Podcast appearances and mentions of justin berman

Any donation is greatly appreciated! 47e6GvjL4in5Zy5vVHMb9PQtGXQAcFvWSCQn2fuwDYZoZRk3oFjefr51WBNDGG9EjF1YDavg7pwGDFSAVWC5K42CBcLLv5U OR DONATE HERE: https://www.monerotalk.live/donate TODAY'S SHOW: In this episode Douglas Tuman interviews Justin Berman, a full-time Monero developer. Justin discusses his work on full-chain membership proofs++, which he's been developing for over six months. He explains that this upgrade, along with Carrot (being developed by Jeff Row), represents significant improvements to Monero's privacy and security features. Justin expresses optimism about implementing these changes before the end of 2025, with code potentially ready for testing within 1-2 months. The conversation also covers the current state of cryptocurrency, including Trump's involvement with meme coins, quantum resistance in cryptocurrencies, and various technical improvements being made to Monero. Justin details how wallet sync times could improve by 60-70% with upcoming changes, and discusses the growing developer community, particularly around the Cuprate project (a Rust implementation of Monero). TIMESTAMPS: (00:01:03) Discussion on Trump Coin and the Cryptocurrency Ecosystem (00:15:58) Justin Berman's Role and Current Work in Monero (00:22:13) When Will FMCP++ Be Ready? (01:15:09) Developer Community Growth and Cuprate Initiative (01:20:46) Persistent Development Challenges and Future Events LINKS: https://x.com/justinberman95 Purchase Cafe & tip the farmers w/ XMR! https://gratuitas.org/ Purchase a plug & play Monero node at https://moneronodo.com SPONSORS: Cakewallet.com, the first open-source Monero wallet for iOS. You can even exchange between XMR, BTC, LTC & more in the app! Monero.com by Cake Wallet - ONLY Monero wallet (https://monero.com/) StealthEX, an instant exchange. Go to (https://stealthex.io) to instantly exchange between Monero and 450 plus assets, w/o having to create an account or register & with no limits. WEBSITE: https://www.monerotopia.com CONTACT: monerotalk@protonmail.com ODYSEE: https://odysee.com/@MoneroTalk:8 TWITTER: https://twitter.com/monerotalk FACEBOOK: https://www.facebook.com/MoneroTalk HOST: https://twitter.com/douglastuman INSTAGRAM: https://www.instagram.com/monerotalk TELEGRAM: https://t.me/monerotopia MATRIX: https://matrix.to/#/%23monerotopia%3Amonero.social MASTODON: @Monerotalk@mastodon.social MONERO.TOWN: https://monero.town/u/monerotalk

Any donation is greatly appreciated! 47e6GvjL4in5Zy5vVHMb9PQtGXQAcFvWSCQn2fuwDYZoZRk3oFjefr51WBNDGG9EjF1YDavg7pwGDFSAVWC5K42CBcLLv5U OR DONATE HERE: https://www.monerotalk.live/donate TODAY'S SHOW: In this episode of MoneroTalk, Douglas Tuman speaks with Luke Parker (@kayabaNerve) about critical developments in Monero. Luke discusses the status of full-chain membership proofs, explaining that his development work is complete and submitted, while integration work continues under Justin Berman. Luke details how the new protocol will provide improved privacy features, including forward secrecy and better hardware wallet support. He also addresses his recent 'stepping back' announcement, clarifying that while he's reducing some commitments, he continues work on critical projects like Serai DEX. A significant portion of the discussion focuses on Monero's need for quantum resistance, with Luke emphasizing the urgency of developing post-quantum protocols within the next few years. The interview concludes with updates on the Serai project, including its ongoing audit process and development status. TIMESTAMPS: (00:04:06) Full-Chain Membership Proofs++ Development Status (00:07:39) Technical Implementation and Benefits (00:41:28) Quantum Resistance Discussion (01:45:40) Serai Project Update (02:02:00) Luke's Role in Monero Development LINKS: https://x.com/kayabanerve Purchase Cafe & tip the farmers w/ XMR! https://gratuitas.org/ Purchase a plug & play Monero node at https://moneronodo.com SPONSORS: Cakewallet.com, the first open-source Monero wallet for iOS. You can even exchange between XMR, BTC, LTC & more in the app! Monero.com by Cake Wallet - ONLY Monero wallet (https://monero.com/) StealthEX, an instant exchange. Go to (https://stealthex.io) to instantly exchange between Monero and 450 plus assets, w/o having to create an account or register & with no limits. WEBSITE: https://www.monerotopia.com CONTACT: monerotalk@protonmail.com ODYSEE: https://odysee.com/@MoneroTalk:8 TWITTER: https://twitter.com/monerotalk FACEBOOK: https://www.facebook.com/MoneroTalk HOST: https://twitter.com/douglastuman INSTAGRAM: https://www.instagram.com/monerotalk TELEGRAM: https://t.me/monerotopia MATRIX: https://matrix.to/#/%23monerotopia%3Amonero.social MASTODON: @Monerotalk@mastodon.social MONERO.TOWN: https://monero.town/u/monerotalk

Justin Berman shows that change is constant. After leaving Goldman Sachs in 2010 and growing his business from $1B to $5B in 10 years, he sought greater impact. He merged with Cresset Asset Management, boosting revenue from $17M to $27M in just 3 years.

