Player FM - Internet Radio Done Right
Checked 12M ago
Aggiunto cinque anni fa
Contenuto fornito da Joe Colantonio. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Joe Colantonio o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
Player FM - App Podcast
Vai offline con l'app Player FM !
Vai offline con l'app Player FM !
Podcast che vale la pena ascoltare
SPONSORIZZATO
In 1943, 13-year-old Zuzana Justman and her family are sent to Theresienstadt, a transit camp and ghetto in occupied Czechoslovakia. While the Nazis claim Theresienstadt was a model ghetto with a thriving cultural life, Zuzana and her family face starvation, illness, and fear of the mysterious transports that take her loved ones away, never to return. Learn more at www.lbi.org/justman . Exile is a production of the Leo Baeck Institute, New York and Antica Productions. It’s narrated by Mandy Patinkin. This episode was produced by Rami Tzabar. Our executive Producers are Laura Regehr, Rami Tzabar, Stuart Coxe, and Bernie Blum. Our associate producer is Emily Morantz. Research and translation by Isabella Kempf. Sound design and audio mix by Philip Wilson. Theme music by Oliver Wickham. Special thanks to the German Federal Archives, the Guardian, Will Coley, The International Festival of Slavic Music for the use of their 2018 performance of Hans Krasa’s Brundibar, as well as Zuzana Justman for the use of her film, Voices of the Children. This episode of Exile is made possible in part by a grant from the Conference on Jewish Material Claims Against Germany, which is supported by the German Federal Ministry of Finance and the Foundation Remembrance, Responsibility and Future.…
TestGuild Security Testing Podcast
Segna tutti come (non) riprodotti ...
Manage series 2630150
Contenuto fornito da Joe Colantonio. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Joe Colantonio o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
…
continue reading
51 episodi
Segna tutti come (non) riprodotti ...
Manage series 2630150
Contenuto fornito da Joe Colantonio. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Joe Colantonio o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
…
continue reading
51 episodi
Tutti gli episodi
×Did you know that the Department of Defense (DOD) is mandating that suppliers have Cybersecurity Maturity Model Certification (CMMC) to a prescribed level? In this episode , Frank Smith, Manager of Security and Consulting Practice at Ntiva, shares all you need to know about CMMC. Discover what CMMC is, why you should care, the requirements needed for certification, who needs to be certified, and more. Listen up!…
I today’s episode, I’m going to be sharing a session that Mike Spanbauer, Security Evangelist for Juniper, gave at the last Secure Guild online conference on Developing a Security Test Methodology. Discover the four pieces that make up his approach and some essential tips in implementing your own. Listen up!…
Does your team struggle with prioritizing your security open-source findings? In this episode , James Rabon, Director of Product Management at Micro Focus, will share an approach that can help. Discover how James’ team co-developed “susceptibility analysis,” which allows developers and application security engineers determine whether a publicly-disclosed vulnerability has been invoked in their code. It also reveals whether attacker-controlled input reaches that function. Listen now!…
Cybersecurity concepts are fundamental pieces of knowledge necessary for a career in security testing. In this episode, Joe Abraham, author of numerous Pluralsight courses, will share some insights into many security aspects. Listen in to learn about security onion, threat intelligence, cyber threat hunting tips and more.…
Are you struggling to find information on how to use Sysmon for your security efforts? In this episode , Carlos Perez, a Research Team lead at TrustedSec, shares all about the TrustedSec Sysmon Community Guide. Discover why Carlos created this guide and how it helps empower defenders with the information they need to leverage this great tool. Also, listen in to hear about Carlos’s extensive knowledge gained in working to detect attackers.…
Aaron Rosenmund, a cybersecurity researcher at Pluralsight, shares a wealth of knowledge around security testing in this episode . Discover blue team tools to protect, detect, and respond against targeted threat actor techniques in an enterprise environment. Listen in to also learn security frameworks to help you with your threat hunting efforts…
How can you prevent attacks if you don't know your enemy? In this episode , Malek Mohammad, author of the Pluralsight course: Web Application Penetration Testing: Information Gathering , discusses how to know how your enemies target you. Discover fingerprinting web applications, enumerating applications, understanding their entry points, and tooling needed. Listen up!…
Happy New Year! We will be away for a few weeks but will be back with more security testing awesomeness in 2021. Also, don't forget to register for AutomationGuild .
