Developing a Security Test Methodology with Mike Spanbauer

TestGuild Security Testing Podcast

#Tech #Joe Colantonio #Penetrationtesting #Securitytesting #Securitytestingtools #Softwaresecurity #Podcasting Education #Vulnerable

26:46

For many travelers, Antarctica is a bucket-list destination, a once-in-a-lifetime opportunity to touch all seven continents. In 2023, a record-breaking 100,000 tourists made the trip. But the journey begs a fundamental question: What do we risk by traveling to a place that is supposed to be uninhabited by humans? And as the climate warms, should we really be going to Antarctica in the first place? SHOW NOTES: Kara Weller: The Impossible Dilemma of a Polar Guide Marilyn Raphael: A twenty-first century structural change in Antarctica’s sea ice system Karl Watson: First Time in Antarctica Jeb Brooks : 7 Days in Antarctica (Journey to the South Pole) Metallica - Freeze 'Em All: Live in Antarctica Learn about your ad choices: dovetail.prx.org/ad-choices…

for 4 år siden 34:42

MP3•Episode hjem

I today’s episode, I’m going to be sharing a session that Mike Spanbauer, Security Evangelist for Juniper, gave at the last Secure Guild online conference on Developing a Security Test Methodology. Discover the four pieces that make up his approach and some essential tips in implementing your own. Listen up!

51 episoder

Developing a Security Test Methodology with Mike Spanbauer

TestGuild Security Testing Podcast

published for 4 år siden

Del

MP3•Episode hjem

51 episoder

#Tech #Joe Colantonio #Penetrationtesting #Securitytesting #Securitytestingtools #Softwaresecurity #Podcasting Education #Vulnerable

همه قسمت ها

1
How to achieve the Defense Department’s CMMC compliance with Frank Smith 32:59

for 4 years siden32:59

32:59

Did you know that the Department of Defense (DOD) is mandating that suppliers have Cybersecurity Maturity Model Certification (CMMC) to a prescribed level? In this episode , Frank Smith, Manager of Security and Consulting Practice at Ntiva, shares all you need to know about CMMC. Discover what CMMC is, why you should care, the requirements needed for certification, who needs to be certified, and more. Listen up!…

1
Developing a Security Test Methodology with Mike Spanbauer 34:42

for 4 years siden34:42

34:42

1
Prioritize Your Open Source Findings with James Rabon 22:10

for 4 years siden22:10

22:10

Does your team struggle with prioritizing your security open-source findings? In this episode , James Rabon, Director of Product Management at Micro Focus, will share an approach that can help. Discover how James’ team co-developed “susceptibility analysis,” which allows developers and application security engineers determine whether a publicly-disclosed vulnerability has been invoked in their code. It also reveals whether attacker-controlled input reaches that function. Listen now!…

1
CyberOps with Joe Abraham 30:32

for 4 years siden30:32

30:32

Cybersecurity concepts are fundamental pieces of knowledge necessary for a career in security testing. In this episode, Joe Abraham, author of numerous Pluralsight courses, will share some insights into many security aspects. Listen in to learn about security onion, threat intelligence, cyber threat hunting tips and more.…

1
TrustedSec Sysmon Community Guide with Carlos Perez 29:38

for 4 years siden29:38

29:38

Are you struggling to find information on how to use Sysmon for your security efforts? In this episode , Carlos Perez, a Research Team lead at TrustedSec, shares all about the TrustedSec Sysmon Community Guide. Discover why Carlos created this guide and how it helps empower defenders with the information they need to leverage this great tool. Also, listen in to hear about Carlos’s extensive knowledge gained in working to detect attackers.…

1
Cybersecurity Tools and Frameworks with Aaron Rosenmund 31:34

for 4 years siden31:34

31:34

Aaron Rosenmund, a cybersecurity researcher at Pluralsight, shares a wealth of knowledge around security testing in this episode . Discover blue team tools to protect, detect, and respond against targeted threat actor techniques in an enterprise environment. Listen in to also learn security frameworks to help you with your threat hunting efforts…

1
Information Gathering in Penetration Testing with Malek Mohammad 21:35

for 4 years siden21:35

21:35

How can you prevent attacks if you don't know your enemy? In this episode , Malek Mohammad, author of the Pluralsight course: Web Application Penetration Testing: Information Gathering , discusses how to know how your enemies target you. Discover fingerprinting web applications, enumerating applications, understanding their entry points, and tooling needed. Listen up!…

1
Happy Security Testing New Year 2021! 1:40

for 4 years siden1:40

1:40

Happy New Year! We will be away for a few weeks but will be back with more security testing awesomeness in 2021. Also, don't forget to register for AutomationGuild .

1
AWS Penetration Testing with Jon Helmus 28:52

for 4 years siden28:52

28:52

Need to secure your AWS environments? In this episode , Jonathan Helmus, author of the new book AWS Penetration Testing, will share some tips on AWS penetration testing and security best practices. Discover some of the commonly exploited vulnerabilities in AWS and how to prevent them. Listen in to learn more about cloud penetration testing tips, and tricks. Thanks so much for listening! If you like this episode, please subscribe to "The TestGuild Security" podcast and rate and review wherever you get podcasts. Join the Guild for even more security testing awesomeness: https://testguild.com/newsletter/…

1
Discover Network Vulnerabilities using Infection Monkey with Maril Vernon 30:44

for 4 years siden30:44

30:44

Are you using Infection Monkey? In this episode, Pluralsight author and security expert Maril Vernon will share some insights from her Infection Monkey course. Discover uses of Infection Monkey to test for later movement and network segments against known MITRE tactics. Listen up to learn how this amazing tool can identify your company’s vulnerable network paths and how to protect yourself proactively.…

1
OWASP Broken Authentication Breakdown with Prasad Salvi 23:23

for 4 years siden23:23

23:23

Prepare to learn all about the OWASP Top 10 Web Application Security Risks—Broken Authentication. This is the second monthly episode in which security expert Prasad Salvi will join us to break down each OWASP risk one by one. Today we’ll discuss the second security risk listed—broken authentication. Discover what a broken authentication risk is, the different ways this attack can occur, and how to prevent it. Listen up, and join us next month as we cover the next security risk, sensitive data exposure.…

1
API Security Testing In DevOps with Oli Moradov 46:05

for 4 years siden46:05

46:05

How do you integrate API security testing into the development process? In this episode, Oli Moradov, VP of Dev and Strategic Alliances at NeuraLegio, shares ways that you can achieve API security testing automation directly into your DevOps or CI/CD pipelines. Discover how you can test every build without causing development drag. Listen up!…

1
Covid-19 Security and OWASP with Adiran Thirmal 34:03

for 4 years siden34:03

34:03

Has COVID-19 impacted your security testing efforts? In this episode , security expert Adhiran Thirmal shares his thoughts on security testing, Covid-19, OWASP, and more. Listen up and find out more about changes to OWASP for 2020 and beyond and how you can help.

1
SQL Injection OWASP Top 10 with Prasad Salvi 25:23

for 4 years siden25:23

25:23

Are you familiar with the OWASP Top 10 Web Application Security Risks? This is the first monthly episode where security expert Prasad Salvi joins us to break down each risk one by one. Today we talk all about the first security risk listed -- injection flaws. Discover what an injection flaw is, different ways this attack can occur, and how to prevent it. Listen up and join us next month as we cover the next security risk, broken authentication.…

1
P2P Security with Paul Marrapese 23:55

for 4 years siden23:55