 https://blog.teamascend.com/6-phases-of-incident-response  https://www.securitymetrics.com/blog/6-phases-incident-response-plan   Recent vulnerabilities got Bryan thinking about incident response.  Are organizations speedy enough to keep up? If the spate of vulns continue, what can we do to ensure we are dealing with the most important issues? How do we communicate those issues to management? How should we handle the workload? Testing of your IR costs money, do you have budget for that? (verodin, red-team) Restoring backups, extra VPC or azure environment   Incidents occur You have to minimize issues, right? But is there a good way of doing that? Simplify your environment?  Spend time working on the CIS 20? You gotta plan for that and show value vs effort.   Incident response is an ever changing landscape.    What is the goal of IR? Minimize damage Identify affected systems Recover gracefully and quickly? Does your environment allow for quick recovery? What does ‘return to normal’ look like? The goal of business Make money Incidents should just be considered part of doing business (risks) The more popular, the more likely the attack   Incident timeframe = criteria for getting back to normal.   PICERL is a cycle, and one of continual improvement. Incident response is not ‘one and done’. 

2021-030-incident response, business goal alignment, showing value in IR -p2

A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace.  Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.

Technology

Tech News

Podcasting

Gadgets

Software How-To

News

Youtube VOD: https://youtu.be/G3PxZFmDyj4   #appsec, #owasp, #ASVS, #joshGrossman, #informationsecurity, #SBOM, #supplychain, #podcast, #twitch, #brakesec, #securecoding, #Codeanalysis  Questions and topics: 1. The background to the topic, why is it something that interests you? How do you convince developers to take your course? 2. What do you think the root cause of the gap is? 3. Who is causing the gaps? (‘go fast’ culture, overzealous security, GRC requirements, basically everyone?) 4. Where do gaps begin? Is it the ‘need’ to ‘move fast’? 5. What can devs do to involve security in their process? Sprint planning? SCA tools? 6. How have you seen this go wrong at organizations? 7. How important is it to have security early in the product development process? 8. What sort of challenges do you think mainstream security people face in AppSec scenarios? 9. How does Product Security differ from Application Security? (what if the product is an application?) 10. What are the key development concepts that security people need to be familiar with to effectively get involved in AppSec/ProdSec? 11.. How do you suggest a security team approach AppSec/ProdSec?                Leadership buy-in                Effective/valuable processes                Tools should achieve a goal 12. SBOM - NTIA is asking for it, How to get dev teams to care. 13. Key takeaways? Additional information / pertinent LInks (Would you like to know more?): BlackHat Training: https://www.blackhat.com/us-24/training/schedule/index.html#accelerated-appsec--hacking-your-product-security-programme-for-velocity-and-value-virtual-37218 https://www.walkme.com/blog/leadership-buy-in/ https://www.bouncesecurity.com/  https://www.teamgantt.com/blog/raci-chart-definition-tips-and-example https://www.cisa.gov/sbom SCA Tools https://chpk.medium.com/top-10-software-composition-analysis-sca-tools-for-devsecops-85bd3b7512dd  https://semgrep.dev/  https://www.linkedin.com/in/joshcgrossman   https://owasp.org/www-project-application-security-verification-standard/  https://github.com/OWASP/ASVS/tree/master/5.0 https://owasp.org/www-project-cyclonedx/ https://joshcgrossman.com/ PyCon talk about custom security testing: https://www.youtube.com/watch?v=KuNZzDjvMlg  Michal's Black Hat course - Accurate and Scalable: Web Application Bug Hunting: https://www.blackhat.com/us-24/training/schedule/index.html#accurate-and-scalable-web-application-bug-hunting-37210   https://www.blackhat.com/us-24/training/schedule/index.html#accurate-and-scalable-web-application-bug-hunting-372101705524544  ASVS website: https://owasp.org/asvs  Lightning talk I did recently about OWASP: https://www.bouncesecurity.com/eventspast#f86548cb37cb2a82728b1762bd1b7aee   Show points of Contact: Amanda Berlin: @infosystir @hackershealth  Brian Boettcher: @boettcherpwned Bryan Brake: https://linkedin.com/in/brakeb  Brakesec Website: https://www.brakeingsecurity.com Youtube channel: https://youtube.com/@brakeseced Twitch Channel: https://twitch.tv/brakesec

