Blue Security
204 episodes - English - Latest episode: 4 days ago - ★★★★★ - 3 ratingsA podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Cloud Security - Defender for Servers Deep-Dive
July 09, 2024 12:00 - 34 minutes - 28.4 MBIn this episode of the Blue Security Podcast, Andy and Adam discuss Defender for Servers, a cloud security solution offered by Microsoft. They explain that Defender for Servers is part of the larger Defender for Cloud umbrella and is designed to protect cloud infrastructure, specifically servers. They discuss the different plans available, including Plan 1 and Plan 2, which offer varying levels of endpoint protection and vulnerability management. They also highlight the inclusion of Cloud Se...
Recommended EOP and MDO settings
July 02, 2024 12:00 - 39 minutes - 31.2 MBIn this episode of the Blue Security Podcast, Andy and Adam discuss recommended settings for Exchange Online Protection (EOP) and Microsoft Defender for Office (MDO). They explain that EOP is the core security for M365 subscriptions, providing anti-malware, anti-spam, and anti-phishing protection. They also highlight the importance of the secure by default feature in EOP and the use of admin submissions to report false positives and false negatives. They caution against using methods like Ou...
Arlington BEC, Kaspersky Ban, Crown Equipment Cyberattack
June 25, 2024 12:00 - 37 minutes - 29.6 MBIn this episode, Andy and Adam discuss three cybersecurity news stories. They talk about a small town in Massachusetts that lost over $445,000 in an email scam, the Biden administration's ban on Kaspersky antivirus software, and a cyber attack on Crown Equipment, a forklift manufacturer. The main takeaways from the conversation are the importance of cybersecurity training, the need for secure remote access methods, and the impact of employee satisfaction on cybersecurity. Takeaways -Cybers...
Snowflake, Findlay Auto Ransomware, Olympics
June 18, 2024 12:00 - 32 minutes - 25.9 MBIn this episode of the Blue Security Podcast, Andy and Adam discuss three main topics: the unauthorized user access at Snowflake, the cybersecurity issue at Finley Automotive Group, and the cyber threats surrounding the upcoming Olympics in Paris. They highlight the importance of implementing strong security controls like multi-factor authentication and regular credential rotation. They also emphasize the need for organizations to assess their data storage practices and only retain necessary...
Microsoft Recall update, Windows Hello Enhanced Sign-in Security
June 11, 2024 12:00 - 42 minutes - 32.4 MBIn this episode, Andy and Adam discuss the updates and clarifications made by Microsoft regarding the security concerns surrounding the Recall feature on Copilot Plus PCs. They highlight the changes, such as the option to proactively enable Recall during the out-of-box experience, the requirement of Windows Hello enrollment and proof of presence for accessing Recall, and the additional layers of protection, including just-in-time decryption and encrypted search index database. They also delv...
Ticketmaster breach, Slack AI, Microsoft Recall
June 04, 2024 12:00 - 29 minutes - 23.6 MBThe conversation covers three primary themes: Ticketmaster data breach, Slack's data scraping, and Windows Recall feature. The Ticketmaster breach is discussed in detail, highlighting the stolen data, phishing risks, and the importance of password management. The conversation then shifts to Slack's data scraping controversy, addressing concerns about privacy and opt-in policies. Finally, the Windows Recall feature is explored, focusing on its local processing, privacy controls, and security ...
Microsoft Build Recap
May 28, 2024 12:00 - 39 minutes - 32.1 MBIn this episode of the Blue Security Podcast, Andy and Adam discuss the security and privacy announcements from Microsoft Build. They cover topics such as AI content safety, Copilot capabilities, security enhancements in Microsoft Edge, and new Windows security features. They also touch on the deprecation of NTLM and the introduction of Copilot Plus PCs with Qualcomm's new dev kit for Windows. Overall, the episode highlights the advancements in security and innovation in the Windows ecosyste...
Entra Private Access, Endpoint Privilege Management
May 21, 2024 12:00 - 19 minutes - 15.6 MBIn this episode of the Blue Security Podcast, Andy and Adam discuss Microsoft Entra Private Access and Endpoint Privilege Management. Entra Private Access is a modern secure edge solution that allows remote users to access on-premise applications in a micro-segmented manner. It enables granular app segmentation, MFA, and privileged access to domain controllers for on-premise users. Endpoint Privilege Management, part of the Intune Suite, allows administrators to set policies for standard use...
