This browser doesn't support Spotify Web Player. Switch browsers or download Spotify for your desktop.

Brakeing Down Security Podcast

By Brian Boettcher, Amanda Berlin, and Bryan Brake

A podcast all about the world of Security, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security Professionals need to know, or refresh the memories of the seasoned veterans.

  1. 1.
    2018-021-TLS 1.3 discussion, Area41 report, wireshark goodness20 June 2018
    42:42
  2. 2.
    2018-020: NIST's new password reqs, Ms. Berlin talks about ShowMeCon, Pwned Passwords13 June 2018
    36:43
  3. 3.
    2018-019-50 good ways to protect your network, brakesec summer reading program6 June 2018
    47:20
  4. 4.
    2018-018-Jack Rhysider, Cryptowars of the 90s, OSINT techniques, and hacking MMOs30 May 2018
    34:14
  5. 5.
    2018-017- threat models, vuln triage, useless scores, and analysis tools23 May 2018
    39:37
  6. 6.
    2018-016- Jack Rhysider, DarkNet Diaries, and a bit of infosec history (Part 1)15 May 2018
    37:12
  7. 7.
    2018-015-Data labeling, data classification, and GDPR issues7 May 2018
    52:06
  8. 8.
    2018-014- Container Security with Jay Beale29 April 2018
    1:05:29
  1. 9.
    2018-013-Sigma_malware_report, Verizon_DBIR discussion, proper off-boarding of employees20 April 2018
    1:05:19
  2. 10.
    2018-012: SIEM tuning, collection, types of SIEM, and do you even need one?11 April 2018
    1:00:42
  3. 11.
    2018-011: Creating a Culture of Neurodiversity4 April 2018
    1:10:35
  4. 12.
    2018-010 - The ransoming of Atlanta, Facebook slurping PII, Dridex variants27 March 2018
    37:45
  5. 13.
    2018-009- Retooling for new infosec jobs, sno0ose, Jay Beale, and mentorship19 March 2018
    1:12:02
  6. 14.
    BDIR-001: Credential stealing emails, How do you protect against it?12 March 2018
    1:35:36
  7. 15.
    2018-008- ransomware rubes, Defender does not like Kali, proper backups12 March 2018
    58:11
  8. 16.
    2018-007- Memcached DDoS, Secure Framework Documentation, and chromebook hacking5 March 2018
    45:58
  9. 17.
    2018-006- NPM is whacking boxes, code signing, and stability of code26 February 2018
    46:17
  10. 18.
    2018-005-Securing_your_mobile_devices_and_CMS_against_plugin_attacks14 February 2018
    48:23
  11. 19.
    2018-004 - Discussing Bsides Seattle, and Does Autosploit matter?5 February 2018
    38:38
  12. 20.
    BDIR-000 ; The Beginning29 January 2018
    1:04:53
  13. 21.
    2018-003-Privacy Issues using Crowdsourced services,27 January 2018
    1:06:29
  14. 22.
    2018-002-John_Nye-Healthcare's_biggest_issues-ransomware20 January 2018
    1:03:27
  15. 23.
    2018-001- A new year, new changes, same old trojan malware12 January 2018
    1:05:36
  16. 24.
    2017-SPECIAL005-End of year Podcast with podcasters23 December 2017
    1:25:49
  17. 25.
    2017-042-Jay beale, Hushcon, Apple 0Day, and BsidesWLG audio16 December 2017
    1:06:29
  18. 26.
    2017-041- DFIR Hierarchy of Needs, and new malware attacks8 December 2017
    1:02:17
  19. 27.
    2017-040-Expensify_privacy_issues-Something_is_rotten_at_Apple30 November 2017
    47:26
  20. 28.
    2017-039-creating custom training for your org, and audio from SANS Berlin!23 November 2017
    43:12
  21. 29.
    2017-038- Michael De Libero discusses building out your AppSec Team15 November 2017
    56:09
  22. 30.
    2017-037 - Asset management techniques, and it's importance, DDE malware8 November 2017
    52:28
  23. 31.
    2017-036-Adam Shostack talks about threat modeling, and how to do it properly29 October 2017
    1:34:53
  24. 32.
    2017-SPECIAL004- SOURCE Conference Seattle 201722 October 2017
    48:08
  25. 33.
    2017-035-Business_Continuity-After_the_disaster16 October 2017
