Info

Brakeing Down Security Podcast

A podcast all about the world of Security, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security Professionals need to know, or refresh the memories of the seasoned veterans.
RSS Feed Subscribe in iTunes
Brakeing Down Security Podcast
2017
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


All Episodes
Archives
Now displaying: January, 2016
Jan 30, 2016

Brakeing Down Security had the pleasure of having Patrick Heim join us to discuss a number of topics.

We discussed a number of topics:

Cloud migrations

What stops many traditional #companies from moving into #cloud based operations? What hurdles do they face, and what are some pitfalls that can hamper a successful #migration?

We touched briefly on #BYOD and the use of personal devices in a business environment, as well as #Dropbox's deployment of optional #2FA and using #U2F keys for additional #authentication measures.

Finally, as an established leader in several major #companies, we pick Mr. #Heim's brain about qualities of a leader. Can you self-diagnose if you'll be a good manager? And what does Mr. Heim look for when hiring qualified candidates.

It was a pleasure having Mr. Patrick Heim on and Brakeing Down #Security thanks him for his valuable time.

Some #articles we drew upon for questions to ask Mr. Heim:

http://blogs.wsj.com/cio/2015/05/01/dropbox-is-not-part-of-security-problem-says-new-security-chief/

http://www.itpro.co.uk/cloud-storage/24894/dropbox-users-may-get-free-storage-if-they-adopt-stronger-security

http://www.computerworld.com/article/2489977/security0/boost-your-security-training-with-gamification-really.html

http://www.computerworlduk.com/news/cloud-computing/dropbox-working-on-fido-keys-ensure-top-notch-security-3618267/

http://www.darkreading.com/operations/building-a-winning-security-team-from-the-top-down/a/d-id/1322734

 

Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/

BrakeSec Podcast Twitter: http://www.twitter.com/brakesec

Bryan's Twitter: http://www.twitter.com/bryanbrake

Brian's Twitter: http://www.twitter.com/boettcherpwned

Join our Patreon!: https://www.patreon.com/bds_podcast

Tumblr: http://brakeingdownsecurity.tumblr.com/

RSS FEED: http://www.brakeingsecurity.com/rss

Comments, Questions, Feedback: bds.podcast@gmail.com

**NEW** Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969

**NEW** Listen to us on Player.FM!! : https://player.fm/series/brakeing-down-security-podcast

#iTunes: https://itunes.apple.com/us/podcast/2016-005-dropbox-chief-trust/id799131292?i=361604379&mt=2

Direct Download: http://traffic.libsyn.com/brakeingsecurity/2016-005-Dropbox_Chief_of_Security_and_Trust_Patrick_Heim.mp3

Partick Heim image courtesy of darkreading.com

Jan 24, 2016

BrakeSec Podcast welcomes Bill Gardner this week! Author, InfoSec Convention Speaker, and fellow podcaster...

We break a bit from our usual rigid methods, and have a good ol' jam session with Bill this week. We talk about vulnerability management, career management, the troubles of putting together a podcast and more!

 

Bill's Twitter: https://www.twitter.com/oncee

Bill's books he's authored or co-authored: http://www.amazon.com/Bill-Gardner/e/B00MZ9P0IG/ref=sr_ntt_srch_lnk_2?qid=1453607145&sr=1-2

(non-sponsored link)

Bill's "Reboot It" Podcast: http://www.rebootitpodcast.com/

 

Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

TuneIn Radio App: http://tunein.com/r…/Brakeing-Down-Security-Podcast-p801582/

BrakeSec Podcast Twitter: http://www.twitter.com/brakesec

Bryan's Twitter: http://www.twitter.com/bryanbrake

Brian's Twitter: http://www.twitter.com/boettcherpwned

Join our Patreon!: https://www.patreon.com/bds_podcast

RSS FEED: http://www.brakeingsecurity.com/rss

Comments, Questions, Feedback: bds.podcast@gmail.com

**NEW** Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969

 

Direct Download: http://traffic.libsyn.com/brakeingsecurity/2016-004-Bill_Gardner.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-004-bill-gardner/id799131292?i=361222239&mt=2

Jan 18, 2016

#Anti-virus products... they have been around for as long as many of us have been alive. The first anti-virus program, "The Reaper" was designed to get rid of the first virus 'The Creeper' by Ray Tomlinson in 1971.

