Episodes

Enterprise Linux Security Episode 49 – The Code is Open, But Who’s Looking at It?

by
Play

Podcast: Play in new window | Download (Duration: 30:54 — 56.9MB)

Subscribe: Apple Podcasts | Spotify | RSS

Open-Source is great – with code being open, everyone has access to it. That means that the code can be audited – and that makes it more secure, right? Well, possibly. In the recent talk “The Code is Open, But Who’s Looking at it?” Joao discusses the concept in detail. This talk was recorded at OSAD 2022. New episodes of Enterprise Linux Security will resume after the holidays. But for now, enjoy the talk!

Download Links

Enterprise Linux Security Episode 48 – New Malware, Old Vulnerabilities

by
Play

Podcast: Play in new window | Download (Duration: 35:59 — 66.2MB)

Subscribe: Apple Podcasts | Spotify | RSS

While it’s certainly never a good thing to become the victim of a cyber-attack, it can be even more embarrassing if the CVE the threat actor used to get a foothold into your systems was patched a long time ago. In this episode, Jay and Joao discuss malware that’s currently taking advantage of vulnerabilities that were patched over a year ago! As important as software updates happen to be, why are so many organizations unable to keep up with them?

Download Links

Relevant Articles

Enterprise Linux Security Episode 47 – Legislating Open Source

by
Play

Podcast: Play in new window | Download (Duration: 32:26 — 59.7MB)

Subscribe: Apple Podcasts | Spotify | RSS

Supply chain attacks in open source software projects are a real possibility. In fact, we’ve covered actual incidents in previous episodes of this podcast. In this episode, Jay and Joao discuss developing legislation that will require the components within open source projects to be a part of a bill of materials (among other requirements). This is definitely something you’ll want to be aware of if your organization produces open-source software, but even non-developers should be aware of it as well.

Relevant Articles

Download Links

Enterprise Linux Security Episode 46 – Monitoring

by
Play

Podcast: Play in new window | Download (Duration: 45:08 — 83.0MB)

Subscribe: Apple Podcasts | Spotify | RSS

If you’re in charge of maintaining servers and related equipment, what should you monitor? While monitoring is something that will grow and expand over time, Jay and Joao will give you some tips in this episode to get you started. Check out this episode for some tips on some of the baseline checks you should implement with your monitoring solution of choice.

Download Links

Enterprise Linux Security Episode 45 – More Wi-Fi, More Problems

by
Play

Podcast: Play in new window | Download (Duration: 35:40 — 65.6MB)

Subscribe: Apple Podcasts | Spotify | RSS

As if Wi-Fi couldn’t get anymore tedious, five (yes, FIVE) vulnerabilities were discovered in the Linux mac80211 framework, which can potentially impact literally anyone that uses Wi-Fi. Thankfully, patches are already out to fix these vulnerabilities, but there’s important lessons to be learned here that this recent incident makes incredibly clear. Also, the ongoing White House security directive saga continues with some adjustments that broaden its scope.

Note: Enterprise Linux Security will return to its live format in November.

Relevant Articles

Download Links

Enterprise Linux Security Episode 44 – Is Linux less of a Target?

by
Play

Podcast: Play in new window | Download (Duration: 52:44 — 96.9MB)

Subscribe: Apple Podcasts | Spotify | RSS

In this episode, Jay and Joao discuss how much of a target Linux is, as well as some myths surrounding Linux and security. Also, there will be some news updates as well.

Relevant Articles

Download Links

Enterprise Linux Security Episode 43 – Grand Theft Data

by
Play

Podcast: Play in new window | Download (Duration: 47:09 — 86.7MB)

Subscribe: Apple Podcasts | Spotify | RSS

In this episode, Jay and Joao discuss a handful of cybersecurity events in the news. While none of these stories are super exciting from a technical standpoint, there’s definitely some lessons to be learned. As part of this discussion, Jay and Joao will talk about topics related to the recent Grand Theft Auto leak, as breaches that targeted Uber, 2k games, and more.

Relevant Links

Download Links

Enterprise Linux Security Episode 42 – Do NOT Fire Your Security Team!

by
Play

Podcast: Play in new window | Download (Duration: 1:07:10 — 123.3MB)

Subscribe: Apple Podcasts | Spotify | RSS

Recent news of Patreon firing their security team is making the rounds online, and in this episode, Jay and Joao will talk about this very strange story and some takeaways from it.

Relevant Links

Download Links

Enterprise Linux Security Episode 41 – Important CISO Focus Areas

by
Play

Podcast: Play in new window | Download (Duration: 44:57 — 82.7MB)

Subscribe: Apple Podcasts | Spotify | RSS

What are some of the important areas that a Chief Information Security Officer should focus on? In this episode, Jay and Joao discuss a recent article where Aman Sood (a CISO for Jimdo) discusses important aspects of the job to pay attention to. This information from the perspective of an actual CISO offers a unique lens through which to look at these critical focus areas.

Relevant links

Download links

Enterprise Linux Security Episode 40 – Continuous Integration / Continuous Delivery

by
Play

Podcast: Play in new window | Download (Duration: 59:08 — 108.6MB)

Subscribe: Apple Podcasts | Spotify | RSS

Continuous Integration/Continuous Delivery is huge concept when it comes to application deployment nowadays, and with good reason. Automating the compilation, testing, and other aspects of the development process increases efficiency and reliability. Security is another layer of a good CI/CD system, and in this episode, Jay and Joao discuss CI/CD and the security aspects of the popular deployment style.

Relevant Links

Download Links