Bra podcast
Sveriges mest populära poddar
- Affärsnyheter
- Alternativ hälsa
- Amerikansk fotboll
- Andlighet
- Animering och manga
- Astronomi
- Barn och familj
- Basket
- Berättelser för barn
- Böcker
- Buddhism
- Dagliga nyheter
- Dans och teater
- Design
- Djur
- Dokumentär
- Drama
- Efterprogram
- Entreprenörskap
- Fantasysporter
- Filmhistoria
- Filmintervjuer
- Filmrecensioner
- Filosofi
- Flyg
- Föräldraskap
- Fordon
- Fotboll
- Fritid
- Fysik
- Geovetenskap
- Golf
- Hälsa och motion
- Hantverk
- Hinduism
- Historia
- Hobbies
- Hockey
- Hus och trädgård
- Ideell
- Improvisering
- Investering
- Islam
- Judendom
- Karriär
- Kemi
- Komedi
- Komedifiktion
- Komediintervjuer
- Konst
- Kristendom
- Kurser
- Ledarskap
- Life Science
- Löpning
- Marknadsföring
- Mat
- Matematik
- Medicin
- Mental hälsa
- Mode och skönhet
- Motion
- Musik
- Musikhistoria
- Musikintervjuer
- Musikkommentarer
- Näringslära
- Näringsliv
- Natur
- Naturvetenskap
- Nyheter
- Nyhetskommentarer
- Personliga dagböcker
- Platser och resor
- Poddar
- Politik
- Relationer
- Religion
- Religion och spiritualitet
- Rugby
- Så gör man
- Sällskapsspel
- Samhälle och kultur
- Samhällsvetenskap
- Science fiction
- Sexualitet
- Simning
- Självhjälp
- Skönlitteratur
- Spel
- Sport
- Sportnyheter
- Språkkurs
- Stat och kommun
- Ståupp
- Tekniknyheter
- Teknologi
- Tennis
- TV och film
- TV-recensioner
- Underhållningsnyheter
- Utbildning
- Utbildning för barn
- Verkliga brott
- Vetenskap
- Vildmarken
- Visuell konst
Om podden
A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
The podcast Blue Security is created by Andy Jaw & Adam Brewer. The podcast and the artwork on this page are embedded on this page using the public podcast feed (RSS).
Avsnitt
Cloud Security - Defender for App Service and Defender for Databases
24 december 2024 |
18 min
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the importance of cloud security, focusing on Microsoft's Defender services. They explore Defender for App Service, highlighting its ease of activation and the security recommendations it provides. The conversation then shifts to Defender for Databases, detailing its capabilities in protecting SQL databases from various threats, including SQL injection attacks. The hosts emphasize the necessity of a layered security approach, known as defense in depth, to ensure comprehensive protection for cloud workloads. ----------------------------------------------------
YouTube Video Link: https://youtu.be/LJCohdB5ER8
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-app-service-introduction
https://learn.microsoft.com/en-us/azure/defender-for-cloud/tutorial-enable-databases-plan
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Cloud Security - Defender for Key Vault and Defender for API
17 december 2024 |
22 min
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into Azure Key Vault and its security features, particularly focusing on Defender for Key Vault and Defender for API. They discuss the importance of securely managing sensitive information, the ease of deploying these security solutions, and the critical need for visibility and threat detection in cloud environments. The conversation highlights the differences between the two defenders, emphasizing the growing threat landscape for APIs and the necessity of robust security measures.
----------------------------------------------------
YouTube Video Link: https://youtu.be/JxfdKZTWF3c
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-key-vault-introduction
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-apis-introduction
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Options for Microsoft training
10 december 2024 |
28 min
Summary
In this episode, Andy and Adam discuss various resources available for training on Microsoft technologies. They emphasize the importance of the Learn Microsoft portal, highlight the benefits of Ninja training for deep dives into specific topics, and recommend various YouTube channels for bite-sized learning. The conversation also covers the significance of tech community blogs, hands-on learning through applied skills, and creating personal lab environments for experimentation. Additionally, they touch on other learning resources available beyond Microsoft, including LinkedIn Learning and the value of networking with peers.
----------------------------------------------------
YouTube Video Link: https://youtu.be/5A54j9wmHt4
----------------------------------------------------
Documentation:
https://rodtrent.substack.com/p/all-the-microsoft-ninja-training
https://www.youtube.com/@MSFTMechanics
https://www.youtube.com/@MicrosoftSecurity
https://www.youtube.com/@MicrosoftSecurityCommunity
https://techcommunity.microsoft.com/t5/security-compliance-and-identity/bg-p/MicrosoftSecurityandCompliance
https://learn.microsoft.com/en-us/credentials/browse/?credential_types=applied%20skills
https://ajawzero.medium.com/my-unraid-build-thoughts-and-lessons-learned-881781c2cf97
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
2024 Ignite Recap
3 december 2024 |
62 min
Summary
In this episode, hosts Andy and Adam recap the key announcements from Microsoft Ignite, focusing on new features in Microsoft Edge, enhancements in Microsoft Teams for global collaboration, and significant updates in security management tools like Security Co-Pilot and Microsoft Purview. They discuss the importance of data security, the role of AI in improving security posture, and the latest improvements in Intune for device management. The conversation covers significant advancements in Microsoft's technology offerings, focusing on improvements in Intune for device management, updates to the Entra Suite and Security Service Edge, AI integration in security management, innovations in Defender for Cloud, and enhancements aimed at strengthening security posture for SMBs. Additionally, the discussion highlights new features in Windows 365 and concludes with insights into Microsoft's progress in quantum computing.
----------------------------------------------------
YouTube Video Link:
----------------------------------------------------
Documentation:
https://news.microsoft.com/ignite-2024-book-of-news/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
CMMC with Special Guest Justin Orcutt
26 november 2024 |
26 min
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer welcome Justin Orcutt from Microsoft to discuss the Cybersecurity Maturity Model Certification (CMMC). The conversation covers the history and requirements of CMMC, the steps companies need to take to prepare for audits, and the importance of continuous monitoring. Justin shares insights on the anxiety surrounding CMMC compliance, the tools available for tracking progress, and the broader implications of CMMC for various industries beyond defense contracting. He emphasizes the need for organizations to understand their data security requirements and engage with communities for support.
----------------------------------------------------
YouTube Video Link: https://youtu.be/dCMeiEXhRTI
----------------------------------------------------
Documentation:
https://www.defense.gov/News/Releases/Release/Article/3932947/cybersecurity-maturity-model-certification-program-final-rule-published/
Justin Orcutt: https://www.linkedin.com/in/justinorcutt/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
T-Mobile Breach, Sophos hacks back, Bluesky surges
19 november 2024 |
41 min
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the recent T-Mobile breach attributed to Chinese state-sponsored hackers, emphasizing the importance of parsing corporate statements. They delve into the implications of cybersecurity threats, referencing a Sophos report detailing a five-year cat-and-mouse game with Chinese attackers. The conversation shifts to the rise of the new social media platform, Bluesky, exploring its potential to attract users from Twitter and its unique features.
----------------------------------------------------
YouTube Video Link:
----------------------------------------------------
Documentation:
https://www.cisa.gov/news-events/news/joint-statement-fbi-and-cisa-peoples-republic-china-prc-targeting-commercial-telecommunications
https://www.sophos.com/en-us/content/pacific-rim
https://www.bbc.com/news/articles/c8dm0ljg4y6o
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Securing contingent workers
12 november 2024 |
35 min
Summary
In this episode, Andy and Adam discuss the challenges and strategies for securing seasonal and contingent workers using a Zero Trust approach. They emphasize the importance of managed devices, the complexities of hybrid domain joins, and explore alternative solutions such as cloud-based services. The conversation also touches on the significance of security policies and the need for exceptions in certain scenarios, ultimately advocating for a balanced approach to cybersecurity that enables business productivity.
----------------------------------------------------
YouTube Video Link: https://youtu.be/RsR0XsFWDjQ
----------------------------------------------------
Documentation:
https://kanenarraway.com/posts/bpo-security-zero-trust/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Offboarding employees
5 november 2024 |
25 min
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the critical steps involved in offboarding employees, particularly focusing on Microsoft 365 environments. They cover essential practices such as blocking user sign-ins, managing mailbox contents, device management, and ensuring data protection. The conversation emphasizes the importance of modernizing device management strategies and highlights best practices for handling sensitive information during the offboarding process. The hosts also touch on the role of super users in document management and the implications of Teams chat storage.
----------------------------------------------------
YouTube Video Link: https://youtu.be/NaFv6MjJgEI
----------------------------------------------------
Documentation:
https://practical365.com/checklist-for-terminating-employees-with-microsoft-365-accounts/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Detecting AD Compromise, Safe MDE Deployment, macOS SSO
29 oktober 2024 |
31 min
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss critical cybersecurity insights, focusing on Active Directory security techniques, the implications of recent incidents involving Microsoft Defender for Endpoint, and the introduction of passwordless solutions for Apple devices. They emphasize the importance of foundational knowledge in cybersecurity, the need for robust security practices, and the evolution of identity management solutions in enterprise environments.
----------------------------------------------------
YouTube Video Link: https://youtu.be/ySylj7V0AY8
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/entra/identity-platform/apple-sso-plugin
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
2024 Microsoft's Digital Defense Report
22 oktober 2024 |
42 min
Summary
In this episode, Andy and Adam discuss Microsoft's 2024 Digital Defense Report, which highlights the evolving cyber threat landscape, the rise of ransomware, identity attacks, and DDoS attacks. They emphasize the importance of centering organizations around security, the shift towards passwordless authentication, and the impact of AI on cybersecurity. The conversation provides actionable insights for organizations to enhance their security posture and adapt to the changing threat environment.
----------------------------------------------------
YouTube Video Link: https://youtu.be/o7X4dH55dto
----------------------------------------------------
Documentation:
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Secure Future Initiative Update
15 oktober 2024 |
27 min
Summary
In this episode, Andy Jaw and Adam Brewer discuss Microsoft's Secure Future Initiative (SFI), which emphasizes security by design, default, and operations. They explore the initiative's six key security pillars, the impact of recent cyber incidents, and the ongoing progress in enhancing security measures across Microsoft. The conversation highlights the importance of employee accountability, governance, and the implementation of new security protocols, including fish resistant credentials and improved monitoring systems. The hosts reflect on the challenges and changes brought about by SFI and its implications for the future of cybersecurity at Microsoft.
----------------------------------------------------
YouTube Video Link: https://youtu.be/zHX2FCO8FdY
----------------------------------------------------
Documentation:
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Let's talk about passwords!
8 oktober 2024 |
40 min
Summary
In this episode of the BlueScarity Podcast, hosts Andy Jaw and Adam Brewer discuss the evolution of password guidelines, focusing on the recent updates from NIST and Microsoft. They explore the implications of these changes, emphasizing the importance of understanding human behavior in password security and the need for organizations to adopt passwordless solutions. The conversation highlights practical steps for reducing reliance on passwords while enhancing security through user education and modern authentication methods.
----------------------------------------------------
YouTube Video Link: https://youtu.be/MJ_h6TzMyEU
----------------------------------------------------
Documentation:
https://pages.nist.gov/800-63-4/sp800-63.html
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Protect against token theft
1 oktober 2024 |
35 min
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the critical topic of token theft in identity management. They discuss the importance of multi-factor authentication (MFA) as a primary defense against identity attacks, the nature of tokens, and how attackers exploit vulnerabilities to steal these tokens. The conversation highlights the introduction of token binding as a new protective measure, practical steps organizations can take to reduce the risk of token theft, and the significance of detecting and investigating potential attacks. The hosts emphasize the need for managed and compliant devices, user training, and the implementation of conditional access policies to enhance security.
----------------------------------------------------
YouTube Video Link: https://youtu.be/xPHqA7JzPkY
----------------------------------------------------
Documentation:
https://techcommunity.microsoft.com/t5/microsoft-entra-blog/how-to-break-the-token-theft-cyber-attack-chain/ba-p/4062700
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
BSP Turns 4, WSUS Deprecated, macOS Firewall Woes
24 september 2024 |
41 min
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer celebrate four years of podcasting, reflecting on their journey and the importance of providing actionable insights to their audience. They discuss the significance of education in technology, particularly in relation to Microsoft products and the recent deprecation of WSUS. The conversation also covers the implications of Apple's latest OS release and the challenges faced by enterprise users. Finally, they emphasize the need for resilience in technology and the importance of having backup plans in place. ----------------------------------------------------
YouTube Video Link: https://youtu.be/cIcE-hXtCNs
----------------------------------------------------
Documentation:
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Cloud Security - Containers 101 & Defender for Containers
17 september 2024 |
27 min
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the world of containers, exploring their functionality, differences from virtual machines, and the importance of securing them. They discuss key tools like Docker and Kubernetes, and introduce Microsoft's Defender for Containers as a solution for managing security in containerized environments. The conversation emphasizes the simplicity and efficiency of containers, while also addressing the shared responsibility of security in modern application development.
----------------------------------------------------
YouTube Video Link: https://youtu.be/zjhIC4IoxgE
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-introduction
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
IBM's Cost of a Data Breach 2024
10 september 2024 |
48 min
Summary
In this episode, Andy and Adam discuss the key findings from IBM's report on the costs of a data breach in 2024. They cover topics such as the increase in the cost of data breaches, the use of security AI and automation, the cyber skills shortage, the challenges of shadow data, and the importance of insider risk management. They also highlight the need for password protection, fish-resistant MFA, and data consolidation, as well as the benefits of using generative AI tools. The episode concludes with a reminder to not be afraid of AI and to embrace its potential to enhance productivity and efficiency.
----------------------------------------------------
YouTube Video Link: https://youtu.be/mbwJGjg7g0s
----------------------------------------------------
Documentation:
https://www.ibm.com/downloads/cas/1KZ3XE9D
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Entra Suite Overview
3 september 2024 |
39 min
Summary
In this episode of the Blue Security Podcast, Andy and Adam discuss Entra Suite, a new package from Microsoft that includes various Entra products and solutions. They provide an overview of each component, including Entra Private Access, Entra Internet Access, Entra ID Governance, Entra ID Protection, and Entra Verified ID. They highlight the benefits and use cases of each component and discuss the pricing options. They also emphasize the importance of using open standards and collaboration in the identity space.
----------------------------------------------------
YouTube Video Link: https://youtu.be/9zlC8NmBEp8
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/entra/global-secure-access/concept-private-access
https://learn.microsoft.com/en-us/entra/global-secure-access/concept-internet-access
https://learn.microsoft.com/en-us/entra/id-governance/identity-governance-overview
https://learn.microsoft.com/en-us/entra/id-governance/licensing-fundamentals
https://learn.microsoft.com/en-us/entra/id-protection/overview-identity-protection
https://learn.microsoft.com/en-us/entra/verified-id/decentralized-identifier-overview
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Where do you get technical training?
27 augusti 2024 |
40 min
Summary
In this episode, Andy and Adam discuss various resources and methods for getting training and learning about Microsoft and other technology solutions. They cover topics such as official documentation, certification tracks, Ninja training, Microsoft Mechanics, the Tech Community, customer connection programs, building a personal lab, and the importance of having a supportive network.
Takeaways
- learn.microsoft.com is the official documentation and training resource for Microsoft products and solutions.
- Microsoft offers certification tracks for various roles and technologies, and free training is available for these certifications.
- Ninja training provides deep dives and technical content on security, compliance, and other Microsoft products.
- Microsoft Mechanics is a YouTube channel and podcast that offers bite-sized videos on various Microsoft technologies.
- Building a personal lab using virtualization software or cloud services is a great way to gain hands-on experience.
- Having a supportive network of coworkers and friends who are curious and willing to share experiences can greatly enhance learning and professional growth.
----------------------------------------------------
YouTube Video Link: https://youtu.be/5cgUfci9M9c
----------------------------------------------------
Documentation:
https://rodtrent.substack.com/p/all-the-microsoft-ninja-training
https://www.youtube.com/@MSFTMechanics
https://www.youtube.com/@MicrosoftSecurity
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Trump and NPD Hacked, Microsoft Admin MFA
20 augusti 2024 |
33 min
Summary
In this episode of the Blue Security Podcast, Andy and Adam discuss several cybersecurity news stories. They cover the hack of the Trump campaign's emails by Iranian hackers, the breach of the National Public Data records, and Microsoft's new requirement for admins to enable multi-factor authentication (MFA). They also touch on the importance of data privacy and the need for companies to be responsible stewards of consumer data.
Takeaways
-Iranian hackers targeted the Trump campaign's emails in an attempt to influence the US presidential election.
-The breach of the National Public Data records compromised personal information for billions of individuals, highlighting the need for stronger data privacy regulations.
-Microsoft is enforcing the use of multi-factor authentication (MFA) for admins to enhance security and reduce the risk of account takeovers.
-Companies should prioritize data security and be responsible stewards of consumer data, minimizing data collection and protecting it from unauthorized access.
----------------------------------------------------
YouTube Video Link: https://youtu.be/xFPPyec6GJQ
----------------------------------------------------
Documentation:
https://blogs.microsoft.com/on-the-issues/2024/08/08/iran-targeting-2024-us-election/
https://npd.pentester.com/search
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Cloud Security - Defender for Storage Deep Dive
13 augusti 2024 |
28 min
Summary
In this episode of the Blue Security Podcast, Andy and Adam discuss Microsoft's Defender for Storage, a cloud-native security solution for Azure Blob Storage, Azure Files, and Azure Data Lake Storage. They highlight the three major impacts on data workloads: malicious file uploads, sensitive data exfiltration, and data corruption. The solution offers activity monitoring, malware scanning, and sensitive data threat detection. They also mention the pricing model, the integration with Microsoft Purview, and the ease of deployment using Azure Policy and Logic Apps.
Takeaways
-Defender for Storage is a cloud-native security solution for Azure Blob Storage, Azure Files, and Azure Data Lake Storage.
-The solution protects against malicious file uploads, sensitive data exfiltration, and data corruption.
-It offers activity monitoring, malware scanning, and sensitive data threat detection.
-Integration with Microsoft Purview allows for seamless inheritance of sensitivity settings.
-Deployment can be done through the Azure portal, Azure Policy, or infrastructure as code using the REST API.
-Logic Apps can be used to automate responses and streamline security operations.
-A pre-purchase plan is available for Defender for Cloud workloads, offering programmatic discounts and predictable billing.
----------------------------------------------------
YouTube Video Link: https://youtu.be/_DNCcy4V5Uo
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-storage-introduction
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
New Autopilot Features, Intune Enrollment Attestation, MAM for W365/AVD
6 augusti 2024 |
25 min
Summary
In this episode of the Blue Security Podcast, Andy and Adam discuss new features and updates in Intune, including autopilot for existing devices, Intune enrollment attestation, and mobile application management (MAM). They explain how autopilot for existing devices allows organizations to enroll on-premise joined devices into autopilot using config man and a task sequence. They also highlight the importance of monitoring device enrollments and implementing security measures such as requiring a pin for app access and blocking third-party keyboards.
Takeaways
- Autopilot for existing devices allows organizations to enroll on-premise joined devices into autopilot using config man and a task sequence.
- Monitoring device enrollments and implementing security measures such as requiring a pin for app access and blocking third-party keyboards are important for protecting corporate data.
-Intune enrollment attestation stores the MDM ID in the TPM of the device, preventing attacks that export the MDM device to attack other devices.
-Mobile application management (MAM) is a lightweight way to protect corporate data on unmanaged devices, and it can be used in conjunction with MDM on managed devices.
-MAM capabilities are now available for Windows 365 and AVD clients on Windows, iOS, PadOS, and Android clients, allowing for more secure access to corporate data.