Need to secure your AWS environments? In this episode , Jonathan Helmus, author of the new book AWS Penetration Testing, will share some tips on AWS penetration testing and security best practices. Discover some of the commonly exploited vulnerabilities in AWS and how to prevent them. Listen in to learn more about cloud penetration testing tips, and tricks. Thanks so much for listening! If you like this episode, please subscribe to "The TestGuild Security" podcast and rate and review wherever you get podcasts. Join the Guild for even more security testing awesomeness: https://testguild.com/newsletter/…
Are you using Infection Monkey? In this episode, Pluralsight author and security expert Maril Vernon will share some insights from her Infection Monkey course. Discover uses of Infection Monkey to test for later movement and network segments against known MITRE tactics. Listen up to learn how this amazing tool can identify your company’s vulnerable network paths and how to protect yourself proactively.…
Prepare to learn all about the OWASP Top 10 Web Application Security Risks—Broken Authentication. This is the second monthly episode in which security expert Prasad Salvi will join us to break down each OWASP risk one by one. Today we’ll discuss the second security risk listed—broken authentication. Discover what a broken authentication risk is, the different ways this attack can occur, and how to prevent it. Listen up, and join us next month as we cover the next security risk, sensitive data exposure.…
How do you integrate API security testing into the development process? In this episode, Oli Moradov, VP of Dev and Strategic Alliances at NeuraLegio, shares ways that you can achieve API security testing automation directly into your DevOps or CI/CD pipelines. Discover how you can test every build without causing development drag. Listen up!…
Has COVID-19 impacted your security testing efforts? In this episode , security expert Adhiran Thirmal shares his thoughts on security testing, Covid-19, OWASP, and more. Listen up and find out more about changes to OWASP for 2020 and beyond and how you can help.
Are you familiar with the OWASP Top 10 Web Application Security Risks? This is the first monthly episode where security expert Prasad Salvi joins us to break down each risk one by one. Today we talk all about the first security risk listed -- injection flaws. Discover what an injection flaw is, different ways this attack can occur, and how to prevent it. Listen up and join us next month as we cover the next security risk, broken authentication.…
Peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics. In this episode , Paul Marrapese, a security researcher, shares his story of how supply chain vulnerabilities in modern IP cameras, baby monitors, and even alarm systems are putting millions at risk for eavesdropping and remote compromise. Listen in to find out ways to avoid these exploits!…
I believe most teams have a massive gap in their pre-production stage of development. In this episode , Kiran Kamity, Founder and CEO of DeepFactor, and Mike Larkin, Founder and CTO of DeepFactor, will share why Pre-production Observability is critical to ensuring your applications are secure, compliant, and performant. Discover how to inject the visibility you need into your application behavior before it hits production, and go from Runtime Blind to Runtime Ready™. Listen up!…
Security is a difficult discipline to master. It requires experts to continuously challenge themselves and learn new tools and technologies to protect their organizations. In this episode , Mike Spanbauer, Technology Evangelist at Juniper, will discuss some ways to build a threat-aware network. Discover a new way to think about your approach to security architecture and more. Listen up!…
Don’t let hackers execute different client-side attacks on your website. In this episode , Prasad Salvi will cover some of the most important concepts in his Pluralsight Web Application Penetration Testing: Client-side Testing course. Discover how to be proficient in performing client-side attacks like Cross-Site Scripting, HTML Injection, Client-side redirects, and how to fix them. Listen up!…
How has the Covid-19 pandemic affected the employment prospects of cybersecurity professionals? In this episode, Owanate Bestman, the founder of Bestman Solutions, will share his take on what you need to know to stay employable in troubled times. Discover areas of growth in security, what employers are looking for, and what skills you’ll need in 2020 and beyond. Listen up!…
Do you have to comply with the complex, time-consuming, and tedious process of preparing for a security audit? In this episode, Eric Martin from Vanta, a cybersecurity startup, will discuss automated security and compliance. Discover why security compliance is essential, and how automation can help you with SOC 2 audits and HIPPA compliance requirements. Listen up!…
Identity needs to be at the core of a security strategy. In this episode, Alan Radford, CTO of One Identity, will share how to achieve security by ensuring the right people get proper access to the right resources at the right time. Discover how using RPA can help with your identity and access management efforts. Listen now!…
Discover how to avoid blind spots in your DevSecOps with Wilson Mar. Wilson is a DevSecOps AI/ML leader, and in this episode, he’ll share his insights on how to improve security in your DevOps efforts. Listen in to find out more about tools, techniques and best practices in security.
