Brakeing Down Security Podcast
Summary: A podcast all about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security Professionals need to know, or refresh the memories of the seasoned veterans.
- Visit Website
- RSS
- Artist: Bryan Brake, Amanda Berlin, Brian Boettcher
- Copyright: Copyright 2020. All rights reserved
Podcasts:
BDIR-000 ; The Beginning
2018-003-Privacy Issues using Crowdsourced services,
2018-002-John_Nye-Healthcare's_biggest_issues-ransomware
2018-001- A new year, new changes, same old trojan malware
2017-SPECIAL005-End of year Podcast with podcasters
Jay Beale sat down and discussed last weeks insights on the DFIR hierarchy, and his insights are something you shouldn't miss. We also discussed the latest Apple 0day. Finally, Ms. Berlin went to New Zealand and gave a couple of talks at Bsides Wellington (@bsideswlg). She interviewed Chris Blunt (https://twitter.com/chrisblunt) and "Olly the Ninja" (https://twitter.com/Ollytheninja) about what makes a good con.
DFIR is also much the same way in that there are certain necessary basics needed to ensure that you can detect, respond, and reduce possible damage inflicted by an attack. In my searching, we saw a tweet about a github from Matt Swann (@MSwannMSFT) with just such a ' #DFIR hierarchy of needs'. We discuss everything that is needed to build out a proper DFIR program.
Expensify unveiled a new 'feature' where random people would help train their AI to better analyze receipts. Problem is that the random people could see medical receipts, hotel bills, and other PII. We also discuss why these kinds of issues are prime reasons to do periodic vendor reviews. Our second story was on Apple's "passwordless root" account. We talk why it was allowed to happen, and why the most straight forward methods of dealing with something like this may not always be the best way.
2017-039-creating custom training for your org, and audio from SANS Berlin!
2017-038- Michael De Libero discusses building out your AppSec Team
We discuss why it's so important to have proper asset management in place. Without knowing what is in your environment, you could suffer gaps in coverage of your anti-virus/EDR software, unable to patch systems properly and even make it easier for lateral movement.
Adam Shostack has been a fixture of threat modeling for nearly 2 decades. He wrote the 'threat modeling' bible that many people consult when they need to do threat modeling properly.
2017-SPECIAL004- SOURCE Conference Seattle 2017
2017-035-Business_Continuity-After_the_disaster
2017-SPECIAL003-Audio from Derbycon 2017!