Youtube Video at: https://www.youtube.com/watch?v=yHPvGVfPgjI Jay Beale is a principal security consultant and CEO/CTO for InGuardians. He is the architect of multiple open source projects, including the Peirates attack tool for Kubernetes (in Kali Linux), the Bustakube CTF Kubernetes cluster, and Bastille Linux. Jay created and leads the Kubernete…

socvel.com/quiz if you want to play along! Check out the BrakeSecEd Twitch at https://twitch.tv/brakesec join the Discord: https://bit.ly/brakesecDiscord Music: Music provided by Chillhop Music: https://chillhop.ffm.to/creatorcred "Flex" by Jeremy Blake Courtesy of Youtube media libraryBryan Brake által

Guest Info: Name: Bronwen Aker Contact Information (N/A): https://br0nw3n.com/ Time Zone(s): Pacific, Central, Eastern –Copy begins– Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change…

Check out the BrakeSecEd Twitch at https://twitch.tv/brakesec or Youtube: https://youtube.com/c/BDSPodcast join the Discord: https://bit.ly/brakesecDiscord https://arxiv.org/abs/2302.14172 - EPSS whitepaper https://www.linkedin.com/posts/jayjacobs1_epss-threatintel-vulnerabiltymanagement-activity-7308146548767404032-RubN https://www.first.org/epss/…

Check out the BrakeSecEd Twitch at https://twitch.tv/brakesec Join the Discord! https://bit.ly/brakesecDiscord Questions and topics: (please feel free to update or make comments for clarifications) * https://techoreon.com/http-flaw-in-apple-passwords-left-iphones-vulnerable/ * https://darkmarc.substack.com/p/attackers-dont-need-exploits-when * http…

Youtube VOD: https://www.youtube.com/watch?v=zu_smyQGvG4 https://lcamtuf.substack.com/p/how-security-teams-fail https://cyberintel.substack.com/p/doge-exposes-once-secret-government https://x.com/SteamDB/status/1889610974484705314 – supply chain issues can crop up anywhere… are you blocking people from steam and popular software downloads online? h…

Check out the BrakeSecEd Twitch at https://twitch.tv/brakesec Join the Discord! https://discord.gg/brakesec #youtube VOD (in 1440p): https://www.youtube.com/watch?v=axQWGyd79NM Questions and topics: Bsides Vancouver discussion Semgrep Community and Academy Building communities What are ‘secure guardrails’ Reducing barriers between security and deve…

Youtube VOD: https://youtu.be/G3PxZFmDyj4 #appsec, #owasp, #ASVS, #joshGrossman, #informationsecurity, #SBOM, #supplychain, #podcast, #twitch, #brakesec, #securecoding, #Codeanalysis Questions and topics: 1. The background to the topic, why is it something that interests you? How do you convince developers to take your course? 2. What do you think …

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time based on new information and experiences and do not represent views of past, present, or future employers. Recorded: 08 …

Full Youtube VOD: https://www.youtube.com/watch?v=uX7odQTBkyQ Questions and topics: Let’s talk about Mindful Business Podcast What’s the topics you cover? Topic #1: discuss your experiences when you were a new leader. What worked? What didn't? What would you have done differently? Do you emulate your manager's style? What have been your go-to manag…

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time based on new information, and do not represent views of past, present, or future employers. Recorded: 28 Jan 2024 Youtub…

It's our 10th anniversary and the first show of our 2024 season! Amanda was on "7 minute security" https://7minsec.com/projects/podcast Check out the complete VOD at https://youtu.be/vbmEtkxhAMg Explicit language warning www.brakeingsecurity.com https://twitch.tv/brakesec https://bit.ly/brakesecytBrian Boettcher, Bryan Brake, and Amanda Berlin által

Youtube Video: https://youtu.be/IUDPlQaQg8M https://forms.gle/rf145MoN7cskwMjf8 is the link to the survey. Your information (should you choose to identify yourself) will not be shared outside of the BrakeSec Team. Thank all of you for listening and for your input. RSS feed for the audio podcast is at https://www.brakeingsecurity.com/rss website: ht…