Want to know a fun way to learn cyber-security tips? In this episode , Greg Scott security expert and author of Virus Bomb and Bullseye Breach will share how to pick up security practices by reading novels. Discover how to secure stuff like the bad guys do, and how to avoid security breaches in your applications.…
AI is everywhere, but have you ever thought about how it can impact security? Or how to test for AI-exposed security risks? In this episode , Dr. Arash Rahnama, head of Applied AI Research at Modzy, will share his views on the need for AI-embedded security and defenses. Discover how to avoid data poisoning, the emerging momentum around adversarial AI, and techniques to defend against it. Listen up!…
Discover how to take over an enterprise network from the inside. In this episode, Royce Davis, author of "The Art of Network Penetration Testing: Taking over any company in the world", explains how a malicious invader can wreak havoc on your network and how to prevent it. Learn some foolproof penetration testing techniques, and the four phases that every security expert should know for planning and preventing attacks. Listen up!…
Software development itself is changing rapidly, and security programs must evolve if they are to be effective in this next generation of software. In this episode , Cindy Blake, a Senior Security Evangelist at GitLab and author of 10 Steps Every CISO Should Take to Secure Next-Gen Software, will share what you need to know in these changing times. Discover fuzzing and the security implications involved in how software is changing; the code itself, the development methodologies, and the infrastructure. Listen up!…
Hey, it's Joe I just want to let you know that the Testing Security Testing podcast is still around. We're only away for a few weeks. We'll be back shortly. I have a bunch of awesome interviews lined up already. Stay tuned for the Art of Network Penetration Testing the interview I did with Royce Davis and his new book. I'm also doing an interview with Cindy Blake from GitLab on DevSecOps to full maturity and a cool topic and data poisoning the emerging momentum around adversarial AI and the need for embedded security defenses, so just a flavor for a bunch of different new episodes coming your away. If you haven't already, why not like and rate us in iTunes and subscribe to the podcast. So you'll get updates once a new episode is released. Also, I'm always looking for guest on the show, so if you'd like to be interviewed on the show about a Security testing tip, tool, technique or best practice, or you want to nominate someone as a speaker or a topic you'd like to hear more about, drop me an email at Joe@ Testguild.com. So hang tight. We'll see you back here in a few weeks. And as always, test everything and keep the good.…
Don’t let your companies secrets accidentally get pushed to production and expose your company to security risks. In this episode , Harinee Muralinath, a Capability Lead, India at ThoughtWorks, and core contributor to Talisman, shares how. Talisman is a tool to detect and prevent secrets from getting checked-in in the first place. Discover how you can also scan your commits for potential issues. Listen up!…
Think of making the switch from your current role to cybersecurity? In this episode , Dwayne Thomas, a Cyber Security Consultant at Mentor$chip shares his journey from QE to Security. Discover how to enter the most in-demand field in the software industry and learn more about bug bounty programs, presenting security topics for Toastmasters, searching job sites, informational interviews, meet-ups, and obtaining a CISSP certificate and more. Listen up!…
There are still lots of misconceptions and myths about Cloud Security. In this episode , Vandana Verma Global Board of Directors at OWASP and InfosecGirls shares her thoughts on cloud security. Discover some myth-busting truths about security and the cloud and how to avoid some common perceptions around cloud security. Listen up!…
Benvenuto su Player FM!
Player FM ricerca sul web podcast di alta qualità che tu possa goderti adesso. È la migliore app di podcast e funziona su Android, iPhone e web. Registrati per sincronizzare le iscrizioni su tutti i tuoi dispositivi.