OwlTail

Cover image of Ephemeral Security

Ephemeral Security

Interviews and fun with professionals, hackers, and everything in between

Popular episodes

All episodes

Warning: This podcast data isn't working.

This means that the episode rankings aren't working properly. Please revisit us at a later time to get the best episodes of this podcast!

Podcast cover

Sandeep Lahane - Deepfence

Chat with Sandeep Lahane, CEO of Deepfence, on how ThreatStryker is changing the game for Cloud Workload Protection.  We go deep in to the product's unique full SSL decryption and packet capture capability, identification of an organizations most vulnerable endpoints, and automated workflows to remediate compromised systems. Episode Show Notes: Sandeep Lahane - https://www.linkedin.com/in/sandeep-lahane-b9520a4/ Deepfence - https://deepfence.io/ Review of Deepfence's sandbox environment - https://brakertech.com/deepfence-cloud-native-workload-protection-for-infosec-pros/ Links: Podcast Website: https://ephemeralsecuritypodcast.com Blog: https://brakertech.com Github: https://github.com/ssstonebraker Social: LinkedIn: https://www.linkedin.com/in/stevestonebraker Twitter: https://twitter.com/brakertech Credits: Intro music by Margo Stonebraker

48mins

15 Jun 2022

Rank #1

Podcast cover

Ryan Fried - Senior Security Engineer & Adjunct Professor

Chat with Ryan Fried about being and adjunct professor in the Cyber Security space, being a virtual CISO and talking to executives, purple teaming, true positive security incidents, validating your controls and what you think you know, and Atomic Red Team.  Episode Show Notes: Ryan Fried - https://www.linkedin.com/in/ryan-fried-65747938/ Atomic Red Team - https://github.com/redcanaryco/atomic-red-team Bloodhound - https://github.com/BloodHoundAD/BloodHound Checkov - https://www.checkov.io/ Links: Podcast Website: https://ephemeralsecuritypodcast.com Blog: https://brakertech.com Github: https://github.com/ssstonebraker Social: LinkedIn: https://www.linkedin.com/in/stevestonebraker Twitter: https://twitter.com/brakertech Credits: Podcast edited and mastered by Charlie Clark, https://www.fiverr.com/chuckaudio Intro music by Margo Stonebraker

1hr 6mins

8 Jun 2022

Rank #2

Similar Podcasts

Podcast cover

Lisa Falzone and Michael Green - Athena Security

Chat with Lisa Falzone and Michael Green of Athena Security Athena Security focuses on Entryway Security - https://www.athena-security.com/ Guests Michael Green, CEO and Co-Founder Lisa Falzone, President and Co-Founder Show Notes https://ephemeralsecuritypodcast.com/athena-security/ Podcast edited and mastered by Charlie Clark, https://www.fiverr.com/chuckaudio Intro music by Margo Stonebraker 

33mins

16 May 2022

Rank #3

Podcast cover

Ethan Heilman – BastionZero

Chat with @Ethan_Heilman, CTO of @getBastionZero on how they are adding additional security when accessing remote infrastructure. BastionZero adds an additional separate Multi Factor Authentication into the authentication process and has a unique multi-root security model.  Ethan can be found at:  LinkedIn: https://www.linkedin.com/in/ethan-heilman-39896934/ Twitter: https://twitter.com/Ethan_Heilman  //Show Notes// BastionZero's website - https://www.bastionzero.com/  Video on how multiple MFA works with Bastion Zero - https://brakertech.com/aws-systems-manager-session-manager-on-steroids/ Podcast edited and mastered by Charlie Clark, https://www.fiverr.com/chuckaudio Intro music by Margo Stonebraker  //Chapter Timestamps//  00:00:41 Meet Ethan Heilman  00:01:10 When did you first use a computer?  00:01:29 How did you get into Information Security  00:02:42 Crypto Company to Bastion Zero  00:05:08 Multiparty Computation  00:06:07 Certificate Authorities  00:08:13 AWS PrivateLink/VPC Endpoints  00:10:38 How does Bastion Zero Work?  00:14:55 Shared Responsibility  00:16:50 Dynamic Targets  00:19:46 What does the term "Zero Trust" mean to you?  00:21:01 Proxying HTTP  00:23:17 SELinux  00:23:45 Privileged Access Management  00:27:35 AWS Root Account  00:33:26 Separate Admin Accounts  00:36:12 API Keys  00:40:58 Response for product in the wild?  00:45:11 Stopping Ransomware  00:52:26 Phishing 01:01:21 Modifying Linux Pluggable Authentication Module 01:06:18 Goodbye