----------------------------------------------------
YouTube Video Link: https://youtu.be/R8GYUQjr7ds
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/autopilot/existing-devices
https://learn.microsoft.com/en-us/mem/intune/enrollment/windows-enrollment-attestation#resources
https://learn.microsoft.com/en-us/mem/intune/protect/mobile-threat-defense
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod Youtube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Cloud Security - Defender CSPM Deep-Dive
30 juli 2024 |
33 min
Summary
In this episode of the Blue Security Podcast, Andy and Adam discuss Defender CSPM (Cloud Security Posture Management). They explain that CSPM is the process of monitoring cloud-based systems and infrastructure for risks and misconfigurations. They highlight the key capabilities of CSPM, including automation, monitoring and managing IaaS, SaaS, and PaaS platforms, and ensuring regulatory compliance. They also introduce Defender CSPM, a paid subscription service that offers additional features such as agentless scanning, container vulnerability assessments, and DevOps security. They mention the inclusion of Entra Permissions Management and external attack surface management in Defender CSPM. They emphasize the value of Defender CSPM for regulatory compliance and the ease of reporting on security posture against specific standards.
Takeaways
-CSPM is the process of monitoring cloud-based systems and infrastructure for risks and misconfigurations.
-Defender CSPM is a paid subscription service that offers additional features such as agentless scanning, container vulnerability assessments, and DevOps security.
-Defender CSPM includes Entra Permissions Management and external attack surface management.
-Defender CSPM is valuable for regulatory compliance and provides ease of reporting on security posture against specific standards.
----------------------------------------------------
YouTube Video Link: https://youtu.be/lqvWnxyQqVs
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-cloud-security-posture-management
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod Youtube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
CrowdStrike Major Incident
22 juli 2024 |
50 min
Summary
In this episode of the Blue Security Podcast, Andy and Adam discuss the aftermath of the CrowdStrike failed software update. They express empathy for those impacted by the incident and discuss the importance of collaboration in the cybersecurity industry. They also explore the need for transparency from security vendors and the potential impact on cybersecurity teams and funding. The conversation touches on the level of access that security solutions have and the need for a balanced approach. They emphasize the importance of having an incident response plan and implementing deployment rings for security updates.
----------------------------------------------------
YouTube Video Link: https://youtu.be/_ajB1t89VrQ
----------------------------------------------------
Documentation:
https://www.crowdstrike.com/blog/falcon-update-for-windows-hosts-technical-details/
https://blogs.microsoft.com/blog/2024/07/20/helping-our-customers-through-the-crowdstrike-outage/
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod Youtube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Cybersecurity is full?
16 juli 2024 |
41 min
Summary
In this episode, Andy and Adam discuss a blog post titled 'Cybersecurity is Full' that challenges the hype around cybersecurity careers. They explore the saturation of the field, the value of certifications and conferences, the optional nature of cybersecurity in organizations, and the stress and challenges of the industry. They emphasize the importance of having a strong foundation in technology before pursuing a career in cybersecurity and the need for organizations to prioritize cybersecurity as an enabler for their business. They also highlight the ongoing need for cybersecurity professionals and the rewarding nature of the field.
Takeaways
-Cybersecurity careers have been hyped up in recent years, leading to a saturation of the field, especially at the entry level.
-Certification programs and conferences in cybersecurity can be expensive and may not always provide quality content or training.
-The optional nature of cybersecurity in organizations means that it can be cut when budgets are tight, but there is a minimum level of investment required.
-A strong foundation in technology and a basic understanding of concepts like TCP/IP and DNS are essential before pursuing a career in cybersecurity.
-Cybersecurity professionals need to be persuasive and able to sell the value of cybersecurity to their organizations.
-The cybersecurity industry is still growing, and professionals have the opportunity to make a difference and protect against malicious threat actors.
----------------------------------------------------
YouTube Video Link: https://youtu.be/B0roPpJKKpU
----------------------------------------------------
Documentation:
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod Youtube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Cloud Security - Defender for Servers Deep-Dive
9 juli 2024 |
35 min
In this episode of the Blue Security Podcast, Andy and Adam discuss Defender for Servers, a cloud security solution offered by Microsoft. They explain that Defender for Servers is part of the larger Defender for Cloud umbrella and is designed to protect cloud infrastructure, specifically servers. They discuss the different plans available, including Plan 1 and Plan 2, which offer varying levels of endpoint protection and vulnerability management. They also highlight the inclusion of Cloud Security Posture Management (CSPM) in both plans. The hosts emphasize the vendor-agnostic nature of Defender for Servers, which can be used in AWS, GCP, and on-premises environments.
Takeaways
-Defender for Servers is part of the larger Defender for Cloud umbrella and is designed to protect cloud infrastructure, specifically servers.
-There are two plans available for Defender for Servers: Plan 1 and Plan 2. Plan 1 offers endpoint protection, while Plan 2 includes additional features such as XDR, EDR, and regulatory compliance capabilities.
-Both Plan 1 and Plan 2 include Cloud Security Posture Management (CSPM), which provides security recommendations and secure score assessments.
-Defender for Servers is vendor-agnostic and can be used in AWS, GCP, and on-premises environments. It is available for both Windows and Linux VMs.
-Defender for Servers is priced on a consumption-based model, allowing customers to pay only for what they use.
----------------------------------------------------
YouTube Video Link: https://youtu.be/-jG2BFPS45o
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/plan-defender-for-servers-select-plan
https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-cloud-security-posture-management
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod Youtube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Recommended EOP and MDO settings
2 juli 2024 |
39 min
In this episode of the Blue Security Podcast, Andy and Adam discuss recommended settings for Exchange Online Protection (EOP) and Microsoft Defender for Office (MDO). They explain that EOP is the core security for M365 subscriptions, providing anti-malware, anti-spam, and anti-phishing protection. They also highlight the importance of the secure by default feature in EOP and the use of admin submissions to report false positives and false negatives. They caution against using methods like Outlook safe senders, IP allow listing, and allowed senders list within anti-spam policies, as these can bypass important security measures. They emphasize the need for organizations to regularly review and clean up their EOP policies to ensure effective email security.
Takeaways
-Exchange Online Protection (EOP) is the core security for M365 subscriptions, providing anti-malware, anti-spam, and anti-phishing protection.
-The secure by default feature in EOP ensures that high-confidence phishing and malware emails are blocked, regardless of any overrides or exceptions.
-Admin submissions should be used to report false positives and false negatives, allowing Microsoft to review and improve filtering rules.
-Methods like Outlook safe senders, IP allow listing, and allowed senders list within anti-spam policies can bypass important security measures and should be avoided.
-Regularly reviewing and cleaning up EOP policies is essential to maintain effective email security.
----------------------------------------------------
YouTube Video Link: https://youtu.be/guRhC1yVJYI
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/defender-office-365/secure-by-default
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod Youtube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Arlington BEC, Kaspersky Ban, Crown Equipment Cyberattack
25 juni 2024 |
38 min
In this episode, Andy and Adam discuss three cybersecurity news stories. They talk about a small town in Massachusetts that lost over $445,000 in an email scam, the Biden administration's ban on Kaspersky antivirus software, and a cyber attack on Crown Equipment, a forklift manufacturer. The main takeaways from the conversation are the importance of cybersecurity training, the need for secure remote access methods, and the impact of employee satisfaction on cybersecurity.
Takeaways
-Cybersecurity training is crucial to prevent email scams and social engineering attacks.
-Secure remote access methods should be deployed and unauthorized remote access software should be blocked.
-Employee satisfaction and trust in the company can reduce the risk of insider threats.
-Small organizations and state and local governments are vulnerable to cyber attacks and should prioritize cybersecurity measures.
----------------------------------------------------
YouTube Video Link: https://youtu.be/YdTo2kej4VQ
----------------------------------------------------
Documentation:
https://oicts.bis.gov/kaspersky/
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod Youtube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Snowflake, Findlay Auto Ransomware, Olympics
18 juni 2024 |
32 min
In this episode of the Blue Security Podcast, Andy and Adam discuss three main topics: the unauthorized user access at Snowflake, the cybersecurity issue at Finley Automotive Group, and the cyber threats surrounding the upcoming Olympics in Paris. They highlight the importance of implementing strong security controls like multi-factor authentication and regular credential rotation. They also emphasize the need for organizations to assess their data storage practices and only retain necessary customer information. The hosts discuss the challenges faced by auto dealerships in securing their outdated systems and the potential risks associated with cyber threats during major events like the Olympics.
Takeaways
-Implement strong security controls like multi-factor authentication and regular credential rotation to protect against unauthorized access.
-Assess data storage practices and only retain necessary customer information to minimize the risk of exposure in the event of a cyber attack.
-Auto dealerships face challenges in securing their outdated systems and should prioritize updating their technology infrastructure.
-Major events like the Olympics are attractive targets for cyber threats, and organizations should be vigilant in detecting and mitigating potential risks.
-Collaboration between security organizations and threat intelligence providers is crucial in monitoring and addressing cyber threats.
----------------------------------------------------
YouTube Video Link: https://youtu.be/IuVBExmLsvg
----------------------------------------------------
Documentation:
https://www.recordedfuture.com/hurdling-over-hazards-multifaceted-threats-to-the-2024-paris-olympics
---------------------------------------------------- Contact Us:
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod Youtube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Microsoft Recall update, Windows Hello Enhanced Sign-in Security
11 juni 2024 |
42 min
In this episode, Andy and Adam discuss the updates and clarifications made by Microsoft regarding the security concerns surrounding the Recall feature on Copilot Plus PCs. They highlight the changes, such as the option to proactively enable Recall during the out-of-box experience, the requirement of Windows Hello enrollment and proof of presence for accessing Recall, and the additional layers of protection, including just-in-time decryption and encrypted search index database. They also delve into the concept of Windows Hello Enhanced Sign-In Security and its benefits. The conversation emphasizes the importance of user choice and the balance between privacy and productivity.
Takeaways
-Microsoft has addressed the security concerns surrounding the Recall feature on Copilot Plus PCs by providing updates and clarifications.
-The Recall feature will be turned off by default during the out-of-box experience, giving users the choice to enable it proactively.
-Windows Hello enrollment and proof of presence are required to access Recall, ensuring authentication and physical presence.
-Additional layers of protection, such as just-in-time decryption and encrypted search index database, have been implemented to enhance security.
-Windows Hello Enhanced Sign-In Security provides an additional level of security to biometric data by leveraging specialized hardware and software components.
-The balance between privacy and productivity is important, and Microsoft allows users to choose whether to enable Recall and provides options for filtering and managing snapshots.
----------------------------------------------------
YouTube Video Link: https://youtu.be/PJhMStnm-SE
-----------------------------------------------------------
Documentation:
-----------------------------------------------------------
Contact Us:
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod Youtube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-----------------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Ticketmaster breach, Slack AI, Microsoft Recall
4 juni 2024 |
29 min
The conversation covers three primary themes: Ticketmaster data breach, Slack's data scraping, and Windows Recall feature. The Ticketmaster breach is discussed in detail, highlighting the stolen data, phishing risks, and the importance of password management. The conversation then shifts to Slack's data scraping controversy, addressing concerns about privacy and opt-in policies. Finally, the Windows Recall feature is explored, focusing on its local processing, privacy controls, and security implications.
Takeaways
-Data breaches pose significant risks, emphasizing the importance of password management and vigilance against phishing scams.
-Privacy concerns arise from data scraping practices, highlighting the need for transparent opt-in policies and user control.
-The Windows Recall feature offers advanced search capabilities but raises security considerations, emphasizing the importance of local processing and privacy controls.
----------------------------------------------------
YouTube Video Link: https://youtu.be/V9eR7lRck7k
-----------------------------------------------------------
Documentation:
https://www.securityweek.com/user-outcry-as-slack-scrapes-customer-data-for-ai-model-training/
-----------------------------------------------------------
Contact Us:
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod Youtube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-----------------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Microsoft Build Recap
28 maj 2024 |
40 min
In this episode of the Blue Security Podcast, Andy and Adam discuss the security and privacy announcements from Microsoft Build. They cover topics such as AI content safety, Copilot capabilities, security enhancements in Microsoft Edge, and new Windows security features. They also touch on the deprecation of NTLM and the introduction of Copilot Plus PCs with Qualcomm's new dev kit for Windows. Overall, the episode highlights the advancements in security and innovation in the Windows ecosystem.
Takeaways
-Microsoft announced new security and privacy features at Microsoft Build
-AI content safety enhancements were introduced to protect AI applications
-Copilot capabilities were expanded to provide information and context from knowledge in documents and files
-Microsoft Edge for Business received improvements in defense against data leaks and vulnerabilities
-New Windows security features were announced, including virtualization-based security, personal data encryption, and attestation
-NTLM deprecation is planned for the second half of 2024
-Copilot Plus PCs with Qualcomm's new dev kit offer enhanced performance and battery life
-The Windows ecosystem is experiencing a paradigm shift with innovation and competition
----------------------------------------------------
YouTube Video Link: https://youtu.be/zhn_t9X3ATQ
-----------------------------------------------------------
Documentation:
https://news.microsoft.com/build-2024-book-of-news/
-----------------------------------------------------------
Contact Us:
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod Youtube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-----------------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Entra Private Access, Endpoint Privilege Management
21 maj 2024 |
20 min
In this episode of the Blue Security Podcast, Andy and Adam discuss Microsoft Entra Private Access and Endpoint Privilege Management. Entra Private Access is a modern secure edge solution that allows remote users to access on-premise applications in a micro-segmented manner. It enables granular app segmentation, MFA, and privileged access to domain controllers for on-premise users. Endpoint Privilege Management, part of the Intune Suite, allows administrators to set policies for standard users to perform privileged actions without giving them complete local admin access. It also supports approved elevations, where users can request support approval for elevated permissions directly from the application context menu.
Takeaways
-Microsoft Entra Private Access is a modern secure edge solution for remote users to access on-premise applications in a micro-segmented manner.
-Entra Private Access enables granular app segmentation, MFA, and privileged access to domain controllers for on-premise users.
-Endpoint Privilege Management, part of the Intune Suite, allows administrators to set policies for standard users to perform privileged actions without complete local admin access.
-Endpoint Privilege Management now supports approved elevations, where users can request support approval for elevated permissions directly from the application context menu.
-----------------------------------------------------------
YouTube Video Link: https://youtu.be/ye3s2SNhqao
-----------------------------------------------------------
Documentation:
-----------------------------------------------------------
Contact Us:
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod Youtube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-----------------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
MSRC Transparency and USB Threats
14 maj 2024 |
29 min
In this episode of the Blue Security Podcast, Andy and Adam discuss two important topics: Microsoft's pledge for greater transparency in identifying and determining root causes for security vulnerabilities, and the increasing sophistication of USB malware attacks in industrial organizations. They provide insights into Microsoft's Secure Future Initiative and the importance of security in the OT and IoT networks. They also offer practical tips for strengthening USB security and data exfiltration prevention. Takeaways
-Microsoft is pledging greater transparency in identifying and determining root causes for security vulnerabilities in their products and services.
-The Secure Future Initiative aims to transform software development, implement new identity protections, and improve transparency and vulnerability responses.
-USB malware attacks in industrial organizations are increasing in sophistication, with attackers using USB devices to establish silent residency in industrial control systems.
-Organizations should strengthen USB security by blocking or allowing USB devices based on an allow list, scanning USB devices for malicious processes or files, and implementing attack surface reduction rules.
-Data exfiltration prevention is crucial, and organizations should consider implementing full disk encryption, data loss prevention (DLP) rules, and sensitivity labeling to protect sensitive data.
-Visibility and inventory of OT and IoT devices are essential for developing a security strategy, and solutions like Defender for IoT and OT can provide network-based security and inventory management.
----------------------------------------------------------- YouTube Video Link: https://youtu.be/aveWb4fjOek ----------------------------------------------------------- Documentation:
https://learn.microsoft.com/en-us/defender-endpoint/attack-surface-reduction ----------------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: [email protected] ----------------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: [email protected]
2024 Verizon Data Breach Report
7 maj 2024 |
34 min
The 17th annual Verizon Data Breach Investigation Report reveals key findings and trends in cybersecurity. The report highlights the increase in vulnerability exploitation for initial access, the continued prevalence of human error in breaches, the rise of pure extortion attacks, and the limited impact of generative AI in the cybersecurity landscape. Recommendations include implementing robust threat and vulnerability management programs, focusing on user education and data protection, and exploring the use of generative AI for defensive purposes. The report serves as a valuable resource for organizations looking to enhance their cybersecurity strategies. Takeaways -Vulnerability exploitation for initial access nearly tripled in 2023, highlighting the need for robust threat and vulnerability management programs.
-Human error remains a significant factor in most breaches, emphasizing the importance of user education and data protection measures.
-Pure extortion attacks are increasing, signaling a shift away from encryption ransomware as threat actors seek quicker and easier ways to profit.
-Generative AI has yet to make a significant impact in the cybersecurity landscape, but organizations should consider leveraging it for defensive purposes.
-The Verizon Data Breach Investigation Report provides valuable insights and recommendations for organizations looking to enhance their cybersecurity strategies.
----------------------------------------------------------- YouTube Video Link: https://youtu.be/ajqbA9zPUbA ----------------------------------------------------------- Documentation:
https://www.verizon.com/business/resources/reports/dbir/2024/summary-of-findings/ ----------------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: [email protected] ----------------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: [email protected]
Mobile Threats
30 april 2024 |
37 min
In this episode, Andy and Adam discuss the growing threat of mobile device threats. They highlight the recent mass password reset and account lockout of Apple IDs and the potential for a mobile wormable event. They explore the conditions necessary for a mobile wormable attack, including the development of zero-click exploits, the abuse of contact lists for further spread, and the lack of clear mitigations from telecommunications and mobile device companies. They also discuss the limitations of lockdown mode and the importance of endpoint protection for mobile devices.
Takeaways -Mobile devices have become ubiquitous in corporate environments and are vital for both security and operations.
-The conditions necessary for a mobile wormable attack are already in place, including the development of zero-click exploits and the abuse of contact lists for further spread.
-Lockdown mode and mobile threat detection (MTD) solutions can provide some risk mitigation for mobile devices, but they have limitations and limited visibility.
-Endpoint protection for mobile devices, including mobile device management (MDM) and MTD, should be part of an organization's risk mitigation strategy.
-Enterprises should consider implementing baseline security measures for mobile devices, such as a minimum six-digit passcode and keeping the operating system up to date.
----------------------------------------------------------- YouTube Video Link: https://youtu.be/lxWveot8AF4 ----------------------------------------------------------- Documentation:
https://www.macrumors.com/2024/04/27/apple-id-accounts-logging-out-users/
https://go.recordedfuture.com/hubfs/reports/CTA-2024-0416.pdf
https://www.wired.com/story/apple-lockdown-mode-hands-on/ ----------------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: [email protected] ----------------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: [email protected]
VDI and Shared Responsibility Model
22 april 2024 |
26 min
In this episode, Andy and Adam discuss the importance of VDI (Virtual Desktop Infrastructure) in security and enterprise architecture. They highlight the security benefits of VDI, such as separating end user environments from the underlying physical hardware, centralized management of baseline images and patches, and the ability to keep sensitive data in the data center. They also explore the shared responsibility model in cloud computing, where the cloud provider is responsible for the security of the infrastructure, but the end users are responsible for protecting their data and assets stored in the cloud.
Takeaways -VDI provides security benefits by separating end user environments from the underlying physical hardware and centralizing management of baseline images and patches.
-The shared responsibility model in cloud computing means that while the cloud provider is responsible for the security of the infrastructure, the end users are responsible for protecting their data and assets stored in the cloud.
-Understanding the shared responsibility model is crucial for security practitioners to ensure they are defending their organization's data effectively.
-Minimizing the use of IaaS and on-premises models in favor of PaaS and SaaS models can reduce the organization's security responsibilities and provide better security.
-It's important to know what you're responsible for in terms of data protection and security when using cloud services.
