show episodes
 
7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
 
Hacked Off demystifies the world of cybersecurity. Hosted by Secarma's Managing Director, Holly Grace Williams, it features weekly interviews delving beneath the headlines of the latest hacks, breaches and vulnerabilities, providing expert advice on how to stay safe online. This podcast is brought to you by global cybersecurity and penetration testing company, Secarma.
 
Engineers consistently exclude non-technical people from understanding enough about technology to better utilise it. This is wrong! Engineers should be equipping non-technical people with enough of an understanding to make the right business decisions, without trying to drag them all the way down into the detail.
 
CyberSecurity Sense is LBMC Information Security's weekly podcast that will provide insight and updates on such information security topics as: Managed Security Service Providers, IPS Monitoring and Managed IDS Services, Security Information Event Management, Digital Forensic Analysis, Electronic Discovery and Litigation Support, Computer Security Incident Response, Penetration Testing, Risk Assessments, Security Program Planning, Web Application Security Assessments, ACAB LADMF Certificatio ...
 
Security Conversations is a cybersecurity podcast series curated by journalist and security strategist Ryan Naraine. These conversations with security practitioners cover a wide range of topics, including threat intelligence, zero trust, securing cloud deployments, penetration testing, bug bounties, advancements in offensive research and targeted threat activity. Connect with Ryan on Twitter (Open DMs). Disclosure: Ryan is a security strategist at Intel Corp. Ryan produces this podcast in hi ...
 
This is the Open Source Intelligence (OSINT) podcast. Here I will discuss news related to social media, data privacy, open source intelligence, investigative journalism as well as talk about tools and resources you can use to improve your research. You might also find interviews with people in the field that have unique insight and bring value to the show.
 
Did you know that people actually get paid to physically break into businesses? I am one of those people. Hello, my name is Jeremiah Talamantes and I am the author of Physical Red Team Operations, The Social Engineer's Playbook, the founder and former CEO of the cyber-physical security firm, RedTeam Security, and trainer at RedTeam Security Training (https://www.redteamsecuritytraining.com) I have been legally breaking into buildings, offices, warehouses, for well over a decade for some of t ...
 
Knowledge is your best defense against cybercrime. Each week on Cyber Work, host Chris Sienko sits down with a new industry thought leader to discuss the latest cybersecurity trends — and how those trends are affecting the work of infosec professionals. Together we’ll empower everyone with the knowledge to stay one step ahead of the bad guys.
 
Drew Green (pentester and IT manager) and Sam Blevins (IT manager and security enthusiast) meet weekly to discuss the latest in security news, penetration testing, defensive security, best practices, hacking, and more. A podcast devoted to all aspects of information security, in a way that non-security pros can understand. Security TL;DR is sponsored by G-Factor Security, a security services firm headquartered in Raleigh, NC.
 
Ages ago, elves and dwarves unknowingly migrated between Universes via a Junction. Jenneva and Egam believe they have found a Junction and plan a trip with Alexander to test the theory and investigate the origins of the elves and dwarves. Because they believe that the perennial animosity between the two races is due to misunderstandings about their histories, the mages include the prince of elves and the prince of dwarves in the group. Trouble begins at the very start of the journey as Egam ...
 
Loading …
show series
 
The story of today's guests is ripped straight from the headlines. Gary DeMercurio and Justin Wynn, both of the company Coalfire, were arrested at the Dallas County Courthouse while doing red team pentesting for the State of Iowa’s judicial branch. Their story is fascinating, and they discuss that fateful night as well as ways in which similar inci…
 
Caroline Wong is the Chief Strategy Officer at Cobalt.io. Wong’s close and practical information security knowledge stems from broad experience as a Cigital consultant, a Symantec Product Manager, and day-to-day leadership roles at eBay and Zynga. Caroline joins us to talk about penetration testing and reviews key findings from the Cobalt.io “State…
 
In this episode Stanley Li and Sean Mahoney from Netswitch are joined by James Watson to discuss exactly what is Penetration Testing as a Service (PTaaS) and the increasing trend for businesses to move away from once-a-year pen tests to more regular, monthly ones instead. Episode highlights: - 15 years ago, when manual vulnerability scanning and as…
 
In this episode, Sean Mahoney, Stanley Li and James Watson discuss the latest US Dept of Treasury advisory on potential sanctions risks for facilitating ransomware payments. Why the OFAC (Office of Foreign Assets Control) is watching. The rumour about why Garmin didn't engage with their ransomware attackers directly. The importance of ESG - Environ…
 
They say it “takes a village” to help raise a child… well, it also takes a village to help raise an infosec professional. With so many technologies, techniques, and tools and the need for soft-skills and the ability to navigate different types of relationships, we all need help. That’s where a formal mentor can be […] The post Webcast: Infosec Ment…
 