    59:19
  26. 34.
    2017-SPECIAL003-Audio from Derbycon 2017!7 October 2017
    1:15:05
  27. 35.
    2017-034-Preston_Pierce, recruiting, job_descriptions2 October 2017
    1:02:05
  28. 36.
    2017-SPECIAL002-Derbycon-podcast with podcasters (NSF Kids/Work)27 September 2017
    1:18:30
  29. 37.
    2017-033- Zane Lackey, Inserting security into your DevOps environment17 September 2017
    1:00:35
  30. 38.
    2017-032-incident response tabletops, equifax breach12 September 2017
    47:37
  31. 39.
    2017-031-Robert_Sell-Defcon_SE_CTF-OSINT_source4 September 2017
    1:03:46
  32. 40.
    2017-030-Vulnerability OSINT, derbycon CTF walkthrough, and bsides Wellington!29 August 2017
    52:36
  33. 41.
    2017-029-CIS benchmarks, Windows Update reverts changes used to detect malware20 August 2017
    1:17:40
  34. 42.
    2017-028-disabling WU?, Comcast wireless hack, and was it irresponsible disclosure?12 August 2017
    54:44
  35. 43.
    2017-026-Machine_Learning-Market Hype, or infosec's blue team's newest weapon?3 August 2017
    1:09:01
  36. 44.
    2017-025-How will GDPR affect your Biz with Wendyck, and DerbyCon CTF info22 July 2017
    1:10:48
  37. 45.
    2017-024-infosec_mental_health_defcon_contest-with-rand0h-and-tottenkoph16 July 2017
    1:30:55
  38. 46.
    2017-023-Jay_Beale_Securing Linux-LXC-Selinux-Apparmor-Jails_and_more10 July 2017
    1:09:43
  39. 47.
    2017-022-Windows Hardening, immutable laws of security admins, and auditpol3 July 2017
    53:47
  40. 48.
    2017-SPECIAL- Michael Gough and Brian Boettcher discuss specific ransomware30 June 2017
    19:25
  41. 49.
    2017-021-small_biz_outreach-614con-prenicious_kingdoms-ransomware-bonus22 June 2017
    1:18:46
  42. 50.
    2017-020-Hector_Monsegur_DNS_OSINT_Outlaw_Tech_eClinicalWorks_fine14 June 2017
    1:16:36
  43. 51.
    2017-019-Ms. Jessy Irwin, Effective Training in Small/Medium Businesses6 June 2017
    1:11:33
  44. 52.
    2017-018-SANS_course-EternalBlue_and_Samba_vulnerabilities-DerbyCon contest details30 May 2017
    50:39
  45. 53.
    2017-017-Zero_Trust_Networking_With_Doug_Barth,_and_Evan_Gilman9 May 2017
    1:25:45
  46. 54.
    2017-016-Fileless_Malware, and reclassifying malware to suit your needs2 May 2017
    1:05:42
  47. 55.
    2017-015-Being a 'security expert' vs. 'security aware'27 April 2017
    44:42
  48. 56.
    2017-014-Policy_writing_for_the_masses-master_fingerprints_and_shadowbrokers20 April 2017
    1:00:11
  49. 57.
    2017-013-Multi-factor Auth implementations, gotchas, and solutions with Matt13 April 2017
    48:43
  50. 58.
    2017-012-UK Gov Apprenticeship infosec programs with Liam Graves5 April 2017
    54:12
  51. 59.
    2017-011-Software Defined Perimeter with Jason Garbis29 March 2017
    52:40
  52. 60.
    2017-010-Authors Amanda Berlin and Lee Brotherston of the "Defensive Security Handbook"22 March 2017
    1:13:41
  53. 61.
    2017-009-Dave Kennedy talks about CIAs 'Vault7', ISC2, and Derbycon updates!14 March 2017
    1:15:17
  54. 62.
    2017-008-AWS S3 outage, how it should color your IR scenarios, and killing the 'whiteboard' interview6 March 2017
    1:14:22
  55. 63.
    2017-007- Audio from Bsides Seattle 20171 March 2017
    35:42
  56. 64.
    2017-006- Joel Scambray, infosec advice, staying out from in front of the train, and hacking exposed19 February 2017
    1:05:44
  57. 65.
    2017-005-mick douglas, avoid bad sales people, blue team defense tools14 February 2017
    1:03:57
  58. 66.
    2017-004-sandboxes, jails, chrooting, protecting applications, and analyzing malware6 February 2017
    52:24
  59. 67.
    2017-003-Amanda Berlin at ShmooCon29 January 2017
    30:45
  60. 68.