MSRC Transparency and USB Threats
May 14, 2024 12:00 - 29 minutes - 24.5 MBIn this episode of the Blue Security Podcast, Andy and Adam discuss two important topics: Microsoft's pledge for greater transparency in identifying and determining root causes for security vulnerabilities, and the increasing sophistication of USB malware attacks in industrial organizations. They provide insights into Microsoft's Secure Future Initiative and the importance of security in the OT and IoT networks. They also offer practical tips for strengthening USB security and data exfiltrat...
2024 Verizon Data Breach Report
May 07, 2024 12:00 - 33 minutes - 27 MBThe 17th annual Verizon Data Breach Investigation Report reveals key findings and trends in cybersecurity. The report highlights the increase in vulnerability exploitation for initial access, the continued prevalence of human error in breaches, the rise of pure extortion attacks, and the limited impact of generative AI in the cybersecurity landscape. Recommendations include implementing robust threat and vulnerability management programs, focusing on user education and data protection, and e...
Mobile Threats
April 30, 2024 12:00 - 37 minutes - 29.7 MBIn this episode, Andy and Adam discuss the growing threat of mobile device threats. They highlight the recent mass password reset and account lockout of Apple IDs and the potential for a mobile wormable event. They explore the conditions necessary for a mobile wormable attack, including the development of zero-click exploits, the abuse of contact lists for further spread, and the lack of clear mitigations from telecommunications and mobile device companies. They also discuss the limitations ...
VDI and Shared Responsibility Model
April 22, 2024 12:00 - 25 minutes - 21 MBIn this episode, Andy and Adam discuss the importance of VDI (Virtual Desktop Infrastructure) in security and enterprise architecture. They highlight the security benefits of VDI, such as separating end user environments from the underlying physical hardware, centralized management of baseline images and patches, and the ability to keep sensitive data in the data center. They also explore the shared responsibility model in cloud computing, where the cloud provider is responsible for the secu...
Entra Follow-up, Helpdesk Security, Certifications
April 16, 2024 12:00 - 33 minutes - 27.1 MBIn this episode, Andy and Adam clarify some points from the previous episode and discuss two main topics: mitigating social engineering attacks on IT help desks and the value of certifications in cybersecurity. They provide practical tips for securing IT help desks, such as requiring callbacks, video verifications, and supervisor verification. They also share their thoughts on certifications, highlighting the importance of experience and continuous learning over the number of certifications....
Managed Machines, E3 vs E5
April 09, 2024 12:00 - 28 minutes - 22.8 MBIn this episode of the Blue Security Podcast, Andy Jaw and Adam Brewer discuss two main topics: the importance of managed devices for improving security posture and the bundling of security solutions in Microsoft licensing. They highlight the shift towards requiring Intune and Azure AD joined devices for improved device management and security. They also address the question of why Microsoft doesn't include more security solutions in their basic bundles, explaining the challenges of bundling...
Teams External User Phishing
April 02, 2024 12:00 - 36 minutes - 29 MBThis episode of the Blue Security Podcast discusses the issue of finding logs for chats between external and internal users in Microsoft Teams. The hosts explore various methods for detecting and alerting on suspicious chats, including using KQL queries, creating workbooks, and leveraging communication compliance features. They also highlight the connection between Teams, Exchange Online, and SharePoint, and the importance of protecting against malicious links and educating users about phish...
Midnight Blizzard Update, CISO Technical Skills, BEC + Automatic Attack Disruption
March 26, 2024 12:00 - 30 minutes - 24.7 MBThis episode covers updates on the Midnight Blizzard attack, the role of CISOs and their technical expertise, the need for international standards in cyber warfare, and defending against business email compromise. Takeaways -Microsoft provides an update on the Midnight Blizzard attack, revealing attempts to gain unauthorized access to internal systems. -The technical expertise of CISOs is important, but they don't need to be deeply technical. Understanding the solutions, threats, and bein...
Microsoft Secure Recap
March 19, 2024 12:00 - 44 minutes - 34.3 MBThis episode of the Blue Security Podcast covers the announcements made at Microsoft Secure, focusing on Microsoft Copilot for Security, Microsoft Security Exposure Management, and updates to Microsoft Purview and Intune. The episode also highlights the integration of Copilot with Intune and the economic study that demonstrates the increased efficiency and accuracy of security analysts when using Copilot. Overall, the announcements showcase the advancements in Microsoft's security offerings ...
