Open Source Security Podcast 공개
[search 0]

Download the App!

show episodes
 
A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.
 
Loading …
show series
 
Josh and Kurt talk to Emil Wåreus from Debricked about the future of security scanners. Debricked is doing some incredibly cool things to avoid relying on humans for vulnerability identification and cataloging. Learn what the future of security scanning is going to look like. Show Notes Debricked Emil's Linkedin…
 
Josh and Kurt talk about the PHP backdoor and the Ubiquity whistleblower. The key takeaway is to note how an open source project cannot cover up an incident, but closed source can and will cover up damaging information. Show Notes PHP backdoor Ubiquity coverup 3D printed TSA keys LockPickingLaywer Determining Key Shape from Sound Lock camera…
 
Josh and Kurt talk to Mark Loveless from GitLab. We touch on DevSecOps, what GitLab is doing, threat modeling, and the time Mark tested positive for TNT at the airport. It's a great conversation. Show Notes Mark Loveless Twitter GitLab GitLab Handbook How we approach open source security PASTA threat modeling GitLab security features Tales from the…
 
Josh and Kurt talk about how terrible daylight savings is. GitHub yanking some exploit code. And the Linux Foundation new project to sign all the things. Show Notes Researcher Publishes Code to Exploit Microsoft Exchange Vulnerabilities on Github GitHub content restrictions Reproducing the Microsoft Exchange Proxylogon Exploit Chain…
 
Josh and Kurt talk to Loris Degioanni and Dan from Sysdig. Sysdig are the minds behind Falco, an amazing open source runtime security engine. We talk about where their technology came from, they huge code donation to the CNCF and what securing a modern infrastructure looks like today. Show Notes Sysdig Falco Loris' Twitter Dan "Pop" Popandrea's Twi…
 
Does your team struggle with prioritizing your security open-source findings? In this episode, James Rabon, Director of Product Management at Micro Focus, will share an approach that can help. Discover how James’ team co-developed “susceptibility analysis,” which allows developers and application security engineers determine whether a publicly-disc…
 
Cybersecurity concepts are fundamental pieces of knowledge necessary for a career in security testing. In this episode, Joe Abraham, author of numerous Pluralsight courses, will share some insights into many security aspects. Listen in to learn about security onion, threat intelligence, cyber threat hunting tips and more.…
 
Are you struggling to find information on how to use Sysmon for your security efforts? In this episode, Carlos Perez, a Research Team lead at TrustedSec, shares all about the TrustedSec Sysmon Community Guide. Discover why Carlos created this guide and how it helps empower defenders with the information they need to leverage this great tool. Also, …
 
Aaron Rosenmund, a cybersecurity researcher at Pluralsight, shares a wealth of knowledge around security testing in this episode. Discover blue team tools to protect, detect, and respond against targeted threat actor techniques in an enterprise environment. Listen in to also learn security frameworks to help you with your threat hunting efforts…
 
How can you prevent attacks if you don't know your enemy? In this episode, Malek Mohammad, author of the Pluralsight course: Web Application Penetration Testing: Information Gathering, discusses how to know how your enemies target you. Discover fingerprinting web applications, enumerating applications, understanding their entry points, and tooling …
 
Josh and Kurt talk about this idea that seems to exist in security of "attackers only need to be right once" which is silly. The reality is attackers have to get everything right, defenders really only need to get it right once. But "defenders only need to be right once" isn't going to sell any products. Show Notes Richard Feynman and manhole cover…
 
Josh and Kurt talk about communication. It's really hard to talk about a lot of what we do. How do we know if a device is secure? How do we know our knowledge is correct? Show Notes 90 percent of U.S. bills carry traces of cocaine Is the moon a star or planet? A mole of moles New homeowner 'freaked out' when stranger took control of her security sy…
 
Need to secure your AWS environments? In this episode, Jonathan Helmus, author of the new book AWS Penetration Testing, will share some tips on AWS penetration testing and security best practices. Discover some of the commonly exploited vulnerabilities in AWS and how to prevent them. Listen in to learn more about cloud penetration testing tips, and…
 
Are you using Infection Monkey? In this episode, Pluralsight author and security expert Maril Vernon will share some insights from her Infection Monkey course. Discover uses of Infection Monkey to test for later movement and network segments against known MITRE tactics. Listen up to learn how this amazing tool can identify your company’s vulnerable…
 
Loading …

빠른 참조 가이드

Google login Twitter login Classic login