----------------------------------------------------------- YouTube Video Link: https://youtu.be/wdguHOGjs2Q ----------------------------------------------------------- Documentation:
https://x.com/itguysocal/status/1769052129111707877?s=46&t=wVpJpdH7u2mDZZDEtx3bMg
https://learn.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility
https://aws.amazon.com/compliance/shared-responsibility-model/
https://cloud.google.com/architecture/framework/security/shared-responsibility-shared-fate ----------------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: [email protected] ----------------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: [email protected]
Entra Follow-up, Helpdesk Security, Certifications
16 april 2024 |
34 min
In this episode, Andy and Adam clarify some points from the previous episode and discuss two main topics: mitigating social engineering attacks on IT help desks and the value of certifications in cybersecurity. They provide practical tips for securing IT help desks, such as requiring callbacks, video verifications, and supervisor verification. They also share their thoughts on certifications, highlighting the importance of experience and continuous learning over the number of certifications. They recommend certifications from AWS and Microsoft for beginners and discuss the relevance of TCP/IP knowledge in today's cybersecurity landscape.
Takeaways -Mitigate social engineering attacks on IT help desks by implementing measures such as requiring callbacks, video verifications, and supervisor verification.
-Certifications in cybersecurity can be valuable for beginners and for demonstrating knowledge and skills to employers, but they should not be the sole focus. Experience and continuous learning are more important.
-Certifications from AWS and Microsoft are cost-effective options for beginners in the field.
-TCP/IP knowledge, while important, may not be as relevant in today's cybersecurity landscape as other skills and knowledge areas.
-Adaptability and meeting employers where they are in terms of security practices are crucial in the field of cybersecurity.
----------------------------------------------------------- YouTube Video Link: https://youtu.be/BHcR7bAyMlY ----------------------------------------------------------- Documentation:
https://twitter.com/infosec_fox/status/1778404395035550105?t=wVpJpdH7u2mDZZDEtx3bMg ----------------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: [email protected] ----------------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: [email protected]
Managed Machines, E3 vs E5
9 april 2024 |
29 min
In this episode of the Blue Security Podcast, Andy Jaw and Adam Brewer discuss two main topics: the importance of managed devices for improving security posture and the bundling of security solutions in Microsoft licensing. They highlight the shift towards requiring Intune and Azure AD joined devices for improved device management and security. They also address the question of why Microsoft doesn't include more security solutions in their basic bundles, explaining the challenges of bundling and the need to compete fairly in the security market. Takeaways -Managed devices, specifically Intune and Azure AD joined devices, are crucial for improving security posture.
-Hybrid join is the bare minimum for requiring managed machines, but Intune and Azure AD compliance provide continuous device health attestation and better device risk management.
-Microsoft's licensing bundles, such as E3 and E5, do not include all security solutions because it would raise prices and not all customers need or want those solutions.
-Microsoft aims to compete fairly in the security market and offers value in their licensing options, with E5 being the most comprehensive and cost-effective solution.
-Customers have the flexibility to choose third-party security solutions and integrate them with Microsoft's offerings.
----------------------------------------------------------- YouTube Video Link: https://youtu.be/Fv5yns0olmU ----------------------------------------------------------- Documentation:
https://learn.microsoft.com/en-us/autopilot/windows-autopilot-hybridhttps://techcommunity.microsoft.com/t5/manufacturing/getting-started-with-an-intune-device-management-poc/ba-p/2703678
https://www.techrepublic.com/article/microsoft-teams-unbundle-office-eu-probe/ ----------------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: [email protected] ----------------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: [email protected]
Teams External User Phishing
2 april 2024 |
36 min
This episode of the Blue Security Podcast discusses the issue of finding logs for chats between external and internal users in Microsoft Teams. The hosts explore various methods for detecting and alerting on suspicious chats, including using KQL queries, creating workbooks, and leveraging communication compliance features. They also highlight the connection between Teams, Exchange Online, and SharePoint, and the importance of protecting against malicious links and educating users about phishing threats. The episode concludes with a discussion on the significance of single sign-on configuration and the need for a holistic approach to security. Takeaways -Implementing KQL queries and workbooks can help detect and analyze logs for chats in Teams -Communication compliance features can be used to detect insider risks and inappropriate behavior in chats. -Protecting against malicious links and educating users about phishing threats are crucial for maintaining security in Teams. -Configuring single sign-on and requiring managed machines can enhance security and prevent credential theft. ----------------------------------------------------------- YouTube Video Link: https://youtu.be/y4EEhkw7EpA ----------------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/mdo-support-teams-about?view=o365-worldwide https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/safe-links-about?view=o365-worldwide#safe-links-settings-for-microsoft-teams https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/safe-attachments-for-spo-odfb-teams-about?view=o365-worldwide https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulation-training-teams?view=o365-worldwide ----------------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: [email protected] ----------------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: [email protected]
Midnight Blizzard Update, CISO Technical Skills, BEC + Automatic Attack Disruption
26 mars 2024 |
31 min
This episode covers updates on the Midnight Blizzard attack, the role of CISOs and their technical expertise, the need for international standards in cyber warfare, and defending against business email compromise.
Takeaways
-Microsoft provides an update on the Midnight Blizzard attack, revealing attempts to gain unauthorized access to internal systems.
-The technical expertise of CISOs is important, but they don't need to be deeply technical. Understanding the solutions, threats, and being able to explain them is crucial.
-Cyber warfare is a serious issue, and there is a need for international standards to define appropriate targets for attacks.
-Microsoft demonstrates how their ecosystem defends against business email compromise using automatic attack disruption.
-----------------------------------------------------------
YouTube Video Link: https://youtu.be/SQGJT2qLLms
-----------------------------------------------------------
Documentation:
https://msrc.microsoft.com/blog/2024/03/update-on-microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/
https://www.sec.gov/edgar/browse/?CIK=789019&owner=exclude
https://www.youtube.com/watch?v=GnEGWzfxU8c
-----------------------------------------------------------
Contact Us:
-----------------------------------------------------------
Andy Jaw
-----------------------------------------------------------
Adam Brewer
Email: [email protected]
Microsoft Secure Recap
19 mars 2024 |
44 min
This episode of the Blue Security Podcast covers the announcements made at Microsoft Secure, focusing on Microsoft Copilot for Security, Microsoft Security Exposure Management, and updates to Microsoft Purview and Intune. The episode also highlights the integration of Copilot with Intune and the economic study that demonstrates the increased efficiency and accuracy of security analysts when using Copilot. Overall, the announcements showcase the advancements in Microsoft's security offerings and the value they bring to organizations.
Takeaways
-Microsoft Copilot for Security is a powerful tool that provides security analysts with AI-driven assistance in incident analysis, policy management, and more.
-The licensing model for Copilot for Security is consumption-based, allowing organizations to use it as much as needed without overwhelming costs.
-Microsoft Security Exposure Management offers a comprehensive threat exposure management process, integrating various security solutions and providing insights to mitigate risks.
-The integration of Copilot with Intune enables administrators to easily understand and manage policy settings, security impact, and more.
-----------------------------------------------------------
Youtube Video Link: https://youtu.be/8CH_OasAo0Q
-----------------------------------------------------------
Documentation:
-----------------------------------------------------------
Contact Us:
-----------------------------------------------------------
Andy Jaw
-----------------------------------------------------------
Adam Brewer
Email: [email protected]
FBI Internet Crimes Report and BEC Protection
12 mars 2024 |
25 min
In this episode, the hosts discuss the FBI's 2023 internet crime report, focusing on the increase in money lost to internet crimes and the age group most vulnerable to cybercrime. They then delve into the topic of business email compromise (BEC), explaining how scammers use email to trick individuals and businesses into giving money or divulging confidential information. The hosts provide tips for protecting against BEC, including using secure email gateways, implementing multi-factor authentication, and educating employees about phishing red flags. They also emphasize the importance of reporting BEC incidents to law enforcement and treating these crimes seriously.
Takeaways
-The FBI's 2023 internet crime report revealed an increase in money lost to internet crimes and highlighted the vulnerability of older adults to cybercrime.
-Business email compromise (BEC) is a type of cybercrime where scammers use email to trick individuals and businesses into giving money or confidential information.
-Protecting against BEC involves using secure email gateways, implementing multi-factor authentication, and educating employees about phishing red flags.
-Reporting BEC incidents to law enforcement, such as the FBI, is crucial for recouping losses and cracking down on cybercrime.
-----------------------------------------------------------
Youtube Video Link: https://youtu.be/_GpyjmLDX8g
-----------------------------------------------------------
Documentation:
https://www.ic3.gov/Media/PDF/AnnualReport/2023_IC3Report.pdf
-----------------------------------------------------------
Contact Us:
-----------------------------------------------------------
Andy Jaw
-----------------------------------------------------------
Adam Brewer
Email: [email protected]
Application Allow Listing, iMessage Post Quantum
5 mars 2024 |
32 min
Summary
In this episode, Andy and Adam discuss the concept of application allow listing and the controversy surrounding the removal of Wireshark from company computers. They also delve into the announcement by Apple that iMessage is moving to post-quantum level 3 encryption, making it one of the most secure messaging apps available. The hosts highlight the importance of communication and risk assessment in the field of information security. They also emphasize the need for organizations to have backup communication plans during incidents. The episode concludes with a discussion on the future of post-quantum encryption and its potential impact on the industry.
Takeaways
-Application allow listing allows organizations to control the software installed on company assets for security and productivity purposes.
-InfoSec teams have the right to evaluate and remove applications with high vulnerabilities or CVEs, but there should be an exception process for legitimate business needs.
-Apple's announcement of iMessage moving to post-quantum level 3 encryption highlights the importance of quantum-resistant encryption in the face of future threats.
-iMessage's widespread use in the United States makes its security upgrades significant for communication privacy.
-The implementation of post-quantum encryption at scale by Apple sets a precedent for the industry and may lead to broader adoption of quantum-resistant encryption methods.
-------------------------------------------
Youtube Video Link: https://youtu.be/mN9DFPPDgYI
-------------------------------------------
Documentation:
https://twitter.com/crisisofconsc/status/1758129747538702481
https://x.com/FrankMcG/status/1758948906740633946?s=20
https://security.apple.com/blog/imessage-pq3/
https://signal.org/blog/pqxdh/
----------------------
Contact Us:
-------------------------------------------
Andy Jaw
-------------------------------------------
Adam Brewer
Email: [email protected]
Edge Password Vault, SSO, Domain Admin Creds
27 februari 2024 |
35 min
Summary
In this episode, the hosts discuss the Edge password vault and its pros and cons. They highlight the ability to sync passwords to an enterprise ID and the encryption of passwords on the disk. However, they also mention limitations such as the lack of MFA support and the inability to share passwords. The conversation then shifts to best practices for IT admins, including the separation of roles and credentials and the use of password managers. The hosts also emphasize the importance of implementing single sign-on and federating SaaS apps to improve security.
Takeaways
-The Edge password vault offers convenient password syncing to an enterprise ID and encryption of passwords on the disk.
-However, it lacks features such as MFA support and password sharing, making it less suitable for enterprise use.
-IT admins should separate roles and credentials, implement single sign-on, and federate SaaS apps to improve security.
-Password expiration policies should be reevaluated, as it is no longer necessary to change passwords every 90 days.
-------------------------------------------
Youtube Video Link: https://youtu.be/YLIUq5soGhs
-------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/deployedge/microsoft-edge-security-password-manager-security
https://learn.microsoft.com/en-us/entra/identity/users/users-sharing-accounts
https://twitter.com/thetomzone/status/1760833981904228508?t=wVpJpdH7u2mDZZDEtx3bMg
https://twitter.com/techspence/status/1761034174331535802?t=wVpJpdH7u2mDZZDEtx3bMg
----------------------
Contact Us:
-------------------------------------------
Andy Jaw
-------------------------------------------
Adam Brewer
Email: [email protected]
Bitlocker Bypass and USAF Re-org
20 februari 2024 |
32 min
In this episode, Andy and Adam discuss a video demonstrating how to bypass BitLocker encryption and the mitigations that can be implemented to protect against such attacks. They emphasize the importance of information protection and how it can enhance data security. Additionally, they highlight the reorganization of the US Air Force Cyber Command, which reflects the growing significance of cybersecurity in national defense.
Takeaways
- Implementing mitigations such as enabling a pre-boot pin and disabling power management features can help protect against BitLocker bypass attacks.
-Information protection, including data classification, labeling, and encryption, can provide an additional layer of security for sensitive files.
-The reorganization of the US Air Force Cyber Command demonstrates the increasing importance of cybersecurity in national defense.
-Organizations should consider the placement and influence of their cybersecurity leaders to ensure that cybersecurity is prioritized and integrated into the overall organization.
-------------------------------------------
Youtube Video Link: https://youtu.be/6JmcKgNwfsE
-------------------------------------------
Documentation:
https://www.youtube.com/watch?v=wTl4vEednkQ
https://www.techspot.com/news/101792-microsoft-bitlocker-encryption-can-cracked-43-seconds-4.html
https://www.makeuseof.com/amd-ftpm-intel-ppt/
----------------------
Contact Us:
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
-------------------------------------------
Adam Brewer
Email: [email protected]
Microsoft Sentinel Deep-Dive with Henrik Wojcik
13 februari 2024 |
48 min
Summary
In this episode, Henrik Wojcik, a Microsoft MVP, joins the hosts to discuss Microsoft Sentinel and provide a deep dive into its deployment and usage. They cover topics such as data residency and compliance considerations, separating operational logs and security logs, connectors for data ingestion, analytics rules and alert fatigue, scheduled queries and user and entity behavior analytics (UEBA), playbooks and automation, workbooks and data visualization, and advanced hunting with KQL queries.
Takeaways
- Consider data residency and compliance requirements when deploying Microsoft Sentinel.
- Separate operational logs and security logs to optimize cost and focus on relevant data.
- Use connectors to ingest data from various sources into Microsoft Sentinel.
- Tune analytics rules to avoid alert fatigue and focus on valuable alerts.
- Utilize scheduled queries and UEBA to identify suspicious behavior and automate investigations.
- Leverage playbooks and automation to streamline incident response and reduce manual effort.
- Create workbooks for data visualization and customize them to display relevant information.
- Explore advanced hunting with KQL queries to proactively search for threats and investigate incidents.
-------------------------------------------
Youtube Video Link: https://youtu.be/n9dDfmX-A9Q
-------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/sentinel/data-connectors-reference
https://learn.microsoft.com/en-us/azure/sentinel/create-custom-connector
Henrik Wojcik:
https://www.linkedin.com/in/henrikfrandswojcik/
https://twitter.com/henrikwojcik
----------------------
Contact Us:
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
-------------------------------------------
Adam Brewer
Email: [email protected]
Cloudflare Hacked, Intune Suite, Apple Stolen Device Protection
6 februari 2024 |
32 min
Summary
In this episode, the hosts discuss the Cloudflare and Okta breach, the response and remediation efforts, the introduction of the Intune Suite, and the new stolen device protection feature on the iPhone.
Takeaways
- Nation-state attackers have unlimited time to find weaknesses and exploit them, highlighting the asymmetrical nature of cybersecurity.
- Cloudflare's response and remediation efforts, including re-imaging and rebooting all systems on their global network, were impressive.
- The Intune Suite offers enterprise application management, advanced analytics, and cloud PKI, providing valuable tools for device management.
- The stolen device protection feature on the iPhone adds an extra layer of security by requiring biometric authentication for critical changes when the device is away from a familiar location.
-------------------------------------------
Youtube Video Link: https://youtu.be/n9dDfmX-A9Q
-------------------------------------------
Documentation:
https://blog.cloudflare.com/thanksgiving-2023-security-incident
https://support.apple.com/en-us/HT212510
----------------------
Contact Us:
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
-------------------------------------------
Adam Brewer
Email: [email protected]
Midnight Blizzard Attack on Microsoft
30 januari 2024 |
29 min
Summary
In this episode, the hosts discuss the midnight blizzard attack on Microsoft and the lessons that can be learned from it. They cover topics such as learning from security incidents at other organizations, the details of the attack, OAuth attacks, and OAuth security recommendations. The hosts emphasize the importance of auditing privileges, reviewing OAuth applications, and implementing strong security measures to prevent similar attacks. They also highlight the need for organizations to move faster and be more proactive in their cybersecurity efforts.
Takeaways
- Learn from security incidents at other organizations to make your own organization safer.
- Audit the privileges of all identities in your organization and review OAuth applications.
- Implement strong security measures, such as disabling user consent to apps and using conditional access.
- Move faster and be more proactive in your cybersecurity efforts.
-------------------------------------------
Youtube Video Link:
-------------------------------------------
Documentation:
----------------------
Contact Us:
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
-------------------------------------------
Adam Brewer
Email: [email protected]
X accounts hacked, 23andMe revisited, CA for Entitlement Management
23 januari 2024 |
31 min
Summary
This episode of the Blue Security Podcast discusses the recent Twitter account hacks and the importance of multifactor authentication (MFA) in protecting social media accounts. The hosts also explore the lessons learned from 23andMe's credential stuffing attack and emphasize the need for MFA in handling sensitive customer information. They introduce a new feature called entitlement management in conditional access, which allows for more granular control over guest access. The episode concludes with a discussion on streamlining guest access through entitlement management.
Takeaways
- Enable multifactor authentication (MFA) to protect social media accounts from brute force attacks and unauthorized access.
- Use tools that aggregate social media accounts into one platform and enable single sign-on (SSO) with MFA.
- Regularly review and update social media account access and permissions, removing phone numbers associated with accounts and storing passwords and MFA tokens in a secure password vault.
- Consider using entitlement management in conditional access to streamline and govern guest access to applications and resources.
