47 min listen
Unavailable
Currently unavailable
2019-043-Bea Hughes, dealing with realistic threats in your org
Currently unavailable
2019-043-Bea Hughes, dealing with realistic threats in your org
ratings:
Length:
71 minutes
Released:
Dec 4, 2019
Format:
Podcast episode
Description
Realistic Threats Nation states aren’t after you https://twitter.com/beajammingh/status/1191884466752385025 https://twitter.com/beajammingh/status/1198671660150226946 https://twitter.com/beajammingh/status/1198671952824565762 https://www.leviathansecurity.com/blog/the-calculus-of-threat-modeling What are credible threats? Malicious insiders - Non-malicious insiders - https://www.scmagazine.com/home/security-news/not-every-insider-threat-is-malicious-but-all-are-dangerous/ Education issue? Is there such a thing as ‘non-malicious’ or is this just bunk? Real threats https://resources.infosecinstitute.com/5-new-threats-every-organization-prepared-2018/ CIO magazine threats -- buzzword threats (we should totally containerize all the things) Vulns that have names (blue team is stuck dealing with ‘theoretical’ issues e.g. SPECTRE/MELTDOWN) Lack of well-priced training? Dev Training? Security Training? Better management communication will reduce threats Building trust so they don’t freak when ‘$insert_named_vuln’ shows up Gotta frame it to business needs “Everyone is vulnerable” - keep FUD to a minimum, don’t exaggerate. Know your industry’s threats (phishing, money transfer fraud, malware Patreon donor: Michael K. $10 patron! Layer8conf - https://www.workshopcon.com/events https://layer8conference.com/ Regarding diversity scholarships, it's being worked on and the number of available spots will highly depend on the number of Sponsorships the conference secures. As a side note WorkshopCon will sponsor a number of Layer8 conference tickets if people follow @WorkshopCon on Twitter and tweet to us why they are interested in Social Engineering and OSINT topics with hashtag #sendMeToLayer8. We will select folks from those tweets with the emphasis being on folks coming from underrepresented or minority groups. In terms of sponsorship information for Layer8, Patrick wants people to send an email to sponsors@layer8conference.com Please let us know if you have any other questions, and thank you so much for giving us a hand spreading the word!!! Saturday June 6, 2020, RI Convention Center https://www.dianainitiative.org/ https://twitter.com/DianaInitiative Conference in Las Vegas (Aug 6-7, 2020) (Thu & Fri) Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel: http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site: https://brakesec.com/bdswebsite #iHeartRadio App: https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec
Released:
Dec 4, 2019
Format:
Podcast episode
Titles in the series (100)
2020-025-Cognizant breach, maze ransomware, PAN-OS CVE 2020-2021, SAML authentication walkthrough: Thank you to Marcus Carey for his excellent guidance and leadership this week. Cognizant breach: Maze ransomware write-up: PAN-OS CVE 2020-2021 - We have been made aware of a serious issue with SAML on Palo Alto Networks PAN-OS... by BrakeSec Education Podcast