CCT 355: Zapier Breach Lessons For Cloud Security and Setting Up TPRM Program in 15 Minutes
CISSP Cyber Training Podcast - CISSP Training Program4 Jun

CCT 355: Zapier Breach Lessons For Cloud Security and Setting Up TPRM Program in 15 Minutes

Send us Fan Mail The breach that takes down a company often does not kick in the front door. It walks in through a “simple” integration you set up months ago, powered by a token no one remembered to rotate. We start with a real-world Zapier-style scenario and unpack how researchers chained together a harmless-looking code block, an AWS Lambda environment, and a misconfigured IAM role to reach private repository files and ultimately an NPM token that could enable a supply chain attack. From t...

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(360)

CCT 356: Supply Chain Attacks Are Exploding in 2026 — Here's What the NCSC Wants You to Do

CCT 356: Supply Chain Attacks Are Exploding in 2026 — Here's What the NCSC Wants You to Do

Send us Fan Mail Your software is only as trustworthy as the dependencies you quietly inherit and attackers know it. Today I break down the NCSC warning on software supply chain security and why open ...

8 Jun 41min

CCT 354: Data Security Controls and Compliance Requirements for the CISSP (Domain 2.3) - REPLAY

CCT 354: Data Security Controls and Compliance Requirements for the CISSP (Domain 2.3) - REPLAY

Send us Fan Mail Your firewall can be patched tomorrow, but what about the place your system hides its real secrets today? We start with a timely warning about a serious Fortinet FortiGate vulnerabili...

1 Jun 37min

CCT 353: AI Agent Governance Essentials - CISSP Practice Questions

CCT 353: AI Agent Governance Essentials - CISSP Practice Questions

Send us Fan Mail AI agents are landing in production faster than most security teams can track them, and the scariest part is how normal they can look. When an autonomous agent runs the same workflow ...

28 Mai 28min

CCT 352: Data Security Controls and Compliance Requirements for the CISSP (Domain 2.3) - REPLAY

CCT 352: Data Security Controls and Compliance Requirements for the CISSP (Domain 2.3) - REPLAY

Send us Fan Mail Your security program can be airtight and still get wrecked by someone else’s breach. We open with a Wired-style reality check: third-party app ecosystems and data brokers collecting ...

25 Mai 40min

CCT351: BitLocker Bypass Reality Check (YellowKey) and CISSP Practice Questions

CCT351: BitLocker Bypass Reality Check (YellowKey) and CISSP Practice Questions

Send us Fan Mail BitLocker feels like a safety net until you see how a single bypass can change the whole risk picture. Today we react to the Yellow Key vulnerability (noted in the news and referenced...

21 Mai 24min

CCT 350: Investigation Types Made Simple - CISSP Training (Replay)

CCT 350: Investigation Types Made Simple - CISSP Training (Replay)

Send us Fan Mail Default passwords are the kind of problem everyone “knows” about and yet they still open doors for attackers every day. We start with a quick reality check on router security and why ...

18 Mai 44min

CCT 349: FOXCONN Hack and Domain 7 CISSP Practice Questions

CCT 349: FOXCONN Hack and Domain 7 CISSP Practice Questions

Send us Fan Mail Eight terabytes of stolen schematics is not just a scary number, it is a reminder that cyber risk becomes business risk fast. We start with the Wired report on the Foxconn ransomware ...

14 Mai 28min

Populært innen Fakta

fastlegen
dine-penger-pengeradet
relasjonspodden-med-dora-thorhallsdottir-kjersti-idem
foreldreradet
jakt-og-fiskepodden
rss-bisarr-historie
treningspodden
rss-strid-de-norske-borgerkrigene
mikkels-paskenotter
rss-kunsten-a-leve
sinnsyn
hverdagspsyken
gravid-uke-for-uke
hagespiren-podcast
lederskap-nhhs-podkast-om-ledelse
dopet
rss-sunn-okonomi
uroskolen
rss-mind-body-podden
rss-kull