-------------------------------------------
Youtube Video Link: https://youtu.be/0pwV2Mn-l_4
-------------------------------------------
Documentation:
https://thehackernews.com/2024/01/mandiants-x-account-was-hacked-using.html
----------------------
Contact Us:
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
-------------------------------------------
Adam Brewer
Email: [email protected]
Entra Join is the way
16 januari 2024 |
43 min
In this episode, Andy and Adam discuss the transition from hybrid join to cloud native Entra Join for device management. They explain the difference between device identity and device management and how they can be managed separately. They address concerns about GPOs and highlight the importance of reevaluating device management strategies. They also discuss accessing on-premises resources, overcoming Wi-Fi authentication challenges, and the shift away from gold images. The episode concludes with a discussion on Autopilot and the gradual transition to Entra Join. Takeaways -Device identity and device management can be managed separately, allowing organizations to transition to cloud native -Entra Join without changing their device management tools. -GPOs can be migrated to Intune using the Group Policy Analyzer, and custom ADMX profiles can be created to replicate GPO settings. -Organizations should reevaluate their device management strategies and consider lighter touch management approaches that align with modern IT practices. -Accessing on-premises resources with cloud native devices is possible through network connectivity, DNS resolution, and authorized user credentials. -Wi-Fi authentication challenges can be overcome by using pre-shared keys or transitioning to modern authentication methods. -The transition to Entra Join can be done gradually, starting with information workers and frontline workers, and leaving specialized environments for later. -------------------------------------------
Youtube Video Link: https://youtu.be/2BNAYJcxCJI
-------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/autopilot/windows-autopilot-hybrid
https://learn.microsoft.com/en-us/entra/identity/devices/device-sso-to-on-premises-resources
https://learn.microsoft.com/en-us/mem/intune/configuration/group-policy-analytics
----------------------
Contact Us:
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
Email: [email protected]
-------------------------------------------
Adam Brewer
Email: [email protected]
Entra improvements, QR Code phishing, AppGuard deprecated
9 januari 2024 |
33 min
In this episode, Andy and Adam discuss updates to the Microsoft Authenticator app, including its phish-resistant capabilities and FIPS compliance. They also highlight the rise of QR code phishing and provide tips on protecting users from this type of attack. Additionally, they discuss the deprecation of Application Guard and the Evaluation Lab in the Microsoft Security Stack. Takeaways -The Microsoft Authenticator app is becoming phish-resistant and will support device-bound passkeys, providing a more secure authentication method. -QR code phishing is on the rise, and users should exercise caution when scanning unfamiliar QR codes. -Educating users and conducting phishing training campaigns can help mitigate the risk of QR code phishing. -Application Guard and the Evaluation Lab in the Microsoft Security Stack are being deprecated, and organizations should explore alternative solutions for sandboxed browsing and evaluation environments. -------------------------------------------
Youtube Video Link: https://youtu.be/24KccYCGR-o
-------------------------------------------
Documentation:
----------------------
Contact Us:
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
Email: [email protected]
-------------------------------------------
Adam Brewer
Email: [email protected]
Common PIM mistakes
1 januari 2024 |
30 min
In this episode, the hosts discuss Privileged Identity Management (PIM) and common misconceptions and mistakes related to its configuration. They cover topics such as configuring MFA in PIM, different MFA experiences, mitigations for MFA in PIM, authentication context in PIM, requiring approval to activate roles in PIM, considerations for role activation, mitigating role lockout, and using PIM for non-Microsoft apps. They also highlight the ability to use PIM for non-Azure resources, expanding its functionality beyond traditional Azure roles. Takeaways Privileged Identity Management (PIM) allows for just-in-time activation of privileged roles. Configuring MFA in PIM can have different experiences depending on the authentication method used. Mitigations for MFA in PIM include setting a lower sign-in frequency and not allowing persistent sessions. Authentication context in PIM allows for additional conditional access policies to be applied after authentication. Requiring approval to activate roles in PIM can help ensure proper oversight and control. Mitigating role lockout in PIM involves having a break glass account for emergency access. PIM can be used for non-Microsoft apps, allowing for just-in-time elevation of privileges. Expanding PIM to non-Azure resources opens up new possibilities for managing privileged access. -------------------------------------------
Youtube Video Link: https://youtu.be/uagtZ4KyB8k
-------------------------------------------
Documentation:
https://campbell.scot/pim-common-microsoft-365-security-mistakes-series/
----------------------
Contact Us:
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
Email: [email protected]
-------------------------------------------
Adam Brewer
Email: [email protected]
Microsoft Digital Defense Report 2023
25 december 2023 |
54 min
Microsoft's Digital Defense Report for 2023 provides insights into the state of cybercrime, critical cybersecurity challenges, and the importance of IoT and OT security. The report highlights Microsoft's investment in security research and innovation, as well as the need for partnerships and collaboration in the cybersecurity community. Key takeaways include the importance of multi-factor authentication, zero trust principles, and vulnerability management. The report also emphasizes the need for comprehensive OT patch management systems and the use of AI-powered security tools and large language models. In this conversation, Adam Brewer and Andy Jaw discuss the capabilities of large language models (LLMs) and their potential applications in cybersecurity. They highlight how LLMs can synthesize and understand human language, making them valuable tools for security analysts. The conversation also touches on the importance of the Digital Defense Report, which provides comprehensive insights into cybercrime and IoT/OT security. The hosts encourage listeners to explore the report for a deeper understanding of the current threat landscape. The episode concludes with closing remarks and well wishes for the holiday season. Takeaways * Invest in multi-factor authentication and zero trust principles for enhanced security. * Implement robust network monitoring and vulnerability management for IoT and OT devices. * Maintain comprehensive OT patch management systems to mitigate risks. * Utilize AI-powered security tools and large language models for threat intelligence and incident response. -------------------------------------------
Youtube Video Link: https://youtu.be/dZtD3dspMLA
-------------------------------------------
Documentation:
https://www.microsoft.com/en-us/security/security-insider/microsoft-digital-defense-report-2023
----------------------
Contact Us:
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
Email: [email protected]
-------------------------------------------
Adam Brewer
Email: [email protected]
Audits and Data/AI Security with Special Guests Carley Salmon and Megan Maley
18 december 2023 |
59 min
On this episode, Adam and Andy talk with Carley and Megan, about compliance, auditing, and data protection in the cybersecurity industry. They emphasize the importance of understanding compliance frameworks and preparing for audits with the help of partners or consultants. They also highlight the need for continuous monitoring and a shift away from checkbox security. The conversation touches on the challenges of interpreting controls and the potential for risk acceptance. The experts discuss the impact of AI and large language models on data protection and provide insights into the remediation process after failing an audit. The conversation explores the implications of using Copilot and large language models in terms of sensitive information and data protection. It emphasizes the importance of identifying and protecting sensitive data to prevent unintentional exposure. The discussion also highlights the role of data governance and Microsoft Purview in managing and classifying data. Additionally, the integration of sensitivity labels and rights management is discussed as a way to ensure data protection. The conversation concludes with a recommendation to check out the podcast 'Cocktails and SOC Tales' hosted by Carley Salmon and Megan Maley. -------------------------------------------
Youtube Video Link: https://youtu.be/vWKA8-sib4s
-------------------------------------------
Documentation:
Carley Salmon: https://www.linkedin.com/in/carley-s-9abb24241/
Megan Maley: https://www.linkedin.com/in/megan-maley/
Cocktails and SOC Tails Podcast: https://www.youtube.com/@cocktailssoctales
----------------------
Contact Us:
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
Email: [email protected]
-------------------------------------------
Adam Brewer
Email: [email protected]
CNAPP - Defender for Cloud Overview
11 december 2023 |
34 min
This episode of the Blue Security Podcast discusses the Cloud Native Application Protection Platform (CNAPP) and Microsoft's Defender for Cloud. The hosts provide an overview of CNAPP and its various components, including DevSecOps, security posture management, and cloud workload protection platform. They highlight the ease of deployment and the pay-as-you-go pricing model of Defender for Cloud. The episode also covers the integration of Sentinel and M365 Defender into the Defender Security Center. The hosts emphasize the importance of protecting cloud infrastructure and recommend enabling Defender for Cloud by default. -------------------------------------------
Youtube Video Link: https://youtu.be/de6YvMsJAzQ
-------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-cloud-introduction
https://learn.microsoft.com/en-us/entra/permissions-management/overview
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-introduction
https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
Email: [email protected]
MeridianLink extortion, Plastic Surgery office breached, AI voice clones
4 december 2023 |
34 min
On this week's episode, Adam and Andy talk about a ransomware gang making an SEC complaint against their victim, a medical office breach, and AI voice clones.
-------------------------------------------
Youtube Video Link: https://youtu.be/iGgp8SurXM8
-------------------------------------------
Documentation:
https://x.com/racheltobac/status/1725943979248910603?s=46&t=wVpJpdH7u2mDZZDEtx3bMg
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
Microsoft Ignite 2023 - Part 2
4 december 2023 |
50 min
On this week's episode, Adam and Andy talk about more things on security from Microsoft Ignite. From canary capabilities in MDE to Automatic Conditional Access Policies, there are a TON of really amazing announcements. Tune in to hear the 2nd half of Ignite news!
-------------------------------------------
Youtube Video Link: https://youtu.be/Pl010QG_n5I
-------------------------------------------
Documentation:
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
Microsoft Ignite 2023 - Part 1
20 november 2023 |
41 min
On this week's episode, Adam and Andy talk about all the security announcements from Microsoft Ignite 2023. There were SO many that this will be part 1 with another episode being released in the following week. Listen in to some of the amazing advancements with Copilot, generative AI, and security within the Microsoft portfolio!
-------------------------------------------
Youtube Video Link: https://youtu.be/wXIJJhNv-pI
-------------------------------------------
Documentation:
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
Okta Breach Follow-up and Passkeys
13 november 2023 |
37 min
On this week's episode, Andy and Adam talk about the follow up investigation from Okta about their support system breach along with some lessons that listeners can take away. They also talk about passkeys going mainstream and what that means for the future of passwordless.
-------------------------------------------
Youtube Video Link: https://youtu.be/5Cz07OKHAII
-------------------------------------------
Documentation:
https://support.google.com/chrome/a/answer/12129062?hl=en
https://support.google.com/chrome/a/answer/9116814?hl=en
https://www.washingtonpost.com/technology/2023/10/18/passkeys-explained-google/
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
SEC charges Solarwinds CISO & Backing up and Archiving M365 data
12 november 2023 |
36 min
On this week's episode, Andy and Adam talk about the SEC charging the Solarwinds CISO with fraud and the implications on the overall security leadership community. They also talk about some questions that came up about backing up and restoring M365 data and a new capability coming out in public preview very soon!
-------------------------------------------
Youtube Video Link: https://youtu.be/1FIZOQMXZBg
-------------------------------------------
Documentation:
https://www.sec.gov/news/press-release/2023-227
Monitoring M365 group/Teams deletion
https://office365itpros.com/2020/01/29/report-the-deletion-of-teams/
https://petri.com/office-365-alert-policies-automate-audit-monitoring
Privileged access deployment
M365 Backup and Archive
https://adoption.microsoft.com/en-us/syntex/manage/
Microsoft Trust Center - Data Resiliency
https://www.microsoft.com/en-us/trust-center/privacy#defending_your_data
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
23andMe, Okta breach, MDE Automatic Attack Disruption
30 oktober 2023 |
34 min
On this week's episode, Andy and Adam talk about the 23andMe and Okta breach that happened recently along with some recommendations on how organizations can try and prevent similar attacks in the future. They also talk about a revolutionary new feature in Microsoft Defender for Endpoint called Automatic Attack Disruption. They talk about how it works and how organizations can take advantage of it even if MDE is not your incumbent or primary EDR/XDR.
-------------------------------------------
Youtube Video Link: https://youtu.be/2gUn1ZszQ-w
-------------------------------------------
Documentation:
https://techcrunch.com/2023/10/10/23andme-resets-user-passwords-after-genetic-data-posted-online/
https://www.wired.com/story/okta-support-system-breach-disclosure/
https://blog.1password.com/files/okta-incident/okta-incident-report.pdf
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Entra Web-sign in, MDE Device Control, Imposter Syndrome
23 oktober 2023 |
22 min
On this week's episode, Andy and Adam talk about some new features with Entra Web Sign-in and Microsoft Defender for Endpoint Device Control. They also talk about what every infosec professional goes through: imposter syndrome.
-------------------------------------------
Youtube Video Link: https://youtu.be/AiU8tjl_oPA
-------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/windows/security/identity-protection/web-sign-in/?tabs=intune
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Conditional Access Gap Analysis
19 oktober 2023 |
27 min
On this week's episode, Andy and Adam talk about how to think about your conditional access policy design to avoid some common gaps that attackers can take advantage of.
-------------------------------------------
Youtube Video Link: https://youtu.be/ULO9oRqJaV4
-------------------------------------------
Documentation:
https://danielchronlund.com/2022/01/07/the-attackers-guide-to-azure-ad-conditional-access/
https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/workbook-mfa-gaps
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Linkedin: https://www.linkedin.com/company/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Unpopular Cybersecurity Opinions
9 oktober 2023 |
34 min
On this week's episode, Andy and Adam talk about a fun Twitter/X thread where cybersecurity professionals expressed some "unpopular opinions."
-------------------------------------------
Youtube Video Link: https://youtu.be/qEV3zbskXX8
-------------------------------------------
Documentation:
https://x.com/merill/status/1700615539452965327?s=20
https://x.com/wdormann/status/1702800210072670299?s=20
https://x.com/IBRice101/status/1704091544544842022?s=20
https://x.com/BrianHaugli/status/1702826263381942732?s=20
https://x.com/hakluke/status/1700336119630737459?s=20
https://x.com/wbm312/status/1700299133704339824?s=20
https://x.com/leandroqm/status/1701233575809466802?s=20
https://x.com/divinetechygirl/status/1700093520264954343?s=20
https://x.com/thegrugq/status/1700904930507387059?s=20
https://x.com/MalwareJake/status/1700491310396744092?s=20
https://x.com/xNymia/status/1700268632386007426?s=20
https://x.com/MalwareJake/status/1700107980581089714?s=20
https://x.com/dcuthbert/status/1700575515797553319?s=20
https://x.com/Northvein/status/1700957500244103276?s=20
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
JCI Ransomware, Ransomware Negotiations, CISA guidance
2 oktober 2023 |
27 min
On this week's episode, Andy and Adam talk about Johnson Controls' ransomware attack and some implications on national security. They also talk about some lessons learned from ransomware negotiations and CISA's new campaign, Secure Your World.
-------------------------------------------
Youtube Video Link: https://youtu.be/bslx3jol8tg
-------------------------------------------
Documentation:
https://www.cnn.com/2023/09/28/politics/dhs-investigating-ransomware-attack/index.html
https://www.cisa.gov/secure-our-world
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
MITRE Engenuity ATT&CK Evaluations and Insider Risk
26 september 2023 |
24 min
On this week's episode, Andy and Adam talk about the results of the MITRE Engenuity ATT&CK Evaluations and how to interpret them. They also talk about the rising costs of insider risk and some things you can do to combat insider risk.
-------------------------------------------
Youtube Video Link: https://youtu.be/FF1ZD73X5nA
-------------------------------------------
Documentation:
https://attackevals.mitre-engenuity.org/enterprise/turla/
https://twitter.com/FrankMcG/status/1702155374386692107?s=20
https://www.csoonline.com/article/652964/insider-risks-are-getting-increasingly-costly.html
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
MGM Resorts Security Incident
18 september 2023 |
36 min
On this week's episode, Andy and Adam talk about the security incident impacting MGM Resorts. They discuss the attack vector of social engineering and ways that you can help protect your helpdesk and users from this type of attack.
-------------------------------------------
Youtube Video Link: https://youtu.be/2UvrVA7u4VA
-------------------------------------------
Documentation:
https://www.vox.com/technology/2023/9/15/23875113/mgm-hack-casino-vishing-cybersecurity-ransomware
https://sec.okta.com/articles/2023/08/cross-tenant-impersonation-prevention-and-detection
https://twitter.com/RachelTobac/status/1701801025940971792?s=20
https://twitter.com/Jhaddix/status/1702154228037488928?s=20
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Apple 0-day's, Storm-0558 follow up, MFST Conditional Access Dashboard
11 september 2023 |
34 min
On this week's episode, Andy and Adam talk about Apple's no-click zero day, the technical findings of the follow up investigation on Storm-0558, and the new Microsoft Conditional Access Dashboard and Templates.
-------------------------------------------
Youtube Video Link: https://youtu.be/BmHqNkQQx8I
-------------------------------------------
Documentation:
https://support.apple.com/en-ca/HT212650
https://learn.microsoft.com/en-us/azure/active-directory/roles/delegate-by-task
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Data Security in Microsoft 365
4 september 2023 |
34 min
On this week's episode, Andy and Adam talk about data security in Microsoft 365. They talk about data discovery, data classification, and some of the tools like sensitivity and retention labels to help keep your data security within M365.
-------------------------------------------
Youtube Video Link: https://youtu.be/rZErX9s03zM
-------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/purview/plan-for-security-and-compliance
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Side channel attack, White House cybersecurity workforce plan, IBM Cost of a Data Breach
28 augusti 2023 |
40 min
On this week's episode, Andy and Adam catch up some worthy infosec news including a new side channel attack, the White House cybersecurity workforce plan, and IBM's Cost of a Data Breach report.
-------------------------------------------
Youtube Video Link: https://youtu.be/CkQ19CGiEeE
-------------------------------------------
Documentation:
https://www.whitehouse.gov/wp-content/uploads/2023/07/NCWES-2023.07.31.pdf
https://www.ibm.com/downloads/cas/E3G5JMBP
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Red Teaming with Special Guest 23P
21 augusti 2023 |
38 min
On this week's episode, Andy and Adam talk with Michael Belton and Dave Falkenstein from 23p, a Madison, Wisconsin based red-teaming company about pentesting, purple teaming, and start out in red-teaming.
-------------------------------------------
Youtube Video Link: https://youtu.be/msWQ0mH-fUQ
-------------------------------------------
Documentation:
http://www.23p.com/s/23p-BlueSecurityPodcast-InfamousDefaults.pdf
Michael Belton
Email: [email protected]
Linkedin: https://www.linkedin.com/in/michael-belton/
Dave Falkenstein
Email: [email protected]
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Securing Entra External Identities
14 augusti 2023 |
27 min
On this week's episode, Andy and Adam talk about securing Entra external identities. They talk about B2B and B2C as well as a few other lesser known features of external identities like direct connect and multi-tenant synchronization.
-------------------------------------------
Youtube Video Link: https://youtu.be/V1_RIGQKUYI
-------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/active-directory-b2c/supported-azure-ad-features
https://learn.microsoft.com/en-us/azure/active-directory-b2c/security-architecture
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Educating Defenders with Special Guest Howard Friedman, Ascent Solutions
7 augusti 2023 |
40 min
On this week's episode, Andy and Adam welcome guest Howard Friedman of Ascent Solutions to the program. Howard helps educate our audience of security defenders on the why, when, and how to engage with partners.
-------------------------------------------
Youtube Video Link: https://youtu.be/Q3GgxefbbnQ
-------------------------------------------
Documentation:
https://partner.microsoft.com/en-my/community/my-partner-hub/intelligent-cloud/funding
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
New SEC and FCC rules, and Samsung device security
31 juli 2023 |
26 min
On this week's episode, Adam and Andy talk about some new SEC and FCC rules as well as some news on Samsung device security.
-------------------------------------------
Youtube Video Link: https://youtu.be/_N7WBSuDW9s
-------------------------------------------
Documentation:
https://www.sec.gov/news/press-release/2023-139https://www.theverge.com/2023/7/11/23791183/fcc-sim-swapping-port-out-phone-hijacking-security-protectionhttps://www.usatoday.com/story/news/politics/2023/07/18/logo-smart-devices-cyberattack/70421303007/https://samsungmobilepress.com/press-releases/samsung-and-microsoft-unveil-first-on-device-attestation-solution-for-enterprise/
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Threads: https://www.threads.net/@bluesecuritypodcast
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Expanded M365 audit logs, Threads, new Entra features
24 juli 2023 |
30 min
On this week's episode, Adam and Andy follow up on Storm-0558 and how Microsoft is expanding cloud logging as a result of the threat actor. They also chat about Threads, Meta's new Twitter clone, and some new Entra features that will help orgs be more secure.
-------------------------------------------
Youtube Video Link: https://youtu.be/6NGvpcxrWC0
-------------------------------------------
Documentation: https://www.microsoft.com/en-us/security/blog/2023/07/19/expanding-cloud-logging-to-give-customers-deeper-security-visibility/
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Storm-0558 - Attack on Exchange Online
17 juli 2023 |
25 min
On this week's episode, Adam and Andy talk Storm-0558, the China-based actor, that compromised Exchange Online. They go through the attack chain and CISA's guidance on how you can better protect your organization going forword.
-------------------------------------------
Youtube Video Link: https://youtu.be/N7dRPCCU25A
-------------------------------------------
Documentation: https://blogs.microsoft.com/on-the-issues/2023/07/11/mitigation-china-based-threat-actor/
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-193a
https://learn.microsoft.com/en-us/compliance/assurance/assurance-audit-logging
https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-premium?view=o365-worldwide
https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-log-search?view=o365-worldwide
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Common M365 Misconfigurations
10 juli 2023 |
26 min
On this week's episode, Adam and Andy talk through Trimarc Security's blog on M365 security misconfigurations. Surprisingly, there are a few that are still being seen through security assessments like missing MFA and legacy authentication. Listen in to hear the top misconfigurations for M365!
-------------------------------------------
Youtube Video Link: https://youtu.be/30luEGO-N7E
-------------------------------------------
Documentation: https://www.hub.trimarcsecurity.com/post/common-azure-ad-microsoft-365-m365-security-misconfigurations
https://learn.microsoft.com/en-us/azure/active-directory/roles/security-emergency-access
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
What's new with Intune and Entra
3 juli 2023 |
25 min
On this week's episode, Adam and Andy talk about some new features in Intune and Entra. There are some great features that are in public preview and general availability that admins should be aware of like MAM for Windows and Authentication Strengths.
-------------------------------------------
Youtube Video Link: https://youtu.be/gssZWlnP3to
-------------------------------------------
Documentation: https://learn.microsoft.com/en-us/mem/intune/fundamentals/whats-new#week-of-june-19-2023-service-release-2306
https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/whats-new
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
OWASP Top 10 and Top 10 for LLM
26 juni 2023 |
32 min
on this week's episode, Adam and Andy talk about the OWASP Top 10 and the Top 10 for Large Language models. It is good for defenders to understand these vulnerabilities even if you are not in application security. Listen in to learn more about the current Top 10 and OWASP's draft for LLM's.
