loader from loading.io

35 - Ed Bellis & Risk Based Vulnerability Management

The InfoSec & OSINT Show

Release Date: 11/26/2020

66 - Matt Danner & Digital Forensics show art 66 - Matt Danner & Digital Forensics

The InfoSec & OSINT Show

In episode 66, Matt Danner joins the show to talk about digital forensics. My 3 main takeaways were 1) How to perform a forensics investigation against Google Storage 2) What the limitations of the Google Drive API are and 3) How to approach iOS and Android devices in an investigation.

info_outline
65 - Martina Dove PhD & The Psychology of Scams show art 65 - Martina Dove PhD & The Psychology of Scams

The InfoSec & OSINT Show

In episode 65, I talk with Dr. Martina Dove about the psychology behind fraud, persuasion and scam techniques. My 3 main takeaways were 1) What makes some people more susceptible to fraud 2) the techniques scammers use to convince us to take certain actions and 3) What influence factor is the most powerful For more information, including the show notes check out:  

info_outline
64 -  Daniel Cuthbert & Pen Testing with the ASVS show art 64 - Daniel Cuthbert & Pen Testing with the ASVS

The InfoSec & OSINT Show

In episode 64, Daniel Cuthbert joins us to talk about the OWASP Application Security Verification Standard. My 3 main takeaways were 1) Why the ASVS will make you a better pen tester and even bounty hunter 2) How to use the ASVS for threat modelling and 3) His tips on getting your talk accepted at a security conference For more information, including the show notes check out:  

info_outline
63 - Nico 63 - Nico "Dutch_Osintguy" Dekens & Leveraging Telegram in OSINT

The InfoSec & OSINT Show

In episode 63, I talk with Nico Dekens, a.k.a Dutch_Osintguy about the dangers of relying on one search engine, Telegram OpSec, browser extensions & more. My 3 main takeaways were 1) When specific search engine will give you better results than others 2) How Telegram can be a better OSINT source than Tor and 3) Search techniques for finding the right keywords and channels on Telegram

info_outline
62 - Alissa Knight & Hacking Cars show art 62 - Alissa Knight & Hacking Cars

The InfoSec & OSINT Show

In episode 62, Alissa Knight, the author of Hacking Connected Cars, joins us to talk about hacking connected cars, APIs, defense as well as vulnerability management. My 3 main takeaways were 1) Where to even begin with car hacking 2) The challenges car manufacturers have when trying to defend against these attacks and 3) How APIs are shaping the future of hacking

info_outline
61 - Robert Graham & Large Scale Port Scanning w/Masscan show art 61 - Robert Graham & Large Scale Port Scanning w/Masscan

The InfoSec & OSINT Show

In episode 61, Robert Graham, the creator of masscan, joins us to talk about running internet wide port scanning the right way. My 3 main takeaways were 1) How to use the banner function correctly 2) How to figure out the fastest rate you can send packets and 3) The most common mistakes Rob sees when folks run masscan

info_outline
60 - AJ Yawn & Automating AWS Security show art 60 - AJ Yawn & Automating AWS Security

The InfoSec & OSINT Show

In episode 60, Josh Amishav chats with AJ Yawn about AWS security, compliance in the cloud, choosing an auditor and more. My 3 main takeaways were 1) How to make compliance not suck 2) How to automate security within an AWS environment and 3) What shared responsibility means when managing cloud infrastructure

info_outline
59 - Tim Adams & DNS Filtering show art 59 - Tim Adams & DNS Filtering

The InfoSec & OSINT Show

In episode 59, Tim Adams joins us this week to talk DNS security, Zero Trust, TLD filtering and more. My 3 main takeaways were 1) How to integrate DNS Response Policy Zones, or RPZs, to prevent access to known bad domains 2) How aged a domain should be, sort of like wine, before trusting it and 3) DNS Tunneling, how to identify it and stop it

info_outline
58 - Ryan Dewhurst & Securing WordPress show art 58 - Ryan Dewhurst & Securing WordPress

The InfoSec & OSINT Show

Ryan Dewhurst joins us this week to talk about all things WPScan. My 3 main takeaways were 1) common mistakes he sees when people run WPScan 2) 3 things you can do to stop 90% of WordPress attacks 3) His tips on launching a security tool

info_outline
57 - Ben Dowling & IP Geolocation show art 57 - Ben Dowling & IP Geolocation

The InfoSec & OSINT Show

Ben Dowling hangs out this week to talk about IP Geolocation. My 3 main takeaways were 1) how they determine where an IP address is actually located 2) how they deal with massive amounts of crowdsourced geodata 3) how they attribute IP addresses to specific companies

info_outline
 
More Episodes
 

This week Ed Bellis joins the show to talk about risk based vulnerability management. My 3 main takeaways were 1) which factors you should take into consideration when prioritizing vulnerability remediation 2) the effects that public exploit code has on remediation efforts 3) how organizations can improve their threat prioritization by using their own threat intel in their risk assessments

For more information, including the show notes check out https://breachsense.io/podcast