BrakeSec Education Podcast

Jay Beale discusses his K8s class at BlackHat, Kubernetes developments, and mental health

Socvel intel threat quiz, Pearson Breached, nintendo bricking stuff, and kevintel.com

Bronwen Aker - harnessing AI for improving your workflows

post-bsides SD discussion, EPSS, the answer I should have given, and 'Lord Brake'

March23: buy browser extensions, attackers don't need exploits, socvel CTI quiz

steam distributes malware in game form, RDP open from DOGE servers, hacking a supply chain for 50K

Tanya Janca Talks secure coding, Semgrep Academy, and community building, and more!

Josh Grossman - building Appsec programs, bridging security and developer gaps

Managing messaging with management, becoming a CISO with Mary Gardner from Goldiknox

p2-accidentalCISO, building trust in new places

AccidentalCISO on BrakeSecEd, talking Leadership, SaaS development, and Appsec

1st show of 2024! Our 10th Anniversary...

Brakesec Call to Action 2023

How to get more headcount, BLUFFs Vulnerability, and Ranty Clause debuts!

25Oct - okta breached (again), Energy company hit by supply chain attack, and you can help hire the best people

Nicole Sundin - CPO at Axio - SEC compliance, usable security, setting up risk mgmt programs

John Aron, letters of marque, what does a "junior" job look like with AI?

Megan Roddie - co-author of "Practical Threat Detecion Engineering"

meeting new people, walking on your keyboard causes issues, even google gets phone numbers wrong.

Bsides Seattle and Austin, SecureBoot patch, and more

lynsey wolf, conducting insider threat investigations, CASB and UEBA utlization to good use.

3CX supply chain attack, Mark Russinovich and Sysinternals, CISA ransomware notifications, and emotional intelligence

Dish Network is still busted, John Deere avoiding OSS requests, Is DAST dead?

Nickolas Means talks about Security, Devops velocity, blameless orgs, and conferences infosec should attend

SPECIAL INTERVIEW: John Aron and Jerod Brennen

Layoff discussions, another TMO breach, OneNote Malware, and more!

GPS car hacks, Google Threat report, notable topics of 2020, satellite threat modelling, twitter breach(?)

Josh-Whalen-risk-management-data_visualization-tools, value-creating activities -p2

John Whalen, data visualization tools, risk management, handling org risk-p1

Interview with Infrared - one of the Seattle Community Network organizers

JAMBOREE - an Android App testing platform from @operat0r -part2

JAMBOREE - an Android App testing platform from @operat0r

07-oct-news-twitch streaming

Uber Breach, MFA fatigue, who can help communicate biz risk?

Manual Code reviews/analysis, post-infosec Campout discussion

Amanda's Sysmon Talk -p2

Amanda's Sysmon Talk -p1

Tanya Janca, Securing APIs, finding Security Champions, and accepting Risk

Tanya Janca on secure coding practices, Swagger docs, and why documentation matters

PYPI enables 2FA, some devs have a problem with this

JW Goerlich on Training, phishing exercises, security metrics,getting the most from user training

RSA conference, Zero Trust, SSO, 2FA, and multi-cloud tenancy with J Goerlich

jon-dimaggio-part2-threat intel-hacking back-analyzing malware

Jon DiMaggio_Art-of-cyberwarfare_hacking_back-insider-threat-messaging_P1

news, infosystir's talk at RSA, conti has an 'image' problem

Mieng Lim, Ransomware actions, using insurance to offset risk, good IR/PR comms

Mieng-Lim-Ransomware-Best-Practices-p1

Mick Douglas on threat intel, customer worries about being hacked, and more

news, farmers affected by ransomware, protestware for the 3rd time, trusting opensource

Mick Douglas discusses What2Log, and guidance in light of Okta incident