Podcasts about opsecedu

Today we're joined by John Gates, a Lead IT Security Operations Analyst for a global food brand. John has always liked to know how do things work - and that has proven to be a beneficial trait - from his first job as a car mechanic to IT consultancy and education to his current role. He's also an advisor and former board member at OpsecEdu, an organization educating technologists in state, local, and education agencies on security best practices.  LINKS Linkedin: https://www.linkedin.com/in/johngates/ OpsecEdu: https://www.opsecedu.com/ Intro Music: https://trash80.com/#/content/133/weeklybeats-2012-week5   Full Show Notes: https://www.gettingintoinfosec.com/john-gates-from-car-mechanic-to-lead-security-analyst/ See omnystudio.com/listener for privacy information.

April Mardock - CISO - Seattle Public Schools Jared Folkins - IT Engineer - Bend La Pine Schools Nathan McNulty - Information Security Architect - Beaverton School District   OpSecEdu - https://www.opsecedu.com/ Slack   https://www.a4l.org/default.aspx    https://clever.com/    BEC - https://www.trendmicro.com/vinfo/us/security/definition/business-email-compromise-(bec)    https://www.k12cybersecurityconference.org/    https://acpenw.sched.com/  Bypassing security controls - https://www.goguardian.com/blog/technology/how-students-bypass-school-web-filters-and-how-to-stop-them/    https://community.spiceworks.com/topic/2077711-chromebook-google-docs-bypassing-filters  https://www.mobicip.com/blog/here%E2%80%99s-how-kids-bypass-apple%E2%80%99s-parental-control-tools    https://www.phantomts.com/2020/01/11/kids-can-bypass-communication-limit-feature-on-ios-13-3/    https://www.ocregister.com/2009/02/17/students-accused-of-changing-grades-using-teachers-password/    Security persons at education institutions of varying sizes.   https://www.darkreading.com/threat-intelligence/ransomware-crisis-in-us-schools-more-than-1000-hit-so-far-in-2019/d/d-id/1336634 https://www.forbes.com/sites/leemathews/2019/09/25/yet-another-u-s-school-district-has-been-ravaged-by-malware/    https://www.zdnet.com/article/texas-school-district-falls-for-scam-email-hands-over-2-3-million/ Why are schools soft targets? Is money/budget the reason schools get the raw deal here? Why is ransomware such an appealing attack?   How complex is the school environment?     Mobile, tablets, hostile users, hostile external forces   Adding technology too quickly? Outpacing the infrastructure in schools? Just ideas for some questions. - Jared   Do you find vendors are very responsive in the education space when receiving a vulnerability report? https://www.edweek.org/ew/articles/2019/09/10/parent-who-criticized-his-sons-math-program.html When students, who you are trying to educate, when they are found doing something inappropriate, how do Districts handle it? https://ktvz.com/news/2017/11/08/mtn-view-hs-bomb-threat-traced-to-eugene-14-year-old/ What challenges do Security people in education face when partnering with their user base? Unlike a corporate setting, many educators and students need to install different software throughout the year, how is that handled? How did April, Nathan, and Jared meet? Is the technology stack in your various school systems changed much in the last 10 years? Have you moved to cloud based, or do you still have an IT shack at the school systems with physical machines?    Localadmins are not granted… (excellent!)   Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #Pandora: https://pandora.app.link/p9AvwdTpT3 #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

