This browser doesn't support Spotify Web Player. Switch browsers or download Spotify for your desktop.

Brakeing Down Security Podcast

By Brian Boettcher, Amanda Berlin, and Bryan Brake

A podcast all about the world of Security, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security Professionals need to know, or refresh the memories of the seasoned veterans.

  1. 1.
    2018-002-John_Nye-Healthcare's_biggest_issues-ransomware20 January 2018
    1:03:27
  2. 2.
    2018-001- A new year, new changes, same old trojan malware12 January 2018
    1:05:36
  3. 3.
    2017-SPECIAL005-End of year Podcast with podcasters23 December 2017
    1:25:49
  4. 4.
    2017-042-Jay beale, Hushcon, Apple 0Day, and BsidesWLG audio16 December 2017
    1:06:29
  5. 5.
    2017-041- DFIR Hierarchy of Needs, and new malware attacks8 December 2017
    1:02:17
  6. 6.
    2017-040-Expensify_privacy_issues-Something_is_rotten_at_Apple30 November 2017
    47:26
  7. 7.
    2017-039-creating custom training for your org, and audio from SANS Berlin!23 November 2017
    43:12
  8. 8.
    2017-038- Michael De Libero discusses building out your AppSec Team15 November 2017
    56:09
  1. 9.
    2017-037 - Asset management techniques, and it's importance, DDE malware8 November 2017
    52:28
  2. 10.
    2017-036-Adam Shostack talks about threat modeling, and how to do it properly29 October 2017
    1:34:53
  3. 11.
    2017-SPECIAL004- SOURCE Conference Seattle 201722 October 2017
    48:08
  4. 12.
    2017-035-Business_Continuity-After_the_disaster16 October 2017
    59:19
  5. 13.
    2017-SPECIAL003-Audio from Derbycon 2017!7 October 2017
    1:15:05
  6. 14.
    2017-034-Preston_Pierce, recruiting, job_descriptions2 October 2017
    1:02:05
  7. 15.
    2017-SPECIAL002-Derbycon-podcast with podcasters (NSF Kids/Work)27 September 2017
    1:18:30
  8. 16.
    2017-033- Zane Lackey, Inserting security into your DevOps environment17 September 2017
    1:00:35
  9. 17.
    2017-032-incident response tabletops, equifax breach12 September 2017
    47:37
  10. 18.
    2017-031-Robert_Sell-Defcon_SE_CTF-OSINT_source4 September 2017
    1:03:46
  11. 19.
    2017-030-Vulnerability OSINT, derbycon CTF walkthrough, and bsides Wellington!29 August 2017
    52:36
  12. 20.
    2017-029-CIS benchmarks, Windows Update reverts changes used to detect malware20 August 2017
    1:17:40
  13. 21.
    2017-028-disabling WU?, Comcast wireless hack, and was it irresponsible disclosure?12 August 2017
    54:44
  14. 22.
    2017-026-Machine_Learning-Market Hype, or infosec's blue team's newest weapon?3 August 2017
    1:09:01
  15. 23.
    2017-025-How will GDPR affect your Biz with Wendyck, and DerbyCon CTF info22 July 2017
    1:10:48
  16. 24.
    2017-024-infosec_mental_health_defcon_contest-with-rand0h-and-tottenkoph16 July 2017
    1:30:55
  17. 25.
    2017-023-Jay_Beale_Securing Linux-LXC-Selinux-Apparmor-Jails_and_more10 July 2017
    1:09:43
  18. 26.
    2017-022-Windows Hardening, immutable laws of security admins, and auditpol3 July 2017
    53:47
  19. 27.
    2017-SPECIAL- Michael Gough and Brian Boettcher discuss specific ransomware30 June 2017
    19:25
  20. 28.
    2017-021-small_biz_outreach-614con-prenicious_kingdoms-ransomware-bonus22 June 2017
    1:18:46
  21. 29.
    2017-020-Hector_Monsegur_DNS_OSINT_Outlaw_Tech_eClinicalWorks_fine14 June 2017
    1:16:36
  22. 30.
    2017-019-Ms. Jessy Irwin, Effective Training in Small/Medium Businesses6 June 2017
    1:11:33
  23. 31.
    2017-018-SANS_course-EternalBlue_and_Samba_vulnerabilities-DerbyCon contest details30 May 2017
    50:39
  24. 32.