TODAY'S

TODAY'S

Originally recorded in September of 2021...today's guest is Justin Berman, the Vice President of Infrastructure and IT and the CISO at Thirty Madison. Thirty Madison is aiming to be a platform that everyone can use to deal with their chronic healthcare needs. Justin's main focus is on building out the teams that enable scaling. With his development background, Justin has some unique ideas when it comes to cloud security, which makes for a fascinating interview. You'll walk away from this episode with a new perspective on how to build security into products from the start and a better understanding of how to transition smoothly from on-prem to the cloud.Tweetables“I see security as an engineering problem. What I mean by that is not that there aren't things that you solve with process, or with policy, or training, but rather that in as many places as possible if you want to have a scaled effect within security, you need to write code to solve a problem.” — @justinmberman [0:06:03]Justin Berman on LinkedInPhoenix ProjectSimon SinekComprehensive, full-stack cloud security Secure infrastructure, apps and data across hybrid and multi-cloud environments with Prisma Cloud.

Justin Berman, CISO of Thirty Madison, and Michael Coates, CEO and Co-Founder of Altitude Networks, discuss the unique challenges CISO's face, as well as the security demands of taking a startup from Zero to One.

Link to Blog Post This week’s Cyber Security Headlines - Week in Review, April 5-9, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Justin Berman, former CISO, Dropbox Thanks to our episode sponsor, Sotero All this week we have been excited to welcome our new sponsor – Sotero. We have told you about their encryption solutions that keep data encrypted while the data is in use and in motion. This is the breakthrough that many of us have been waiting for. Well, Sotero has just uploaded to our site a technical whitepaper that takes a deep dive into this new encryption technology. You can find it on our homepage, about halfway down. You can also learn more about this new encryption technology at Soterosoft dot com. All links and the video of this episode can be found on CISO Series.com

All links and images for this episode can be found on CISO Series https://cisoseries.com/defense-in-depth-how-do-you-know-if-youre-good-at-security/ What metrics or indicators signal to you that an organization is “good at security”? Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, guest co-host Geoff Belknap (@geoffbelknap), CISO, LinkedIn, and our guest Justin Berman (@justinmberman), former CISO, Dropbox. Thanks to our podcast sponsor, Imperva Face it, your data is everywhere! Imperva Data Security unifies compliance, security and privacy needs for any data store while saving you time and money. No matter where data lives, get confidence about what is happening with data, where it’s stored and who’s accessing it. Start a free trial now. In this episode How do go about measuring risk Assessing the ratio of critical/high severity issues to issues closed The difference between a reactive or proactive threat management policy  

All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-bug-bounties/) What is the successful formula for a bug bounty program? Should it be run internally, by a third party, or should you open it up to the public? Or, maybe a mixture of everything? Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and guest Justin Berman (@justinmberman), head of security, Dropbox. Thanks to this week's podcast sponsor, Cmd. Cmd provides a lightweight platform for hardening production Linux. Small and large companies alike use Cmd to address auditing gaps, implement controls that keep DevOps safe, and trigger alerts on hard-to-find threats. With out-of-the-box policies that make setup easy, Cmd is leading the way in native protection of critical systems. On this episode of Defense in Depth, you’ll learn: Like red teaming, you need outside eyes looking at your environment and vulnerabilities. There was much debate between internal, private, and public bug bounty programs. But it was agreed that if you do them, that you do them in that order. There was another concern regarding the cost of a bug bounty program. Whether you do them or not, you're still going to pay for coding errors and vulnerabilities one way or another. It's either upfront or later. Those new to bug bounty programs are not aware of the additional costs of management and engaging with the researchers and white hat hackers. That is a critical part of the bug bounty program. Before you begin, set up a system to manage the flow of problems reported. If not, you and your staff could very quickly be overwhelmed. Having a consistent and clear way you handle the findings is often more important than the findings. Have you allocated budget to remediate the findings? Are you going to need to make cases as each weakness is found? Keep in mind that companies don't go into bug bounty programs for the same reason. Some go into it for reasons of publicity or forming relationships with researchers. Communications between your engineers and the bug bounty researchers is critical. If your team is non-responsive, the bug bounty program could backfire. Most people are wary of public bug bounty programs because of the low signal-to-noise ratio. As there is a rush for attention and money, the whole effort may implode.

Justin Berman left Goldman Sachs 10 years ago to build his own independent firm, at a time when such a move was much less common. How did he find the courage to leave the Goldman imprimatur, brave the firm's 60-day Garden Leave, and build the now $3B Berman Capital Advisors? He explains all this and more with Mindy Diamond in this podcast episode.

Justin Berman left Goldman Sachs 10 years ago to build his own independent firm, at a time when such a move was much less common. How did he find the courage to leave the Goldman imprimatur, brave the firm's 60-day Garden Leave, and build the now $3B Berman Capital Advisors? He explains all this and more with Mindy Diamond in this podcast episode.

