Uncovering innovation in uncommon places. Spotlighting unsung creators, heroic subversives, extraordinary social entrepreneurs and mind-bending iconoclasts and anyone else who provokes enlightenment.
…
continue reading
Content Conversations features interviews with B2B marketers and content creators about content strategies, tactics and technologies that grow revenue and relationships.
…
continue reading
Welcome to All Things Education, where we discuss everything surrounding the world of education. Join us for real-life discussions that are practical, down-to-earth, and true.
…
continue reading
The security repo is a podcast that focuses on real world security issues we are all facing today. We will take deep dives into news events and have exclusive interviews with security leaders on the ground.
…
continue reading
1
Nuclear Security & Cyber Resilience: Insights from KPMG's Andrew Elliot
37:02
37:02
Play later
Play later
Lists
Like
Liked
37:02
Today we dive into the fascinating world of nuclear energy and cybersecurity with Andrew Elliot, a senior manager at KPMG's cybersecurity team. Andrew shares his journey from a nuclear engineer to a cybersecurity expert, providing unique insights into the importance of security culture, the resurgence of nuclear energy, and the critical role of cyb…
…
continue reading
1
Securing the Future - The Art of Threat Modeling with Paul McCarty
32:50
32:50
Play later
Play later
Lists
Like
Liked
32:50
In this episode of The Security Repo, we dive deep into the world of threat modelling with Paul McCarty, a veteran in the field of DevSecOps and founder of SecureStack. Paul shares his journey from being a Unix admin to working with high-profile organizations like NASA and GitLab. We explore the essentials of threat modeling, the significance of cl…
…
continue reading
1
Pen Testing in Academia - University Cybersecurity Challenges with JR Johnson
40:19
40:19
Play later
Play later
Lists
Like
Liked
40:19
In this episode of The Security Repo, we dive into the fascinating world of cybersecurity with JR Johnson, a seasoned information security professional with over 14 years of experience. JR shares his journey from web development to penetration testing and cybersecurity consulting, highlighting the unique challenges faced by higher education institu…
…
continue reading
1
From Desktop Support to Red Team: Brendan Hohenadel Journey in Cybersecurity
40:14
40:14
Play later
Play later
Lists
Like
Liked
40:14
Join us in this episode of The Security Repo Podcast as we dive into the world of cybersecurity with Brendan Honadle. From his humble beginnings in desktop support to becoming a skilled red teamer, Brendan shares his inspiring journey and fascinating stories from the field. Discover the strategies, tools, and techniques used in offensive security, …
…
continue reading
1
Navigating AI in Cybersecurity: Insights from Sonya Moisset
36:58
36:58
Play later
Play later
Lists
Like
Liked
36:58
In this episode of The Security Repo, we are thrilled to welcome Sonya Moisset, a Senior Advocate at Snyk and a renowned expert in DevSecOps, cybersecurity, and AI. With a wealth of experience as a public speaker, mentor, and top contributor to the tech community, Sonya shares her deep insights into the evolving landscape of AI in cybersecurity. Jo…
…
continue reading
1
Securing Kubernetes Dashboards: Insights from Tremolo Security's CTO
39:47
39:47
Play later
Play later
Lists
Like
Liked
39:47
In this episode of The Security Repo, Dwyane McDaniel and Marc Boorshtein delve into the intricacies of Kubernetes dashboard security. Marc, the CTO of Tremolo Security, brings his extensive experience in identity and access management to the table, discussing the challenges and best practices for securing Kubernetes dashboards. The conversation ex…
…
continue reading
1
The Secrets behind GitGuardian: Building a security platform with Eric Fourrier
45:39
45:39
Play later
Play later
Lists
Like
Liked
45:39
Join us this week as we host Eric Fourrier, co-founder and CEO of GitGuardian. Discover the journey of GitGuardian from a side project to a leading code security platform. Eric shares insights on the startup's growth, the integration of AI in security, and the future of protecting digital assets. Tune in for an engaging discussion on advancing code…
…
continue reading
