Shows
The Seiso Side-Up PodcastEpisode 7 - Ethics in CybersecurityIn this episode, GRC Engineer Justin Fearon and CEO Joe Wynn discuss the importance of ethics and integrity in cybersecurity. Join us on the Seiso Side Up Podcast as Justin and Joe deep-dive into the intent behind the book The Code of Honor - Embracing Ethics in Cybersecurity, written by Paul J Maurer and Ed Skoudis. You can purchase your copy of the book here: https://www.amazon.com/Code-Honor-Embracing-Ethics-Cybersecurity/dp/1394275862
Look for more information on this topic, as presented by Simon Simek, in this video: https://youtu.be/zP9jpxitfb4?si=9Cvr0ZYTlFepaln3
2024-11-2024 min
Paul's Security Weekly (Video)Holiday Hack Challenge - PSW #851We kicked things off by talking about the Holiday Hack Challenge, which is like this massive cyber playground that Sans puts out every year for everyone from fifth graders to government spooks. Ed Skoudis broke down how they're changing things this time, with an early release and a phased approach that'll give you more time to play and learn. But the real mind-bender was when Ed spilled the beans on how they build this whole thing using one giant Google sheet - I mean, we're talking hundreds of tabs, color-coded cells, and JSON to create entire virtual worlds. Then...2024-11-141h 44
Security Weekly Podcast Network (Audio)No CVE and No Accountability - Ed Skoudis - PSW #851Alright, so we dove deep into some pretty wild stuff this week. We started off talking about zip files inside zip files. This is a variation of old-school zip file tricks, and the latest method described here is still causing headaches for antivirus software. Then we geeked out about infrared signals and the Flipper Zero, which brought back memories of the TV-B-Gone. But the real kicker was our discussion on end-of-life software and the whole CVE numbering authority mess. Avanti's refusal to issue a CVE for their end-of-life product sparked a heated debate about cybersecurity accountability and conflicts of...2024-11-142h 43
Paul's Security Weekly (Audio)No CVE and No Accountability - Ed Skoudis - PSW #851Alright, so we dove deep into some pretty wild stuff this week. We started off talking about zip files inside zip files. This is a variation of old-school zip file tricks, and the latest method described here is still causing headaches for antivirus software. Then we geeked out about infrared signals and the Flipper Zero, which brought back memories of the TV-B-Gone. But the real kicker was our discussion on end-of-life software and the whole CVE numbering authority mess. Avanti's refusal to issue a CVE for their end-of-life product sparked a heated debate about cybersecurity accountability and conflicts of...2024-11-142h 43
Cybersecurity Where You Are (video)Episode 108: Gaming and Competition in CybersecurityIn episode 108 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Ed Skoudis, CEO of Counter Hack Challenges and President of SANS Technology Institute. Together, they discuss the evolution of gaming and competition in cybersecurity and how these activities help to make the industry stronger.Here are some highlights from our episode:02:04. What goes into creating a game environment that attracts all kinds of skill levels04:43. A multi-disciplinary approach to creating a game environment16:14. How gaming and competition help to spot people with talent and potential23:32. The challenges of keeping pace with...2024-11-0640 minCybersecurity Where You Are (audio)Episode 108: Gaming and Competition in CybersecurityIn episode 108 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Ed Skoudis, CEO of Counter Hack Challenges and President of SANS Technology Institute. Together, they discuss the evolution of gaming and competition in cybersecurity and how these activities help to make the industry stronger.Here are some highlights from our episode:02:04. What goes into creating a game environment that attracts all kinds of skill levels04:43. A multi-disciplinary approach to creating a game environment16:14. How gaming and competition help to spot people with talent and potential23:32. The challenges of keeping pace with...2024-11-0640 min
Paul's Security Weekly (Video)The Code of Honor: Embracing Ethics in Cybersecurity - Ed Skoudis - PSW #846"Code of Honor: Embracing Ethics in Cybersecurity" by Ed Skoudis is a book that explores the ethical challenges faced by cybersecurity professionals in today's digital landscape. The book delves into the complex moral dilemmas that arise in the field of cybersecurity, offering guidance on how to navigate these issues while maintaining integrity. The authors provide practical advice and real-world examples to help readers develop a strong ethical framework for decision-making in their cybersecurity careers. Segment Resources: Code of Honor: https://www.montreat.edu/cybersecurity-code/ Purchase Ed's book here: https://a.co/d/gb3yRxU Show...2024-10-1054 min
Paul's Security Weekly (Audio)The Code of Honor: Embracing Ethics in Cybersecurity - Ed Skoudis - PSW #846"Code of Honor: Embracing Ethics in Cybersecurity" by Ed Skoudis is a book that explores the ethical challenges faced by cybersecurity professionals in today's digital landscape. The book delves into the complex moral dilemmas that arise in the field of cybersecurity, offering guidance on how to navigate these issues while maintaining integrity. The authors provide practical advice and real-world examples to help readers develop a strong ethical framework for decision-making in their cybersecurity careers. Segment Resources: Code of Honor: https://www.montreat.edu/cybersecurity-code/ Purchase Ed's book here: https://a.co/d/gb3yRxU Get...2024-10-102h 14
Security Weekly Podcast Network (Audio)The Code of Honor: Embracing Ethics in Cybersecurity - Ed Skoudis - PSW #846"Code of Honor: Embracing Ethics in Cybersecurity" by Ed Skoudis is a book that explores the ethical challenges faced by cybersecurity professionals in today's digital landscape. The book delves into the complex moral dilemmas that arise in the field of cybersecurity, offering guidance on how to navigate these issues while maintaining integrity. The authors provide practical advice and real-world examples to help readers develop a strong ethical framework for decision-making in their cybersecurity careers. Segment Resources: Code of Honor: https://www.montreat.edu/cybersecurity-code/ Purchase Ed's book here: https://a.co/d/gb3yRxU Get...2024-10-102h 14
