7MS #427: Interview with Ameesh Divatia from Baffle
7 Minute Security12 Aug 2020

7MS #427: Interview with Ameesh Divatia from Baffle

Today we're thrilled to welcome Ameesh Divatia from Baffle back to the program. We first met Ameesh back in episode 349 and today he's back to discuss a slew of additional hot security topics, including:

Misconfigured cloud databases

  • Why is this such a common issue, and how can we address it?
  • Wait wait wait...I just spun up a machine in Azure, AWS, Digital Ocean, etc. Isn't it secure because....it's the cloud?
  • What tools can we use to better secure our cloud databases?
  • How can we secure sensitive information as we migrate it from LAN side to the cloud?

CCPA (California Consumer Privacy Act)

  • What is the CCPA? How does it relate to GDPR?
  • If I'm a Californian, what can I demand to know from companies as far as how they're using my data? What can't I demand to know?
  • Will CCPA inspire folks to scrub their data from the hands of big companies and go more "off the grid?"
  • Does CCPA only apply to California residents and companies?

Secure data sharing

  • What are the current challenges with secure data sharing in terms of monitoring the flow of data within their systems and their partners’ systems, while addressing privacy concerns?

  • What are some of the common mistakes companies make when sharing sensitive data internally or with partners/clients?

  • What is Secure Multiparty Compute (SMPC) and how can it help with secure data sharing?

Episoder(696)

7MS #24: Why Wireless Scares Me (audio)

7MS #24: Why Wireless Scares Me (audio)

This episode is all about why you should (probably not) use wireless hotspots, and keeping yourself safe in general when surfing the Web. Download: 7MS #24: Why Wireless Scares Me (audio)

16 Aug 20147min

7MS #23: OSCP – part 2 (audio)

7MS #23: OSCP – part 2 (audio)

In this episode I talk more about my adventures with OSCP and Offensive Security! . Download: 7MS #23: OSCP – part 2 (audio) Show notes: I recommend documenting ALL the exercises in the PDF. My understanding is that extra effort could be rewarded if you don’t do so hot on your final exam. Buffer overflows make…

9 Aug 20147min

7MS #22: Phishing with Black Squirrel (audio)

7MS #22: Phishing with Black Squirrel (audio)

In this episode I talk about using Black Squirrel to launch phishing campaigns! Download: 7MS #22: Phishing with Black Squirrel (audio) Show notes: Security Weekly is an excellent podcast/resource. Devour it regularly. Black Squirrel is the main tool discussed in this podcast. I’ve been using it for phishing campaigns and it’s been excellent in that capacity.

27 Jul 20147min

7MS #21: OSCP – part 1 (audio)

7MS #21: OSCP – part 1 (audio)

In this episode I talk about my venture into Offensive Security! . Download: 7MS #21: OSCP – part 1 (audio) Show notes: It’s official – I have a death wish and have started the OSCP training. This episode is the first of what I hope will be a multi-part, spoiler-free series about my experience with OSCP. With…

20 Jul 20147min

7MS #20: Moving from GoDaddy to DNSimple (audio)

7MS #20: Moving from GoDaddy to DNSimple (audio)

In this episode I talk about why I’m pulling my domains from GoDaddy, and making DNSimple their new home. Download: 7MS #20: Moving from GoDaddy to DNSimple (audio) Show notes: The service I’m talking about in this podcast is DNSimple. Troy Hunt‘s humorous/awesome article pushed me over the edge and convinced me to give DNSimple a…

15 Jul 20147min

7MS #19: Kioptrix! (audio)

7MS #19: Kioptrix! (audio)

In this episode I talk about a deliciously vulnerable series of VMs called Kioptrix, and how you can use them to sharpen your pentesting skills. Download: 7MS #19: Kioptrix! (audio) Show notes: The Kioptrix series of VMs is here: http://www.kioptrix.com/blog/test-page/ and here: http://vulnhub.com/?q=kioptrix&sort=date-des&type=vm. Got approved for my OSCP training and I start it in a few…

5 Jul 20147min

7MS #18: Wireless Security 101 (audio)

7MS #18: Wireless Security 101 (audio)

In this episode I talk about some wireless security basics that we’re not seeing when out on assessments. Download: 7MS #18: Wireless Security 101 (audio) Show notes: WEP encryption is very, very bad. It’s easy to crack. Don’t use it. Wifite will demonstrate how easy it is to crack WEP. Stronger encryption such as WPA/WPA2…

22 Jun 20147min

7MS #17: How to Pass the Certified Ethical Hacker Exam (audio)

7MS #17: How to Pass the Certified Ethical Hacker Exam (audio)

In this episode I share my experience with EC-Council’s Certified Ethical Hacker training and exam. Download: 7MS #17: How to Pass the Certified Ethical Hacker Exam (audio) Show notes: Here’s info on the CEH training and test outline. I took my CEH training through UFairfax with instructor Leo Dregier. See this post I wrote that…

14 Jun 20147min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
forklart
popradet
aftenpodden-usa
stopp-verden
fotballpodden-2
nokon-ma-ga
dine-penger-pengeradet
det-store-bildet
frokostshowet-pa-p5
rss-ness
rss-penger-polser-og-politikk
aftenbla-bla
e24-podden
bt-dokumentar-2
rss-gukild-johaug
unitedno
rss-dannet-uten-piano
rss-borsmorgen-okonominyhetene