1
Solving Secret Zero: The Future of Machine Identities & SPIFFE with Mattias Gees
42:02
42:02
Play later
Play later
Lists
Like
Liked
42:02
Today we dive into the challenges of securing modern IT infrastructures, focusing on "Secret Zero" and its implications for authentication practices. Our guest, Mattias Gees of Venify, discusses the SPIFFE framework and its role in transitioning from traditional security methods to dynamic workload identities. We explore practical strategies for im…
…
continue reading
1
Building secure platforms with Kubernetes: Bridging the DevOps-Security Divide with John Dietz
56:38
56:38
Play later
Play later
Lists
Like
Liked
56:38
This week, we dive deep into the world of Kubernetes with John Dietz, co-founder of Kubefirst and a seasoned IT professional with over two decades of experience. John shares his extensive insights into the transformative power of Kubernetes and infrastructure as code (IaC) in modern cloud environments. Reflecting on his personal journey from skepti…
…
continue reading
1
Authorization vs. Authentication: Decoding the Layers of Security with Emre Baran
34:25
34:25
Play later
Play later
Lists
Like
Liked
34:25
In this episode we dive deep into the world of authorization with Emre Baran, CEO and co-founder of Cerbos. As a seasoned entrepreneur and software expert, Emre brings over 20 years of experience to the table, discussing the subtle yet significant distinctions between authorization and authentication, and why these concepts are pivotal in today's c…
…
continue reading
1
Unpacking ASPM: Trends, Truths, and the Future of Security Tools
28:34
28:34
Play later
Play later
Lists
Like
Liked
28:34
In this engaging episode of "The Security Repo," host Dwayne McDaniel and esteemed guest Rachel Stephens, delve into the rapidly evolving world of security tooling, with a special focus on the buzz around Application Security Posture Management (ASPM). They tackle the complexities and confusions surrounding the burgeoning category of security solut…
…
continue reading
1
Decoding Security: An Analyst's Perspective on Trends and Tools
31:05
31:05
Play later
Play later
Lists
Like
Liked
31:05
In this episode of The Security Repo podcast, we dive deep into the evolving landscape of security within software development with our guest, Rachel Stephens, a senior analyst at RedMonk. Rachel sheds light on the broader implications of the "shift left" movement, emphasizing the integration of security practices throughout the entire software dev…
…
continue reading
1
Building Conferences and Communities in Cybersecurity with Huxley Barbee
42:40
42:40
Play later
Play later
Lists
Like
Liked
42:40
This week, join us as we sit down with Huxley Barbee, the lead organizer of B-Sides New York City and a security evangelist at RunZero. With over two decades of experience as a software engineer and security consultant, Huxley shares his profound insights and journey through the evolving landscape of cybersecurity.From his early days attending DefC…
…
continue reading
1
The Evolution of DevSecOps: Strategies for Integrating Security into DevOps with Gregory Zagraba
36:37
36:37
Play later
Play later
Lists
Like
Liked
36:37
This episode of The Security Repo Podcast features an insightful discussion with Gregory Zagraba on the challenges and strategies of integrating security practices within the DevOps landscape. Covering the evolution of DevOps, the emergence of DevSecOps, and the importance of a culture shift in large organizations, the conversation delves into prac…
…
continue reading
1
Hacking the Hackers: The Art of Compromising C2 Servers with Vangelis Stykas
34:39
34:39
Play later
Play later
Lists
Like
Liked
34:39
In this episode of the Security Repo podcast, listeners will dive into the intriguing world of hacking the hackers with Vangelis Stykas. Stykas, a notable figure in cybersecurity, shares his experiences and methodologies for compromising C2 servers—central nodes used by hackers to control malware-infected computers. He reveals how simple web applic…
…
continue reading
1
The Evolution of Offensive Security with Erik Cabetas
41:41
41:41
Play later
Play later
Lists
Like
Liked
41:41