The amount of data organizations hold has exploded — along with the risk it poses. Today’s guest is Very Good Security CEO and co-founder Mahmoud Abdelkader, who wants to solve the problem of sensitive data by removing it from the equation (by replacing it with decoy data). It’s an intriguing idea as having less worry about data security frees reso…
 
Show notes: Links: Rollerblade Chair WheelsKung Fu PandaThe Emperor’s New GrooveJustin Jackson"The Fear" - Build Your SaaS podcastWrite For HoneybadgerFounderQuest Twitter Full transcript: Ben: So, I just moved back into my office after being away for six months, because COVID. Starr: I see that. Ben: And in the meantime, though, I had all my stuff…
 
Audio and video files have become increasingly relevant in today’s legal matters, and lawyers need to know how to best handle this information. Digital Detectives Sharon Nelson and John Simek welcome eDiscovery experts Doug Austin and Brett Burney to discuss how to collect, preserve, search, and review audio/video information and then effectively p…
 
Hello! This episode is a true homecoming in that I actually recorded it from home. Yay! WARNING!!! WARNING!!! This episode contains a ton of singing. If you don't like singing, do not listen!!! With that said, I wanted to follow up on part 1 and 2 of this series and share some additional cool tools that others have told me about in regards to secur…
 
Jb Aviat is CTO and co-founder at Sqreen. Prior to this, Jb worked at Apple as a reverse engineer, pentester, and developer. Jb joins us to discuss the new Application Security Report that Sqreen has released. We review what the report contains, key takeaways and conclusions, and even consider which framework/language is the most secure. We hope yo…
 
Bruce Hallas has a lot to say about security awareness and the fostering of security culture throughout an organization. His podcast, “Rethinking the Human Factor,” is now also a book, and he recently spoke at our Infosec Inspire Cyber Skills Virtual Summit. On today’s episode, Bruce talks about changing behaviors rather than setting rules, new way…
 
Tired of lackluster Social Engineering test results? You could be making one of these 3 mistakes. Interested in improving your operation's results? Listen to this quick episode about which 3 things to avoid and which 3 things to do on your next Social Engineering engagement! LIVE & ONLINE Social Engineering Training coming to you on Friday, Novembe…
 
I believe most teams have a massive gap in their pre-production stage of development. In this episode, Kiran Kamity, Founder and CEO of DeepFactor, and Mike Larkin, Founder and CTO of DeepFactor, will share why Pre-production Observability is critical to ensuring your applications are secure, compliant, and performant. Discover how to inject the vi…
 
We speak to fellow co-worker and Senior Security Consultant at Secarma, Joe Thorpe, who specialises in app testing. He gives us the low down on hacking mobile apps, how they're similar to web apps, which vulnerabilities are most common and how to choose the right testing for your mobile app. Key points:0'43 What is mobile application testing?3'43 S…
 
Hey, hope you're having a great week! The last few weeks have had somewhat of a homecoming and home cleaning theme. To continue that train of thought, over the last few days I've gotten heavy into cleaning up my cloud clutter - cloud services, email, file sharing, etc. - in an effort to be more secure and have a reduced digital footprint. Today's t…
 
Frank Rietta is the CEO of Rietta.com, a Security Focused Web Application Firm. He is a web application security architect, expert witness, author, and speaker. Frank joins us to discuss secure coding with Ruby on Rails. We get into a discussion about RoR vs. other languages, primary threats, counters to threats, and tools available for the RoR dev…
 
On this episode Don Cox, former CISO at Mednax, Inc joins Stanley Li and Sean Mahoney of Netswitch to discuss the key differences between a Managed Detection and Response (MDR) Service compared to a Managed Security Service Provider (MSSP). Topics include: - What is MDR and what is an MSSP? - How does the MDR model differ from an MSSP? - Why would …
 
Show notes: Links: Cameo Sarah Cooper StiumulusReflex Video Jumpstart Whirly Board Full Transcript: Ben: So we had a bit of an interesting COVID related thing in our household, so we have this grocery store that we love near us, it's called Haggen, it's a Northwest brand. So a lot of our listeners won't be familiar with it, but we love this place, …
 
Hi again! It's sort of fun to release two episodes in one week for a change. If you missed part 1 on our ioT security series, check it out here. Today we dive into some free/cheap monitoring solutions you can use to keep tabs on your ioT network (or any network, really): Nagios - it's old school but gets the job done. This article helped me get it …
 
WE'RE HOME! After almost a year after our fire, we're back, baby! This episode is somewhat of a homecoming that dovetails into an episode about ioT security. I've basically done a 180 degree spin on ioT stuff. I now love the coolness and convenience of these things while simultaneously being terrified of the security risks. Is there a happy balance…
 