Enterprise Security Weekly (Video)SaaS Security Beyond Just Misconfiguration & Expert Insights on Cybersecurity Ethics - Ed Skoudis, Maor Bin - ESW #374In this interview, Maor Bin, CEO and Co-Founder of Adaptive Shield, discusses the evolving landscape of SaaS Security. He highlights the challenges posed by the security gap resulting from the rapid adoption of SaaS applications and why SaaS security is beyond just misconfiguration management. Segment Resources: https://www.adaptive-shield.com/landing-page/the-annual-saas-security-survey-report-2025-ciso-plans-and-priorities/ This segment is sponsored by Adaptive Shield. Visit https://securityweekly.com/adaptiveshieldbh to download the Annual SaaS Security Survey Report! Cybersecurity professionals are often confronted with ethical dilemmas that need to be carefully navigated. In 25 years of teaching incident handling...2024-08-3132 min
Enterprise Security Weekly (Audio)What asset management (ITAM) looks like outside cybersecurity - Danny Jenkins, Ed Skoudis, Jeremy Boerger, Maor Bin - ESW #374The top priority on the CIS Critical Security Controls list has never changed: inventory and control of enterprise assets. Yet it remains one of the most challenging controls to implement, much less master. The refrain, "you can't secure what you don't know about" is as old as information security itself. Complicating this task is the fact that improving asset management isn't an aspiration unique to the security team. IT, finance, facilities, and other groups within large enterprises are concerned with this as well. This often leads to challenges: should all these groups attempt to standardize on one...2024-08-301h 44
Security Weekly Podcast Network (Audio)What asset management (ITAM) looks like outside cybersecurity - Danny Jenkins, Ed Skoudis, Jeremy Boerger, Maor Bin - ESW #374The top priority on the CIS Critical Security Controls list has never changed: inventory and control of enterprise assets. Yet it remains one of the most challenging controls to implement, much less master. The refrain, "you can't secure what you don't know about" is as old as information security itself. Complicating this task is the fact that improving asset management isn't an aspiration unique to the security team. IT, finance, facilities, and other groups within large enterprises are concerned with this as well. This often leads to challenges: should all these groups attempt to standardize on one...2024-08-301h 44
SANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, August 16th, 2024Wireshark 4.4.0 rc 1 Custom Columnshttps://isc.sans.edu/diary/Wireshark%204.4.0rc1%27s%20Custom%20Columns/31174 Github Repo Artifact Leak Tokenshttps://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/ BitLocker Security Feature Bypass Vulnerabilityhttps://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38058 Solarwindws Hotfixhttps://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1 Ed Skoudis, Paul Maurer: The Code of Honorhttps://cybercodeofhonor.com/2024-08-1617 minSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, August 16th, 2024Wireshark 4.4.0 rc 1 Custom Columnshttps://isc.sans.edu/diary/Wireshark%204.4.0rc1%27s%20Custom%20Columns/31174 Github Repo Artifact Leak Tokenshttps://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/ BitLocker Security Feature Bypass Vulnerabilityhttps://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38058 Solarwindws Hotfixhttps://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1 Ed Skoudis, Paul Maurer: The Code of Honorhttps://cybercodeofhonor.com/2024-08-1617 min
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Friday, August 16th, 2024Wireshark 4.4.0 rc 1 Custom Columns
https://isc.sans.edu/diary/Wireshark%204.4.0rc1%27s%20Custom%20Columns/31174
Github Repo Artifact Leak Tokens
https://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/
BitLocker Security Feature Bypass Vulnerability
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38058
Solarwindws Hotfix
https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1
Ed Skoudis, Paul Maurer: The Code of Honor
https://cybercodeofhonor.com/2024-08-1617 min
SANS Internet Storm Center's Daily Network Security News PodcastNetwork Security News Summary for Friday August 16th, 2024Wireshark 4.4rc1; Github Aritfact Token Leaks; Bitlocker Fix Issues; Solarwinds Hotfix; Ed Skoudis: The Code of Honor @sans_edu Wireshark 4.4.0 rc 1 Custom Columns https://isc.sans.edu/diary/Wireshark%204.4.0rc1%27s%20Custom%20Columns/31174 Github Repo Artifact Leak Tokens https://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/ BitLocker Security Feature Bypass Vulnerability https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38058 Solarwindws Hotfix https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1 Ed Skoudis, Paul Maurer: The Code of Honor https://cybercodeofhonor.com/ keywords: honor; code; ethids; skoudis; sans.edu;2024-08-1517 min
Fuel Your Mind With The Most Binge-Worthy Full Audiobook Today!The Code of Honor by Paul J. Maurer, Ed SkoudisPlease visithttps://thebookvoice.com/podcasts/2/audible/18484to listen full audiobooks.
Title: The Code of Honor
Author: Paul J. Maurer, Ed Skoudis
Narrator: Rick Adamson
Format: mp3
Length: 5 hrs and 42 mins
Release date: 08-13-24
Ratings: 5 out of 5 stars, 2 ratings
Genres: Security & Encryption
Publisher's Summary:
The Code of Honor: Embracing Ethics in Cybersecurity delivers a first of its kind comprehensive discussion of the ethical challenges that face contemporary information security workers, managers, and executives. Authors Ed Skoudis, president of the SANS Technology Institute College and founder of the Counter Hack team, and Dr. Paul Maurer, president of Montreat College, explain how...2024-08-135h 42
Enjoy The Full Audiobook Everyone Is Talking About — So Edge-Of-Your-Seat!The Code of Honor: Embracing Ethics in Cybersecurity by Paul J. Maurer, Ed SkoudisPlease visithttps://thebookvoice.com/podcasts/1/audiobook/804358to listen full audiobooks.
Title: The Code of Honor: Embracing Ethics in Cybersecurity
Author: Paul J. Maurer, Ed Skoudis
Narrator: Rick Adamson
Format: Unabridged Audiobook
Length: 5 hours 42 minutes
Release date: August 13, 2024
Genres: Business & Career Development
Publisher's Summary:
While some professions—including medicine, law, and engineering—have wholeheartedly embraced wide-ranging codes of ethics and conduct, the field of cybersecurity continues to lack an overarching ethical standard. This vacuum constitutes a significant threat to the safety of consumers and businesses around the world, slows commerce, and delays innovation. The Code of Honor: Embracing Ethics in Cybersecurity deli...2024-08-135h 42Power-Up With The Next-Level Full Audiobook Now, Thriller Fans!The Code of Honor by Paul J. Maurer, Ed SkoudisPlease visithttps://thebookvoice.com/podcasts/2/audible/18484to listen full audiobooks.
