Brakeing Down Security Podcast
Summary: A podcast all about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security Professionals need to know, or refresh the memories of the seasoned veterans.
- Visit Website
- RSS
- Artist: Bryan Brake, Amanda Berlin, Brian Boettcher
- Copyright: Copyright 2020. All rights reserved
Podcasts:
2018-008- ransomware rubes, Defender does not like Kali, proper backups
2018-007- Memcached DDoS, Secure Framework Documentation, and chromebook hacking
2018-006- NPM is whacking boxes, code signing, and stability of code
2018-005-Securing_your_mobile_devices_and_CMS_against_plugin_attacks
2018-004 - Discussing Bsides Seattle, and Does Autosploit matter?
BDIR-000 ; The Beginning
2018-003-Privacy Issues using Crowdsourced services,
2018-002-John_Nye-Healthcare's_biggest_issues-ransomware
2018-001- A new year, new changes, same old trojan malware
2017-SPECIAL005-End of year Podcast with podcasters
Jay Beale sat down and discussed last weeks insights on the DFIR hierarchy, and his insights are something you shouldn't miss. We also discussed the latest Apple 0day. Finally, Ms. Berlin went to New Zealand and gave a couple of talks at Bsides Wellington (@bsideswlg). She interviewed Chris Blunt (https://twitter.com/chrisblunt) and "Olly the Ninja" (https://twitter.com/Ollytheninja) about what makes a good con.
DFIR is also much the same way in that there are certain necessary basics needed to ensure that you can detect, respond, and reduce possible damage inflicted by an attack. In my searching, we saw a tweet about a github from Matt Swann (@MSwannMSFT) with just such a ' #DFIR hierarchy of needs'. We discuss everything that is needed to build out a proper DFIR program.
Expensify unveiled a new 'feature' where random people would help train their AI to better analyze receipts. Problem is that the random people could see medical receipts, hotel bills, and other PII. We also discuss why these kinds of issues are prime reasons to do periodic vendor reviews. Our second story was on Apple's "passwordless root" account. We talk why it was allowed to happen, and why the most straight forward methods of dealing with something like this may not always be the best way.
2017-039-creating custom training for your org, and audio from SANS Berlin!
2017-038- Michael De Libero discusses building out your AppSec Team
