Loading...
0
Cyber Security & Cloud Podcast
Welcome to the Cyber Security & Cloud Podcast #CSCP where we will explore the dark secret of cloud and cyber. The podcast focuses on people and their stories and explores the human element that brings so many people together Some episode will be for the well-seasoned cybersecurity veteran but most are about stories of infosec people and how they reach where they are now. The focus and various stream of the podcast is Cybersecurity, Cloud Security, Application Security Social Engineering, and community building...more
Francesco Cipollone
All Episodes (89)
-
1. CSCP S01E09 - Grant Ongers - AppSec Devsecops and OWASP
CSCP is bringing back season 1 in a newly remastered version.
Grant Ongers is on the Global Board of Directors at OWASP Foundation and has spent his entire career in DevSecOps. Grant is also the co-founder of Secure Delivery and speak with Francesco and co-host, Zoe, about DevSecOps, mentoring, and OWASP. Grant says DevSecOps is actually just DevOps done right
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:46 Introducing Grant
2:00 Conversation
2:35 Positive message
3:45 Career background
5:50 DevSecOps
9:45 CISO and CIO
11:05 Mentoring
15:55 OWASP
20:00 Valuable resources
23:10 Communication
26:00 Joining OWASP and mission
37:40 Closing words
38:15 Outro
Grant Ongers
Twitter @rewtd
https://www.linkedin.com/in/rewtd/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Oct 10,2021 38:15 -
2. CSCP S01E08 - Vandana Verma - Part 2 - Appsec & Diversity Talk
CSCP is bringing back season 1 in a newly remastered version.
This is the second part of the interviews with Vandana Verma,
Vandana Verma is a Security Relationship Leader for SNYK, an advocate for women and girls in AppSec, and on the board of OWASP. Francesco and Vandana discuss the best way to communicate the importance of security without using scare tactics and the challenges of working with clients around the world.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
In part two with Vandana Verma, the conversation continues on mentoring within the AppSec community, involving more women, and communicating the importance of cybersecurity to web designers and coders. Vandana is a Security Architect, an advocate for women and girls in AppSec, and on the board of OWASP.
0:46 Introduction
1:37 Conversation with Vandana
4:00 Streaming meetings
6:00 Spreading the word
9:04 Women in security
12:05 Mentoring in AppSec
11:20 DevSecOps and governance
20:08 Design and automation
24:52 Final positive message
25:54 Closing words
26:30 Outro
Vandana Verma
Twitter @InfosecVandana
https://www.linkedin.com/in/vandana-verma
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Oct 03,2021 26:30 -
3. CSCP S01E14 - Sam Stepanyan - Part 1 - OWASP AppSec Nettacker and Scaling appsec programmes
CSCP is bringing back season 1 in a newly remastered version.
This is part 1 of the interview with Sam.
Sam Stepanyan is an Application Security Architect and Consultant, an OWASP London Chapter Leader, and a WAF Specialist. Sam joins the podcast to discuss many of the opportunities for young aspiring security professionals, the big picture purpose of OWASP, and the first steps to addressing application security
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:47 Introducing Sam
2:15 Conversation begins
4:10 Positive message
8:10 Purpose of OWASP
10:55 Nettacker
13:40 Asset discovery
15:30 Multi-factor authentication
16:30 Google summer of code
19:49 OWASP top 10
22:46 Capital One and cloud breaches
24:02 Basics of Application Security program
30:00 Outro
Sam Stepanyan
Twitter @securestep9
https://www.linkedin.com/in/samstepanyan/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Dec 12,2021 30:00 -
4. CSCP S01E13 - Chani Simms - Past 1 - vCISO compliance cybersecurity and women in cyber
CSCP is bringing back season 1 in a newly remastered version.
This is part 1 of the interview with Chani.
Chani Simms is the Managing Director and Co-Founder of Meta Defense Labs LTD, a consultant, the Founder of SHe CISO, a TEDx Speaker, and an Award-winning Cybersecurity Leader. Chani shares how she prepared for her TedX talk and her thoughts on emotional intelligence and mental health in the workplace.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Introduction
0:46 Chani’s background
3:00 TEDx talk
8:00 Women in cyber and mental health
10:56 SHe CISO
14:00 Self-esteem
16:00 Emotional Intelligence
19:08 Managing emotion
21:20 Outro
Chani Simms
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Nov 28,2021 27:20 -
5. CSCP S01E13 - Chani Simms - Part 2 - vCISO compliance cybersecurity and women in cyber
CSCP is bringing back season 1 in a newly remastered version.
Chani Simms is the Managing Director and Co-Founder of Meta Defense Labs LTD, a consultant, the Founder of SHe CISO, a TEDx Speaker, and an Award-winning Cybersecurity Leader. Chani shares how she prepared for her TedX talk and her thoughts on emotional intelligence and mental health in the workplace.
This is part 2 with Chani Sims. Chani explains what a Virtual CISO does, the importance of basic cyber hygiene, and the initial steps to becoming a cyber security professional. Chani’s approach to security is to operate on zero trust.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Introduction
0:46 Virtual CISO
5:10 Cyber hygiene
8:55 Starting in cyber
13:24 Assume breach
18:53 Twitter drama
22:10 Closing words
22:50 Out
Chani Simms
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Dec 05,2021 22:50 -
6. CSCP S01E12 - Kevin Fielder - Part 2 - Becoming a CISO
CSCP is bringing back season 1 in a newly remastered version.
This is part two with Kevin Fielder, a CISO, NED, start-up and board advisor, researcher, and speaker based in the UK. Kevin is a CrossFit athlete who values a healthy work-life balance that allows him time for fitness and family. He answers questions about diversity in the workplace, recruiting, and the biggest challenges in his role.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Intro
0:47 Crossfit
4:36 Work-life balance
8:58 Remote working
10:50 Cognitive diversity in cyber
16:05 Working with deaf
17:50 Working under stress
20:35 Recruiter
23:50 Biggest challenge in current role
25:26 Final positive message
28:02 Outro
Kevin Fielder
https://www.linkedin.com/in/kevinfielder/
Twitter @kevin_fielder
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Nov 22,2021 28:02 -
7. CSCP S01E14 - Sam Stepanyan - Part 2 - OWASP AppSec Nettacker and Scaling appsec programmes
CSCP is bringing back season 1 in a newly remastered version.
This is part 2 of the interview with Sam.
Sam Stepanyan is an Application Security Architect and Consultant, an OWASP London Chapter Leader, and a WAF Specialist. Sam joins the podcast to discuss many of the opportunities for young aspiring security professionals, the big picture purpose of OWASP, and the first steps to addressing application security
This is part 2 with Sam Stepanyan, an Application Security Architect and Consultant, the OWASP London Chapter Leader, and a WAF Specialist. Sam encourages everyone in the cyber community to join a local OWASP chapter, network at conferences, and compete in games. He also shares a horror story and a success story from his career.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:47 Threat modelling
3:30 Pen testing
5:19 Cost of security
5:58 Dependency checker
7:55 GitHub community
12:20 Local chapters
14:45 Conferences, competitions, events
18:02 OWASP Zed Attack Proxy (Zap)
20:01 Positive and horror story in security
24:12 Future of cyber
25:45 Outro
Sam Stepanyan
Twitter @securestep9
https://www.linkedin.com/in/samstepanyan/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Dec 19,2021 25:45 -
8. CSCP S01E11 - Tanya Janca - Part 1 - AppSec OWASP Community and diversity
CSCP is bringing back season 1 in a newly remastered version.
This is part 1 of the interview with Tanya Janca.
Tanya Janca is an application security evangelist, a web application penetration tester and vulnerability assessor, trainer, public speaker, ethical hacker, the Co-Leader of the OWASP Ottawa chapter, a best-selling author, and independent consultant, specializing in Cloud Security, DevSecOps, and AppSec. In part 1 of the conversation, Tanya discusses the importance of professional mentorship, getting women involved in cyber security, conferences, online communities, and overcoming her fear of public speaking.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Intro
0:47 Introducing Tanya
1:55 Conversation begins
7:08 Women in security
13:35 Conference
17:26 Online community
18:30 Days as a software developer
20:55 Women in OWASP
24:20 Public speaking
26:48 WoSec
27:30 Outro
Tanya Janca
Twitter @shehackspurple
https://www.linkedin.com/in/tanya-janca/?originalSubdomain=ca
https://www.womenofsecurity.com
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Nov 01,2021 27:00 -
9. CSCP S01E11 - Tanya Janca - Part 2 - AppSec OWASP Community and diversity
CSCP is bringing back season 1 in a newly remastered version.
This is part 2 of the interview with Tanya Janca. In this episode, Tanya shares her passion for WoSec, her decision to leave Microsoft, giving back to the community, encouraging women to get involved in cyber security, and defines DevSecOps.
Tanya Janca is an application security evangelist, a web application penetration tester and vulnerability assessor, trainer, public speaker, ethical hacker, the Co-Leader of the OWASP Ottawa chapter, a best-selling author, and independent consultant, specializing in Cloud Security, DevSecOps, and AppSec.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Intro
0:47 WoSec
4:08 Cyber ladies in Israel
13:03 Leaving Microsoft
14:30 Mentoring Monday
17:10 Future of AppSec
24:18 Issues at conferences
27:25 What is DevSecOps
36:35 Final positive message
37:17 Outro
Tanya Janca
Twitter @shehackspurple
https://www.linkedin.com/in/tanya-janca/?originalSubdomain=ca
https://www.womenofsecurity.com
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Nov 08,2021 37:00 -
10. CSCP S01E12 - Kevin Fielder - Part 1 -Becoming a CISO
CSCP is bringing back season 1 in a newly remastered version.
This is part 1 of the interview with Kevin.
Kevin Fielder is a CISO, NED, start-up and board advisor, researcher, and speaker based in the UK. In part one of the interviews, Kevin discusses his approach to recurring and hiring new talent for junior cyber security roles, managing and leading teams with both junior and senior talent, and his own career trajectory
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Intro
0:47 Introducing Kevin
2:06 Career in cyber
5:30 Favorite area/role
7:30 Recruiting junior roles
12:00 Balancing junior and senior talent
16:09 Managing teams and technical jargon
21:16 Story leading teams
24:55 Cloud-Native DevOps
28:35 DecSecOps and engagement
Kevin Fielder
https://www.linkedin.com/in/kevinfielder/
Twitter @kevin_fielder
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Nov 15,2021 28:35 -
11. CSCP S01E10 - Jim Manico - AppSec OWASP and DevSecOps
CSCP is bringing back season 1 in a newly remastered version.
Jim Manico is the Founder and Secure Coding Instructor at Manicode Security, a member of OWASP, and an AppSec enthusiast. In part 1 of this lively conversation, they discuss Netflix, automated security, and the complex problem of fixing legacy software.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:46 Introducing Jim
2:15 Conversation begins
5:15 Painful problem of AppSec
10:10 Security and money
11:20 Security testing
12:05 Privacy laws
14:50 Automated/integrated security
15:45 DevSecOps
18:06 Netflix
19:40 OWASP
20:50 Java
26:10 Outro
Jim Manico
Twitter @manicode
https://www.linkedin.com/in/jmanico/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Oct 18,2021 26:10 -
12. CSCP S01E10 - Jim Manico - Part 2 - AppSec OWASP and DevSecOps
CSCP is bringing back season 1 in a newly remastered version.
This is part 2 of the interview with Jim Manico. Jim and Francesco address some of the criticisms of OWASP, discuss what makes a chapter great, and the future of cyber security.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Intro
0:27 Fixing the legacy problem
7:00 Critics of OWASP
13:00 OWASP can’t be tamed
16:26 Order VS chaos
22:20 What makes a chapter great
24:04 Final positive message
26:18 Closing words
26:54 Outro
Jim Manico
Twitter @manicode
https://www.linkedin.com/in/jmanico/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Oct 24,2021 26:54 -
13. CSCP S01E08 - Vandana Verma - Part 1 - Appsec & Diversity Talk
CSCP is bringing back season 1 in a newly remastered version.
This is the second part of the interviews with Vandana Verma,
Vandana Verma is a Security Relationship Leader for SNYK, an advocate for women and girls in AppSec, and on the board of OWASP. Francesco and Vandana discuss the best way to communicate the importance of security without using scare tactics and the challenges of working with clients around the world.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:46 Introduction
2:08 Conversation with Vandana
4:05 Importance of AppSec
8:10 Avoid scare tactics
9:20 Fix bugs early
13:44 Working globally with different cultures and timezones
16:46 Best ways to communicate
18:55 OWASP
22:40 Closing words
23:10 Outro
Vandana Verma
Twitter @InfosecVandana
https://www.linkedin.com/in/vandana-verma
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Sep 26,2021 23:01 -
14. CSCP S01E07 - Allan Alford - Part 1 - CISO Talk, starting in cyber and basic 10 cyber steps to get started
CSCP is bringing back season 1 in a newly remastered version.
This is the first part of 2 interviews with Allan Alford, Delivery CISO at NTT data and now CISO at TrustMAPP a cybersecurity startup like AppSec Phoenix
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
Allan Alford is an experienced CISO living in Texas. In part 1 of Francesco’s interview with Allan Alford, they discuss multi-factor authentication, the role of CISO, and getting started in cybersecurity. Logical and critical thinking skills are important to work in tech, but equally so are soft and people skills, like communication, leadership, and public speaking.
