Lackey, Inserting security into your DevOps environment
|
Sep 17, 2017 |
|
2017-032-incident response tabletops, equifax breach
|
Sep 12, 2017 |
|
2017-031-Robert_Sell-Defcon_SE_CTF-OSINT_source
|
Sep 04, 2017 |
|
2017-030-Vulnerability OSINT, derbycon CTF walkthrough, and bsides Wellington!
|
Aug 29, 2017 |
|
2017-029-CIS benchmarks, Windows Update reverts changes used to detect malware
|
Aug 20, 2017 |
|
2017-028-disabling WU?, Comcast wireless hack, and was it irresponsible disclosure?
|
Aug 12, 2017 |
|
2017-026-Machine_Learning-Market Hype, or infosec's blue team's newest weapon?
|
Aug 03, 2017 |
|
2017-025-How will GDPR affect your Biz with Wendyck, and DerbyCon CTF info
|
Jul 22, 2017 |
|
2017-024-infosec_mental_health_defcon_contest-with-rand0h-and-tottenkoph
|
Jul 16, 2017 |
|
2017-023-Jay_Beale_Securing Linux-LXC-Selinux-Apparmor-Jails_and_more
|
Jul 10, 2017 |
|
2017-022-Windows Hardening, immutable laws of security admins, and auditpol
|
Jul 03, 2017 |
|
2017-SPECIAL- Michael Gough and Brian Boettcher discuss specific ransomware
|
Jun 30, 2017 |
|
2017-021-small_biz_outreach-614con-prenicious_kingdoms-ransomware-bonus
|
Jun 22, 2017 |
|
2017-020-Hector_Monsegur_DNS_OSINT_Outlaw_Tech_eClinicalWorks_fine
|
Jun 14, 2017 |
|
2017-019-Ms. Jessy Irwin, Effective Training in Small/Medium Businesses
|
Jun 06, 2017 |
|
2017-018-SANS_course-EternalBlue_and_Samba_vulnerabilities-DerbyCon contest details
|
May 30, 2017 |
|
2017-017-Zero_Trust_Networking_With_Doug_Barth,_and_Evan_Gilman
|
May 09, 2017 |
|
2017-016-Fileless_Malware, and reclassifying malware to suit your needs
|
May 02, 2017 |
|
2017-015-Being a 'security expert' vs. 'security aware'
|
Apr 27, 2017 |
|
2017-014-Policy_writing_for_the_masses-master_fingerprints_and_shadowbrokers
|
Apr 20, 2017 |
|
2017-013-Multi-factor Auth implementations, gotchas, and solutions with Matt
|
Apr 13, 2017 |
|
2017-012-UK Gov Apprenticeship infosec programs with Liam Graves
|
Apr 05, 2017 |
|
2017-011-Software Defined Perimeter with Jason Garbis
|
Mar 29, 2017 |
|
2017-010-Authors Amanda Berlin and Lee Brotherston of the "Defensive Security Handbook"
|
Mar 22, 2017 |
|
2017-009-Dave Kennedy talks about CIAs 'Vault7', ISC2, and Derbycon updates!
|
Mar 14, 2017 |
|
2017-008-AWS S3 outage, how it should color your IR scenarios, and killing the 'whiteboard' interview
|
Mar 06, 2017 |
|
2017-007- Audio from Bsides Seattle 2017
|
Mar 01, 2017 |
|
2017-006- Joel Scambray, infosec advice, staying out from in front of the train, and hacking exposed
|
Feb 19, 2017 |
|
2017-005-mick douglas, avoid bad sales people, blue team defense tools
|
Feb 14, 2017 |
|
2017-004-sandboxes, jails, chrooting, protecting applications, and analyzing malware
|
Feb 06, 2017 |
|
2017-003-Amanda Berlin at ShmooCon
|
Jan 29, 2017 |
|
2017-002: Threat Lists, IDS/IPS rules, and mentoring
|
Jan 21, 2017 |
|
2017-001: A New Year, malware legislation, and a new cast member!
|
Jan 12, 2017 |
|
2016-051: Steps to fixing risks you found, and the State of the Podcast
|
Dec 25, 2016 |
|
2016-050: Holiday Spectacular with a little help from our friends!
