All Episodes

Welcome to Certified: The GIAC GSLC Audio Course

Episode 82 — Include Physical Vulnerabilities: Facilities, Devices, and Environmental Dependencies

Episode 81 — Drive Remediation Workflows: Ownership, SLAs, Exceptions, and Verification Evidence

Episode 80 — Prioritize Vulnerabilities Using Context: Exposure, Criticality, and Exploit Signals

Episode 79 — Build Vulnerability Management as a Program, Not a Scanning Habit

Episode 78 — Defend Security Priorities With Evidence: Metrics, Narratives, and Tradeoffs

Episode 77 — Apply Risk Techniques: Treatment Options, Registers, and Decision Documentation

Episode 76 — Adopt Security Frameworks to Mature Programs Without Checkbox Compliance

Episode 75 — Evaluate Risk in Business Terms Using Likelihood, Impact, and Exposure

Episode 74 — Identify Common Network Threats and Map Them to Defensive Priorities

Episode 73 — Explain Networking Protocols and Technologies Managers Must Command Confidently

Episode 72 — Select Network Controls for Threats: Segmentation, Filtering, and Inspection

Episode 71 — Build Network Security Architecture Using Trust Models and Control Placement

Episode 70 — Evaluate Machine Learning in Monitoring: Benefits, Limits, and Data Requirements

Episode 69 — Apply SOAR Thoughtfully: Automation Scope, Guardrails, and Human Override

Episode 68 — Lead SIEM Operations: Parsing, Correlation, Use-Case Quality, and Maintenance

Episode 67 — Centralize Logging Strategically: What to Collect, Why, and How Long

Episode 66 — Operationalize Program Management: Roadmaps, Backlogs, Dependencies, and Proof

Episode 65 — Manage Security Personnel: Hiring, Coaching, Performance, and Retention Levers

Episode 64 — Establish Security Governance: Committees, Charters, Metrics, and Ownership Clarity

Episode 63 — Design Program Structure Around Culture, Reporting Lines, and Decision Rights

Episode 62 — Balance Endpoint Protection: Prevention, Detection, Isolation, and Recovery Evidence

Episode 61 — Monitor Endpoints Effectively: Telemetry, Coverage, Tuning, and Noise Reduction

Episode 60 — Reduce Malware Risk With Controls: Hardening, EDR Strategy, and Response Hooks

Episode 59 — Recognize Client-Side Attacks Leaders Must Anticipate and Prevent

Episode 58 — Align Policy With Risk Appetite, Exceptions, and Accountability Mechanisms

Episode 57 — Distinguish Policies, Standards, Guidelines, Baselines, and Procedures Correctly

Episode 56 — Write Security Policies That People Can Follow and Auditors Can Verify

Episode 55 — Mature Awareness Programs Using Metrics, Reinforcement, and Targeted Campaigns

Episode 54 — Design Security Awareness That Changes Behavior and Reduces Real Incidents

Episode 53 — Assess Human Risk Drivers: Roles, Behaviors, and Likely Failure Points

Episode 52 — Handle Project Drift: Change Control, Dependencies, and Delivery Evidence

Episode 51 — Build Business Support for Security Work Using Value, Cost, and Tradeoffs

Episode 50 — Run Security Projects: Scope, Schedule, Risk, and Stakeholder Commitments

Episode 49 — Manage Third-Party Contracts: SLAs, Audit Rights, Breach Terms, and Ownership

Episode 48 — Build Vendor Risk Management: Intake, Due Diligence, and Ongoing Monitoring

Episode 47 — Negotiate Security Outcomes With Vendors Using Requirements, Evidence, and Leverage

Episode 46 — Align Compliance Expectations With Practical Security Evidence and Continuous Checks

Episode 45 — Translate Privacy Requirements Into Controls: Minimization, Retention, and Access

Episode 44 — Protect Data at Rest Using Encryption, Key Custody, and Access Patterns

Episode 43 — Protect Data in Transit Using TLS Choices and Certificate Hygiene

Episode 42 — Manage Cloud Risk With Baselines, Policies, and Exception Handling That Scales

