Search · Best Podcasts
Exploring Information Security - Timothy De Block
By Timothy De Block
About this podcast
The Exploring Information Security podcast interviews a different professional each week exploring topics, ideas, and disciplines within information security. Prepare to learn, explore, and grow your security mindset.
Episodes (Total: 10)
Nov. 20, 2017 · 00:29:15
In this devtastic episode of the Exploring Information Security podcast, Adam Baldwin joins me to discuss the Node Security Platform (NSP).Adam (@adam_baldwin) is the team lead at Lift Security and founder of the Node Security Platform. NSP is one of the simplest tools to put into a development life cycle for NodeJS. It checks for vulnerable packages in an environment during pull requests or builds. This allow developers to quickly and easily identify packages that put their applications at risk.In this episode we discuss:What is nsp?How it should be used?Where it should be used?How to use it.Resources:Nodesecurity.ioRising Stack [RSS Feed] [iTunes]
Nov. 13, 2017 · 00:11:29
In this bouncy edition of the Exploring Information Security podcast, I talk about getting outside of the information security echo chamber.Getting outside of the infosec echo chamber is something I've wanted to do for the past year. Spending time at infosec events is important for a career. It's great for networking and knowledge sharing. We need to do those same things at non-infosec events. For me that means getting out to developer events. I am speaking at Nodevember at the end of November 2017 and also at CodeMash in early January 2018. For better security I think it's a crucial activity.In this episode I discuss:What is the echo chamber?Why it's important to get outside of itWho should get outside the echo chamberWhere to get outside the echo chamber [RSS Feed] [iTunes]
Nov. 6, 2017 · 00:25:55
In this speedy episode of the Exploring Information Security podcast, Brandon Wilson joins me to discuss his adventures in hacking a car.Brandon (@brandonlwilson) spoke at BSides Knoxville in 2017. I had the pleasure to be in attendance for his talk. The talk was technical and very interesting. Brandon talked about how he tried to take his old 90s car and fix it himself. The was a malfunction in the anti-theft system that kept the car from running. He decided to go deeper. Unfortunately, he was unable to fix his car. He did, however, learn a lot from the experience.In this episode we discuss:How Brandon got into car hacking?What resources were available for hacking a car?How long did the project take?What tools are available for hacking a car? [RSS Feed] [iTunes]
Oct. 30, 2017 · 00:30:34
In this skeleton edition of the Exploring Information Security podcast, I discuss the Cybersecurity Framework (CSF) from NIST with Rick Tracy the CSO at Telos.Rick (@rick_tracy), is very passionate about the CSF from NIST. The framework is meant to help organizations become more mature from a security standpoint. The CSF provides guidance on implementing security controls and countermeasures. It's not meant to be a one size fits all framework, but something that each organization can cater to their organization.In this episode we discuss:What is NIST?What is the Cybersecurity Framework?Why it's importantHow organizations implement the frameworkMore resources:Cybersecurity Framework - Industry ResourcesXacta 360 [RSS Feed] [iTunes]
Oct. 24, 2017 · 00:28:53
In this fire-breathing edition of the Exploring Information Security podcast, I talk to Mike Goodwin the project lead of the OWASP Threat Dragon.Mike (@theblacklabguy) joins me to discuss his OWASP project Threat Dragon. The project is meant to give developers an easy use tool for performing threat modeling. The project is built on NodeJS and AngularJS. It has a slick easy-to-use interface and Github integration. His roadmap for the project include Bitbucket integration and a rule engine that will help with threat modeling.In this episode we discuss:What is threat modeling?What led to the idea of Threat Dragon?How does someone get started with the tool?What's the effort on a project like this? (mike[dot]goodwing[at]owasp[dot]org to help)More resources:Threat Modeling: Designing for Security by Adam Shostack [RSS Feed] [iTunes]
Oct. 16, 2017 · 01:26:45
