Episode 180 - Interview with Patrick Heim

This evening, Martin sat down with Patrick Heim from Dropbox. Enjoy the interview, and the gang will be back next episode.…

Episode 179 - "Marketing Nazis"

The 2016 DBIR OSVDB Thoughts on the DBIR Analyzing the 2016 Verizon Data Breach Investigations Report » Digital Shadows The DBIR’s ‘Forest’ of Exploit Signatures – Trail of Bits Blog Response to Kenna Security’s Explanation of the DBIR Vulnerability Mess | OSVDB Find us on Twitter: @SFSPodcast @armorguy @jsokoly @andywillingham @SteveD3…

Episode 178 - Peak Vuln Logo

This evening, Martin, Steve, and Joseph talk about overhyped vulnerabilities, and how that affects communication with the business. Badlock’s Site Sadlock Hyping vulnerabilities is no longer helping application security awareness | TechCrunch Find us on Twitter: @SFSPodcast @armorguy @jsokoly @andywillingham @SteveD3 @jetsetyvette And if you have any feedback, questions, or…

Episode 177 - Telling Tales

Tonight, Martin and Joseph sit down and talk about communicating cautionary tales without turning them into FUD. US-CERT advisory on ransomware Find us on Twitter: @SFSPodcast @armorguy @jsokoly @andywillingham @SteveD3 @jetsetyvette And if you have any feedback, questions, or comments, drop us a comment or find us at @SFSPodcast on…

Episode 176 - Money Changes Everything

InfoSec programs without money are like cereal but no milk, peanut butter but no jelly, Milli but no Vanilli… (Get over it, I’m old - Martin) Martin is doing a talk on “The ABCs of Getting Your InfoSec Program Funded” and we’re going to discuss how this works…

Episode 175 - RSAC Wrapup and More...

Episode 175 - RSAC Wrapup and More... Congrats to Risky Business for winning this year’s podcast of the year! RSA: Let’s get an update from our reporter on the scene: Mr. Steve Ragan. Fear and loathing at RSA: Hacking, security and the limits of protection | TechCrunch Hack the…

Episode 174 - Doing Threat Intelligence Smartly

We’ve been nominated for the 2016 Security Blogger Awards! Topic: Threat Intel Norse Corp disappears shortly after CEO is asked to step down Digital Shadows announces 14 million series B fund raising PDF WARNING - Threat Intelligence Maturity Model (tl;dr - Intel programs are hard and take years…

Episode 173 - Vendor Relationships

We’ve been nominated for the 2016 Security Blogger Awards! Topic: Vendor Relationships Trend Micro AV gave any website command-line access to Windows PCs Google security researcher excoriates TrendMicro for critical AV defects Trustwave lawsuit Norse story Demos: Pro Tip: Kicking off your demo with "I hope you'll understand these…

Episode 172 - Security Awareness Deep Dive

Topic: Security Awareness Some people think it's a waste of time: Why you shouldn’t train employees for security awareness Schneier on Security Awareness Training Does security awareness training even work? But, that said, it's a requirement for government agencies and regulated industries: HHS Security Awareness and Training Requirements Privacy…

Episode 171 - 2015 in Review

Tonight, Martin, Joseph, Steve, and Andy got together and went over how their 2015 predictions went, and laid out what their predictions were for 2016. The gang is on break from now until the new year, happy holidays!…