To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo

CISSP Podcasts

show episodes
 
Artwork

4
CISSP Cyber Training Podcast - CISSP Training Program

Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur

icon48
icon264
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Weekly+
 
Join Shon Gerber on his weekly CISSP Cyber Training podcast, where his extensive 23-year background in cybersecurity shines through. With a rich history spanning corporate sectors, government roles, and academic positions, Shon imparts the essential insights and advice necessary to conquer the CISSP exam. His expertise is not just theoretical; as a CISSP credential holder since 2009, Shon translates his deep understanding into actionable training. Each episode is packed with invaluable secur ...
  continue reading
 
Artwork

1
Certified: The CISSP Prepcast

Dr. Jason Edwards

icon0
icon137
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Daily+
 
Welcome to The Bare Metal Cyber CISSP Prepcast — your essential guide to mastering the CISSP certification. Whether you're just starting your cybersecurity journey or preparing for exam day, this podcast delivers expert insights, practical strategies, and clear explanations to help you succeed. Designed by professionals who’ve walked the path, each episode helps you build confidence, sharpen your skills, and move one step closer to certification success.
  continue reading
 
Artwork

1
Redefining CyberSecurity

Sean Martin, ITSPmagazine

icon1
icon562
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Weekly+
 
Redefining CyberSecurity Podcast Hosted by Sean Martin, CISSP Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively? For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, ou ...
  continue reading
 
Artwork

1
BrakeSec Education Podcast

Bryan Brake, Amanda Berlin, and Brian Boettcher

icon0
icon463
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Monthly
 
A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
  continue reading
 
Artwork

1
SecurityMetrics Podcast

SecurityMetrics

icon18
icon106
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Monthly
 
The SecurityMetrics Podcast, hosted by Jen Stone (Principal Security Analyst, QSA, CISSP, CISA), will help you understand current data security and compliance trends. Each episode will feature a different security professional offering tips and security best practices.
  continue reading
 
Artwork

1
The Other Side Of The Firewall

Ryan Williams

icon2
icon867
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Weekly+
 
Dive into the heart of cybersecurity with "The Other Side of the Firewall & Ask A CISSP" podcasts, where the spotlight shines on diversity and excellence within the tech realm. As the digital world expands, the voices shaping its future become ever more crucial. Our mission? To celebrate and amplify the stories of People of Color who've not just climbed the ladder but shattered ceilings along the way to senior and C-suite echelons. Join us on a journey beyond the conventional, as we engage w ...
  continue reading
 
Artwork

4
Bring Your Own Security Radio

BYOSRADIO

icon17
icon74
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Monthly
 
Bring Your Own Security Radio started in 2016 and has been going strong since. Hosted by Dave Howard, we dive into topics around IT Security. Backed by his CISSP, CEH, MCSE-Cloud, Incident Handling, Encryption and CCNA certifications and a 22 year (and still going) career in IT, you can be sure to find a wide range of topics.
  continue reading
 
Artwork

1
Purple Squad Security

John Svazic

icon56
icon73
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Monthly
 
Information Security, InfoSec, CyberSec, Cyber, Security, whatever you call it, we talk about it! From mobiles and desktops to data centers and the cloud, Purple Squad Security is here to help and give back to our community of information security professionals. We cover security topics for the red team, blue team, purple team, whatever team! We are a community of professionals, and this is one man's attempt to give back. CISSP, CISM, CEH credits can be obtained here! Also happy to provide i ...
  continue reading
 
Artwork

1
Reduce Cyber Risk Podcast - Cyber Security Made Simple

Shon Gerber, vCISO, CISSP, Cyber Security Consultant, Author and Entrepreneur

icon1
icon189
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Monthly
 
Shon Gerber from the Reduce Cyber Risk podcast provides valuable insights, guidance, and training to you each week that only a senior cyber security expert and vCISO can perform. Shon has over 23+ years of experience in cyber security from large corporations, government, and as a college professor. Shon provides you the information, knowledge, and training needed to help protect your company from cyber security threats. Shon weekly provides cyber security training topics covering: Insider Th ...
  continue reading
 
