Ahead of the Breach

Sprocket

5,0 (4)
TECHNOLOGIES
TOUTES LES 2 SEMAINES

Ahead of the Breach

Welcome to the Ahead of the Breach, the podcast dedicated to equipping security experts and practitioners with the knowledge and insights needed to excel in the future of cybersecurity. Join us as we explore innovative strategies, emerging trends, actionable takeaways to help security leaders stay ahead.

-2 J

Eptura's Sean Finley on Building Risk-Based Application Security Programs

What if vulnerability management was less about filling backlogs with findings and more about strategic risk reduction? Sean Finley, Director of Application & Product Security at Eptura, brings a refreshing perspective to application security to his conversation with Casey on this episode of Ahead of the Breach. Shaped by years of experience as both a software analyst and security leader, his approach challenges the traditional ”dump truck of data” mentality, instead advocating for thoughtful prioritization and strong stakeholder partnerships. From building bridges with development teams to making the case for security investments to business leaders, Sean shares practical wisdom for creating AppSec programs that truly serve organizational goals while keeping risks in check. Topics discussed: - Understanding the limitations of traditional vulnerability management and why flooding backlogs with findings doesn’t equate to effective security. - Building strategic partnerships with business stakeholders to ensure security efforts align with organizational priorities and risk tolerance. - Integrating security tools seamlessly into developer workflows to reduce friction and increase adoption across engineering teams. - Advocating for security considerations during the design phase to prevent costly fixes and potential data breaches later. - Managing the delicate balance between development speed and security requirements in modern Agile environments. - Creating effective risk-based approaches to vulnerability prioritization based on business context and threat intelligence. - Developing strategies for earning developer trust and respect while educating teams about security concepts and threats. - Implementing repeatable security processes that work across different release cadences, from quarterly to daily deployments. - Building quality assurance into the software development lifecycle through consistent security testing and validation. - Fostering a collaborative security culture that emphasizes enablement rather than obstruction or purely compliance-driven approaches.

26 min
14 JANV.

Microsoft's Vladimir Tokarev on Discovering Critical OpenVPN Vulnerabilities

From a friendly gaming challenge to uncovering critical vulnerabilities, Vladimir Tokarev’s journey showcases the power of curiosity in cybersecurity. As a Senior Security Researcher at Microsoft, Tokarev recently unveiled four significant vulnerabilities in OpenVPN’s Windows implementation at Black Hat 2024, which he tells Casey all about in this episode of Ahead of the Breach. Vladimir’s discovery process, beginning with ExpressVPN and leading to wider implications across multiple VPN providers, demonstrates how deep technical expertise combined with creative thinking can uncover security flaws in even the most widely reviewed open source projects. Topics discussed: - How a friendly gaming challenge to find ExpressVPN vulnerabilities led to discovering critical flaws in OpenVPN’s core implementation - The technical details of four chained vulnerabilities, including integer overflow issues and privilege escalation in OpenVPN’s Windows service - Exploring how vulnerable code propagated across VPN providers through shared components, affecting ExpressVPN, Proton VPN, and multiple other services - Walking through the vulnerability research process using IDA Pro for reverse engineering and WinDbg for kernel debugging in Windows environments - Understanding how natural curiosity and creative thinking drive successful vulnerability research, from initial discovery through full exploitation - Strategies for maintaining research momentum during long periods without findings, including the importance of switching tasks and maintaining work-life balance - Essential advice for newcomers to vulnerability research, focusing on building strong technical foundations and developing systematic approaches to discovery - How studying newly released CVEs without proof-of-concepts helps develop intuition and provides immediate feedback for improving research skills - Insights into balancing security research across different domains, from Microsoft’s internal products to IoT devices and popular open source projects

29 min
7 JANV.

N-able's Keiran Smith on Building Better Security Through Development Experience

From executing his first SQL injection at age 14 to contributing to the Linux kernel, Keiran Smith’s path to becoming Lead Pentest Engineer at N-able is anything but conventional, as he tells Casey in this episode of Ahead of the Breach. His journey weaves through roles as a senior developer, architect, and DevOps engineer — experiences that transformed him into a security leader who speaks both attacker and defender languages fluently. Drawing from his extensive software development background, Keiran explains how understanding code makes him a more effective penetration tester and enables him to build stronger relationships with development teams. Armed with Rust-based custom tools and a developer’s mindset, he shows how technical expertise paired with engineering empathy creates a more effective approach to security testing. Topics discussed: - Bug bounty programs have transformed security testing, creating legitimate paths for aspiring ethical hackers. - Understanding code architecture and development processes makes for more effective and impactful security testing results. - Creating productive partnerships with development teams by offering solutions rather than just pointing out problems. - Essential penetration testing tools, including Burp Suite extensions like Stepper and Hackvertor. - Streamlining security documentation with Obsidian, markdown-based notes, and automated report generation through custom CI/CD pipelines. - Strategies for tracking and testing constantly evolving attack surfaces in modern development environments. - Real-world guidance for newcomers about embracing failure and building strong technical foundations in security. - Lessons learned from multiple OSCP certification attempts and why persistence matters more than initial success. - How contributing to open source projects like Swagger Jacker and developing custom tools enhances the security community.