Title: The Code of Honor
Author: Paul J. Maurer, Ed Skoudis
Narrator: Rick Adamson
Format: mp3
Length: 5 hrs and 42 mins
Release date: 08-13-24
Ratings: 5 out of 5 stars, 2 ratings
Genres: Security & Encryption
Publisher's Summary:
The Code of Honor: Embracing Ethics in Cybersecurity delivers a first of its kind comprehensive discussion of the ethical challenges that face contemporary information security workers, managers, and executives. Authors Ed Skoudis, president of the SANS Technology Institute College and founder of the Counter Hack team, and Dr. Paul Maurer, president of Montreat College, explain how...2024-08-135h 42
Discover the Best Audio Stories in Non-Fiction, Computers & TechnologyThe Code of Honor: Embracing Ethics in Cybersecurity by Ed Skoudis, Paul J. MaurerPlease visit https://thebookvoice.com/podcasts/1/audiobook/804358 to listen full audiobooks. Title: The Code of Honor: Embracing Ethics in Cybersecurity Author: Ed Skoudis, Paul J. Maurer Narrator: Rick Adamson Format: Unabridged Audiobook Length: 5 hours 42 minutes Release date: August 13, 2024 Genres: Computers & Technology Publisher's Summary: While some professions—including medicine, law, and engineering—have wholeheartedly embraced wide-ranging codes of ethics and conduct, the field of cybersecurity continues to lack an overarching ethical standard. This vacuum constitutes a significant threat to the safety of consumers and businesses around the world, slows commerce, and delays innovation. The Code of Honor: Embracing Ethics in Cybersecurity deli...2024-08-1330 minDownload Latest Full Audiobooks in Business & Economics, Business & Career DevelopmentThe Code of Honor: Embracing Ethics in Cybersecurity by Paul J. Maurer, Ed SkoudisPlease visithttps://thebookvoice.com/podcasts/1/audiobook/804358to listen full audiobooks.
Title: The Code of Honor: Embracing Ethics in Cybersecurity
Author: Paul J. Maurer, Ed Skoudis
Narrator: Rick Adamson
Format: Unabridged Audiobook
Length: 5 hours 42 minutes
Release date: August 13, 2024
Genres: Business & Career Development
Publisher's Summary:
While some professions—including medicine, law, and engineering—have wholeheartedly embraced wide-ranging codes of ethics and conduct, the field of cybersecurity continues to lack an overarching ethical standard. This vacuum constitutes a significant threat to the safety of consumers and businesses around the world, slows commerce, and delays innovation. The Code of Honor: Embracing Ethics in Cybersecurity deli...2024-08-135h 42
8th Layer InsightsWhat About Ethics?On this episode, Perry gets to sit down with Ed Skoudis to discuss the simplicity and complexities of cybersecurity ethics. Ed's new book is The Code of Honor: Embracing Ethics in Cybersecurity. Guest:Ed Skoudis (LinkedIn) (Twitter) (Website)Books and References:
The Code of Honor: Embracing Ethics in Cybersecurity, by Paul J. Maurer and Ed Skoudis
The Mysterious Case of Rudolf Diesel: Genius, Power, and Deception on the Eve of World War I, by Douglas Brunt
The Cybersecurity Code (downloadable): https://www.montreat.edu/cybersecurity-code/
The Code of Honor book page
...2024-07-3055 min
Redefining CyberSecurityThe Five Most Dangerous New Attack Techniques You Need to Know About | An RSA Conference 2024 Conversation With Ed Skoudis, Heather Mahalik Barnhart, and Johannes Ullrich | On Location Coverage with Sean Martin and Marco CiappelliGuests: Ed Skoudis, President at SANS Technology Institute [@SANS_EDU]On LinkedIn | https://www.linkedin.com/in/edskoudis/At RSAC | https://www.rsaconference.com/experts/ed-skoudisHeather Mahalik Barnhart, Faculty Fellow & DFIR Curriculum Lead at SANS, Sr Dir of Community Engagement at Cellebrite [@Cellebrite]On LinkedIn | https://www.linkedin.com/in/heather-mahalik-cellebrite/On Twitter | https://twitter.com/HeatherMahalikAt RSAC | https://www.rsaconference.com/experts/heather-mahalikJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.c...2024-05-0229 min
ITSPmagazine PodcastsThe Five Most Dangerous New Attack Techniques You Need to Know About | An RSA Conference 2024 Conversation With Ed Skoudis, Heather Mahalik Barnhart, and Johannes Ullrich | On Location Coverage with Sean Martin and Marco CiappelliGuests: Ed Skoudis, President at SANS Technology Institute [@SANS_EDU]On LinkedIn | https://www.linkedin.com/in/edskoudis/At RSAC | https://www.rsaconference.com/experts/ed-skoudisHeather Mahalik Barnhart, Faculty Fellow & DFIR Curriculum Lead at SANS, Sr Dir of Community Engagement at Cellebrite [@Cellebrite]On LinkedIn | https://www.linkedin.com/in/heather-mahalik-cellebrite/On Twitter | https://twitter.com/HeatherMahalikAt RSAC | https://www.rsaconference.com/experts/heather-mahalikJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.c...2024-05-0229 min
On Location With Sean Martin And Marco CiappelliThe Five Most Dangerous New Attack Techniques You Need to Know About | An RSA Conference 2024 Conversation With Ed Skoudis, Heather Mahalik Barnhart, and Johannes Ullrich | On Location Coverage with Sean Martin and Marco CiappelliGuests: Ed Skoudis, President at SANS Technology Institute [@SANS_EDU]On LinkedIn | https://www.linkedin.com/in/edskoudis/At RSAC | https://www.rsaconference.com/experts/ed-skoudisHeather Mahalik Barnhart, Faculty Fellow & DFIR Curriculum Lead at SANS, Sr Dir of Community Engagement at Cellebrite [@Cellebrite]On LinkedIn | https://www.linkedin.com/in/heather-mahalik-cellebrite/On Twitter | https://twitter.com/HeatherMahalikAt RSAC | https://www.rsaconference.com/experts/heather-mahalikJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.c...2024-05-0229 min
Wait Just an InfoSecLet's Settle This in the Cyber RangeEd Skoudis, SANS.edu President and creator of many a cyber range, will take the reins as host to welcome a bevy of cyber range aficionados, for an episode packed with tips, tricks, and behind-the-scenes looks at all thing’s SANS cyber ranges. Hear from range designers about what makes for a good challenge and how SANS ranges are fundamentally different from others. Then, get a look from our event operations team at how cyber ranges come together, and find out about special events like the SANS Tournament of Champions and Services Cup. Finally, hear direct from the...2023-10-2548 minWait Just an InfoSecInside SANS Holiday Hack Challenge 2023Ed Skoudis, President of SANS.edu, joins us as host for another episode of Wait Just an Infosec, this time focusing on the infamous SANS Holiday Hack Challenge – SANS’s annual gift to the cybersecurity community. Ed is joined by special guests to share about the history of this free festive cyber challenge, showcase how this year’s challenge is coming together, and offer insight from past winners that could put you ahead of the competition to succeed in the 2023 Holiday