Episode 12 - OWASP Top 10: Security Logging and Monitoring Failures
The OWASP Top 10 is a widely-used resource for web application security. With the global security community weighing in and contributing, the Top 10 is full of helpful information. This week, Mike Miller dives into one of the Top 10 - Security Logging and Monitoring Failures.
Episode 11 - OWASP Top 10: Security Misconfigurations
The OWASP Top 10 is a widely-used resource for web application security. With the global security community weighing in and contributing, the Top 10 is full of helpful information. This week, Mike Miller dives into just one of the Top 10 that appears year after year: Security Misconfigurations.
Episode 8 - Ransomware
Ransomware is a familiar word, often cited in the news as part of a cyber attack, but what is it? How does it make its way into a network? Mike Miller answers these questions and more, including how organizations can help protect against it, in this week's episode.
Episode 7 - Top Sources for Cybersecurity Intel
Cybersecurity information is abundant and can be overwhelming to sort through to find the most valuable pieces. In this week's appTECH TALK, Mike Miller takes us through his top sources for cybersecurity news, including both people and publications. As an added bonus, he also shares how he uses TweetDeck, a free product of Twitter, that can help sources and collate news in an instant by hashtags.
Episode 6 - What is Social Engineering?
Social Engineering is one of the number one issues when it comes to organizations protecting their networks. Social engineering is when an attacker uses interaction and study of human behavior to manipulate and trick a person into providing information or access. In this week's episode, Mike Miller steps through 3 types of social engineering and shares how a simple box of donuts gave him all the access he could want.
Episode 5 - What is a vCISO?
vCISO, or a virtual Chief Information Security Officer, is part of a security team that can assist an organization to review their security posture from an overall perspective while minimizing the cost of hiring a full-time hire. Learn more about what a vCISO does and how vCISOs can fit into an organization, as well as the benefits.
Episode 4 - Incident Response Plan (IRP)
We never hope to experience a security incident but the possibility cannot be ignored. It is in the best interest of every organization to have an incident response plan (IRP) in place. So what is an IRP and what should be included? How do you know if your plan is adequate? In this week's episode, Mike Miller walks us through the key aspects of an IRP and how to get started.
Episode 3 - Remediation
You've had a penetration test done and have your report of vulnerabilities - now what? In this week's episode of appTECH TALK, Mike Miller takes us through an overview of vulnerabilities and severity, remediation v mitigation, and his thoughts on how to prioritize your action plan.