April Mardock - CISO - Seattle Public Schools Jared Folkins - IT Engineer - Bend La Pine Schools Nathan McNulty - Information Security Architect - Beaverton School District   OpSecEdu - https://www.opsecedu.com/ Slack   https://www.a4l.org/default.aspx    https://clever.com/    BEC - https://www.trendmicro.com/vinfo/us/security/definition/business-email-compromise-(bec)    https://www.k12cybersecurityconference.org/    https://acpenw.sched.com/  Bypassing security controls - https://www.goguardian.com/blog/technology/how-students-bypass-school-web-filters-and-how-to-stop-them/    https://community.spiceworks.com/topic/2077711-chromebook-google-docs-bypassing-filters  https://www.mobicip.com/blog/here%E2%80%99s-how-kids-bypass-apple%E2%80%99s-parental-control-tools    https://www.phantomts.com/2020/01/11/kids-can-bypass-communication-limit-feature-on-ios-13-3/    https://www.ocregister.com/2009/02/17/students-accused-of-changing-grades-using-teachers-password/    Security persons at education institutions of varying sizes.   https://www.darkreading.com/threat-intelligence/ransomware-crisis-in-us-schools-more-than-1000-hit-so-far-in-2019/d/d-id/1336634 https://www.forbes.com/sites/leemathews/2019/09/25/yet-another-u-s-school-district-has-been-ravaged-by-malware/    https://www.zdnet.com/article/texas-school-district-falls-for-scam-email-hands-over-2-3-million/ Why are schools soft targets? Is money/budget the reason schools get the raw deal here? Why is ransomware such an appealing attack?   How complex is the school environment?    Mobile, tablets, hostile users, hostile external forces   Adding technology too quickly? Outpacing the infrastructure in schools? Just ideas for some questions. - Jared   Do you find vendors are very responsive in the education space when receiving a vulnerability report?https://www.edweek.org/ew/articles/2019/09/10/parent-who-criticized-his-sons-math-program.html When students, who you are trying to educate, when they are found doing something inappropriate, how do Districts handle it?https://ktvz.com/news/2017/11/08/mtn-view-hs-bomb-threat-traced-to-eugene-14-year-old/ What challenges do Security people in education face when partnering with their user base?Unlike a corporate setting, many educators and students need to install different software throughout the year, how is that handled?How did April, Nathan, and Jared meet? Is the technology stack in your various school systems changed much in the last 10 years? Have you moved to cloud based, or do you still have an IT shack at the school systems with physical machines?    Localadmins are not granted… (excellent!)   Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #Pandora: https://pandora.app.link/p9AvwdTpT3 #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

This week we are joined by Jared Folkins (@JF0LKINS) as he introduces us to his open source honeypot sensor system, Kushtaka, that helps you detect cyber attackers before they become entrenched. Jared will be joined by Nathan McNulty (@nathanmcnulty), to give his firsthand account of using Kushtaka in production. This week we also introduce a new segment where we'll be highlighting a non-profit charity or upcoming conference each episode. This week we'll be talking with wirefall, founder of @Dallas_Hackers and board member @BSidesDFW. About Jared: After surviving the dot-com crash of the late 90s, Jared Folkins went on to have a long career in systems and programming. In 2013 he turned a hobby into a career and has never looked back. Known for having technical chops and a high emotional IQ, he enjoys working with those who prioritize goals and people, while placing egos last. He currently Red Teams for ThreatHound.com, Blue Teams for Bend La Pine Schools, and breaks down software while building up people at OpsecEdu.com. If you want his help or you just need a new InfoSec friend, contact him at JaredFolkins.com. Connect with Jared: LinkedIn - https://www.linkedin.com/in/jared-folkins-b18783179/ Twitter - @JF0LKINS --- Send in a voice message: https://anchor.fm/cyberspeakslive/message

Jared Folkins understands people, technology, and the world around him. He can smell a toxic environment from a mile away and has used that EIQ spider sense for good. Jared shares with us some VERY personal stories (tear jerker warning!) in integrity and life decisions as well a bunch of on the job war stories including a famous one featured in the news! This is probably my most dramatic episode yet. Notes: At 18 got promoted to manage a team of 50, because he wasn't lazy. In hindsight was able to see indicators of the dot com crash, but didn't realize that. Had a fork in the road where he had a major decision to make. Jared shares with us a VERY personal story and the life lesson from that which he applies in his professional life. Having low tolerance for toxic relationships, Jared has been able sense toxicity and it's been a driving force for good for him. Quotes: "I believe in the power of admitting when you're wrong." "I carry my guilt between my shoulder blades." "When I make that mistake; When you have a team that you can trust or a team that honors you, you have the freedom to say stuff like that." "You can only control you." "Constraints can be healthy." "Stepping outside of your comfort zone... super healthy too." "If someone tells me this person... is not a good person, I'll actually go meet that person. I want to asses it for myself." "You get rejected, don't get super emotional... just work with what you have and move on." Links: Jared's Blog: https://www.acloudtree.com Jared's Twitter: https://twitter.com/jf0lkins Jared's GitHub: https://github.com/jaredfolkins Opsec Edu: https://www.opsecedu.com KayPro Computer: http://oldcomputers.net/kayproii.html Donkey Kong Clone: https://ostermiller.org/ladder/ Grand Mal Seizure: https://www.mayoclinic.org/diseases-conditions/grand-mal-seizure/symptoms-causes/syc-20363458 Project Dir Fu: https://www.dir-fu.com/ TorHound: https://github.com/jaredfolkins/torhound Getting Into Infosec: Twitter: https://twitter.com/coffeewithayman YouTube: https://www.youtube.com/channel/UCg6gV_gdfc188HZdN8LUx4A Book: https://www.amazon.com/Breaking-Step-Step-Starting-Information-ebook/dp/B07N15GTPC/