Afleveringen
-
Josh has been deep in the emerging Linux CUPS threat, with four mysterious CVEs touted to drop in October, all of a sudden the researcher made proof of concept exploits public, forcing developers hands to release advisories on the fixes and security teams to create detection and prevention content before the threat actors exploit it. Is it that big a deal though? Then Robbie takes us through another interview masterclass from his SOC leader days.
Support the show
-
Kaspersky customers woke up this week to find that their anti-virus had been uninstalled and replaced with UltraAV. This caused panic that threat actors has uninstalled endpoint protection controls as part of an attack, and although this wasn't the case, it has raised a lot of questions around how security companies should operate.
Join Josh, Vaughan, AJ and Robbie to discuss the implications of the switcheroo and also take questions from the audience to support those on their cyber security journey.Support the show
-
Zijn er afleveringen die ontbreken?
-
Robbie has been working on creating insider threat detections for suspicious employees that may be taking competitive sensitive data from their employer just before some mass lay offs. The boys discuss the challenges of insider threat detection, using the example of the North Koreans who impersonated employees to get hired and steal trade secrets from western organisations. Finally, we discuss what you should do if you find an unlocked screen in your work place to teach that person a lesson they won't forget...
Support the show
-
Kyree GRC Joins us again! Lifting the lid further on governance risk and compliance, as Robbie and Josh get to know Kyree better, how he thinks and what fruit he would be...
Kyree shares the realities of what it takes to succeed in a GRC role, while the SOC analysts surprise themselves as they start to warm up to the risk analysts role - at least when it's done well by someone like Kyree.Support the show
-
Josh and Robbie are joined with a special guest, Kyree GRC, who tells us how some key mentors, numerous internships and personal tenacity helped him find his pathway into governance risk compliance.
Today Kyree is a risk analyst, who passes the favour on by mentoring people for GRC roles in his spare time. Listen in and find out the realities of working in GRC and how GRC can either clash, or better yet, compliment security operations.Support the show
-
We all face procrastination in some form, but in the high paced and high stakes world of cyber security, dealing with procrastination can be even more challenging. AJ, Rob and Vaughan share their experience of getting into cyber security and how they face, and deal with procrastination throughout their careers to the present day.
Support the show
-
Josh is joined by all four of the Empirical Trainers, combining their decades of experience in the field to discuss how the CrowdStrike outage has changed security buyers and customers, a fun update on AJ's wedding celebrations where AJ and Vaughan met for the first time IRL, before ending with some ransomware questions from our Skool community.
Support the show
-
Josh takes Robbie back to school, and a 2000 year old computer to explain the compute evolution from analogue to digital and the impending quantum revolution. We'll discuss the security implication of quantum computers, the 'steal now, crack later' issue, how NIST are progressing with post-quantum cryptography and a brief discussion on privacy vs convenience as the NFL look to roll out facial recognition technology.
Support the show
-
Josh has gone MIA, so AJ hosts Robbie and Vaughan to explore their experiences with imposter syndrome during their careers in cyber security.
Support the show
-
Josh, Robbie and AJ sit down with the community to discuss how the Crowdstrike BSOD update has affected their security teams and organisations, identifying lessons can learn and exploring the knock on effects while also discovering that this wasn't the first time Crowdstrike broke an OS with an update! They then turn to the Olympics and the heightened cyber security threat posed by geo-political events and financially motivated threat actors.
Join us and enjoy this relaxed security podcast.Support the show
-
Rob and Josh jump on for an emergency episode while the world tries to deal with, what has been dubbed; "The biggest IT outage of our time". Join us for an update on all the latest public information, as well as some security and developer perspectives to work out exactly what caused this outage? what lessons can we learn? and what might be yet to come as the story unfolds.
Support the show
-
This bonus episode is a little different, with less focus on security and more focus on getting to know the Empirical Team, Josh, AJ, Robbie and Vaughan. We share stories on how we kept each other sane during our tough first SOC roles, re-visit AJ's origin story as a bus driver, and Rob shares a secret talent.
Usually programming will resume next week!Support the show
-
Josh, Robbie, AJ and Vaughan are back to talk all things cyber security, again with the Empirical community as part of this live podcast. Join us to talk about the emerging CloudSorceror advanced persistent threat (APT), as well as diving into the principles behind tracking threat actors, open source intelligence and how this information can make you a better cyber security professional.
Support the show
-
Josh is out sick, so AJ and Vaughan take the reigns and discuss incident response tooling, answering questions about TheHive Project, an open source incident response tool and how real world organisation use tools like that. They quickly move onto automation, and how now is the perfect time to start your career in Cyber Security, before they automate some of the entry level tasks completely!... Don't worry, we're not there yet.
Support the show
-
The four Empirical Trainers and joined by the biggest and best Empirical member, the Community! For another live podcast discussion and Q+A.
This week we dive into the topics that have gotten our community talking most. First we explore the potential security implications of the OpenAI and Apple partnership, how the free-market succeeds and fails to regulate security and whether the uproar has been justified. We then look into the related topic of shadow engineering, the new shadow IT, which creates challenges for the most basic of security principles: you can't secure what you can't see.Support the show
-
Josh is joined by Robbie, Vaughan and AJ from Empirical Training with extra special guest, the Skool community! In this episode, we recorded live with our community to take their security questions, using our combined experience to give insights into what it is like working as a security analyst, big wins from our careers, our favourite analysis tools, which capture the flag do we like best for offensive security training? Find the answer to all these questions, and more, by listening in.
Support the show
-
All 4 former cyber security colleagues and now friends join for a community podcast, where we pick out the key news stories, discussions and knowledge that has been shared in our Skool community. We field live questions on SOC processes, dive into the morality of the threat actor and share experiences on incident response exercises we conducted with IT teams to make sure they were prepared for a real life incident, when they get breached.
Support the show
-
In our second ever live edition of the podcast, We have all four members of Empirical Training, Robbie - Security Consultant and former SOC leader, AJ - Incident Response Specialist, Vaughan - SOC Leader and Automation Specialist and your usual host, Josh - Security Product Strategist.
We bring the key discussions from within our Skool community to the podcast, discussing the latest flurries of breaches and connecting linked ones to an attack on AWS Snowflake instances, while sharing insights into the mind of security analysts and a live example of how we collaborate on the fly to rapidly develop hypothesis for hunting, containment and remediation plans. Join the discussion and feature on our next live pod by joining: https://www.skool.com/cybersecSupport the show
-
Josh is alone and on the road supporting security teams in south east Asia with incident response exercises. In our first solo episode, Josh dives into the Play ransomware group who recently overtook LockBit as the most prevent ransomware family reported in breaches. Find out more about their tactics, why they are called Play, and suspected links to other ransomware families.
Support the show
-
The Verizon Data Breaches and Incidents Report (DBIR) is our hosts favourite cyber security report. The 2024 edition compiles insights from over 10,000 real world breaches with insights that help security novices to experts. Josh talks Robbie, SOC consultant and leader, through the key findings to see how his lived experience matches up with the key findings in the data.
Support the show
- Laat meer zien