7 Minute Security
534 episodes - English - Latest episode: almost 2 years ago - ★★★★★ - 63 ratings7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
7MS #133: I Got a New Job - Part 2
January 01, 2016 16:32 - 8 minutes - 4.1 MBThis is a four-part series about my transition to a new job! The topics are as follows: Part 1: When it may be time to look for a new job (or not) Part 2: How to stand out during phone screenings and interviews Part 3: How to gracefully transition from old job to new job Part 4: Here's what I'm doing in my new gig!
7MS #132: I Got a New Job - Part 1
January 01, 2016 16:26 - 7 minutes - 3.4 MBThis is a four-part series about my transition to a new job! The topics are as follows: Part 1: When it may be time to look for a new job (or not) Part 2: How to stand out during phone screenings and interviews Part 3: How to gracefully transition from old job to new job Part 4: Here's what I'm doing in my new gig!
7MS #131: How to Attempt a Two Week Pentest in Two Days
December 30, 2015 04:30 - 8 minutes - 4.12 MBThe title says it all. I had two days to pentest a network that probably would've taken two or more people two weeks or more. I laughed. I cried. I had fun.
7MS #130: Sqlmap and Sqlninja FTW
December 29, 2015 00:27 - 7 minutes - 3.57 MBThis episode talks about some fun I had using sqlmap, and how using it in conjunction with Sqlninja makes me happy to be alive.
7MS #129: Embarrassing Stories
December 27, 2015 21:34 - 8 minutes - 3.83 MBIn this episode I talk about face-planting in my office at the first job I had out of college.
7MS #128: Transparency is King
December 27, 2015 05:22 - 9 minutes - 4.44 MBIn this episode, I talk about a restaurant infosec assessment I did, and how the recommendations coming out of that assessment didn't fit the standard "mold." I also talk about how being transparent and helpful - and NOT billing clients for every tiny little thing - is king.
7MS #127: Intro to HIPAA Assessments
December 27, 2015 05:10 - 9 minutes - 4.27 MBThis episode covers a few HIPAA tidbits I picked up while preparing for - and executing - a HIPAA security assessment.
7MS #126: Get Your Name Out There
December 24, 2015 19:50 - 8 minutes - 3.91 MBThis episode isn't about infosec exactly, but it talks about how using public resources like LinkedIn, Twitter and blogs to boost your "brand" (though I hate that word) and help you get more connected to the infosec community, job leads and more!
7MS #125: Securing Your Life-Part 2
December 23, 2015 18:13 - 7 minutes - 6.55 MBWay back in episode #93, I talked about things you can do to secure your life (mortgage review, adequate insurance, estate planning, investments, etc.). This episode continues that train of thought and covers: getting the right amount of life insurance, getting the right home/auto coverage, as well as estate planning.
7MS #124: Sprinkles
December 23, 2015 02:31 - 8 minutes - 3.97 MBThis episode is 90% a rant about how annoying carry-on luggage and air travel can be, and a 10% sprinkling of security sauce mixed in. Hence: sprinkles.
7MS #123: Doing a Redo Assessment
December 22, 2015 03:12 - 9 minutes - 4.39 MBThis episode talks about my experience in doing a "redo" security assessment, during which I struggled with the following questions: what's the best way to efficiently correct the erroneous information and make the customer happy without asking ALL the original questions over again? Especially when I have little to no time to prepare for the "redo" interview?
7MS #122: OFFTOPIC-An Apology to Elephants
December 20, 2015 16:40 - 8 minutes - 3.91 MBPreview76 wordsThis episode is about a documentary called An Apology to Elephants. It's all about the treatment (or mistreatment) of elephants, and the main message of the movie is, "Please don't go to the circus when it's in town, because you're supporting elephant abuse." Even if that message was a little heavy handed, I certainly will pass on tickets next time a circus act comes through town. You can subscribe to the 7 Minute Security podcast here.
7MS #121: Migrating from Tumblr to Ghost-Part 2
December 19, 2015 16:38 - 8 minutes - 3.88 MBPart 2 concludes my journey in moving 7ms.us from Tumblr to a Digital Ocean droplet running Ghost. Here are the key resources mentioned during the podcast: How to run multiple Ghost blogs on one DI VPS. The key takeaway here was that I had to upgrade to the $10 droplet (I did a "flexible" resize to add more proc/memory) and then the second instance of Ghost installed fine. Turning on CloudFlare SSL was easy. I chose flexible SSL since I wasn't using a "real" cert. I also wrote a rule to f...
7MS #120: THE PURGE!
December 18, 2015 21:58 - 2 minutes - 736 KBAnnouncing the 7MS PURGE! I've got a back log of episodes banked and I want to get caught up for the new year. So I'm going to release one (or maybe more) episodes per day between now and 2016. Plus (spoiler alerts!) in 2016 we're moving to a Monday/Wednesday/Friday release schedule. Yep, 7MS three times a week - thanks for the idea, mom! Subscribe to 7MS on iTunes here.