In this legacy edition of the Exploring Information Security podcast, Ben Miller (@securithid) , Cliff Smith (@BismithSalamandr) , Paul "BubbaSec" Coggin (@PaulCoggin) , Dave Chronister (@bagomojo), Sean Peterson (@SeanThePeterson), and Jimmy Byrd (@Jimmy_Byrd) (and briefly @aprilwright ) join me to talk security. This is likely the last podcast conference special of the year. It's a good one. We had quite the crew to record this one and got very in-depth and deep on topics related to infosec. Big shout out and thanks again to Dave for bringing the mics and participating in the podcast.I've been pleasantly surprised with how this and the other podcasts have turned out. I've gotten some great feedback and I plan to do more of these in the future. It was also floated to me that we record one of these as a panel at one of the conferences. We'll see.In this episode we discuss:The legacy of DerbyCon and what the future holds.What it's like at a developer conference?Is there security fatigue?Patch your shit.Resource we discussed:Duo BeyondCorpOWASP AppSensorBinary Defense The Vision Platform [RSS Feed] [iTunes]
Oct. 9, 2017 · 01:34:54
In this masters edition of the Exploring Information Security podcast, Adam Twitty, Robert Preston, Jeff Lang, and myself discuss security things.This is another EIS podcast special at BSides Augusta. I have some close friends joining me for this one. Adam, Jeff, and Robert all part of a local user group in Columbia, South Carolina, aptly named ColaSec. I also worked with Adam and Robert at my first security gig.BSides Augusta is one of my favorite BSides events. It's really well run. It has a great facility and there's so much to do. In fact, I took part in my first conference capture the flag (CTF) with some of the guys from ColaSec. It was quite the experience and a lot of fun. I highly recommend the conference for those free in mid-September.In this episode we discuss:What it's like to be on a good teamWhat you need to know to get into the field?What paths are available to get into infosecWhat is ColaSec? [RSS Feed] [iTunes]
Oct. 2, 2017 · 00:28:34
In this fruity edition of the Exploring Information Security podcast, Kate Vajda joins me to discuss how to setup a pineapple.Kate (@vajkat) is a senior security consultant at Secure Ideas. She recently wrote an article on setting up a targeted pineapple. In the article she walks through setting up a pineapple. What I really enjoy about the article is that she walks through some of the issues she runs into setting up the pineapple. It's a really good example of how to work through problems using troubleshooting techniques.In this episode we discuss:What is a pineappleWhere to get a pineappleHow to set one upWhat are the use cases for a pineapple [RSS Feed] [iTunes]
Sept. 25, 2017 · 00:28:29
In this contained edition of the Exploring Information Security podcast, Danny Miller joins me to discuss isolated browsing.Danny, is the Director of Product Marketing for Ericom (@EricomShield). He came on the show to talk about isolated browsing. Which is a technology that I've never heard of before. It's similar to virtual machines and technology like Citrix, which provide solutions that help isolate a user. Isolated browsing is different. It uses containers (like Docker) to provide a user with a browser that is completely separate from the computer. This has the advantage of keeping things like malware of user computer and in a contained environment.In this episode we discuss:What is isolated browsing?How does it work?Where the solution is locatedHow is the technology different from Citrix?More resources:https://www.gartner.com/doc/3463618/time-isolate-users-internet-cesspool [RSS Feed] [iTunes]
Sept. 19, 2017 · 00:29:18
In this Han Solo edition of the Exploring Information Security podcast, I discuss my experience on why getting into infosec is hard.This is a solo episode where I share my thoughts on why it's hard to get into infosec. I've been on both sides of the interview process. In this episode I share my own personal experience (where I failed), as well as what I've seen on why people didn't get the role they wanted. This topic deals with the skills shortage topic often discussed on Twitter and other media. It's a very nuanced topic. I wanted to focus on what those applying could do better to apply and interview for an opportunity.In this episode:Why people don't apply?Why requirements can limit job opportunitiesWhy your resume sucksHow are you preparing for the interview?What are you doing to improve your chances of getting an offer? [RSS Feed] [iTunes]
About Listen Notes
Podcast search engine with 407,134 podcasts and 23,748,953 episodes. Built by a one-person team. Learn more.
Follow us
Monthly updates via email (past issues)