Hack Challenge.Wait Just an Infosec is produced by the SANS Institute. You can watch the ful...2023-08-3048 minCybersecurity Where You Are (video)Episode 59: Probing the Modern Role of the PentestIn episode 59 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by Ed Skoudis, founder of the SANS Penetration Testing Curriculum and Counter Hack. Together, they discuss the value of penetration testing – all while CIS as an organization is undergoing a pentest! They begin by considering the historical perspective of pentests. (In Tony's words, "the foundational perspective for testing back then was to create drama.") They then reflect on how penetration tests excel when they prioritize education using a process of feedback. During the course of the conversation, Sean and Ed draw upon their years of...2023-07-0755 minCybersecurity Where You Are (audio)Episode 59: Probing the Modern Role of the PentestIn episode 59 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by Ed Skoudis, founder of the SANS Penetration Testing Curriculum and Counter Hack. Together, they discuss the value of penetration testing – all while CIS as an organization is undergoing a pentest! They begin by considering the historical perspective of pentests. (In Tony's words, "the foundational perspective for testing back then was to create drama.") They then reflect on how penetration tests excel when they prioritize education using a process of feedback. During the course of the conversation, Sean and Ed draw upon their years of...2023-07-0755 minWait Just an InfoSecWhat the heck is going on in Cybersecurity Higher Ed?This episode of Wait Just an Infosec focuses on going behind the firewall and inside higher education for cybersecurity, examining the trends that are shaping how we learn and grow in this fast-paced field.Who better to lead this exploration than Ed Skoudis, President of SANS Technology Institute (SANS.edu), where cybersecurity is all we teach — and nobody does it better.Ed is joined by several special guests who will offer their unique perspectives on a variety of trends impacting cybersecurity higher education as well as the value of getting cybersecurity degrees and certificates in th...2023-05-3144 min
Paul's Security Weekly (Audio)PSW #767 - Holiday ExtravaganzaWhile we most likely do not believe that penetration testing is dead it continues to evolve over time. What do penetration tests look like today? Have they become more or less specialized? What is the continuing value of penetration testing? With development and IT moving so fast, how have penetration tests adapted? This discussion will dive into the details of penetration testing today and provide you with a guide to make the most of this activity. Without question, we need more people working in cybersecurity today. Our culture has come a long way to be m...2022-12-163h 16
Security Weekly Podcast Network (Audio)PSW #767 - Holiday ExtravaganzaWhile we most likely do not believe that penetration testing is dead it continues to evolve over time. What do penetration tests look like today? Have they become more or less specialized? What is the continuing value of penetration testing? With development and IT moving so fast, how have penetration tests adapted? This discussion will dive into the details of penetration testing today and provide you with a guide to make the most of this activity. Without question, we need more people working in cybersecurity today. Our culture has come a long way to be m...2022-12-165h 14
Paul's Security Weekly (Video)Holiday Security News & The Holiday Hack Challenge 2022! - PSW #767This week, we round out the Holiday Special 2022 with a special guest appearance by Ed Skoudis, where he joins to fill us in on the Holiday Hack Challenge! Then, an utterly chaotic session of security news to close out 2022! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw7672022-12-152h 18
Plus FeedEdIn this episode we hear some penetration test stories from Ed Skoudis (twitter.com/edskoudis). We also catch up with Beau Woods (twitter.com/beauwoods) from I am The Cavalry (iamthecavalry.org).SponsorsSupport for this show comes from Axonius. Securing assets — whether managed, unmanaged, ephemeral, or in the cloud — is a tricky task. The Axonius Cybersecurity Asset Management Platform correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk...2022-07-2641 minDarknet DiariesEdIn this episode we hear some penetration test stories from Ed Skoudis (twitter.com/edskoudis). We also catch up with Beau Woods (twitter.com/beauwoods) from I am The Cavalry (iamthecavalry.org).SponsorsSupport for this show comes from Axonius. Securing assets — whether managed, unmanaged, ephemeral, or in the cloud — is a tricky task. The Axonius Cybersecurity Asset Management Platform correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk...2022-07-2641 min
Paul's Security Weekly (Audio)Have a Couple Beers on the Lawnmower - PSW #721This week, we kick off the show with an interview featuring Ed Skoudis, SANS Fellow and Counter Hack Founder, where we talk about the holiday hack challenge! Then, Sinan Eren, VP of Zero Trust Access & ZTNA Engineering at Barracuda Networks, joins for an segment walking through What to Expect in 2022 for security!! In the Security News: Printing Shellz, the exploit is in the link, 42 CVEs, time to update all of your browsers again, Microsoft App spoofing vulnerability, stealing credit cards in Wordpress, using block chain for C2, MangeEngine 0day, oh and did you hear about the log4j vulnerability!2021-12-172h 48
Paul's Security Weekly (Video)All Your Holiday Hack Challenge Belong To Us - Ed Skoudis - PSW #721Let's talk about the 2021 SANS Holiday Hack Challenge. Lotsa great new stuff this year, with a focus on hardware hacking in a virtual world... plus TWO cons at the North Pole. Segment Resources: www.holidayhackchallenge.com www.counterhack.com www.sans.edu Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw7212021-12-161h 00
FIRST Impressions PodcastEpisode 9: Ed Skoudis, President, SANS Technology InstituteChances are, you know Ed. Ed Skoudis is founder of the SANS Institute’s Penetration Testing Curriculum and creator of SANS NetWars, CyberCity, and the Holiday Hack Challenge. Learn more about the upcoming SANS Holiday Hack Challenge at https://www.sans.org/mlp/holiday-hack-challenge/. Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent.2021-12-0300 min