7MS #119: Migrating from Tumblr to Ghost-Part 1
December 17, 2015 14:16 - 8 minutes - 3.84 MBIn this episode I talk about my adventures in moving my brianjohnson.tv Tumblr content over to a Digital Ocean hosted droplet running Ghost. I think you'll want to check this episode out, because in part 2 I talk about the challenges I faced in hosting multiple Ghost instances on one DI droplet. I will also be talking about how to enable CloudFlare SSL (for free!) as well as enabling Fail2Ban to keep annoying people/IPs from brute forcing your SSH root account!
7MS #118: Should Phishing be Fair?
December 15, 2015 15:38 - 7 minutes - 3.42 MBThis episode discusses an important and rhetorical (to me) infosec question: Should phishing campaigns be "fair?"
7MS #117: OFFTOPIC-Alive Inside
December 10, 2015 18:13 - 7 minutes - 3.61 MBToday I talk about one of the most moving films I've ever seen - a documentary called Alive Inside.
7MS #116: Tips for a Succesful Vulnerability Scan
December 08, 2015 22:31 - 14 minutes - 6.66 MBIn this episode I complain about getting stuck in NY for two days, and also how to efficiently scan for vulnerabilities when your time is crunched.
7MS #115: OFFTOPIC-Love and Mercy
December 04, 2015 13:19 - 7 minutes - 3.58 MBWe're going off-topic today and talking about the new(ish) movie about Brian Wilson's life called Love and Mercy.
7MS #114: PCI Pentesting 101-Part 3
December 02, 2015 04:01 - 7 minutes - 3.57 MBPart 3 on my series about PCI pentesting. Yeah. That.
7MS #113: Big Bag of Random Security Stuff
November 27, 2015 20:39 - 10 minutes - 4.73 MBYep, this episode is EXACTLY what the title implies.
7MS #112: This is Sparta!
November 25, 2015 15:16 - 8 minutes - 3.9 MBThis episode is about one of my favorite enumeration tools called Sparta - it's built right into Kali 2. And maybe it was in Kali 1 and I totally missed it. But whatevs. I'm happy to have found it now!
7MS #111: Hacking WPA Enterprise-Part 2
November 20, 2015 14:21 - 6 minutes - 3.13 MBThe thrilling (?) conclusion of my experience hacking WPA Enterprise.
7MS #110: Hacking WPA Enterprise-Part 1
November 17, 2015 23:14 - 8 minutes - 4.03 MBThis episode is about my experience hacking WPA enterprise. Huge mega tiger uppercut thanks to this site for giving me the fixes I needed to get this working on Kali2! https://warroom.securestate.com/index.php/evil-twin-attack-using-hostapd-wpe/
7MS #109: OFFTOPIC-It Follows and Backcountry
November 13, 2015 09:37 - 7 minutes - 3.62 MBMovie reviews of It Follows and Backcountry.
7MS #108: I'm Going to PWAPT!-Part 2
November 11, 2015 02:10 - 10 minutes - 4.77 MBHere's part 2 (of probably several to come) about my experience with PWAPT (Practical Webapp Pentesting) training last week!
7MS #107: I'm Going to PWAPT!
November 03, 2015 17:16 - 7 minutes - 3.74 MBHey I'm going to PWAPT this week (http://www.eventbrite.com/e/practical-web-application-penetration-testing-with-tim-tomes-lanmaster53-tickets-16718889649), so in this episode I talk about that...and how I'll probably be too info-overloaded to record anything on Thursday :-). Oh, and I had a fun Web app pentest this week that I wanted to share some fun bits on.
7MS #106: A Day in the Life of an Information Security Analyst
October 30, 2015 01:12 - 10 minutes - 4.81 MBA listener wrote in asking some questions about "a day in the life of" a security analyst, so here's my best stab at it!
7MS #105: OFFTOPIC-Big Bag of Random Sauce
October 28, 2015 04:19 - 9 minutes - 4.33 MBToday's totally random episode covers: 1. How bad does this podcast's logo suck? 2. Does this podcast need a theme song? 3. Some interesting training I'm taking next week. 4. The Walking Dead - who should die? 5. Metal Gear Solid and my personal godmode strategy.
7MS #104: LANTurtle First Impressions
October 22, 2015 12:06 - 7 minutes - 3.37 MBHey I just got a LANTurtle and....these are my first impressions!
7MS #103: OFFTOPIC-I Was in a Movie Once
October 20, 2015 20:03 - 7 minutes - 3.46 MBThis is an off-topic episode about the time I was in the holiday comedy super-smash laugh-fest, Jingle All the Way.
7MS #102: Recon-ng!
October 15, 2015 19:18 - 8 minutes - 4.01 MBI'm a big fan of Recon-ng and you should be too! Check it out - and learn more about Tim Tomes, its creator - at www.lanmaster53.com. And here's the video I mentioned in the podcast - my first look at Recon-ng in action: https://www.youtube.com/watch?v=vkmNTNl6urw
7MS #101: OFFTOPIC-I Am Chris Farley
October 14, 2015 01:52 - 7 minutes - 3.72 MBThe new(ish) Chris Farley documentary is fantastic - see it!