Artwork

1
CISO's Secrets

Check Point Software Technologies LTD

icon21
icon40
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Monthly
 
“CISO's Secrets” promises clear talk on cybersecurity’s burning topics, but not only; A series of 40 minutes weekly podcast hosting Telco industry CIOs and CISO’s, from global and leading companies. Podcast will share true stories, reveal real-life scenarios, and more. The host will lead discussions about Security trends, best practices, cloud, networks, data, employees, habits, and secrets while drifting between personal and professional life. Earn your CISO's Secrets membership badge at ht ...
  continue reading
 
Artwork

4
Marketer of the Month

Outgrow

icon3
icon514
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Weekly
 
“The difficulty”, writes Keynes, “lies not in the new ideas, but in escaping from the old ones.” Outgrow’s Marketer of the Month podcast documents this tussle of the old and the new across 21 different industries. Tune in to listen to thought-provoking guests ranging from the leaders of Fortune 500 companies, Tech Unicorns, Governments, Anonymous Collective, Media, Pulitzer Prize Winners, Professors, and (of course) Tiktokers!
  continue reading
 
Artwork

1
UNSECURITY: Information Security Podcast

The InfoSec Mission

icon76
icon241
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Monthly
 
Weekly information security podcast airing Monday mornings hosted by Oscar Minks and Brad Nigh. In a unique focus on protecting personal information, Oscar and Brad discuss information security as an issue that includes cyber security, physical security, as well as administrative controls. Oscar is the CTO of FRSecure and heads technical services and operations at the company. Brad is the Principal Security Consultant and a 20+ year veteran of the industry.
  continue reading
 
Artwork

1
Digital Self-Defense Podcast

Tim Honker

icon8
icon1
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Daily+
 
Digital Self-Defense is a podcast that explains the basics of cybersecurity and data protection in an accessible, user-friendly voice. DSD instructs listeners in understanding the basics of cybersecurity, dissects and explains significant current events relating to cybersecurity, and helps listeners learn how to keep themselves from hacks and threats. Hosted by cybersecurity professional Tim Honker (CISSP), Digital Self Defense avoids technical jargon at all costs and provides an overview ab ...
  continue reading
 
Artwork

1
The CISO Diaries

Syya Yasotornrat & Leah McLean

icon1
icon29
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Monthly
 
The path to cybersecurity leadership is not a direct route and it's those divergent routes that create the amazing stories and histories of leaders who are driving security to keep businesses and people safe. We’re Leah McLean and Syya Yasotornrat and we intend to give CISOs and cybersecurity professionals a place to be their authentic selves. These are the unedited stories told of how they got into cybersecurity, the real struggles they’ve persevered through, personal anecdotes that make th ...
  continue reading
 
Loading …
show series
 
Artwork

1
CCT 261: CISSP Rapid Review Exam Prep - Domain 1 - Part II 46:57

Play Pause
icon
46:57
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
46:57icon
 
Send us a text Microsoft recently released 137 security patches, with 14 critical vulnerabilities that could allow attackers to seize control of Windows systems with minimal user interaction. Among these, the Windows authentication negotiation flaw rated at 9.8 severity poses a significant threat to all current Windows versions. For security profes…
  continue reading
 
Artwork

1
Episode 140: What to Do If You Fail the CISSP 7:22

Play Pause
icon
7:22
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
7:22icon
 
Not everyone passes on the first try—but failure doesn’t define your journey. In this episode, we guide you through a structured plan for recovery if you don’t pass the CISSP exam. We cover how to interpret your exam feedback, identify weak domains, revise your study strategy, and rebuild confidence. You’ll also learn how to maintain momentum and a…
  continue reading
 
Artwork

1
Unsecurity Episode 241: Business Impact Analysis w/ FRSecure Consultants 33:12

Play Pause
icon
33:12
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
33:12icon
 
How can you approach your company's leadership to advocate for best security practices? Megan dives into a BIA (Business Impact Analysis) breakdown with triple guest features from FRSecure's Consulting Team. Mea Yang, Coral Morgan, and Kathryn Frickstad-Olson recall client trumphs and challenges they have witnessed with implementing BIAs. Whether y…
  continue reading
 
Artwork

1
From Mechanic to Cybersecurity Boss Ft. Edgar Vanterpool 41:12

Play Pause
icon
41:12
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
41:12icon
 
In this episode of The Other Side of the Firewall, Ryan Williams Sr. and Edgar Vanterpool discuss Edgar's unique journey from the automotive industry to becoming a Business Information Security Officer (BISO). They explore the skills required for the role, the importance of understanding business needs in cybersecurity, and the balance between tech…
  continue reading
 
Artwork

1
EPISODE 230- Cash Me If You Can: European Central Bank's Digital Euro HoD Eric Tak Explains Border-Free Wallets 14:48

Play Pause
icon
14:48
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
14:48icon
 
Eric Tak has headed the ECB’s Product Proposition Division of the Directorate Digital Euro since June 2024. He is responsible for managing the design and refinement of the digital euro product proposition, including the distribution model via payment service providers, and liaising closely with internal and external stakeholders. On The Menu: 1. Pr…
  continue reading
 
Artwork

1
When AI Looks First: How Agentic Systems Are Reshaping Cybersecurity Operations | A Musing On the Future of Cybersecurity and Humanity with Sean Martin and TAPE3 | Read by TAPE3 4:32

Play Pause
icon
4:32
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
4:32icon
 
Before a power crew rolls out to check a transformer, sensors on the grid have often already flagged the problem. Before your smart dishwasher starts its cycle, it might wait for off-peak energy rates. And in the world of autonomous vehicles, lightweight systems constantly scan road conditions before a decision ever reaches the car’s central proces…
  continue reading
 
Artwork

1
The Weekly Run Down 7/4/25 21:20

Play Pause
icon
21:20
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
21:20icon
 
In this episode of the Other Side of the Firewall podcast, hosts Ryan Williams Sr., Shannon Tynes, and Chris Abacon discuss their personal updates, including training experiences, certifications, and adventures in New York City. They also dive into Ryan's book publishing journey and future plans, all while emphasizing the importance of cybersecurit…
  continue reading
 
Artwork

1
CCT 260: CISSP Rapid Review Exam Prep - Domain 1 - Part I 37:12

Play Pause
icon
37:12
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
37:12icon
 
Send us a text Ready to conquer CISSP Domain 1? This rapid review episode delivers essential knowledge on security and risk management fundamentals that form the cornerstone of information security practice. We begin with a timely discussion on preventing ransomware through exfiltration controls, noting the alarming shift where 90% of ransomware at…
  continue reading
 
Artwork

1
CCT 259: CISSP Practice Questions - Data Classification (Domain 2.1) 25:30

Play Pause
icon
25:30
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
25:30icon
 
Send us a text Check us out at: https://www.cisspcybertraining.com/ Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout Ready to master data classification for your CISSP exam? This episode delivers exactly what you need through fifteen practical questions that mirror real exam scenarios, all focused …
  continue reading
 
Artwork

1
From Feed to Foresight: Cyber Threat Intelligence as a Leadership Signal | A Musing On the Future of Cybersecurity and Humanity with Sean Martin and TAPE3 | Read by TAPE3 6:39

Play Pause
icon
6:39
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
6:39icon
 
Cyber threat intelligence (CTI) is no longer just a technical stream of indicators or a feed for security operations center teams. In this episode, Ryan Patrick, Vice President at HITRUST; John Salomon, Board Member at the Cybersecurity Advisors Network (CyAN); Tod Beardsley, Vice President of Security Research at runZero; Wayne Lloyd, Federal Chie…
  continue reading
 
Artwork

1
Dear CISO: Are You Enabling the Business—or Blocking It? 12:16

Play Pause
icon
12:16
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
12:16icon
 
In this episode of the podcast, the hosts discuss critical cybersecurity questions that CISOs must address, the role of CISOs in business, and the impact of AI on cybersecurity practices. They emphasize the importance of understanding data classifications and the need for proactive threat anticipation. The conversation also highlights an upcoming i…
  continue reading
 
Artwork

1
Coinbase Helps Recover $225M In Stolen Crypto 12:11

Play Pause
icon
12:11
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
12:11icon
 
In this episode, the hosts discuss the latest cybersecurity news, focusing on Coinbase's involvement in recovering stolen cryptocurrency and the rise of pig butchering scams. They explore the tactics used by scammers, the implications of human trafficking in these schemes, and the importance of vigilance in the crypto space. The conversation emphas…
  continue reading
 
