Developsec: Developing Security Awareness

In this episode, James Jardine talks about how oversharing with network shares is a big problem.  Often times we open shares to too many people and we share sensitive information that shouldn't be shared.   We need to look at how we monitor these shares and how, as a user, we share information on them. Sorry.. seems to have recorded a little quiet this time.Send us a textFor more info go to https://www.developsec.com or follow us on X (@developsec). The DevelopSec podcast is brought to you by Jardine Software Inc.

We all see data breaches happen all the time, daily in most cases.  James talks about how common this is, how companies can handle the situation and how users can be proactive to protect themselves.Send us a textFor more info go to https://www.developsec.com or follow us on X (@developsec). The DevelopSec podcast is brought to you by Jardine Software Inc.

In this episode, James Jardine discusses mobile security and why we need to be thinking about it.  Devices are Powerful these days and we do everything on them.  We can't afford to ignore the security aspect of these devices.

Here we are in 2014 and we still have SQL Injection issues.  James Jardine discusses what SQL Injection is, how attackers take advantage of it and how developers can protect against it. 

In this episode, James Jardine talks about web proxies and how they are used.  Whether you are a developer, QA tester, or pen tester, web proxies are essential to your testing efforts.  Some Proxies discussed:Burp Suite - http://portswigger.net/Fiddler - http://www.telerik.com/download/fiddlerZap Proxy - https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_ProjectSome cool extensions mentioned:Co2 - http://co2.professionallyevil.com/Watcher - http://websecuritytool.codeplex.com/

In this episode, James talks about these external systems that are connected to our networks.  It is speculated that the Target breach was done through an HVAC system that was connected to the Internet.   How many devices these days connect to the internet and have default passwords for the vendor to manage them.  I discuss these ideas and things to think about when working with these systems.

In this episode, James covers some interesting topics about passwords.   Why we use them, what makes one better than another, some password management options and multi-factor authentication.

This is the first episode of the DevelopSec podcast.  The goal behind this podcast is to develop security awareness.  Helping developers gain security knowledge, and also consumers with understanding security in general.  We discuss recent breaches like Target and Neiman Marcus as well as the topics we will be discussing.  We will talk about techniques, tools, and other resources that you can use.