1:21 Part 1 with Allan
2:30 Masters
3:16 Advice on security awareness
4:23 Multi-factor authentication
7:35 Consumer pressure for security
8:35 Kinds of CISO
10:50 Communication and leadership skills
15:34 Hiring and learning of the job
17:51 Closing words
18:20 Outro
Allan Alford, CISO, Host of Cyber Ranch Podcast
Twitter @AllanAlfordinTX
https://allanalford.com/the-cyber-ranch-podcast
https://hackervalley.com/cyberranch/
https://www.linkedin.com/in/allanalford/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Sep 12,2021 18:20 -
15. CSCP S01E07 - Allan Alford - Part 2 - CISO Talk, starting in cyber and basic 10 cyber steps to get started
CSCP is bringing back season 1 in a newly remastered version.
This is the second part of the interviews with Allan Alford, Delivery CISO at NTT data and now CISO at TrustMAPP a cybersecurity startup-like AppSec Phoenix
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
Allan Alford is an experienced CISO living in Texas. In part two, Allan Alford answers listener questions about getting involved in Cybersecurity, his path to becoming a CISO, he lists the pros and cons of earning an MBA, and stresses the importance of networking and mentoring. They also discuss how video gaming and role-playing games can translate to real-life leadership skills.
0:45 Recap of Part 1
1:47 Part 2 with Allan
2:20 Balancing MBA with work and life
3:10 Do you need MBA to be a CISO
7:35 Formal mentoring
11:11 Typical path to CISO
13:55 Certifications
19:28 Curiosity and video games
23:08 Final positive message
25:04 Closing words
25:40 Outro
Allan Alford, CISO, Host of Cyber Ranch Podcast
Twitter @AllanAlfordinTX
https://allanalford.com/the-cyber-ranch-podcast
https://hackervalley.com/cyberranch/
https://www.linkedin.com/in/allanalford/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Sep 19,2021 25:40 -
16. CSCP S01E06 - Greg van Der Gaast - Part 1 - Leadership and authority in cyber
CSCP is bringing back season 1 in a newly remastered version.
This is the first part of 2 interviews with Greg
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
Greg van der Gaast is a CISO, the author of "Rethinking InfoSec,” an international speaker, people enthusiast, and is passionate about creating information security programs that work. Francesco and Greg discuss the importance of communication skills and being personable in the tech field. In order to avoid a toxic and hostile work environment, everyone needs to have a better attitude, think human-first, and stay calm.
1:30 Part 1 with Greg van der Gaast
2:46 Experiences in cyber
7:04 Risk management
10:15 Being personable
11:37 People, process, technology
13:05 Avoid toxic work environments
20:17 Closing words
20:40 Outro
Greg van der Gaast
Twitter @SidewaysGreg
https://www.linkedin.com/in/gregvandergaast/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Aug 22,2021 25:00 -
17. CSCP S01E06 - Greg van Der Gaast - Part 2 - Leadership and authority in cyber
CSCP is bringing back season 1 in a newly remastered version.
This is the second part of 2 interviews with Greg
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
In part 2 of Francesco’s interview with Greg van der Gaast, they discuss the challenges of working in the cyber security industry and how communicating more clearly and calmly can solve some of those issues. They speculate why security breaches happen and share the appropriate way to react when they do. Greg van der Gaast is a CISO, the author of "Rethinking InfoSec,” an international speaker, people enthusiast, and is passionate about creating information security programs that work.
1:30 Part 1 with Greg van der Gaast
2:46 Experiences in cyber
7:04 Risk management
10:15 Being personable
11:37 People, process, technology
13:05 Avoid toxic work environments
20:17 Closing words
20:40 Outro
Greg van der Gaast
Twitter @SidewaysGreg
https://www.linkedin.com/in/gregvandergaast/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Aug 30,2021 30:00 -
18. CSCP S01E05 - Jane Frankland - Part 1 - Women in Cyber and Leadership
CSCP is bringing back season 1 in a newly remastered version.
This is the First interview with Jane, a returning guest in season 2
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
Jane Frankland is an award-winning cybersecurity entrepreneur, author, consultant, keynote speaker, women’s activist, and market influencer. Jane shares her journey going from being a fashion designer to starting a successful tech company. Francesco and Jane discuss the challenges of breaking into tech, entrepreneurship, starting a business, living in the fourth industrial revolution, and diversity and inclusion in the industry.
1:15 Introducing Jane Frankland
5:20 How Jane got into cybersecurity
6:54 Penetration testing
9:45 Risks of starting a tech business
14:20 Challenges breaking into tech
19:33 Leveraging design skills
23:30 Importance of community
24:05 Abundance mindset
25:40 Women in tech
29:10 Outro
Jane Frankland
Twitter @JaneFrankland
https://www.linkedin.com/in/janefrankland/
https://www.youtube.com/user/JaneFranklandTV
CSCP Links
Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/ You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Aug 08,2021 29:10 -
19. CSCP S01E05 - Jane Frankland - Part 2 - Women in Cyber and Leadership
CSCP is bringing back season 1 in a newly remastered version.
This is the second interview with Jane, a returning guest in season 2
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
Jane Frankland and Francesco continue the conversation about inclusion, diversity, and supporting women in cybersecurity and tech, a male-dominated industry. Jane Frankland is an award-winning cybersecurity entrepreneur, author, consultant, keynote speaker, women’s activist, and market influencer
1:30 Part 2 with Jane Frankland
5:36 Listener question— tips for implementing change
11:35 Supporting women in tech
15:08 Doing the right thing
17:55 Creating an appropriate and safe workplace
19:45 HR protects company
23:30 Inclusion of people with intellectual disabilities
26:30 Final positive message
28:23 Closing words
28:50 Outro
Jane Frankland
Twitter @JaneFrankland
https://www.linkedin.com/in/janefrankland/
https://www.youtube.com/user/JaneFranklandTV
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Aug 15,2021 28:50 -
20. CSCP S01E04 - P1 - Shamane Tan - Risk Executive, Cybersecurity & Asia Pacific
CSCP is bringing back season 1 in a newly remastered version
We explore with Shamane the cybersecurity market in Australia, events running, and the diversity subject without holding back. Hear this first part of the interview before jumping onto the next one :)
We have all heard about the talent shortfall in cybersecurity and the worrying number of jobs that remain unfilled so we talk about how we can attract and retain staff to the industry and what we can all do to nurture talent.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
This is the FIRST part of the two interviews with Shamane Tan an executive advisor at Privasec. Shamane is the organizer of the Cyber Risk meetup that exploded in popularity in Australia and now counts many locations. Shamane is also the author of a renowned book on Cybersecurity Risk with interviews with many C level execs. Also Shamane has been speaking at TedX
Bio
Shamane is passionate about Cyber Risk. She holds a Bachelor of Computer Engineering (Hons) and enjoys the challenge of keeping up to date with the constant evolution of technology & Cyber trends. As Privasec's APAC Executive Advisor, she desires to use her business mindset coupled with her Computer Engineering background, to help businesses bridge their gaps between technical and business spheres. In this day and age, it is crucial for companies to have in place strong & effective governance to protect their current infrastructure/ services. Throughout her career, Shamane has partnered directly with CISOs, CTOs, and Global Heads of IT, Infrastructure and Security to help both enterprises to smaller companies in APAC in their growth strategy. As the author of 'Cyber Risk Leaders' and international speaker, Shamane has frequently been invited to speak on various topics; some recent examples include:- CISO insights from around the globe- The world of the Board Directors- Befriending the Hacker- The Influencers' secret to building key relationships
You can reach Shamane at: https://www.linkedin.com/in/shamane/
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/ You can listen this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Bringing Back Season 1All episodes of season 1 are available at: https://www.youtube.com/playlist?list=PLmfEooB4S-vXZ3OsFRrgqd9rIvd99oqI7
Aug 01,2021 30:00 -
21. CSCP S01E04 - P2 - Shamane Tan - Executive, Risk, CISO, and Books
CSCP is bringing back season 1 in a newly remastered version.
This is the second interview with shamane on the subject of risk and Cyber in Australia
We explore with Shamane the cybersecurity market in Australia, events running, and the diversity subject without holding back. Hear this first part of the interview before jumping onto the next one :)
We have all heard about the talent shortfall in cybersecurity and the worrying number of jobs that remain unfilled so we talk about how we can attract and retain staff to the industry and what we can all do to nurture talent.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
This is the FIRST part of the two interviews with Shamane Tan an executive advisor at Privasec. Shamane is the organizer of the Cyber Risk meetup that exploded in popularity in Australia and now counts many locations. Shamane is also the author of a renowned book on Cybersecurity Risk with interviews with many C level execs. Also, Shamane has been speaking at TEDx
Bio
Shamane is passionate about Cyber Risk. She holds a Bachelor of Computer Engineering (Hons) and enjoys the challenge of keeping up to date with the constant evolution of technology & Cyber trends. As Privasec's APAC Executive Advisor, she desires to use her business mindset coupled with her Computer Engineering background, to help businesses bridge their gaps between technical and business spheres. In this day and age, it is crucial for companies to have in place strong & effective governance to protect their current infrastructure/ services. Throughout her career, Shamane has partnered directly with CISOs, CTOs, and Global Heads of IT, Infrastructure and Security to help both enterprises to smaller companies in APAC in their growth strategy. As the author of 'Cyber Risk Leaders' and international speaker, Shamane has frequently been invited to speak on various topics; some recent examples include:- CISO insights from around the globe- The world of the Board Directors- Befriending the Hacker- The Influencers' secret to building key relationships
You can reach Shamane at: https://www.linkedin.com/in/shamane/
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/ You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Bringing Back Season 1All episodes of season 1 are available at: https://www.youtube.com/playlist?list=PLmfEooB4S-vXZ3OsFRrgqd9rIvd99oqI7
Aug 01,2021 33:00 -
22. CSCP S01E03 - P1 - Lisa Forte - Social Engineering - Police to Private
CSCP is bringing back season 1 in a newly remastered version
This is the first of 2 episode conversation with Lisa Forte
We have all heard about social engineering but as Lisa explains it can be so much simpler than we all think and how virtually every conversation could put you in danger .......
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
This episode is broken down into two parts, this is the first part of the interview with Lisa Forte a social engineer and a fellow Italian. Lisa grew through the rank of police and then took social engineering into the commercial world.
The episode is full of stories and will keep you gripping to your chair to know more. The second episode will follow.
Bio
Lisa forte is a partner at Red Goat Cyber Security, Keynote Speaker, Vlogger, Won the “Top 100 Women In Tech” Award, Social Engineering & Insider Threats expert
As a winner of the "Top 100 Women In Tech" Award I am passionate about cybersecurity, social engineering and most importantly helping organisations establish effective and lasting cultural change amongst staff. Lisa is an established keynote speaker and gets hired to speak around the world sharing my stories and experiences of social engineering, cybercrime and wargaming. Lisa is a passionate and energetic public speaker too recently appearing at conferences such as IPExpo Europe; London Law Expo; Voxxed Days; International Security Expo; MarineTech China and Secure Computing Dublin. Lisa also does a lot of pro-bono security work for the NHS and various charities and care deeply about helping the communities we live in becoming more aware of the growing threat.
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://cybercloudpodcast.com
You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Jul 25,2021 30:00 -
23. CSCP S01E03 - P2 - Lisa Forte - Social Engineering - Police to private
CSCP is bringing back season 1 in a newly remastered version
This is the second of 2 episode conversation with Lisa Forte
We have all heard about social engineering but as Lisa explains it can be so much simpler than we all think and how virtually every conversation could put you in danger .......
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
This episode is broken down into two parts, this is the first part of the interview with Lisa Forte a social engineer and a fellow Italian. Lisa grew through the rank of police and then took social engineering into the commercial world.
The episode is full of stories and will keep you gripping to your chair to know more. The second episode will follow.
Bio
Lisa forte is a partner at Red Goat Cyber Security, Keynote Speaker, Vlogger, Won the “Top 100 Women In Tech” Award, Social Engineering & Insider Threats expert
As a winner of the "Top 100 Women In Tech" Award I am passionate about cybersecurity, social engineering and most importantly helping organisations establish effective and lasting cultural change amongst staff. Lisa is an established keynote speaker and gets hired to speak around the world sharing my stories and experiences of social engineering, cybercrime and wargaming. Lisa is a passionate and energetic public speaker too recently appearing at conferences such as IPExpo Europe; London Law Expo; Voxxed Days; International Security Expo; MarineTech China and Secure Computing Dublin. Lisa also does a lot of pro-bono security work for the NHS and various charities and care deeply about helping the communities we live in becoming more aware of the growing threat.
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://cybercloudpodcast.com
You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Jul 25,2021 30:00 -
24. CSCP S01E02 - Chris Hodson - Becoming a CISO with the head in the Cloud
CSCP is bringing back season 1 in a newly remastered version
Chris will join us in the new season 3 in recording
We talk all things Leadership, Risk Compliance with Chris Hodson CISO at Tanium
After 17 years in cybersecurity, as well as talking all things cyber, Chris talks about the route he took to become a CISO and opens up on how to communicate with others in a similar position.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
Chris is a CISO with 20 years of experience working in technology roles. I build and run security organisations that help companies reduce IT and cybersecurity risk.Chris served as a trusted advisor to executives and board members, helping them define well-balanced strategies for managing risk and improving business outcomes. I've worked as a CISO, architect, designer, engineer and DPO for market-leading companies in the energy, retail, media, technology and financial services industries.
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://cybercloudpodcast.com
You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Jul 24,2021 40:00 -
25. CSCP S01E01 - Daniel Card - From architect to hacker
CSCP is bringing back season 1 in a newly remastered version
In this episode, we talk about all things cyber, from how to establish yourself in the industry and how not being allowed to play Doom when he was just eight years old led Daniel to become a hacker and eventually embark on a career in cybersecurity. Daniel is a hacker by day and by night, creator of the pwndefend CTF, Hackermouse, and many other CTFs. He is also a massive supporter of the community and one of the first to participate in the podcast
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
Bio:
Daniel is an experienced technology and security consultant and he is a mix between technical and business skills. Daniel founded Xservus as a boutique consulting services organisation that uses modern approaches to tackle the security challenges of the organizationDaniel is a very active member of the cybersecurity community on Twitter and well known for disrupting status quo and demystifying LinkedIn sales pitches
You can find Daniel in discord, ranting on Twitter or working with friends in the community on CTF challenges, threat intelligence or random security research adventures. I also write on itsm.tools focusing on IT leadership and security!