24 min
17/12/2024

RSA’s Lorenzo Pedroncelli on Identity Security as the New Cyber Perimeter

In this episode of Ahead of the Breach, Casey speaks with Lorenzo Pedroncelli, Senior Manager at RSA, who shares his insights on the evolving landscape of cybersecurity, emphasizing the critical role of identity security. He discusses the importance of fostering a security culture within organizations, where employees feel empowered to report suspicious activities. Lorenzo also highlights the challenges of combating identity fraud and the necessity of implementing effective identity proofing measures. Additionally, he explores how organizations can leverage advanced identity management solutions to strengthen their security posture. Topics discussed: - Identity security as a foundational element of modern cybersecurity strategies in protecting organizational assets and sensitive information. - Fostering a security culture where employees feel comfortable verifying identities and reporting suspicious activities to enhance overall organizational security. - The rise of identity fraud and phishing attacks, highlighting the need for robust identity verification processes. - Implementing effective identity proofing measures during employee onboarding to ensure that the right individuals are granted access to sensitive systems. - The importance of continuous risk assessment strategies to adapt to evolving threats and maintain a strong security posture. - Leveraging advanced identity management solutions to streamline authentication processes and improve user experience while maintaining security. The role of open communication and regular training in empowering employees to recognize and respond to potential security threats. - Strategies for separating machine identity from user identity to enhance security and reduce the risk of unauthorized access. - The impact of regulatory compliance on identity security practices and the necessity for organizations to stay updated on best practices. - Building collaborative relationships with other cybersecurity vendors to share intelligence and improve overall security measures across the industry.

43 min
03/12/2024

DigiCert’s Bindi Davé on Digital Trust in Cybersecurity

In this episode of Ahead of the Breach, Casey speaks with Bindi Davé, Deputy CISO at DigiCert, who shares her extensive experience in cybersecurity, focusing on the critical importance of digital trust in today’s interconnected world. She discusses how organizations can establish trust in digital communications and the role of zero trust principles in enhancing security. Bindi also explores the dual nature of artificial intelligence in cybersecurity, highlighting both its potential to improve efficiency and the risks it poses if mismanaged. Additionally, she emphasizes the need for automation in managing crypto assets to ensure compliance and agility in an evolving threat landscape. Topics discussed: - The significance of digital trust in ensuring secure online interactions and transactions in an increasingly connected world. - How zero trust principles can enhance security by continuously verifying user identities and access rights across digital platforms. - The dual-edged nature of artificial intelligence in cybersecurity, highlighting its potential benefits and inherent risks when misused. - The importance of establishing trust in AI systems and ensuring the integrity of data fed into machine learning models. - Strategies for automating the management of crypto assets to maintain compliance and prevent security breaches in organizations. - The role of vulnerability assessments and penetration testing in identifying and mitigating security risks within digital infrastructures. - Insights on building effective relationships between security teams and other departments to foster collaboration and enhance overall security posture. - The need for continuous education and training in cybersecurity to keep pace with evolving threats and technologies. - Lessons learned from past incident response experiences, emphasizing the importance of preparedness and effective communication during crises.

28 min
19/11/2024

Collectors’ Arif Basha on Proactive Security and Attack Surface Management

In this episode of Ahead of the Breach, Casey speaks with cybersecurity leader and expert, Arif Basha. Arif offers his insights on the critical importance of attack surface management in today’s cybersecurity landscape. Arif highlights how the dissolution of traditional network perimeters has shifted the focus to identity as the new perimeter, emphasizing the need for proactive security measures. He also shares insights on the significance of maintaining up-to-date incident response plans and fostering a culture of cybersecurity awareness within organizations. Tune in to learn how to effectively manage vulnerabilities and prepare for potential breaches in an evolving threat environment. Topics discussed: The critical role of attack surface management in identifying vulnerabilities and mitigating risks in an increasingly complex cybersecurity landscape. - How geopolitical tensions impact the security posture of organizations and necessitate a proactive approach to cybersecurity measures. - The shift from traditional network perimeters to identity as the new perimeter, highlighting the importance of multi-factor authentication and access controls. - The significance of maintaining a strong patch management process to ensure systems are secure and vulnerabilities are addressed promptly. - The need for comprehensive incident response plans that include documentation, procedures, and tabletop exercises to prepare for potential breaches. - The importance of fostering a culture of cybersecurity awareness among employees to minimize risks associated with phishing and social engineering attacks. - Insights into the challenges of getting the cybersecurity fundamentals right and why organizations often overlook basic security practices. - The evolving role of AI in cybersecurity, including its potential to enhance incident response and automate threat detection processes. - The necessity of effective communication strategies during a breach, ensuring that internal and external stakeholders are informed and engaged. - The growing importance of cyber insurance and understanding policy coverage to mitigate financial impacts from potential security incidents.