    2017-017-Zero_Trust_Networking_With_Doug_Barth,_and_Evan_Gilman9 May 2017
    1:25:45
  25. 33.
    2017-016-Fileless_Malware, and reclassifying malware to suit your needs2 May 2017
    1:05:42
  26. 34.
    2017-015-Being a 'security expert' vs. 'security aware'27 April 2017
    44:42
  27. 35.
    2017-014-Policy_writing_for_the_masses-master_fingerprints_and_shadowbrokers20 April 2017
    1:00:11
  28. 36.
    2017-013-Multi-factor Auth implementations, gotchas, and solutions with Matt13 April 2017
    48:43
  29. 37.
    2017-012-UK Gov Apprenticeship infosec programs with Liam Graves5 April 2017
    54:12
  30. 38.
    2017-011-Software Defined Perimeter with Jason Garbis29 March 2017
    52:40
  31. 39.
    2017-010-Authors Amanda Berlin and Lee Brotherston of the "Defensive Security Handbook"22 March 2017
    1:13:41
  32. 40.
    2017-009-Dave Kennedy talks about CIAs 'Vault7', ISC2, and Derbycon updates!14 March 2017
    1:15:17
  33. 41.
    2017-008-AWS S3 outage, how it should color your IR scenarios, and killing the 'whiteboard' interview6 March 2017
    1:14:22
  34. 42.
    2017-007- Audio from Bsides Seattle 20171 March 2017
    35:42
  35. 43.
    2017-006- Joel Scambray, infosec advice, staying out from in front of the train, and hacking exposed19 February 2017
    1:05:44
  36. 44.
    2017-005-mick douglas, avoid bad sales people, blue team defense tools14 February 2017
    1:03:57
  37. 45.
    2017-004-sandboxes, jails, chrooting, protecting applications, and analyzing malware6 February 2017
    52:24
  38. 46.
    2017-003-Amanda Berlin at ShmooCon29 January 2017
    30:45
  39. 47.
    2017-002: Threat Lists, IDS/IPS rules, and mentoring21 January 2017
    1:05:40
  40. 48.
    2017-001: A New Year, malware legislation, and a new cast member!12 January 2017
    43:43
  41. 49.
    2016-051: Steps to fixing risks you found, and the State of the Podcast25 December 2016
    41:29
  42. 50.
    2016-050: Holiday Spectacular with a little help from our friends!21 December 2016
    1:14:53
  43. 51.
    2016-049-Amanda Berlin, the art of the sale, and Decision making trees15 December 2016
    56:46
  44. 52.
    2016-048: Dr. Gary McGraw, Building Security into your SDLC, w/ Special guest host Joe Gray!3 December 2016
    1:11:06
  45. 53.
    2016-047: Inserting Security into the SDLC, finding Privilege Escalation in poorly configured Linux systems28 November 2016
    19:49
  46. 54.
    2016-046: BlackNurse, Buenoware, ICMP, Atombombing, and PDF converter fails21 November 2016
    44:49
  47. 55.
    2016-045: Aamir Lakhani discusses the dark web, creating a reputation, and is all the content bad?14 November 2016
    1:01:45
  48. 56.
    2016-044: Chain of Custody, data and evidence integrity7 November 2016
    47:03
  49. 57.
    2016-043: BSIMMv7, a teachable moment, and our new Slack Channel!1 November 2016
    1:14:09
  50. 58.
    2016-042-Audio from Source Seattle 2016 Conference24 October 2016
    1:32:52
  51. 59.
    2016-041- Ben Johnson, company culture shifts, job descriptions, cyber self-esteem17 October 2016
    1:11:22
  52. 60.
    2016-040: Gene_Kim, Josh_Corman, helping DevOps and Infosec to play nice10 October 2016
    1:01:39
  53. 61.
    2016-039-Robert Hurlbut, Threat Modeling and Helping Devs Understand Vulnerabilities4 October 2016
    1:14:59
  54. 62.
    2016-038-Derbycon Audio and 2nd Annual Podcast with Podcasters!28 September 2016
    1:24:13
  55. 63.
    2016-037: B1ack0wl, Responsible Disclosure, and embedded device security14 September 2016
    1:06:50
  56. 64.
    2016-036: MSSP pitfalls, with Nick Selby and Kevin Johnson11 September 2016
    1:08:11
  57. 65.