FBI Internet Crimes Report and BEC Protection
March 12, 2024 12:00 - 25 minutes - 20.1 MBIn this episode, the hosts discuss the FBI's 2023 internet crime report, focusing on the increase in money lost to internet crimes and the age group most vulnerable to cybercrime. They then delve into the topic of business email compromise (BEC), explaining how scammers use email to trick individuals and businesses into giving money or divulging confidential information. The hosts provide tips for protecting against BEC, including using secure email gateways, implementing multi-factor authen...
Application Allow Listing, iMessage Post Quantum
March 05, 2024 13:00 - 32 minutes - 30.8 MBSummary In this episode, Andy and Adam discuss the concept of application allow listing and the controversy surrounding the removal of Wireshark from company computers. They also delve into the announcement by Apple that iMessage is moving to post-quantum level 3 encryption, making it one of the most secure messaging apps available. The hosts highlight the importance of communication and risk assessment in the field of information security. They also emphasize the need for organizations to ...
Edge Password Vault, SSO, Domain Admin Creds
February 27, 2024 13:00 - 34 minutes - 32.7 MBSummary In this episode, the hosts discuss the Edge password vault and its pros and cons. They highlight the ability to sync passwords to an enterprise ID and the encryption of passwords on the disk. However, they also mention limitations such as the lack of MFA support and the inability to share passwords. The conversation then shifts to best practices for IT admins, including the separation of roles and credentials and the use of password managers. The hosts also emphasize the importance ...
Bitlocker Bypass and USAF Re-org
February 20, 2024 13:00 - 31 minutes - 30.3 MBIn this episode, Andy and Adam discuss a video demonstrating how to bypass BitLocker encryption and the mitigations that can be implemented to protect against such attacks. They emphasize the importance of information protection and how it can enhance data security. Additionally, they highlight the reorganization of the US Air Force Cyber Command, which reflects the growing significance of cybersecurity in national defense. Takeaways - Implementing mitigations such as enabling a pre-boot p...
Microsoft Sentinel Deep-Dive with Henrik Wojcik
February 13, 2024 13:00 - 48 minutes - 47.6 MBSummary In this episode, Henrik Wojcik, a Microsoft MVP, joins the hosts to discuss Microsoft Sentinel and provide a deep dive into its deployment and usage. They cover topics such as data residency and compliance considerations, separating operational logs and security logs, connectors for data ingestion, analytics rules and alert fatigue, scheduled queries and user and entity behavior analytics (UEBA), playbooks and automation, workbooks and data visualization, and advanced hunting with K...
Cloudflare Hacked, Intune Suite, Apple Stolen Device Protection
February 06, 2024 13:00 - 32 minutes - 30.6 MBSummary In this episode, the hosts discuss the Cloudflare and Okta breach, the response and remediation efforts, the introduction of the Intune Suite, and the new stolen device protection feature on the iPhone. Takeaways Nation-state attackers have unlimited time to find weaknesses and exploit them, highlighting the asymmetrical nature of cybersecurity. Cloudflare's response and remediation efforts, including re-imaging and rebooting all systems on their global network, were impressive. ...
Midnight Blizzard Attack on Microsoft
January 30, 2024 13:00 - 29 minutes - 27.9 MBSummary In this episode, the hosts discuss the midnight blizzard attack on Microsoft and the lessons that can be learned from it. They cover topics such as learning from security incidents at other organizations, the details of the attack, OAuth attacks, and OAuth security recommendations. The hosts emphasize the importance of auditing privileges, reviewing OAuth applications, and implementing strong security measures to prevent similar attacks. They also highlight the need for organization...
X accounts hacked, 23andMe revisited, CA for Entitlement Management
January 23, 2024 13:00 - 30 minutes - 28.9 MBSummary This episode of the Blue Security Podcast discusses the recent Twitter account hacks and the importance of multifactor authentication (MFA) in protecting social media accounts. The hosts also explore the lessons learned from 23andMe's credential stuffing attack and emphasize the need for MFA in handling sensitive customer information. They introduce a new feature called entitlement management in conditional access, which allows for more granular control over guest access. The episod...
Entra Join is the way
January 16, 2024 13:00 - 42 minutes - 41.3 MBIn this episode, Andy and Adam discuss the transition from hybrid join to cloud native Entra Join for device management. They explain the difference between device identity and device management and how they can be managed separately. They address concerns about GPOs and highlight the importance of reevaluating device management strategies. They also discuss accessing on-premises resources, overcoming Wi-Fi authentication challenges, and the shift away from gold images. The episode concludes...