16 min
05/11/2024

Ryerson’s Joe Mariscal on Building a Resilient Cybersecurity Culture

In this episode of Ahead of the Breach, Casey speaks with Joe Mariscal, Director of Cybersecurity and Compliance at Ryerson. Joe brings his extensive experience in the cybersecurity field to discuss topics such as the critical issue of burnout among cybersecurity professionals. He emphasizes the importance of leadership in fostering a supportive work environment. Joe also highlights strategies for preventing burnout, such as establishing clear boundaries for off time and encouraging open communication. Additionally, Joe delves into navigating compliance frameworks and the emerging threats posed by OT, IoT, and IIoT in the manufacturing sector. Tune in for valuable insights on building resilient cybersecurity teams! Topics discussed: - The importance of leadership in preventing burnout among cybersecurity teams and fostering a supportive work environment that prioritizes mental well-being. - Strategies for establishing clear boundaries between work and personal time, ensuring that team members can disconnect and recharge effectively. - The impact of constant on-call expectations on employee stress levels and overall team morale in high-pressure cybersecurity roles. - Navigating compliance frameworks, including the differences between prescriptive and advisory guidelines, and aligning them with organizational needs and risk profiles. - Emerging threats in the manufacturing sector, particularly related to operational technology (OT), the internet of things (IoT), and the industrial internet of things (IIoT). - The challenges of managing legacy systems within cybersecurity and the importance of maintaining an accurate asset inventory for effective defense. - The role of ongoing training and development in keeping cybersecurity teams sharp and prepared for evolving threats in the digital landscape. - Utilizing risk registers to prioritize vulnerabilities and communicate effectively with executive leadership about necessary remediation efforts. - The significance of proactive security measures in identifying and mitigating risks associated with remote support and third-party vendor access. - Building a resilient cybersecurity culture that encourages open communication, regular check-ins, and support for personal issues affecting team performance.

19 min
22/10/2024

Cubic’s Konrad Fellmann on Proactive Strategies for Identifying Cybersecurity Vulnerabilities

In this episode of Ahead of the Breach, Casey speaks with Konrad Fellmann, VP of IT Infrastructure and CISO at Cubic. Konrad explores critical topics in cybersecurity, including privacy implications of data collection in the automotive industry, for example car manufacturers are reportedly selling consumer data. Konrad also discusses the evolving role of the CISO, emphasizing the importance of pragmatism and understanding business goals. Additionally, he shares proactive strategies for identifying vulnerabilities, such as integrating security early in the development process and conducting regular penetration testing. Topics discussed: - The importance of building a security culture within organizations, ensuring that all employees understand their role in protecting sensitive information. - The evolving responsibilities of a CISO, focusing on the need for pragmatism and effective communication with various stakeholders across the business. - Strategies for integrating security into the development process from the outset, ensuring that security requirements are established early in projects. - The dual impact of AI on cybersecurity, enhancing defenses while also providing attackers with tools to craft more convincing phishing attempts. - Proactive measures for identifying vulnerabilities, including routine vulnerability scans and regular penetration testing to uncover potential weaknesses before exploitation. - The significance of understanding business goals and aligning security initiatives with organizational objectives to maintain productivity and customer satisfaction. - The challenges of negotiating with various stakeholders, balancing security needs with operational requirements and budget constraints within the organization. - The necessity of continuous learning and adaptability in the fast-paced cybersecurity landscape, especially in the context of cloud and DevOps environments. - The role of encryption and data anonymization in protecting sensitive information and ensuring compliance with privacy regulations in the transportation sector.

29 min

Tout afficher (14)

5

sur 5

4 notes

Welcome to the Ahead of the Breach, the podcast dedicated to equipping security experts and practitioners with the knowledge and insights needed to excel in the future of cybersecurity. Join us as we explore innovative strategies, emerging trends, actionable takeaways to help security leaders stay ahead.

Création

Sprocket
Années d’activité

2024 - 2025
Épisodes

14
Classification

Tous publics
Copyright

© Copyright 2024 All rights reserved.
Site web de l’émission

Ahead of the Breach