Lake Street El

OWASP is the Open Web Application Security Project. A global group set to provide developers and security professionals the tips and best practices in application development. There is more to the OWASP Top 10 than good coding practices. This is an introduction episode to a new mini-series that will go over each of the Top 10 items.

https://www.owasp.org/index.php/Main_Page

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

Moving to the cloud has many pros and cons for a business. One growing misconception is the amount of security a cloud provider will provide. In most cases the perimeter is protected but you are still responsible for your application and data. Don't overlook this. This episode goes into the details.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

We conclude the Critical Security Control series with number twenty. Penetration tests. You have all the other controls in place, your teams running with synergy, and you are protected. Now you need to prove it through testing. Actively, and in a controlled manner, you need to test your controls. This episode talks about the last control and why Penetration Tests are the final step in a mature security program.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Wordpress is one of the top blogging platforms. It's freely available, easy to install and a prime target for hackers. Vulnerabilities in the Wordpress core and plugins are found every day. If you do not stay on top of your Wordpress installation you could lose your website or be hacked and used to host malicious files and webpages without your knowledge. This episode goes into why you need to monitor and update your Wordpress installations.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Continuing in the Critical Security Controls we are at number nineteen. Incident Response. Now that you have all the tools, policies and procedures in place what do you do with the alerts? How you respond to an incident is vital and makes your investments worthwhile. This episode goes over this control

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Verizon suffered another leak of sensitive data from an unsecured Amazon Web Bucket. This time it was an internal employee that used the bucket for business purposes but outside Verizon policies. This shows you how easy it is to have a major leak. Anyone with a credit card can open a web service and begin to use it without the knowledge of a business. This is Shadow IT, lurking in the shadows, keeping the business in the dark. This episode goes into this risk every business faces.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

The next control in the Critical Security Controls is number 18, Application Security. Even though 50% of all attacks are against the application less than 1% of all security spending is on application security. This episode goes into the details of this control and what it takes to address it. 

End of line.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

;

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

In the wake of the Equifax breach, criminals will use this for new scams. Telephone calls claiming to help you fix your credit problems, emails stating you accounts will be closed from the breach, and so on. The only way to protect yourself and others from falling for these fraudulent scams is to be aware of them, be skeptical and understand how legitimate banks and government agencies work.

Don't trust email, always question phone calls and never, ever give out any account information over the phone. Hang up and call the banks directly, don't click on email links and if you are unsure stop and ask, email me and I can help. 99% of the time it will be fake.

It's better to hesitate and ask, than click and be wrong.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Twitter - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

Podcast RSS - http://securityinfive.libsyn.com/rss

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

Email - contactme@binaryblogger.com

Next to social engineering the number one targets for hackers are the applications. Complex components, each with their own unique configurations and patches, all being poked for holes. Application's are the gateway to the data and yet as an industry application security is still far behind in the list of priorities. 

This episode goes into application security, development cycles and continual scans and reviews of your critical applications. Deploy and forget is no longer an acceptable practice. 

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Twitter - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

Podcast RSS - http://securityinfive.libsyn.com/rss

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

Email - contactme@binaryblogger.com

Breaches are unfortunate events but you need to look at them objectively and learn from them. The security profession works when you observe and learn from others missteps. The Equifax breach could be a catalyst for an overhaul the industry needs to better protect itself. 

This episode talks about protecting the data. Putting more focus on how we store, process and move data around. Thinking about the data architecture differently to avoid mass amounts of data to be taken so easily. 

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Twitter - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

Podcast RSS - http://securityinfive.libsyn.com/rss

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

Email - contactme@binaryblogger.com

The Equifax breach will be looked at for years. What went wrong? How could this have happened? There will be many answers given, some will be right others will be wrong. As a security professional anything that spurs discussion and a review of your own environment is a positive thing. Improving your security program, even a little bit, is better than nothing. 

This episode goes over vulnerability management and paying closer attention to the CVE Critical ratings. Prioritization is a skill as a security professional. There are times when you need to stop everything to address an issue and other times that can be scheduled into your routine.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Twitter - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

Podcast RSS - http://securityinfive.libsyn.com/rss

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

Email - contactme@binaryblogger.com

The Equifax breach is one of the largest and most dangerous breaches so far. The reason this breach could be damaging for years to come is the data that was stolen. Unlike credit cards that can be cancelled, your PII data doesn't change. How our financial systems are setup the data is all you need to do real financial damage.

This episode covers what you can do as an individual to protect your financial accounts, your identity and how to remain aware of the future threats that will come from this breach.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Twitter - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

Podcast RSS - http://securityinfive.libsyn.com/rss

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

Email - contactme@binaryblogger.com

Using a personal VPN for your devices is something everyone should invest in. It keeps your data more secure, anonymous and another benefit is to keep the net neutral. Internet Service Providers are beginning to skirt the rules and throttle traffic, downgrade video quality and monitor where you go. This episode goes into how using a VPN can keep your Internet use fair and free from outside meddling.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Twitter - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

Podcast RSS - http://securityinfive.libsyn.com/rss

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

Email - contactme@binaryblogger.com

This episode talk about business authorization and use of access within a business. Just because your employees have access to do their job, that does not necessarily mean they can use that access whenever they want. There is a distinction between authorized use and abuse of use. 

You can have a breach with someone that has legitimate access but abuses it. Listen to hear how this happens.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Twitter - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

Podcast RSS - http://securityinfive.libsyn.com/rss

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

Email - contactme@binaryblogger.com

Continuing with the Critical Security Controls Top 20 we are at number seventeen. This control talks about Security Awareness and education efforts in your business. Security is only successful when others understand and can recognize threats and have the basic knowledge of security controls. There's a reason most major regulations require security awareness programs, this episode goes into why.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Twitter - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

Podcast RSS - http://securityinfive.libsyn.com/rss

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

Email - contactme@binaryblogger.com

The Equifax breach was the largest to date. As anyone in the security profession should do on a regular basis is learn from other's mistakes. As details emerge on all the components that lead to Equifax's failure, we can use those to improve our own programs. This episode goes into the importance of patching your systems and when you should.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Twitter - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

Podcast RSS - http://securityinfive.libsyn.com/rss

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

Email - contactme@binaryblogger.com

The Equifax breach is one of the largest thus far. Unlike other breaches this one could be far more damaging for people who had their data stolen. It comes down to the type of data that was lost. This episode covers why this could be dangerous for everyone for years to come. 

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Twitter - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

Podcast RSS - http://securityinfive.libsyn.com/rss

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

Email - contactme@binaryblogger.com

Continuing in the Critical Security Controls Top 20 we are at number sixteen. This control covers Account Monitoring. This episode goes over the difference between a review and monitor process and what you can look out for to help you with this control.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Twitter - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

Podcast RSS - http://securityinfive.libsyn.com/rss

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

Email - contactme@binaryblogger.com