Developers · Best
Exploring Information Security - Timothy De Block
By Timothy De Block
About this podcast
The Exploring Information Security podcast interviews a different professional each week exploring topics, ideas, and disciplines within information security. Prepare to learn, explore, and grow your security mindset.
Podcasts like "Exploring Information Security - Timothy De Block"   · View all
Eagle Nation Podcast
By Blayne Smith
Masters in Business
By Bloomberg News
Invisibilia
By NPR
Metropocalypse
By WAMU 88.5
FAITHFACTOR IMPACT Join The Top Nonprofit Leaders to REFUEL. RECONNECT.GET INSPIRED
By JESSIE EVERLINE
Episodes (Total: 10)
Jan. 15, 2018 · 00:27:22
In this foundational episode of the Exploring Information Security podcast, Matt Tesauro and Aaron Weaver join me to discuss the AppSec Pipeline.Matt (@matt_tesauro) and Aaron (@weavera) are the project leads for the OWASP AppSec Pipeline. The project provides resources and guidance for building out your own appsec pipeline within a development team. Building a pipeline is important in helping get security embedded within software.In this episode we discuss:What is the OWASP AppSec PipelineHow did it get startedWho should use the AppSec PipelineHow to implement the AppSec Pipeline [RSS Feed] [iTunes]
Jan. 8, 2018 · 00:14:39
In this reflection edition of the Exploring Information Security podcast, I look back at 2017 and also look ahead to 2018 for the podcast.2017 was a great year for the podcast. I saw increased listernership. We had a new episode format that involved talking to several security professionals at various conferences. I've also seen an increase in companies and public relation firms reaching out to me to pitch guests. In 2018 I'd like to explore some new formats. There may be a conference panel in the future. I also expect to look at advertising and sponsorship for the podcasts. I also need to work on an archive feed for older episodes.If you have feedback on any of this or ideas for where I should take the show, I would love to hear them. You can hit me up on Twitter (@TimothyDeBlock), email: timothy.deblock[@]gmail[dot]com, or by leaving a comment below. Thanks for such a great year and I look forward to a fantastic 2018. [RSS Feed] [iTunes]
Jan. 1, 2018 · 00:28:41
In this fake episode of the Exploring Information Security podcast, Micah Hoffman joins me to discuss imposter syndrome.Micah (@WebBreacher), this past year, spoke on imposter syndrome and how to overcome it. It's something we all deal with (even several years into our careers). It's useful, but also dangerous for those of us in the information security community. We need to try and compare ourselves to others less and speak more positively internally.In this episode we discuss:What is imposter syndrome?Why people get imposter syndrome.How to overcome imposer syndrome.Stick around until the end to hear some real imposter syndrome. [RSS Feed] [iTunes]
Dec. 24, 2017 · 00:28:06
Chris (@chrissanders88) grew up at a disadvantage. He wasn't rich or handed a great educations. He speaks of being part of the free lunch kids at school. He's managed to turn himself into a successful information security professional, with his own company and non-profit. A lot of that is due to his teachers and mentors encouraging his interest in computers. The Rural Technology Fund is a way for him to give back and give other kids an opportunity to see if they have a spark for technology.
Dec. 18, 2017 · 00:18:38
In this bird feeding episode of the Exploring Information Security podcast, Chris Maddalena joins me to discuss how to build your own tools.Chris (@cmaddalena) gave a talk at DerbyCon this past year on writing Win32 Shellcode. We've talked before on a previous podcast around why building your own tools is important. Chris has also written several tools for his day job and for public consumption. His most recent tool is ODIN, a passive recon tool for penetration testers.In this episode we discuss:Why should someone build their own toolWhat tool should people build?How to get started building toolsWhat resources are available for building tools [RSS Feed] [iTunes]
Dec. 11, 2017 · 00:25:04
In this bird feeding episode of the Exploring Information Security podcast, Chris Maddalena joins me to discuss how to build your own tools.Chris (@cmaddalena) gave a talk at DerbyCon this past year on writing Win32 Shellcode. We've talked before on a previous podcast around why building your own tools is important. Chris has also written several tools for his day job and for public consumption. His most recent tool is ODIN, a passive recon tool for penetration testers.In this episode we discuss:Why should someone build their own toolWhat tool should people build?How to get started building toolsWhat resources are available for building tools [RSS Feed] [iTunes]
Dec. 4, 2017 · 00:30:11
In this colorful edition of the Exploring Information Security podcast, April Wright joins me to discuss the orange team.April (@aprilwright) and I met earlier this year at ShowMeCon. She shared with me the concept of the Orange Team. Which is an idea around the security (blue) team working more closely with the development (yellow) team. I loved the idea and wanted to hear more. She spoke about the topic at BlackHat and DefCamp. Unfortunately, the recordings of her session haven't been released yet. So, I decided to have her on to discuss in more detail.In this episode we discuss:What is the orange teamHow did the idea come about?What are the activities of the orange team?Who should participate [RSS Feed] [iTunes]
Nov. 27, 2017 · 00:30:46
In this protuberance episode of the Exploring Information Security podcast, Max McCarty joins me to discuss how to secure NodeJS.Max (@maxrmccarty) has a great course called Securing Your Node.Js Web App available on Pluralsight. The course is five and a half-hours long, walking through the basics on security. Security for NodeJS is not unlike security for other languages and technologies. If you can secure other web apps you can secure NodeJS.In this episode we discuss:What is NodeJSHow Max got started in NodeJSWhy it's important to secure NodeJSHow to secure NodeJSMore resources:OWASPHow to enable HTTP Strict Transport Security (HSTS) in IIS7+ [RSS Feed] [iTunes]
Nov. 20, 2017 · 00:29:15
In this devtastic episode of the Exploring Information Security podcast, Adam Baldwin joins me to discuss the Node Security Platform (NSP).Adam (@adam_baldwin) is the team lead at Lift Security and founder of the Node Security Platform. NSP is one of the simplest tools to put into a development life cycle for NodeJS. It checks for vulnerable packages in an environment during pull requests or builds. This allow developers to quickly and easily identify packages that put their applications at risk.In this episode we discuss:What is nsp?How it should be used?Where it should be used?How to use it.Resources:Nodesecurity.ioRising Stack [RSS Feed] [iTunes]
Nov. 13, 2017 · 00:11:29
In this bouncy edition of the Exploring Information Security podcast, I talk about getting outside of the information security echo chamber.Getting outside of the infosec echo chamber is something I've wanted to do for the past year. Spending time at infosec events is important for a career. It's great for networking and knowledge sharing. We need to do those same things at non-infosec events. For me that means getting out to developer events. I am speaking at Nodevember at the end of November 2017 and also at CodeMash in early January 2018. For better security I think it's a crucial activity.In this episode I discuss:What is the echo chamber?Why it's important to get outside of itWho should get outside the echo chamberWhere to get outside the echo chamber [RSS Feed] [iTunes]