Dec 23, 2019
Are things better than 10 years ago? 5 years ago?
If there was one thing to change things for the better, what would that be?
Did naming vulns make things better?
Which industries are doing a good job of securing themselves? Finance?
What do you wished never happened (security/compliance wise)?
Ransomware infections with no bounties
Still have people believing “Nessus” is a pentest
https://www.retailitinsights.com/eventscalendar/eventdetail/1c77d5c6-8625-4f2b-bb98-89cca6590c49
https://www.apics.org/credentials-education/events
PREDICTIONS!!!
Bryan: The rise of the vetting programs (Companies will want to vet content creators in their eco-systems)
Cybuck: An uptick in surveillance tech; both disguised as cool home smart gadgets and straight up public safety. Triggering a US GDPR type response.
Injection remains as the undisputed heavyweight champion of app sec vulnerability (OWASP top 10). And wishful thinking...broken authentication moves lower, denial of service goes down. https://twitter.com/WeldPond/status/1207383327491137536/photo/1
JB: a major change in social media/generational shift in how we use it, legal or focus on new types of mobile tech for example… Human networking in real-life in the age of ‘social’ ….“When you hire someone… you also hire their rolodex” --- what do you think about this statement? ..it’s role in InfoSec? Talent?
JB- shouted out https://github.com/redcanaryco/atomic-red-team (Invoke-Atomic framework with powershell now on Linux, OSX, and Windows)
JB - Link to hunting/stopping-human-trafficing org i mentioned :
Shoutout
Sherrie Caltagirone, Executive Director, Global Emancipation Network @GblEmancipation
https://www.sans.org/cyber-security-summit/archives/file/summit_archive_1569941622.pdf
Mentioned https://monitorama.com/ https://github.com/viq/air-monitoring-scripts (viq form brake sec )
Talk about where you were 10 years ago, and what you did to get where you are?
Best Hacking tool?
Best Enterprise Tool?
https://www.phoronix.com/scan.php?page=news_item&px=CERN-MALT-Microsoft-Alternative
https://www.iotworldtoday.com/2019/12/21/2020-predictions-apis-become-a-focus-of-iot-security/
https://www.jonesday.com/en/insights/2018/10/california-to-regulate-security-of-iot-devices
https://www.infosecurity-magazine.com/magazine-features/what-makes-a-ciso-employable/
https://www.owasp.org/index.php/OWASPTop10-2010-PressRelease
Check out our Store on Teepub! https://brakesec.com/store
Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com
#Brakesec Store!:https://www.teepublic.com/user/bdspodcast
#Spotify: https://brakesec.com/spotifyBDS
#RSS: https://brakesec.com/BrakesecRSS
#Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec