jay

Episode 7 – ELevate

by
Play

Podcast: Play in new window | Download (Duration: 52:13 — 119.8MB)

Subscribe: Apple Podcasts | Spotify | RSS

Remaining on legacy Linux distributions can lead to additional security risks as time goes on, and migrating to a newer and better supported distribution can be a very difficult endeavor for most administrators. In this episode, Jay and Joao are joined by Jack from AlmaLinux, and we talk about ELevate – a tool that can be used to migrate from a distribution in the Enterprise Linux family to another Enterprise Linux distribution. This helps alleviate some of the burden of distro migration, and as a community project it’s also a great project to get started with contributing to an open-source project.

Episode Downloads

Episode 6 – Image Defaults

by
Play

Podcast: Play in new window | Download (Duration: 1:17:45 — 142.5MB)

Subscribe: Apple Podcasts | Spotify | RSS

Although there’s no such thing as a “perfect” deployment image, including some sane defaults into your images and templates can save you a lot of work down the road, and also give you the opportunity to include more secure defaults. In this episode, we’ll discuss deployment image defaults as well as some recent news.

Episode 5 – The “Attacker” Mindset

by
Play

Podcast: Play in new window | Download (Duration: 1:06:48 — 91.9MB)

Subscribe: Apple Podcasts | Spotify | RSS

We’ve talked about Enterprise Linux Security from the worldview of the system administrator, but what’s it like on the other side? In this episode, Jay and Joao are joined by Atalay Kelestemur, an Ethical Hacker, as we discuss the mindset of the attacker.

Episode 4 – Supply Chain Attacks

by
Play

Podcast: Play in new window | Download (Duration: 43:58 — 100.8MB)

Subscribe: Apple Podcasts | Spotify | RSS

When you write software, there’s no reason to reinvent the wheel – shared libraries and other resources exist to enable you to create applications while avoiding redundant work. Unfortunately, sometimes the software supply itself chain is attacked, which would mean that your application contain malware or security threats you didn’t account for. In this episode of Enterprise Linux Security, Joao and I discuss supply chain attacks, as well as some ways to mitigate this threat.

Video-specific Links

Supply chain Levels for Software Artifacts (SLSA)

The Software Package Data Exchange (SPDX)

Episode 3 – Linux Distro Migrations

by
Play

Podcast: Play in new window | Download (Duration: 43:46 — 80.3MB)

Subscribe: Apple Podcasts | Spotify | RSS

Migrating your servers from one Linux distribution to another can be a daunting task, even moreso if it’s a migration you’re doing because of unforeseen events or changes within the ecosystem. In this video, Jay and Joao discuss the challenges when it comes to migrating Linux distributions, and the effect this has on security.

Ogg version

MP3 version

MP3 version (low)

OS Migration Checklist

Episode 2 – Attack Vectors

by
Play

Podcast: Play in new window | Download (Duration: 46:02 — 105.7MB)

Subscribe: Apple Podcasts | Spotify | RSS

Regardless of your role in your company, understanding the various types of attack vectors is extremely important. In this episode of Enterprise Linux Security, Jay and Joao discuss the most common attack vectors that are used today, which will set the foundation for future episodes.

Episode 1 – CVEs

by
Play

Podcast: Play in new window | Download (Duration: 42:12 — 96.8MB)

Subscribe: Apple Podcasts | Spotify | RSS

In episode 1 of the Enterprise Linux Security Podcast, Jay and Joao talk about CVEs: Common Vulnerabilities and Exposures. It’s an important topic to understand in the world of security, and we’ll talk about what this means, how they’re classified, and much more!

Episode 0 – The Beginning

by
Play

Podcast: Play in new window | Download (Duration: 44:27 — 101.9MB)

Subscribe: Apple Podcasts | Spotify | RSS

Enjoy the first episode of a brand new, bi-weekly podcast. Joao and I will get together in each episode and talk about all things Linux Security, with a focus on the Enterprise.