loader from loading.io

Megan Roddie - co-author of "Practical Threat Detecion Engineering"

BrakeSec Education Podcast

Release Date: 08/25/2023

Tanya Janca Talks secure coding, Semgrep Academy, and community building, and more! show art Tanya Janca Talks secure coding, Semgrep Academy, and community building, and more!

BrakeSec Education Podcast

Check out the BrakeSecEd Twitch at https://twitch.tv/brakesec Join the Discord! https://discord.gg/brakesec #youtube VOD (in 1440p):   Questions and topics: Bsides Vancouver discussion Semgrep Community and Academy Building communities What are ‘secure guardrails’ Reducing barriers between security and developers How to sell security to devs: “hey, if you want to see us less, buy/use this?” “Security is your barrier, but we have goals that we can’t reach without your help.” https://wehackpurple.com/devsecops-worst-practices-artificial-gates/  How are you seeing things...

info_outline Josh Grossman - building Appsec programs, bridging security and developer gaps show art Josh Grossman - building Appsec programs, bridging security and developer gaps

BrakeSec Education Podcast

Youtube VOD:   #appsec, #owasp, #ASVS, #joshGrossman, #informationsecurity, #SBOM, #supplychain, #podcast, #twitch, #brakesec, #securecoding, #Codeanalysis Questions and topics: 1. The background to the topic, why is it something that interests you? How do you convince developers to take your course? 2. What do you think the root cause of the gap is? 3. Who is causing the gaps? (‘go fast’ culture, overzealous security, GRC requirements, basically everyone?) 4. Where do gaps begin? Is it the ‘need’ to ‘move fast’? 5. What can devs do to involve security in their process?...

info_outline Managing messaging with management, becoming a CISO with Mary Gardner from Goldiknox show art Managing messaging with management, becoming a CISO with Mary Gardner from Goldiknox

BrakeSec Education Podcast

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time based on new information and experiences and do not represent views of past, present, or future employers.   Recorded: 08 Apr 2024 Youtube VOD: https://www.youtube.com/watch?v=K8qApvsFtqw   Show Topic Summary: If you want to get in the mind of a board member, I submit to you my discussion with we did last night on . Join Mary and I as we discuss...

info_outline p2-accidentalCISO, building trust in new places show art p2-accidentalCISO, building trust in new places

BrakeSec Education Podcast

  Full Youtube VOD:       Questions and topics: Let’s talk about Mindful Business Podcast What’s the topics you cover? Topic #1: discuss your experiences when you were a new leader.  What worked? What didn't? What would you have done differently? Do you emulate your manager's style? What have been your go-to management resources?  What is a good piece of advice that you’ve been given or that you impart to others that relates to leadership? Topic #2: building/Operating SaaS products (we can discuss securing them, what functions...

info_outline AccidentalCISO on BrakeSecEd, talking Leadership, SaaS development, and Appsec show art AccidentalCISO on BrakeSecEd, talking Leadership, SaaS development, and Appsec

BrakeSec Education Podcast

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time based on new information, and do not represent views of past, present, or future employers.   Recorded: 28 Jan 2024 Youtube VOD: https://youtube.com/live/uX7odQTBkyQ Questions and topics: Let’s talk about Mindful Business Podcast What’s the topics you cover? Topic #1: discuss your experiences when you were a new leader.  What...

info_outline 1st show of 2024! Our 10th Anniversary... show art 1st show of 2024! Our 10th Anniversary...

BrakeSec Education Podcast

It's our 10th anniversary and the first show of our 2024 season! Amanda was on "7 minute security"   Check out the complete VOD at Explicit language warning    

info_outline Brakesec Call to Action 2023 show art Brakesec Call to Action 2023

BrakeSec Education Podcast

Youtube Video:      is the link to the survey. Your information (should you choose to identify yourself) will not be shared outside of the BrakeSec Team. Thank all of you for listening and for your input. RSS feed for the audio podcast is at   website:  

info_outline How to get more headcount, BLUFFs Vulnerability, and Ranty Clause debuts! show art How to get more headcount, BLUFFs Vulnerability, and Ranty Clause debuts!