|
Dec 21, 2016 |
|
2016-049-Amanda Berlin, the art of the sale, and Decision making trees
|
Dec 15, 2016 |
|
2016-048: Dr. Gary McGraw, Building Security into your SDLC, w/ Special guest host Joe Gray!
|
Dec 03, 2016 |
|
2016-047: Inserting Security into the SDLC, finding Privilege Escalation in poorly configured Linux systems
|
Nov 28, 2016 |
|
2016-046: BlackNurse, Buenoware, ICMP, Atombombing, and PDF converter fails
|
Nov 21, 2016 |
|
2016-044: Chain of Custody, data and evidence integrity
|
Nov 07, 2016 |
|
2016-043: BSIMMv7, a teachable moment, and our new Slack Channel!
|
Nov 01, 2016 |
|
2016-042-Audio from Source Seattle 2016 Conference
|
Oct 24, 2016 |
|
2016-041- Ben Johnson, company culture shifts, job descriptions, cyber self-esteem
|
Oct 17, 2016 |
|
2016-040: Gene_Kim, Josh_Corman, helping DevOps and Infosec to play nice
|
Oct 10, 2016 |
|
2016-039-Robert Hurlbut, Threat Modeling and Helping Devs Understand Vulnerabilities
|
Oct 04, 2016 |
|
2016-038-Derbycon Audio and 2nd Annual Podcast with Podcasters!
|
Sep 28, 2016 |
|
2016-037: B1ack0wl, Responsible Disclosure, and embedded device security
|
Sep 14, 2016 |
|
2016-036: MSSP pitfalls, with Nick Selby and Kevin Johnson
|
Sep 11, 2016 |
|
2016-035-Paul Coggin discusses the future with Software Defined Networking
|
Sep 06, 2016 |
|
2016-034: Sean Malone from FusionX explains the Expanded Cyber Kill Chain
|
Aug 28, 2016 |
|
2016-033: Privileged Access Workstations (PAWs) and how to implement them
|
Aug 22, 2016 |
|
2016-032-BlackHat-Defcon-Debrief, Brakesec_CTF_writeup, and blending in while traveling
|
Aug 15, 2016 |
|
2016-031:DFIR rebuttal and handling incident response
|
Aug 08, 2016 |
|
2016-030: Defending Against Mimikatz and Other Memory based Password Attacks
|
Jul 31, 2016 |
|
2016-029: Jarrod Frates, steps when scheduling a pentest, and the questions you forgot to ask...
|
Jul 25, 2016 |
|
2016-028: Cheryl Biswas discusses TiaraCon, Women in Infosec, and SCADA headaches
|
Jul 17, 2016 |
|
2016-027: DFIR conference, DFIR policy controls, and a bit of news
|
Jul 10, 2016 |
|
2016-026-powershell exfiltration and hiring the right pentest firm
|
Jul 03, 2016 |
|
2016-025-Windows Registry, Runkeys, and where malware likes to hide
|
Jun 27, 2016 |
|
2016-024: Kim Green, on CISOaaS, the Redskins Laptop, and HIPAA
|
Jun 20, 2016 |
|
2016-023- DNS_Sinkholing
|
Jun 13, 2016 |
|
2016-022: Earl Carter dissects the Angler Exploit Kit
|
Jun 06, 2016 |
|
2016-021: Carbon Black's CTO Ben Johnson on EDR, the layered approach, and threat intelligence
|
May 29, 2016 |
|
2016-020-College Vs. Certifications Vs. Self-taught
|
May 21, 2016 |
|
2016-019-Creating proper business cases and justifications
|
May 16, 2016 |
|
2016-018-software restriction policies and Applocker
|
May 09, 2016 |
|
2016-017-The Art of Networking, Salted Hashes, and the 1st annual Podcast CTF!
