Podcast: Play in new window | Download (Duration: 40:25 — 74.3MB)
Subscribe: Apple Podcasts | Spotify | RSS
In episode 36 of the Enterprise Linux Security podcast, Jay and Joao record an episode live for the first time.
hardening
Enterprise Linux Security Episode 35 – Top 25 Dangerous Software Weaknesses
Podcast: Play in new window | Download (Duration: 57:37 — 105.8MB)
Subscribe: Apple Podcasts | Spotify | RSS
In this episode, Jay and Joao discuss a recent report that identifies the “Top 25 most dangerous software weaknesses.” This list includes the usual suspects, as well as some very interesting findings as well. In addition, the descriptions of the common weaknesses serves as a good jumping in point if you’re new to this podcast.
Download Links
Relevant Articles
Enterprise Linux Security Episode 32 – MySQL for Everyone!
Podcast: Play in new window | Download (Duration: 45:37 — 83.9MB)
Subscribe: Apple Podcasts | Spotify | RSS
Are you a fan of MySQL? What if we told you that there’s an infinite supply of it online, right out in the open?! It’s literally as bad as it sounds! In this episode, Jay and Joao discuss how over 3.6 million MySQL instances are publicly available, as well as other forms of unintended public access.
Download Links
Relevant Articles
Enterprise Linux Security Episode 31 – How NOT to Research Security
Podcast: Play in new window | Download (Duration: 53:12 — 97.7MB)
Subscribe: Apple Podcasts | Spotify | RSS
A “researcher” with a screen name of “Sockpuppets” decides to demonstrate how insecure some specific online resources are, in the worst way possible. You can’t make this stuff up! In this episode, Jay and Joao discuss what this individual wanted to accomplish (and what happened instead).
Download Links
Relevant Articles
Enterprise Linux Security Episode 28 – Second Factor Authentication
Podcast: Play in new window | Download (Duration: 47:51 — 88.0MB)
Subscribe: Apple Podcasts | Spotify | RSS
Through the course of the podcast so far, Jay and Joao have discussed foundational topics, as well as news and current trends. In this episode, second factor authentication is discussed. This foundational episode will go over what it is, why you should use it, and also some of the things that can potentially weaken its benefit.
Downloads
Enterprise Linux Security Episode 27 – People Problems
Podcast: Play in new window | Download (Duration: 45:20 — 83.3MB)
Subscribe: Apple Podcasts | Spotify | RSS
In the industry, we spend a great deal of time hardening our security, doing our due diligence when it comes to patching, implementing firewalls, avoiding EOL software, as well as many other aspects of our security focus. But unfortunately, even a well thought out implementation of common security controls can be rendered useless if we miss the low hanging fruit – such as training our employees and making sure they understand how serious security is, and how they can help. In this episode, Jay and Joao will discuss that and more.
Downloads
Enterprise Linux Security Episode 23 – Busting 5 IT Security Myths
Podcast: Play in new window | Download (Duration: 45:48 — 84.2MB)
Subscribe: Apple Podcasts | Spotify | RSS
Cyber security is a huge topic, and through the years the industry changes rapidly to keep up with current threats and related challenges. As a result, some of the beliefs and mindsets we’ve adopted in the industry have changed as well. In this episode, Jay and Joao discuss 5 myths in the security industry that either need to be adjusted, or downright debunked.
Download:
Relevant links:
- Time for password expiration to die (SANS)
- Death of the Password? (Wired)
Enterprise Linux Security Episode 18 – Zero Trust Security
Trust is a very important aspect of security, but who/what exactly should you trust? How about no one? Join Jay and Joao for episode 18 of the Enterprise Linux Security show, as they discuss Zero Trust Security.
Enterprise Linux Security Episode 14 – Recovering from Disasters
Podcast: Play in new window | Download (Duration: 54:43 — 100.5MB)
Subscribe: Apple Podcasts | Spotify | RSS
Disasters in the world of tech are frustrating for everyone, not just the company that experienced the incident. In this episode, Jay and Joao discuss thoughts around what it actually means to recovery from a disaster, and why it’s typically not a quick process.
Episode 8 – Trojan Source, & CISA’s Directive
Podcast: Play in new window | Download (Duration: 48:39 — 111.7MB)
Subscribe: Apple Podcasts | Spotify | RSS
Recently, some interesting security news has occurred, and two specific developments are the main discussion in this episode. Trojan Source is a newly discovered tactic that can be used to hide malicious code and execute something completely unexpected, even when the source code appears to be syntactically correct. In addition, CISA recently mandated a large number of CVE’s to be patched in the very near future, which will likely have ramifications even outside of the United States. Also, Jay and Joao also discuss the recently released Fedora 35, which is a distribution that has a large presence on the workstations that administrators use.