In September's Month in Review, Holly Grace is delighted to announce that this month's hacks aren't just all about ransomware! From political motivation to notoriety, she discusses the different kind of motives a hacker may have, and the kind of attacks they might use to get what they want.Key Points: 0'55 Financially Motivated: KuCoin Hack3'07 Ins…
 
Dmitry Sotnikov serves as Chief Product Officer at 42Crunch – an enterprise API security company. He maintains https://APISecurity.io, a popular community site with daily API Security news and weekly newsletter API vulnerabilities, breaches, standards, best practices, regulations, and tools. Dmitry joins us to discuss REST API Security. We talk abo…
 
-Why risk management and technology are totally different skill sets. -The #1 problem involving products, vendors, compliance and security. -The 2 top questions CEOs are asking right now about risk. -What Covid-19 means for global security budgets. -Who's becoming the real driver of technology decisions today. -Why risk is a business problem, not a…
 
Despite being told she was “too young, too inexperienced, and too naïve” to contribute anything to the industry, Christine Izuakor decided to pursue a Ph.D. in Security Engineering at the age of 23. Four years later she completed the program, making her the youngest student and first African American woman to do so. On today’s episode, Dr. Izuakor …
 
Show notes: Links: The B-52's - Roam The Intelligent Investor - Benjamin Graham Roam Research TiddlyWikiArt of The Product Podcast - Networking ThoughtsScrivener Josh's Blog Write for Honeybadger Full transcript: Ben: So I had the first session of a conference that's happening online next week. It's the Business of Software conference. Josh: Mm-hmm…
 
What happens when biometric information is compromised? For too many lawyers, the risks associated with this technology have been flying under the radar, but that needs to change! Digital Detectives hosts John and Sharon welcome Judy Selby to discuss the full spectrum of what lawyers should know about biometric technology. They address its many use…
 
Security is a difficult discipline to master. It requires experts to continuously challenge themselves and learn new tools and technologies to protect their organizations. In this episode, Mike Spanbauer, Technology Evangelist at Juniper, will discuss some ways to build a threat-aware network. Discover a new way to think about your approach to secu…
 
There's more to firewalls than simply installing them and leaving them to it! WatchGuard's Senior Sales Engineer Martin Lethbridge, joins Holly Grace Williams to discuss common firewall misconceptions, and how to get the most out of your firewall to ensure your organisation is safe. 0'22 Guest introduction 2'10 Firewall misconceptions - they aren't…
 
Hi! Today our pal Joe "The Machine" Skeen (a.k.a. Gh0sthax has prepared some cyber-licious actionable news stories for us to chew on. Today's stories include: Cybersecurity skills gap (powered by lack of career development!) Which cyber jobs are hot - or not? Mysterious wave of DDoS attacks The Magecart threat group pwns thousands of ecommerce site…
 
What exactly is the cloud? And how do you secure infrastructure that is not your own? On today’s episode, Oliver Tavakoli, chief technology officer at Vectra AI, discusses current cloud security best practices as well as tips he’s picked up during his 25-year cybersecurity career. He also has some good advice for people thinking of starting their o…
 
In this episode, we talk about how to learn data science and machine learning, with Jay Feng, co-founder and head of data science at Interview Query. Jay talks about how data science got him back into development after some bad coding experiences, how the different tools for machine learning and data science work together, and if machine learning i…
 
Show notes: Links: San Francisco Looking Like Blade Runner The Federalist: A Commentary on the Constitution of the United States Major Problems in the Era of the American Revolution, 1760-1791 The Radicalism of the American Revolution A People's History of the United States Hitler: 1889-1936 Hubris The Dispossessed I, Robot The Murderbot Diaries Fo…
 
Don’t let hackers execute different client-side attacks on your website. In this episode, Prasad Salvi will cover some of the most important concepts in his Pluralsight Web Application Penetration Testing: Client-side Testing course. Discover how to be proficient in performing client-side attacks like Cross-Site Scripting, HTML Injection, Client-si…
 
Journalist-turned-intel analyst Selena Larson joins the podcast to discuss the nuances of cybersecurity journalism, making the shift to analyzing intelligence and writing for a private audience, the ransomware epidemic, and the state of critical infrastructure security. Disclosure: Ryan Naraine is a security strategist at Intel Corp. Ryan produces …
 
Yay! It's time for another tale of pentest pwnage! Highlights include: Making sure you take multiple rounds of "dumps" to get all the delicious local admin creds. Why lsassy is my new best friend. I gave a try to using a Ubuntu box instead of Kali as my attacking system for this test. I had pretty good results. Here's my script to quickly give Ubun…
 
Loading …

Quick Reference Guide

Copyright 2020 | Sitemap | Privacy Policy | Terms of Service
Google login Twitter login Classic login