Nov 23, 2017
This week is a bit of a short show, as Ms. Berlin and Mr. Boettcher are out this week for the holiday.
I wanted to talk about something that I've started doing at work... Creating training... custom training that can help your org get around the old style training.
Also, we got some community audio from one of our...
Nov 15, 2017
Direct Link: https://brakesec.com/2017-038
Michael De Libero spends his work hours running an application security team at a gaming development company. I (Bryan) was really impressed at the last NCC Group Quarterly meetup when he gave a talk (not recorded) about how to properly build out your Application Security...
Nov 8, 2017
Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-037-asset_management.mp3
We started off the show talking to Mr. Boettcher about what DDE is and how malware is using this super legacy Windows component (found in Windows 2) to propogate malware in MS Office docs and spreadsheets. We also talk about how to...
Oct 29, 2017
Adam Shostack has been a fixture of threat modeling for nearly 2 decades. He wrote the 'threat modeling' bible that many people consult when they need to do threat modeling properly.
We discuss the different threat...
Oct 22, 2017
After last year's SOURCE Conference, I knew I needed to go again, not just because it was a local (Seattle) infosec conference, but because of the caliber of speakers and the range of topics that were going to be covered.
I got audio from two of the speakers at the SOURCE conference (@sourceconf) on Twitter