The Social-Engineer PodcastEp. 158 - Security Awareness Series - Dont Act Old And Other Advice with Paul Asadoorian This month, Chris Hadnagy and Ryan MacDougall are joined by Paul Asadoorian. Paul is the founder of Security Weekly, a security podcast network. Paul spends time “in the trenches” coding in Python, testing security products and evaluating and implementing open-source software. Paul's career began by implementing security programs for a lottery company and then a large university. As Product Evangelist for Tenable Network Security, Paul also built a library of materials on the topic of vulnerability management. When not hacking IoT devices, web applications or Linux, Paul can be found researching his next set of headphones, devices for smoking meat...2021-11-1553 min
Digital: DisruptedCan Hacking Be Done Ethically? – Ed SkoudisIn this episode, Paul and Ed discuss cybersecurity strategies such as penetration testing, and how hackers can safely grow their skills to make the world safer and more secure. Ed is the founder of Counter Hack, an information security consulting firm, and a SANS Institute Fellow where he developed their penetration testing curriculum. Connect with him on LinkedIn and check out the Holiday Hack Challenge.2021-10-1254 min
The Social-Engineer PodcastEp. 154 - Security Awareness Series - Whispering Sweet Security Nothings with Ed Skoudis In this episode, Chris Hadnagy and Ryan MacDougall are joined by Ed Skoudis. Ed is a SANS Institute Fellow, Instructor, and Director of Cyber Ranges. He is the founder of Counter Hack, an innovative cyber security company that works as trusted information security advisors to government, military, and commercial enterprises by providing in-depth security architecture, penetration testing, red teaming, incident response, and digital forensics expertise. Ed frequently presents industry keynotes based on the latest attack vectors he identifies during his team’s penetration testing projects, expert witness work on large-scale breaches, security research into late-breaking malware and exploits, and incident response engageme...2021-09-2053 min
Security Rabbit Hole PodcastFNS #1 - Ed Skoudis - The Kringle-Con MakerWelcome to the inaugral "Friday Night Security" (FNS) show here at the Security Rabbit Hole. Tonight we have a special guest with us, who has 25 years of successful cyber security experience under him. His accolades include having been a lead SANS instructor and currently the creator of the SANS Holiday Hack Challenge, Ed Skoudis!
Things we'll be diving into in this episode range from A.I in cyber to the future of pentesting and more.
Presented by your co-hosts Sunny S. and Shubham Khichi.
Ed Skoudis can be reached via his Twitter account @edskoudis.
...2021-07-1741 min
Easy PreyEthical Hacking with Brian SelfEthical hacking may seem like an oxymoron, but having someone that you trust do a penetration test on your network may shock you. Our guest today has been helping people for 20 years to know when they’re vulnerable, and he shares his stories and insights to help you keep your information secure. Today’s guest is Brian Self. Brian is a certified Information Systems Security professional, ethical hacker, and professional speaker. He has the unique ability to take a complicated topic like network security and make it easy for a wide audience to understand. He has been in I...2021-03-1756 min
The Social-Engineer PodcastEp. 142 – You Can Be Right And Still Be Wrong With Brian Phillips In this episode of the SECurity Awareness Series of the SEPodcast, Chris Hadnagy and Ryan MacDougall are joined by Brian Phillips who is responsible for information security at Macy’s. Listen as they discuss how to: build an information security organization, hire the right people, and get buy-in from executives. March 15, 2021 00:09 – Intro Social-Engineer.com Phishing As A Service® Vishing As A Service® 01:54 – Introduction to Brian Phillips 02:44 – Security in a retail environment and impacts from the pandemic 07:25 - How to build an information security organization from the ground up 10:14 ...2021-03-1547 min
Paul's Security Weekly (Video)Security News w/ Ed Skoudis - PSW #676Ed Skoudis returns to talk to us about the Holiday Hack Challenge! Then, in the Security News, Thousands of unsecured medical records were exposed online, Advanced Persistent Threat Actors Targeting U.S. Think Tanks, WarGames for real: How one 1983 exercise nearly triggered WWIII , The Supreme Court will hear its first big CFAA case, TrickBoot feature allows TrickBot to run UEFI attacks, and Cyber Command deployed personnel to Estonia to protect elections against Russian threat! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw6762020-12-051h 49
Paul's Security Weekly (Audio)The Whole Crew's Awesome - PSW #676This week, Vicarius' very own Roi Cohen and Gilad Lev join us to kick off the show with a technical segment titled "From Chaos to Topia"! Jeff Capone from SecureCircle joins us for an interview on zero trust data security! Ed Skoudis returns to talk to us about the Holiday Hack Challenge! Then, in the Security News, Thousands of unsecured medical records were exposed online, Advanced Persistent Threat Actors Targeting U.S. Think Tanks, WarGames for real: How one 1983 exercise nearly triggered WWIII , The Supreme Court will hear its first big CFAA case, TrickBoot feature allows TrickBot to run...2020-12-053h 28Easy PreyPenetration Testing and Ethical Hacking with Ed SkoudisIs there such a thing as an ethical hacker? Do all hackers use their skills to attack infrastructures? If you’re interested in ethical hacking and penetration testing, this is the episode for you. Today’s guest is Ed Skoudis. Ed has taught upwards of 20,000 security professionals globally and his contributions to information security have had an immense impact on the community. His courses distill the essence of real world frontline case studies he accumulates, because he is consistently one of the first authorities brought in to provide post-attack analysis on major breeches. He’s not just an expe...2020-12-0245 min
Iron Sysadmin PodcastEpisode 92 - Holiday Hack 2020 with Ed SkoudisWelcome to Episode 92 Main Topic Interview with Ed Skoudis! Who is Ed? What is holiday hack (for those that are new to this) How many participants did you get last year? What sort of new theme can we expect this year? You guys developed an entire web game engine for this.. How'd that go? What kind of infrastructure do you have the event running on this year? Want to be a Kringleconcierge? Contact: info@counterhack.com Register for KringleCon: https://holidayhackchallenge.com Announcements Patreon Update, 20 patrons for $87/month rootisgod Bruce Robert Matt David S0l3mn Erwin Trooper_Ish L...2020-11-201h 57
GIAC Certifications: Trust Me I'm CertifiedMaking CTFs count at any point in your story with Ed SkoudisThough Ed Skoudis knew he was a tinkerer since playing with Legos during childhood, his younger self could never have envisioned the expansive career he now has. In this episode, Ed shares advice gleaned from years of creating challenges, building teams, and writing and teaching SANS courses. He and Jason discuss why CTFs are essential skill-building tools at any career level, how to overcome self-doubt and imposter syndrome, and why you should never let fear stop you from starting.2020-07-1438 min