Entra improvements, QR Code phishing, AppGuard deprecated
January 09, 2024 15:00 - 33 minutes - 32.6 MBIn this episode, Andy and Adam discuss updates to the Microsoft Authenticator app, including its phish-resistant capabilities and FIPS compliance. They also highlight the rise of QR code phishing and provide tips on protecting users from this type of attack. Additionally, they discuss the deprecation of Application Guard and the Evaluation Lab in the Microsoft Security Stack. Takeaways -The Microsoft Authenticator app is becoming phish-resistant and will support device-bound passkeys, prov...
Common PIM mistakes
January 01, 2024 14:45 - 29 minutes - 25.1 MBIn this episode, the hosts discuss Privileged Identity Management (PIM) and common misconceptions and mistakes related to its configuration. They cover topics such as configuring MFA in PIM, different MFA experiences, mitigations for MFA in PIM, authentication context in PIM, requiring approval to activate roles in PIM, considerations for role activation, mitigating role lockout, and using PIM for non-Microsoft apps. They also highlight the ability to use PIM for non-Azure resources, expandi...
Microsoft Digital Defense Report 2023
December 25, 2023 15:00 - 54 minutes - 52.1 MBMicrosoft's Digital Defense Report for 2023 provides insights into the state of cybercrime, critical cybersecurity challenges, and the importance of IoT and OT security. The report highlights Microsoft's investment in security research and innovation, as well as the need for partnerships and collaboration in the cybersecurity community. Key takeaways include the importance of multi-factor authentication, zero trust principles, and vulnerability management. The report also emphasizes the need...
Audits and Data/AI Security with Special Guests Carley Salmon and Megan Maley
December 18, 2023 15:16 - 58 minutes - 49.8 MBOn this episode, Adam and Andy talk with Carley and Megan, about compliance, auditing, and data protection in the cybersecurity industry. They emphasize the importance of understanding compliance frameworks and preparing for audits with the help of partners or consultants. They also highlight the need for continuous monitoring and a shift away from checkbox security. The conversation touches on the challenges of interpreting controls and the potential for risk acceptance. The experts discuss...
CNAPP - Defender for Cloud Overview
December 11, 2023 15:00 - 34 minutes - 28.6 MBThis episode of the Blue Security Podcast discusses the Cloud Native Application Protection Platform (CNAPP) and Microsoft's Defender for Cloud. The hosts provide an overview of CNAPP and its various components, including DevSecOps, security posture management, and cloud workload protection platform. They highlight the ease of deployment and the pay-as-you-go pricing model of Defender for Cloud. The episode also covers the integration of Sentinel and M365 Defender into the Defender Security ...
MeridianLink extortion, Plastic Surgery office breached, AI voice clones
December 04, 2023 15:00 - 33 minutes - 32.3 MBOn this week's episode, Adam and Andy talk about a ransomware gang making an SEC complaint against their victim, a medical office breach, and AI voice clones. ------------------------------------------- Youtube Video Link: https://youtu.be/iGgp8SurXM8 ------------------------------------------- Documentation: https://www.bleepingcomputer.com/news/security/ransomware-gang-files-sec-complaint-over-victims-undisclosed-breach/ https://www.8newsnow.com/investigators/hackers-target-...
Microsoft Ignite 2023 - Part 2
December 04, 2023 14:57 - 49 minutes - 49 MBOn this week's episode, Adam and Andy talk about more things on security from Microsoft Ignite. From canary capabilities in MDE to Automatic Conditional Access Policies, there are a TON of really amazing announcements. Tune in to hear the 2nd half of Ignite news! ------------------------------------------- Youtube Video Link: https://youtu.be/Pl010QG_n5I ------------------------------------------- Documentation: https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoin...
Microsoft Ignite 2023 - Part 1
November 20, 2023 17:48 - 40 minutes - 40.6 MBOn this week's episode, Adam and Andy talk about all the security announcements from Microsoft Ignite 2023. There were SO many that this will be part 1 with another episode being released in the following week. Listen in to some of the amazing advancements with Copilot, generative AI, and security within the Microsoft portfolio! ------------------------------------------- Youtube Video Link: https://youtu.be/wXIJJhNv-pI ------------------------------------------- Documentation: http...