Daniel also founded and helped the covid cyber response team and featured in a number of articles
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://cybercloudpodcast.com
You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Jul 12,2021 59:00 -
1. CSCP S02E44 - S2E44 AA-RE-CC-AR - Season 2 Finale - Hacking podcast around the world
We reached the milestone of 50 Episodes on season 4 and celebrated with a live with 3 podcasts around the world. This is the recorded session of the live.
Francesco Cipollone interview three hosts of cyber podcasts— Chris Cochran of Hacker Valley Studio, Allan Alford of Cyber Ranch Podcast, Ashish Rajan of Cloud Security Podcast. The four discuss the labour of love for podcasting, hacks for growing an audience, dream guests, post-process, most memorable episodes, and scouting bigger and bigger guests. All agree that passion and consistency are key to having a successful podcast.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
0:00 Intro
0:47 Introducing Chris, Allan, Ashish
3:45 How similar are App Sec and Cloud Sec
4:03 Chris’s past year podcasting
5:48 Allan’s past year podcasting
7:16 Ashish’s past year podcasting
9:52 Behind the scenes
17:46 Passion and consistency
19:26 Post-process and editing
24:45 Most memorable episodes
32:08 Perks of having a podcast
35:55 Ambitions, goals, dreams guests
37:34 Business side of cyber security
41:32 Scouting guests
51:09 How to connect and final positive message
57:17 Outro
Chris Cochran— Host of Hacker Valley Studio
https://hackervalley.com Twitter @chriscochrcyber https://www.linkedin.com/in/chriscochrancyber/
Allan Alford— Host of Cyber Ranch Podcast
https://allanalford.com/the-cyber-ranch-podcast https://hackervalley.com/cyberranch/ Twitter @AllanAlfordinTX https://www.linkedin.com/in/allanalford/
Ashish Rajan— Host of Cloud Security Podcast https://www.cloudsecuritypodcast.tv Twitter @hashishrajan
Francesco Cipollone— Cyber Security and Cloud Podcast #CSCP #cybermentoringmonday cybercloudpodcast.com Twitter @FrankSEC42
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://cybercloudpodcast.com
Jun 27,2021 57:38 -
2. CSCP S02E43 - Sam Stepanyan - Hacking Owasp and Nettacker stories
Sam Stephanyan is an independent applications security consultant and Chapter Leader of OWASP London. Sam explains the history and purpose of OWASP (The Open Web Application Security Project), a non-profit that outlines the Top 10 security concerns. Francesco and Sam also discuss Nettacker, virtual hackathons and meetups, and the various ways to explain to developers the importance of security.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
0:28 Introducing Sam Stepanyan
2:00 OWASP
4:32 Progress in security
12:16 Security at startups
14:15 Tools to explain security to developers
17:10 Rapid threat modelling
25:00 Open source tools
31:10 OWASP meetups and hackathons
27:14 Nettacker
41:55 Google Summer of Code paid internship
50:53 Final positive message
51:54 Connecting with Sam
52:24 Outro
Sam Stepanyan
Twitter securestep9
https://securestep9.medium.com
https://www.linkedin.com/in/samstepanyan/?originalSubdomain=uk
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://cybercloudpodcast.com
Apr 24,2021 52:24 -
3. CSCP S02E42 - Karla Reffold - Supply Chain Attacks and Solarwind
Karla Reffold is the COO for Orpheus, the founder of BeecherMadden, and a contributor at Forbes. Francesco and Karla discuss supply chain issues, the recent Solarwind attack and the consequences, recent security breaches, and privacy concerns while working from home.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
0:28 Introducing Karla
2:13 Cybersecurity Advice
3:15 Solarwind attack & Supply chain issues
8:30 Security soft skills
12:47 Breaking stereotypes of professions
19:16 Work from home privacy concerns
23:07 Risk management maturity
27:52 Final Positive Message
29:40 Outro
Karla Reffold
Twitter @karla_reffold
https://www.linkedin.com/in/karlareffold/
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://cybercloudpodcast.com
Apr 18,2021 29:40 -
4. CSCP S02E41 - Guy Podjarny - Security vs DEV - Fireside Chat with the Snyk CoFounder
Guy Podjarny is the Co-Founder and President at Snyk, who’s focused on securing open-source code. Guy is an author, speaker, podcaster, ex-CTO at Akamai, founder of Blaze, and a startup advisor and investor. Francesco and Guy discuss the state of the industry, what it means to be empathetic and empowering, and how to create a fantastic company culture.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
0:28 Introducing Guy
4:50 State of the industry
8:10 App Sec VS Cloud-Native App Sec
11:45 Shifts in cybersecurity
17:00 Empathy, service, and empowerment
24:50 Snyk
30:22 Vulnerability management
37:48 Journey from CTO to Security
41:45 Company culture
46:14 Diversity in cybersecurity
47:30 Final Positive Message
49:38 Outro
Guy Podjarny
Twitter @guypod
https://www.linkedin.com/in/guypo/?originalSubdomain=uk
https://snyk.io The Secure Developer Podcast https://www.devseccon.com/the-secure-developer-podcast/
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://cybercloudpodcast.com
Apr 11,2021 49:38 -
5. CSCP S02E40 - Eddie Jaude - Security vs DEV P2 - The revenge of the DEV
Eddie Jaude is an Open Source expert, the GitHub Star 2020, a passionate DevRel, and a YouTuber with 18,000+ subscribers. Eddie and Francesco continue their conversation about how security and developer teams can work better together. They also discuss Eddie’s growing online community and the importance of diversity and inclusion in the industry.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
0:38 Introducing Eddie Jaoude
3:55 Mentoring
6:50 COVID effects on Eddie’s community
10:20 Collaboration first, code second
22:10 Building a positive online presence
26:40 Diversity and inclusion
37:15 Outro
Eddie Jaude
Twitter @eddiejaoudehttps://www.youtube.com/c/eddiejaoude/about https://www.eddiejaoude.io/?r_done=1 https://www.eddiejaoude.io/ Instagram @eddiejaoude
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://cybercloudpodcast.com
Apr 02,2021 37:00 -
6. CSCP S02E38 - Craig Ford - From Architect to hacker
Craig Ford author of a Hacker I am, an architect turned into a hacker. Craig talks about cybersecurity, industry, working together as well as covering the basics and beginning in the cloud and cybersecurity
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
Mar 28,2021 31:00 -
7. CSCP S02E38 - Aj Yawn - I Declare war on boring compliance
AJ Yawn is LinkedIn’s Top Voice 2020, a Veteran, and the Co-Founder and CEO at ByteCheck whose goal is to “make compliance suck less.” AJ shares what it takes to be a successful entrepreneur, taking calculated risks, and why you need to start taking advantage of LinkedIn right now before it’s too late!
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
0:38 Introducing AJ Yawn
3:57 Overview of the industry
7:06 Compliance and automation
10:50 From consulting to entrepreneur
13:35 Leaving the cooperate world
26:10 Networking on LinkedIn
33:00 Final Positive Message
47:00 Outro
AJ Yawn
https://www.linkedin.com/in/ajyawn/
https://www.infosecurity-magazine.com/profile/aj-yawn/ https://www.bytechek.com
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://cybercloudpodcast.com
Mar 21,2021 47:00 -
8. CSCP S02E37 - Martin Knobloch - And that is how you start in cyber
Martin Knobloch is a Global AppSec Strategist at Micro Focus and the Chapter Leader of OWASP (Open Web Application Security Project) in the Netherlands. OWASP provides free resources and tools in the field of web application security. Francesco and Martins discuss the challenges of working with DevOps and the importance of writing secure code from the start of a project. Don’t fix the symptoms, fix the cause.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30-day licence quoting CSCP https://landing.securityphoenix.com/alpha
0:38 Introducing Martin Knobloch
2:40 OWASP
9:00 Challenges with DevOps
21:05 Advice for security professionals
26:30 Need for regulation
31:00 Communicating code
37:55 SKF- Security Knowledge Framework
43:28 Final Positive Message
43:36 Outro
Martin Knobloch @knoblochmartin
https://owasp.org/www-board-candidates/martin_knobloch https://www.linkedin.com/in/martin-knobloch/?originalSubdomain=nl
OWASP SFK Security Knowledge Framework https://owasp.org/www-project-security-knowledge-framework/
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://cybercloudpodcast.com
Mar 14,2021 43:36 -
9. CSCP S02E36 - Michael Fraser - From Airforce combat to Cyber combat
Michael Fraser is the Co-founder, CEO, and Chief Architect at Refactr, a Seattle-based DevSecOps software startup. He is an Air Force Veteran, serial entrepreneur, and expert in cloud and cybersecurity. They discuss their concern and apprehension around low code, no code, and citizen developers.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appsecsmart
https://www.securityphoenix.com get a free 30 day licence quoting CSCP https://landing.securityphoenix.com/register-phoenix
0:38 Introducing Michael Fraser
6:55 Interest in security and IT
11:20 Impact of pandemic
13:38 Automation
20:05 Vulnerability Mangement
22:30 Citizen developer
32:10 Low code
38:30 Final Positive Message
41:10 Outro
Michael FraserTwitter- @itascodehttps://www.linkedin.com/in/itascode/
Refactrhttps://www.refactr.it @RefactrIThttps://www.linkedin.com/company/refactr/
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://cybercloudpodcast.com
Mar 06,2021 32:00 -
10. CSCP S02E35 - Caleb Sima - tell me more about your pentest patent
Caleb Sima started his first tech company at only nineteen years old and is currently the VP of Security at Databricks. Caleb is a technologist at heart but had to learn how to manage people as his career progressed. Caleb shares his insights on the industry, no-code tools, and venture capitalism.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appsecsmart
0:38 Introducing Caleb Sima
5:06 Starting Spy Dynamics
9:43 Venture capitalism
14:04 Getting hired at Databricks
20:35 Cybersecurity and Machine Learning
24:15 Zero-trust and cloud authorization
27:45 Hyper-growing Silicon Valley tech company
32:00 No-code capability
38:29 Risk management
40:50 Final Positive Message
43:36 Outro
Caleb SimaTwitter @csimahttps://www.linkedin.com/in/calebsima/ https://github.com/csima Cyber Security and Cloud Podcast
#CSCP#cybermentoringmondayHTTP://cybercloudpodcast.com
Feb 28,2021 43:36 -
11. CSCP S02E34 - Ian_Murphy - That line is too light let me make it blunt.mp3
Ian Murphy is the Vice President of LMNTRIX and CEO CyberOff. Ian has been working in the industry for over 30 years and his goal is to make Cyber Security a little less dull. Ian shares his early interest in computers and how he’s seen the industry grow and change.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appseceasy
0:38 Introducing Ian Murphy
3:45 Covid-related security
7:55 Being authentic and human
14:45 Making social media videos
19:06 Early interest in computers
24:00 Best way to learn
27:44 Tinkerer vs hacker
29:56 Advise to newbies
39:26 Final Positive Message
40:15 Outro
Ian MurphyTwitter @CyberIanUKhttps://www.linkedin.com/in/ianmurphy/?originalSubdomain=uk https://www.lmntrix.com https://cyberoff.co.uk
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://www.cybercloudpodcast.com
