182 episodes

A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.

Open Source Security Podcast Josh Bressers & Kurt Seifried

    • Technology

A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.

    Episode 180 - A Tale of Two Vulnerabilities

    Episode 180 - A Tale of Two Vulnerabilities

    Josh and Kurt talk about two recent vulnerabilities that have had very different outcomes. One was the Citrix remote code execution flaw. While the flaw is bad, the handling of the flaw was possibly worse than the flaw itself. The other was the Microsoft ECC encryption flaw. It was well handled even though it was hard to understand and it is a pretty big deal. As all these things go, fixing and disclosing vulnerabilities is hard.

    • 31 min
    Episode 179 - Google Project Zero and the 90 day clock

    Episode 179 - Google Project Zero and the 90 day clock

    Josh and Kurt talk about the updated Google Project Zero disclosure policy. What's the new policy, what does it mean, and will it really matter? We suspect it will improve some things, but won't drastically change much.

    • 31 min
    Episode 178 - Are CVEs important and will ransomware put you out of business?

    Episode 178 - Are CVEs important and will ransomware put you out of business?

    Josh and Kurt talk about a discussion on Twitter about if discovering CVE IDs is important for a resume? We don't think it is. We also discuss the idea of ransomware putting a company out of business. Did it really? Possibly but it probably won't create any substantial change in the industry.

    • 32 min
    Episode 177 - Fake or real? The security of counterfeit goods

    Episode 177 - Fake or real? The security of counterfeit goods

    Josh and Kurt talk about marketplace safety and security. Will we ever see an end to the constant flow of counterfeit goods? The security industry has the same problem the marketplace industry has, without substantial injury we don't see movement towards meaningful change.

    • 29 min
    Episode 176 - The 'predictions are stupid' prediction episode

    Episode 176 - The 'predictions are stupid' prediction episode

    Josh and Kurt talk about security predictions for 2020. None of the predictions are even a bit controversial or unexpected. We're in a state of slow change, without disruptive technology next year will look a lot like this year.

    • 32 min
    Episode 175 - Defenders will always be one step behind

    Episode 175 - Defenders will always be one step behind

    Josh and Kurt talk about the opportunistic nature of crime. Defenders have to defend, which means the adversaries are by definition always a step ahead. We use the context of automobile crimes to frame the discussion.

    • 30 min

Customer Reviews

xEPICxMONKEYx ,

A few episodes in and very much enjoying it!

If your interested in security then this will be a great podcast to listen to.

Benayak ,

A must for security-orientated developers

Josh and Kurt offer detailed and layman-termed explanations for any developer conscious about protecting their assets. The Security Planner episode is a personal favourite. Thumbs up!

Top Podcasts In Technology

Listeners Also Subscribed To