Show Topic Summary: Ms. Berlin proposes a question of how to gather more headcount with metrics, we discuss the BLUFFS bluetooth vulnerability, and “Ranty Claus” talks about CISA’s remarks of putting the onus on device product makers to remove choice for customers and implement secure defaults. #youtube VOD: https://www.youtube.com/watch?v=emcAzTx9…

Subscribe on Twitch using Amazon Prime and watch us live: https://twitch.tv/brakesec Check out our VODs on Youtube: https://www.youtube.com/@BrakeSecEd Join the BrakeSecEd discord: https://discord.gg/brakesec News: https://www.darkreading.com/remote-workforce/1password-latest-victim-okta-customer-service-breach https://www.documentcloud.org/documen…

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time, and do not represent views of past, present, or future employers. Guest Bio: Nicole is the Chief Product Officer at Axi…

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time, and do not represent views of past, present, or future employers. Guest Bio: John is the CEO of Aronetics. An avid clim…

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time, and do not represent views of past, present, or future employers. Buy here: https://subscription.packtpub.com/book/secu…

Recorded in front of a live audience at UNC CAUSE in October, 2022! The Zero Trust Framework raises valid questions about risk reduction. But, as one CISO used to say, "we have to trust someone eventually, right?" Or do we? Universities, are built on a philosophy of openness and enrichment of public understanding. How do we preserve the public's tr…

Charlie and Michael are joined by Drew Trumbull, Incident Handling Team Lead for UNC Chapel Hill's Information Security Office, to talk about the latest threats we see and what folks should do if they think they might have been targeted successfully by them, plus the importance of compassion and empathy in our field. There are also side discussions…

Check out our sponsor (BLUMIRA) at https://blumira.com/brake youtube channel link: https://youtube.com/c/BDSPodcast Full video on our youtube Channel! https://www.youtube.com/watch?v=BkBeLuM_urk https://www.rapid7.com/blog/post/2023/07/11/cve-2023-29298-adobe-coldfusion-access-control-bypass/ https://www.darkreading.com/remote-workforce/hacker-infe…

BrakeSec Show Outline – No Guest Show Topic Summary (less than 300 words) Bsides Seattle and Bsides Austin Youtube VOD: https://youtube.com/live/UGRaRSYj7kc Questions and potential sub-topics (5 minimum): Bsides Seattle update and Bsides Austin Patching the unpatchable https://en.wikipedia.org/wiki/Parkerian_Hexad Power and influence (is power bad?…

Show Topic Summary (less than 300 words) Insider threat still exists, Lynsey Wolf talks with us about HR’s role in insider threat, how prevalent investigations are in the post-pandemic work from home environment. Questions and potential sub-topics (5 minimum): What is the difference between insider threat and insider risk? Motivators of insider thr…

Security and privacy are often mentioned hand-in-hand in our industry, but they're actually very different fields with different considerations and concerns--and the policies applying to one are not necessarily meant to address those of the other. Charlie and Michael welcome Kim Stahl, Senior Policy and Process Lead for UNC Chapel Hill's Informatio…

Charlie and Michael have discussed communicating security risks and strategies to older users and at-risk users, but what about students and younger users? We welcome guests Lila Davidson and Louise Flinn from the UNC Chapel Hill ITS Communications team to discuss things to consider when we do outreach focusing on students and others on the cusp of…

Anyone who works in information security knows that we, perhaps more than any other IT sector, are reliant on a forest of vendors, each promising the moon and often duplicating others' capabilities. Join Charlie and Michael for a frank discussion of the best and worst parts of managing those vendor relationships and what we look to gain from them. …

Show Topic Summary (less than 300 words) 3CX supply chain attack, Mark Russinovich and Sysinternals, ransomware notifications from CISA, and emotional intelligence Youtube VOD: https://www.youtube.com/watch?v=afZHiBUr-2g Questions and potential topics (5 minimum): https://www.straitstimes.com/tech/downloading-a-cracked-version-of-fifa-23-or-hogwart…

Show Topic Summary (less than 300 words) Dish Network is still busted due to ransomware, your Pixel phone baseband RCE, Nothing runs like a Deere (away from OSS requests, anyway), and “Are we past DAST?” Questions and potential sub-topics (5 minimum): https://techcrunch.com/2023/03/15/dish-customers-kept-in-the-dark-as-ransomware-fallout-continues/…