Paul's Security Weekly (Video)Ed Skoudis & Security News - PSW #653In this week's Security News, NSA warns Russia-linked APT group is exploiting Exim flaw since 2019, Hackers Compromise Cisco Servers Via SaltStack Flaws, OpenSSH to deprecate SHA-1 logins due to security risk, all this and more with Special Guest Ed Skoudis, Founder of Counter Hack and Faculty Fellow at SANS Institute! To check out the SANS Pen Test HackFest and Cyber Range Summit, visit: https://www.sans.org/event/hackfest-ranges-summit-2020 Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode6532020-05-301h 44
Paul's Security Weekly (Audio)Don't Hate the Player, Hate the Game - PSW #653This week, we welcome Greg Foss, Senior Threat Researcher at VMware Carbon Black's Threat Analysis Unit, to talk about 2020 MITRE ATT&CK Malware Trends! In this week's Security News, NSA warns Russia-linked APT group is exploiting Exim flaw since 2019, 'Suspicious superhumans' behind rise in attacks on online services, Hackers Compromise Cisco Servers Via SaltStack Flaws, OpenSSH to deprecate SHA-1 logins due to security risk, all this and more with Special Guest Ed Skoudis, Founder of Counter Hack and Faculty Fellow at SANS Institute! In our final segment, we air a pre recorded interview with Peter Singer, Strategist at New...2020-05-293h 16
Paul's Security WeeklyTwerking Santa - PSW #631This week, we kick things off with the Blue Team Roundtable, to discuss defensive techniques that actually work, and ones that don't! In the second segment, we'll switch teams and transition to The State of Penetration Testing Roundtable, where we'll discuss the evolution of Penetration Testing, and how to get the most value from the different types of assessments! In our final segment, we welcome back long-time friend of the show Ed Skoudis, to discuss this year's Counterhack Holiday Hack Challenge, a holiday tradition here at Security Weekly, and one of the community's favorite hacking challenges! Show Notes: https://wiki.s...2019-12-303h 11
Paul's Security Weekly (Audio)Twerking Santa - PSW #631This week, we kick things off with the Blue Team Roundtable, to discuss defensive techniques that actually work, and ones that don't! In the second segment, we'll switch teams and transition to The State of Penetration Testing Roundtable, where we'll discuss the evolution of Penetration Testing, and how to get the most value from the different types of assessments! In our final segment, we welcome back long-time friend of the show Ed Skoudis, to discuss this year's Counterhack Holiday Hack Challenge, a holiday tradition here at Security Weekly, and one of the community's favorite hacking challenges! 2019-12-303h 11
Paul's Security Weekly (Video)Holiday Hack Challenge - PSW #631Each year the team at Counterhack Challenges makes available the Holiday Hack Challenge. Led by Ed Skoudis, and created by some of the most talented security professionals in the industry, it is not to be missed. Tune in to hear the details, or at least some information, about this year's Holiday Hack Challenge! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode6312019-12-251h 03Iron Sysadmin PodcastEpisode 71 - Holiday Hack with the Elf Himself!Welcome to Episode 71 Main Topic Ed Skoudis! Holiday Hack! https://www.holidayhackchallenge.com Announcements Patreon Update 22532 Andi Charles DeMentor J Jon Julius Unclemarc DC610 - 1/8/2020 Moar ATM Shenanigans! WOPR Summit - March 27-29 in Philadelphia https://www.woprsummit.org/ Reviews No new reviews Chat Nate: Stadia is Neat. News https://thehackernews.com/2019/12/linux-vpn-hacking.html https://seclists.org/oss-sec/2019/q4/122 https://www.forbes.com/sites/zakdoffman/2019/12/08/new-apple-security-update-could-scrap-your-old-macbook-heres-what-you-do/#7b7493d521d1 https://ww.9to5google.com/2019/12/08/fortnite-android-google-play-store/ https://onezero.medium.com/architects-are-playing-with-the-future-of-design-in-video-games-1352a2d3ae3f 2019-12-131h 45
The InfoSec Career PodcastInterview with Ed SkoudisIn this episode, we welcome Ed Skoudis to the show! Ed shares his thoughts on the need to always be learning and some tips on how to learn more deeply. He also shares a bit about this year's Holiday Hack Challenge. Prepare for KringleCon 2! Please subscribe and share with others!2019-11-0600 minIron Sysadmin PodcastEpisode 67 - DERBYCON 9Welcome to Episode 67 Main Topic D*E*R*B*Y*C*O*N Talks: http://www.irongeek.com/i.php?page=videos/derbycon9/mainlist Opening Ceremony: http://www.irongeek.com/i.php?page=videos/derbycon9/1-00-opening-ceremony-derbycon-crew Keyonte from Ed Skoudis: http://www.irongeek.com/i.php?page=videos/derbycon9/1-01-opening-keynote-presented-by-ed-skoudis-ed-skoudis Panel with Mog and friends: http://www.irongeek.com/i.php?page=videos/derbycon9/1-02-derbycon-story-time-panel-dustin-heywood-evil-mog-and-others Jayson streets talk http://www.irongeek.com/i.php?page=videos/derbycon9/2-01-i-pwn-thee-i-pwn-thee-not-jayson-e-street Scientific computing for infosec: http://w...2019-09-132h 10
Paul's Security Weekly (Audio)Nuggets of Learning - Paul's Security Weekly #586This week, how Taylor Swift used Facial Recognition to thwart stalkers, unlocking Android phones with a 3D printed head, Ticketmaster fails to take responsibility for malware, and it's December of 2018, to Hell with it, just patch your stuff already! In our first interview, we welcome back Ed Skoudis, Founder of the Counter Hack Challenge and Kringle Con 2018! Ed joins us on the show to talk about this years challenge and what's in store! In our final interview, we welcome back Don Murdoch, the Assistant Director at Regent University Cyber Range! Don joins us this week to discuss his book, "...2018-12-172h 03
Paul's Security WeeklyNuggets of Learning - Paul's Security Weekly #586This week, how Taylor Swift used Facial Recognition to thwart stalkers, unlocking Android phones with a 3D printed head, Ticketmaster fails to take responsibility for malware, and it's December of 2018, to Hell with it, just patch your stuff already! In our first interview, we welcome back Ed Skoudis, Founder of the Counter Hack Challenge and Kringle Con 2018! Ed joins us on the show to talk about this years challenge and what's in store! In our final interview, we welcome back Don Murdoch, the Assistant Director at Regent University Cyber Range! Don joins us this week to discuss his book, "Blue...2018-12-172h 03