|
May 02, 2016 |
|
2016-016-Exploit Kits, the "Talent Gap", and buffer overflows
|
Apr 25, 2016 |
|
2016-015-Dr. Hend Ezzeddine, and changing organizational security behavior
|
Apr 16, 2016 |
|
2016-014-User_Training,_Motivations,_and_Speaking_the_Language
|
Apr 08, 2016 |
|
2016-013-Michael Gough, the ISSM reference model, and the 5 P's
|
Mar 26, 2016 |
|
2016-012-Ben Caudill on App Logic Flaws, and Responsible Disclosure
|
Mar 19, 2016 |
|
2016-011-Hector Monsegur, deserialization, and bug bounties
|
Mar 14, 2016 |
|
2016-010-DNS_Reconnaissance
|
Mar 07, 2016 |
|
2016-009-Brian Engle, Information Sharing, and R-CISC
|
Feb 29, 2016 |
|
2016-008-Mainframe Security
|
Feb 22, 2016 |
|
2016-007-FingerprinTLS profiling application with Lee Brotherston
|
Feb 14, 2016 |
|
2016-006-Moxie_vs_Mechanism-Dependence_On_Tools
|
Feb 08, 2016 |
|
Brakeing Down Security interviewed on "Building a Life and Career in Security" podcast!
|
Feb 03, 2016 |
|
2016-005-Dropbox Chief of Trust and Security Patrick Heim!
|
Jan 30, 2016 |
|
2016-004-Bill_Gardner
|
Jan 24, 2016 |
|
2016-003-Antivirus (...what is it good for... absolutely nothing?)
|
Jan 18, 2016 |
|
2016-002-Cryptonite- or how to not have your apps turn to crap
|
Jan 11, 2016 |
|
2016-001: Jay Schulmann explains how to use BSIMM in your environment
|
Jan 03, 2016 |
|
2015-054: Dave Kennedy
|
Dec 27, 2015 |
|
2015-053: 2nd annual podcaster party
|
Dec 22, 2015 |
|
2015-052: Wim Remes-ISC2 board member
|
Dec 17, 2015 |
|
2015-051-MITRE's ATT&CK Matrix
|
Dec 10, 2015 |
|
2015-049-Can you achieve Security Through Obscurity?
|
Dec 04, 2015 |
|
2015-048: The rise of the Shadow... IT!
|
Nov 27, 2015 |
|
2015-047-Using BSIMM framework to measure the maturity of your software security lifecycle
|
Nov 21, 2015 |
|
2015-046: Getting Security baked in your web app using OWASP ASVS
|
Nov 10, 2015 |
|
2015-045: Care and feeding of Devs, podcast edition, with Bill Sempf!
|
Nov 04, 2015 |
|
2015-044-A MAD, MAD, MAD, MAD Active Defense World w/ Ben Donnelly!
|
Oct 30, 2015 |
|
2015-043: WMI, WBEM, and enterprise asset management
|
Oct 22, 2015 |
|
2015-042: Log_MD, more malware archaeology, and sifting through the junk
|
Oct 14, 2015 |
|
Derbycon Audio - post-Derby interviews!
|
Oct 10, 2015 |
|
Derbycon - A podcast with Podcasters! *explicit*
|
Sep 30, 2015 |
|
2015-040; Defending against HTML 5 vulnerabilities
|
Sep 21, 2015 |
|
2015-039: Hazards of HTML5
|
Sep 14, 2015 |
|
2015-038-Influence Vs. Mandate and Guardrails vs. Speedbumps
|
Sep 07, 2015 |
|
2015-037-making patch management work
|
Aug 31, 2015 |
|
2015-036: Checkbox security, or how to make companies go beyond compliance
|
Aug 24, 2015 |
|
2015-035: Cybrary.it training discussion and Bsides Austin Panel
|
Aug 16, 2015 |
|
Flashback: 2014-001_Kicking some Hash
|
Aug 15, 2015 |
|
2015-034: SANS Top20 Security Controls #9 - CTFs - Derbycon dicsussion
|
Aug 10, 2015 |
|
2015-033: Data anonymization and Valuation, Privacy, and Ethical medical research
|
Aug 03, 2015 |
|
2015-032: Incident response, effective communication, and DerbyCon Contest
|
Jul 26, 2015 |
|
2015-031: Fab and Megan-High_Math-Psychology_and Scarves
|
Jul 18, 2015 |
|
2015-030: Bsides Austin panel Discussion (Red Team vs. Blue Team)
|
Jul 13, 2015 |
|
2015-029: Big Brown cloud honeyblog with @theroxyd
|
Jul 06, 2015 |
|
2015-028: using log analytics to discover Windows malware artifacts
|
Jun 29, 2015 |
|
2015-027- detecting malware in Windows Systems with Michael Gough
|
Jun 22, 2015 |
|
2015-026- Cloud Security discussion with FireHost
|
Jun 14, 2015 |
|
2015-025: Blue Team Army, Powershell, and the need for Blue team education
|
Jun 08, 2015 |
|
2015-024: Is a good defense the best offense? Interview w/ Mick Douglas!
