7MS #281: Baby's First Banking Infosec Conference
7 Minute Security11 Loka 2017

7MS #281: Baby's First Banking Infosec Conference

I went to my first ever banking-focused infosec conference a few weeks ago (WBA's Secure-IT) and learned a ton.

I met some really great people and had many productive conversations around security. The main takeaways from the conference that I talk about in today's episode:

  • Standing all day and talking about security is exhausting!

  • You can thwart "swag whores" (sorry mom, but I learned that that's what they're called!) by pushing your merch table deep into the booth so it's touching the rear curtain. That way people have to go through your "people perimeter" and engage in conversation with you in order to be granted access to the swag!

  • From the conversations I had with the staff at these small banks, they're definitely wanting to slurp up as much helpful info from the sessions as possible. Specifically, finding ways to better improve security posture using free/cheap tools is ideal!

  • I attended a few sessions that got my blood boiling. The outline of these talks went something like this (slight exaggeration added, but not much):

    • Hackers are way smarter and more physically attractive than you, and they can get by all your defenses with ease
    • You're helpless, hopeless, and not physically attractive
    • Luckily we (Vendor X) are here and we offer our patented Super Solution Y that will thwart the APTs 100% of the time, no question, guaranteed

  • People don't appreciate being talked down to, nor do they want to be shamed, blamed or scared into making security better.

More on today's episode...

Jaksot(696)

7MS #87: Presenting the Right Findings to the Right Audience

7MS #87: Presenting the Right Findings to the Right Audience

Today I talk about challenge I run into when I'm delivering to a mixed audience of C-level folks and IT people. How do you keep things high level enough so everybody "gets it" but also go level enough that the recommendations have some teeth?

20 Elo 20157min

7MS #86: OSWP-The Final Chapter!

7MS #86: OSWP-The Final Chapter!

This episode concludes the gripping, thrilling, exciting, awesome-ing, death-defying, unsettling, rattling series on OSWP (Offensive Security Wireless Professional). Specifically, I talk (as much as I can without getting into trouble) about the exam and give you some pointers to pass it!

18 Elo 20157min

7MS #85: What is The Penetration Testers Framework (PTF)?

7MS #85: What is The Penetration Testers Framework (PTF)?

Need an easy way to create a modular/mobile kit of pentest tools to take with you from machine to machine? And ALSO be able to update all those modules in one command? Then check out the PTF! That's what we're talkin' about on today's podcast.

14 Elo 20157min

7MS #84: DIY Pwn Pad

7MS #84: DIY Pwn Pad

Hey have you heard of Pwn Pads? They're an awesome network pentesting tool that leverages a Nexus tablet - which you can either buy right from Pwnie Express, or create your own if you have a certain model of Nexus lying around. I just happened to have the right Nexus model around, so this podcast episode chronicles my trial and error (mostly error) in making a DIY Pwn Pad! P.S. to get the Android tools installed on Ubuntu 14.04, run these commands: -- sudo add-apt-repository ppa:nilarimogard/webupd8 sudo apt-get update sudo apt-get install android-tools-adb android-tools-fastboot --

12 Elo 20157min

7MS #83: Wifi Pineapple First Impressions

7MS #83: Wifi Pineapple First Impressions

in this episode I talk about my first hands-on experience with a Wifi Pineapple, and why you'll probably want one too.

6 Elo 20158min

7MS #82: OSWP-Part 3

7MS #82: OSWP-Part 3

The OSWP series is coming to a close. One final episode today and then the four-quel episode will be all about the test!

4 Elo 20157min

7MS #81: OSWP-Part 2

7MS #81: OSWP-Part 2

A continuation of our thrilling, exciting, mind-blowing series on OSWP (Offensive Security Wireless Professional)!

30 Heinä 20158min

7MS #80: OSWP-Part 1

7MS #80: OSWP-Part 1

This episode kicks off a multi-part series all about the OSWP (Offensive Security Wireless Professional) certification.

28 Heinä 20157min

Suosittua kategoriassa Politiikka ja uutiset

aikalisa
rss-ootsa-kuullut-tasta
ootsa-kuullut-tasta-2
politiikan-puskaradio
rss-podme-livebox
viisupodi
the-ulkopolitist
otetaan-yhdet
rss-vaalirankkurit-podcast
et-sa-noin-voi-sanoo-esittaa
linda-maria
rss-polikulaari-humanisti-vastaa-ja-muut-ts-podcastit
rss-kaikki-uusiksi
rss-50100-podcast
rss-toisten-taskuilla
helsingin-sanomat-dev
rss-kovin-paikka
rss-hyvaa-huomenta-bryssel
rss-raha-talous-ja-politiikka