Artwork

1
Scattered Spider & MFA Bypass 11:23

Play Pause
icon
11:23
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
11:23icon
 
In this episode of the Other Side of the Firewall podcast, hosts Ryan Williams Sr., Shannon Tynes, and Chris Abacon discuss the latest cybersecurity news, focusing on the FBI's warning about two-factor authentication bypass attacks by a group called Scattered Spider. They explore the tactics used by this group, the implications for cybersecurity, a…
  continue reading
 
Artwork

1
CCT 258: Data Classification and Protection in the CISSP Exam (Domain 2.1.1) 38:38

Play Pause
icon
38:38
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
38:38icon
 
Send us a text Effective data classification isn't just about regulatory compliance—it's the foundation of your entire security program. Whether you're preparing for the CISSP exam or leading security initiatives at your organization, understanding how to identify, categorize, and protect sensitive information is critical to your success. This epis…
  continue reading
 
Artwork

1
Love for his family was his fuel to conquer the AIGP certification! 10:05

Play Pause
icon
10:05
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:05icon
 
ABOUT THIS EPISODE:The Blak Cyber podcast presents "The AI Governance Mentors Series, Episode 2 featuring Albert Kittoe, Project Manager, Scrum Master. Albert recently passed the AIGP (Artificial Intelligence Governance Professional), and shares some of his insights.The burning desire to protect his family drove Albert to sit for the AIGP exam.Plea…
  continue reading
 
Artwork

1
The Weekly Run Down 6/27/25 22:48

Play Pause
icon
22:48
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
22:48icon
 
In this episode of 'The Other Side of the Firewall' podcast, hosts Ryan Williams Sr. and Shannon Tynes discuss a variety of topics ranging from personal updates and reflections on aging, to cultural sensitivity in media, and reviews of recent films like 'Ballerina' and '28 Years Later'. They also touch on the impact of AI in film, the legacy of act…
  continue reading
 
Artwork

1
Episode 229- Trading Places: Revolut's CEO Rolandas Juteika on how to Market the Future of Wealth 18:52

Play Pause
icon
18:52
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
18:52icon
 
Rolandas Juteika is the CEO & Chairman of the Board at Revolut Securities Europe and Head of Wealth and Trading at Revolut. He has led the company’s business strategy, risk management, and compliance, driving its rapid growth in the EEA. He is also a board member of the Lietuvos Finansų Maklerių Asociacija, contributing to financial brokerage gover…
  continue reading
 
Artwork

1
CCT 257: Practice CISSP Questions - Understanding, Adhering To, and Promoting Professional Ethics (Domain 1.1) 37:14

Play Pause
icon
37:14
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
37:14icon
 
Send us a text Check us out at: https://www.cisspcybertraining.com/ Ethical dilemmas lurk around every corner in cybersecurity, ready to challenge even the most technically competent professionals. Sean Gerber tackles these moral minefields head-on in this thought-provoking episode focused on CISSP Domain 1.1, presenting fifteen real-world ethical …
  continue reading
 
Artwork

1
Cyberattacks Threaten Grocery Shelves 15:52

Play Pause
icon
15:52
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
15:52icon
 
In this episode of The Other Side of the Firewall podcast, Ryan Williams Sr. and Shannon Tynes discuss the rising threat of cyberattacks on retail, particularly in the UK, and how these incidents are affecting supply chains and consumer access to essential goods. They explore the implications of these attacks for businesses, the potential for incre…
  continue reading
 
Artwork

1
Is the Rise of Vibe Hacking the Next Cybersecurity Nightmare? 12:35

Play Pause
icon
12:35
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
12:35icon
 
In this episode, Ryan Williams Sr. and Shannon Tynes discuss the intersection of cybersecurity and artificial intelligence, focusing on the emerging threats posed by AI-assisted hacking. They explore the implications of AI in making hacking more accessible and the potential for increased cyber threats. The conversation also delves into the human fa…
  continue reading
 
Artwork

1
16 Billion Passwords Leaked—Here's What You Must Do Right Now 7:39

Play Pause
icon
7:39
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
7:39icon
 
In this episode of the Other Side of the Firewall podcast, hosts Ryan Williams Sr. and Shannon Tynes discuss a significant cybersecurity incident involving the leak of 16 billion passwords. They emphasize the importance of password security, the need for multi-factor authentication (MFA), and the adoption of passkey security to enhance protection a…
  continue reading
 