In this episode, we delve into the mind of Erik Cabetas, a renowned figure in offensive security and Defcon CTF winner. Erik shares his unique journey from hacking to offensive security, detailing the critical turning points that shaped his career. Together with Mackenzie and Dwayne, Eric discusses the evolution of security practices, the importanc…
…
continue reading
1
From Bank Heists to Security Insights: The Jayson E. Street Story
55:19
55:19
Play later
Play later
Lists
Like
Liked
55:19
In this episode of The Security Repo, Jayson E. Street delves into his unconventional journey into cybersecurity, emphasizing the essence of hacking as a manifestation of curiosity rather than mere technical skill. He shares anecdotes from his extensive experience in ethical hacking, including bank heists and corporate security breaches, to undersc…
…
continue reading
1
Reducing the noise: Cutting through the data in security Buck Bundhund
40:05
40:05
Play later
Play later
Lists
Like
Liked
40:05
In this episode of "The Security Repo," hosts Dwayne McDaniel and Mackenzie Jackson delve into the intricate world of cybersecurity with Buck Bundhund, an expert from Centripetal Networks. The conversation kicks off with an exploration of the pervasive issue of data noise – the influx of non-intended data into organizational networks, posing signif…
…
continue reading
1
Solving the bottom turtle: Fixing the authentication problem with Ethan Heilman
34:00
34:00
Play later
Play later
Lists
Like
Liked
34:00
In security you have likely heard the expression turtles all the way down, the concept the world is held up on the back of a turtle who is standing on the back other another turtle, and so on.. This can be used to describe the current state of security, where everything can dramatically fall over if the bottom turtle fails. In this episode, we disc…
…
continue reading
1
The right tool for the job: Finding and evaluating security tools with James Berthoty
41:44
41:44
Play later
Play later
Lists
Like
Liked
41:44
In this episode, James Berthoty shares insights into his project, Latio Tech, which provides a comprehensive list of cloud security tools and resources. James highlights the challenges of vendor assessments and the importance of bridging knowledge gaps in cloud security. He also shares trends in the security tooling industry and offers advice for s…
…
continue reading
1
Securing our APIs - Thinking differently about API Security with Isabelle Mauny
43:52
43:52
Play later
Play later
Lists
Like
Liked
43:52
In this episode, Mackenzie and Dwayne dive into a discussion on API security with special guest Isabelle Mauny, co-founder and CTO of 42Crunch. We walk through the differences API security has compared with traditional application security, and its growing importance in today's technology landscape. We also have a discussion about the challenges an…
…
continue reading
1
Revolutionizing SAST: Bridging the Gap for Modern Developers with Nipun Gupta
28:43
28:43
Play later
Play later
Lists
Like
Liked
28:43
In this episode of The Security Repo, Mackenzie Jackson sits down with Nipun Gupta, the Chief Operating Officer of Bearer, a leading security company at the forefront of innovation in the cybersecurity landscape. Join us as we delve deep into the world of Static Application Security Testing (SAST) and explore why traditional SAST tools are struggli…
…
continue reading
1
API Security Unveiled: Safeguarding the Heart of Modern Applications
30:33
30:33
Play later
Play later
Lists
Like
Liked
30:33
In this episode of "The Security Repo," your hosts Mackenzie Jackson and Dwayne McDaniel are joined by a distinguished guest, Dan Barahona, as they embark on an eye-opening exploration of API security. As the digital landscape evolves at breakneck speed, APIs (Application Programming Interfaces) have become the backbone of modern applications, maki…
…
continue reading
1
Guarding Against Deception: The Art of Detecting and Defending Against Social Engineering
32:48
32:48
Play later
Play later
Lists
Like
Liked
32:48
In this episode of The Security Repo, your hosts Mackenzie Jackson and Dwyane McDaniel are joined by the brilliant Reanna Schultz, a seasoned expert in the field of cybersecurity. Together, they delve deep into the world of social engineering, exploring what it is, how to detect it, and crucially, how to arm your staff against its deceptive tactics…
…
continue reading
1
Contextual Security: Revolutionizing Developer-Focused Cybersecurity with James Wickett
