POPULARITY
Our guest today is Matthew Toussain, a recognized leader in offensive security, penetration testing, and cybersecurity training. Mr. Toussain is the founder of Open Security, a firm dedicated to real-world adversarial testing, red teaming, and advanced security education. As a former U.S. Air Force cyber warfare leader, he has spent over a decade at the cutting edge of cybersecurity, specializing in network exploitation, adversarial tactics, and threat analysis. He is also the creator of Sirius, a tactical cybersecurity vulnerability scanner. Mr. Toussain's work is widely respected in the industry for its technical depth and practical applicability, bridging the gap between security theory and real-world execution. Listen as Mr. Toussain discusses Sirius, pen testing, red teaming, and gives insights into the evolution of cyber threats and emerging trends. How have cyber threats evolved over time? How does Sirius contribute to future cybersecurity practices? Learn all this and more in this episode of In the Interest of National Security.
What if the hackers are actually the heroes?In this mind-blowing episode, host David Mauro sits down with Matt Toussain, elite military cyber warrior, DEF CON speaker, and Founder of Open Security, to reveal how offensive security and real-world hacking tactics are helping businesses reduce risk, fight cybercrime, and stay ten steps ahead of threats.
Ron Eddings and Neal Humphrey, Vice President of Market Strategy at Deepwatch, discuss the changes in Security Operations infrastructure, and how these changes in structure, data, and automation are going to impact operations in the near future. Their discussion will revolve around more than just SIEM, alerts, and responses; it will go into market changes, vendor movement, and how the future of SOC is demanding a shift in mindset and strategy beyond "Let a machine handle it..." Impactful Moments: 00:00 - Welcome 01:05 - Introducing guest, Neal Humphrey 03:09 - Looking Back at SecOps 06:11 - Modern SOC Wall 11:49 - Hyperautomation; the Future of SOAR? 15:02 - Hyperautomation & Normalization 17:29 - From our Sponsor, Deepwatch 19:18 - OSDA & Deepwatch 25:32 - Hyperautomaiton or OSDA 1st 30:25 - Can I Show The Value of A Tool? 34:30 - Who is OSDA White Paper for? 36:43 - One Step Better… Links: Connect with our guest, Neal Humphrey: https://www.linkedin.com/in/neal-humphrey-b909773/ Check out the White paper by Deepwatch: https://www.deepwatch.com/the-security-operations-center-cannot-hold/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord
W tym odcinku rozmawiamy o głośnych ostatnio incydentach bezpieczeństwa w firmach technologicznych. Staramy się wyciągnąć z nich wnioski, dzięki którym można uchronić się przed prostymi błędami. Zapraszamy też do udziału w Poznań Security Meetup: https://www.meetup.com/pl-PL/poznan-security-meetup/ Czytaj bloga: https://OpenSecurity.pl Jesteś początkujący w branży cybersecurity? Zapisz się na listę: https://OpenSecurity.pl/ementoring Social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL
Let's hack cybersecurity in 2024 with Melanie Rieback, Co-founder & CEO of Radically Open Security, the world's first not-for-profit cybersecurity consultancy with a focus on PenTesting
W tym odcinku omawiamy dwie specjalizacje w branży cybersecurity, z którymi warto wiązać swój rozwój oraz odpowiadające im certyfikaty - Certified Thread Intelligence Analyst oraz ISA IC32E. Materiały, o których wspominamy w odcinku: Artykuł o wyciekach haseł parlamentarzystów: https://opensecurity.pl/hasla-poslow-i-senatorow-prawie-80-wyciekow/ Czym są indykatory w threat intelligence i obsłudze incydentów: https://opensecurity.pl/obsluga-incydentu-bezpieczenstwa-jak-przebiega-sledztwo-oraz-ioc/ Konferencja Perspektywy Women In Tech Summit: https://womenintechsummit.pl/ Certyfikaty: https://www.eccouncil.org/train-certify/certified-threat-intelligence-analyst-ctia/ https://www.isa.org/products/using-the-isa-iec-62443-standard-to-secure-your-co ======================================================= Czytaj bloga: https://OpenSecurity.pl ======================================================= Wersja wideo w YouTube: https://www.youtube.com/c/OpenSecurityPL ======================================================= Jesteś początkujący w branży cybersecurity? Zapisz się na listę: https://OpenSecurity.pl/ementoring ======================================================= Social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL =======================================================