Artwork

1
CCT 256: Understanding, Adhering To, and Promoting Professional Ethics (Domain 1.1) 34:53

Play Pause
icon
34:53
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
34:53icon
 
Send us a text Ethical leadership lies at the heart of effective cybersecurity practice. In this episode, we dive deep into Domain 1.1 of the CISSP certification, exploring professional ethics and their critical importance for security professionals. The episode opens with a sobering look at the current landscape of cyber warfare, examining how Isr…
  continue reading
 
Artwork

1
Episode 139: What Comes After the CISSP: Career and Certification Roadmap 8:01

Play Pause
icon
8:01
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
8:01icon
 
Earning your CISSP opens new doors—but where you go next depends on your goals. In this episode, we explore the post-CISSP landscape, including leadership roles like CISO, and technical specializations like cloud security and digital forensics. We also review advanced certifications such as CCSP, CISM, CRISC, and the CISSP concentrations in archite…
  continue reading
 
Artwork

1
Episode 138: Adaptive Testing Tips and Time Management 8:36

Play Pause
icon
8:36
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
8:36icon
 
The CISSP exam uses Computerized Adaptive Testing (CAT), which means question difficulty and test length vary based on your performance. In this episode, we demystify the CAT format, explain how scoring works, and share strategies to manage your time across the exam. You’ll learn when to move quickly, when to slow down, and how to pace yourself und…
  continue reading
 
Artwork

1
Episode 137: Understanding "Best", "First", and "Most Likely" Wording 8:16

Play Pause
icon
8:16
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
8:16icon
 
CISSP exam questions often hinge on a single word that changes everything. In this episode, we examine how to interpret qualifiers like “best,” “first,” “most appropriate,” and “least likely.” We explain what each prompt is asking you to consider—whether it’s prioritization, sequencing, or judgment—and how to choose the answer that aligns with ISC2…
  continue reading
 
Artwork

1
Episode 136: How to Deconstruct CISSP Questions 7:47

Play Pause
icon
7:47
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
7:47icon
 
CISSP exam questions are known for being complex, layered, and sometimes intentionally confusing. In this episode, we teach you how to break questions apart to find the real point being tested. You'll learn how to identify the scenario, isolate the question stem, and evaluate answer choices using elimination strategies. We also discuss common distr…
  continue reading
 
Artwork

1
Episode 135: Memory Tricks and Mnemonics for the CISSP 7:52

Play Pause
icon
7:52
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
7:52icon
 
With so much material to retain, memory tools are a CISSP candidate’s secret weapon. In this episode, we provide proven mnemonics, visual associations, and acronym expansions to help you remember everything from the OSI model and CIA triad to the phases of incident response and risk treatment options. You’ll also learn strategies for reducing cogni…
  continue reading
 
Artwork

1
Episode 131: Top 10 Hardest CISSP Concepts Demystified 9:31

Play Pause
icon
9:31
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
9:31icon
 
Some CISSP topics consistently challenge even experienced professionals. In this episode, we break down ten of the most difficult concepts on the exam—ranging from cryptographic key lifecycle and security models to risk calculations and legal frameworks. We clarify the nuances, provide examples, and share memory aids to help you master these areas.…
  continue reading
 
Artwork

1
Episode 130: DevSecOps Culture and Continuous Assurance 10:42

Play Pause
icon
10:42
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:42icon
 
DevSecOps is not just a toolset—it’s a culture that integrates security into every phase of the software development lifecycle. In this episode, we explore how DevSecOps breaks down silos between development, operations, and security teams. Topics include automated security testing, continuous compliance checks, secure coding training, and real-tim…
  continue reading
 
Artwork

1
Episode 129: Secure APIs and Service Integration 10:23

Play Pause
icon
10:23
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:23icon
 
APIs enable system integration but can expose your infrastructure to serious vulnerabilities if not secured properly. This episode focuses on how to design and manage secure APIs. We cover authentication methods (API keys, OAuth), input validation, rate limiting, logging, and error handling. You’ll also learn about common API security issues like b…
  continue reading
 