33:28
33:28
Play later
Play later
Lists
Like
Liked
33:28
In this eye-opening episode of The Security Repo, we welcome James Wickett, the CEO and co-founder of DryRun Security, a visionary in the realm of cybersecurity. James unveils a groundbreaking concept known as "Contextual Security," a game-changer that empowers developers with unprecedented security insights while they write code.As our hosts and c…
…
continue reading
1
Mastering Physical Security: Unveiling the Secrets with Brice Self
35:13
35:13
Play later
Play later
Lists
Like
Liked
35:13
In this captivating episode of The Secuerity Repo, we delve into the world of physical security with our esteemed guest, Brice Self. With over a decade of experience in the field, Brice brings a wealth of knowledge and real-world insights to the table.This episode takes a deep dive into the intricate aspects of physical security, particularly in hi…
…
continue reading
1
Secrets inside packages, scanning Python PyPi for credentials with Tom Forbes
35:44
35:44
Play later
Play later
Lists
Like
Liked
35:44
In this episode, we sit down with Tom Forbes to discuss his 'side project gone wrong' and how he found live AWS credentials inside many Python packages hosted on PyPi. Tom didn't expect to find sensitive information inside public Python packages, but was surprised when he was contacted about removing data from his GitHub project. After some researc…
…
continue reading
1
Artificial intelligence, a friend or foe in cyber security - with Simon Maple from Snyk
38:03
38:03
Play later
Play later
Lists
Like
Liked
38:03
With the rapid development of AI we are often left wondering if AI is our friend or foe in security. In this episode, I sit down with Simon Maple from Snyk to discuss just that. We explore the different applications of AI in security and where the future is going. It's an interesting discussion so you don't want to miss it!Show Links: Snyk.io Blog:…
…
continue reading
1
Scaling security and AppSec in fast moving enterprises with Jeevan Singh
38:12
38:12
Play later
Play later
Lists
Like
Liked
38:12
Application security can be a difficult task at all levels of a company. But as a start-up grows into an enterprise, or existing companies evolve. How do you effectively scale your security program? We have an amazing guest, Jeevan Sinhg who is the director of product security at Twilio and he is here to talk about how to scale an application secur…
…
continue reading
1
Enterprise Software Distribution - Managing updates and security in enterprise software at scale
37:53
37:53
Play later
Play later
Lists
Like
Liked
37:53
One of the many advantages of the cloud revolution is that SaaS products are continuously updated, security issues are patched quickly, and it's something the consumers are less concerned about. But what about enterprise products, how do you get that same level of update efficiency and security on large on-premise products. This is one of the topic…
…
continue reading
1
Securing data in a world of AI with Jeremiah Jeschke
29:43
29:43
Play later
Play later
Lists
Like
Liked
29:43
Many companies are banning AI systems like ChatGPT to prevent data from being leaked, but is that a viable solution? We sit down with Jeremiah Jeschke, the CEO at OfficeAutomata, to discuss the future of security in a world of ChatGPT and other AI systems. Links: Office Automata: https://officeautomata.com/ Linkedin https://www.linkedin.com/in/jere…
…
continue reading
1
Getting boardroom buy-in for security - CISO conversations with Walt Powell
37:16
37:16
Play later
Play later
Lists
Like
Liked
37:16
Getting funding to build effective security programs is challenging and often it fails because security leaders are not telling the boardroom the right 'story'. In this episode with Walt Powell we discuss exactly how to overcome these challenges by understanding how to effectively communicate with the board by expressing security challenges into a …
…
continue reading
1
Social engineering, phishing and building grass roots communities with Dan and Ken
48:34
48:34
Play later
Play later
Lists
Like
Liked
48:34
In this episode, we sit down with Daniel Niefeld and Kenneth Nevers to talk about their journey into security, creating security conferences and building grass roots cyber communities. Get your tickets to RedHackCon free (save $200) as a Security Repo Listener use the code HRCGGuardian23 when purchasing tickets https://www.hackredcon.com/ (First 5 …