-------------------------------------------
Youtube Video Link: https://youtu.be/DXnI7nl6gLg
-------------------------------------------
Documentation: https://owasp.org/Top10/
https://owasp.org/www-project-top-10-for-large-language-model-applications/ -------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Network Security 101
19 juni 2023 |
26 min
On this week's episode, Adam and Andy talk about the basics of network security. They go over asset management, firewalls, IDS/IPS, NDR's, and administrative access. If you're new to security enterprise networks, listen in!
-------------------------------------------
Youtube Video Link: https://youtu.be/ewwhQeyIRWs
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
MSSP's
12 juni 2023 |
29 min
On this week's episode, Adam and Andy talk about Managed Security Service Providers (MSSP's). They talk about the different levels and services you can get from providers and introduce some of the new offerings from Microsoft in this space like Defenders for Experts for Hunting and XDR.
-------------------------------------------
Youtube Video Link: https://youtu.be/26jUP__JDtc
-------------------------------------------
Documentation: https://learn.microsoft.com/en-us/microsoft-365/security/defender/defender-experts-for-hunting?view=o365-worldwide
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4Vv1a
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Protecting M365 from on-premise attacks
5 juni 2023 |
30 min
On this week's episode, Adam and Andy talk about Microsoft's guidance on how to protect your M365 environment from on-premises attacks.
-------------------------------------------
Youtube Video Link: https://youtu.be/JhSva-NVdLI
-------------------------------------------
Documentation: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/protect-m365-from-on-premises-attacks -------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Microsoft Build 2023 Recap
30 maj 2023 |
39 min
On this week's episode, Adam and Andy give their perspective on some of the interesting security topics from Microsoft Build 2023.
-------------------------------------------
Youtube Video Link: https://youtu.be/3JOJLpWG-qg
-------------------------------------------
Documentation: https://news.microsoft.com/build-2023-book-of-news/
https://build.microsoft.com/en-US/sessions/d2ad7043-223f-4bbe-81e7-e83abc6fa631?source=sessions
https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/microsoft-entra-external-id-public-preview-developer-centric/ba-p/3823766 -------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Limiting Chatgpt
22 maj 2023 |
32 min
On this week's episode, Adam and Andy talk about how many companies are limiting access to ChatGPT in their corporate assets. They discuss why this is happening and recommendations on how to protect your data from getting leaked.
-------------------------------------------
Youtube Video Link: https://youtu.be/S8EXEPPmido
-------------------------------------------
Documentation: https://www.techradar.com/news/samsung-workers-leaked-company-secrets-by-using-chatgpt
https://learn.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide -------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Apple Rapid Security, Data Encryption, Layoffs & Insider Risk
15 maj 2023 |
31 min
On this week's episode, Adam and Andy talk about Apple's new Rapid Security update for iOS and Android. They also talk about different ways to encrypt data for protection. Finally, with layoffs still happening, they talk about how workforce reductions can have an impact on your security posture and how to be prepared for this.
-------------------------------------------
Youtube Video Link: https://youtu.be/KM5fvWH8EVY
-------------------------------------------
Documentation: https://support.apple.com/en-us/HT201224
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Microsoft Secure Score
8 maj 2023 |
32 min
On this week's episode, Adam and Andy talk about one of the most underutilized features of M365: Secure Score. They talk about what it is and go through some of the reasons why organizations might not use it. Learn how to operationalize this important feature to improve the security posture at your organization.
-------------------------------------------
Youtube Video Link: https://youtu.be/KM5fvWH8EVY
-------------------------------------------
https://sharepointmaven.com/how-to-sync-microsoft-365-message-center-with-planner/
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Workplace Join, Azure AD Join, and Windows (Cloud) LAPS
1 maj 2023 |
27 min
On this week's episode, Adam and Andy talk about how Microsoft FTE's are going from Workplace Join to only Azure AD Join devices and their thoughts on it. They also talk about the much anticipated Windows (Cloud) LAPS, how it works, and how to get started.
-------------------------------------------
Youtube Video Link: https://youtu.be/m-v6k5ZfS3c
-------------------------------------------
https://learn.microsoft.com/en-us/mem/intune/protect/windows-laps-policy
https://www.youtube.com/watch?v=XZ9Oh9pMBuE
https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-manage-local-admin-passwords
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Meta E2E, Proton Pass, LI Verified ID, iPhone Security
24 april 2023 |
35 min
On this week's episode, Adam and Andy talk about Meta's plans on end to end encryption for Facebook and Instagram messages. They also talk about Proton's new password vault that just launched in beta and Linkedin's new FREE verification, how to activate it, and why it's important. Finally, they talk about iPhone security with a simple setting that will harden your iPhone.
-------------------------------------------
Youtube Video Link: https://youtu.be/lQty2wFvkaM
-------------------------------------------
Documentation: https://arstechnica.com/tech-policy/2023/04/meta-plan-to-make-facebook-messages-more-secure-faces-law-enforcement-backlash/
https://proton.me/blog/proton-pass-beta
https://www.linkedin.com/pulse/linkedins-new-verification-features-include-clear-entra-rodriguez/
https://support.apple.com/en-us/HT212650
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Security Copilot, Incident Response Retainer, Exchange Server On-Prem
17 april 2023 |
22 min
On this week's episode, Adam and Andy talk about some Microsoft news including the newly unveiled Security Co-Pilot. They also talk about Microsoft's Incident Response Retainer and their takes on the new that the Exchange team is throttling and blocking emails from on-premises Exchange servers.
-------------------------------------------
Youtube Video Link: https://youtu.be/hl6YddFqxpo
-------------------------------------------
Documentation: https://blogs.microsoft.com/blog/2023/03/28/introducing-microsoft-security-copilot-empowering-defenders-at-the-speed-of-ai/
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
State of Identity 2023
10 april 2023 |
19 min
On this week's episode, Adam and Andy talk about Oort's report on the state of identity in 2023. They talk about the takeaways from the report and provide some action items on how to shore up your identity security.
-------------------------------------------
Youtube Video Link: https://youtu.be/bv26BBe5Oi0
-------------------------------------------
Documentation: https://oort.io/blog/introducing-the-2023-state-of-identity-security-report
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
News Update - MDVM, SEC Guidance, M365 Copilot
3 april 2023 |
24 min
On this week's episode, Adam and Andy talk about some recent news including Microsoft Defender Vulnerability Management going generally available, some SEC guidance that will be going live in the next couple of months, and a new capability for M365 called Copilot.
-------------------------------------------
Youtube Video Link: https://youtu.be/YnE_QBbu-_Q
-------------------------------------------
https://twitter.com/nicoleperlroth/status/1636779416524312576?s=46&t=wVpJpdH7u2mDZZDEtx3bMg
https://www.sec.gov/news/press-release/2022-39
https://www.sec.gov/news/press-release/2023-52
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Protect your home network by the NSA
27 mars 2023 |
34 min
On this week's episode, Adam and Andy talk about the NSA's guidance on how to secure your home network. This may be basic for most cybersecurity pros but there's a lot of great information here that maybe even the most seasoned veterans of cybersecurity can still pick up a couple pointers.
-------------------------------------------
Youtube Video Link: https://youtu.be/dsY3pmyXzVM
-------------------------------------------
Documentation: https://media.defense.gov/2023/Feb/22/2003165170/-1/-1/0/CSI_BEST_PRACTICES_FOR_SECURING_YOUR_HOME_NETWORK.PDF
https://twitter.com/racheltobac/status/1636481960221765632?s=46&t=wVpJpdH7u2mDZZDEtx3bMg
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
White House National Cybersecurity Strategy
20 mars 2023 |
29 min
On this week's episode, Adam and Andy talk about the new White House National Cybersecurity Strategy from the Biden-Harris administration.
-------------------------------------------
Youtube Video Link: https://youtu.be/BxG155ryP5I
-------------------------------------------
https://www.whitehouse.gov/wp-content/uploads/2023/03/National-Cybersecurity-Strategy-2023.pdf
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Intune Suite
13 mars 2023 |
18 min
On this week's episode, Adam and Andy talk about the new Intune Suite. This is a new offering from Microsoft that will help bolster the security and streamline device management. Listen in to hear about the different components like Remote Help, Endpoint Privilege Management, Advanced Endpoint Analytics, and more!
-------------------------------------------
Youtube Video Link: https://youtu.be/2VSn2-0w1LQ
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Lastpass Incident Update
6 mars 2023 |
35 min
On this week's episode, Adam and Andy talk about the update to the Lastpass security incident. There are a lot of lessons to learn from the mistakes of Lastpass. Props to Lastpass on the disclosure of how the incidents unfolded. The hope is we can use this information to secure our own organizations.
-------------------------------------------
Youtube Video Link: https://youtu.be/FHjDvLoZXno
-------------------------------------------
Documentation:
https://blog.lastpass.com/2023/03/security-incident-update-recommended-actions/
https://support.lastpass.com/help/incident-1-additional-details-of-the-attack
https://support.lastpass.com/help/incident-2-additional-details-of-the-attack
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Road to the Cloud
27 februari 2023 |
39 min
On this week's episode, Adam and Andy talk about the different states of transformation when going through your journey to reduce dependency on on-premise infrastructure and Active Directory by shifting to the cloud.
-------------------------------------------
Youtube Video Link: https://youtu.be/44xEZCedbkI
-------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/road-to-the-cloud-introduction
https://learn.microsoft.com/en-us/assessments/93dfb79b-71af-404d-897e-3928ecfb92b1/
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Identity Trends
20 februari 2023 |
37 min
On this week's episode, Adam and Andy talk through Alex Weinert's post about Identity Trends. Stay through the end to get your identity to-do list for this year!
-------------------------------------------
Youtube Video Link: https://youtu.be/RkxqTcXhz1A
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Identity Governance and Administration
13 februari 2023 |
33 min
On this week's episode, Adam and Andy talk about Identity Governance and Administration (IGA). They talk about what makes up a good IGA program and advice on some policies and procedures. They also talk about Azure AD Governance and Entra Permissions Management which are some great solutions for an IGA program.
-------------------------------------------
Youtube Video Link: https://youtu.be/Gg-zFlhDOwc
-------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/active-directory/governance/identity-governance-overview
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
ChatGPT
6 februari 2023 |
27 min
On this week's episode, Adam and Andy talk about ChatGPT. This innovative AI based chatbot is stirring up a storm of news. They'll talk about what it is and some great use cases for infosec professionals.
-------------------------------------------
Youtube Video Link: https://youtu.be/6Z7hkTkaTbc
-------------------------------------------
Documentation:
https://blogs.microsoft.com/blog/2023/01/23/microsoftandopenaiextendpartnership/
https://www.theverge.com/2023/2/3/23584675/microsoft-ai-bing-chatgpt-screenshots-leak
https://beta.openai.com/docs/usage-policies/content-policy
https://link.medium.com/Ija6ekPTLwb
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Tech Layoffs
30 januari 2023 |
37 min
On this week's episode, Adam and Andy talk about the tech layoffs. Andy talks about his career and how he's dealt with being laid off multiple times. Listen in if you're interested in how to mentally deal with a layoff and how to prepare yourself to be ready for the worst.
-------------------------------------------
Youtube Video Link: https://youtu.be/mSfzd6KQ3qQ
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Operational Excellence
23 januari 2023 |
37 min
On this week's episode, Adam and Andy talk about what operational excellence means and how it can help bolster your cybersecurity at your organization.
-------------------------------------------
Youtube Video Link: https://youtu.be/1xhWJ5H0llI
-------------------------------------------
Documentation:
https://twitter.com/swiftonsecurity/status/1614055657728274433?s=46&t=yypBUE-BpQ3gfvl0jjTxJA
https://learn.microsoft.com/en-us/sharepoint/redirect-known-folders
https://learn.microsoft.com/en-us/sharepoint/retention-and-deletion
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
News Catchup
16 januari 2023 |
33 min
On this week's episode, Adam and Andy do a catch up on news from December and talk about the retirement of Windows 7 ESU and 8.1. They also talk about Apple's Advanced Data Protection and the Lastpass breach.
-------------------------------------------
Youtube Video Link: https://youtu.be/ibnjen4KxTk
-------------------------------------------
Documentation:
https://petri.com/microsoft-ends-support-windows-7-windows-8-1/
https://support.apple.com/guide/security/advanced-data-protection-for-icloud-sec973254c5f/web
https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/
https://support.1password.com/pbkdf2/
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Windows Defender Firewall
9 januari 2023 |
13 min
On this week's episode, Adam and Andy talk about Windows Defender Firewall. This often is overlooked, misconfigured, or part of legacy policies. With the start of a brand new year, it is a good time to take a look at your current firewall configurations and perhaps move them over to Intune as part of modern management.
-------------------------------------------
Youtube Video Link: https://youtu.be/OhAdeQjjcj8
-------------------------------------------
Documentation:
https://call4cloud.nl/2020/07/the-windows-firewall-rises/
https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-security-firewall-rule-tool
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
What we learned in 2022 in cybersecurity
2 januari 2023 |
27 min
On this week's episode, Adam and Andy talk about some trends from this past year and what they would focus on securing for 2023.
-------------------------------------------
Youtube Video Link: https://youtu.be/x_Yx42cKa0A
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Windows Autopatch with Special Guest Adam Nichols
26 december 2022 |
40 min
On this week's episode, Adam and Andy talk with Adam Nichols, a Product Manager for Windows Autopatch. They talk about all things patching and do a deep dive on how the Windows Autopatch service works. Listen in if you're curious about the service and how to take advantage of it!
-------------------------------------------
YouTube Video Link: https://youtu.be/LCFA8D9pbCA
-------------------------------------------
Documentation:
-------------------------------------------
Adam Nichols
Linkedin: https://www.linkedin.com/in/adam-nichols-75739020/
Twitter: https://twitter.com/mauvlan
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Passkeys
19 december 2022 |
27 min
On this week's episode, Adam and Andy talk about passkeys. This may be the replacement for passwords that we're looking for and it is starting to go mainstream with the collaboration between Microsoft, Apple, and Google.
-------------------------------------------
YouTube Video Link: https://youtu.be/xYdtTWczwxQ
-------------------------------------------
Documentation:
https://support.apple.com/guide/iphone/sign-in-with-passkeys-iphf538ea8d0/ios
https://www.wired.com/story/how-to-use-passkeys-google-chrome-android/
https://www.theverge.com/2022/11/17/23464817/1password-passkey-support-security-apple-google
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Microsoft's Insider Risk Report
12 december 2022 |
31 min
On this week's episode, Adam and Andy talk about Microsoft's Insider Risk Report for 2022. This report give insight on how to build a holistic insider risk program but combining tooling, people management, trust, and processes. Insider risk is on the rise. Listen in as Andy and Adam break down the report and give you the highlights on how to get started on building your insider risk program.
-------------------------------------------
YouTube Video Link: https://youtu.be/UdoBv3R-OeE
-------------------------------------------
Documentation:
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE58Ymd
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
DDoS Protection
5 december 2022 |
18 min
On this week's episode, Adam and Andy talk about CISA's DDoS protection guidance. This follows the episode on Microsoft's Digital Defense Report where DDoS attacks and protections were also highlighting in the report.
-------------------------------------------
YouTube Video Link: https://youtu.be/_9puZjc05H4
-------------------------------------------
Documentation:
https://www.cisa.gov/cisa-tabletop-exercise-packages
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5bUvv?culture=en-us&country=us
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5bcRe?culture=en-us&country=us
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Microsoft's Digital Defense Report
28 november 2022 |
39 min
On this week's episode, Adam and Andy talk about Microsoft's Digital Defense Report. This report has a wealth of information on the state of cybersecurity, current trends, attack vectors, and defense suggestions for organizations. They break down some key points so listen in if you do not have time to read the entire report.
-------------------------------------------
YouTube Video Link: https://youtu.be/CS5F8puZQXo
-------------------------------------------
Documentation:
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5bUvv?culture=en-us&country=us
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5bcRe?culture=en-us&country=us
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
How to Mastodon
21 november 2022 |
34 min
On this week's episode, Adam is back and joined by Andy to talk about Mastodon. This decentralized social media platform has been around since 2016 and recently has been growing exponentially due to the Twitter migration. Critical mass has already happened for many communities including the infosec community so it is in our best interest to learn about it and learn how to use it.
-------------------------------------------
Youtube Video Link: https://youtu.be/Rc40W8bcAs0
-------------------------------------------
Documentation:
https://grahamcluley.com/mastodon-what-you-need-to-know-for-your-security-and-privacy/
https://www.hughrundle.net/home-invasion/
https://www.cyberscoop.com/twitter-dumpster-fire-infosectwitter/
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Patch Tuesday, Medibank Breach, Twitter Meltdown
14 november 2022 |
29 min
This week, friend of the pod, Shannon Fritz, fills in for Adam and he and Andy talk about the big update for Patch Tuesday, the Medibank double extortion incident, and the meltdown happening at Twitter.
-------------------------------------------
Youtube Video Link:
-------------------------------------------
Documentation:
https://support.microsoft.com/en-us/topic/november-8-2022-kb5019980-os-build-22621-819-b503e08b-b850-469a-8de9-74df8aebd5f4
https://www.9news.com.au/technology/medibank-hack-suspected-cybercriminal-releases-sample-of-australian-customer-data/26aa6096-f730-4a8c-83a1-b0d3da6519d7
https://twitter.com/leakissner/status/1590706305102381058?s=46&t=b1TkB4mKrocmPYWcffWQtg
https://www.theverge.com/2022/11/10/23451198/twitter-ftc-elon-musk-lawyer-changes-fine-warning
https://www.technologyreview.com/2022/11/08/1062886/heres-how-a-twitter-engineer-says-it-will-break-in-the-coming-weeks/
https://www.technologyreview.com/2022/11/11/1063162/twitters-imminent-collapse-could-wipe-out-vast-records-of-recent-human-history/
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Old Phishing Tricks Are Still Working
7 november 2022 |
19 min
This week, Adam and Andy talk about the Dropbox and Twilio breach where old phishing tricks worked and attackers were able to get credentials. They also talk about CISA's new guidance on phish resistant MFA and Enhance Phishing Protection in Windows 11 22H2.
-------------------------------------------
Youtube Video Link: https://youtu.be/06lGGC6GSJM
-------------------------------------------
Documentation:
https://dropbox.tech/security/a-recent-phishing-campaign-targeting-dropbox
-------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
SOCRadar and Ignite 2022 highlights
31 oktober 2022 |
44 min
This week, Adam and Andy talk about the SOCRadar disclosure of a misconfigured Microsoft endpoint that led to a data privacy incident. They talk about what happened and what you should know as a Microsoft customer. They also go over some of the highlights from Ignite 2022 with new features and brands for endpoint management, identity, and security.
-------------------------------------------
Youtube Video Link: https://youtu.be/mMlkJnpT9us
-------------------------------------------
Documentation:
https://news.microsoft.com/ignite-2022-book-of-news/
https://learn.microsoft.com/en-us/azure/active-directory/governance/what-are-lifecycle-workflows
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
IBM Incident Responder Report
24 oktober 2022 |
34 min
This week, Adam and Andy talk about IBM's Incident Responder Report. This report has some great empirical data on incident responder perceptions and how incidents impact mental health. Listen in as they discuss some of the key findings in this report.
-------------------------------------------
Youtube Video Link: https://youtu.be/hhnxHMbvASw
-------------------------------------------
Documentation:
https://www.ibm.com/downloads/cas/XKOY5OLO
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
BYOD Zero-Trust Architecture
17 oktober 2022 |
31 min
This week, Adam and Andy talk about how to look at BYOD policies in a Zero-Trust architecture. They go over a blueprint put out by Microsoft Middle East and Africa that's a little bit older but is a great reference for anyone looking for guidance.
-------------------------------------------
Youtube Video Link: https://youtu.be/pze2b0Ix8QI
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
MDE Tamper Protection
10 oktober 2022 |
14 min
This week, Adam and Andy talk about Microsoft Defender for Endpoint's Tamper Protection. This type of feature is also available on other endpoint protection solutions. They talk about what it is, what's changing soon, and why you should turn this on.
