When we wanted to have Martin Fisher on, it was to discuss ‘Security Mandate vs. Security Influence’. We wanted to discuss why companies treat compliance as more important, and if it’s only because business requires it to be done. And if infosec is a red-headed stepchild because
Read more →Anti-virus products… they have been around for as long as many of us have been alive. The first anti-virus program, “The Reaper” was designed to get rid of the first virus ‘The Creeper’ by Ray Tomlinson in 1971. This week, we discuss the efficacy of anti-virus. Is
Read more →BrakeSec Podcast welcomes Bill Gardner this week! #Author, #InfoSec Convention Speaker, and fellow podcaster… We break a bit from our usual rigid methods, and have a good ol’ jam session with Bill this week. We talk about #vulnerability #management, #google #dorking, #career management, the troubles of putting
Read more →![[podcast] History of DNS, DNS reconnaissance in pentests, and protecting your DNS infrastructure](https://www.cybrary.it/wp-content/uploads/2016/03/avatar-570x172_c.jpg){kind=avatar}
DNS… we take it for granted… it’s just there. And we only know it’s broken when your boss can’t get to Facebook. This week, we discuss the Domain Naming System (DNS). We start with a bit of history, talking about the origins of DNS, some of
Read more →![[podcast] Software Restriction Policies and Applocker](https://www.cybrary.it/wp-content/uploads/2016/05/avatar-570x172_c.jpg){kind=avatar}
Windows has all the tools you need to secure an OS, but we rarely use them. One example of this is ‘Software restriction policies’ or the use of Windows Applocker. It assists IT organizations by allowing you to block certain files from being saved anywhere, what file
Read more →
Ben Johnson (@chicagoben on Twitter) has spent a good deal of time working on protecting client’s endpoints. From his work at the NSA, to being the co-founder of Carbon Black (@carbonblack_inc). Ben is co-founder and chief security strategist for Carbon Black. In that role, he uses
Read more →
When it comes to IT certifications most would agree that the “Big-3” essentials are CompTIA A+, CompTIA Network+, and CompTIA Security+. From there, a few specialized certs along the lines of Cisco CCNA, Linux and Microsoft certifications as well as a few other vendor and technology-specific certifications,
Read more →http://traffic.libsyn.com/brakeingsecurity/2016-041-Ben_johnson.mp3 Ben Johnson from Carbon Black has been around the industry for a good while, and has seen a lot of ugly things in our industry. Ben had written a recent blog post (https://www.carbonblack.com/2016/08/12/benvlog-3-negative-forces-driving-security/) detailing the issues that seem to plague many companies and many
Read more →This week, Mr. Boettcher found himself with an interesting conundrum concerning what happened when he converted a Windows DOCX file to a PDF using a popular #PDF converter software. We discuss what happened, how Software Restriction Policy in Windows kept him safe from a potential malware
Read more →
TL;DR: IT certifications are absolutely necessary for many positions in the cybersecurity industry. This section further explores some of the most valuable IT certifications for cybersecurity professionals. The certifications detailed below can be found and expanded on via their official online channels. Not all IT certifications can
Read more →