Artwork

1
Episode 128: Mobile Application Security and Reverse Engineering 10:12

Play Pause
icon
10:12
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:12icon
 
Mobile apps introduce unique risks due to their widespread use, diverse platforms, and limited control over user devices. In this episode, we explore mobile app security concerns, including insecure storage, weak authentication, exposed APIs, and code tampering. We also introduce reverse engineering concepts—how attackers decompile apps to uncover …
  continue reading
 
Artwork

1
Episode 127: Application Whitelisting and Sandboxing 10:10

Play Pause
icon
10:10
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:10icon
 
Not all applications should be allowed to run in your environment. This episode explores application control mechanisms like whitelisting and sandboxing. You'll learn how whitelisting enforces control by allowing only approved executables, and how sandboxing isolates applications to prevent them from affecting system integrity. We also discuss impl…
  continue reading
 
Artwork

1
Episode 126: Version Control and Code Integrity 9:52

Play Pause
icon
9:52
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
9:52icon
 
Version control systems track changes to code—but they also need to be protected themselves. This episode explores how tools like Git help enforce code integrity, collaboration, and traceability across development teams. We cover commit histories, branching strategies, and how to detect unauthorized or malicious changes. You’ll learn about tagging,…
  continue reading
 
Artwork

1
Episode 125: Configuration Management and CI/CD Pipelines 10:27

Play Pause
icon
10:27
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:27icon
 
Secure development doesn't stop at writing code—it includes how that code is built, tested, and deployed. In this episode, we explore configuration management and continuous integration/continuous delivery (CI/CD) pipelines. We discuss how insecure configurations, exposed secrets, and unmonitored automation can lead to compromise. Topics include in…
  continue reading
 
Artwork

1
Episode 124: Code Repositories and Access Controls 9:53

Play Pause
icon
9:53
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
9:53icon
 
Source code repositories are central to modern software development—and to software security. This episode covers the security considerations for using platforms like GitHub, GitLab, Bitbucket, and internal repositories. We examine access control policies, branching strategies, commit tracking, and how to detect malicious code changes. You’ll learn…
  continue reading
 
Artwork

1
Episode 123: Security Testing: SAST, DAST, IAST 10:51

Play Pause
icon
10:51
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:51icon
 
Security testing helps ensure software behaves as intended under hostile conditions. In this episode, we explore different application security testing methodologies, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST). We explain how each method work…
  continue reading
 
Artwork

1
Episode 122: Buffer Overflows, SQL Injection, and Common Flaws 10:37

Play Pause
icon
10:37
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:37icon
 
Many devastating cyberattacks originate from well-known coding flaws. This episode examines classic vulnerabilities including buffer overflows, SQL injection, and other input-related attacks. We explain how these issues arise, what they allow attackers to do, and how to defend against them using secure coding, bounds checking, input validation, and…
  continue reading
 
Artwork

1
Episode 121: OWASP Top 10 Threats and Controls 10:59

Play Pause
icon
10:59
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:59icon
 
The OWASP Top 10 is a widely recognized list of the most critical security risks to web applications. In this episode, we walk through each entry—from injection and broken authentication to cross-site scripting, insecure deserialization, and insufficient logging. You'll learn how these vulnerabilities occur, the business impact they can have, and t…
  continue reading
 
Artwork

1
Episode 120: Input Validation and Output Encoding 11:11

Play Pause
icon
11:11
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
11:11icon
 
User input is one of the most common vectors for exploitation in modern applications. In this episode, we focus on two critical programming techniques: input validation and output encoding. We explain how to validate input to ensure it meets expected formats and prevents attacks like SQL injection and cross-site scripting (XSS). We also explore how…
  continue reading
 
Artwork

1
Episode 119: Secure Design and Secure Coding Guidelines 11:49

Play Pause
icon
11:49
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
11:49icon
 
Secure applications start with secure design. In this episode, we explore how to incorporate security into architecture and code from the very beginning. Topics include threat modeling, input validation, secure defaults, and fail-safe mechanisms. We also cover secure coding practices that prevent common vulnerabilities such as injection, buffer ove…
  continue reading
 
Artwork

1
Episode 118: Waterfall vs. Agile vs. DevOps Approaches 10:36

Play Pause
icon
10:36
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:36icon
 