-------------------------------------------
Youtube Video Link: https://youtu.be/ZhhlianhqgY
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Active Directory Security Tips
3 oktober 2022 |
29 min
This week, Adam and Andy talk about some tips on securing Active Directory. This was inspired by a session led by Trimarc Security at The Experts Conference.
-------------------------------------------
Youtube Video Link: https://youtu.be/7HQZQh-UzmQ
-------------------------------------------
Documentation:
https://www.trimarcsecurity.com/
https://www.quest.com/the-experts-conference/
https://www.hub.trimarcsecurity.com/post/ten-ways-to-improve-ad-security-quickly
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Kerberoasted
26 september 2022 |
18 min
This week, Adam and Andy talk about kerberoasting: how it works and how to defend against it. Listen in on this unique attack technique!
-------------------------------------------
Youtube Video Link: https://youtu.be/sr75jgscnkQ
-------------------------------------------
Documentation:
https://twitter.com/_wald0/status/1562871258190348289?s=20&t=xcJOw353X-xDvHB52BKxiA
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Microsoft Teams, Patreon, and Uber
19 september 2022 |
29 min
This week, Adam and Andy talk about Microsoft Teams and the post-exploit technique that was discovered by Vetra's Project Team and the decision of Patreon to lay off their entire internal information security team. The also talk about Uber's on-going cybersecurity incident including some initial reports of how it happened as well as mitigations to prevent this type of attack in the future.
-------------------------------------------
Youtube Video Link: https://youtu.be/FWnEma4hOWQ
-------------------------------------------
Documentation:
https://www.vectra.ai/blogpost/undermining-microsoft-teams-security-by-mining-tokens
https://techcrunch.com/2022/09/09/patreon-security-layoffs/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Cloudflare and Kiwi Farms
12 september 2022 |
34 min
This week, Adam and Andy breakdown what led to Cloudflare dropping Kiwi Farms as a customer, why the media and Twitter were up-in-arms about the whole incident, and their thoughts about the decision.
-------------------------------------------
Youtube Video Link: https://youtu.be/NrNe_n95Tfk
-------------------------------------------
Documentation:
https://blog.cloudflare.com/cloudflares-abuse-policies-and-approach/
https://blog.cloudflare.com/kiwifarms-blocked/
https://rasbora.dev/blog/I-ran-the-worlds-largest-ddos-for-hire-empire-and-cloudflare-helped
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Cloud Security 101
5 september 2022 |
43 min
This week, Adam and Andy talk about cloud security. If you're looking to learn about cloud security concepts, this is the show for you. They talk about basic and advanced security as well as risk assessment and other things you should consider when designing and architecting your security in the cloud.
-------------------------------------------
Youtube Video Link: https://youtu.be/1sc1R8iL3wc
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Beyond E5, Rebranding, Public Previews in Microsoft Security
29 augusti 2022 |
30 min
This week, Adam and Andy pull together all the new product launches and rebranding for Microsoft Security over the last couple of months. Listen in to learn about Microsoft Entra, Defender Threat Intel, App Governance, and Threat Experts.
-------------------------------------------
Youtube Video Link: https://youtu.be/PSm97tY4q1E
-------------------------------------------
Documentation:
https://docs.microsoft.com/en-us/azure/active-directory/cloud-infrastructure-entitlement-management/overview
https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/decentralized-identifier-overview
https://docs.microsoft.com/en-us/azure/external-attack-surface-management/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Quantum & Cryptography Follow-up, TikTok, and Janet Jackson
22 augusti 2022 |
29 min
This week, Adam and Andy follow up on a few things from the post quantum cryptography episode talking about how one of the quantum resistant algorithms was broken and a lawsuit against the US government related to quantum encryption. They also chat about how TikTok may be storing information of US citizens on Chinese servers. Finally, they talk about how sound can be used as a cyber attack vector.
-------------------------------------------
Youtube Video Link: https://youtu.be/CmcK2bwnqGo
-------------------------------------------
Documentation:
http://blog.cr.yp.to/20220805-nsa.html
https://twitter.com/divinetechygirl/status/1560220472742232065?s=21&t=f3k3lt5ALc1VWGUNURu_bg
https://www.neowin.net/news/janet-jackson-song-is-now-an-official-exploit-for-windows-pcs/?fs=e&s=cl
https://www.zdnet.com/article/academics-steal-data-from-air-gapped-systems-using-pc-fan-vibrations/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Post Quantum Series - Part 2 - Quantum Cryptography
15 augusti 2022 |
25 min
This week, Adam and Andy talk about post quantum cryptography this week. They go over why quantum computers are a threat to classical cryptography like public key encryption, quantum key distribution, and finally NIST's selection of quantum resistant cryptography.
-------------------------------------------
Youtube Video Link: https://youtu.be/v8CVq09tnB4
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Post Quantum Series - Part 1 - Quantum Computers
8 augusti 2022 |
22 min
This week, Adam and Andy start a two part series on post-quantum computer information security. This first part goes into understanding how quantum computers work and how they differ from classical computers. While it's not necessary to understand how quantum computers work to know the threat to information security they have, as technologist, it's always fun to expand our knowledge on these topics. We hope you learn as much as we did when we researched the topic for this episode!
-------------------------------------------
Youtube Video Link: https://youtu.be/h8E2TL_UMQA
-------------------------------------------
Documentation:
https://azure.microsoft.com/en-us/services/quantum/#overview
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Exchange Online Protection Deep-Dive
1 augusti 2022 |
26 min
This week, Adam and Andy do a technical deep dive on Exchange Online Protection (EOP). They talk about the pre-delivery and post-delivery protections. They also talk about some of the zero-day protections that Defender for Office 365 provides similar to other competitors in the space and MX record vs API protection.
-------------------------------------------
Youtube Video Link: https://youtu.be/-_pnAIR2Y48
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Personal and Organization Privacy
25 juli 2022 |
39 min
This week, Adam and Andy talk about privacy both in organizations and your personal life. They talk about some of the new Microsoft Purview Compliance Classifiers and how it might be an invasive for some orgs when implemented in the wrong way. They also talk about mobile device privacy in light of SCOTUS overturning Roe v Wade and how our data might be weaponized against us. Finally, they talk about some privacy tools that can help limit the telemetry to tech companies.
-------------------------------------------
Youtube Video Link: https://youtu.be/o5k3gIMlPjs
-------------------------------------------
Documentation:
https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/cell-phone-hipaa/index.html
https://globalprivacycontrol.org/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Microsoft Security News
18 juli 2022 |
32 min
This week, Adam and Andy talk about some security news relating to Microsoft. First they talk about a phishing campaign that Microsoft detailed that was going on affecting more than 10,000 orgs where the attackers are able to bypass MFA. They also talk about Microsoft's decision to roll back disabling VBA macros by default. Finally, they talk about Microsoft's DART team and how they approach ransomware and incident response.
-------------------------------------------
Youtube Video Link: https://youtu.be/FJnrBMgw89g
-------------------------------------------
Documentation:
https://jeffreyappel.nl/blocking-internet-macros-in-office-and-dont-wait-for-microsoft/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Risk Management and Data Protection
11 juli 2022 |
25 min
This week, Adam and Andy talk about risk-centric security management and how to shift from looking at just severity of vulnerabilities to reducing risk to your organization. They also talk about how attackers are shifting to data stealing on top of ransomware so organizations need to add data protection to their security stack.
-------------------------------------------
Youtube Video Link: https://youtu.be/0Ivazm8hijM
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Basic Auth, Zero Days, & Burnout
4 juli 2022 |
37 min
This week, Adam and Andy catch up some news in their first live show in a couple of weeks. First they talk about CISA's guidance to federal agencies to switch from basic auth to modern auth due to the retirement of basic auth on Oct 1, 2022. They also give the cumulative count of zero days for 2022 and some best practices for defense. Finally, they talk through the challenges of investing in people and the burnout felt community wide.
-------------------------------------------
Youtube Video Link: https://youtu.be/XM-UwFajxHY
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Secure Authentication to Azure VMs
27 juni 2022 |
15 min
This week, Adam and Andy talk about different methods to modernize the way you authenticate to virtual machines located in Azure. The first is using Azure Active Directory and the second is using Azure Bastion. Listen in on how this will help you securely access your virtual machines.
-------------------------------------------
Youtube Video Link: https://youtu.be/n25RmcPUI6M
-------------------------------------------
Documentation:
https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-linux
https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows
https://docs.microsoft.com/en-us/azure/bastion/bastion-overview
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Don't Phish Me, Bro
20 juni 2022 |
28 min
This week, Adam and Andy talk about OMB procurement requirements changing due to increased cybersecurity defense, Gartner's thoughts on consolidated security platforms, and internal phishing campaigns.
-------------------------------------------
Youtube Video Link: https://youtu.be/OZKS03pmk8M
-------------------------------------------
Documentation:
https://www.gartner.com/doc/reprints?id=1-28F8N1LT&ct=211213&st=sb
https://twitter.com/swiftonsecurity/status/1534762545524969473?s=21&t=zH3ZUwsZZVDH6ujtVtxTWw
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Securing Guest Access to M365
12 juni 2022 |
27 min
This week, Adam and Andy talk about how to secure guest access and collaboration in Microsoft 365. They talk about the differences between member and guest users and how guest users are created. They also talk about best practices on how to secure access and collaborations in Sharepoint, Teams, and Azure AD. Finally, they end with talking about managing partner relationships and how that can impact access to an organization's tenant.
-------------------------------------------
Youtube Video Link: https://youtu.be/PGjipcS6wiA
-------------------------------------------
Documentation:
https://docs.microsoft.com/en-us/azure/lighthouse/overview
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Windows Defender Exploit Guard
6 juni 2022 |
22 min
This week, Adam and Andy talk about Windows Defender Exploit Guard. This is a set of protections built into Windows Server and 10/11 operating systems that provide additional device hardening rules. This conversation was spawned by the current Follina vulnerability (CVE-2022-30190) where an Attack Surface Reduction (ASR) rule can prevent the attack from happening. ASR rules are part of Window Defender Exploit Guard. Dive in to learn all about it!
-------------------------------------------
Youtube Video Link: https://youtu.be/ldFWF9GuMZY
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Patch Management
30 maj 2022 |
33 min
This week, Adam and Andy talk about patch management. This is basic security and some organizations are still struggling with it. They talk about the explosion of zero days and why continuous monitoring of patching is so important. They also go over some policy that you should review as well as why you should switch to Windows Update for Business. Finally, they go over a new feature called Windows Autopatch announced a few weeks ago.
-------------------------------------------
Youtube Video Link: https://youtu.be/KM_2OrB1Wy8
-------------------------------------------
Documentation:
https://www.mandiant.com/resources/zero-days-exploited-2021
https://www.anoopcnair.com/windows-update-for-business-wufb-using-intune/
https://docs.microsoft.com/en-us/windows/deployment/update/waas-configure-wufb
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Domain Controller Security
23 maj 2022 |
24 min
This week, Adam and Andy talk about some updated guidance for securing domain controllers in a world where the cloud is a security imperative. They also review some of the existing guidance and walk through the most important recommendations.
-------------------------------------------
Youtube Video Link: https://youtu.be/AlJ1H7Ud4vc
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Cyber Threat Intelligence with Special Guest Charity Wright
16 maj 2022 |
41 min
This week, Adam and Andy talk with threat intelligence expert Charity Wright. Charity talks about her military career and how she got selected as a Chinese linguist and worked with the NSA. Charity works for Recorded Future currently and she talks about how threat intelligence can help bolster your cybersecurity program and why it's important to start gathering intel whether it's an internal team, a vendor, or using open source intelligence (OSINT).
-------------------------------------------
Youtube Video Link: https://youtu.be/zkAg_mBp7N4
-------------------------------------------
Documentation:
Charity Wright
Twitter: https://twitter.com/CharityW4CTI
Linkedin: https://www.linkedin.com/in/cwillhoite/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Andy was hacked!
9 maj 2022 |
20 min
This week, Adam and Andy talk about passwordless news released on World Password Day and about how Andy was hacked...listen in to hear the details of what happened!
-------------------------------------------
Youtube Video Link: https://youtu.be/Go6cb9pU6ng
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
MFA Bombing
2 maj 2022 |
20 min
This week, Adam and Andy talk about MFA bombing. This tricky compromise circumvents MFA. Listen on what it is and how to protect against it.
-------------------------------------------
Youtube Video Link: https://youtu.be/EFg-vw824PY
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Interview with Special Guest Christina Morillo
25 april 2022 |
34 min
This week, Adam and Andy talk with Christina Morillo about identity, diversity in information security, and her book "97 Things Every Information Security Professional Should Know: Collective Wisdom from the Experts." We had so much fun talking and it was a great interview!
-------------------------------------------
Documentation:
Colors of Infosec: https://podcasts.apple.com/us/podcast/colors-of-infosec-podcast/id1531541552
Book: https://www.amazon.com/Things-Information-Security-Professional-Should/dp/1098101391
Christina on Twitter: https://twitter.com/divinetechygirl
https://www.christinamorillo.com/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
VPNs vs SDPs
18 april 2022 |
31 min
Adam and Andy talk about VPN's versus Software Defined Perimeters (SDP) this week. They break down why companies still use VPN's and why they pose an infosec security risk. They present SDP's as a different way of thinking about how to access internal applications and some vendors in the space already.
-------------------------------------------
Youtube Video Link: https://youtu.be/N8CxB84f50A
-------------------------------------------
Documentation:
https://www.blastwave.io/posts/house-of-cards-your-guide-to-getting-hacked-using-vpns
https://docs.microsoft.com/en-us/azure/active-directory/app-proxy/what-is-application-proxy
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Okta Says Sorry, Fake Warrants, New PCI Reqs
11 april 2022 |
33 min
This week's episode, Adam and Andy talk about some interesting infosec news including Okta's apology and how that affected their stock prices. They also talk about the latest Apple zero days and an interesting tactic cybercriminals are using to get sensitive data out of organizations. Finally, they chat about the new PCI 4.0 standard and what's different from the current standard.
-------------------------------------------
Youtube Video Link: https://youtu.be/Dja0bWaARQU
-------------------------------------------
Documentation:
https://krebsonsecurity.com/2022/03/fake-emergency-search-warrants-draw-scrutiny-from-capitol-hill/
https://www.darkreading.com/edge-articles/what-s-new-in-pci-dss-4-0-for-authentication-requirements
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
LAPSUS$
4 april 2022 |
41 min
This week's episode, Adam and Andy talk about the hacker group LAPSUS$. They go over what makes this group unique in the cybercriminal world and a breakdown of the latest high value targets.
-------------------------------------------
Youtube Video Link: https://youtu.be/w-7RPcOl8HE
-------------------------------------------
Documentation:
https://www.linkedin.com/pulse/open-letter-okta-amit-yoran/
https://sec.okta.com/articles/2022/03/official-okta-statement-lapsus-claims
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Infosec News Catch Up
28 mars 2022 |
29 min
This week's episode, Adam and Andy catch up on some infosec news including the new Cyber Incident Reporting Act signed into law last week and other reporting policies on the horizon. They also talk about CISA's advisory on misconfigured MFA and Russia's new root certificate.
-------------------------------------------
Youtube Video Link: https://youtu.be/igcF6dLvq4E
-------------------------------------------
Documentation:
https://www.cisa.gov/uscert/ncas/alerts/aa22-074a
https://www.eff.org/deeplinks/2022/03/you-should-not-trust-russias-new-trusted-root-ca
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Helpdesk Security
21 mars 2022 |
30 min
This week's episode, Adam and Andy talk about helpdesk security. Enterprise helpdesks are often a popular target for cybercriminals because they have access to sensitive information and accounts. Listen in as they talk about things to think about when driving towards a zero trust model for helpdesk security.
-------------------------------------------
Youtube Video Link: https://youtu.be/6WPDH9W8UOQ
-------------------------------------------
Documentation:
https://specopssoft.com/product/secure-service-desk/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
War in the Digital Age
14 mars 2022 |
32 min
This week's episode, Adam and Andy talk about the Russian invasion of Ukraine and the information war that is happening behind the scenes. They go over some specific takeaways on what to focus on in this heightened state of cybersecurity risk.
-------------------------------------------
Youtube Video Link: https://youtu.be/a2452Yd0--g
-------------------------------------------
Documentation:
SANS Webcast: Russian Cyber Attack Escalation in Ukraine - What You Need To Know! https://www.youtube.com/watch?v=bZoHePqoBtM
https://blogs.microsoft.com/on-the-issues/2022/02/28/ukraine-russia-digital-war-cyberattacks/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Windows Hello for Business Revisited
7 mars 2022 |
26 min
This week's episode, Adam and Andy talk about the new cloud key trust deployment model for Windows Hello for Business in hybrid environments. Cloud key trust greatly simplifies the deployment of Windows Hello for Business by removing the requirement for any PKI infrastructure. If you've been waiting to try this passwordless solution to authenticate to Windows PC's, now is the time. There are benefits even if you are using Azure AD Joined devices. Listen in on how to get started today!
-------------------------------------------
Youtube Video Link: https://youtu.be/9e7XyVWIPk8
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Password Cracking
28 februari 2022 |
21 min
This week's episode, Adam and Andy talk about the basics of password cracking. Understanding how passwords are cracked by offensive security and cybercriminals can help defenders scope and make better password policies.
-------------------------------------------
Youtube Video Link: https://youtu.be/f2IniyS8Le4
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Geopolitical Crises and Cybersecurity
21 februari 2022 |
23 min
This week's episode, Adam and Andy talk about some of the geopolitical crises happening around the world with Russia and China and how that affects cybersecurity defenders.
-------------------------------------------
Youtube Video Link: https://youtu.be/LATDlvH6h90
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Windows Defender Application Control
14 februari 2022 |
23 min
This week's episode, Adam and Andy continue their Windows Security series and talk about Defender Application Control. This is a great feature built into Windows Enterprise that can help reduce the attack surface in many use cases. Listen in on how it works and how to test and implement it.
-------------------------------------------
Youtube Video Link: https://youtu.be/A0LXCsIIFBM
-------------------------------------------
Documentation:
https://call4cloud.nl/2021/06/wdac-or-the-unexpected-virtue-of-ignorance/
https://webapp-wdac-wizard.azurewebsites.net/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Tabletop Scenarios with Special Guests Nate Gardner and Gavin Ashton
7 februari 2022 |
47 min
This week's episode, Adam and Andy have a great time chatting with fellow cybersecurity professionals Nate Gardner and Gavin Ashton walking through tabletop scenarios. This is something security defenders should do to test their incident response plan.
-------------------------------------------
Youtube Video Link: https://youtu.be/kwxSCd40gWQ
-------------------------------------------
Documentation:
Nate Gardner:
https://www.linkedin.com/in/nate-gardner-infosec/
Gavin Ashton:
https://www.linkedin.com/in/gvnshtn/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
News Smash
31 januari 2022 |
34 min
This week's episode, Adam and Andy talk catch up on some infosec news including BadUSB, President Biden's memorandum for National Security Systems, iOS/MacOS vulnerablities, and new hardware with Microsoft's Pluton Security Processor.
-------------------------------------------
Youtube Video Link: https://youtu.be/yQebJcb2j3E
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Windows Device Management with Special Guest Shannon Fritz
24 januari 2022 |
59 min
This week's episode, Adam and Andy talk with special guest Shannon Fritz on Windows Device Management. If you haven't listened to Shannon's episode on Device Identity, we encourage you to listen to it! Following up the conversation on device identity, Shannon talks all about managing devices using co-management and how device identity is related to management but mainly where the device lives does not affect how it is managed. Listen in on what it means to co-manage your Windows devices!
-------------------------------------------
Youtube Video Link: https://youtu.be/LtkPvqLvG9Y
-------------------------------------------
Documentation:
Windows 10 Device Management vs Device Identity
https://mrshannon.wordpress.com/2020/06/24/windows-10-device-management-vs-device-identity/
Shannon Fritz: https://twitter.com/mrshannonfritz
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
F12 and Find Out
17 januari 2022 |
23 min
This week's episode, Adam and Andy talk about the importance of the nomenclature we use in information security. They also talk about the perception of information security to those who are not in the field and how that can affect safety when it comes to red teaming.