    2017-002: Threat Lists, IDS/IPS rules, and mentoring21 January 2017
    1:05:40
  61. 69.
    2017-001: A New Year, malware legislation, and a new cast member!12 January 2017
    43:43
  62. 70.
    2016-051: Steps to fixing risks you found, and the State of the Podcast25 December 2016
    41:29
  63. 71.
    2016-050: Holiday Spectacular with a little help from our friends!21 December 2016
    1:14:53
  64. 72.
    2016-049-Amanda Berlin, the art of the sale, and Decision making trees15 December 2016
    56:46
  65. 73.
    2016-048: Dr. Gary McGraw, Building Security into your SDLC, w/ Special guest host Joe Gray!3 December 2016
    1:11:06
  66. 74.
    2016-047: Inserting Security into the SDLC, finding Privilege Escalation in poorly configured Linux systems28 November 2016
    19:49
  67. 75.
    2016-046: BlackNurse, Buenoware, ICMP, Atombombing, and PDF converter fails21 November 2016
    44:49
  68. 76.
    2016-045: Aamir Lakhani discusses the dark web, creating a reputation, and is all the content bad?14 November 2016
    1:01:45
  69. 77.
    2016-044: Chain of Custody, data and evidence integrity7 November 2016
    47:03
  70. 78.
    2016-043: BSIMMv7, a teachable moment, and our new Slack Channel!1 November 2016
    1:14:09
  71. 79.
    2016-042-Audio from Source Seattle 2016 Conference24 October 2016
    1:32:52
  72. 80.
    2016-041- Ben Johnson, company culture shifts, job descriptions, cyber self-esteem17 October 2016
    1:11:22
  73. 81.
    2016-040: Gene_Kim, Josh_Corman, helping DevOps and Infosec to play nice10 October 2016
    1:01:39
  74. 82.
    2016-039-Robert Hurlbut, Threat Modeling and Helping Devs Understand Vulnerabilities4 October 2016
    1:14:59
  75. 83.
    2016-038-Derbycon Audio and 2nd Annual Podcast with Podcasters!28 September 2016
    1:24:13
  76. 84.
    2016-037: B1ack0wl, Responsible Disclosure, and embedded device security14 September 2016
    1:06:50
  77. 85.
    2016-036: MSSP pitfalls, with Nick Selby and Kevin Johnson11 September 2016
    1:08:11
  78. 86.
    2016-035-Paul Coggin discusses the future with Software Defined Networking6 September 2016
    1:13:27
  79. 87.
    2016-034: Sean Malone from FusionX explains the Expanded Cyber Kill Chain28 August 2016
    1:40:43
  80. 88.
    2016-033: Privileged Access Workstations (PAWs) and how to implement them22 August 2016
    57:32
  81. 89.
    2016-032-BlackHat-Defcon-Debrief, Brakesec_CTF_writeup, and blending in while traveling15 August 2016
    59:55
  82. 90.
    2016-031:DFIR rebuttal and handling incident response8 August 2016
    58:59
  83. 91.
    2016-030: Defending Against Mimikatz and Other Memory based Password Attacks31 July 2016
    35:00
  84. 92.
    2016-029: Jarrod Frates, steps when scheduling a pentest, and the questions you forgot to ask...25 July 2016
    1:22:39
  85. 93.
    2016-028: Cheryl Biswas discusses TiaraCon, Women in Infosec, and SCADA headaches17 July 2016
    1:00:23
  86. 94.
    2016-027: DFIR conference, DFIR policy controls, and a bit of news10 July 2016
    45:01
  87. 95.
    2016-026-powershell exfiltration and hiring the right pentest firm3 July 2016
    1:14:54
  88. 96.
    2016-025-Windows Registry, Runkeys, and where malware likes to hide27 June 2016
    50:47
  89. 97.
    2016-024: Kim Green, on CISOaaS, the Redskins Laptop, and HIPAA20 June 2016
    1:13:19
  90. 98.
    2016-023- DNS_Sinkholing13 June 2016
    39:20
  91. 99.
    2016-022: Earl Carter dissects the Angler Exploit Kit6 June 2016
    57:39
  92. 100.
    2016-021: Carbon Black's CTO Ben Johnson on EDR, the layered approach, and threat intelligence29 May 2016
    57:37

Listen to Brakeing Down Security Podcast now.

Listen to Brakeing Down Security Podcast in full in the Spotify app