W tym odcinku omawiamy skuteczność i zastosowania dostępnych obecnie na rynku narzędzi bazujących na sztucznej inteligencji. Zastanawiamy się też nad zagrożeniami, które wynikają z ich powszechnej dostępności. ======================================================= Czytaj bloga: https://OpenSecurity.pl ======================================================= Jesteś początkujący w branży cybersecurity? Zapisz się na listę: https://OpenSecurity.pl/ementoring ======================================================= Social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL =======================================================
W tym odcinku podsumowujemy rok w branży cybersec i snujemy przewidywania na przyszłość. ======================================================= Czytaj bloga: https://OpenSecurity.pl ======================================================= Jesteś początkujący w branży cybersecurity? Zapisz się na listę: https://OpenSecurity.pl/ementoring ======================================================= Social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL =======================================================
Federal Tech Podcast: Listen and learn how successful companies get federal contracts
If you were to do a “thought cloud” of technology, you would see the usual suspects, companies like Microsoft, AWS, and Google. Nobody would include Elastic Search in this discussion, yet it is seen all over the place, perhaps the best kept secret in federal technology. Because it is capable of being modified in so many ways, it is difficult to categorize it. Elastic is a flexible tool that allows a federal agency to gain visibility on a wide range of fronts. As a result, we see many federal projects where Elastic is in the background acting as the “glue” to get information from disparate sources. Elastic is based on open-source code. During the interview, Christopher Towsend from Elastic defines the difference between Open Source and Open Security, referencing Elastic Search Technology. Let's toss around some cybersecurity concepts that may produce data for a federal agency. You may have systems that handle Security Information Event Management (SIEM), Security Orchestration Automation Response (SOAR), Extended Security Response (XDR), and even the lowly Endpoint Security (still seeking a snappy acronym). Because this is such a complex topic, Elastic has put together a free report titled, “Elastic 2022 Global Threat Report: A Roadmap for Navigating Today's Growing Threatscape”
Certyfikaty w branży IT / Security - co dają, czym się różnią, czy warto je zdawać i czy dzięki nim dostaniesz pracę. O tym rozmawiamy w kolejnym odcinku Emacsem przez Sendmail. ======================================================= Czytaj bloga: https://OpenSecurity.pl ======================================================= Jesteś początkujący w branży cybersecurity? Zapisz się na listę: https://OpenSecurity.pl/ementoring ======================================================= Social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL =======================================================
W tym odcinku poruszamy zagadnienia związane z audytorami oraz audytami bezpieczeństwa i testami penetracyjnymi. ======================================================= Czytaj bloga: https://OpenSecurity.pl ======================================================= Jesteś początkujący w branży cybersecurity? Zapisz się na listę: https://OpenSecurity.pl/ementoring ======================================================= Social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL =======================================================
W tym odcinku rozmawiamy o sytuacji branży IT/security w kontekście braku kadr. Wspominamy też o niedawnej poważnej luce w urządzeniach F5. ======================================================= Czytaj bloga: https://OpenSecurity.pl ======================================================= Jesteś początkujący w branży cybersecurity? Zapisz się na listę: https://OpenSecurity.pl/ementoring ======================================================= Social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL =======================================================