Episode 41 — Control Cloud Data Exposure: Storage Permissions, Keys, and Configuration Drift

Episode 40 — Operationalize Cloud Logging: Sources, Normalization, Retention, and Alert Quality

Episode 39 — Design Cloud Network Segmentation to Reduce Blast Radius and Lateral Movement

Episode 38 — Secure Cloud Identity: Roles, Federation, MFA, and Least Privilege Enforcement

Episode 37 — Master Cloud Service Models and Shared Responsibility Without Blind Spots

Episode 36 — Set AI Governance: Acceptable Use, Access Controls, and Monitoring Expectations

Episode 35 — Manage AI Security Risks: Data Leakage, Prompt Abuse, and Model Misuse

Episode 34 — Evaluate AI Business Benefits Without Confusing Demos With Production Reality

Episode 33 — Explain AI Types and Capabilities Leaders Must Understand to Govern Risk

Episode 32 — Build Application Security Testing Strategy: SAST, DAST, SCA, and Triage

Episode 31 — Drive DevSecOps Adoption With Measurable Controls and Shared Ownership

Episode 30 — Secure Infrastructure as Code With Reviews, Policy Gates, and Guardrails

Episode 29 — Manage Dependency and Component Risk Across Build Pipelines and Releases

Episode 28 — Operationalize Secure Coding Expectations Without Slowing Delivery Excessively

Episode 27 — Prioritize Application Risks Using Threat Modeling and Abuse-Case Thinking

Episode 26 — Secure the SDLC by Embedding Security Requirements and Design Reviews

Episode 25 — Improve SOC Handoffs With Playbooks, Case Management, and Evidence Standards

Episode 24 — Build Use Cases That Improve Detection Fidelity and Analyst Confidence

Episode 23 — Set SOC Metrics That Drive Quality, Not Ticket Volume Theater

Episode 22 — Staff a SOC With Clear Roles, Skills, and Escalation Paths

Episode 21 — Choose SOC Operating Models: In-House, Outsourced, Hybrid, and Follow-the-Sun

Episode 20 — Define SOC Mission and Scope That Matches Business Risk and Maturity

Episode 19 — Design Disaster Recovery Targets: RTO, RPO, Testing, and Restoration Evidence

Episode 18 — Build Business Continuity Planning That Reflects Real Business Dependencies

Episode 17 — Operationalize Lessons Learned Into Program Improvements and Reduced Recurrence

Episode 16 — Drive Eradication and Recovery With Verification, Monitoring, and Closure Criteria

Episode 15 — Run Containment Choices Without Breaking Business Operations or Safety

Episode 14 — Coordinate Communications: Legal, PR, Executives, and Affected Stakeholders

Episode 13 — Preserve Evidence Correctly: Chain of Custody, Logging, and Forensics Readiness

Episode 12 — Build Triage Discipline: Severity, Scope, Impact, and Containment Priorities

Episode 11 — Lead Incident Response as a Lifecycle With Clear Roles and Authority

Episode 10 — Reinforce Crypto Decisions With Practical Threat Models and Failure Modes

Episode 9 — Design Password Storage That Survives Breaches Using Modern Hash Strategies

Episode 8 — Use Hashing Correctly for Integrity Checks and Tamper Detection

Episode 7 — Explain Digital Signatures for Integrity, Nonrepudiation, and Trust Decisions

Episode 6 — Apply Public Key Cryptography for Identity, Exchange, and Secure Workflows

Episode 5 — Manage Keys Safely: Generation, Storage, Rotation, and Access Controls

Episode 4 — Select Symmetric Encryption Algorithms Based on Speed, Use Case, and Risk

Episode 3 — Command Core Cryptography Vocabulary Leaders Must Use With Precision

Episode 2 — Build a Spoken Study Plan: Indexing, Pacing, and Retake-Ready Habits

Episode 1 — Decode the GSLC Exam Structure, Question Style, Scoring, and Timing Strategy