Feb 21,2021 40:15 -
12. CSCP S02E33 - Jake Moore - Google how do i Hide a body?
Jake Moore formerly worked for the Dorset Police in the Cyber Crime & Digital Forensics Department. He is now the spokesperson for ESET and a Cyber Security Specialist. In this episode, Francesco and Jake discuss paying ransoms, the security threats raised by the pandemic, and investigating murderer’s laptops.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appseceasy
0:38 Introducing Jake Moore
5:30 Putting a face to a company
6:40 Phishing and Smishing
10:56 Psychology Myers-Briggs
14:11 Working for the police
17:00 Working during the pandemic
24:00 To pay or not to pay the ransom
28:45 Investigating murder
39:28 Final Positive Message
40:20 Outro
Jake MooreTwitter @Jake_MooreUKhttps://jakemoore.uk https://www.linkedin.com/in/jakecyber/
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayHTTP://www.cybercloudpodcast.com
Feb 14,2021 40:20 -
13. CSCP S02E32 - Shasha Rosenbaum - Github does it again with CodeQL- find out cyber and dev
Sasha Rosenbaum is a Sr. Product Manager at GitHub, former developer, and the organizer of the DevOps Days conference. Francesco and Sasha vent some the frustrations of explaining security threats to developers and engineers who are more focused on creating and coding. Sasha also explains about GitHub’s CodeQL, a semantic code analysis engine. Note FYI sasha now has migrated to redhat.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appseceasy
0:38 Introducing Sasha Rosenbaum
3:10 Communicate security issues
10:32 GitHub CodeQL
15:15 Security starts with developers and engineers
19:40 Test-able code is better
26:55 Demystifying, not fear mongering
31:02 Biggest frustrations in security
36:22 Final Positive Message
37:44 Outro
Sasha RosenbaumTwitter @DivineOpsOrganizer @DevOpsDaysChiLinkedin: https://www.linkedin.com/in/sasha-rosenbaum/https://www.sasharosenbaum.com
Cyber Security and Cloud Podcast
#CSCP #cybermentoringmonday http://cybercloudpodcast.com
Feb 07,2021 37:44 -
14. CSCP S02E31 - Sarah Young - Did that really happen in Microsoft Azure Cloud
Working in New Zealand, Sarah Young is the Senior Program Manager for Azure Security at Microsoft. Sarah shares her insights on the cybersecurity industry— mainly that there is not enough understanding of how cloud platforms work, evenamong tech professionals! Sarah also speaks on being a woman in this male-dominated industry.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appseceasy
0:38 Introducing Sarah Young
6:30 Security is not about saying no
8:30 View of the cybersecurity industry
13:00 Cloud Adoption
18:45 Microsoft vs other cloud providers
22:34 How Azure works
30:38 Women in Cybersecurity
35:56 Outro
Sarah Young
Twitter- @_sarahyo
Co-host of @AzureSecPod
Linkedin: Sarah Young Linkedin
Cyber Security and Cloud Podcast
#CSCP #cybermentoringmonday cybercloudpodcast.com
Feb 01,2021 35:56 -
15. CSCP S02E30 - Sian John - Microsoft cloud and a bit of history
Sian John is the EMEA Director of Cybersecurity Strategy at Microsoft for regions outside the US. Sian and Francesco discuss the Shared Responsibility Model, just how secure the cloud is, Office 365, and some of the internal challenges of cybersecurity.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appseceasy
0:38 Introducing Sian John
3:05 Working at Microsoft
7:22 Shared Responsibility Model
9:00 COVID-19 effects on VPM
13:48 Regulators and GDPR fines
20:40 Detecting breaches in security
24:00 Preventing identity theft and security attacks
35:11 Diversity in cybersecurity
40:26 Final Positive Message
41:30 Outro
Sian John
Twitter @sbj24
https://www.linkedin.com/in/sian-john/?originalSubdomain=uk
Cyber Security and Cloud Podcast
#CSCP #cybermentoringmonday http://cybercloudpodcast.com
Jan 25,2021 40:00 -
16. CSCP S02E29 - Richard Greenberg - CISO Healthcare Community OWASP and ISSA
Richard Greenberg is the founder and CIO of Security Advisor LLC, speaker, advisor, and founder of the ISSA-LA Women in Security Forum. Richard is always looking on the bright side and sees failures and challenges as opportunities.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appseceasy
0:41 Richard Greenberg background
4:55 Volunteering at ISSA-LA
9:05 Day to day changes during COVID
10:50 Cyber Security advice
15:30 Learning from failures
25:35 Assessments and pen testing
34:50 Challenges of CISOs
38:40 Final Positive Message
39:30 Outro
Links
Richard Greenberg
Twitter @RAGreenberg
http://rgreenberg.blogspot.com
https://www.linkedin.com/in/richardagreenberg/
https://www.iheart.com/podcast/the-ron-burgundy-podcast-30270227/episode/cybersecurity-47951911/
Cyber Security and Cloud Podcast
#CSCP #cybermentoringmondayhttp://cybercloudpodcast.com
Jan 18,2021 32:00 -
17. CSCP S02E28 - Road to the stars with Ashley Taylor from analyst to...
Ashley Taylor, a returning guest, is an information security professional and third level analyst. Having recently started a new position in a large organization, she shares how she stays calm during stressful incident response situations.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appseceasy
0:41 Ashley Taylor’s new position1:55 View of the industry5:32 Hacktivism9:20 Incident Response11:22 Social Engineering13:50 Cloud Security15:45 Focus on basics18:23 Going back to school24:34 Keeping calm under attack26:28 Funny story28:30 Positive message30:25 Outro
LinksAshley TaylorTwitter @Infosec_Taylorhttp://ashleytaylor.tech https://www.linkedin.com/in/ashleydtaylor/
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://www.cybercloudpodcast.com
Jan 16,2021 32:00 -
18. CSCP S02E27 - Kim Crawley - Ransomware Infosec Blogging and Pentesting
Kim Crawly is an Infosec writer, researcher, and cybersecurity blogger for AT&T. Kim discusses Android VS Apple, the state of the cybersecurity industry, how she got into writing, and her upcoming book.
The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appseceasy
0:41 Kim Crawly’s background8:02 Kim’s interest in technology9:35 Paying ransomware12:24 Rise of malicious cryptominers and modular malware14:38 Cloud Security18:35 Blogging24:10 Did we make technology too easy27:06 Security and usability29:34 Android VS IOS32:20 Starting a career in cybersecurity38:55 Online conferences42:36 Final Positive Message44:30 Outro
LinksKim CrawleyTwitter @kim_craweleyhttps://www.amazon.com/Kim-Crawley/e/B08L723KHY Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://www.cybercloudpodcast.com
Dec 06,2020 44:00 -
19. CSCP S02E02 - Charity Wright - Dark Web, Army and Intelligence
Charity Wright is a USA army vet and Chinese linguist who transitioned from working in the military to a private intelligence security company. Charity’s exciting career in cybersecurity involves going undercover on the dark web and recovering stolen information. Francesco and Charity discuss some of the ethical dilemmas faced while taking down cybercriminals.
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.
0:41 Charity Wright’s military background2:20 Transition to the private security sector10:50 Changes in the intelligence field14:35 Job of a cyber threat analyst18:00 Going undercover on the dark web25:10 Ethical dilemmas34:40 Conferences38:20 Working for an international company39:57 Perspective on Chinese security43:37 Disinformation46:30 Effects of working from home52:56 Positive message53:46 Closing
LinksCharity WrightTwitter @CharityW4CTIhttps://www.crunchbase.com/person/charity-wright
Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayhttp://www.cybercloudpodcast.com
Nov 29,2020 56:54 -
20. CSCP S02E25 - Chris Hadnagy - History of social Engineering
Chris Hadnagy is the Cheif Human Hacker of social-engineer.com, an author, TedTalker, top social engineer, and a sponsor of Innocent Lives Foundation. Chrisshares how he is helping to lock up child abusers and the human history of hackingand scams. He urges young people to consider a career in cybersecurity so thatcompanies can remain safe.
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.
1:00 Introducing Chris Hadnagy3:30 Innocent Life Foundation14:43 Reporting security vulnerabilities in companies18:25 Human history of scams and hacking24:52 Increase in phishing, vishing, and smishing37:44 “I told you so” learning moment42:20 Starting a career in social enginnering46:42 Final Positive Message50:24 Closing
LinksChris HadnagyTwitter @humanhackerhttps://www.social-engineer.com https://en.wikipedia.org/wiki/Christopher_J._Hadnagy https://www.innocentlivesfoundation.org Cyber Security and Cloud Podcast#CSCP#cybermentoringmondayHTTP://cybercloudpodcast.com
Nov 22,2020 52:24 -
21. CSCP S02E24 - Adam Shostack - Threat Modelling past and future_mixdown
In this episode, Francesco and Adam Shostack discuss application security and threat modelling.Adam is the author of Threat Modeling: Designing for Security. He helped create CVE(Common Vulnerabilities and Exposure) and is on the review board for Black Hat. Heencourages coders and computer engineers to work smarter, not harder.
The podcast is brought to you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.
1:00 Introducing Adam Shostack6:00 CVE (Common Vulnerabilities and Exposure)9:46 Finding satisfaction in a job in security15:00 Frameworks and static analysis21:22 Threat Modeling24:50 Work smarter, not harder29:12 Documentation in DevOps34:08 4 questions in Threat Modeling41:32 Positive Message
LinksAdam Shostackhttps://adam.shostack.org Twitter @adamshostackhttps://threatmodelingbook.com https://www.blackhat.com
Cyber Security and Cloud Podcast#CSCPhttp://cybercloudpodcast.com #cybermentoringmonday
Nov 15,2020 41:00 -
22. CSCP S02E23 - Geoffrey Hill - Threat Modellingand Banter
In this episode, we have the pleasure to speak with Geoffrey Hill an experience and fellow devsecops expert, inventor of Tuamantic and the rapid threat modelling methodology.
In this episode, we discuss the path of Geoffrey from financial, to dev, to security. Geoffrey and Francesco have an in-depth conversation about threat modelling and the “application security mafia.”
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.
1:00 Introducing Geoffrey Hill9:33 Rapid threat modelling13:53 Kill chain16:06 Probability vector17:09 Black-Scholes model23:44 Benefits and values of threat modelling29:44 Application Security is sexy now30:30 Shift to the cloud37:30 Positive Message41:30 Closing
LinksGeoffrey HillTwitter @GHill_securityhttp://www.artis-secure.com/about.html https://www.linkedin.com/in/geoffrey-hill-61b7bb/ Cyber Security and Cloud Podcast
#CSCP#AskInfoSeccybercloudpodcast.com#cybermentoringmonday
Nov 09,2020 41:30 -
23. CSCP S02E22 - Jenny Radcliffe - Social Engineering with the Human Hacker
Jenny Radcliffe AKA the “People Hacker,” is the Queen of Social Engineering, and host ofHuman Factor Security Podcast joins Francesco for an in-depth discussion on her career path inSocial Engineering.
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.
1:00 Introducing Jenny Radcliffe2:38 State of the Industry4:56 What makes a Social Engineers10:46 Starting a career in Social Engineering16:45 Childhood memories26:34 Teaching Social Engineering29:21 Body Language and NLP35:00 Connecting with Jenny37:08 Final Positive Message
LinksJenny RadcliffeTwitter @Jenny_Radcliffehttps://humanfactorsecurity.co.uk
Cyber Security and Cloud Podcast#CSCPcybercloudpodcast.com#cybermentoringmonday
Nov 02,2020 37:00 -
24. CSCP S02E21 - Cyberstu - Community Social Engineer and OSINT
Oct 26,2020 31:00 -
25. CSCP S02E18 - Ray(redacted) - Old School community and podcast with Ray
Ray Redacted is an InfoSec Researcher and Technologist at a global firm that does connectivity andcybersecurity services. He’s also the host of Tribe of Hackers Podcast. He shares how he started his career in cybersecurity and his own security recommendations.
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.
Notes:
1:00 Introducing Ray and Tribe of Hackers Podcast15:46 Origin story Ray Redacted24:12 Ray’s professional career and “machine learning”28:38 Started a career in cybersecurity30:20 Shifts in the industry causing security concerns33:00 Phishing43:46 Security recommendation and pie hole46:19 Facebook is evil49:58 PCI55:57 Migration to cloud10:8:23 Positive Message10:09:30 Closing
LinksRay [Redacted][email protected] Security and Cloud Podcast
#CSCP#AskInfoSechttp://www.cybercloudpodcast.com #cybermentoringmonday
Oct 19,2020 01:10:00 -
26. CSCP S02E17 - Matt Stamper - Wartime Ciso risk across the globe
Francesco had the honour to be joined by Matt Stamper an early riser, inspiration and published author as well as cybersecurity personality.
Matt was so kind to get Francesco a signed copy of the Books and when he was stranded in LA due to covid he had them shipped, he was a hero!
Matt Stamper is a CISO (Certified Information Systems Auditor) and Executive Advisor at EVOTEKand one of the authors of CISO Desk Reference Guide, A Practical guide to CISO. Francesco and Mattdiscuss the difference in privacy laws in Europe and the US. They also discuss the factors a CISO should consider when weighing a risk decision.
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.
1:00 Introducing Matt Stamper3:36 Current state of the cybersecurity industry6:23 Role of the CISO10:22 Rise in ransomeware13:00 Avoiding distractions16:46 Risk Decisions19:16 Integrity and transparency23:34 European vs US Privacy laws31:40 Barrier for entry, compliance concerns35:11 Social Engineering29:24 Postive message42:13 747 Enterprise46:40 Closing
LinksMatt StamperTwitter @mattstamperCISOhttps://hmgstrategy.com/network/people/matt-stamper
Cyber Security and Cloud Podcast
#CSCPhttp://cybercloudpodcast.com #cybermentoringmonday
Oct 12,2020 46:00 -
27. CSCP S02E16 - Gary Hayslip - Peacetime CISO in covid times
Francesco had the honour to be joined by Gary an inspiration and published author as well as cybersecurity personality.
Gary Hayslip is the Chief Information Security Officer at Investment living in San Diego and part of the San Diego cybersecurity community.
Gary is a gamer extremely discipled learner and loves technology, sharing his insights from his long and accomplished career in cybersecurity.
Gary shares in this episode how business has changed since COVID and what a wartime CISO does in peacetime and how to return to normality
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.
1:00 Introducing Gary Hayslip3:50 Giving back and riding work/life balance7:17 COVID effects on business11:30 Security concerns working from home15:40 Preventing hacks and breaches20:26 Adjusting to working from home31:49 Stories of application security34:15 Advice to a new executive36:29 Advice to students and young professionals41:32 Mentorship44:48 Final positive thought on cybersecurity
LinksGary HayslipTwitter @ghaysliphttps://www.linkedin.com/in/ghayslip/
Cyber Security and Cloud Podcast#CSCPhttp://www.cybercloudpodcast.com
Oct 05,2020 44:00 -
28. CSCP S02E15 - Allan Alford - Wartime CISO in covid times
In this Episode of the CSCP i have the pleasure to have back one of the amazing guest Allan Alford.
Allan Alford is a veteran CISO, author, speaker, and co-host of the Defense in Depth Podcast in Texas.Francesco and Allan discuss the many changes companies are facing during COVID. The companies with the most prepared BCP and IT teams have adjusted the smoothest into remote working, but there are still security concerns and challenges being out of the office.