-------------------------------------------
Youtube Video Link: https://youtu.be/nMQC5D_P4qY
-------------------------------------------
Documentation:
https://abcnews.go.com/US/wireStory/charges-dropped-men-broke-iowa-courthouses-68651855
https://www.darkreading.com/edge-articles/why-red-teaming-while-black-can-be-risky
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Digital Asset Management
10 januari 2022 |
25 min
This week's episode, Adam and Andy talk about a fundamental important program for security defenders: asset management. It may not be the most exciting aspect of security but knowing what you have makes it a lot easier to protect and response to attacks.
-------------------------------------------
Youtube Video Link: https://youtu.be/Kui8x_lCYOk
-------------------------------------------
Documentation:
https://danielmiessler.com/blog/continuous-asset-management-security/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
A look back on 2021
3 januari 2022 |
30 min
This week's episode, Adam and Andy give an update on Log4j/Log4Shell insights from the Google Security Team. They also look back on some of the vulnerabilities and cyberattacks from 2021 and discuss what's to come in 2022 for defenders.
-------------------------------------------
Youtube Video Link: https://youtu.be/3XLwP8GFS3M
-------------------------------------------
Documentation:
https://security.googleblog.com/
https://news.microsoft.com/on-the-issues/tools-and-weapons/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Work Life Balance
27 december 2021 |
38 min
This week's episode, Adam and Andy talk all about a healthy work life balance. With the pandemic still on-going and working from home or hybrid work environments looking like they are not going away, it's time to re-evaluate your boundaries and enforce them. Listen on what's worked for Adam and Andy as they put their mental health ahead of the hustle culture.
-------------------------------------------
Youtube Video Link: https://youtu.be/lK147aYqt4k
-------------------------------------------
Documentation:
https://hbr.org/2021/12/hybrid-tanked-work-life-balance-heres-how-microsoft-is-trying-to-fix-it
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Threat and Vulnerability Management
20 december 2021 |
30 min
This week, Adam and Andy talk all about how to start and run a threat and vulnerability program at your company. From asset management, scanning, remediation, and validation, they go over what is involved and how to orchestrate the effort cross-function to avoid down time. A TVM program is a key pillar of your defense so if you do not have one or want to improve your current one, listen in!
-------------------------------------------
Youtube Video Link: https://youtu.be/qTvtvfY3CaQ
-------------------------------------------
Documentation:
https://www.tenable.com/products/nessus
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Log4Shell
13 december 2021 |
34 min
This week, Adam and Andy talk all about the Log4Shell vulnerability affecting the log4j Java library. They give an overview on how it works and how you as a security defender can secure your environment against it.
-------------------------------------------
Youtube Video Link: https://youtu.be/D9KBcIHOQzI
-------------------------------------------
Documentation:
https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592
https://github.com/Neo23x0/log4shell-detector
https://twitter.com/shehackspurple/status/1469742868952584194
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Security Champions
6 december 2021 |
21 min
This week, Adam and Andy talk about a security champions program. This is a way to bolster the security culture and develop representatives in each business group to understand security initiatives and evangelize them for you at your company. It's also a way to have a inner ring of testers and even possible a talent pipeline. There's a lot to discuss so listen in!
-------------------------------------------
Youtube Video Link: https://youtu.be/sbnppJR-eMo
-------------------------------------------
Documentation:
https://www.darkreading.com/careers-and-people/how-to-implement-a-security-champions-program
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Things are getting better
29 november 2021 |
33 min
This week, Adam and Andy talk about how they see things improving in the cybersecurity industry from the Department of Justice and the US government investigating and hunting down cyber criminals and sanctioning the NSO group to bug bounties increasing and new regulations.
-------------------------------------------
Youtube Video Link: https://youtu.be/Jr-prV9DEUg
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Zero Trust, Amazon Security, and other news
22 november 2021 |
34 min
This week, Adam and Andy talk about some recent infosec news, a shocking article about Amazon's lack of security, and what zero trust means to them.
-------------------------------------------
Youtube Video Link: https://youtu.be/Lzf-eYy7PTg
-------------------------------------------
Documentation:
https://www.wired.com/story/amazon-failed-to-protect-your-data-investigation/
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWJJdT
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Ignite 2021 Fall Highlights
15 november 2021 |
36 min
This week, Adam and Andy go over some of the endpoint, Windows, and security announcements from Ignite. If you were too busy to watch any of the sessions or read about the updates, listen in as they give the highlights from the conference.
-------------------------------------------
Youtube Video Link: https://youtu.be/GClAGTkzPmc
-------------------------------------------
Documentation:
https://news.microsoft.com/ignite-november-2021-book-of-news/
https://myignite.microsoft.com/home
https://news.microsoft.com/november-2021-ignite/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Cybersecurity Talent Gap
8 november 2021 |
40 min
This week, Adam and Andy talk about the cybersecurity talent gap. They give advice to those who are trying to break into the field as well as hiring managers on changing the way they look at recruiting to widen the talent pipeline. They also talk about how gatekeepers are toxic to the industry.
-------------------------------------------
Youtube Video Link: https://youtu.be/Iac0YlqiIx4
-------------------------------------------
Documentation:
https://danielmiessler.com/blog/day-1-skills-required-to-land-an-entry-level-cybersecurity-job/
https://www.cyberseek.org/pathway.html
https://twitter.com/FrankMcG/status/1455380836858089477?s=20
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Microsoft Digital Defense Report, Consumer Expectations, and Gartner
1 november 2021 |
39 min
This week, Adam and Andy talk about Microsoft's Digital Defense Report, consumer expectations of "invisible" security, and should you rip out an information security tool just because it's not on the Gartner Magic Quadrant.
-------------------------------------------
Youtube Video Link: https://youtu.be/YXe79Uli1ow
-------------------------------------------
Documentation:
https://blogs.microsoft.com/on-the-issues/2021/10/07/digital-defense-report-2021/
https://twitter.com/snorkel42/status/1450492940938321921?s=21
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Windows 365 with Special Guest Bradley Dupay
25 oktober 2021 |
53 min
This week, Adam and Andy talk with Microsoft's Global Black Belt Specialist, Bradley Dupay, about the all new cloud PC offering called Windows 365. They go over how VDI has evolved over the years, the implementation details, use cases, and importance to security defenders. This was an amazing conversation! Listen in on how you can modernize your virtualized desktops for a secure hybrid workplace.
-------------------------------------------
Youtube Video Link: https://youtu.be/PVo7_b9BJWg
-------------------------------------------
Documentation:
https://docs.microsoft.com/en-us/windows-365/overview
Bradley Dupay
Linkedin: https://www.linkedin.com/in/bdupay/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Facebook Outage Learnings and Windows 11 security
18 oktober 2021 |
34 min
This week on the Blue Security Podcast, Adam and Andy talk about the Facebook outage and what security defenders can learn from reading their after actions report. They also dive into Windows 11 and the security features that make it the most secure version of Windows yet.
-------------------------------------------
Youtube Video Link: https://youtu.be/DdGeRMkZVOM
-------------------------------------------
Documentation:
https://www.microsoft.com/security/blog/?p=93810
https://www.youtube.com/watch?v=tg9QUrnVFho
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
You are going to be a victim of ransomware
11 oktober 2021 |
21 min
This week on the Blue Security Podcast, Adam and Andy talk about planning to be a victim of ransomware. This is a mindset shift. Instead of focusing on prevention, cybersecurity defenders should plan and practice how to mitigate the damage against a ransomware attack.
-------------------------------------------
Youtube Video Link: https://youtu.be/MOq2KhhCjAI
-------------------------------------------
Documentation:
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
TPM design limitations and Apple-Google app store actions
4 oktober 2021 |
28 min
This week on the Blue Security Podcast, Adam and Andy talk about two interesting topics. The first is a pentesting company's successful hack Bitlocker using a TPM limitation. They talk about why this is complicated and the mitigations for it. They also talk about Apple and Google's decision to pull a voting app from the store in Russia a day before the parliamentary elections and the effect it has on democracy.
-------------------------------------------
Youtube Video Link: https://youtu.be/-GNLKWTtxTI
-------------------------------------------
Documentation:
https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network
https://explainxkcd.com/wiki/index.php/538:_Security
https://gizmodo.com/apple-and-google-pull-opposition-app-from-russian-store-1847695238
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Protonmail kerfuffle
27 september 2021 |
17 min
This week on the Blue Security Podcast, Adam and Andy talk about the hot water Protonmail got themselves into when the news reported that they provided IP address and device information on a Protonmail account to the Swiss government. It's a great discussion on privacy vs security and laws that companies have to abide by.
-------------------------------------------
Youtube Video Link: https://youtu.be/ZMcUKQstqsA
-------------------------------------------
Documentation:
https://thehackernews.com/2021/09/protonmail-shares-activists-ip-address.html
https://protonmail.com/blog/climate-activist-arrest/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Misconceptions about MDM
20 september 2021 |
43 min
This week on the Blue Security Podcast, Adam and Andy go over a bunch of misconceptions about mobile device management spurred by some chatter on Twitter. Should you enroll your personal device with your company's management solution? Listen in as Adam and Andy go over what is technical possible or not possible with MDM solutions.
-------------------------------------------
Youtube Video Link: https://youtu.be/RblAsBTYV9s
-------------------------------------------
Documentation:
https://twitter.com/decryptlyfe/status/1428739410338598913?s=20
https://twitter.com/ashleygjovik/status/1428495420917837826?s=20
https://twitter.com/cherthedev/status/1428808057643966468?s=20
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
One year anniversary!
13 september 2021 |
31 min
This week on the Blue Security Podcast, Adam and Andy celebrate one year of the podcast looking back on past episodes and key takeaways.
-------------------------------------------
Youtube Video Link: https://youtu.be/6iBtzPzsFM4
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Apple's Protections for Children
6 september 2021 |
34 min
This week on the Blue Security Podcast, Adam and Andy talk about Apple's new proposed iOS 15 feature to protect children. They break down the technical details of how Apple differs from the other tech companies already scanning for CSAM content as well as their new message protection.
-------------------------------------------
Youtube Video Link: https://youtu.be/GBG42KZKbok
-------------------------------------------
Documentation:
https://techcrunch.com/2021/09/03/apple-csam-detection-delayed/
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Security News Edition: Lockfile, Razer, and T-mobile
30 augusti 2021 |
33 min
This week on the Blue Security Podcast, Adam and Andy breakdown some of the latest infosec news. They go over some hardening advice on the current Exchange ProxyShell vulnerability and Lockfile's current ransomware campaign. They also discuss some interesting privileged escalation using Razer peripherals. Finally, they give their thoughts on the T-Mobile breach.
-------------------------------------------
Youtube Video Link: https://youtu.be/vI3RRekjPcY
-------------------------------------------
Documentation:
https://msrc.microsoft.com/update-guide/vulnerability/ADV210003
-------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
-------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Windows Hello for Business
23 augusti 2021 |
35 min
This week on the Blue Security Podcast, Adam and Andy discuss the enterprise-ready passwordless solution that's already built into your Windows 10 PCs. If your business-class PCs have a TPM, you have everything you need to get started. Listen as Adam and Andy explain how WHFB works, how to address privacy concerns, and how to quickly stand up a POC or Pilot.
----------------------------------------------
Youtube Video Link: https://youtu.be/XK8BmcOSdco
----------------------------------------------
Documentation:
https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Mistakes that hinder a security team's success with Special Guest Nate Gardner
16 augusti 2021 |
20 min
This week, Nate Gardner joins Andy to talk about mistakes that security teams can make that will hinder their success at organizations. And these aren't technical errors. Listen in because these mistakes can mean the difference in getting a tool or policy deployed!
----------------------------------------------
Youtube Video Link: https://youtu.be/YsqCpVPpVII
----------------------------------------------
Documentation:
Nate Gardner: https://www.linkedin.com/in/nate-gardner-infosec/
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Secure Privileged Access
9 augusti 2021 |
46 min
This week, Adam and Andy go through Microsoft's best practice on securing privileged access. This documentation is amazing and extremely detailed. There are some great tips including administration and secure device management.
----------------------------------------------
Youtube Video Link: https://youtu.be/Mmg4ob-6u08
----------------------------------------------
Documentation:
https://docs.microsoft.com/en-us/security/compass/overview
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Windows Defender Application Guard
2 augusti 2021 |
23 min
This week, Adam and Andy continue their series on Windows security by talking about Windows Defender Application Guard. This is a great security feature in Windows 10 that isolates the browser in a hypervisor container. Listen in on the details and how to deploy it!
----------------------------------------------
Youtube Video Link: https://youtu.be/5ZbYWCrlhR8
----------------------------------------------
Documentation:
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Pegasus, Twitter MFA, & Underfunding Infosec
25 juli 2021 |
30 min
This week, Adam and Andy discuss some interesting articles that were published during the week. Pegasus, a suite of mobile phone exploits, was big in the news again. Twitter released a report on their MFA adoption. And an interesting post on Linkedin from a cybersecurity strategist spurred some discussion on underfunding cybersecurity as a strategy.
----------------------------------------------
Youtube Video Link: https://youtu.be/NdPrbfLaEV8
----------------------------------------------
Documentation:
https://www.linkedin.com/posts/yoad-dvir_omg-a-loophole-activity-6817220058859749376-MmQT
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
CISA's RVA findings and what it means for organizations
19 juli 2021 |
51 min
This week, Adam and Andy go over CISA's (Cybersecurity & Infrastructure Security Agency) Risk and Vulnerability Assessments finding for 2020. In CISA's report, there were data driven values for different vectors of attack mapped to the MITRE ATT&CK framework. CISA had many recommendations for mitigation that Adam and Andy talk through.
----------------------------------------------
Youtube Video Link: https://youtu.be/V6LAgb4KvFI
----------------------------------------------
Documentation:
CISA RVA Documents: https://www.cisa.gov/publication/rva
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
The Tech We Use
12 juli 2021 |
42 min
This week, Andy and Adam take a break from cybersecurity and have a little fun talking about the tech they use. They chat about their phones, computers, headphones, mics, and more! Below are links to the products they talk about. Note: This show is not sponsored. All items are purchased through personal means.
----------------------------------------------
Youtube Video Link: https://youtu.be/6Jq8v3aTM-A
----------------------------------------------
Documentation:
Unifi: https://ui.com/consoles/
Asus ZenWifi AX review: https://www.cnet.com/reviews/asus-zenwifi-ax-review/
TP-Link Archer AX90: https://www.nytimes.com/wirecutter/reviews/best-wi-fi-router/
Unraid: https://www.unraid.net/
Synology: https://www.synology.com/en-us
Marco's Podcasting Mics: https://marco.org/podcasting-microphones
Rodecaster: https://rode.com/interfaces-mixers/rodecaster-pro
Podmic: https://rode.com/microphones/podmic
Meze 99 Noir Headphones: https://drop.com/buy/massdrop-x-meze-99-noir-closed-back-headphones
Marco's Headphones: https://marco.org/headphones-closed-portable
Nuraloop: https://www.nuraphone.com/products/nuraloop
Herman Miller Aeron: https://www.hermanmiller.com/products/seating/office-chairs/aeron-chairs/
AK Racing Chair: https://drop.com/buy/akracing-premium-gaming-chair
Arozzi Arena Desk: https://arozzi.com/product/arena/
USB Hub Switch: https://www.amazon.com/Rosewill-Peripheral-Computers-Controller-Included/dp/B07FQT43DM
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Information Protection with Special Guest Rachel O'Shea
5 juli 2021 |
44 min
This week, Rachel O'Shea, a Senior Technical Specialist in Compliance at Microsoft, join Adam and Andy to talk about information protection and governance. Rachel has a wealth of experience in compliance and she talks about some of the tools within Microsoft's suite to help protect information as well as tips to get started and continuous re-evaluation of your compliance program.
----------------------------------------------
Youtube Video Link: https://youtu.be/vet3BKiKEQQ
----------------------------------------------
Documentation:
Rachel O'Shea: https://www.linkedin.com/in/racheloshea/
Microsoft Compliance Center: https://docs.microsoft.com/en-us/microsoft-365/compliance/microsoft-365-compliance-center?view=o365-worldwide
Microsoft Information Protection: https://docs.microsoft.com/en-us/microsoft-365/compliance/information-protection?view=o365-worldwide
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Should you block or allow this app?
28 juni 2021 |
34 min
This week, Adam and Andy talk about what infosec professionals should consider when being asked to block or allow an application.
----------------------------------------------
Youtube Video Link: https://youtu.be/Y8W5LSVpa4M
----------------------------------------------
Documentation:
https://www.wired.co.uk/article/blackberry-india
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Special Episode - Programming Note
21 juni 2021 |
5 min
Adam and Andy have some news to share!
Windows Defender Credential Guard
21 juni 2021 |
27 min
This week, Adam and Andy do a deep technical dive on Windows Defender Credential Guard. This security feature is part of Windows 10 Enterprise and not as broadly deployed as it should be. Learn what it is, how it works, and why you should have this on your roadmap to enable.
----------------------------------------------
Youtube Video Link: https://youtu.be/AQsxdW_iYlU
----------------------------------------------
Documentation:
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
The True Cost of Ransomware
14 juni 2021 |
35 min
This week, Adam and Andy talk about how cyberattacks and ransomware incidents are increasing in frequency and how the financial impact is getting greater both for payments and for recovery. They go over the sometimes hidden costs of a ransomware attack that security practitioners should be aware of to plan and budget for.
----------------------------------------------
Youtube Video Link: https://youtu.be/RB-ujlVfjfU
----------------------------------------------
Documentation:
https://blog.checkpoint.com/2021/05/12/the-new-ransomware-threat-triple-extortion/
https://unit42.paloaltonetworks.com/ransomware-threat-report-highlights/
https://www.fitchratings.com/research/insurance/sharply-rising-cyber-insurance-claims-signal-further-risk-challenges-15-04-2021
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Digital Every Day Carry (EDC)
7 juni 2021 |
43 min
This week, Adam and Andy talk about their digital "Every Day Carry" (EDC). These are tools they use personally on an every day basis to keep themselves and their data safe. They go through each tool and why they use it from phones, to browsers, to what social media accounts they keep. If you have other tools that are interesting that you use, be sure to contact the show and let us know!
----------------------------------------------
Youtube Video Link: https://youtu.be/df2Jd1gCupg
----------------------------------------------
Documentation:
Secure Messaging: https://anchor.fm/blue-security-podcast/episodes/Secure-Messaging-ep42ct
Mac Management: https://anchor.fm/blue-security-podcast/episodes/Mac-Management-with-Special-Guest-Matthew-Ward-and-Matt-Benyo-eu2i3r
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
That Infosec Op-Ed
31 maj 2021 |
46 min
This week, Adam and Andy talk about the op-ed written by Prof Allen Gwinn in The Hill that had the information security community up in arms. They counter his article in a thoughtful way because while many of his ideas are ultimately bad ideas, there are some nuggets of good ideas in there. And at least he got the infosec community talking and doing some self-reflection. Listen in on a balanced counter argument to his op-ed article.
----------------------------------------------
Youtube Video Link: https://youtu.be/W0A8Fbq1fB8
----------------------------------------------
Documentation:
https://thehill.com/opinion/technology/553891-our-cybersecurity-industry-best-practices-keep-allowing-breaches
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Information Security Leadership with Special Guest Doug Turecek
24 maj 2021 |
42 min
This week, Adam and Andy talk with Doug Turecek. Doug has over 25 years of experience in information technology and is currently the Information Security Officer for Exact Sciences. They talk about what it's like to be a senior leader in information security including managing budgets, managing people, and managing expectations from other leaders in the business. If you're in leadership now or considering moving up the corporate ladder in information security, this is the episode for you!
