Enterprise Linux Security Episode 47 – Legislating Open Source

Play

Supply chain attacks in open source software projects are a real possibility. In fact, we’ve covered actual incidents in previous episodes of this podcast. In this episode, Jay and Joao discuss developing legislation that will require the components within open source projects to be a part of a bill of materials (among other requirements). This is definitely something you’ll want to be aware of if your organization produces open-source software, but even non-developers should be aware of it as well.

Relevant Articles

Download Links

Enterprise Linux Security Episode 46 – Monitoring

Play

If you’re in charge of maintaining servers and related equipment, what should you monitor? While monitoring is something that will grow and expand over time, Jay and Joao will give you some tips in this episode to get you started. Check out this episode for some tips on some of the baseline checks you should implement with your monitoring solution of choice.

Download Links

Enterprise Linux Security Episode 45 – More Wi-Fi, More Problems

Play

As if Wi-Fi couldn’t get anymore tedious, five (yes, FIVE) vulnerabilities were discovered in the Linux mac80211 framework, which can potentially impact literally anyone that uses Wi-Fi. Thankfully, patches are already out to fix these vulnerabilities, but there’s important lessons to be learned here that this recent incident makes incredibly clear. Also, the ongoing White House security directive saga continues with some adjustments that broaden its scope.

Note: Enterprise Linux Security will return to its live format in November.

Relevant Articles

Download Links

Enterprise Linux Security Episode 44 – Is Linux less of a Target?

Play

In this episode, Jay and Joao discuss how much of a target Linux is, as well as some myths surrounding Linux and security. Also, there will be some news updates as well.

Relevant Articles

Download Links

Enterprise Linux Security Episode 43 – Grand Theft Data

Play

In this episode, Jay and Joao discuss a handful of cybersecurity events in the news. While none of these stories are super exciting from a technical standpoint, there’s definitely some lessons to be learned. As part of this discussion, Jay and Joao will talk about topics related to the recent Grand Theft Auto leak, as breaches that targeted Uber, 2k games, and more.

Relevant Links

Download Links

Enterprise Linux Security Episode 42 – Do NOT Fire Your Security Team!

Play

Recent news of Patreon firing their security team is making the rounds online, and in this episode, Jay and Joao will talk about this very strange story and some takeaways from it.

Relevant Links

Download Links

Enterprise Linux Security Episode 41 – Important CISO Focus Areas

Play

What are some of the important areas that a Chief Information Security Officer should focus on? In this episode, Jay and Joao discuss a recent article where Aman Sood (a CISO for Jimdo) discusses important aspects of the job to pay attention to. This information from the perspective of an actual CISO offers a unique lens through which to look at these critical focus areas.

Relevant links

Download links

Enterprise Linux Security Episode 40 – Continuous Integration / Continuous Delivery

Play

Continuous Integration/Continuous Delivery is huge concept when it comes to application deployment nowadays, and with good reason. Automating the compilation, testing, and other aspects of the development process increases efficiency and reliability. Security is another layer of a good CI/CD system, and in this episode, Jay and Joao discuss CI/CD and the security aspects of the popular deployment style.

Relevant Links

Download Links

Enterprise Linux Security Episode 39 – Publicly Available RDP, What Could Go Wrong?!

Play

What happens when you open up the Remote Desktop Protocol (RDP) to the public Internet? Definitely some shenanigans, that’s what. In this episode, Jay and Joao discuss some recent news, which includes a company that made the mistake of making RDP available to everyone, multiple crypto-malware infections at the same time, and other news.

Relevant Links

Download Links

Enterprise Linux Security Episode 38 – De-anonymizing Ransomware Domains

Play

When Ransomware attacks begin spreading, how would officials go about finding the source? Most of the time, finding the culprit(s) behind cyber-attacks is a very challenging task. In this episode of Enterprise Linux Security, Joao and Jay discuss some methods that were recently used to de-anonymize ransomware domains.

Relevant Links

Download Links