W tym odcinku rozmawiamy o narzędziach codziennego użytku, takich jak komputer, telefon czy przeglądarka. Odpowiadamy też na często zadawane pytanie na temat antywirusa. Jakie rozwiązania wybrać aby czuć się bezpiecznie? Odpowiedź znajdziecie w podcaście. ======================================================= Czytaj bloga: https://OpenSecurity.pl ======================================================= Jesteś początkujący w branży cybersecurity? Zapisz się na listę: https://OpenSecurity.pl/ementoring ======================================================= Social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL =======================================================
Czytaj bloga: https://OpenSecurity.pl Jesteś początkujący w branży cybersecurity? Zapisz się na listę: https://OpenSecurity.pl/ementoring Social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL
O co chodzi z żarówką? - wyjaśnienie tutaj: https://www.youtube.com/watch?v=foUV2JoWS4A Zapisz się na newsletter: https://opensecurity.pl/newsletter/ Czytaj bloga: https://OpenSecurity.pl Social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL
Linki omawiane w materiale: https://opensecurity.pl/waf-czyli-web-application-firewall-na-przykladzie-modsecurity/ https://www.sans.org/cyber-security-training-events/cyber-threat-intelligence-summit-2022-live-online/?msc=summit-home https://www.bleepingcomputer.com/news/security/cisa-alerts-federal-agencies-of-ancient-bugs-still-being-exploited/ https://www.poc.org.pl/metryki ======================================================= Czytaj naszego bloga: https://OpenSecurity.pl ======================================================= Jesteś początkujący w branży cybersecurity? Zapisz się na listę: https://OpenSecurity.pl/ementoring ======================================================= Social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL =======================================================
Linki omawiane w materiale: https://2021.kringlecon.com/ https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592 https://www.techsolvency.com/story-so-far/cve-2021-44228-log4j-log4shell/ ======================================================= Czytaj naszego bloga: https://OpenSecurity.pl ======================================================= Jesteś początkujący w branży cybersecurity? Zapisz się na listę: https://OpenSecurity.pl/ementoring ======================================================= Social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL =======================================================
Linki do materiałów omawianych w odcinku: https://opensecurity.pl/opnsense-i-pfsense-czyli-darmowe-firewalle-open-source/ https://www.isc2.org/-/media/ISC2/Research/2021/ISC2-Cybersecurity-Workforce-Study-2021.ashx https://services.google.com/fh/files/misc/gcat_threathorizons_full_nov2021.pdf Czytaj bloga: https://OpenSecurity.pl
Materiały omawiane w odcinku: https://attack.mitre.org/ https://www.cybsecurity.org/pl/modelowanie-zagrozen-z-wykorzystaniem-mitre-attck-framework-w-praktyce/ https://www.poc.org.pl/ ================== Czytaj bloga: https://OpenSecurity.pl ================== Jesteś początkujący w branży cybersecurity? Zapisz się na listę: https://OpenSecurity.pl/ementoring ================== Social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL ==================
W tym odcinku dzielimy się rozważaniami na temat zagrożeń ze strony tzw. insiderów. --- Czytaj bloga: https://OpenSecurity.pl Początkujący w branży cybersec? Zapisz się na listę: https://OpenSecurity.pl/ementoring Nasze social media: https://www.facebook.com/opensecpl/ https://twitter.com/OpensecurityP https://www.youtube.com/c/OpenSecurityPL