|
May 31, 2015 |
|
2015-023_Get to know a Security Tool: Security Onion!
|
May 26, 2015 |
|
2015-022: SANS Top 25 Critical Security Controls-#10 and #11
|
May 17, 2015 |
|
2015-021: 24 Deadly Sins: Command injection
|
May 10, 2015 |
|
Special Interview with Johnny Long!
|
May 08, 2015 |
|
2015-020 - Deadly Programming Sins - Buffer Underruns
|
May 03, 2015 |
|
2015-018- How can ITIL help you flesh out your infosec program?
|
Apr 26, 2015 |
|
2015-017: History of ITIL, and integrating Security
|
Apr 18, 2015 |
|
2015-016: Special Interview: Cybrary.it
|
Apr 07, 2015 |
|
2015-015: 2015 Verizon PCI report
|
Apr 04, 2015 |
|
2015-014-SANS Top 20 Controls - #12 and #13
|
Mar 28, 2015 |
|
2015-013-Hackerspaces and their sense of community
|
Mar 21, 2015 |
|
2015-012-Fill In podcast with Jarrod and Lee!
|
Mar 15, 2015 |
|
2015-011- Why does BeEF and metadata tracking keep I2P developers up at night?
|
Mar 07, 2015 |
|
2015-010 - How can you use I2P to increase your security and anonymity?
|
Feb 28, 2015 |
|
2015-009-Part 2 with Pawel Krawczyk
|
Feb 21, 2015 |
|
2015-008- Make your web Apps more secure with Content Security Policy (part 1)
|
Feb 16, 2015 |
|
2015-007-SANS_Top20_14and15--Proving_Grounds_Microcast with Megan Wu!
|
Feb 10, 2015 |
|
2015-006- Is your ISP doing a 'man-in-the-middle' on you?
|
Feb 07, 2015 |
|
2015-005: Threat Modeling with Lee Brotherston
|
Feb 01, 2015 |
|
2015-004-SANS Top 20: 20 to 16
|
Jan 25, 2015 |
|
All About Tor
|
Jan 17, 2015 |
|
Episode 2: Big Trouble in Small Businesses
|
Jan 10, 2015 |
|
2015-001- "unhackable" or "attacker debt"
|
Jan 04, 2015 |
|
Is Compliance running or ruining Security Programs?
|
Dec 26, 2014 |
|
Brakeing Down/Defensive Security Mashup!
|
Dec 21, 2014 |
|
Tyler Hudak (@secshoggoth) Discusses incident respose, and DIY malware research
|
Dec 15, 2014 |
|
Tyler Hudak discusses malware analysis
|
Dec 08, 2014 |
|
Part 2 w/ Ben Donnelly -- Introducing Ball and Chain (making password breaches a thing of the past)
|
Dec 01, 2014 |
|
New Tumblr Post
|
Nov 30, 2014 |
|
Thank you from Brakeing Down Security
|
Nov 27, 2014 |
|
Active Defense and the ADHD Distro with Ben Donnelly
|
Nov 22, 2014 |
|
WebGoat install video with Mr. Boettcher!
|
Nov 20, 2014 |
|
Active Defense: It ain't 'hacking the hackers'
|
Nov 18, 2014 |
|
Interview Part 2 with Paul Coggin: Horror stories
|
Nov 09, 2014 |
|
Interview with Paul Coggin (part 1)
|
Nov 03, 2014 |
|
Learning about SNMP, and microinterview with Kevin Johnson
|
Oct 25, 2014 |
|
Keep Calm and take a tcpdump! :)
|
Oct 20, 2014 |
|
Part 2 with Jarrod Frates - how pentesting is important
|
Oct 13, 2014 |
|
DerbyCon report and Shellshock news
|
Oct 06, 2014 |
|
Marcus J. Carey Interview Part 2 - China, IP, coming cyber war
|
Sep 29, 2014 |
|
Video: Using GPG and PGP
|
Sep 28, 2014 |
|
Marcus J. Carey, FireDrillMe, and the Rockstars of Infosec
|
Sep 22, 2014 |
|
Mr. Boettcher interviewed Ed Skoudis!