Podcast Breakdown1:00 Introducing Allan Alford4:05 State of the Cybersecurity Industry8:47 Telehealth11:05 Zoom16:34 Need for perimeters23:37 Preparedness for COVID31:36 Predictions about companies going back, going back to work, working remote42:45 Positive Message on cybersecurity46:08 Closing
LinksAllan Alfordhttps://allanalford.com Twitter @AllanAlfordinTXhttps://www.linkedin.com/in/allanalford/ https://cisoseries.com
Cyber Security and Cloud Podcast#CSCPcybercloudpodcast.com#cybermentoringmonday
Oct 04,2020 46:00 -
29. CSCP S02E14 - Eddie Jaude - Security vs Developer - round 1
This episode of Cyber Security and Cloud Podcast features GitHub Star, Eddie Jaoude. Francesco andEddie talk about the importance of clear and direct communication between clients and developers and the importance of updating code. There are many complexities in coding to ensure security and prevent hacking down the line.
1:52 Eddie’s background5:32 Background in Open Source and GitHub10:25 More than just good code12:20 Eddie’s coding horror story22:28 Cost of bad communication29:37 Issues and opportunities of Open Source32:10 Two factor authentication39:48 T-shaped learning43:46 Final positive message
LinksEddie JaoudeTwitter @eddiejaoudehttps://github.com/eddiejaoude https://www.youtube.com/eddiejaoude?sub_confirmation=1 https://www.linkedin.com/in/eddiejaoude/?originalSubdomain=uk
Cyber Security and Cloud Podcast#CSCPcybercloudpodcast.com#cybermentoringmonday
Sep 21,2020 43:46 -
30. CSCP S02E13 - Philippe De Ryck - Appsec world with Philippe
EpisodeIn this episode, we talk with Dr. Philippe De Ryck a seasoned appsec expert, an inspiration and a fantastic educator, we dive in all things application security. Philip is based in Belgium and he trains developers to protect companies through better web security. Philippe founded Pragmatic Web Security and is passionate about educating others on secure software.
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience. NSC42 Ltd can help you during your cloud transformation, cybersecurity assessment for your compliance checklist on-premises and on the cloud. Want to know more? Visit www.nsc42.co.uk to get your free quote. 0:37 Career and background4:00 State of the cybersecurity industry8:08 Cheat Sheets and Resources10:00 Training, Cyber Mentoring Monday13:03 Explaining Application Security to customers16:40 Training developers on security27:11 Treating customer data as if it’s your own35:11 Learning through experience38:55 Final positive message
Links Philippe De Ryck
https://courses.pragmaticwebsecurity.com https://twitter.com/philippederyck https://pragmaticwebsecurity.com
https://www.linkedin.com/in/PhilippeDeRyck/
Cyber Security and Cloud Podcast#CSCPwww.cybercloudpodcast.com #cybermentoringmonday Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/ Twitter: https://twitter.com/podcast_cyber Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Sep 14,2020 44:00 -
31. CSCP S02E12 - Emma Heffernan - Starting in Cyber
EpisodeIn this episode, we talk with Emma Heffernan on how she started in Cybersecurity, the benefit of the community (OWASP and Twitter) and what to do to take the career to the next level.
You can find Emma On Linkedin: https://www.linkedin.com/in/emma-heffernan/ or on Twitter https://twitter.com/3mm4h3ff
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience. NSC42 Ltd can help you during your cloud transformation, cybersecurity assessment for your compliance checklist on-premises and on the cloud. Want to know more? Visit www.nsc42.co.uk to get your free quote. BIO:A big supporter of the Irish cybersecurity movement having assisted & attended many conferences and events, some of which include helping with the running of the ZeroDaysCTF, volunteering for BSidesDublin a community-driven framework for information security community members, she is an active participate in the STEM Aspire Mentoring programme with Dell EMC. Also, the Call for Papers Team Lead & Program team organiser for OWASP Global AppSec Eu, adding that she is also a volunteer for the Dublin Chapter which consists of monthly meetups etc.
Short BioFrancesco is a Public Speaker, out of the box thinker. Francesco is a passionate advocate for security in development and has pushed for more involvement of dev. Francesco is also a keen passionate of Cloud security. Francesco is the Executive director of NSC42 Ltd a UK based cybersecurity consultancy. As an executive, he loves to stay close to the technology but to keep it simple. Francesco is data and result-driven Cyber Security Executive/vCISO highly regarded for planning and executing strategic infosec improvement programs that protect data and technical assets, reduce security risks, and align with long-term organisational goals. Francesco is a keynote speaker, Head of the Cloud security alliance UK, and Director of the cybersecurity consultancy NSC42 Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463
Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/ Twitter: https://twitter.com/podcast_cyber Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Sep 07,2020 43:00 -
32. CSCP S02E011 - Clint Gibler - Appsec Community Conferences and resources
In this episode, we have the pleasure to talk with a friend and an inspiration. Clint is one of the nicest and most knowledgeable person I had the pleasure to chat. This concludes...for now...the series on Appsec.
Clint is a seasoned appsec and with his role in NCC Group and the collaboration in silicon valley has explored numerous subject. We met in Appsec Cali where Clint has given an amazing talk on all the tools (you can see the link below).
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience. NSC42 Ltd can help you during your cloud transformation, cybersecurity assessment for your compliance checklist on-premises and on the cloud. Want to know more? Visit www.nsc42.co.uk to get your free quote.
Clint Gibler (@clintgibler) is the Head of Security Research for r2c, a small startup working on giving security tools directly to developers. Previously, Clint was a Research Director at NCC Group, a global security consulting firm, where he helped companies implement security automation and DevSecOps best practices as well as performed penetration tests for companies ranging from large enterprises to new startups. Clint has previously spoken at conferences including BlackHat USA, AppSec USA/EU/Cali, BSidesSF, and DevSecCon Seattle/London/Tel Aviv/Singapore. Clint holds a Ph.D. in Computer Science from the University of California, Davis. Want to keep up with security research? Check out *tl;dr sec*, Clint's newsletter that contains summaries of artisanally curated, top talks and useful security links and resources from around the web. https://tldrsec.com/
Francesco is a Public Speaker, out of the box thinker. Francesco is a passionate advocate for security in development and has pushed for more involvement of dev. Francesco is also a keen passionate of Cloud security. Francesco is the Executive director of NSC42 Ltd a UK based cybersecurity consultancy. As an executive, he loves to stay close to the technology but to keep it simple. Francesco is data and result-driven Cyber Security Executive/vCISO highly regarded for planning and executing strategic infosec improvement programs that protect data and technical assets, reduce security risks, and align with long-term organisational goals. Francesco is a keynote speaker, Head of the Cloud security alliance UK, and Director of the cybersecurity consultancy NSC42
Shows Links:Here are some of the links I referenced, for ease of inclusion in the show notes:* https://tldrsec.com/ * My BSidesSF slides: https://docs.google.com/presentation/d/1lfEvXtw5RTj3JmXwSQDXy8or87_BHrFbo1ZtQQlHbq0/edit (updated version of the AppSec Cali talk) * See slide 153 for more links/details about scaling threat modelling* What I Learned Watching All 44 AppSec Cali 2019 Talks: - mega summary blog post - https://tldrsec.com/blog/appsec-cali-2019/ * Lessons Learned from the DevSecOps Trenches - some good DevSecOps tips - https://tldrsec.com/blog/appsec-cali-2019-lessons-learned-from-the-devsecops-trenches/ * https://github.com/returntocorp/semgrep - the lightweight static analysis tool I was talking about * My new company: https://r2c.dev/ * So people can connect after *
Aug 10,2020 40:00 -
33. CSCP S02E10 - John Kinsella - Appsec Weekly, Startups and Security
In this episode, we continue the chat on application security. Frank and John had a lovely conversation on Appsec, Startup and silicon valley. John is a seasoned entrepreneur and startupper. We cover the application security and the debate, what reasonable and practical and of course application security weekly.
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience. NSC42 Ltd can help you during your cloud transformation, cybersecurity assessment for your compliance checklist on-premises and on the cloud. Want to know more? Visit www.nsc42.co.uk to get your free quote.
John Kinsella was a Silicon Valley entrepreneur until recently – moving up to Seattle in March. His background started in operations, then engineering, then consulting, then startups – almost always with a focus on computer security. Most recently he cofounded Layered Insight, which was acquired by Qualys in 2018. He ran their container security engineering until earlier this year, and he’s now scheming what’s next. He’s passionate about open source and the security community. He co-founded the Silicon Valley chapter of the Cloud Security Alliance, has been active on several CSA working groups, and from time to time mentors individuals and advises startups when he feels he can provide value.
Francesco is a Public Speaker, out of the box thinker. Francesco is a passionate advocate for security in development and has pushed for more involvement of dev. Francesco is also a keen passionate of Cloud security. Francesco is the Executive director of NSC42 Ltd a UK based cybersecurity consultancy. As an executive, he loves to stay close to the technology but to keep it simple. Francesco is data and result-driven Cyber Security Executive/vCISO highly regarded for planning and executing strategic infosec improvement programs that protect data and technical assets, reduce security risks, and align with long-term organisational goals. Francesco is a keynote speaker, Head of the Cloud security alliance UK, and Director of the cybersecurity consultancy NSC42
Social Media Links Follow us on social media to get the latest episodes:Website: www.cybersecuritycloudpodcast.com You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ
Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/ Twitter: https://twitter.com/podcast_cyber Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Bringing Back Season 1All episodes of season 1 are available at: https://www.youtube.com/playlist?list=PLmfEooB4S-vXZ3OsFRrgqd9rIvd99oqI7
Aug 03,2020 44:00 -
34. CSCP S02E09 - Tanya Janca - Appsec and Diversity
In this episode, we talk with the unique Tanya Janca she hacks purple. Tanya Janca launched she hack purple some time ago and now launched the new line of more inclusive training We Hack Purple. Tanya is a friend and a reference figure for appsec around the globe.
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience. NSC42 Ltd can help you during your cloud transformation, cybersecurity assessment for your compliance checklist on-premises and on the cloud. Want to know more? Visit www.nsc42.co.uk to get your free quote. Tanya Janca, also known as ‘SheHacksPurple’, is the founder, security trainer and coach of https://SheHacksPurple.dev, specializing in software and cloud security. Her obsession with securing software runs deep, from starting her company, to running her own OWASP chapter for 4 years in Ottawa, co-founding a new OWASP chapter in Victoria, and co-founding the OWASP DevSlop open-source and education project. With her countless blog articles, workshops and talks, her focus is clear. Tanya is also an advocate for diversity and inclusion, co-founding the international women’s organization WoSEC, starting the online #MentoringMonday initiative, and personal mentoring, advocating for and enabling countless other women in her field. As a professional computer geek of 20+ years, she is a person who is truly fascinated by the ‘science’ of computer science.
Francesco is an Executive, Public Speaker, out of the box thinker. Francesco is the Executive director of NSC42 Ltd a UK based cybersecurity consultancy. As an executive, he loves to stay close to the technology but to keep it simple. Francesco is data and result-driven Cyber Security Executive/vCISO highly regarded for planning and executing strategic infosec improvement programs that protect data and technical assets, reduce security risks, and align with long-term organisational goals. Francesco is a well-known speaker, Head of the Cloud security alliance UK, and Director of the cyber security consultancy NSC42
https://www.shehackspurple.dev/
Social Media Links Follow us on social media to get the latest episodes:Website: www.cybersecuritycloudpodcast.com
Youtube: https://www.youtube.com/SheHacksPurple
You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/ Twitter: https://twitter.com/podcast_cyber Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Jul 27,2020 54:00 -
35. CSCP S02E08 - Chloe Messdraghi - Appsec and Diversity
In this episode, we have the pleasure to speak with Chloé Messdaghi, the person with the most radiant smile in all infosec. Chloe is a tough fighter for representation, diversity and rights. We discuss this and other tough subjects in the podcast together with, of course, cybersecurity and conference. You can find more of Chloe on Twitter and follow her during the uncommon journey in ITSP magazine production.
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience. NSC42 Ltd can help you during your cloud transformation, cybersecurity assessment for your compliance checklist on-premises and on the cloud. Want to know more? Visit www.nsc42.co.uk to get your free quote.
Bio:
Chloé Messdaghi is the VP of Strategy at Point3 Security. She is a security researcher advocate who strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to fight for hacker rights. She is the founder of WeAreHackerz (formally known as WomenHackerz) & the President and co-founder of Women of Security (WoSEC), a podcaster for ITSP Magazine's The Uncommon Journey, and runs the Hacker Book Club.
Twitter https://twitter.com/ChloeMessdaghi
Linkedin: https://www.linkedin.com/in/messdaghi/
Francesco:
Public Speaker, out of the box thinker, Francesco is a passionate advocate for security in development and has pushed for more involvement of dev. Francesco is also a keen passionate of Cloud security. Francesco is the Executive director of NSC42 Ltd a UK based cybersecurity consultancy. As an executive, he loves to stay close to the technology but to keep it simple. Francesco is data and result-driven Cyber Security Executive/vCISO highly regarded for planning and executing strategic infosec improvement programs that protect data and technical assets, reduce security risks, and align with long-term organisational goals. Francesco is a keynote speaker, Head of the Cloud security alliance UK, and Director of the cybersecurity consultancy NSC42.
Social Media Links Follow us on social media to get the latest episodes:Website: www.cybersecuritycloudpodcast.com You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/ Twitter: https://twitter.com/podcast_cyber Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Jul 20,2020 53:53 -
36. CSCP S02E07 - Alyssa Miller - From DEV to Security and DEVOPS
In this episode, we have the pleasure to talk with Alyssa Miller, a developer advocate at Snyk. Alyssa has been advocating for security in the development of environment and talking at many conferences like Appsec Cali, RSA and more. We Explore with Alyssa how every Developer can make the transition into Appsec and Devsecops and how despite the new term a lot of organization were doing this long time ago. if you are in banking you want to listen to the show as we give quite few insight on appsec in the fintech and banking environments
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience. NSC42 Ltd can help you during your cloud transformation, cybersecurity assessment for your compliance checklist on-premises and on the cloud. Want to know more? Visit www.nsc42.co.uk to get your free quote.