…
continue reading
1
Code signing and securing the software supply chain with Billy Lynch
34:44
34:44
Play later
Play later
Lists
Like
Liked
34:44
In this episode, we go on a deep dive with Billy Lynch from Chainguard into application and code signing and how it can be used to ensure the supply chain is legitimate. Billy has an impressive background including spending 8 years at Google before joining Chainguard and not only helps us understand how signing can be used in security but also what…
…
continue reading
1
Getting started in AppSec with Tanya Janca SheHacksPurple
48:22
48:22
Play later
Play later
Lists
Like
Liked
48:22
In this episode, we sit down with Tnaya Janca and discuss her journey from being a developer for government agencies to becoming one of the most recognizable faces in application security and cyber security in general. This episode is especially great for anyone thinking about starting a career in cyber security and wants to know how to get started…
…
continue reading
1
Securing the remote workforce, the future of cloud development environments
26:15
26:15
Play later
Play later
Lists
Like
Liked
26:15
In this episode, we sit down with Vedran Jukic, co-founder and CTO of Code Anywhere and Tomma Pulljak Senior Developer at Code Anywhere to talk about the future of development environments. We go into detail on exactly what cloud development environments are and how they can help keep the remote workforce of today secure. Links: https://codeanywher…
…
continue reading
1
Understanding digital forensics with Desi - A deep dive post breach investigations
29:23
29:23
Play later
Play later
Lists
Like
Liked
29:23
In this episode we sit down with Desi who is an expert in digital forensics. We explore exactly what digital forensics is, how it can be used to catch cyber criminals and what can we do in a breach to preserve evidence. It is a fascinating conversation and full of great information from the inner workings of forensics to the crazy world of deep fak…
…
continue reading
1
The hacker in the board room: The journey from hacker to CISO with Jason Haddix
55:40
55:40
Play later
Play later
Lists
Like
Liked
55:40
Have you ever wanted to know how to hack a bank? If so this is the episode for you (disclaimer, please don't hack banks). Jason Haddix is someone that needs little introduction in the security world. In this Podcast, we were fortunate enough to sit down and discuss Jason's beginnings as a hacker through to how he made it all the way to the board ro…
…
continue reading
1
Security landscape in 2023 : Insights from the ground at RSA (Special Edition Episode)
15:25
15:25
Play later
Play later
Lists
Like
Liked
15:25
In this special edition episode, we tracked down a few of the key thought leaders in cyber security around the RSA conference to ask them what they thought were the biggest security concerns for 2023 as well as some key recommendations for organizations to combat them. Their insights were fascinating. This episode features: Feross Aboukhadijeh - Fo…
…
continue reading
1
Modern ransomware: How hackers are targeting your organization with Adriel Disatel and Noah Tongate
44:58
44:58
Play later
Play later
Lists
Like
Liked
44:58
In this episode we sit down with legendary pen tester Adriel Disatel and Noah Tongate to discuss how modern cyber criminals are operating to deploy modern ransomware attacks. The conversation is full of real life hacking stories and to the point information on how you can protect yourselves against modern threats. Links: Netragard Publications http…
…
continue reading
1
Understanding intent based access control with Uri Sarid
28:24
28:24
Play later
Play later
Lists
Like
Liked
28:24
In this episode of the Security Repo we dive into intent-based access control. This is the concept of limiting access to just what is intended, it sounds simple enough, But how does one understand and define the intent? And more importantly, how to we enforce our intentions with access control? This week's guest is Uri Sarid, he is a man with a lon…
…
continue reading
1
Multi Factor Authentication for APIs with Anusha Iyer
30:13
30:13
Play later
Play later
Lists
Like
Liked
30:13
