Insider threats and security concerns for APIs.
Guest Inon Shkedy, security researcher at Traceable and API project leader at OWASP Foundation, talks with Dave about the risks various types of insider threats pose to APIs, we have some follow-up fr...
11 Mar 202138min
SOC Triad (noun) [Word Notes]
A best practice for framing cyber intelligence critical information requirements that recommends collecting and consolidating data from three specific sources: endpoint, network and log.
9 Mar 20215min
Fraud activity within secure messaging apps in plain sight.
Guest Brittany Allen of Sift joins Dave to talk about a new fraud ring on Telegram where bad actors leverage the app to steal from on-demand food delivery services, Joe's story involves two of the fiv...
4 Mar 202141min
supply chain attacks (noun) [Word Notes]
Also known as a third-party attack or a value-chain attack, advisory groups gain access to a targeted victims network by first infiltrating a business partner's network that has access to the victim's...
2 Mar 20215min
How likely are online users to reveal private information?
Guest Professor Lior Fink from Ben Gurion University shares insights from their study on "How We Can Be Manipulated Into Sharing Private Information Online," Dave's story is some good news about a Nig...
25 Feb 202133min
taint analysis (noun) [Word Notes]
The process of software engineers checking the flow of user input in application code to determine if unanticipated input can affect program execution in malicious ways.
23 Feb 20214min
Including your passwords in your final arrangements.
Guest Sara Teare who is known as 1Password's Minister of Magic talks with Dave about things that people don't consider like custody of the digital keys to your stuff online, Dave and Joe share some li...
18 Feb 202141min
ATM skimming (noun) [Word Notes]
The process of stealing ATM customer credentials by means of physically and covertly installing one or more devices onto a public ATM machine.
16 Feb 20214min