The open-source world is a wonderful democracy and meritocracy of innovation, software elements, and applications. Its creativity is incorporated into countless (if not all) major applications across the tech arena. But with it comes complexities. And in this podcast, we get to speak to Brian Fox, the CTO & Co-founder of Sonatype, about those complexities. In particular, the worrying world of security. Sonatype runs the central repository of Maven, where the world gets its open-source Java. A kind of Center of the open-source universe. Or at least one of them. Sonatype also focuses on developing a smarter, faster, and more secure software development for the open-source world and its clients. Key takeaways from the podcast are: • The new attack vectors that hackers are using to get their grubby hands on your systems and data • Visual analogies for software development and the software supply chain and how they create clarity on the mistakes that are being made in the tech industry • The impact that the SolarWinds attack is having on the regulation and practices for the software development industry (especially for critical systems) Our Guest: Brian Fox LinkedIn: https://www.linkedin.com/in/brianefox/ Website: https://www.sonatype.com/ Twitter: https://twitter.com/sonatype Intro and background music: Craig MacArthur - Power Shutoff (https://www.youtube.com/watch?v=x74iB_jtauw)
W tym odcinku rozmawiamy o wpadkach (również swoich :) ), które są nieodzownym elementem budowania doświadczenia. Poszukujemy też sposobów na ich unikanie. Więcej o bezpieczeństwie na naszym blogu: https://OpenSecurity.pl
W tym odcinku rozmawiamy o społecznościach i wydarzeniach, które warto śledzić aby rozwijać swoją wiedzę z zakresu cyberbezpieczeństwa. Linki do materiałów, o których wspominamy w rozmowie: https://www.meetup.com/pl-PL/ - platforma do wyszukiwania meetup'ów https://www.youtube.com/watch?v=6avJHaC3C2U - The Art of Code https://www.youtube.com/watch?v=zprSxCMlECA - demo na stacji dyskietek https://www.poc.org.pl/ - Polska Obywatelska Cyberobrona https://issa.org.pl/ - Stowarzyszenie ISSA Polska https://www.hackthebox.eu/ - platforma Hack The Box https://OpenSecurity.pl/ementoring - email mentoring cybersecurity
The OSCAL/Agile ATO Project Team has been working to increase the speed of the Authority to Operate (ATO) for Cloud while keeping pace with security requirements in the Government. This project team explores OSCAL (Open Security Controls Assessment Language) as a way to capture FedRAMP artifacts in machine-readable format to increase automation and the creation of a Zero Trust test environment to capture data for security testing and the creation of artifacts. This panel will give an overview of their pilot project, as well as answer live audience Q&A.
Simon Besteman interviewt oprichtster en directeur van Radically Open Security (ROS), Melanie Rieback. ROS is een responsible enterprise, en heeft een open en transparante aanpak van security. Wat dat inhoudt ontdek je in deze podcast.
[LISTEN] Gangs open security companies as a front to get firearms. by Radio Islam
Michael Pleasant is a founding member and Chief Executive Officer of Open Security. He believes cybersecurity expertise should be accessible to businesses and cybersecurity experts should provide understandable, practical, and pragmatic solutions to their customers. Michael's technical expertise and leadership were both honed during his service in the United States Marine Corps, where he led intelligence operations during two tours of OPERATION ENDURING FREEDOM. He serves on the boards of the Corporate eSports Association, Alpha13 a veteran entrepreneurship investment firm, and volunteers his time teaching entrepreneurship to transitioning servicemembers through his local SBA office.
Melanie Rieback, founder of Radically Open Security, breaks down why cyber security is limited in practice and the factors that can influence it's limitations.
Big Blue (IBM) has not been shy about their belief in SSI, and now they’re making serious moves toward commercialization. The primary driver behind this effort is Dan Gisolfi, IBM’s CTO of Decentralized Identity and Open Security, who shares where IBM stands on all things SSI, past, present, and future. Be sure to listen to the very end, when Dan and Timothy describe a now-possible future where a police officer can complete a traffic stop, and even issue a citation, without ever leaving his car. [powerpress]
Interview With Melanie Rieback (Radically Open Security) by The Things Industries
Björn Kimminich is the project leader for OWASP JuiceShop. This is his second visit to the podcast, and we discuss new features in JuiceShop, including XSS in jingle promo video, marketing campaign coupon hacking, GDPR related features and challenges, working 2FA with TOTP, and the DLP failure challenges. Then we get into the cool new [...] The post Björn Kimminich — The new JuiceShop, GSOC, and Open Security Summit appeared first on Security Journey Podcasts.