    2016-035-Paul Coggin discusses the future with Software Defined Networking6 September 2016
    1:13:27
  58. 66.
    2016-034: Sean Malone from FusionX explains the Expanded Cyber Kill Chain28 August 2016
    1:40:43
  59. 67.
    2016-033: Privileged Access Workstations (PAWs) and how to implement them22 August 2016
    57:32
  60. 68.
    2016-032-BlackHat-Defcon-Debrief, Brakesec_CTF_writeup, and blending in while traveling15 August 2016
    59:55
  61. 69.
    2016-031:DFIR rebuttal and handling incident response8 August 2016
    58:59
  62. 70.
    2016-030: Defending Against Mimikatz and Other Memory based Password Attacks31 July 2016
    35:00
  63. 71.
    2016-029: Jarrod Frates, steps when scheduling a pentest, and the questions you forgot to ask...25 July 2016
    1:22:39
  64. 72.
    2016-028: Cheryl Biswas discusses TiaraCon, Women in Infosec, and SCADA headaches17 July 2016
    1:00:23
  65. 73.
    2016-027: DFIR conference, DFIR policy controls, and a bit of news10 July 2016
    45:01
  66. 74.
    2016-026-powershell exfiltration and hiring the right pentest firm3 July 2016
    1:14:54
  67. 75.
    2016-025-Windows Registry, Runkeys, and where malware likes to hide27 June 2016
    50:47
  68. 76.
    2016-024: Kim Green, on CISOaaS, the Redskins Laptop, and HIPAA20 June 2016
    1:13:19
  69. 77.
    2016-023- DNS_Sinkholing13 June 2016
    39:20
  70. 78.
    2016-022: Earl Carter dissects the Angler Exploit Kit6 June 2016
    57:39
  71. 79.
    2016-021: Carbon Black's CTO Ben Johnson on EDR, the layered approach, and threat intelligence29 May 2016
    57:37
  72. 80.
    2016-020-College Vs. Certifications Vs. Self-taught21 May 2016
    54:19
  73. 81.
    2016-019-Creating proper business cases and justifications16 May 2016
    54:42
  74. 82.
    2016-018-software restriction policies and Applocker9 May 2016
    1:00:00
  75. 83.
    2016-017-The Art of Networking, Salted Hashes, and the 1st annual Podcast CTF!2 May 2016
    1:02:25
  76. 84.
    2016-016-Exploit Kits, the "Talent Gap", and buffer overflows25 April 2016
    1:00:13
  77. 85.
    2016-015-Dr. Hend Ezzeddine, and changing organizational security behavior16 April 2016
    1:10:43
  78. 86.
    2016-014-User_Training,_Motivations,_and_Speaking_the_Language8 April 2016
    41:16
  79. 87.
    2016-013-Michael Gough, the ISSM reference model, and the 5 P's26 March 2016
    58:51
  80. 88.
    2016-012-Ben Caudill on App Logic Flaws, and Responsible Disclosure19 March 2016
    51:46
  81. 89.
    2016-011-Hector Monsegur, deserialization, and bug bounties14 March 2016
    1:12:25
  82. 90.
    2016-010-DNS_Reconnaissance7 March 2016
    49:53
  83. 91.
    2016-009-Brian Engle, Information Sharing, and R-CISC29 February 2016
    1:05:56
  84. 92.
    2016-008-Mainframe Security22 February 2016
    1:47:01
  85. 93.
    2016-007-FingerprinTLS profiling application with Lee Brotherston14 February 2016
    1:11:06
  86. 94.
    2016-006-Moxie_vs_Mechanism-Dependence_On_Tools8 February 2016
    54:05
  87. 95.
    2016-005-Dropbox Chief of Trust and Security Patrick Heim!30 January 2016
    46:37
  88. 96.
    2016-004-Bill_Gardner24 January 2016
    1:19:05
  89. 97.
    2016-003-Antivirus (...what is it good for... absolutely nothing?)18 January 2016
    54:33
  90. 98.
    2016-002-Cryptonite- or how to not have your apps turn to crap11 January 2016
    1:03:14
  91. 99.
    2016-001: Jay Schulmann explains how to use BSIMM in your environment3 January 2016
    1:02:16
  92. 100.
    2015-054: Dave Kennedy27 December 2015
    51:52

Listen to Brakeing Down Security Podcast now.

Listen to Brakeing Down Security Podcast in full in the Spotify app