Press "Enter" to skip to content

Category: Uncategorized

Enterprise Linux Security Episode 47 – Legislating Open Source

Supply chain attacks in open source software projects are a real possibility. In fact, we’ve covered actual incidents in previous episodes of this podcast. In this episode, Jay and Joao discuss developing legislation that will require the components within open source projects to be a part of a bill of materials (among other requirements). This is definitely something you’ll want to be aware of if your organization produces open-source software, but even non-developers should be aware of it as well.

Relevant Articles

Download Links

Comments closed

Enterprise Linux Security Episode 45 – More Wi-Fi, More Problems

As if Wi-Fi couldn’t get anymore tedious, five (yes, FIVE) vulnerabilities were discovered in the Linux mac80211 framework, which can potentially impact literally anyone that uses Wi-Fi. Thankfully, patches are already out to fix these vulnerabilities, but there’s important lessons to be learned here that this recent incident makes incredibly clear. Also, the ongoing White House security directive saga continues with some adjustments that broaden its scope.

Note: Enterprise Linux Security will return to its live format in November.

Relevant Articles

Download Links

Comments closed

Enterprise Linux Security Episode 42 – Do NOT Fire Your Security Team!

Recent news of Patreon firing their security team is making the rounds online, and in this episode, Jay and Joao will talk about this very strange story and some takeaways from it.

Relevant Links

Download Links

Comments closed

Enterprise Linux Security Episode 41 – Important CISO Focus Areas

What are some of the important areas that a Chief Information Security Officer should focus on? In this episode, Jay and Joao discuss a recent article where Aman Sood (a CISO for Jimdo) discusses important aspects of the job to pay attention to. This information from the perspective of an actual CISO offers a unique lens through which to look at these critical focus areas.

Relevant links

Download links

Comments closed

Enterprise Linux Security Episode 26 – The State of Enterprise Linux Security Management

We talk a lot about patching on this podcast, and the reason for that is because a lot of organizations don’t seem to handle this important aspect of security very well. A recent patching report from the Ponemon institute seems to reflect this, and the stats regarding patching definitely don’t look good. In this episode of Enterprise Linux Security, Jay and Joao discuss some of the findings within this report.

Downloads

Related Links

Comments closed

Enterprise Linux Security Episode 22 – Certificates

Encryption is a great benefit to take advantage of, especially when it comes to hosting web sites. But how exactly do TLS certificates work? In this episode, Jay and Joao discuss foundational concepts surrounding certificates, as well as some advice and recommended practices.

Download:

Comments closed

Enterprise Linux Security Episode 12 – An Inside Job!

Earlier this year, Ubiquiti allegedly suffered a breach, which seemed to reinforce the hesitation some customers have with using the UniFi platform, given that it has a cloud-connected controller. Now, months later, an unexpected bombshell was dropped – it looks like the company wasn’t compromised by an outside attacker after all, recent developments seem to point to the whole fiasco being an inside job!

https://youtu.be/MsMlaIxbW8w

Check out this story on The Verge.

Comments closed

Episode 2 – Attack Vectors

Regardless of your role in your company, understanding the various types of attack vectors is extremely important. In this episode of Enterprise Linux Security, Jay and Joao discuss the most common attack vectors that are used today, which will set the foundation for future episodes.

Comments closed