Josh Grossman - building Appsec programs, bridging security and developer gaps

  Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time based on new information and experiences and do not represent views of past, present, or future employers.     Recorded: 08 Apr 2024   Youtube VOD: https://www.youtube.com/watch?v=K8qApvsFtqw     Show Topic Summary: If you want to get in the mind of a board member, I submit to you my discussion with Mary Gardner we did last night on #brakesec #education. Join Mary and I as we discuss the functions of a board, messaging to various levels of leadership and teams, and what it takes to make that leap to being a CISO. And when you're done, and you need someone to help your org get more mature, contact the team at GoldiKnox. #cybersecurity #informationsecurity #ciso #leadership #GRC       Questions and topics:     https://hbr.org/2023/05/boards-are-having-the-wrong-conversations-about-cybersecurity    “Just 69% of responding board members see eye-to-eye with their chief information security officers (CISOs). Fewer than half (47%) of members serve on boards that interact with their CISOs regularly, and almost a third of them only see their CISOs at board presentations. “    They obviously have different priorities, so what brings everyone to the table to discuss? Are they even worried about security?      Tactical goals vs. org goals and aligning them    What are boards most worried about these days?     Staying relevant in the face of AI?    What tech will protext them from the newest threats?      GRC is forced security, security is completely optional, Compliance requires some sort of security       Additional information / pertinent LInks (Would you like to know more?):    Research organizations (gartner, forrester, etc)    https://goldiknox.com/      https://www.linkedin.com/pulse/board-needs-help-planning-cybersecurity-start-here-daniel-briley-k7xzc     https://hbr.org/2022/11/is-your-board-prepared-for-new-cybersecurity-regulations     https://www.justice.gov/usao-ndca/pr/former-chief-security-officer-uber-sentenced-three-years-probation-covering-data       Show points of Contact:   Amanda Berlin: @infosystir @hackershealth    Brian Boettcher: @boettcherpwned   Bryan Brake:  https://linkedin.com/in/brakeb    Brakesec Website:  https://www.brakeingsecurity.com   Youtube channel:  https://youtube.com/@brakeseced   Twitch Channel:  https://twitch.tv/brakesec   Discord:  https://discord.gg/brakesec

Managing messaging with management, becoming a CISO with Mary Gardner from Goldiknox

  Full Youtube VOD: https://www.youtube.com/watch?v=uX7odQTBkyQ        Questions and topics:    Let’s talk about Mindful Business Podcast    What’s the topics you cover?      Topic #1: discuss your experiences when you were a new leader.     What worked? What didn't? What would you have done differently?    Do you emulate your manager's style? What have been your go-to management resources?     What is a good piece of advice that you’ve been given or that you impart to others that relates to leadership?      Topic #2: building/Operating SaaS products (we can discuss securing them, what functions should be table stakes (data structures, logging, etc)    Topic #3: What are bare minimums for building ‘secure’ Saas products in your particular field? And how do you balance security with a positive user experience (i. e. getting customers to buy into MFA/OAUTH, OTA updates    Topic #4: Do many SaaS products get over-integrated? Is the need for integration override best practices in security?      Additional information / pertinent LInks (Would you like to know more?):    Twitter/Mastodon: https://twitter.com/AccidentalCISO https://infosec.exchange/@accidentalciso    The Mindful Business Security Show: https://www.mindfulsmbshow.com/ https://twitter.com/mindfulsmbshow         Show points of Contact:   Amanda Berlin: @infosystir @hackershealth    Brian Boettcher: @boettcherpwned   Bryan Brake:  https://linkedin.com/in/brakeb    Brakesec Website:  https://www.brakeingsecurity.com   Youtube channel:  https://youtube.com/@brakeseced   Twitch Channel:  https://twitch.tv/brakesec

p2-accidentalCISO, building trust in new places

  Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time based on new information, and do not represent views of past, present, or future employers.     Recorded: 28 Jan 2024   Youtube VOD: https://youtube.com/live/uX7odQTBkyQ     Questions and topics:    Let’s talk about Mindful Business Podcast    What’s the topics you cover?      Topic #1: discuss your experiences when you were a new leader.     What worked? What didn't? What would you have done differently?    Do you emulate your manager's style? What have been your go-to management resources?     What is a good piece of advice that you’ve been given or that you impart to others that relates to leadership?      Topic #2: building/Operating SaaS products (we can discuss securing them, what functions should be table stakes (data structures, logging, etc)    Topic #3: What are bare minimums for building ‘secure’ Saas products in your particular field? And how do you balance security with a positive user experience (i. e. getting customers to buy into MFA/OAUTH, OTA updates    Topic #4: Do many SaaS products get over-integrated? Is the need for integration override best practices in security?      Additional information / pertinent LInks (Would you like to know more?):    Twitter/Mastodon: https://twitter.com/AccidentalCISO https://infosec.exchange/@accidentalciso    The Mindful Business Security Show: https://www.mindfulsmbshow.com/ https://twitter.com/mindfulsmbshow      Show points of Contact:   Amanda Berlin: @infosystir @hackershealth    Brian Boettcher: @boettcherpwned   Bryan Brake:  https://linkedin.com/in/brakeb    Brakesec Website:  https://www.brakeingsecurity.com   Youtube channel:  https://youtube.com/@brakeseced   Twitch Channel:  https://twitch.tv/brakesec

AccidentalCISO on BrakeSecEd, talking Leadership, SaaS development, and Appsec

It's our 10th anniversary and the first show of our 2024 season! Amanda was on "7 minute security" https://7minsec.com/projects/podcast   Check out the complete VOD at https://youtu.be/vbmEtkxhAMg Explicit language warning   www.brakeingsecurity.com https://twitch.tv/brakesec https://bit.ly/brakesecyt  

2021-030-incident response, business goal alignment, showing value in IR -p2

Download our free app to listen on your phone