Automatic Attack Disruption with OAuth Protection

This week, Adam and Andy are joined by Matthew Ward and Matt Benyo to talk about Mac Management. Macs are more and more important in enterprises and getting a hold on how to manage them instead of letting the be "the wild west" is extremely beneficial to both device management teams and information security. ---------------------------------------------- Youtube Video Link: https://youtu.be/KTmpdEF8NT4 ---------------------------------------------- Documentation: Leverage enterprise identity and authentication - WWDC 2020 - Videos - Apple Developer https://developer.apple.com/videos/play/wwdc2020-10139/?time=182 ⤴︎ 3:02 "Using local accounts on macOS is our recommendation whenever possible for 1:1 deployments." Matt Benyo https://www.linkedin.com/in/matthew-benyo/ https://twitter.com/mattbenyo Matthew Ward https://www.linkedin.com/in/mtward/ ---------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ---------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

5 Apr 202156min

This week, Adam and Andy cover how people can break into the cybersecurity industry and the skills they might need prior to finding their first job. They cover a range of topics from basic technical knowledge to tools to soft skills to certifications and more. If you're looking at getting into the industry, this episode is for you! ---------------------------------------------- Youtube Video Link: https://youtu.be/kMN05pe0WnU ---------------------------------------------- Documentation: https://www.rangeforce.com/ https://tryhackme.com https://www.hackthebox.eu/ https://letsdefend.io/ https://docs.microsoft.com/en-us/learn/ ---------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ---------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

29 Mars 202152min

This week, Microsoft MVP John Joyner joins the show to talk about Azure Sentinel. If you're in the market for a SIEM or looking to bolster your security tools at your organization, we give you some ideas to think about when it comes to Azure Sentinel and how it can be a very cost-effective way to gain oversight on your company's security posture. ---------------------------------------------- Youtube Video Link: https://youtu.be/FBBYH__6DFo ---------------------------------------------- Documentation https://docs.microsoft.com/en-us/azure/sentinel/ Sentinel Ninja Training https://techcommunity.microsoft.com/t5/azure-sentinel/become-an-azure-sentinel-ninja-the-complete-level-400-training/ba-p/1246310 John Joyner: https://twitter.com/john_joyner ---------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ---------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

21 Mars 202142min

This week, Andy is joined by Wesley Strey to talk about the subdomain of physical security. There are so many great parallels between information security and physical security. We hope listeners walk away with a better understanding of how physical security can affect your information security program. ---------------------------------------------- Youtube Video Link: https://youtu.be/w1l29YHGj3o ---------------------------------------------- Wesley Strey LinkedIn: https://www.linkedin.com/in/wesley-strey-psp-593503a5/ ---------------------------------------------- Contact: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ---------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

15 Mars 202134min

This week, Shannon Fritz joins the show to talk about device identity and why you should start joining your devices to Azure Active Directory. This show is jam packed full of information from dispelling some of the myths of Azure AD joining to what steps to take to begin your Azure AD join journey. We hope you enjoy listening! ---------------------------------------------- Youtube Video Link: https://youtu.be/iO5a21WJhiA ---------------------------------------------- Documentation Windows 10 Device Management vs Device Identity https://mrshannon.wordpress.com/2020/06/24/windows-10-device-management-vs-device-identity/ Shannon Fritz: https://twitter.com/mrshannonfritz ---------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ---------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

8 Mars 20211h 1min

This week, Adam and Andy talk about cloud application security brokers (CASB). The podcast is focused more around Microsoft Cloud App Security but the concepts and use cases can be applied to any CASB solution. ---------------------------------------------- Youtube Video Link: https://youtu.be/j43MFpxMsqE ---------------------------------------------- Documentation MCAS Ninja Training: https://techcommunity.microsoft.com/t5/microsoft-security-and/the-microsoft-cloud-app-security-mcas-ninja-training-is-here/ba-p/1877343 ---------------------------------------------- Contact: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ---------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

28 Feb 202140min

This week, Adam and Andy talk about password managers. They discuss on password managers can protect you from phishing attacks, pros/cons of storing your TOTP key within your vault, and compare three different popular password managers on the market: Lastpass, 1Password, and BitWarden. ---------------------------------------------- Youtube Video Link: https://youtu.be/op9TGKlRZDY ---------------------------------------------- Documentation https://blog.1password.com/totp-and-1password/ https://gmail.googleblog.com/2008/03/2-hidden-ways-to-get-more-from-your.html https://www.ghacks.net/2013/09/17/can-now-use-email-aliases-outlook-com/ ---------------------------------------------- Contact: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ---------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

22 Feb 202140min

This week, Adam and Andy talk about a Red Team/Pentesting tool called EvilGinx. They explain how this tool works and how cyber-criminals can use it to bypass MFA enabled accounts. Most importantly, they provide several ways to mitigate against this using enterprise driven phishing education campaigns, security awareness training, and device-based conditional access. ---------------------------------------------- Youtube Video Link: https://youtu.be/a2NLk0GnUJ8 ---------------------------------------------- Contact: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ---------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

15 Feb 202141min