BrakeSec Education Podcast
472 episodes - English - Latest episode: 25 days ago - ★★★★★ - 98 ratingsA podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Browsing more Securely
May 05, 2014 05:08 - 40 minutes - 17.9 MBThis week, we find ways to increase security when browsing the EWW (Evil Wide Web). We give a shout-out to WhiteHatSec's Aviator browser as a way for everyone to have an eleveated security posture with very little configuration required. And Mr. Boettcher and I talk about some of the plugins we use to make ourselves more secure. And Mr. Boettcher surprises me with his proclivities toward farmyard animals. Aviator Browser: https://www.whitehatsec.com/aviator/ Sandboxie: http://www.sand...
Mandiant 2014 threat report
April 28, 2014 04:04 - 46 minutes - 19.1 MBMandiant put out their 2014 Threat Report, and we got into all the meaty goodness. From the Syrian Electronic Army, Iran, and China's APT1 and APT12. Find out if the bad guys are getting smarter, or if we are just making it easier for them? Have a listen and find out. Mandiant 2014 report (registration required): http://connect.mandiant.com/m-trends_2014 Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) ...
Episode 13 - 2014 Verizon PCI Report
April 21, 2014 02:53 - 41 minutes - 18.1 MBSince 2006, Verizon has put out their yearly PCI report. We break it down, and discuss the merits of the report. 2014 Verizon Report: www.verizonenterprise.com/resources/reports/rp_pci-report-2014_en_xg.pdf Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 http://creativecommons.org/licenses/by/3.0/
Episode 12, Part 2 of our interview with Phil Beyer!
April 15, 2014 04:37 - 29 minutes - 13.1 MBThis is Part 2 of our interview with Phil Beyer. We asked him about the difference between mentoring and coaching, and we end the podcast talking about influence, the types of influence and ways to gain influence. Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 http://creativecommons.org/licenses/by/3.0/
Special Report: Heartbleednado-apoco-geddon
April 14, 2014 03:40 - 24 minutes - 10.7 MBWhois for heartbleed was registered 5 April 2014 by Marko Laasko: Whois Server Version 2.0 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. Domain Name: HEARTBLEED.COM Registry Domain ID: 1853534635_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.godaddy.com Registrar URL: http://www.godaddy.com Update Date: 2014-04-05 15:13:33 Creation Date: 2014-04-05 15:13:33 Registrar Regis...
Episode 11, Part 1: Interview with Phil Beyer
April 07, 2014 04:06 - 38 minutes - 15.7 MBThis week, we're leaving the Infosec track a bit, but this interview may be more important to being a person's development as a good Infosec person. We interviewed Mr. Phil Beyer, Director of Information Security for the Advisory Board Company. In addition to being a past president of the Capitol of Texas ISSA Chapter, he co-founded the Texas CISO Council, a regional steering committee composed of security leaders from private industry and the public sector. He recently gave a talk at Bsi...
Video1: quick renaming shortcut with Sed
April 04, 2014 05:09 - 6 minutes - 69.6 MB VideoI take a few minutes to explain a quick mass renaming shortcut using sed I use when I have multiple files that I need to rename. I used the example of spaces in filenames, but you can use this to append a name to multiple files. Another way to easily change files is to use the 'tr' command. You can change a filename from all lowercase to all uppercase letters, or even remove non-printable characters from filenames. Take a look, please leave feedback. I know there are other ways using ...
Phil Beyer's talk at Bsides Austin
March 31, 2014 19:47 - 51 minutes - 15.8 MBWe are pleased to be the only podcast to have audio of the talk Phil Beyer gave at Bsides Austin! It is a very informative talk about leadership, not just in Information Security, but how to be a leader in any field you do. Breaking Down Security will also carry a 2 part interview with Phil. The first will post on the 6th of April, and the 2nd part will be on the 13th of April. Phil uploaded the slides of this presentation at Bsides Austin at http://www.slideshare.net/pjbeyer/choose-to...
Episode 10: IDS/IPS
March 31, 2014 04:48 - 36 minutes - 13.3 MBWe discuss IDS and IPS, why they are needed, and why they get a pass on how easily they are bypassed, and why AV gets all the press... Intro "Private Eye", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 http://creativecommons.org/licenses/by/3.0/
Episode 9: Framework for Improving Critical Infrastructure Cybersecurity
March 24, 2014 02:16 - 33 minutes - 10.9 MBThis week, we got into some discussion about frameworks, and the different types of frameworks available (regulatory, "best practice", and process improvement) We also looked at the new "Framework for Improving Critical Infrastructure Cybersecurity" ratified and released last month. Does it meet with our high expectations? You'll just have to listen and find out. http://www.nist.gov/cyberframework/ Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" cr...
Episode 8: Why a simple password is not so simple...
