Welcome to Cyber Pulse episode 9!

Our guest this episode is Laura Bell Main, a global leader in developing secure software, and experienced keynote and conference speaker, presenting at BlackHat USA, RenderATL, and leading international software development and cyber security conferences. With over twenty years of experience in software development and cyber security, she is the co-author of "Agile Application Security" (O’Reilly Media)  and "Security for Everyone" (Holloway). Her work has been featured in many international publications, including  WIRED and MIT Tech Review. As the CEO of SafeStack, a leading secure development education platform, she helps software development leaders worldwide engage their entire team in building secure software.

In this episode we talk about how Laura Bell Main got started in AppSec, the beautiful chaos of software, the biggest challenge in app sec, balancing security with the need for rapid software development, the most common security mistakes developers make, helping engineering teams understand the risks they pose, practical ways organizations can improve their secure development practices, one security principle every developer should follow, emerging trends in AppSec, and the skills the next generation of security professionals should be focusing on.

In our news Pulse, DaVita, a major U.S. kidney dialysis provider, has confirmed a ransomware attack that hit parts of its network over the weekend, potentially disrupting operations.

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 8!

Our guest this episode is Chloé Messdaghi, a recognized expert in Responsible AI and cybersecurity, focused on creating secure, ethical, and transparent AI systems. She collaborates with companies, governments, and NGOs to advocate for stronger cybersecurity and Responsible AI policies, and has advised on key legislation, including work with the White House. Named a Power Player by Business Insider and SC Media, Chloé is a respected speaker and thought leader dedicated to advancing technology and social progress.

In this episode we talk about AI transparency, minimizing bias, data and privacy concerns, the moral and ethical dilemmas and security risks of AI, overreliance on AI, and the challenges of being a woman in the male-dominated tech field.

In our news Pulse, we celebrate Women's History Month by shining a spotlight on the incredible women shaping technology and cybersecurity, and organizations like Girls Who Code, Women in Cybersecurity (WiCyS), and the Cybersecurity and Infrastructure Security Agency (CISA) are creating opportunities to close the gender gap.

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 7!

Our guest this episode is John Hammond, cybersecurity researcher, educator and content creator. As part of the Adversary Tactics team at Huntress, John spends his days analyzing malware and making hackers earn their access. He has developed training material and information security challenges for events such as PicoCTF and competitions at DEFCON US. John speaks at security conferences such as BsidesNoVA, to students at colleges such as the US Naval Academy, and other online events including the SANS Holiday Hack Challenge/KringleCon. He is an online YouTube personality showcasing programming tutorials, CTF video walk-throughs and other cyber security content.

In this episode, we talk about threat actors moving away from malware, how to stay aware of the threat landscape, skills to focus on for career growth, the benefits of justhacking.com and other training sites, why you need soft skills in technical jobs, living off the land, getting into content creation, which are the best security conferences, and how we can increase awareness for those not in the field.

In our news Pulse, we celebrate Black History Month by recognizing the invaluable contributions of African Americans to the fields of information technology and cybersecurity, naming just a few of the people who have not only advanced technology but have also been instrumental in creating a safer and more secure digital world.

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 6!

Our guest this episode is Tanya Janca, best-selling author of ‘Alice and Bob Learn Application Security,’ Head of Community and Education at Semgrep, and founder of We Hack Purple, an online learning academy, community, and podcast that revolved around teaching everyone to create secure software.

In this episode we talk about Tanya's new book 'Alice and Bob Learn Secure Coding.' This book covers multiple learning styles for every topic and can take you from Novice to Expert. Learn the top coding mistakes and how to avoid them, the importance of secure coding when cyber-crime is in the billions annually, some secure coding misconceptions, and why SOC and GRC need to understand secure coding. All of this brought to you with humor, insight, and real world examples in 10 coding languages and eight frameworks.

In our news Pulse, a new hacking group known as the "Belsen Group" has leaked the data from over 15,000 FortiGate devices onto the dark web - configuration files, IP addresses, digital certificates, and VPN credentials.