Development methodologies have a direct impact on how security is integrated into software projects. This episode compares three major approaches—Waterfall, Agile, and DevOps—and how each handles risk, testing, and control. You'll learn the strengths and challenges of each model, including change management, documentation, and time-to-delivery. We …
  continue reading
 
Artwork

1
Episode 117: Software Development Lifecycle (SDLC) Models 10:41

Play Pause
icon
10:41
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:41icon
 
Secure software doesn’t happen by accident—it’s the result of disciplined development practices. This episode explores common Software Development Lifecycle (SDLC) models, including waterfall, spiral, and V-model, and how they structure phases such as requirements, design, coding, testing, deployment, and maintenance. We also discuss where and how …
  continue reading
 
Artwork

1
Episode 116: Security Operations Center (SOC) Best Practices 10:45

Play Pause
icon
10:45
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:45icon
 
The Security Operations Center (SOC) is the nerve center of cybersecurity monitoring and incident response. In this episode, we explore SOC roles, responsibilities, staffing models, tools, and key performance indicators. We discuss shift scheduling, escalation paths, use cases, and integration with threat intelligence feeds. You'll also learn about…
  continue reading
 
Artwork

1
Episode 115: Personnel Security Controls and Separation of Duties 10:39

Play Pause
icon
10:39
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:39icon
 
People are at the heart of every security program—and also one of its greatest vulnerabilities. In this episode, we examine personnel security controls that mitigate human-based risks. Topics include background checks, onboarding protocols, security training, acceptable use policies, and ongoing behavior monitoring. We also explore separation of du…
  continue reading
 
Artwork

1
Episode 114: Physical Security Operations: Locks, Guards, Cameras 11:41

Play Pause
icon
11:41
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
11:41icon
 
Cybersecurity extends into the physical world, where threats like unauthorized access, theft, and sabotage can bypass digital defenses. In this episode, we explore physical security operations, including the use of barriers, locks, access control systems, security guards, surveillance cameras, and visitor management. We also cover how physical secu…
  continue reading
 
Artwork

1
Episode 113: Malware Analysis and Containment 11:30

Play Pause
icon
11:30
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
11:30icon
 
Understanding malware is essential for effective defense. This episode explores how security teams analyze and contain malicious software, including viruses, worms, ransomware, and trojans. We break down static and dynamic analysis techniques, sandboxing environments, signature development, and reverse engineering basics. You'll also learn how to c…
  continue reading
 
Artwork

1
Episode 112: Insider Threat Identification and Mitigation 11:06

Play Pause
icon
11:06
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
11:06icon
 
Not all threats come from the outside. Insider threats—whether malicious or accidental—pose a significant risk to organizational security. In this episode, we examine how to identify, monitor, and respond to threats from employees, contractors, or partners with legitimate access. We discuss behavioral indicators, user activity monitoring, data loss…
  continue reading
 
Artwork

1
Episode 111: Endpoint Detection and Response (EDR) 11:48

Play Pause
icon
11:48
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
11:48icon
 
Endpoints remain a primary target for cyberattacks, and protecting them requires more than traditional antivirus solutions. This episode explores Endpoint Detection and Response (EDR), a modern approach to securing laptops, desktops, servers, and mobile devices. We explain how EDR tools provide real-time monitoring, behavioral analysis, threat hunt…
  continue reading
 
Artwork

1
Episode 110: Secure Disposal and Media Sanitization 10:49

Play Pause
icon
10:49
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
10:49icon
 
Data doesn’t disappear just because you delete it. In this episode, we focus on how to securely dispose of media and sanitize storage devices to prevent data recovery. We cover techniques such as overwriting, degaussing, cryptographic erasure, and physical destruction, as well as when and how to apply each. You’ll also learn about documentation req…
  continue reading
 
Artwork

1
Episode 109: Change Control and Approval Processes 11:17

Play Pause
icon
11:17
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
11:17icon
 
Security isn’t just about stopping bad changes—it’s about managing all changes effectively. In this episode, we examine the formal process of change control: how to submit change requests, perform impact assessments, obtain approvals, test in controlled environments, and document results. We also cover the importance of change advisory boards (CABs…
  continue reading
 
Loading …
icon
Help/FAQ | Advertise with Us
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox
Listen to this show while you explore
Play