This is a special episode of Defense in Depth being shared on this feed. Find the full post with links and images on the CISO Series site here (https://cisoseries.com/defense-in-depth-vulnerability-management/) So many breaches happen through ports of known vulnerabilities. What is the organizational vulnerability in vulnerability management? Check out this post and discussion and this one for the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX), CISO at Mitel. Our guest is Justin Berman (@justinmberman), CISO for Zenefits. Vulcan’s vulnerability response automation platform allows enterprises to automate their TVM programs. Vulcan integrates to existing IT DevOps and security tools to fuse enterprise data with propriety intelligence which allows to accurately and subjectively priorities and remediate vulnerabilities - either using a patch workaround or compensating control. On this episode of Defense in Depth, you'll learn: As the CIS 20 concurs, vulnerability management is the first security measure you should take right after asset inventory. Vulnerability management needs to be everyone's issue and managed by all departments. Lots of discussion around vulnerability management being driven by culture which is a very hard concept to define. To get a "vulnerability management culture" look to a combination of awareness and risk management. Vulnerabilities don't get patched and managed without someone taking on ownership. Without that, people are just talking and not doing. Increased visibility across the life cycle of a vulnerability will allow all departments to see the associated risk. Who are the risk owners? Once you can answer that questions you'll be able to assign accountability and responsibility.

This is a special episode of Defense in Depth being shared on this feed. Find the full post with links and images on the CISO Series site here (https://cisoseries.com/defense-in-depth-vulnerability-management/) So many breaches happen through ports of known vulnerabilities. What is the organizational vulnerability in vulnerability management? Check out this post and discussion and this one for the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX), CISO at Mitel. Our guest is Justin Berman (@justinmberman), CISO for Zenefits. Vulcan’s vulnerability response automation platform allows enterprises to automate their TVM programs. Vulcan integrates to existing IT DevOps and security tools to fuse enterprise data with propriety intelligence which allows to accurately and subjectively priorities and remediate vulnerabilities - either using a patch workaround or compensating control. On this episode of Defense in Depth, you'll learn: As the CIS 20 concurs, vulnerability management is the first security measure you should take right after asset inventory. Vulnerability management needs to be everyone's issue and managed by all departments. Lots of discussion around vulnerability management being driven by culture which is a very hard concept to define. To get a "vulnerability management culture" look to a combination of awareness and risk management. Vulnerabilities don't get patched and managed without someone taking on ownership. Without that, people are just talking and not doing. Increased visibility across the life cycle of a vulnerability will allow all departments to see the associated risk. Who are the risk owners? Once you can answer that questions you'll be able to assign accountability and responsibility.

In such a hyper-competitive market for security talent, the natural inclination would be to try everything you can to keep your best employees. Unfortunately, even when you do everything right, your best employees just get up and leave. Can you and should you fight it? Or should you go out of your way to make the exit as smooth as possible for your staff? What's the benefit to you when they do leave? On this episode of the CISO/Security Vendor Relationship Podcast, we discuss: 10-second security tip: Vanity metrics aren't going to create a more secure environment. Pitching the latest crisis: We've talked endlessly about how CISOs don't respond well to fear pitches. Similarly, salespeople need to understand that CISOs are aware of last week's Facebook hack. Don't bring the news they already know. Provide some insight. Selling the latest APT: If it's a new threat, it's sexy. It may make for great news, but focusing on it doesn't necessarily make for good security. Shouldn't you be starting with the boring basics? Can security basics ever be sexy? We play "What's Worse?!" Listen up security vendors. You're going to want to pay attention to this one. What do you think of this pitch? This week's pitch comes from a CISO. It's not his pitch to us, but a pitch he received. It kind of misses the mark. We explain why. Retaining security talent: We discuss the InfoSec manager's role in retaining security talent. How do you form a relationship that all exits or near exits go as smoothly as possible? This show, like all the previous ones are hosted by me, David Spark (@dspark), founder, Spark Media Solutions and Mike Johnson, CISO, Lyft. Our guest this week is Justin Berman (@justinmberman), CISO of Zenefits. Special thanks to our sponsor, SentinelOne, for supporting this episode and the podcast. Learn more about their autonomous endpoint protection.

Key Points From This Episode:Justin’s studies, consulting work and path to his current role at Zenefits.Calculating risk return for defense and attack and how Justin approaches this.Why better general security at other companies benefits everyone.Justin’s approach to defending against advanced persistent threats.Why security needs to talk more about the less sexy sides of their work.The hottest new strategies and technologies according to Justin.The role and appropriate time for automation within a security protocol.Zenefits' ambition for their security and how far this extends.The role of CISOs in the conversation about security within a company.Cultural change at companies and how this leads to sustainable security.The difficulty in hiring currently within the security sector.And much more!Links Mentioned in Today’s Episode:Justin Berman Website — http://www.justinbermanphotography.com/Justin Berman on Linkedin — https://www.linkedin.com/in/jmbermanJustin Berman on Twitter — https://twitter.com/justinmberman?lang=enZenefits — https://www.zenefits.com/FS ISAC — https://www.fsisac.com/Phantom — https://www.phantom.us/Equifax — https://techcrunch.com/tag/equifax-hack/