Paul's Security Weekly (Video)Ed Skoudis, Counter Hack Challenge - Paul's Security Weekly #586Ed Skoudis, Founder of the Counter Hack Challenge and Kringle Con 2018, joins us on the show to talk about this years challenge and what's in store! "Welcome to Counter Hack Challenges, an organization devoted to creating educational, interactive challenges and competitions to help identify people with information security interest, potential, skills, and experience. We design and operate a variety of capture-the-flag and quiz-oriented challenges for the SANS Institute, Cyber Aces, US Cyber Challenge, and other organizations. Our featured products include NetWars, CyberCity, Holiday Hack Challenge, Cyber Aces Online, and several Cyber Quests." Join KringleCon: www.kringlecon.com2018-12-1434 min
Purple Squad SecurityEpisode 44 – SANS Holiday Hack Challenge with Ed SkoudisSo, a very popular season is coming up shortly. I'm not talking about Thanksgiving (for my US listeners) and I'm not talking about Christmas for my Christian listeners. No, I'm talking about the season that all good little hackers look forward to - the time when the SANS Holiday Hack Challenge is released!
This is probably one of the most ambitious CTFs I have ever known about, and I am lucky enough to get one of the main drivers behind it to join me for today's episode! Ed Skoudis joins me to talk all about the SANS Hol...2018-11-1850 min
On DoDArmy begins moving cyber exercises from sterile "ranges" to a real cityThe Army already owns what amounts to fully-functional city it uses that it uses for traditional military training events in southeastern Indiana. But until recently, it hasn't been used for cyber training. Officials have high hopes that a new set of exercises at Muscatatuck Urban Training Center will give cyber protection teams a much more realistic training experience than they'd get at the "cyber ranges" DoD currently operates. Ed Skoudis and John Nix from the SANS institute join us to discuss the "Cybertropolis" environment SANS has been helping the Army build in southeastern Indiana.
Also on this week's show, Chris...2018-08-1543 min
Paul's Security Weekly (Video)Ed Skoudis, Holiday Hack Challenge - Paul's Security Weekly #540Ed Skoudis has taught cyber incident response and advanced penetration testing techniques to more than 12,000 cybersecurity professionals. He is a SANS Faculty Fellow and the lead for the SANS Penetration Testing Curriculum. In the interview, Ed talks with the team about the Holiday Hack Challenge and what’s going on recently in his cybersecurity life! Full Show Notes: https://wiki.securityweekly.com/Episode540 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly2017-12-1739 min
Paul's Security WeeklySpread Your Vegemite - Paul's Security Weekly #540Joe Gray of the Advanced Persistent Security podcast joins us for an interview! Ed Skoudis of the SANS Institute joins us to discuss the SANS Holiday Hack Challenge and what he’s been up to in the cyber world! In the news, the team discusses on-demand webcasts, net neutrality, pen testing, and Vegemite with Joff! Full Show Notes: https://wiki.securityweekly.com/Episode540 Visit https://www.securityweekly.com/psw for all the latest episodes!2017-12-152h 18
Paul's Security Weekly (Audio)Spread Your Vegemite - Paul's Security Weekly #540Joe Gray of the Advanced Persistent Security podcast joins us for an interview! Ed Skoudis of the SANS Institute joins us to discuss the SANS Holiday Hack Challenge and what he’s been up to in the cyber world! In the news, the team discusses on-demand webcasts, net neutrality, pen testing, and Vegemite with Joff! Full Show Notes: https://wiki.securityweekly.com/Episode540 Visit https://www.securityweekly.com/psw for all the latest episodes!2017-12-152h 18
Paul's Security Weekly (Video)Ed Skoudis, Counter Hack - Paul's Security Weekly #531Ed Skoudis is a SANS Faculty Fellow and the lead for the SANS Penetration Testing Curriculum. He has the rare ability to translate advanced technical knowledge into easy-to-master guidance. Ed rejoins us to talk about new projects, his robotic dog, and more! Full Show Notes: https://wiki.securityweekly.com/Episode531 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly2017-10-0350 min
Paul's Security WeeklyPaul's Security Weekly #531 - Trevor ForgetJim Nitterauer of AppRiver and Ed Skoudis of Counter Hack & SANS Institute join us, and we discuss the latest information security and hacking news! Full Show Notes: https://wiki.securityweekly.com/Episode531 Visit https://www.securityweekly.com for all the latest episodes!2017-09-302h 58
Paul's Security Weekly (Audio)Paul's Security Weekly #531 - Trevor ForgetJim Nitterauer of AppRiver and Ed Skoudis of Counter Hack & SANS Institute join us, and we discuss the latest information security and hacking news! Full Show Notes: https://wiki.securityweekly.com/Episode531 Visit https://www.securityweekly.com for all the latest episodes!2017-09-292h 58
Paul's Security Weekly (Audio)Paul's Security Weekly #484 - SECOND LIFECody Pierce from Endgame will talk about pre-exploit prevention. Security news will discuss Yahoo! spying, Mirai source code lessons learned, and more! Our interview this week is with Ed Skoudis of Counterhack Challenges and the SANS Institute. Stay tuned!2016-10-081h 39
Paul's Security Weekly (Audio)Paul's Security Weekly #444 - Ed Skoudis Holiday Hack Challenge and Pen Testing with John StrandEd Skoudis joins us via Skype to talk about the all new 2015 Holiday Hack Challenge! Ed also answers the all new 5 Questions, not to be missed! Security Weekly Web Site: http://securityweekly.com Follow us on Twitter: @securityweekly2016-06-022h 02
AT&T ThreatTraqThreatTraq #166 - Red vs. BlueAT&T Data Security Analysts discuss attacks on NTP, running red and blue teams, the Holiday Hack Challenge, Fitbit and Webcam hacks, and the Internet Weather Report. With special guest Ed Skoudis Originally recorded October 27, 2015.2015-10-3000 min
Imaginary WorldsBeware of CyberCityEd Skoudis built a different kind of imaginary world. It's a three-dimensional model of a town that the military uses for cyber war games. Ed's team plays the role of the terrorists who keep trying to hijack a train or contaminate the water supply, while cyber warriors stationed at bases around the world try to stop them. But at some point, CyberCity became more than just a project for Ed. He fell in love with this town -- its simulated people and their Truman Show existence. Learn more about your ad choices. Visit megaphone.fm/adchoices Lear...2015-04-2317 min
Note to SelfLook How Cute this Military Cyber Warfare Training Ground IsSomewhere hidden in the sleepy suburbs of New Jersey, there is a very small town. This all-American village boasts good public transit, its own reservoir, a coffee shop, a church, a bank... you name it. Their international airport rarely has delays.