|
Sep 15, 2014 |
|
Malware, Threat Intelligence, and Blue Team talks at cons -- with Michael Gough Pt.2
|
Sep 08, 2014 |
|
Malware, and Malware Sentinel -- with Michael Gough Pt.1
|
Sep 01, 2014 |
|
Reconnaissance: Finding necessary info during a pentest
|
Aug 25, 2014 |
|
Mr. Boettcher made a thing! Setting up a proper Debian install!
|
Aug 23, 2014 |
|
Ratproxy and on being a better Infosec Professional
|
Aug 18, 2014 |
|
Introduction to Nmap, Part 2
|
Aug 10, 2014 |
|
Risk Management discussion with Josh Sokol - Part 2
|
Aug 10, 2014 |
|
Interview with creator of Simple Risk, Josh Sokol! (Part 1)
|
Aug 04, 2014 |
|
Flashback: Sqlmap - a little how-to, and getting your developers involved in using it.
|
Jul 28, 2014 |
|
Part 2 with Georgia Weidman!
|
Jul 21, 2014 |
|
Nmap (pt1)
|
Jul 14, 2014 |
|
Part 1 with Author and Mobile Security Researcher Georgia Weidman!
|
Jul 14, 2014 |
|
Establishing your Information Security Program - Part 2
|
Jul 07, 2014 |
|
Choose your adventure!
|
Jul 03, 2014 |
|
Establishing your Information Security Program - Part 1
|
Jun 30, 2014 |
|
OWASP Top Ten: 1-5
|
Jun 23, 2014 |
|
OWASP Top Ten: Numbers 6 - 10
|
Jun 16, 2014 |
|
Talk with Guillaume Ross - Part 2 (all things cloud)
|
Jun 09, 2014 |
|
It all goes in "the cloud" (Part 1)
|
Jun 01, 2014 |
|
Video 2: BONUS!!!! Kismet Video!
|
May 27, 2014 |
|
Wireless scans with Kismet and Aircrack-ng
|
May 26, 2014 |
|
PGP and GPG -- protect your data
|
May 18, 2014 |
|
clearing up some terminology (hashing, encryption, encoding)
|
May 13, 2014 |
|
Browsing more Securely
|
May 05, 2014 |
|
Mandiant 2014 threat report
|
Apr 28, 2014 |
|
Episode 13 - 2014 Verizon PCI Report
|
Apr 21, 2014 |
|
Episode 12, Part 2 of our interview with Phil Beyer!
|
Apr 15, 2014 |
|
Special Report: Heartbleednado-apoco-geddon
|
Apr 14, 2014 |
|
Episode 11, Part 1: Interview with Phil Beyer
|
Apr 07, 2014 |
|
Video1: quick renaming shortcut with Sed
|
Apr 04, 2014 |
|
Phil Beyer's talk at Bsides Austin
|
Mar 31, 2014 |
|
Episode 10: IDS/IPS
|
Mar 31, 2014 |
|
Episode 9: Framework for Improving Critical Infrastructure Cybersecurity
|
Mar 24, 2014 |
|
Episode 8: Why a simple password is not so simple...
|
Mar 18, 2014 |
|
Episode 7, Part 2 with Kevin Johnson from SecureIdeas!
|
Mar 09, 2014 |
|
A thought experiment...
|
Mar 07, 2014 |
|
Episode 7, Part 1 - Kevin Johnson of SecureIdeas!
|
Mar 04, 2014 |
|
Episode 6 - Malware Interview with Michael Gough (Part 2)
|
Feb 24, 2014 |
|
Moon Pcap
|
Feb 19, 2014 |
|
Episode 6 - Malware Interview Michael Gough (Part 1)
|
Feb 17, 2014 |
|
Episode 5 - Interview with Frank Kim
|
Feb 10, 2014 |
|
Episode 4: Origin stories, and talking about reconnaissance
|
Feb 03, 2014 |
|
Episode 3 - Alerts, Events, and a bit of incident response
|
Jan 27, 2014 |
|
Episode 2 -- Feeling Vulnerable? - Vulnerability scanners - Go Exploit Yourself
|
Jan 20, 2014 |
|
Episode 1: Kicking some Hash!
|
Jan 15, 2014 |