1hr 7mins

8 May 2022

Rank #4

Most Popular Podcasts

Podcast cover

Devin Casadey – Global Red Team Lead

Chat with @DevinCasadey, Managing Principal / Global Red Team Lead. Devin's Certifications: OSCE3 (OSWE, OSEP, OSED), OSCP, OSCE, OSEE, OSWP, eCTHP, GCPN  Devin can be found at: Hack the Box: https://www.hackthebox.eu/profile/28293 HTB & CTF Team: https://www.hackthebox.eu/teams/profile/1685 Github: https://keramas.github.io/about.html LinkedIn: https://www.linkedin.com/in/devin-casadey-198117b/ Twitter: https://twitter.com/DevinCasadey  Show Notes  Don't Roll Your Own: Devin's Writeup for how he decoded the database (referenced in the episode) - https://keramas.github.io/2022/05/03/dont-roll-your-own.html EvilGinx: Man in the Middle Two Factor Auth - https://github.com/kgretzky/evilginx2  Chapter Timestamps 01:09 -- Why are you passionate about Infosec? 02:17 -- First use a computer? 05:31 -- What are you doing now? 06:16 -- Best way to hone skills? 07:54 -- Difference between Redteaming and Pentesting 09:12 -- Are Pentesters ever asked to emulate APTs? 11:51 -- Do you test different EDR Vendors? 16:18 -- Test Scenario 17:42 -- Do you have to write custom exploits for engagements? 23:31 -- Do you tell vendors you can bypass their EDR product? 26:02 -- Trying to get caught by Security Team 27:21 -- What can customers do to get the most out of a pentesitng engagement? 32:09 -- Pentest Client Behavior 35:56 -- Linux Boxes 37:11 -- Windows Security 40:30 -- Found Machine Already Compromised? 41:44 -- Pentest Planning 43:46 -- Memorable Engagements 47:07 -- Zero Trust 53:44 -- Initial Point of Entry 58:55 -- Okta Breach 01:01:27 -- Triple MFA 01:02:53 -- Avoid Burnout? 01:05:00 -- Joining a Redteam 01:09:44 -- Any Passion Projects? 01:10:21 -- Goodbye Links: Podcast Website: https://ephemeralsecuritypodcast.com Blog: https://brakertech.com Github: https://github.com/ssstonebraker Social: LinkedIn: https://www.linkedin.com/in/stevestonebraker Twitter: https://twitter.com/brakertech

1hr 11mins

5 May 2022

Rank #5

Podcast cover

Mike Wyatt: CYDERES

Chat with Mike Wyatt, Chief Security Officer at CYDERESMike can be found at:https://twitter.com/cleverexploit https://www.linkedin.com/in/cleverexploit/Note: This episode has chapters embedded in the file!

1hr 8mins

22 Apr 2022

Rank #6

Podcast cover

Cyclops Blink

The Cyclops Blink botnet is explained (how it worked) and a question is posed to the guests if this should be considered an act of Cyber WarGuests: Matt Wright and Brad LindsleyEpisode Extras: https://ephemeralsecuritypodcast.com/cyclops-blink/ (includes diagram of botnet, link to the court order to disrupt the botnet, and more)

23mins

12 Apr 2022

Rank #7

Podcast cover

Iman Joshua: Vimeo

Guest: Iman Joshua - Head of Information Security at VimeoHost: Steve Stonebraker stevestonebraker.com Special ThanksAudio Editing and Sound - Adam Joesph - https://www.adamjosephsounds.com/Theme music - Margo Stonebraker - codewithmargo.com

47mins

9 Dec 2021

Rank #8

Podcast cover

Deidre Diamond: CyberSN

Interview with CyberSN founder Deidre Diamond, who is redefining passive recruiting for cybersecurity professionals and throwing the resume out the window.Guest:Deidre Diamond, Founder and CEOCyberSN.comHost:Steve Stonebrakerbrakertech.comSpecial Thanks:Theme music - Margo Stonebraker - codewithmargo.com

48mins

16 Aug 2021

Rank #9

Podcast cover

Information Security Career Do-over: Joe South, Jason Thorn, Shane Armbrister

What would you do differently if you could start your Information Security career over again?Special Thanks:Audio Editing and Sound - Adam Joesph - daseinazam.wixsite.com/websiteTheme music - Margo Stonebraker - codewithmargo.comHost:Steve StonebrakerInformation Security Manager, Architecture & EngineeringOSCP (Offensive Security Certified Professional)AWS Certified Security - SpecialtyAWS Certified Solutions Architect - AssociateAWS Certified SysOps  Administrator - AssociateAWS Certified Cloud Practitionerhttps://brakertech.com https://ephemeralsecuritypodcast.com https://aolunderground.comGuests:Joe SouthSenior Cloud Security EngineerCISSPAWS Certified Security - SpecialtyAWS Certified Cloud PracticionerHost of the "Security Unfiltered" Podcasthttps://securityunfiltered.buzzsprout.com/Jason ThornInformation Security ManagerGIAC Advisory BoardGIAC Penetration TesterGIAC Certified Incident HandlerGIAC Certified Forensic AnalystShane ArmbristerIT Security Analyst - Team leadSplunk Certified AdminGIAC Security Essentials CertificationSound used in the episode:Alice In the City by Jeris(c) copyright 2013Licensed under a Creative Commons Attribution (3.0) license.http://dig.ccmixter.org/files/VJ_Memes/43424 Ft: OrrisrootTo See The Past by Hayden Folker | https://soundcloud.com/hayden-folkerMusic promoted by https://www.free-stock-music.comCreative Commons Attribution 3.0 Unported Licensehttps://creativecommons.org/licenses/by/3.0/deed.en_US

55mins

4 Aug 2021

Rank #10