Three years ago there was an idea floating around OWASP... a core community was looking for a way to have an isolated week, where security project working groups could get together, with no distractions, and work on projects they felt were important. From this idea, the Open Security Summit was founded. Now in it's third year, the summit takes place in an isolated forest located between London and Manchester. The format for the gathering is to present an environment, with no distractions, where the community of 150 security professionals can meet to update each other on their progress in the past year and to choose working groups to outline and work on future projects. This is not a podium lecture series conference. It is a 5-day high-energy experience, during which attendees get the chance to work and collaborate intensively. Each working session is geared towards a specific Application Security challenge and will be focused on actionable outcomes. In this episode, I speak with Seba (Sayba) Deleersnyder, Denis Cruz, Jemma Davis and Francois Raynaud, core organizers of the event, talking about why they started the event, what has changed over the years and what you can expect as an attendee at the Open Security Summit. https://opensecuritysummit.org/
This week, we welcome Michael Pleasant, Chief Executive Officer and Founder at Open Security for an interview! They discuss transferring from Marine training to a business environment, and his company Open Security! In the Article Discussion, Special Guest Co-Host Jason Alburquerque joins me in studio to discuss Six ways you can establish which goals are important, How to diversify your professional network, the impact of perception and bias on leadership, and more on this episode of Business Security Weekly! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode107 Visit https://www.securityweekly.com/bsw for all the latest episodes! Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter! Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Michael Pleasant is the Chief Executive Officer at Open Security. Michael talks about how his transferring from Marine training to a business environment, brought a different perspective/technique to the business. He also talks about his company Open Source and their mission for the client. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode107
Michael Pleasant is the Chief Executive Officer at Open Security. Michael talks about how his transferring from Marine training to a business environment, brought a different perspective/technique to the business. He also talks about his company Open Source and their mission for the client. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode107
This week, we welcome Michael Pleasant, Chief Executive Officer and Founder at Open Security for an interview! They discuss transferring from Marine training to a business environment, and his company Open Security! In the Article Discussion, Special Guest Co-Host Jason Alburquerque joins me in studio to discuss Six ways you can establish which goals are important, How to diversify your professional network, the impact of perception and bias on leadership, and more on this episode of Business Security Weekly!! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode107 Visit https://www.securityweekly.com/bsw for all the latest episodes! Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter! Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Veiligheid op internet wordt een steeds groter issue. Organisaties en bedrijven kunnen computer beveiligingsbedrijven inschakelen om hun zwaktes bloot te leggen. Het idealistische Radical Open Security is zo’n bedrijf. CEO Melanie Rieback vertelt over open werken, open source en de illusie van veiligheid.
This week, Dave and Gunnar talk about: Twitter security, Chrome security, SpiderOak security, SnapChat security, Open Security, OpenShift security, and calendar security. Subscribe via RSS or iTunes. A prototype. Twitter improves 2 factor authentication Android Device Manager web page going live for some users Google Chrome lets you – or anyone using your computer – see the plaintext web passwords stored by your browser (by design) “Three people can keep a secret if two of them are dead,” Benjamin Franklin LavaBit and Silent Circle shut down. Gunnar came back from Mil-OSS LANT Open Security from the folks that brought you mil-oss Red Hat Government Symposium registration now open! Hellekson’s Law is now under review Gunnar considers signing up for Reputation.com and ponders their sponsorship eligibility OpenShift Enterprise on top of a trust between IPA/IdM and Windows Active Directory TaskPaper vs. Remember the Milk Hackpad with Dropbox integration DropDAV: DAV for Dropbox, paging Adam Clater Unrelated but still useful: Fix Dropbox Connection Issues With NetworkManager and Wifi The new dgshow.org website? Fork us! Creative People Say No Cutting Room Floor 3D printable objects modeled on expired 19th century patents We Give Thanks Adam Clater for getting us to think about storage liberation
Jake joins our hosts Martin McKeay and Chris John Riley to discuss his amusingly titled presentation, "The Mayans were right! A new age of data breaches," and shares some background on his non-profit organization , the Open Security Foundation. Jake is the co-founder, CEO and CFO of the Open Security Foundation (OSF), a non-profit organization that oversees the operations of the Open Source Vulnerability Database (OSVDB.org) and Cloutage.org DataLossDB. Jake has presented at many well-known security conferences and can now add FIRST to his list. Join the interview in progress! Jake presents on Thursday, 20 June @ 14:25.