On this week's show, IANS Faculty Mike Saurbaugh stops by to chat about cooperative red team/blue team strategies, ways to address the infosec skills gap by nurturing current security team members, and how he keeps a stiff upper lip while compiling the IANS Vulnerability and Breach Update every quarter.
In this week's episode, I'm joined by IANS Lead Faculty Dave Schackleford for a wide ranging discussion of the infosec topics and trends on the minds of IANS clients. We cover the hot news of the week, explore top areas of concern in cloud security, and dive into growing areas of interest including SDN and advanced SIEM initiatives. Dave and I also square off on the security community's penchant for smugness and snark. What could go wrong?
This week, I sit down with noted mainframe security expert and seasoned IT auditor Philip Young a.k.a. Soldier of Fortran for an eye-opening look into the art and science of securing legacy systems. Mr. Young shares some harsh truths and tears down some persistent misconceptions about mainframe security. We also discuss the failings of modern compliance audits and ways to improve them.
This week, the inimitable Jack Daniel, one of information security's most respected and recognizable thought leaders, sits down with us for a wide-ranging conversation on securing networks, hardening applications, organizing Bsides events, fighting the crypto wars and staying sane in this crazy business. He also shares his tips for leveraging social media and gives us a glimpse into the mind of infosec's most compelling fictional character: @InfosecNoir's Jimmy Black, Cyber Private Eye.
Bluebox Security co-founder and IANS faculty member Adam Ely joins us this week to talk about trends in appdev security and the need for stricter oversight in regulatory compliance efforts. Ely also discusses discusses how CISOs can raise their innovation game and shares tips on how he overcame his own introverted nature to become a strong voice in enterprise security.
Episode 3 of the IANS Podcast features our wrap-up of RSA 2016 with news and views straight from the conference floor. We listen in on big .gov announcements from Defense Secretary Ashton Carter and Rep. Michael McCaul (R-Texas). And we talk to IANS faculty members Dave Shackleford and Joshua Corman about the big news of the week including the DROWN vulnerability, the Hack the Pentagon initiative, and the push to make infosec pros better business leaders.
In Episode 2 of our IANS Podcast, faculty member Kevin Johnson talks Locky ransomware, Apple v. FBI, the nasty glibc bug, and tells us how to make penetration tests and security awareness training more meaningful. He also tells us about some of the charity work he's involved with to make infosec -- and the world -- a better place.
Check out the pen test prep video Kevin mentions here.
And for more info on the wacky and wonderful 501st Legion, check out their website at 501st.com
In the premiere episode of our IANS Podcast, faculty member Raffy Marty joins us to chat about the state of visualization and actionable intelligence in security analytics as well as the difficulties surrounding SIEM implementations. The Pixlcloud founder also talks about Kaspersky Lab’s recent Security Analyst Summit in Tenerife, Spain and his amazement at the hacking skills of 10-year-old SAS presenter Reuben Paul.