7MS #100: Assessment Curses Can Be Blessings
October 09, 2015 03:12 - 7 minutes - 3.61 MBEver had an assessment that you thought would be the death of you? I had one recently, but after sticking it out, it turned out to be a blessing in disguise.
7MS #99: How to Deliver Bad News in a Good Way
October 02, 2015 13:56 - 8 minutes - 3.92 MBToday's episode gives you some tips on how to deliver bad news in an assessment in a positive way. I think that last sentence was a grammatical nightmare.
7MS #98: Intro to PCI Scoping
September 30, 2015 01:50 - 8 minutes - 3.92 MBSo far I've focused on the technical aspects of PCI, but I'm trying to get familiar with the overall scoping questions that my tenacious QSA friends ask when they start a gap analysis. This episode shares some interesting tidbits I learned while doing some QSA "shadowing" on an assessment of a restaurant.
7MS #97: OFFTOPIC-Limbo
September 25, 2015 03:33 - 7 minutes - 3.74 MBWe're going off topic today and talking about video games! LIMBO for the Xbox!
7MS #96: How to Make Enemies During a Security Assessment
September 23, 2015 01:48 - 9 minutes - 4.53 MBYep, we're talking about how to make ENEMIES during a security assessment today (and maybe turn them into friends).
7MS #95: How to Make Friends During a Security Assessment
September 17, 2015 18:50 - 7 minutes - 3.5 MBWhen you start a security assessment with a company, not everybody's gonna be glad to see you. The IT dept and other employees may have tense shoulders, thinking that this is an Office Space situation where they're interviewing for their jobs. This episode talks about some ways you might be able to get your assessment off to a right start.
7MS #94: Learn How to Burp - Part 1
September 15, 2015 21:33 - 8 minutes - 3.8 MBI've been looking for better ways to learn Burp Suite and I struck gold! Check out my recommendations in today's episode!
7MS #93: Securing Your Life
September 11, 2015 01:37 - 8 minutes - 3.79 MBSo yeah, this is kind of off-topic, but have you thought about security in the sense of "What kinds of security things should I be doing before I'm dead?" Today's episode explores that.
7MS #92: You're Not Ready for Big Boy Security Pants
September 09, 2015 15:29 - 7 minutes - 3.59 MBSometimes I get in situations where clients want their WHOLE security program reviewed, but in reality, they are still in the baby steps phase. What's the right thing to do when, for lack of a better term, the client isn't ready to put on their security big boy points?
7MS #91: Umbrella
September 03, 2015 10:49 - 7 minutes - 3.55 MBToday's episode is about Umbrella, a product from OpenDNS that provides a layer of protection against malware, wifi-jacking and other threats.
7MS #90: OFFTOPIC-Citizenfour
September 01, 2015 10:44 - 8 minutes - 4 MBWe're going offtopic today and talking about the Citizen Four documentary, which centers around the Edward Snowden story.
7MS #89: AppSpider
August 27, 2015 10:42 - 8 minutes - 4.25 MBToday we're talking about a new (to me) Web site/app scanning tool called AppSpider by Rapid7. Again, this isn't a commercial or paid advertisement. I just like sharing things that I like and use.
7MS #88: Glasswire
August 25, 2015 10:40 - 6 minutes - 3.05 MBThis episode's about a cool security app called GlassWire, which is (kind of) a firewall on steroids. I love it! Oh, and this is not an endorsement or a commercial :-)
7MS #87: Presenting the Right Findings to the Right Audience
August 20, 2015 22:53 - 7 minutes - 3.74 MBToday I talk about challenge I run into when I'm delivering to a mixed audience of C-level folks and IT people. How do you keep things high level enough so everybody "gets it" but also go level enough that the recommendations have some teeth?
7MS #86: OSWP-The Final Chapter!
August 18, 2015 16:31 - 7 minutes - 3.5 MBThis episode concludes the gripping, thrilling, exciting, awesome-ing, death-defying, unsettling, rattling series on OSWP (Offensive Security Wireless Professional). Specifically, I talk (as much as I can without getting into trouble) about the exam and give you some pointers to pass it!
7MS #85: What is The Penetration Testers Framework (PTF)?
August 14, 2015 14:42 - 7 minutes - 3.55 MBNeed an easy way to create a modular/mobile kit of pentest tools to take with you from machine to machine? And ALSO be able to update all those modules in one command? Then check out the PTF! That's what we're talkin' about on today's podcast.
7MS #84: DIY Pwn Pad
August 12, 2015 08:42 - 7 minutes - 3.52 MBHey have you heard of Pwn Pads? They're an awesome network pentesting tool that leverages a Nexus tablet - which you can either buy right from Pwnie Express, or create your own if you have a certain model of Nexus lying around. I just happened to have the right Nexus model around, so this podcast episode chronicles my trial and error (mostly error) in making a DIY Pwn Pad! P.S. to get the Android tools installed on Ubuntu 14.04, run these commands: -- sudo add-apt-repository ppa:nilarim...