March 18, 2014 05:58 - 43 minutes - 20.8 MBCracking great show this week! Mr. Boettcher and I got all into authentications methods, why they don't always work, and what can we do to make passwords more secure, using Mike Murray's method of 'Passphrases' over passwords... Finally, we talked about some adventure Mr. boettcher had with a friend's malware infection (it wasn't me, I promise!). He took what we learned from @hackerhurricane (Michael Gough) and is actively doing forensics on it. http://daleswanson.org/things/pas...
Episode 7, Part 2 with Kevin Johnson from SecureIdeas!
March 09, 2014 07:25 - 51 minutes - 38.5 MBThis is the Part 2 of our Interview with Kevin Johnson. During our interview, we followed him down the rabbit hole. We learned how to default rulesets in ANY rules based hardware solution sucks. We learned that being a security professional is more than just a fancy title. And finally, we learned that Kevin is a huge fan of Star Wars. DB Visualizer -- http://www.dbvis.com/ Good article on how homomorphic encryption works: http://www.americanscientist.org/issues/pub/2012/5/alice...
A thought experiment...
March 07, 2014 15:57I was on LinkedIn this morning and came across this link in the 'Pentesting' group, one of the many groups I have joined there. It's a series of case studies with a scenario and some questions to be answered in a 5,000 word essay format. http://resources.infosecinstitute.com/computer-forensics-investigation-case-study/ I thought that in the coming episodes of Brakeing Down Security, it might be interesting to spend a little time breaking down one of these case studies, analyze all the inf...
Episode 7, Part 1 - Kevin Johnson of SecureIdeas!
March 04, 2014 05:36 - 38 minutes - 18.7 MBDuring our SEC542, GIAC Web App Pentesting course, we got the pleasure and honor of sitting down with Kevin Johnson from SecureIdeas on who he is, how Samurai WTF came into being, and why we should be doing licensing for proper ethcial hackers. Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 http://creativecommons.org/licenses/by/3.0/
Episode 6 - Malware Interview with Michael Gough (Part 2)
February 24, 2014 03:09 - 45 minutes - 26.1 MBThis is part 2 of our Interview with Malware researcher Michael Gough. We talk about mobile device malware, and how the Sniper Forensic Toolkit, differs from Tripwire. Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 http://creativecommons.org/licenses/by/3.0/ "Infectedpc_primary.jpg is from bugsrepair.com
Moon Pcap
February 19, 2014 14:54I thought I'd try something a little different. I usually use the blogger.com to talk, but I didn't see a reason to waste all this excellent space, so I'll put my post here. Last night on Twitter, someone had posted a pcap file of the MOON self-replicating malware running through many newer brands of Linksys router. So I thought I would post the pcap file here for all you packet weasels to enjoy. Also, we will be posting our Part 2 of Michael Gough, an Austin-based Malware researcher, ...
Episode 6 - Malware Interview Michael Gough (Part 1)
February 17, 2014 04:13 - 41 minutes - 23.5 MBThis week, we are excited to have Michael Gough, a local malware researcher from Mi2Security on with us to talk about types of malware, infection vectors, some of the tools that users have available to them to detect and prevent malware. We also discuss who gains from malware infections, the 'bad guys', and even the AV/Malware detection companies. We also talk about how his software program "Sniper Forensic Toolkit" would detect malware. Intro "Private Eye", transition "Mining by Moonl...
Episode 5 - Interview with Frank Kim
February 10, 2014 03:01 - 19 minutes - 8.74 MBThis week, we interviewed Frank Kim, an instructor from SANS, talks about developers methods, the challenges of getting developers to code securely, and the efforts to create a culture of secure coding. Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 http://creativecommons.org/licenses/by/3.0/
Episode 4: Origin stories, and talking about reconnaissance
February 03, 2014 01:42 - 33 minutes - 14.9 MBAll superheroes have an origin story, Brian and I are not super, but we have a great origin story. This week's podcast is about how we made it into the Infosec industry, and we also discuss the value of research from an OS point of view. We also talk about mentoring and assistance for those looking to get into the InfoSec world. Intro "Private Eye" and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 http://creativecommons.or...
Episode 3 - Alerts, Events, and a bit of incident response
January 27, 2014 02:02 - 33 minutes - 30.6 MBIn this issue, we talked about upcoming podcasts with Michael Gough from MI2 Security discussing malware, and this week we get into everything about alerts, why they are important, types of alerts, levels that can occur, and even a bit of incident response in handling alerts. Intro "Private Eye" and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 http://creativecommons.org/licenses/by/3.0/
Episode 2 -- Feeling Vulnerable? - Vulnerability scanners - Go Exploit Yourself
January 20, 2014 03:35 - 40 minutes - 37.3 MBThis week Bryan and Brian talk about the uses, and sometimes pitfalls, of vulnerability scanners. Intro "Private Eye" and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 http://creativecommons.org/licenses/by/3.0/
Episode 1: Kicking some Hash!
January 15, 2014 02:45 - 39 minutes - 36.5 MBIn this inaugural episode, Bryan and Brian discuss the history of hashes, how hashes are used and how to make them more secure. Intro "Private Eye" and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 http://creativecommons.org/licenses/by/3.0/