Podcasts about bsides detroit

JW Goerlich -  “Wolfgang is a cyber security strategist and an active part of the Michigan security community. He co-founded the OWASP Detroit chapter and organizes the annual Converge and BSides Detroit conferences. Wolfgang has held roles such as the Vice President of Consulting, Security Officer, and Vice President of Technology Services. He regularly advises clients on topics ranging from risk management, incident response, business continuity, secure development life cycles, and more.”   https://jwgoerlich.com/   RSA talks and discussion Phishing tests -  https://www.securityweek.com/research-simulated-phishing-tests-make-organizations-less-secure https://hbr.org/2021/04/phishing-tests-are-necessary-but-they-dont-need-to-be-evil What are the goal of these tests?     That someone will click and activate (is that not a given?) What made them popular in the first place? Is this an example of management not taking security seriously, so we needed proof?   https://www.csoonline.com/article/3619610/best-practices-for-conducting-ethical-and-effective-phishing-tests.html FTA: “This will only undermine the efforts of cybersecurity teams as a whole, alienating the very people they aim to engage with, Barker adds. “People generally don't like to be tricked, and they don't usually trust the people who trick them. One counterargument I often hear is that criminals use emotive lures in a phish, so why shouldn't we? Well, criminals also cause physical damage to property, take systems offline, and disrupt services, but physical social engineers and pen-testers don't—for good reason. Simulations should not cause active harm.””   Is this part of a larger issue? Why do we treat these tests the way we do? Typical scenario?Mgmt does not believe or trust their internal people to tell them what is wrong, and takes a 3rd party source/product to tell them the same thing.     Are these stories Apocryphal? Or just my experience?

It's another podcast special! This one was at Converge and BSides Detroit. This one took a little bit to get going. When we did we got into a little bit of everything. Topics both in infosec and topics outside of infosec.

Ryan (@th3b00st), Kyle (@chaoticflaws), and Kate (@vajkat) help put on one of the best conferences. Last year was my first year at the conference. I was not disappointed. They had a workshop on application security; a room set aside to get resume feedback; Ham radio exams; and much more. They also had three days of wonderful talks with some really great speakers. At lunch there are multiple treks to go grab a coney dog. The call for papers is currently open. They're looking for speakers and to add more workshops this year. Tickets are also available now. Make sure to grab yours and I'll see you at Converge and BSides Detroit May 10-12.

Kyle (@chaoticflaws) is someone I've started to get to know this year. He's an organizer of Converge and BSides Detroit. He's also an organizer for MiSec. Talking with him I noticed a strong interest in memory forensics. This allowed us to geek out a bit on the topic considering I have experience with performing memory forensics as part of incident response. It was one of the more interesting things I've done in security.

Daniel (@notdanielebbutt) is a malware analyst at a fortune 500 company. I recently caught up with Daniel at Converge and BSides Detroit. We had a great conversation about malware analysis. Talking about the topic with him you can tell he is very passionate and excited about the subject. Which is why I decided to have him on the podcast for a little chat.

Daniel (@notdanielebbutt) is a malware analyst at a fortune 500 company. I recently caught up with Daniel at Converge and BSides Detroit. We had a great conversation about malware analysis. Talking about the topic with him you can tell he is very passionate and excited about the subject. Which is why I decided to have him on the podcast for a little chat.

Chris (@cmaddy) and I have submitted to a couple of calls for training at CircleCityCon and Converge and BSides Detroit this summer on the topic of building a home lab. I will also be speaking on this subject at ShowMeCon. Home labs are great for advancing a career or breaking into information security. The bar is really low on getting started with one. A gaming laptop with decent specifications works great. For those with a lack of hardware or funds there are plenty of online resources to take advantage of.

This podcast was recorded by the Hurricane Labs crew, and special guest Wolfgang Goerlich, at the 2015 Converge Conference. Topics of discussion (and witty banter) include: FBI anti-encryption rhetoric; the Hacking Team hack; Google's social responsibility; and more. Converge and BSides Detroit were fantastic - if you didn't get the chance to make it out this year, you can still view the video presentation recordings here: Converge 2015 Videos. Thanks to Wolf and all the sponsors, volunteers, speakers and everyone who made these conferences possible! Twitter and things... Wolfgang Goerlich - @jwgoerlichTom Kopchak - @TomKopchakNick Jacob - @MortiousPrimeCalvin Hedler - @001SPARTaN Kelsey Clark - @k1clarkHurricane Labs - @hurricanelabsConverge Detroit - @ConvergeDetroit 