Okta Breach Follow-up and Passkeys
November 13, 2023 15:00 - 37 minutes - 37.5 MBOn this week's episode, Andy and Adam talk about the follow up investigation from Okta about their support system breach along with some lessons that listeners can take away. They also talk about passkeys going mainstream and what that means for the future of passwordless. ------------------------------------------- Youtube Video Link: https://youtu.be/5Cz07OKHAII ------------------------------------------- Documentation: https://arstechnica.com/information-technology/2023/11/no-okta-s...
SEC charges Solarwinds CISO & Backing up and Archiving M365 data
November 12, 2023 22:47 - 35 minutes - 34.8 MBOn this week's episode, Andy and Adam talk about the SEC charging the Solarwinds CISO with fraud and the implications on the overall security leadership community. They also talk about some questions that came up about backing up and restoring M365 data and a new capability coming out in public preview very soon! ------------------------------------------- Youtube Video Link: https://youtu.be/1FIZOQMXZBg ------------------------------------------- Documentation: https://www.sec.gov/new...
23andMe, Okta breach, MDE Automatic Attack Disruption
October 30, 2023 14:07 - 33 minutes - 35.4 MBOn this week's episode, Andy and Adam talk about the 23andMe and Okta breach that happened recently along with some recommendations on how organizations can try and prevent similar attacks in the future. They also talk about a revolutionary new feature in Microsoft Defender for Endpoint called Automatic Attack Disruption. They talk about how it works and how organizations can take advantage of it even if MDE is not your incumbent or primary EDR/XDR. -----------------------------------------...
Entra Web-sign in, MDE Device Control, Imposter Syndrome
October 23, 2023 17:46 - 22 minutes - 22 MBOn this week's episode, Andy and Adam talk about some new features with Entra Web Sign-in and Microsoft Defender for Endpoint Device Control. They also talk about what every infosec professional goes through: imposter syndrome. ------------------------------------------- Youtube Video Link: https://youtu.be/AiU8tjl_oPA ------------------------------------------- Documentation: https://learn.microsoft.com/en-us/windows/security/identity-protection/web-sign-in/?tabs=intune https://techco...
Conditional Access Gap Analysis
October 19, 2023 19:17 - 27 minutes - 27.4 MBOn this week's episode, Andy and Adam talk about how to think about your conditional access policy design to avoid some common gaps that attackers can take advantage of. ------------------------------------------- Youtube Video Link: https://youtu.be/ULO9oRqJaV4 ------------------------------------------- Documentation: https://danielchronlund.com/2022/01/07/the-attackers-guide-to-azure-ad-conditional-access/ https://learn.microsoft.com/en-us/azure/active-directory/reports-monitori...
Unpopular Cybersecurity Opinions
October 09, 2023 13:59 - 33 minutes - 33.7 MBOn this week's episode, Andy and Adam talk about a fun Twitter/X thread where cybersecurity professionals expressed some "unpopular opinions." ------------------------------------------- Youtube Video Link: https://youtu.be/qEV3zbskXX8 ------------------------------------------- Documentation: https://x.com/merill/status/1700615539452965327?s=20 https://x.com/wdormann/status/1702800210072670299?s=20 https://x.com/IBRice101/status/1704091544544842022?s=20 https://x.com/BrianHaugli/st...
JCI Ransomware, Ransomware Negotiations, CISA guidance
October 02, 2023 14:00 - 26 minutes - 27.4 MBOn this week's episode, Andy and Adam talk about Johnson Controls' ransomware attack and some implications on national security. They also talk about some lessons learned from ransomware negotiations and CISA's new campaign, Secure Your World. ------------------------------------------- Youtube Video Link: https://youtu.be/bslx3jol8tg ------------------------------------------- Documentation: https://www.bleepingcomputer.com/news/security/building-automation-giant-johnson-controls-hit-b...
MITRE Engenuity ATT&CK Evaluations and Insider Risk
September 26, 2023 14:26 - 24 minutes - 24.7 MBOn this week's episode, Andy and Adam talk about the results of the MITRE Engenuity ATT&CK Evaluations and how to interpret them. They also talk about the rising costs of insider risk and some things you can do to combat insider risk. ------------------------------------------- Youtube Video Link: https://youtu.be/FF1ZD73X5nA ------------------------------------------- Documentation: https://attackevals.mitre-engenuity.org/enterprise/turla/ https://www.microsoft.com/en-us/security/b...