Topics discussed: Importance of Secure Coding, Polymorphism, Top Coding Mistakes, Secure Coding Misconceptions, SOC and GRC and Secure Coding

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html
Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 4!

Our guest this episode is Tim Medin, CEO of Red Siege Information Security. Tim is also a Senior Instructor and course author (SEC560) at SANS. Tim has gained information security experience in a variety of industries including previous positions in control systems, higher education, financial services, and manufacturing. Tim is the creator of the Kerberoasting, a widely utilized Red Team penetration test technique to extract Kerberos tickets.

We talk about what penetration testing is, why it's important to business, how to fail faster to be better, how you can get started in the field, and hear some stories from Tim's past.

In our News Pulse, how hackers are using corrupted Word documents to evade security.

Topics discussed: penetration testing, kerberoasting, hacking, company security, getting into the field.

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse Special Holiday episode!

Our guest this episode is Kennedy Taylor, the amazing host of #CyberChats. She is experienced in Governance Risk and Compliance (GRC), Information Risk Management (IRM), and Cybersecurity Supply Chain Risk Management, with a Master's from Georgetown University.

We talk about simple things everyone can do to make their online holiday shopping and regular shopping safer, more secure, and make themselves less vulnerable.

Topics discussed: Stick to Trusted Retailers, Use Secure Payment Methods, Watch Out for Too-Good-to-Be-True Deals, Be Cautious with Public Wi-Fi, Enable Two-Factor Authentication, Use Strong, Unique Passwords, Be Wary of Email Phishing Scams, Monitor Your Accounts, Avoid Excessive Sharing of Personal Info, Keep your Device Updated

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 3!

Our guest this episode is Tanya Janca, best-selling author of ‘Alice and Bob Learn Application Security,’ Head of Community and Education at Semgrep, and founder of We Hack Purple, an online learning academy, community, and podcast that revolved around teaching everyone to create secure software.

We talk about application security (app sec), what it is, why it's important, and how to use it to keep evil hackers from doing unintended things with your software. Also, how you can develop your skills in app sec and secure coding. During the show, we bring up a Netflix movie on the Ashley Madison hack; it's title is "Ashley Madison: Sex, Lies & Scandal."

In our News Pulse, we talk about threat actors using a new ZIP file concatenation attack to deliver malware to Windows systems without being detected.

Topics discussed: Application Security (app sec), Secure Coding, Web Application Security, Common Security Issues, ZIP file concatenation attack

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse!

Our guest this episode is Robert Lee, CEO and co-founder of Dragos. We discuss the importance of Operational Technology, Industrial Control Systems, and Supervisory Control and Data Acquisition systems in our cyber world. What is OT/ ICS? Why is OT and ICS important to modern society? How is security for these systems different? Have there been any major attacks on industrial systems?

Also in this episode, GoldenJackal's malware toolset for infecting air-gapped systems.

Topics discussed: Operational Technology (OT), Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), IT vs OT, Infrastructure attacks, OT/ ICS security, GoldenJackal APT

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Hello, and welcome to our kick-off episode of Cyber Pulse!

Welcome to Cyber Pulse, the latest podcast from the creators of CyberChats, brought to you by the National Cryptologic Foundation. If you're passionate about cybersecurity, intrigued by the evolving landscape of cyber threats, or simply want to stay ahead of the curve in this fast-paced digital world, you're in the right place.

Cyber Pulse is more than just a podcast—it's your go-to source for deep dives into the most pressing issues in cybersecurity today. We’re here to pulse-check the heartbeat of the cyber world, delivering expert insights, thought-provoking discussions, addressing both the technical and ethical challenges of cybersecurity, and giving you actionable takeaways that you can apply directly to your work and life.

Each episode will bring you candid conversations with leading voices in the cyber community, from industry innovators and government officials to top academics and frontline cybersecurity professionals. We’ll explore the challenges that keep them up at night and the strategies they’re using to safeguard our digital future.

Topics discussed: Cyber Pulse launch

Never miss an episode by signing up for our podcast newsletter at:
https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at:
https://cryptologicfoundation.org/community/cyberpulse-podcast.html