This week, we discuss the efficacy of anti-virus. Is it still needed? What should blue teamers be looking for to make their anti-virus work for them.  And what options do you have if you don't want to use anti-virus?

We also argue about whether it's just a huge industry selling snake oil that is bolstered by #compliance #frameworks, like #PCI?

#mcafee,#symantec,#panda,#avg,#kaspersky,#logging,#siem 

*NEW* we are on Stitcher!: http://www.stitcher.com/s?fid=80546&refid=stpr

TuneIn Radio App: http://tunein.com/r…/Brakeing-Down-Security-Podcast-p801582/

BrakeSec #Podcast #Twitter: http://www.twitter.com/brakesec

Bryan's Twitter: http://www.twitter.com/bryanbrake

Brian's Twitter: http://www.twitter.com/boettcherpwned

Join our Patreon!: https://www.patreon.com/bds_podcast

RSS FEED: http://www.brakeingsecurity.com/rss

Comments, Questions, Feedback: bds.podcast@gmail.com

Direct Download: http://traffic.libsyn.com/brakeingsecurity/2016-003-AntiVirus_what_is_it_good_for.mp3

Itunes:https://goo.gl/Jk3CxU

 

Jan 11, 2016

This week, we find ourselves understanding the #Cryptonite that can weaken devs and software creators when dealing with #cryptographic #algorithms and #passwords. Lack of proper crypto controls and hardcoded passwords can quickly turn your app into crap.

Remember the last time you heard about a hardcoded #SSH private key, or have you been at work when a developer left the #API keys in his #github #repo?

We go through some gotchas from the excellent book "24 Deadly Sins of Software Security". Anyone doing a threat analysis, or code audit needs to check for these things to ensure you don't end up in the news with a hardcoded password in your home router firmware, like these guys: https://securityledger.com/2015/08/hardcoded-firmware-password-sinks-home-routers/

 

Book:

http://www.amazon.com/Deadly-Sins-Software-Security-Programming/dp/0071626751

Show Notes:

https://docs.google.com/document/d/1MUPj8CCzDodik61_1K8lCKywkv0JbfBkve20rxwbmzE/edit?usp=sharing

*NEW* we are on Stitcher!: http://www.stitcher.com/s?fid=80546&refid=stpr

TuneIn Radio App: http://tunein.com/r…/Brakeing-Down-Security-Podcast-p801582/

BrakeSec Podcast Twitter: http://www.twitter.com/brakesec

Bryan's Twitter: http://www.twitter.com/bryanbrake

Brian's Twitter: http://www.twitter.com/boettcherpwned

Join our Patreon!: https://www.patreon.com/bds_podcast

RSS FEED: http://www.brakeingsecurity.com/rss

Comments, Questions, Feedback: bds.podcast@gmail.com

Direct Download: http://traffic.libsyn.com/brakeingsecurity/2016-002-Cryptonite.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-002-cryptonite-or-how/id799131292?i=360440391&mt=2

 

Jan 3, 2016

#Jay #Schulman is a consultant with 15+ years of experience in helping organizations implementing #BSIMM and other compliance frameworks.  For our first #podcast of 2016, we invited him on to further discuss and how he has found is the best way to implement it into a company's #security #program.

 

Jay Schulman's #website: https://www.jayschulman.com/

Jay's Podcast "Building a Life and Career in Security" (iTunes): https://itunes.apple.com/us/podcast/building-life-career-in-security/id994550360?mt=2&ls=1

Jay's Twitter: https://twitter.com/jschulman

 

 

TuneIn Radio App: http://tunein.com/r…/Brakeing-Down-Security-Podcast-p801582/

BrakeSec Podcast Twitter: http://www.twitter.com/brakesec

Bryan's Twitter: http://www.twitter.com/bryanbrake

Brian's Twitter: http://www.twitter.com/boettcherpwned

Join our Patreon!: https://www.patreon.com/bds_podcast

Comments, Questions, Feedback: bds.podcast@gmail.com

iTunes Link: https://itunes.apple.com/us/podcast/2016-001-jay-schulmann-explains/id799131292?i=360028388&mt=2

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-001-JaySchulman-BSIMM.mp3

1