As a hacker, Alyssa Miller has a passion for security which she evangelizes to business leaders and industry audiences both through her work as a cybersecurity professional and through her various public speaking engagements. Her goal is to change the way we look at the security of our interconnected way of life and focus attention on defending privacy and upholding trust.Alyssa has always had a driving curiosity to understand how the technology works and how existing technologies can be hacked to function in new ways. At the young age of 12, Alyssa got her start by taking a job as a paper carrier to save up enough money to buy her first computer. From the time she brought that computer home from Best Buy, she has taught herself new skills and pushed the capabilities of digital technologies.
Public Speaker, out of the box thinker, Francesco is a passionate advocate for security in development and has pushed for more involvement of dev. Francesco is also a keen passionate of Cloud security. Francesco is the Executive director of NSC42 Ltd a UK based cybersecurity consultancy. As an executive, he loves to stay close to the technology but to keep it simple. Francesco is data and result-driven Cyber Security Executive/vCISO highly regarded for planning and executing strategic infosec improvement programs that protect data and technical assets, reduce security risks, and align with long-term organisational goals. Francesco is a keynote speaker, Head of the Cloud security alliance UK, and Director of the cybersecurity consultancy NSC42
Jul 13,2020 52:00 -
37. CSCP S02E06 - Tribe of Hackers, Red vs Blue vs Purple & Texans
In this episode, we have the pleasure to talk with Phillip Wylie a Pentester and we explore the path to Pentesting, the difference between Blue and Red team and the good things learned. We also explore the Texas cybersecurity community, the meeting and meetups. We explore the Tribe of Hacker and how it was born and evolved.
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience. NSC42 Ltd can help you during your cloud transformation, cybersecurity assessment for your compliance checklist on-premises and on the cloud. Want to know more? Visit www.nsc42.co.uk to get your free quote.
Phillip Wylie is the Senior Red Team Lead for a global consumer products company, Adjunct Instructor at Richland College, and The Pwn School Project founder. Phillip has over 22 years of experience with the last 8 years spent as a pentester. Phillip has a passion for mentoring and education. His passion motivated him to start teaching and founding The Pwn School Project a monthly educational meetup focusing on cybersecurity and ethical hacking. Phillip teaches Ethical Hacking and Web Application Pentesting at Richland College in Dallas, TX. Phillip is a co-host for The Uncommon Journey podcast. Phillip holds the following certifications; CISSP, NSA-IAM, OSCP, GWAPT. Phillip website: https://thehackermaker.com/The Pwn School Project: https://pwnschool.com/The Uncommon Journey podcast: https://www.itspmagazine.com/the-uncommon-journey-talk-show-podcast-phillip-wylie-chloe-messdaghi-alyssa-miller Twitter: https://twitter.com/PhillipWylieLinkedIn: https://www.linkedin.com/in/phillipwylie/ Francesco is an Executive, Public Speaker, out of the box thinker. Francesco is the Executive director of NSC42 Ltd a UK based cybersecurity consultancy. As an executive, he loves to stay close to the technology but to keep it simple. Francesco is data and result-driven Cyber Security Executive/vCISO highly regarded for planning and executing strategic infosec improvement programs that protect data and technical assets, reduce security risks, and align with long-term organisational goals. Francesco is a well-known speaker, Head of the Cloud security alliance UK, and Director of the cyber security consultancy NSC42. Social Media Links Follow us on social media to get the latest episodes:Website: www.cybersecuritycloudpodcast.com You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/ Twitter: https://twitter.com/podcast_cyber Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/Jul 06,2020 50:00 -
38. CSCP S02E05 - Google Cloud with Andy Kennedy - Compliance by default
Jun 28,2020 59:00 -
39. CSCP S02E04 - Data Driven Social Engineering with Joe Gray
EpisodeIn this episode, we talk with Joe Gray, a resident expert of OSINT and a returning guest on the podcast. Joe has a lot of interests, and we explore some of them in this podcast. We started the conversation on how to get a master at Harvard university, then we moved on Machine learning, Social engineering and how to get a car for cheap
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience. NSC42 Ltd can help you during your cloud transformation, cybersecurity assessment for your compliance checklist on-premises and on the cloud. Want to know more? Visit www.nsc42.co.uk to get your free quote. BIO:Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is currently a Senior OSINT Specialist at Qomplx, Inc. and previously maintained his own blog and podcast called Advanced Persistent Security. Joe is the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge. As a member of the Password Inspection Agency, Joe has placed 2nd in the HackFest Quebec Missing Persons CTF, 5th in the Global Missing Persons CTF IV, both powered by TraceLabs, 2nd in the BSides Atlanta OSINT CTF, and 3rd Place in the 2018 & 2019 NOLACon OSINT CTFs. Joe has independently placed 2nd in the HackFest Quebec SECTF, 4th Place in the DerbyCon OSINT CTF, and 2nd Place in Hacker Jeopardy at Hack in Paris. Joe has contributed material for the likes of TripWire, AlienVault, ITSP Magazine, CSO Online, Forbes, and Dark Reading as well as his own platforms. Joe is the author of a few OSINT tools, such as WikiLeaker and the forthcoming tools DECEPTICON and INTERCEPTICON.
Get his books on Amazon https://www.amazon.com/Joe-Gray/e/B0872CK3S3?ref_=dbs_p_pbk_r00_abau_000000 Francesco is an Executive, Public Speaker, out of the box thinker. Francesco is the Executive director of NSC42 Ltd a UK based cybersecurity consultancy. As an executive, he loves to stay close to the technology but to keep it simple. Francesco is data and result-driven Cyber Security Executive/vCISO highly regarded for planning and executing strategic infosec improvement programs that protect data and technical assets, reduce security risks, and align with long-term organisational goals. Francesco held a number of strategic position ranging from Head of Application Security to Head of Security Architecture. Extensive experience with implementing security across multi-cloud providers (Amazon AWS, Microsoft Azure, Google Cloud). Francesco defines himself as driven to elevate the cybersecurity world one organization at a time, embracing an innovative approach to application security to protect the engineering environment. Recognized as a motivational, influential leader who guides high-performing teams to deliver projects on time and exceeding quality expectations, while instilling a culture of best practices and collaboration. Builds lasting relationships with board members and C-level executives. Delivers education and training to members at all levels of an organisation, building awareness for security initiatives while fostering a common security purpose. Internationally renowned public speaker, with multiple interviews in high-profile publications (eg. Forbes), and an author of numerous books and articles, who utilises his platform to evangelise the importance of cloud security and cutting-edge technologies on a global scale. Social Media Links Follow us on social media to get the latest episodes:Website: www.cybersecuritycloudpodcast.com You can lis
Jun 22,2020 59:00 -
40. CSCP S02E03 - The community and hacking in the hacker valley studio with Ron and Chris
Podcast IntroWelcome to the Cyber Security & Cloud Podcast, the podcast where we learn from the cybersecurity professionals how to secure your cloud code and human.
The Podcast focuses on the stories behind the professionals and the anecdotes, gotcha and other warnings that would help you in your cyber career.
The podcast is focused on people and the human element of cybersecurity
Visit us at www.cybercloudpodcast.com for all the episode and please consider supporting us by leaving a review on Apple Podcast and supporting us at www.patreon.com/cscp so we can continue to bring on amazing guests.
The podcast has the following streams
- CISO, Cybersecurity, Leadership prospective
- Cloud Security
- Application Security
- Social Engineering
- New Starter in Cybersecurity
EpisodeIn this episode, we talk with Ronald and Chris about how important is to build a community around you of like-minded professional.We explore the benefits of podcasting and how you get connection and conversation that normally you would achieve and our passion for a conversation with industry experts
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience. NSC42 Ltd can help you during your cloud transformation, cybersecurity assessment for your compliance checklist on-premises and on the cloud. Want to know more? Visit www.nsc42.co.uk to get your free quote.
BIO:Hacker Valley Is a podcast and community dedicated to hacking/ elevating cybersecurity careers, communities, and individual performance lead by Ron and Chris.
Chris is a cybersecurity professional and leader, with extensive experience building strong cybersecurity programs. I have a deep understanding of risk analysis, threat hunting, and threat intelligence tradecraft across industry sectors and organizations to identify and mitigate attack vectors, trends and cyber threat actors. I am known to be a trusted advisor for security leadership from the boardroom to the SOC floor.
Ron is a leader in security architecture, I assist organizations to scale security controls while reducing complexities that analyst and engineers face. He works closely with analysts, engineers, and enterprise stakeholders to provide production security workflows that are measurable and can grow at scale. Furthermore, I am committed to consistently advocating for team success. I consider myself a lifetime learner who is constantly finding ways to hone my craft in technology.
Francesco is an Executive, Public Speaker, out of the box thinker. Francesco is the Executive director of NSC42 Ltd a UK based cybersecurity consultancy. As an executive, he loves to stay close to the technology but to keep it simple. Francesco is data and result-driven Cyber Security Executive/vCISO highly regarded for planning and executing strategic infosec improvement programs that protect data and technical assets, reduce security risks, and align with long-term organisational goals. Francesco held a number of strategic position ranging from Head of Application Security to Head of Security Architecture. Extensive experience with implementing security across multi-cloud providers (Amazon AWS, Microsoft Azure, Google Cloud). Francesco defines himself as driven to elevate the cybersecurity world one organization at a time, embracing an innovative approach to application security to protect the engineering environment. Recognized as a motivational, influential leader who guides high-perfo
Jun 14,2020 42:00 -
41. CSCP S02E02 - The Adventure of a Lost CISO with Thom Langford
In this episode, we will talk with Thom a great experienced Ciso and now leading the adventure of a Lost CISO or CISO in recovery more. We had a good laugh of the inconsistencies of Infosec, the CISSP (pronounce it the way you want it) and the recent debate (is it a master?).
The podcast is in collaboration with the cloud security alliance UK Chapter and NSC42 Ltd (for more episode visit www.nsc42.co.uk/cscp)
Material and BIO:
Bio: https://thomlangford.com/about-me/
Websites:
Films:
- The Lost CISO: https://www.youtube.com/channel/UCKVpJ0-oKS0hgdLKqBttgdg?view_as=subscriber
- Host Unknown: https://www.youtube.com/channel/UCTwY3LNRujMskBDbQvKoiBw
Guest Bio:
Thom founded (TL)2 Security and works for himself, although he regularly complains about his boss and work culture. As Chief Information Security Officer of Publicis Groupe, Thom was responsible for all aspects of information security compliance, risk compliance and compliance-compliance, as well as managing the Groupe Information Security compliance Programme. Additionally, the role was responsible for business continuity compliance across the Groupe’s global operations, and as a result, Thom buys three of everything.
Having successfully built security and IT programmes from the ground up, before tearing them down, Thom brings an often opinionated and forward-thinking view of security risk compliance, both in assessments and management, but is able to do so with humour (debatable) and pragmatism (mostly). An international public speaker and award-winning security blogger, Thom contributes to whichever industry blogs and publications will feature him.
Thom is also the sole founder of Host Unknown, a loose collective of three infosec luminaries combined into an unremarkable trio to make security education and infotainment films. Thom can be found online at both thomlangford.com and @thomlangford on Twitter.
Host Bio - Francesco Cipollone
I’m Francesco, a Cybersecurity Executive/Chief Information Security Officer (CISO) who specializes in strategy and cloud security. Fueled with passion, curiosity and dissatisfaction for the status quo, I believe in protecting identities in cyberspace and creating a safer, more connected world for future generations.
I'm the director of the Cyber Security Consultancy NSC42 www.nsc42.co.uk
In my spare time, I’d love to give back to the cybersecurity community and I'm a keen contributor. I’m the co-author of several books on network and security and collaborate with a
As part of that, I’ve Director of Events for the Cloud security alliance UK and active member of ISC2. I’ve launched the #MentoringMonday community together with the support of Jane Frankland and Tanya Janca. The mentorship community is inclusive with a focus to empower women in cybersecurity as well as young minds. I am a mentor and coach in the community and I’ve launched the activity in order to help the future generation of cybersecurity expert.
I've delivered effective cybersecurity transformation for my client in Financial services such as Nationwide, Charles Taylor, Capita Asset Management, Link Asset Management.
I've also delivered a cybersecurity improvement programme for different sectors, amongst my clients: United Nations (WFP and FA
Jun 08,2020 40:00 -
42. CSCP S02E01 - The Human Side of an application programme with Andrew Peterson
In this episode, we explore the application security programme and the human element that lead to a successful programme in ETSI marketplace
We have the honour to have Andrew Peterson Co-Founder and CEO of Signal Science
The podcast is in collaboration with the cloud security alliance UK Chapter and NSC42 Ltd (for more episode visit www.nsc42.co.uk/cscp)
Bio:Andrew Peterson is the CEO and Co-Founder of Signal Sciences. Prior to co-founding Signal Sciences, Andrew has been building leading-edge, highly performing product and sales teams across five continents for +15 years with such companies as Etsy, Google, and the Clinton Foundation. In 2016, O’Reilly published his book Cracking Security Misconceptions to encourage non-security professionals to take part in organizational security. He graduated from Stanford University with a BA in Science, Technology, and Society.
Host Bio - Francesco Cipollone
I’m Francesco, a Cybersecurity Executive/Chief Information Security Officer (CISO) who specializes in strategy and cloud security. Fueled with passion, curiosity and dissatisfaction for the status quo, I believe in protecting identities in cyberspace and creating a safer, more connected world for future generations.