MGM Resorts Security Incident
September 18, 2023 14:00 - 35 minutes - 36.5 MBOn this week's episode, Andy and Adam talk about the security incident impacting MGM Resorts. They discuss the attack vector of social engineering and ways that you can help protect your helpdesk and users from this type of attack. ------------------------------------------- Youtube Video Link: https://youtu.be/2UvrVA7u4VA ------------------------------------------- Documentation: https://www.vox.com/technology/2023/9/15/23875113/mgm-hack-casino-vishing-cybersecurity-ransomware https:...
Apple 0-day's, Storm-0558 follow up, MFST Conditional Access Dashboard
September 11, 2023 13:38 - 33 minutes - 33.8 MBOn this week's episode, Andy and Adam talk about Apple's no-click zero day, the technical findings of the follow up investigation on Storm-0558, and the new Microsoft Conditional Access Dashboard and Templates. ------------------------------------------- Youtube Video Link: https://youtu.be/BmHqNkQQx8I ------------------------------------------- Documentation: https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/ https://support.appl...
Data Security in Microsoft 365
September 04, 2023 14:00 - 33 minutes - 33.5 MBOn this week's episode, Andy and Adam talk about data security in Microsoft 365. They talk about data discovery, data classification, and some of the tools like sensitivity and retention labels to help keep your data security within M365. ------------------------------------------- Youtube Video Link: https://youtu.be/rZErX9s03zM ------------------------------------------- Documentation: https://learn.microsoft.com/en-us/purview/plan-for-security-and-compliance -----------------...
Side channel attack, White House cybersecurity workforce plan, IBM Cost of a Data Breach
August 28, 2023 14:00 - 40 minutes - 39.9 MBOn this week's episode, Andy and Adam catch up some worthy infosec news including a new side channel attack, the White House cybersecurity workforce plan, and IBM's Cost of a Data Breach report. ------------------------------------------- Youtube Video Link: https://youtu.be/CkQ19CGiEeE ------------------------------------------- Documentation: https://www.bleepingcomputer.com/news/security/new-acoustic-attack-steals-data-from-keystrokes-with-95-percent-accuracy/ https://www.whit...
Red Teaming with Special Guest 23P
August 21, 2023 14:00 - 37 minutes - 32.8 MBOn this week's episode, Andy and Adam talk with Michael Belton and Dave Falkenstein from 23p, a Madison, Wisconsin based red-teaming company about pentesting, purple teaming, and start out in red-teaming. ------------------------------------------- Youtube Video Link: https://youtu.be/msWQ0mH-fUQ ------------------------------------------- Documentation: https://www.23p.com/ http://www.23p.com/s/23p-BlueSecurityPodcast-InfamousDefaults.pdf Michael Belton Email: [email protected] Lin...
Securing Entra External Identities
August 14, 2023 14:00 - 26 minutes - 27.1 MBOn this week's episode, Andy and Adam talk about securing Entra external identities. They talk about B2B and B2C as well as a few other lesser known features of external identities like direct connect and multi-tenant synchronization. ------------------------------------------- Youtube Video Link: https://youtu.be/V1_RIGQKUYI ------------------------------------------- Documentation: https://learn.microsoft.com/en-us/azure/active-directory-b2c/supported-azure-ad-features https://le...
Educating Defenders with Special Guest Howard Friedman, Ascent Solutions
August 07, 2023 15:35 - 40 minutes - 38.6 MBOn this week's episode, Andy and Adam welcome guest Howard Friedman of Ascent Solutions to the program. Howard helps educate our audience of security defenders on the why, when, and how to engage with partners. ------------------------------------------- Youtube Video Link: https://youtu.be/Q3GgxefbbnQ ------------------------------------------- Documentation: https://www.meetascent.com/ https://partner.microsoft.com/en-my/community/my-partner-hub/intelligent-cloud/funding ---------...
New SEC and FCC rules, and Samsung device security
July 31, 2023 14:00 - 25 minutes - 25.9 MBOn this week's episode, Adam and Andy talk about some new SEC and FCC rules as well as some news on Samsung device security. ------------------------------------------- Youtube Video Link: https://youtu.be/_N7WBSuDW9s ------------------------------------------- Documentation: https://www.sec.gov/news/press-release/2023-139https://www.theverge.com/2023/7/11/23791183/fcc-sim-swapping-port-out-phone-hijacking-security-protectionhttps://www.usatoday.com/story/news/politics/2023/07/18...