BrakeSec Education Podcast

Show Topic Summary: Ms. Berlin proposes a question of how to gather more headcount with metrics, we discuss the BLUFFS bluetooth vulnerability, and “Ranty Claus” talks about CISA’s remarks of putting the onus on device product makers to remove choice for customers and implement secure defaults. #youtube VOD:   Questions and topics: Additional information / pertinent LInks (Would you like to know more?):   Examples of companies forcing changes    - eBPF implementation in Rust      Show points of Contact: Amanda...

info_outline 25Oct - okta breached (again), Energy company hit by supply chain attack, and you can help hire the best people show art 25Oct - okta breached (again), Energy company hit by supply chain attack, and you can help hire the best people

BrakeSec Education Podcast

Subscribe on Twitch using Amazon Prime and watch us live: https://twitch.tv/brakesec Check out our VODs on Youtube:   Join the BrakeSecEd discord:     News:  

info_outline Nicole Sundin - CPO at Axio - SEC compliance, usable security, setting up risk mgmt programs show art Nicole Sundin - CPO at Axio - SEC compliance, usable security, setting up risk mgmt programs

BrakeSec Education Podcast

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time, and do not represent views of past, present, or future employers.   Guest Bio: Nicole is the Chief Product Officer at Axio. Nicole has spent her career building awareness around the benefits of usable security and human-centered security as a way to increase company revenue and create a seamless user experience.  Youtube VOD Link:  Questions and...

info_outline
 
More Episodes

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time, and do not represent views of past, present, or future employers.

Buy here: https://subscription.packtpub.com/book/security/9781801076715

Amazon Link: https://packt.link/megan

Youtube VOD: https://www.youtube.com/watch?v=p1_jQa9OQ2w

 

Show Topic Summary:

Megan Roddie is currently working as a Senior Security Engineer at IBM. Along with her work at IBM, she works with the SANS Institute as a co-author of FOR509, presents regularly at security conferences, and serves as CFO of Mental Health Hackers. Megan has two Master's degrees, one in Digital Forensics and the other in Information Security Engineering, along with many industry certifications in a wide range of specialties. When Megan is not fighting cybercrime, she is an active competitor in Muay Thai/Kickboxing. She is a co-author of “Practical Threat Detection Engineering” from Packt publishing, on sale now in print and e-book. Buy here: https://subscription.packtpub.com/book/security/9781801076715

 

https://packt.link/megan ← Amazon redirect link that publisher uses if you want something easier on the notes

 

Questions and topics:

  1. Of the 3 models, which do you find you use more and why? (PoP, ATT&CK, kill chain)

  2. What kind of orgs have ‘detection engineering’ teams? What roles are involved here, and can other teams (like IR) be involved or share a reverse role there?

  3. Lab setup requires an agent… any agent for ingestion or something specific? 

  4. How does Fleet or data ingestion work for Iot/Embedded device testing? Anything you suggest?

  5. How important is it to normalize your log output for ingestion? (app, web, server all tell the story)

Additional information / pertinent LInks (Would you like to know more?):

  1. Unified Kill Chain: https://www.unifiedkillchain.com/

  2. ATT&CK: https://attack.mitre.org/ 

  3. D3FEND matrix BrakeSec show from 2021: https://brakeingsecurity.com/2021-023-d3fend-framework-dll-injection-types-more-solarwinds-infections 

  4. Pyramid of Pain: https://detect-respond.blogspot.com/2013/03/the-pyramid-of-pain.html

  5. https://www.securitymagazine.com/articles/98486-435-million-the-average-cost-of-a-data-breach 

  6. https://medium.com/@gary.j.katz (per Megan, ‘it’s basically Chapter 11 of the book’)




Show points of Contact:

Amanda Berlin: @infosystir @hackershealth 

Brian Boettcher: @boettcherpwned

Bryan Brake: @bryanbrake on Mastodon.social, Twitter, bluesky

Brakesec Website: https://www.brakeingsecurity.com

Twitter: @brakesec 

Youtube channel: https://youtube.com/c/BDSPodcast

Twitch Channel: https://twitch.tv/brakesec