I'm the director of the Cyber Security Consultancy NSC42 www.nsc42.co.uk
In my spare time, I’d love to give back to the cybersecurity community and I'm a keen contributor. I’m the co-author of several books on network and security and collaborate with a
As part of that, I’ve Director of Events for the Cloud security alliance UK and active member of ISC2. I’ve launched the #MentoringMonday community together with the support of Jane Frankland and Tanya Janca. The mentorship community is inclusive with a focus to empower women in cybersecurity as well as young minds. I am a mentor and coach in the community and I’ve launched the activity in order to help the future generation of cybersecurity expert.
I've delivered effective cybersecurity transformation for my client in Financial services such as Nationwide, Charles Taylor, Capita Asset Management, Link Asset Management.
I've also delivered a cybersecurity improvement programme for different sectors, amongst my clients: United Nations (WFP and FAO), National Lottery (Camelot), Vodafone, BT, Telecom Italia.
Aug 11,2020 42:00 -
1. CSCP S03E06 - Aladdin Almubayed - Appsec Journey from FAANG to Robinhood
Aladdin Almubayed is the AppSec Engineering Technical Lead at Robinhood, previously a Senior Security Software Engineer at Netflix. After getting his master in Jordan, he moved to Silicon Valley to work at Yahoo. Francesco and Aladdin discuss the evolving industry, fostering positive relationships with developers, and identifying organizations’ crown jewels.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Introduction
0:28 Aladdin’s background
3:40 Masters in Jordan
6:50 Industry past 10 years
7:54 Micro-service architecture
9:44 Work at Netflix
11:08 Work at Robinhood
13:40 Challenges in security
16:00 Security nightmare story
19:40 Security revolution breaking point
21:30 Threat Modeling and Pen Testing
24:50 Creating positive opinion of security
28:36 Quantifying risk
31:26 Positive message
34:40 Connect with Aladdin
35:10 Outro
Aladdin Almubayed
https://www.linkedin.com/in/aladdin-mubaied/
Twitter @0xshellrider
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Feb 13,2022 35:10 -
2. CSCP S03EP21- Alex Sidorenko - Demystifying Cyber Risk Quantification
Alex Sidorenko is an experienced risk manager, the host of Risk Awareness Week, and runs a popular blog and Youtube channel called “Risk Academy.” In 2021, Alex was named the Risk Manager of the Year by FERMA for helping save 13 million dollars in insurance premiums. Today, he breaks down the three layers of risk management— basic, standardized, and advanced. He explains that cybersecurity is still at the basic level because industry professionals haven't figured out how to quantify uncertainty to calculate risk and save money.
The episode is brought to you by Phoenix Security; get in control of your vulnerabilities from code to cloud with the power of Phoenix. ACT Now on the vulnerabilities that matter most and reduce your exposure to modern attacks. See it for yourself. Go to https://www.phoenix.security for a free 14-day licence.
0:00 Introductions
3:50 View on risk
6:36 Science of risk management
12:44 NASA study
14:18 three layers risk management—basic, standardized, advanced
18:15 Generators VS users
22:40 Cybersecurity insurance
30:10 Risk Awareness Week
35:30 Environmental risk
38:41 How to Measure Anything in Cybersecurity
43:20 Capture data
45:56 Final positive message
51:00 Outro
Alex Sidorenko
https://2022.riskawarenessweek.com/
https://linkedin.com/in/alexsidorenko
https://www.youtube.com/channel/UCWE0eYucrQBo1SwKOjbkkSQ
Twitter
Books Mentioned
Superforecasting: The Art and Science of Prediction by Philip E. Tetlock
How to Measure Anything in Cybersecurity by Douglas Hubbard
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
Linkedin: linkedin.com/in/fracipo
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Jan 21,2023 52:30 -
3. CSCP S03EP20- Lester Chng - Table Top Excercises for Cyber Resilience
Lester Chng is a Veteran who transferred his war gaming military skills to the cooperate world. After being a Naval Combat Officer with the Singapore Navy for twelve years, he runs security exercise programs for a North American financial institution. Lester prepares high-level executives for worst-case scenario security crises. He explains that exercises help buy time, space, and brain processing power during a crisis.
The episode is brought to you by Phoenix Security; get in control of your vulnerabilities from code to cloud with the power of Phoenix. ACT Now on the vulnerabilities that matters most and reduce your exposure to modern attacks. See it for yourself go to https://www.phoenix.security for a free 14 day licence
0:00 Introductions
0:28 Military background and current role
2:48 Simulation exercises
6:32 Involving leaders in security
9:04 Ransom 9:50 Advantages of military skills
14:15 A-ha moments
17:08 Damage control
19:00 Structuring exercise
23:30 Internal investments
26:55 Final positive message
31:00 Outro
Lester Chng
https://www.linkedin.com/in/lesterchng/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
Linkedin: linkedin.com/in/fracipo
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Jan 08,2023 31:00 -
4. CSCP S03EP19- Amanda Alvarez - Cloud Dev and SecOps the metrics that matters
Amanda Alvarez is the Senior DevSecOps Engineer at Trace3. Francesco and Amanda met online in a Meetup group called “Let’s Talk Software Security!” Today they discuss building an application security program, managing technical debt, and Amanda’s advice for avoiding burnout as a security professional.
The episode is brought to you by Phoenix Security Cloud; get in control of your vulnerabilities from code to cloud with the power of Phoenix. ACT Now on the vulnerabilities that matters most and reduce your exposure to modern attacks
https://www.appsecphoenix.com to get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Introductions
3:24 State of Industry
4:00 Cloud adoption
6:57 Vulnerability mangement
9:44 AppSec, CloudSec, patch management
12:17 Asset and vulnerability management
19:52 Feedback loop
23:15 Company polities
28:40 Support from leadership
30:30 Positive message
33:30 Get connected
34:40 Outro
Amanda Alvarez
linkedin.com/in/amanda-alvarez-88759ba1
Let’s Talk Software Security!
https://www.meetup.com/lets-talk-software-security/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
Linkedin: linkedin.com/in/fracipo
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Dec 11,2022 34:40 -
5. CSCP S03EP18 - Larry Maccherone - DevSecOps the metrics that matters
Larry Maccherone is a Dev[Sec]Ops Transformation Architect at Contrast Security to create a wave of DevSecOps cultural transformation in software development and cybersecurity communities. He previously worked for five years at Comcast, leading their DevSecOps Transformation initiative. When it comes to software, Larry says security and quality are synonymous. He shares his tips and tricks for getting everyone, especially leadership, committed to security.
The episode is brought to you by AppSec Phoenix Ltd with the Phoenix platform; you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com to get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Introductions
1:26 Software entrepreneurship
4:18 State of the industry
8:20 Security at software startups
9:35 Work at Comcast
11:30 Control and measuring
17:15 SLA’s
22:26 Management involvement
30:18 Key takeaways— mindst
35:50 Final positive message
38:28 Outro
Larry Maccherone
https://www.linkedin.com/in/larrymaccherone/
https://www.transformation.dev/
https://www.contrastsecurity.com/
Twitter @LMaccherone
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Nov 27,2022 38:28 -
6. CSCP S03EP17 - Frank Kim - Unusual Journeys in security
Frank Kim is a security consultant, a startup advisor and investor, and a Fellow and Curriculum Director at SANS Institute. He’s been writing curriculum and teaching for SANS for 15 years, sculpting the next generation of CISO leaders and cloud security experts. Today on the podcast, he shares his thoughts on the industry, the gate vs guardrail mentality, and tips for public speaking.
The episode is brought to you by AppSec Phoenix Ltd with the Phoenix platform; you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com to get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Introductions
2:00 Early career as developer
4:04 Teaching and public speaking
7:50 State of industry
9:58 Rise of cloud and security
11:35 New generation of cyber professionals
13:46 SANS Courses
16:04 Automation and human risks
18:50 Leadership training
21:54 Blueprints for organizations
24:10 Zero trust
26:25 Advice to CISOs
28:55 Prioritize vulnerabilities
34:40 Gates VS guardrails
37:40 Steve Katz
39:40 Final positive message
41:16 Outro
Frank Kim
https://www.linkedin.com/in/frank-kim/
https://www.sans.org/profiles/frank-kim/
Twitter
Mentioned
Steve Katz https://www.securityweek.com/ciso-conversations-steve-katz-worlds-first-ciso
SANS Institue https://www.sans.org
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Nov 13,2022 41:16 -
7. CSCP S03EP16 - Looking Appsec from both side of the coin
Dustin Lehr started his software engineer career, which piqued his interest in cyber security. He is now the Sr. Director of Platform Security at Fivetran and an innovative cyber security leader online, dedicated to bettering the industry. In this podcast, he discusses how companies can build their security teams with new talent that doesn’t have traditional and technical backgrounds. They also discuss the cost of bad security, relationship building, and security championship programs.
The episode is brought to you by AppSec Phoenix Ltd with the Phoenix platform; you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com to get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Introductions
1:28 Early career as a software engineer and DOD
3:12 Quality and security
4:56 State of Industry
7:20 Training and mentoring new talent
12:06 Programs and non-profits growing talent
15:30 Utilizing talent
19:56 Background in psychology and human behaviour
24:40 Security teams must provide value
26:34 Relationship building
28:25 Security tests
31:50 Cost of bad security
36:06 Helping startups
39:50 Final Positive Message
42:36 Outro
Dustin Lehr
https://www.linkedin.com/in/dustinlehr/
Twitter @DustinLehr1
"Let’s Talk Software Security!” on meetup.com
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Oct 30,2022 42:36 -
8. CSCP S03EP15 - Stephanie Dannan - Unusual Journeys in appsec
Stephanie Dannan is an application security all rounder, and the Head of Application Security at Markel. She is a shining example of someone getting into Cyber Security without direct experience in the field and without a robust technical understanding of application development. Her background is in behavioural health, and she got a master's degree in professional counselling. In this episode, Stephanie shares valuable advice for anyone considering a career in cyber security.
The episode is brought to you by AppSec Phoenix Ltd with the Phoenix platform, you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com to get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Introductions
2:40 Unusual journey into cyber security
6:30 Intro to application security
8:30 State of the industry, not enough entry level positions
11:20 Communication with developers
17:44 Technical language barrier, technical or not
20:46 Advise for getting into field
25:14 Funny password story
27:14 Discussing risk
32:22 Final positive message
34:42 Connect with Stephanie
35:50 Outro
Stephanie Dannan
https://www.linkedin.com/in/stephaniedannan/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Oct 16,2022 35:50 -
9. CSCP S03EP14 - Brook Schoenfield - Appsec and History what have we learned so far
Brook Schoenfield is an Elder AppSec Diplomat, the author of seven books about software security and AppSec, a researcher, the builder and leader of four AppSec programs at major tech companies, and a Master Security Architect for consultancies. Brook talks about his long career path, concerns and hopes for the industry, and the importance of threat modelling. There are 27-28 million programmers on Earth, but Brook fears that only a million work in security.
The episode is brought to you by AppSec Phoenix Ltd with the Phoenix Security Cloud Platform, you can make vulnerability management for software and cloud SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com Get access today: https://appsecphoenix.com/demo
0:00 Introductions
4:00 27-28 mil programmers need for security
6:30 No silver bullet in software security
8:55 Brook’s career path into security
13:10 Bugs aren’t going anywhere
15:00 Next generation of InfoSec
21:06 Threat modelling, dynamic risk assessment
26:05 Story of threat modelling
28:06 Threat modelling tools
29:40 Beyond functionality, malicious attackers
32:30 Communicating with management
37:50 Tipping point, integrity
41:56 Final positive message
47:33 Outro
Brook Schoenfield
Linkedin: https://linkedin.com/in/brookschoenfield
Twitter @BrkSchoenfield
Mentioned
https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Linkedin: https://linkedin.com/in/fracipo
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Oct 02,2022 47:33 -
10. CSCP S03EP13 - Walter Haydock - Vulnerabilities and pragmatism where do we start looking
Walter Haydock was a Military Officer and worked on Capitol Hill investigating the Department of Homeland Security before going to business school and eventually getting into cybersecurity. Nowadays, he builds software startup security programs to accelerate sales and renewals. He also runs a blog about the industry and is a Fellow at the Center for Security and Emerging Technology. On the podcast with Francesco, they discuss vulnerability and asset management, tools for security triage, and the future of cybersecurity.
The episode is brought to you by AppSec Phoenix Ltd with the Phoenix platform, you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com to get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Introductions
2:11 Starting in cybersecurity
4:45 Background in government/military
7:30 Crisis management
8:55 4 techniques of risk management
10:40 Vulnerability management
15:30 Communicate risk to leaders
18:30 Are we headed in the right direction
18:50 Exploit Prediction Scoring System (EPSS)
22:22 Tools for triage
26:00 Asset management
28:46 New generation of security professionals
32:00 Qualitative VS Quantitative approach to risk
37:25 Calculating risk 38:16 Three pieces of advice
41:20 Closing words and get connected
42:55 Outro
Walter Haydock
https://www.linkedin.com/in/walter-haydock/
Twitter @Walter_Haydock
Mentioned
Exploit Prediction Scoring System (EPSS)
mend.io
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Sep 25,2022 39:00 -
11. CSCP S03EP12 - Jonathan Slater - Reskilling and starting in cyber
Jonathan Slater is one of three Co-founders at Capslock, a cyber security education start-up tackling the cybersecurity skills gap and helping adults re-skill. CAPSLOCK has raised over £1m pre-seed funding and re-skilled over 200 UK adults in cyber security in 2021.
Jonathan's previous career as a recruiter made him realise there was a gap in the market and he sat down with the other two female co-founders and started capslock.
To note capslock is one of the rare startups, luckily more and more common, that is made for more than 50% by a female cofounder.
