There are many tools and utilities around security and network management, and in this episode of Enterprise Linux Security, Jay and Joao discuss some of their favorites.
-
Enterprise Linux Security Episode 28 – Second Factor Authentication
Through the course of the podcast so far, Jay and Joao have discussed foundational topics, as well as news and current trends. In this episode, second factor authentication is discussed. This foundational episode will go over what it is, why you should use it, and also some of the things that can potentially weaken its benefit.
Downloads
-
Enterprise Linux Security Episode 27 – People Problems
In the industry, we spend a great deal of time hardening our security, doing our due diligence when it comes to patching, implementing firewalls, avoiding EOL software, as well as many other aspects of our security focus. But unfortunately, even a well thought out implementation of common security controls can be rendered useless if we miss the low hanging fruit – such as training our employees and making sure they understand how serious security is, and how they can help. In this episode, Jay and Joao will discuss that and more.
Downloads
-
Enterprise Linux Security Episode 26 – The State of Enterprise Linux Security management
We talk a lot about patching on this podcast, and the reason for that is because a lot of organizations don’t seem to handle this important aspect of security very well. A recent patching report from the Ponemon institute seems to reflect this, and the stats regarding patching definitely don’t look good. In this episode of Enterprise Linux Security, Jay and Joao discuss some of the findings within this report.
Downloads
Related Links
-
Enterprise Linux Security Episode 25 – News Roundup
In the 25th episode of Enterprise Linux Security, Jay and Joao catch up on a few things in the news, including the results of a recent Internet Crime Report, and more!
Downloads
Related Links
-
Enterprise Linux Security Episode 23 – Busting 5 IT Security Myths
Cyber security is a huge topic, and through the years the industry changes rapidly to keep up with current threats and related challenges. As a result, some of the beliefs and mindsets we’ve adopted in the industry have changed as well. In this episode, Jay and Joao discuss 5 myths in the security industry that either need to be adjusted, or downright debunked.
Download:
Relevant links:
- Time for password expiration to die (SANS)
- Death of the Password? (Wired)
-
Enterprise Linux Security Episode 22 – Certificates
Encryption is a great benefit to take advantage of, especially when it comes to hosting web sites. But how exactly do TLS certificates work? In this episode, Jay and Joao discuss foundational concepts surrounding certificates, as well as some advice and recommended practices.
Download:
-
Enterprise Linux Security Episode 20 – Cloud Governance
Cloud Computing is all the rage these days – but what happens when a company moves to the cloud to quickly? While cloud computing can be a very rewarding technology, it can also get out of hand quite quickly. In this video, Joao and Jay discuss the concept of Cloud Governance, something that any organization that utilizes the cloud can (and should) take advantage of.
Download links
Relevant links
-
Enterprise Linux Security Episode 19 – The 2021 RBS Year-End Vulnerability Report
2021 is now in the past, but there’s some very interesting details in the year-end vulnerability report produced by RBS. These details give us a look at some of the trends that will impact 2022 and beyond. In this episode, Joao and Jay discuss the report and some of its findings.
Download links
Relevant links
-
Linux Crash Course – sudo
When you need to run Linux commands with elevated privileges, sudo is the tried and true method to run commands as another user (such as root). In this introductory tutorial, we’ll take a look at some of the inner-workings of sudo.
-
Enterprise Linux Security Episode 17 – Polkit & LUKS CVE’s
The New Year is just beginning, and we already have a few important CVE’s to discuss, this time around Polkit and LUKS. The CVE numbers for these vulnerabilities are CVE-2021-4034 and CVE-2021-4122 respectively. In this episode, Jay and Joao discuss these vulnerabilities.
Relevant links
-
Enterprise Linux Security Episode 16 – Library Poisoning
We’ve discussed supply-chain attacks in the past, and now it’s time to see an actual example that happened recently. However, this particular incident is especially unique as the libraries in question were allegedly poisoned by the actual developer. In this episode, Joao and Jay discuss the recent sabotage regarding two very popular NPM libraries.