In this episode... What about public safety, where do we draw the line on open research? Self-regulation? Disclosure? What are our options… What makes a researcher? We discuss “Chilling security research” A quick dive into bug bounty programs; do they help? Ethics vs. moral compass …we discuss Hacker movies, and what they’re doing for our profession Guests Keren Elezari ( @K3r3n3 ) - brings years of experience in the international cyber security industry to the stage. Since 2000, Keren has worked with leading Israeli security firms, government organizations, Global Big 4 and Fortune 500 companies. Keren holds a CISSP security certification, a BA in History and Philosophy of Science and is currently a senior research fellow with the prestigious Security & Technology workshop at Tel Aviv University. In 2012, Keren held the position of Security Teaching Fellow with Singularity University, a private think tank, founded by Dr. Ray Kurzweil and sponsored by Google & NASA amongst others. Since 2013, Keren covers emerging security technologies and trends as a security industry analyst with GIGAOM research, a leading independent media hub. In 2014, Keren became the first Israeli woman to be invited to speak at the prestigious international annual TED conference. Keren’s TED talk has been viewed by 1.2 million people, translated to more than 20 languages and selected for TED’s list of ‘Most Powerful Ideas in 2014’ and for Inc.com’s list of ‘Top TED Talks of 2014’. Kellman Meghu ( @kellman ) - heads up a team of Security Architects for CheckPoint Software Technologies Inc., the worldwide leader in securing the Internet. His background includes almost 20 years of experience deploying application protection and network-based security. Since 1996 Mr. Meghu has been involved with consultation on various network security strategies to protect ISP's in Southern Ontario as well as security audits and security infrastructure deployments for various Commercial and Governmental entities across Canada and the Central United States. Kellman has delivered security talks in private corporate focused events, at school internet safety classes for students and teachers, as well as public events such as, SecureWorld Seattle, The Check Point Experience, Bsides St. Johns, Bsides San Francisco, Bsides Iowa, Bsides Detroit, Secure360, Trilateral Conference, and Sector lunch keynote for 2014. Kellman has contributed to live TV interviews in the Toronto area with CP24, CityNews, and CHCH TV, as well as radio station interviews and news articles across Canada and the US. Mark Nunnikhoven ( @marknca ) - focuses on helping organizations as they move from the data centre to hybrid environments to working fully in the cloud. Bringing over 15 years of practical experience to the table, he is regularly sought after to speak on cloud computing, usable security systems, and modernizing security practices.

At 2014 SOURCE Boston, Josh Corman told me that Wolfgang Goerlich had an interesting DevOps story to tell. I sat down and spoke with Wolfgang and was astounded to hear a tale that could have come straight out of Gene Kim's book, The Phoenix Project. Listen in as Wolfgang describes the process of taking over a project that was mired in technical debt, falling behind in deliverables to stakeholders and in need of a new way of thinking. To me, this story is one of the strongest statements for DevOps that I've heard. About Wolfgang Goerlich As Vice President of Consulting Services at VioPoint, Wolfgang supports clients by advising, identifying, and assisting in managing information security risk as well as mentoring VioPoint’s consulting team. Wolfgang, known for his outstanding leadership in the technology and information security community, is the co-founder of OWASP Detroit and an organizer of the annual BSides Detroit conferences as well as an accomplished speaker at regional and national security events.

Synopsis I caught up with my friend Kellman Meghu at BSides Detroit as the conference was coming to a close and we finally got to sit down and have a fun conversation about chaos, and what sorts of things enterprises can realistically do to increase security today.  We both work for vendors so we talked about "shiny blinky boxes", when things fail, and the notion of resiliency.  Fun conversation ensues ... with a random sprinkling of security buzzwords. Kellman's famous quote is from this episode is "I can hand you this tool, and that doesn't suddenly make you any more secure than if you hand me a hammer I suddenly become a carpenter."  Wise words to live by folks, wise words indeed.  Spend a few minutes with Kellman and I, and see why he's one of my favorite people to interview. Guests Kellman Meghu - Kellman Meghu is Head of Security Engineering (Canada and Central US) for Check Point Software Technologies Inc., the worldwide leader in securing the Internet. His background includes over 15 years of experience deploying application protection and network-based security. Since 1996 Mr. Meghu has been involved with consultation on various network security strategies to protect ISP's in Southern Ontario as well as security audits and security infrastructure deployments for various Commercial and Governmental entities across Canada and the Central United States.  You can find him on Twitter and LinkedIn ... I highly recommend a conversation, he's a very smart guy. Links