Brakeing Down Security Podcast

Brakeing Down Security Podcast

A podcast all about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security Professionals need to know, or refresh the memories of the seasoned veterans.

Episodes

July 28, 2021 56 min
Share
Mark as Played

EO from President Biden asked for a plan to create Zerotrust implementation in the next 90 days (well, 70ish days now… as of 23 May)

https://twitter.com/SecuritySphynx/status/1390475868032618496

@securitySphynx

“CIO: Zero Trust is the way…”

What is the optimal configuration (read: easiest) zero trust config?

Are there different ways to implement Zero Trust?`

https://solutions.pyramidci.com/blog/posts/2021/february/the-swi...

Share
Mark as Played

Full show notes are available here: https://docs.google.com/document/d/14dCpXeQ520IcZC3m007zVPhlIPXKgfv0LkqVnbDx0fc/edit?usp=sharing

 

EO from President Biden asked for a plan to create Zerotrust implementation in the next 90 days (well, 70ish days now… as of 23 May)

https://twitter.com/SecuritySphynx/status/1390475868032618496

 

@securitySphynx

 

“CIO: Zero Trust is the way…”

 

What is the optimal configuration (read: easie...

Share
Mark as Played

part 2:

CTF OSINT discussion

How people will give additional information, even if they aren't receiving points for it.

Gamifying and motivating people to 'do the right thing', like offering a chance to win a lottery for a covid vaccine, or free sports tickets to get a shot, or gift cards when reporting phishes.

 

Joe Gray @C_3PJoe

 

OSINTION

https://theosintion.com 



New book… ship date? How to get it?

https://www...

Share
Mark as Played

Elizabeth Wharton: @lawyerliz on Twitter

Executive Order: (https://www.americanbar.org/groups/public_education/publications/teaching-legal-docs/what-is-an-executive-order-/)

“An executive order is a signed, written, and published directive from the President of the United States that manages operations of the federal government. They are numbered consecutively, so executive orders may be referenced by their assigned number, or ...

Share
Mark as Played

Joe Gray @C_3PJoe

 

OSINTION

https://theosintion.com 



New book… ship date? How to get it?

https://www.amazon.com/Practical-Social-Engineering-Joe-Gray/dp/171850098X/

https://nostarch.com/practical-social-engineering 

 

"Gray provides a very accessible look at social engineering that should be essential reading for pentesters and ethical hackers."

— Ian Barker, BetaNews

 

Story (Bryan: found my shipmate from the Navy)

...

Share
Mark as Played

Updates to the Linux kernel controversy: https://lwn.net/SubscriberLink/854645/334317047842b6c3/

 

@pageinSec on Twitter

 

Dan Kaminsky obit: https://www.theregister.com/2021/04/25/dan_kaminsky_obituary/

 

Spencer Geitzen: http://brakeingsecurity.com/2018-024-pacu-a-tool-for-pentesting-aws-environments

 

https://en.wikipedia.org/wiki/Milgram_experiment

 

https://lore.kernel.org/lkml/20210421130105.1226686-1-gregkh@linuxf...

Share
Mark as Played

Reparations.tech

*Public Safety Coordinators
-Field Operations (Road Incidents)
-Specialized Buildings (The Library, Medical Facilities, CCR)
*Public Safety Officers

A. Discuss Training
-SOP Creation
*SOPs are very custom and dependent on the organization. There are no “NIST” standards.
[IN CYBER: Frameworks for Physical Security --->     ] 

*Think on your feet, many plans often get thrown out the window.
*Creating policies due to u...

Share
Mark as Played

Bios for guests

 

Reparations.tech

*Public Safety Coordinators
-Field Operations (Road Incidents)
-Specialized Buildings (The Library, Medical Facilities, CCR)
*Public Safety Officers

A. Discuss Training
-SOP Creation
*SOPs are very custom and dependent on the organization. There are no “NIST” standards.
[IN CYBER: Frameworks for Physical Security --->     ] 

*Think on your feet, many plans often get thrown out the window.
*C...

Share
Mark as Played

In this episode:

knowing your audience - discussing the IR impact
how did this happen? how deep do you want to tailor your potential discussion?
Every level must be asking "what, when, why, how?", not just those in the trenches
does the level of incident mean that communication scales accordingly?

And much more!

 

Dr. Catherine J. Ullman (@investigatorchi)

Incident Response communications

Reminders:
Patreon Jeff T. just...

Share
Mark as Played



Dr. Catherine J. Ullman (@investigatorchi)

 

Incident Response communications

 

Reminders:
Patreon Jeff T. just became a $2 patron!

Accepted to CircleCityCon on IR communications!

Bsides Rochester Security B-Sides Rochester

 

Spoke at SeaSec meetups:



Qualys Update on Accellion FTA Security Incident | Qualys Security Blog

 

Security Advisory | SolarWinds

 

Family Educational Rights and Privacy Act (FERPA)




It’s importa...

Share
Mark as Played

@thefluffy007

A Bay Area Native (Berkeley)

I always tell people my computer journey started at 14, but it really started at 5th grade (have a good story to tell about this)

Was a bad student in my ninth grade year - almost kicked out of high school due to cutting. Had a 1.7 GPA. After my summer internship turned it around to a 4.0.

Once I graduated from high school, I knew I wanted to continue on the path of computers. Majored ...

Share
Mark as Played

@thefluffy007

A Bay Area Native (Berkeley)

I always tell people my computer journey started at 14, but it really started at 5th grade (have a good story to tell about this)

Was a bad student in my ninth grade year - almost kicked out of high school due to cutting. Had a 1.7 GPA. After my summer internship turned it around to a 4.0.

Once I graduated from high school, I knew I wanted to continue on the path of computers. Majored ...

Share
Mark as Played

Popular Podcasts

  • If you can never get enough true crime... Congratulations, you’ve found your people.

  • Dr. Death

    We’re at our most vulnerable when we go to our doctors. We trust the person at the other end of that scalpel. We trust the hospital. We trust the system. Christopher Duntsch was a neurosurgeon who radiated confidence. He claimed he was the best in Dallas. If you had back pain, and had tried everything else, Dr. Duntsch could give you the spine surgery that would take your pain away. But soon his patients started to experience complications, and the system failed to protect them. Which begs the question: who - or what - is that system meant to protect? From Wondery, the network behind the hit podcast Dirty John, DR. DEATH is a story about a charming surgeon, 33 patients and a spineless system. Reported and hosted by Laura Beil.

  • The Daily

    This is what the news should sound like. The biggest stories of our time, told by the best journalists in the world. Hosted by Michael Barbaro. Twenty minutes a day, five days a week, ready by 6 a.m.

  • Dateline NBC

    Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.

  • Stuff You Should Know

    If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks then look no further. Josh and Chuck have you covered.

Facebook comments will no longer be available on iHeart

We're taking steps to simplify your experience. If you want to reach out to our hosts or stations, please do so via their website or social media. If you need any assistance please check out our help site.

Chat About Brakeing Down Security Podcast

Advertise With Us
Music, radio and podcasts, all free. Listen online or download the iHeartRadio App.

Connect

© 2021 iHeartMedia, Inc.