----------------------------------------------
Youtube Video Link: https://youtu.be/6liR4S1Txns
----------------------------------------------
Documentation:
Doug Turecek
LinkedIn: https://www.linkedin.com/in/%C2%A9%EF%B8%8Fdoug-turecek-241847a/
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Colonial Pipeline and other news
17 maj 2021 |
34 min
This week, Adam and Andy talk about the Colonial Pipeline ransomware incident, the executive order President Biden signed on improving cybersecurity, and what infosec professional want to think about when it comes to their own defense and response to a ransomware incident.
----------------------------------------------
Youtube Video Link: https://youtu.be/OreXgsMp0Xs
----------------------------------------------
Documentation:
Cyberspace Solarium Commission: https://www.solarium.gov/
CISA Alert (AA20-049A) Ransomware Impacting Pipeline Operations: https://us-cert.cisa.gov/ncas/alerts/aa20-049a
Executive Order on Improving the Nation’s Cybersecurity: https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Security Change Management
10 maj 2021 |
36 min
This week Andy and Adam talk about security change management. Rolling out a security change or a new security product can be difficult and stressful if not done correctly. It's important to communicate those changes for a smooth user experience. Listen in on tips that Andy and Adam have learned throughout their careers.
----------------------------------------------
Youtube Video Link: https://youtu.be/pNmb0wINY3I
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Browser Security
3 maj 2021 |
41 min
This week Andy and Adam talk about browser security. They break down why it's important to secure your browser's configuration and recommendations on settings for Edge, Chrome, and Firefox. They also dive into some thoughts on privacy and advertising data/telemetry.
----------------------------------------------
Youtube Video Link: https://youtu.be/rJrQrzlZaH4
----------------------------------------------
Documentation:
CISA Guidance: https://us-cert.cisa.gov/publications/securing-your-web-browser
Edge Management: https://docs.microsoft.com/en-us/deployedge/configure-microsoft-edge
Microsoft Defender Application Guard: https://docs.microsoft.com/en-us/deployedge/microsoft-edge-security-windows-defender-application-guard
Chrome Management: https://support.google.com/chrome/a/answer/9710898?hl=en
Chrome Browser Cloud Management: https://support.google.com/chrome/a/answer/9116814?hl=en
Firefox Management: https://support.mozilla.org/en-US/products/firefox-enterprise/policies-customization-enterprise
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Mentorship with Special Guest Matt Wood
26 april 2021 |
37 min
This week Andy and Adam chat with Matt Wood. Matt is an information security manager who was Andy's first mentor in infosec. They talk about the importance of mentorship, what the relationship is like, and how to go about finding a mentor.
----------------------------------------------
Youtube Video Link: https://youtu.be/VQeiA0b8WPs
----------------------------------------------
Documentation:
Matt Wood
LinkedIn: https://www.linkedin.com/in/matthewwood/
Twitter: https://twitter.com/matt_wood
Cyber Mentor Dojo: https://app.cybermentordojo.com/
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
M365 Productivity Tips and Tricks
19 april 2021 |
34 min
This week, Adam and Andy take a break from security and give you their favorite tips and tricks for the M365 Suite. Hopefully you learn something and we'd love to hear your tips and tricks! Email us or send us a DM on Twitter.
----------------------------------------------
Youtube Video Link: https://youtu.be/iwpcXOZYZfo
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Zscaler Security with Raja Khalid
12 april 2021 |
40 min
This week, Adam and Andy chat with Raja on Zscaler, one of our favorite tools when it comes to DNS security (and more!). Zscaler is a scalable security tool that performs category and reputation filtering. It also does advance threat protection, malware sandboxing, DLP, CASB, and a unique take on VPN.
----------------------------------------------
Youtube Video Link: https://youtu.be/T1Rudo8mXss
----------------------------------------------
Documentation:
Raja Khalid
Email: [email protected]
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Mac Management with Special Guest Matthew Ward and Matt Benyo
5 april 2021 |
56 min
This week, Adam and Andy are joined by Matthew Ward and Matt Benyo to talk about Mac Management. Macs are more and more important in enterprises and getting a hold on how to manage them instead of letting the be "the wild west" is extremely beneficial to both device management teams and information security.
----------------------------------------------
Youtube Video Link: https://youtu.be/KTmpdEF8NT4
----------------------------------------------
Documentation:
Leverage enterprise identity and authentication - WWDC 2020 - Videos - Apple Developer
https://developer.apple.com/videos/play/wwdc2020-10139/?time=182
⤴︎ 3:02
"Using local accounts on macOS is our recommendation whenever possible for 1:1 deployments."
Matt Benyo
https://www.linkedin.com/in/matthew-benyo/
https://twitter.com/mattbenyo
Matthew Ward
https://www.linkedin.com/in/mtward/
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
How to get into cybersecurity and the skills you need
29 mars 2021 |
53 min
This week, Adam and Andy cover how people can break into the cybersecurity industry and the skills they might need prior to finding their first job. They cover a range of topics from basic technical knowledge to tools to soft skills to certifications and more. If you're looking at getting into the industry, this episode is for you!
----------------------------------------------
Youtube Video Link:
----------------------------------------------
Documentation:
https://docs.microsoft.com/en-us/learn/
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Azure Sentinel with Special Guest John Joyner
21 mars 2021 |
42 min
This week, Microsoft MVP John Joyner joins the show to talk about Azure Sentinel. If you're in the market for a SIEM or looking to bolster your security tools at your organization, we give you some ideas to think about when it comes to Azure Sentinel and how it can be a very cost-effective way to gain oversight on your company's security posture.
----------------------------------------------
Youtube Video Link: https://youtu.be/FBBYH__6DFo
----------------------------------------------
Documentation
https://docs.microsoft.com/en-us/azure/sentinel/
Sentinel Ninja Training
https://techcommunity.microsoft.com/t5/azure-sentinel/become-an-azure-sentinel-ninja-the-complete-level-400-training/ba-p/1246310
John Joyner: https://twitter.com/john_joyner
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Physical Security with Special Guest Wesley Strey
15 mars 2021 |
35 min
This week, Andy is joined by Wesley Strey to talk about the subdomain of physical security. There are so many great parallels between information security and physical security. We hope listeners walk away with a better understanding of how physical security can affect your information security program.
----------------------------------------------
Youtube Video Link: https://youtu.be/w1l29YHGj3o
----------------------------------------------
Wesley Strey
LinkedIn: https://www.linkedin.com/in/wesley-strey-psp-593503a5/
----------------------------------------------
Contact:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Say Goodbye to Domain Join with Special Guest Shannon Fritz
8 mars 2021 |
61 min
This week, Shannon Fritz joins the show to talk about device identity and why you should start joining your devices to Azure Active Directory. This show is jam packed full of information from dispelling some of the myths of Azure AD joining to what steps to take to begin your Azure AD join journey. We hope you enjoy listening!
----------------------------------------------
Youtube Video Link: https://youtu.be/iO5a21WJhiA
----------------------------------------------
Documentation
Windows 10 Device Management vs Device Identity
https://mrshannon.wordpress.com/2020/06/24/windows-10-device-management-vs-device-identity/
Shannon Fritz: https://twitter.com/mrshannonfritz
----------------------------------------------
Contact Us:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Cloud Application Security Brokers
28 februari 2021 |
40 min
This week, Adam and Andy talk about cloud application security brokers (CASB). The podcast is focused more around Microsoft Cloud App Security but the concepts and use cases can be applied to any CASB solution.
----------------------------------------------
Youtube Video Link: https://youtu.be/j43MFpxMsqE
----------------------------------------------
Documentation
MCAS Ninja Training:
----------------------------------------------
Contact: Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Password Managers
22 februari 2021 |
40 min
This week, Adam and Andy talk about password managers. They discuss on password managers can protect you from phishing attacks, pros/cons of storing your TOTP key within your vault, and compare three different popular password managers on the market: Lastpass, 1Password, and BitWarden.
----------------------------------------------
Youtube Video Link: https://youtu.be/op9TGKlRZDY
----------------------------------------------
Documentation
https://blog.1password.com/totp-and-1password/
https://gmail.googleblog.com/2008/03/2-hidden-ways-to-get-more-from-your.html
https://www.ghacks.net/2013/09/17/can-now-use-email-aliases-outlook-com/
----------------------------------------------
Contact: Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
What is EvilGinx and How do you protect against it?
15 februari 2021 |
42 min
This week, Adam and Andy talk about a Red Team/Pentesting tool called EvilGinx. They explain how this tool works and how cyber-criminals can use it to bypass MFA enabled accounts. Most importantly, they provide several ways to mitigate against this using enterprise driven phishing education campaigns, security awareness training, and device-based conditional access.
----------------------------------------------
Youtube Video Link:
https://youtu.be/a2NLk0GnUJ8
----------------------------------------------
Contact:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Modern Device Management
8 februari 2021 |
45 min
This week, Adam and Andy go over modern device management. They discuss how to use device based conditional access to make access decisions on corporate or personal devices spanning different operating systems in the modern "work from home" and post-COVID world.
----------------------------------------------
YouTube Video Link:
----------------------------------------------
Documentation:
Windows Autopilot
https://docs.microsoft.com/en-us/mem/autopilot/windows-autopilot
Apple Business Manager
Android Enterprise Enrollment
https://www.android.com/enterprise/enrollment/
Android Device Manager Deprecation
https://www.blog.google/products/android-enterprise/da-migration/
JAMF Apple Device Management
----------------------------------------------
Contact:
Website: http://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Instagram: https://www.instagram.com/bluesecuritypodcast/
Facebook: https://www.facebook.com/bluesecpod
----------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Real-world Ransomware Experience with Special Guest Gavin Ashton
1 februari 2021 |
40 min
This week, Adam and Andy speak with Stealthbits security strategist, Gavin Aston. Gavin wrote the blog "Maersk, me & notPetya" and brings a unique percepective to information security defense as someone who's survived a ransomware attack.
Documentation:
Protecting Microsoft 365 from on-premises attacks
Contact:
Gavin Aston
Twitter: @gvnshtn
Andy Jaw
Twitter: @ajawzero
LinkedIn: andyjaw
Email: [email protected]
Adam Brewer
Twitter: @ajbrewer
LinkedIn: adambrewer
Email: [email protected]
----------------------------------------------
Twitter: @bluesecuritypod
Instagram: @bluesecuritypodcast
Facebook: @bluesecpod
Application Security with Special Guest Tanya Janca
25 januari 2021 |
59 min
This week, Adam and Andy speak with application security guru, Tanya Janca, author of Alice and Bob learn Application Security. It was an amazing conversation where they touched on secure app design practices, password requirements, and infosec industry mentorship and education.
Documentation:
Alice and Bob learn Application Security
We Hack Purple Youtube/Podcast
Contact:
Tanya Janca
Twitter: @shehackspurple
LinkedIn: tanya-janca
Andy Jaw
Twitter: @ajawzero
LinkedIn: andyjaw
Email: [email protected]
Adam Brewer
Twitter: @ajbrewer
LinkedIn: adambrewer
Email: [email protected]
----------------------------------------------
Twitter: @bluesecuritypod
Instagram: @bluesecuritypodcast
Facebook: @bluesecpod
Secure Messaging
18 januari 2021 |
37 min
This week, Adam and Andy go over some news about Microsoft Defender for Identity and Intel's new CPU ransomware protection. There was also some news about Whatsapp's new privacy policy. Adam and Andy dive into a comparison of the most popular secure messaging apps including an exploit that would affect all secure messengers.
Documentation:
Whatsapp's Updated Privacy Policy
Secure Messaging Apps Comparison
Contact:
Twitter: @bluesecuritypod
Instagram: @bluesecuritypodcast
Andy Jaw
Twitter: @ajawzero
LinkedIn: andyjaw
Email: [email protected]
Adam Brewer
Twitter: @ajbrewer
LinkedIn: adambrewer
Email: [email protected]
Solarwinds Revisited and Tech Policy under a Biden Administration
11 januari 2021 |
35 min
This week, Adam and Andy revisit some more guidance that has come out about Sunburst/Solarigate since the initial breach. Additionally, they share some thoughts about this week's insurrection at the US Capitol and the cybersecurity implications. Finally, with a Biden administration and a Democratic controlled government, Andy and Adam speculate on what might be taken up as priority when it comes to tech policy.
Documentation:
Microsoft Solarigate Resource Center
Using Splunk to Detect Sunburst Backdoor
Using Microsoft 365 Defender to protect against Solorigate
Understanding "Solorigate"'s Identity IOCs - for Identity Vendors and their customers
Protecting Microsoft 365 from on-premises attacks
Contact:
Twitter: @bluesecuritypod
Instagram: @bluesecuritypodcast
Andy Jaw
Twitter: @ajawzero
LinkedIn: andyjaw
Email: [email protected]
Adam Brewer
Twitter: @ajbrewer
LinkedIn: adambrewer
Email: [email protected]
Information Security Tips & Tricks for Parents
4 januari 2021 |
32 min
Happy New Year! To ring in the new year, this week's episode focuses on parents who are working from home while having to help home school their kids as well. Adam and Andy go through a lot of tips and tricks that will help secure home networks, devices, and cloud accounts.
Documentation:
How to change your wireless router's admin password
3-router method (Stacking routers for security)
Apple's Data Access when personal safety is at risk
Contact:
Twitter: @bluesecuritypod
Instagram: @bluesecuritypodcast
Andy Jaw
Twitter: @ajawzero
LinkedIn: andyjaw
Email: [email protected]
Adam Brewer
Twitter: @ajbrewer
LinkedIn: adambrewer
Email: [email protected]
Merry Christmas! Learn how to spin up your own VM lab and dev environments
27 december 2020 |
34 min
This holiday week, Adam and Andy give you some advice on how to spin up your own virtual machine lab and dev environment. They go through SaaS applications that have free dev environments as well as tools to use to manage VM's. They also give tips on what you can do with that lab environment from testing policies to managing devices in Intune and even learning about tools like Mimikatz and John the Ripper.
Documentation:
Lab Building Guide: Virtual Active Directory
Script to spin up AD controllers quickly
Microsoft Developer Subscription
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Our thoughts on Fireeye, Solarwinds, and Sunburst
21 december 2020 |
34 min
This week, Adam and Andy give you their thoughts on the Fireeye and Solarwinds breach. They also give defenders advice on immediate steps to help strengthen their organizations as well as some future insights on the direction security may be heading in terms on identity and device management. Finally, they give some thoughts on why it is important for security, business, and technical teams need to work as one cohesive unit in order to make security programs successful.
Documentation:
Unauthorized Access of FireEye Red Team Tools
Check Point Response to FireEye Red Team Tools Leak
Becoming resilient by understanding cybersecurity risks: Part 2
Detecting Abuse of Authentication Mechanisms by the NSA
Protecting Microsoft 365 from on-premises attacks
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Passwordless Authentication
14 december 2020 |
38 min
Passwordless authentication is one of those rare features that strengthens security while making it easier for users to sign in. This week, Adam and Andy breakdown passwordless authentication options for enterprises in Windows, Azure AD, and other third party IDP's. They also address concerns about privacy when it comes to biometric data.
Documentation:
Plan a passwordless authentication deployment in Azure Active Directory
Passwordless authentication options for Azure Active Directory
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Conditional Access
7 december 2020 |
35 min
This is it! Adam and Andy are finally diving into conditional access. They give an overview on what conditional access is including different types of conditional access like user, sign-in, and device based. Stick around until the end where Adam gives a great overview on a new feature for Azure AD authentications called Continuous Access Evaluation that changes the duration authentication tokens and how they are evaluated.
Documentation:
Advancing Password Spray Attack Detection
Continuous Access Evaluation in Azure AD is now in public preview!
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Work from Home - Tips and Tricks
30 november 2020 |
26 min
On this week's episode, Andy and Adam give you their tips and tricks for working from home. Having been in mature work from home company cultures, they have insights on what it was like pre and post pandemic. Enjoy!
Documentation:
Rework by Jason Fried and David Heinemeier Hansson
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Our thoughts on Chris Krebs, Infosec Job Security, and Infosec Qualifications
23 november 2020 |
25 min
On this week's episode, Andy and Adam give their thoughts on the firing of Chris Krebs, former director of CISA. They also talk about their opinions on whether a CISO should be fired after a cybersecurity breach. Finally, they discuss if people need to have technical degrees and what qualifications are required to be in infosec.
Documentation:
CISA's Statement on the Nov 3rd Election
IT Director fired after ransomware attack
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Active Directory Security with Special Guest Morgan Patzwald
16 november 2020 |
37 min
This week, Morgan joins Adam and Andy on the podcast to discuss on-prem Active Directory security. They dive into administrator privileges, best practice for account creation, GPO's, and server admins. They also discuss the concept of Privileged Access Workstations (PAW).
Documentation:
Privileged Access Workstations
Morgan Patzwald
Twitter: @morgancpatz
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Single-Sign On (SSO) and Self-Service Password Reset (SSPR)
9 november 2020 |
32 min
This week, Adam and Andy go over why you should think about using an Identity Provider (IDP) to onboard your SaaS apps to use SSO. They also talk about why it's really important to think about what IDP to go with prior to making a decision. Finally, they talk about SSPR and why it's important to implement this feature in your organization.
Documentation:
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
How did we get into information security and career progression advice
2 november 2020 |
43 min
This week, Adam and Andy bring you a bonus episode where they talk about how they got into information security and offer advice on career progression in IT and cybersecurity.
Documentation:
Free Microsoft Developer's Environment
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Ransomware protection - Part 4 - Windows 10 Security, Network Segmentation, Detection and Recovery
26 oktober 2020 |
30 min
This week, Adam and Andy wrap up the ransomware series by first going over controlled folder access in Windows 10 security and Onedrive for Business Known Folder Move. They discuss network segmentation and go into tools and process for detection and incident response. Finally, they conclude with tips on business continuity and disaster recovery when it comes to ransomware and cybersecurity.
Documentation:
Onedrive for Business Known Folder Move
Azure ATP/Microsoft Defender for Identity
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Ransomware Protection - Part 3 - Admin Rights, Email Protection, Phishing Training
19 oktober 2020 |
34 min
This week, Adam and Andy continue the conversation on techniques and tools to protect your organization from ransomware. They dive into the concept of least privileged access and administrative rights, email protection solutions, and phishing/cybersecurity training program concepts for your company.
Documentation:
Exchange Online Protection Overview
Office 365 ATP
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Ransomware Protection - Part 2 - EDR, Patching, and Pentesting
12 oktober 2020 |
32 min
This week, Adam and Andy continue the conversation on techniques and tools to protect your organization from ransomware. They dive into EDR solutions, patching and vulnerability assessment management, and pentesting.
Documentation:
Maersk, me & notPetya:
https://gvnshtn.com/maersk-me-notpetya/
The Untold Story of NotPetya, the Most Devastating Cyberattack in History:
https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Ransomware Protection - Part 1 - Soft Skills and Endpoint Protection
5 oktober 2020 |
34 min
Due to the recent ransomware attacks, Adam and Andy use this episode to kick off a series on how to protect your company from ransomware. We started with how security professionals need to have soft skills in order to be successful at any organization. We followed up with a deep dive on why we believe Microsoft Defender for Endpoint is the most cost effective solution you can deploy.
Documentation:
Microsoft Defender in a Sandbox:
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Enabled MFA!
28 september 2020 |
31 min
In this episode, Adam and Andy talk about why if you have not enabled MFA for your identity provider (IDP), this should be your top priority today. They also talk about steps for implementation and their thoughts on user documentation.
Documentation:
Zerologon Vulnerability
https://www.secura.com/blog/zero-logon
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Geo-restricting IP addresses, Password policies, Defense against password spray attacks
21 september 2020 |
32 min
In this first episode, Adam and Andy discuss whether geo-restricting IP addressing is considered "good" security. They also discuss Azure AD password protection as a method to protect against password spraying attacks.
Documentation:
Overview on Azure AD password protection:
How to deploy Azure AD protection:
Andy Jaw
Twitter: @ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Adam Brewer
Twitter: @ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
00:00
-00:00
En liten tjänst av I'm With Friends. Finns även på engelska.