APIs are what run the internet today, modern applications are no long monoliths, they are built upon hundreds of microservices and APIs are the glue that connects them. API security, however, is a massive blind spot for many organizations, from misconfigurations to leaked secrets, APIs give attackers ample opportunity to make intrusions into your s…
…
continue reading
1
Offensive security tools with Brendan O'Leary from ProjectDiscovery
31:55
31:55
Play later
Play later
Lists
Like
Liked
31:55
In this episode we are joined by Brendan O'Leary from ProjectDiscover we learn about the tools that hackers, bug bounty hunters, and red teams use to be able to map infrastructure and find vulnerabilities. Brendan is the head of community for ProjectDiscovery which is a company that builds open-source tools to help organizations find and discover t…
…
continue reading
1
Threat modeling in security with Audrey Long
38:56
38:56
Play later
Play later
Lists
Like
Liked
38:56
Have you ever wanted to threat model the death star from Star Wars? Well this is one of the many topics we discuss in the latest episode of the Security Repo podcast with our special guest Audrey Long. Audrey is a Senior Security Software Engineer at Microsoft in the Commercial Software Engineering team (CSE), which is a global engineering organiza…
…
continue reading
1
Understanding and building the SOC (Security Operations Center) - With Troy Santana
21:33
21:33
Play later
Play later
Lists
Like
Liked
21:33
In this episode of The Security Repo we are joined again by Troy Santana from Critical Start to discuss how organizations can set up a Security Operations center regardless of their size. We explore exactly what a security operations center does and why you need one in the current security climate. For more information on Critical Start please chec…
…
continue reading
1
Staff augmentation in security with Troy Santana
35:04
35:04
Play later
Play later
Lists
Like
Liked
35:04
Staff augmentation is the idea of augmenting your internal staff with consultants and tools to give you the collective knowledge of security experts for all teams. We sit down with security consultant Troy Santana to discuss exactly what staff augmentation looks like and how it can be implemented. Troy Santana joins us as a Sales Engineer for Criti…
…
continue reading
1
Episode 6: Securing the development environment with Laurent Balmelli
35:34
35:34
Play later
Play later
Lists
Like
Liked
35:34
In this episode, we sit down with Laurent Balmelli, the CEO of Strong Network, to discuss why development environments are vulnerable to malicious actors and how we can move to a secure cloud IDE (Integrated Development Environment). A cloud IDE isn't entirely new but it also isn't changing how developers are working and more importantly how develo…
…
continue reading
1
Episode 5: Product Lead Growth in Security with Ross Haleliuk
33:25
33:25
Play later
Play later
Lists
Like
Liked
33:25
Ross Haleliuk is a champion for Product Lead Growth (PLG) and in this episode sits down with Mackenzie Jackson to discuss how this concept has changed cyber security products and also how organizations can adopt a product lead growth mindset. Ross is a thought leader in the space and has many interesting publications on the topic, to find out more …
…
continue reading
1
Episode 4: Understanding confidential computing & web assembly to build secure apps
25:43
25:43
Play later
Play later
Lists
Like
Liked
25:43
Nathaniel McCallum is the former CTO and co-founder of Profian and an expert in web assembly and confidential computing. This week on the security repo Dwayne McDaniel goes on a deep dive with Nathaniel to understand web assembly and how it relates to security but also peels apart the layers that surround the term confidential computing. It is a fa…
…
continue reading
1
Epsiode 3: Implementing a DevSecOps approach to software development with Will Kelly
30:05
30:05
Play later
Play later
Lists
Like
Liked
30:05
In this episode, we invite Will Kelly to join Mackenzie and Dwyane in a conversation about implementing DevSecOps in software organizations. We tackle what DevSecOps is in reality, how can organizations implement a plan to roll out a DevSecOps approach, and the challenges that surround this. Will Kelly is a freelance writer focused on DevOps and th…
…
continue reading