BrakeSec Education Podcast

We are pleased to be the only podcast to have audio of the talk Phil Beyer gave at Bsides Austin! It is a very informative talk about leadership, not just in Information Security, but how to be a leader in any field you do. Breaking Down Security will also carry a 2 part interview with Phil. The first will post on the 6th of April, and the 2nd part will be on the 13th of April. Phil uploaded the slides of this presentation at Bsides Austin at http://www.slideshare.net/pjbeyer/choose-to-lead. Brakeing Down Security would like to thank Phil Beyer for his time and generosity.

We discuss IDS and IPS, why they are needed, and why they get a pass on how easily they are bypassed, and why AV gets all the press... Intro "Private Eye", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

This week, we got into some discussion about frameworks, and the different types of frameworks available (regulatory, "best practice", and process improvement) We also looked at the new "Framework for Improving Critical Infrastructure Cybersecurity" ratified and released last month. Does it meet with our high expectations? You'll just have to listen and find out. http://www.nist.gov/cyberframework/ Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

Cracking great show this week! Mr. Boettcher and I got all into authentications methods, why they don't always work, and what can we do to make passwords more secure, using Mike Murray's method of 'Passphrases' over passwords... Finally, we talked about some adventure Mr. boettcher had with a friend's malware infection (it wasn't me, I promise!). He took what we learned from @hackerhurricane (Michael Gough) and is actively doing forensics on it. http://daleswanson.org/things/password.htm Malware, Rootkits & Botnets A Beginner's Guide by Christopher Elisan Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

This is the Part 2 of our Interview with Kevin Johnson. During our interview, we followed him down the rabbit hole. We learned how to default rulesets in ANY rules based hardware solution sucks. We learned that being a security professional is more than just a fancy title. And finally, we learned that Kevin is a huge fan of Star Wars. DB Visualizer -- http://www.dbvis.com/ Good article on how homomorphic encryption works: http://www.americanscientist.org/issues/pub/2012/5/alice-and-bob-in-cipherspace Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

During our SEC542, GIAC Web App Pentesting course, we got the pleasure and honor of sitting down with Kevin Johnson from SecureIdeas on who he is, how Samurai WTF came into being, and why we should be doing licensing for proper ethcial hackers. Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

This is part 2 of our Interview with Malware researcher Michael Gough. We talk about mobile device malware, and how the Sniper Forensic Toolkit, differs from Tripwire. Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/ "Infectedpc_primary.jpg is from bugsrepair.com

This week, we are excited to have Michael Gough, a local malware researcher from Mi2Security on with us to talk about types of malware, infection vectors, some of the tools that users have available to them to detect and prevent malware. We also discuss who gains from malware infections, the 'bad guys', and even the AV/Malware detection companies. We also talk about how his software program "Sniper Forensic Toolkit" would detect malware. Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

This week, we interviewed Frank Kim, an instructor from SANS, talks about developers methods, the challenges of getting developers to code securely, and the efforts to create a culture of secure coding. Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

All superheroes have an origin story, Brian and I are not super, but we have a great origin story. This week's podcast is about how we made it into the Infosec industry, and we also discuss the value of research from an OS point of view. We also talk about mentoring and assistance for those looking to get into the InfoSec world. Intro "Private Eye" and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/