From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly - Episode 474 - 6:00PM

Recorded: July 21, 2016

Episode Audio

[] Coming Soon


Interview: John Kindervag


With more than 25 years of high tech experience, John is best known for creating the highly influential “Zero Trust” model of information security. He currently advises both public and private sector organizations with the design and building of Zero Trust Networks. He holds, or has held, numerous industry certifications, including QSA, CISSP, CEH, and CCNA. John has a practitioner background, having served as a security consultant, penetration tester, and security architect before joining Forrester. He has particular expertise in the areas of secure network design, wireless security, and voice-over-IP hacking. He has been interviewed and published in numerous publications, including The Wall Street Journal, Forbes, and The New York Times. He has also appeared on television networks such as CNBC, Fox News, PBS, and Bloomberg discussing information security topics. John has spoken at many security conferences and events, including RSA, SXSW, ToorCon, ShmoCon, InfoSec Europe, and InfoSec World.

  1. How did you get your start in information security?
  2. What is the Zero Trust network architecture?
  3. Many people ask me what they can do to secure their Big Data deployments and databases and as for best practices, what is your advice?
  4. The decisions people make about whether or not to put data in the cloud seem split, some say "No Cloud", some "Maybe" and some are all in, what advice do you have for those who say "No cloud"? What is the happy medium? Is all-in cloud too much?
  5. How is hunting vampires (and werewolves) similar to looking for "cyber" threats?
  6. What is the best way to "Know your network", we all say this, but what are the best ways to accomplish this goal?
  7. Are we seeing the convergence of traditional IT and security? What are some of the most exciting trends you see in this area?
  8. What advice do you have for those folks listening in search of the following solutions:
    1. DDoS mitigation
    2. Threat Hunting
    3. User behavior analytics
    4. Vulnerability management
    5. Data Loss Prevention
  1. Three words to describe yourself.
  2. If you were a serial killer, what would be your weapon of choice?
  3. If you wrote a book about yourself, what would the title be?
  4. In the popular game of ass grabby-grabby, do you prefer to go first or second?
  5. Choose two celebrities to be your parents.

Tech Segment:

Security News - 7:00PM-8:00PM

Paul's Stories

  1. "Guest Diary
  2. Everything You Need To Know About Web Shells
  3. Drone operator arrested for flying over wildfire
  4. SeaWorld hacker and bomb hoaxer escapes prison sentence
  5. Alex Gibney on Stuxnet and why we need to talk about cyberwar
  6. "Adobe
  7. Gotta Catch ‘Em All! – WORLDWIDE! (or how to spoof GPS to cheat at Pokémon GO) - Insinuator
  8. Is Cloud Computing Really Secure? A Pragmatic Approach
  9. Update now: Macs and iPhones have a Stagefright-style bug!
  10. Ransomware on the Cheap
  11. 15 Vulnerabilities in SAP HANA Outlined
  12. EFF Files Lawsuit Challenging DMCA’s Restrictions on Security Researchers
  13. The Mr. Robot Easter Egg Hunt Has Begun
  14. Bruce Schneier Joins The Tor Project
  15. Cisco Gives You Two Nasty Bugs To Fix Before The Weekend
  16. "Thanks
  17. Hackers Claim Credit For Crashing Pokemon Go
  18. IoT Insecurity: Pinpointing The Problems
  19. The coolest US agency is starting a ‘revolution’ to get rid of computer viruses
  20. WikiLeaks under 'sustained attack' after announcing release of Turkey docs - CNET
  21. IoT spurs surprise surge in assembly language popularity | InfoWorld
  22. Criminals plant banking malware where victims least expect it | Ars Technica

Larry's Stories

Joff's Stories

Jack's Stories

Kevin's Stories

Michael's (Santa) Stories