Where is this idyllic hideaway? That's a military secret.
CyberCity, as it's called, serves as a training ground for a new class of specialized "cyber warriors," capable of defending against cyber attack. Every day, soldiers plot to take over the town, by hacking into its schools, its water systems, its power grid, and its Internet...2014-12-1723 min
BrakeSec Education PodcastMr. Boettcher interviewed Ed Skoudis!While I'm stuck at work, Mr. Boettcher went to the Austin Hackformers and snagged an interview with Mr. Ed Skoudis, of InGuardians and of the SANS Institute, a top flight training academy. He is to be one of the keynote speakers at DerbyCon this year. He gives us a peek about his keynote, and Mr. Boettcher asks his thoughts on the industry as a whole, SCADA security, Mr. Skoudis' opinion on Infosec as a whole.
Hackformers Austin: http://www.hackformers.org/
Ed Skoudis bio: http://www.sans.org/instructors/ed-skoudis
B...2014-09-1544 min
Segurança LegalEpisódio #50 – Reagindo a comunicações de vulnerabilidadeNeste episódio comentamos as situações em que as empresas recebem comunicados envolvendo vulnerabilidades em seus sistemas ou redes. Partindo de tais situações, avaliamos algumas ocorrências nas quais as empresas não reagiram adequadamente e damos algumas sugestões sobre como se comportar nestes casos.
ShowNotes
Como não lidar com segurança da informação – Artigo no blog do pesquisador Marco Agner
Dealing with the Many Stages of Pen Test Result Grief Part 1 – Artigo de Ed Skoudis
2014-05-0900 min
InfoSec Daily PodcastInfoSec Daily Podcast Episode 378Episode 378 - Ed Skoudis discusses NetWars-NG and Cyber Challenges2011-05-0459 min![DEFCON 17 [Video and Slides] Speeches from the Hacker Convention.](http://www.defcon.org/images/podcast/defcon-17-itunes-logo-video.png){kind=logo}
DEFCON 17 [Video and Slides] Speeches from the Hacker Convention.Dmitri Alperovich and Panel - Preparing for Cyber War Strategy and Force Posture in the Information Centric World - VideoPreparing for Cyber War: Strategy and Force Posture in the Information-Centric WorldDmitri Alperovitch VP Threat Research, McAfeeMarcus Sachs Director, SANS Internet Storm CenterPhyllis Schneck VP Threat Intelligence, McAfeeEd Skoudis Founder&Senior Security Consultant, InGuardiansCyber warfare is the new hot topic of debate in political and military circles in Washington. This panel of cyber policy experts will explore the definition and reality of a cyber warfare threat, focusing on offensive capabilities and military doctrines of our potential nation-state adversaries, debate the deterrence strategies, and operational and legal frameworks guiding the...2009-10-0858 min![DEFCON 14: [Video] Speeches from the hacker conventions](http://www.defcon.org/images/podcast/defcon-14-itunes-logo.jpg){kind=logo}
DEFCON 14: [Video] Speeches from the hacker conventionsJay Beale: Discovering Mac OS X Weaknesses and Fixing Them with the New Bastille OS X PortAbstract:The Mac OS X operating system is beautiful, but it?s not as secure as you think. It?s mostly Unix under that shiny GUI and while we?ve come to expect a very locked down system from recent Unix/Linux releases, that expectation isn?t entirely realistic when it comes to OS X. For instance, the firewall GUI tool makes it seem like you can create a default-deny firewall that only lets packets from established sessions in. The firewall it produces, though, is full of holes! Whatever you do, don?t take your OS X laptop onto the...2006-10-2457 min![DEFCON 13: [Video] Speakers from the hacking convention.](http://media.defcon.org/dc-13/dc-13-itunes-logo.jpg){kind=logo}
DEFCON 13: [Video] Speakers from the hacking convention.Defcon 13: Jay Beale, Introducing the Bastille Hardening Assessment ToolBastille has been re-released as an assessment and hardening tool. With the help of the US Government's TSWG, we've added full hardening assessment capabilities, complete with scoring. This allows Bastille to measure and score an individual system's security settings against user-provided guidelines, possibly before allowing a system onto the network. Security or system administrators can use this to assess the relative state of a given system compared to Best Practices, to other systems in the organization, or to an organization-supplied minimum standards file. They can also use it to learn what hardening steps would be helpful for the given system...2006-06-0147 minDEFCON 13: [Audio] Speakers from the hacking convention.Defcon 13: Jay Beale, Introducing the Bastille Hardening Assessment ToolBastille has been re-released as an assessment and hardening tool. With the help of the US Government's TSWG, we've added full hardening assessment capabilities, complete with scoring. This allows Bastille to measure and score an individual system's security settings against user-provided guidelines, possibly before allowing a system onto the network. Security or system administrators can use this to assess the relative state of a given system compared to Best Practices, to other systems in the organization, or to an organization-supplied minimum standards file. They can also use it to learn what hardening steps would be helpful for the given system...2006-06-0147 min