4 épisodes

Hot topic discussions in the information security world from an everyday cybersecurity professional.

Zero Hour Security Ryan St. Germain

    • Actualités

Hot topic discussions in the information security world from an everyday cybersecurity professional.

    EP4: My Top 5 Log Sources

    EP4: My Top 5 Log Sources

    Today I discuss my picks for top 5 log sources you should be collecting within an organization and why. 

    • 32 min
    EP3: Phishing simulations - How to properly use them

    EP3: Phishing simulations - How to properly use them

    Phishing simulations are a popular method to help train employees on identifying malicious emails. However, there has been some negative press on the subject. While these concerns are legitimate, I am going to address why I think organizations are just using the technology incorrectly and people on twitter are overreacting.

    Sources:

    https://www.theverge.com/2020/12/24/22199406/godaddy-wins-2020-stupidity-award

    • 23 min
    EP2: Securing the remote workforce

    EP2: Securing the remote workforce

    Discussion on how to secure employees while working remotely. I touch on what is needed from the management side and the technical details on the engineering end. In addition, I give some insight into what has and hasn't worked so well for my organization and delve into a case study on my organization.

    This episode is based on an article I wrote here: https://rwstgermain.medium.com/securing-a-remote-force-during-covid-19-5c22f4a1554a

    • 52 min
    EP1: SolarWinds and the state of supply chain risk

    EP1: SolarWinds and the state of supply chain risk

    I dive into an overview of what we know about the SolarWInds breach. I also discuss my opinions regarding supply chain risk management and were we go from here. Finally I close with some details on what my thought process was in determining if my organization could have detected this.

    Sources:

    https://rwstgermain.medium.com

    https://twitter.com/vinodsparrow/status/1338431183588188160?s=20

    https://techcommunity.microsoft.com/t5/azure-sentinel/solarwinds-post-compromise-hunting-with-azure-sentinel/ba-p/1995095

    https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/

    https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html

    https://techcommunity.microsoft.com/t5/azure-active-directory-identity/understanding-quot-solorigate-quot-s-identity-iocs-for-identity/ba-p/2007610

    https://pastebin.com/KD4f4w5V

    https://duo.com/blog/the-beer-drinkers-guide-to-saml

    • 25 min
  • © Ryan St. Germain

Classement des podcasts dans Actualités

Journal Afrique
Journal Afrique
RFI
Global News Podcast
Global News Podcast
BBC World Service
Entertainment Headline News
Entertainment Headline News
Zoba Digital Media
AFRICA FOOTLIGHTS
AFRICA FOOTLIGHTS
Bill Andrew Palla
Journal Monde
Journal Monde
RFI
The Foreign Affairs Interview
The Foreign Affairs Interview
Foreign Affairs Magazine