Enterprise Linux Security Episode 32 – MySQL for Everyone!

Play

Are you a fan of MySQL? What if we told you that there’s an infinite supply of it online, right out in the open?! It’s literally as bad as it sounds! In this episode, Jay and Joao discuss how over 3.6 million MySQL instances are publicly available, as well as other forms of unintended public access.

Download Links

Relevant Articles

Enterprise Linux Security Episode 31 – How NOT to Research Security

Play

A “researcher” with a screen name of “Sockpuppets” decides to demonstrate how insecure some specific online resources are, in the worst way possible. You can’t make this stuff up! In this episode, Jay and Joao discuss what this individual wanted to accomplish (and what happened instead).

Download Links

Relevant Articles

Enterprise Linux Security Episode 28 – Second Factor Authentication

Play

Through the course of the podcast so far, Jay and Joao have discussed foundational topics, as well as news and current trends. In this episode, second factor authentication is discussed. This foundational episode will go over what it is, why you should use it, and also some of the things that can potentially weaken its benefit.

Downloads

Enterprise Linux Security Episode 27 – People Problems

Play

In the industry, we spend a great deal of time hardening our security, doing our due diligence when it comes to patching, implementing firewalls, avoiding EOL software, as well as many other aspects of our security focus. But unfortunately, even a well thought out implementation of common security controls can be rendered useless if we miss the low hanging fruit – such as training our employees and making sure they understand how serious security is, and how they can help. In this episode, Jay and Joao will discuss that and more.

Downloads

Enterprise Linux Security Episode 23 – Busting 5 IT Security Myths

Play

Cyber security is a huge topic, and through the years the industry changes rapidly to keep up with current threats and related challenges. As a result, some of the beliefs and mindsets we’ve adopted in the industry have changed as well. In this episode, Jay and Joao discuss 5 myths in the security industry that either need to be adjusted, or downright debunked.

Download:

Relevant links:

Enterprise Linux Security Episode 20 – Cloud Governance

Play

Cloud Computing is all the rage these days – but what happens when a company moves to the cloud to quickly? While cloud computing can be a very rewarding technology, it can also get out of hand quite quickly. In this video, Joao and Jay discuss the concept of Cloud Governance, something that any organization that utilizes the cloud can (and should) take advantage of.

Download links

Relevant links

Enterprise Linux Security Episode 19 – The 2021 RBS Year-End Vulnerability Report

Play

2021 is now in the past, but there’s some very interesting details in the year-end vulnerability report produced by RBS. These details give us a look at some of the trends that will impact 2022 and beyond. In this episode, Joao and Jay discuss the report and some of its findings.

Download links

Relevant links

Enterprise Linux Security Episode 18 – Zero Trust Security

Trust is a very important aspect of security, but who/what exactly should you trust? How about no one? Join Jay and Joao for episode 18 of the Enterprise Linux Security show, as they discuss Zero Trust Security.

Enterprise Linux Security Episode 14 – Recovering from Disasters

Play

Disasters in the world of tech are frustrating for everyone, not just the company that experienced the incident. In this episode, Jay and Joao discuss thoughts around what it actually means to recovery from a disaster, and why it’s typically not a quick process.

Episode 4 – Supply Chain Attacks

Play

When you write software, there’s no reason to reinvent the wheel – shared libraries and other resources exist to enable you to create applications while avoiding redundant work. Unfortunately, sometimes the software supply itself chain is attacked, which would mean that your application contain malware or security threats you didn’t account for. In this episode of Enterprise Linux Security, Joao and I discuss supply chain attacks, as well as some ways to mitigate this threat.

Video-specific Links

Supply chain Levels for Software Artifacts (SLSA)

The Software Package Data Exchange (SPDX)