The episode is brought to you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
Capslock Team
0.00 Introduction
0.35 Jonathan’s background
1.04 Welcome Jonathan
3.30 The state of the industry
6.30 Education catch up
7.35 The importance of soft skills
10.05 Gender diversity and unconscious bias
16.36 Measuring potential
18.40 Team based learning/diversity of thought
23.00 The curriculum
26.15 Cyber – the multidisciplinary field
27.35 Avoiding career redundancy
29.15 Start-up life
30.24 Working remotely
31.08 Maintaining good mental health
32.48 Positive message
33.50 Conclusion
Jonathan Slater
https://www.linkedin.com/company/capslockukhttps://www.facebook.com/CAPSLOCKCyber/@CAPSLOCKcyber for IG + TwitterCyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Apr 10,2022 33:50 -
12. CSCP S03EP11 - LiRan - Appsec and Open source where do we start
Liran Tal is a Developer, Full stack, who joined forces with security professionals to fight the good battle. Github Star, Published author, DevRel and wearer of Yoda hat (hear more in the podcast)
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0.00 Introduction
0.38 LiRan’s background
1.23 Welcome LiRan
3.10 What’s with the hat?
4.15 Getting involved in the industry/ stumbling across cyber security
6.33 Cyber security is a mindset
7.20 Open source security
10.22 How organisations see through a sea of data
13.16 Infrastructure risk
14.18 The responsibility of a developer
18.41 The true core of DevSecOps – the speed of development
21.06 Risk tolerance/Investing in security
22.58 Quantifying risk
25.28 Security is a must
27.00 A systematic approach to security
30.30 Auto-remediation vs. Manual assessment
34.01 Positive message
35.10 The Big Fix
36.00 Connect with LiRan
36.23 Conclusion
Tinesh Chayya
https://www.linkedin.com/in/talliran/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Mar 27,2022 37:20 -
13. CSCP S03E10 - Tinesh Chayya - Cybersecurity Startups in modern world
Tinesh Chhaya is a cybersecurity specialist, a veteran in the industry and CEO of Decipher Cyber - Jenny. Tinesh has 15 years of successful Chief Revenue Officer/cyber corporate and 5 years of start-up entrepreneurial cyber experience. He has built and exited 2 start-ups and currently sits on the board as an advisor to startups within Cyber, EdTech, Software Development and Social Tech.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0.00 Introduction
0.41 Tinesh’s background
1.39 Welcome Tinesh
2.04 Tinesh’s view on the market
3.10 Cyber security start-ups
5.22 The hot-bed of cyber investment
5.48 4 main areas of cyber searched for
9.55 Differences across the world
12.50 Partnering up with big names
21.34 The mentorship group
22.03 The absence of an accelerator
23.05 Strong community
25.37 The mental struggle
32.08 Failure and resiliency
33.19 Support mechanisms (the importance of a strong team)
35.20 Celebrating successes and failures
36.02 Positive message
37.30 Thank you
37.35 Connect with Tinesh
38.34 Conclusion
Tinesh Chayya
https://www.linkedin.com/in/tinesh-chhaya-07623097/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Mar 13,2022 38:34 -
14. CSCP S03E09 - Karissa Breen - Women in cyber and breaking stereotypes
Karissa Breen is Cyber Communications Specialist, Security Investigative Journalist, start-up advisor, entrepreneur, and podcast host based in Sydney. She quickly rose up in the cyber field getting promoted as a Cyber Reporting Analyst, then Pen Testing Engagement Lead then started her own company. She says that better marketing and communication skills would improve many issues in the field. They discuss diversity, women in cyber, soft skills, and how the industry is rapidly changing.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Introduction
0:28 Karissa’s background
6:50 Promotions and rising up the ranks
8:46 Creating own company
9:50 Communicating technical terms
12:00 Lightbulb moment
16:05 Chaining role of security
17:50 Advise developing soft skills
20:27 Marketing
23:20 Women in cyber
29:10 Job requirements and diversity
33:40 Positive message
35:15 Connect with Karissa
36:09 Outro
Chris Foulon
Twitter @iamkarissabreen
Podcast— KBKAST
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Mar 06,2022 36:09 -
15. CSCP S03E08 - Christopher Foulon - How do i start in cyber mythbusting and other jedi tricks
Christophe Foulon is a cyber security practitioner, career coach, speaker, and currently the Sr Manager Cyber Security Consultant at (Undisclosed) and F10 Fintech. He is the co-host of “Breaking into Cybersecurity,” a podcast that encourages people from diverse backgrounds to consider a career in security. He volunteers with two non-profits, “Boots to Books” and “The Whole Cyber Human Initiative,” that benefit veterans and lessen the talent shortage in cyber. Chris shares why mentoring and giving back is important to him.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Introduction
0:28 Chris’ background
2:33 Work with non-profits
5:02 Recruiting cyber workforce
8:20 Career possibilities in cyber
10:23 Veterans transition to a cuber career
12:20 Starting a podcast
15:50 Need to network
16:50 Advice for starting in security
19:15 Success stories
23:00 Mentoring
27:20 Positive Message
29:43 Connect with Chris
30:50 Outro
Chris Foulon
https://linkedin.com/in/christophefoulon
Twitter @chris_foulon
https://anchor.fm/breakingintocybersecurity
https://youtube.com/c/BreakingIntoCybersecurity
https://www.wholecyberhumaninitiative.org
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Feb 27,2022 30:50 -
16. CSCP S03E07 - Jim Manico - Appsec in modern world and DevSecOps methodologies
Is a pleasure to host again our good friend Jim.
Jim Manico is an AppSec enthusiast, educator, the Manicode founder, an investor, Java Champion, and an OWASP leader. This passionate conversation revolves around the new OWASP Top 10, reference architecture, threat modelling, SMS authentication, and TLS certificates.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Introduction
0:28 Jim’s background
1:50 OWASP Top 10 Old and New
4:05 Secure design and threat modelling
9:55 Reference architecture
14:15 Follow through and scale
16:30 Security bugs
18:13 Authentication
24:32 JWT
27:45 TLS certificates
31:50 Zero trust
32:14 Positive Message
33:50 Connect with Jim
35:00 Outro
Jim Manico
Twitter @manicode
linkedin.com/in/jmanico manicode.com
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Feb 20,2022 35:00 -
17. CSCP S03E05 - Glenn Wilson - Modern Devsecops Hero
Glenn Wilson is a DevOps advocate, an agile security consultant, the founder of Dynaminet, the best-selling author of “DevSecOps: A leader’s guide to producing secure software without compromising flow, feedback and continuous improvement,” the co-organizer of DevSecOps London Gathering, the Co-Host of DevSecOps Overflow Podcast, and a member of OWASP. Francesco and Glenn discuss the industry's current state, security champions, risk considerations, and the importance of pen-testing.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:00 Introduction
1:50 View of industry
6:12 Automation, support developers
9:12 Security language barrier
11:25 3 types of communication
14:06 Less reactive, more proactive
17:50 Business owns risk
20:36 Writing a book
26:34 Pen testing
28:28 Auditors and regulators
31:10 Positive Message
32:16 Connect with Glenn
33:44 Outro
Glenn Wilson
https://www.linkedin.com/in/glennwilson
Twitter @GlennDynaminet
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Feb 06,2022 33:44 -
18. CSCP S03E04 - Naomi Buckwalter - The Path to Cyberber
Naomi is on a secret mission to change the world of cyber and make it accessible to everybody!
Naomi Buckwalter is the Director of Information Security & IT at Beam Technologies and the founder and Executive Director of Cybersecurity Gatekeepers Foundation, a nonprofit dedicated to closing the demand gap in cybersecurity hiring. Originally an aspiring FBI agent, Naomi is passionate about stopping the war on cybercrime and is recruiting and training people of all skill levels to join the fight.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:46 Introducing Naomi
4:50 War on cyber crime
7:50 Small businesses
10:30 Ransomware
14:00 Principles of security
16:00 Hiring opera singer
19:47 Plane crash analogy
23:00 Mentoring
25:25 InfoSec drama and toxicity
29:20 Path to cyber
33:40 Positive message
35:00 Outro
Christopher Hodson
Twitter @ChrisHInfoSec
https://cybersecuritymatters.blog
https://www.linkedin.com/in/christopherjhodson/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Jan 30,2022 35:00 -
19. CSCP S03E03 - Vandana Verma - Baby Stepping in Cyber - Cyberkids
CSCP is back with this brand new season 3
Vandana Verma is the Security Solutions Architect at Snyk, a Chapter Leader and Board Member of OWASP, an advocate for women and girls in AppSec, and the founder of Infosec Kids. Vandana explains why security teams need to be more empathetic, why she started the Spotlight Project and Infosec Kids, the importance of security champions, and her view on the future of security.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:47 Introducing Vandana
3:30 Overview of industry
6:12 Open source and application security
8:38 Cloud-native application security
11:50 Educate developers
14:40 Security champions
18:30 Application security posture management
20:24 Spotlight project
23:53 Infosec Kids
27:00 Infosec Diversity
28:54 Future of security
35:36 Final positive message
37:02 Outro
Vandana Verma
Twitter @InfosecVandana
https://linkedin.com/in/vandana-verma
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Jan 24,2022 37:02 -
20. CSCP S03E02 - Paddy Viswanathan - The Risky Journey To The Cloud
CSCP is back with this brand new season 3
Paddy Viswanathan is the CEO and founder of C3M. C3M Cloud Control is a cloud security platform that helps cloud and security teams continuously monitor and manage their cloud security posture. Frank and Paddy discuss risk assessment in the cloud, how to prevent breaches associated with a third party, and the overall state of the cyber security industry.
The episode is brought you by C3M. C3M Cloud Control is a cloud security platform that helps cloud and security teams continuously monitor and manage their cloud security posture. To know more go to www.c3m.io
0:47 Introducing Paddy
2:25 State of the industry
5:55 Risk and alert fatigue
10:21 Risk code
13:19 Security breaches
17:35 Access and authentication
18:50 Cloud assessment
23:24 Final Positive Message
26:15 Outro
Paddy Viswanathan
https://www.linkedin.com/in/paddyviswanathan/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Jan 16,2022 26:10 -
21. CSCP S03E00 - Steve Wilson - Log4J and Log4Shell Special - Nightmare On Christmas Eve
CSCP is Coming back with Season 3 in the new year!
As a teaser, we bring you the latest story on the blog...Log4j with Steve Wilson from Contrast Security
Steve Wilson is an Application Security expert development manager and currently and currently the head of product at Contrast. Steve joins the podcast to discuss the nightmare just unleashed, log4j, that has been affecting everyone around the cybersecurity industry and the reason why we are facing this other pandemic
We will return with a special launch in 2022 with some special guest
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:28 Introducing Steve
2:13 Cybersecurity Advice
3:15 Supply chain issues
8:30 Lg4J
12:47 Issue of Supply and software
19:16 What to do to avoid
23:07 Why we are getting it wrong
27:52 Final Positive Message
29:40 Outro
Steve Wilson
Twitter @virtualsteve
https://www.linkedin.com/in/wilsonsd/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Full Transcript
00:00.00franksecHello everyone and welcome back to another episode of the cyber security and cloud podcast today. We have a topic that probably nobody has ever spoken in the recent time that is Goingnna be obligation security vulnerability management but the whole thing that has taken. By the storm the industry that is fundamental log for js and today we have a special guest but before we crack on. Let let us start with our intro.
00:54.11franksecAll right? or right or right we are Back. So I'd like to welcome steel wilson that came we started chatting over over a Twitter over Twitter threadad around of course up for j. So I've reminded him on the show to actually chat a little bit about the topic and his particular take is been He's the chief product officer of contra security 1 product that we absolutely love and we saw that was quite well reacting on the log four j issue but also he is an early member of the Java team on the early ninety s. But before I talk through it. Let me welcome steve steve welcome on the show.
01:33.74Steve WilsonHey thank you Francisco for having me really looking forward t
Dec 20,2021 32:00 -
22. CSCP S03E01 - Chris Hodson - The Evolution of the CISO
CSCP is back with this brand new season 3
Christopher Hodson is the CISO at Contentful, the former CISO of Tanium, the author of Cyber Risk Management, and an all around Cyber Security and DevSecOps expert. Francesco and Christopher discuss changes in the industry since COVID, whether coding should be a requirement to work in cyber security, and communicating technical security risks with executives.
The episode is brought you by AppSec Phoenix Ltd with the Phoenix platform you can make Vulnerability management for software and organization SMART. Follow the tag #appsecsmart
https://www.appsecphoenix.com get a free 30-day licence quoting CSCP https://landing.appsecphoenix.com/register
0:50 Introducing Chris
3:30 Changes due to COVID
7:05 Cloud capacity and security
11:40 Misconfigurations
13:50 Working cross-functionally
17:40 Shifting security approach
19:58 Communicating with executives
26:10 Burnout
28:35 Is coding a requirement
31:10 Final positive message
34:40 Connect with Chris
34:34 Outro
Christopher Hodson
Twitter @ChrisHInfoSec
https://cybersecuritymatters.blog
https://www.linkedin.com/in/christopherjhodson/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links Follow us on social media to get the latest episodes:Website: http://www.cybercloudpodcast.com/You can listen to this podcast on your favourite player:Itunes: https://.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open./show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
Jan 09,2022 34:34
Cyber Security & Cloud Podcast
Welcome to the Cyber Security & Cloud Podcast #CSCP where we will explore the dark secret of cloud and cyber. The podcast focuses on people and their stories and explores the human element that brings so many people together Some episode will be for the well-seasoned cybersecurity veteran but most are about stories of infosec people and how they reach where they are now. The focus and various stream of the podcast is Cybersecurity, Cloud Security, Application Security Social Engineering, and community building
Comments (0)
0/500
New Comments(0)
What do you think of this podcast?
