The Security Roundtable
By Michael Santarcangelo | Catalyst Media
To listen to an audio podcast, mouse over the title and click Play. Open iTunes to download and subscribe to podcasts.
Podcast Description
Extending the conversation around how people think about and protect information. Hosted by Michael Santarcangelo (The Security Catalyst) and Martin McKeay.
| Name | Description | Released | Price | ||
|---|---|---|---|---|---|
|
1 |
Security Roundtable for October 11, 2008 | The world of blogging, podcasting and social media is a dynamic –and dominant – force in the way individuals share and consume information. In this fast-paced approach to sharing, we stop to consider the ethics involved. With the help of Jennifer Leggio - social media expert, former journalist and friend of the Security Roundtable – we tackle the issue of ethics. During this highly informative roundtable discussion, we tackle the responsibility (and credibility) of bloggers, podcasters and especially the individual responsibility of those consuming the information. This episode is packed with ideas and comments that will get the juices flowing. If you want to continue to conversation with us – join us in the Security Catalyst Community (just pay attention to the naming standard – you must use your real name). Learn more about the participants: Jennifer Leggio http://blogs.zdnet.com/feeds/ http://mediaphyter.wordpress.com/ http://twitter.com/mediaphyter Martin McKeay http://www.mckeay.net/ http://netsecpodcast.com/ http://twitter.com/mckeay Michael Santarcangelo http://www.securitycatalyst.com/ http://www.intothebreach.com/ (books now available – eBook or hardcover) http://twitter.com/catalyst | 10/22/08 | Free | View In iTunes |
|
2 |
Security Roundtable for September 27, 2008 | Social media and social networking continue to spread – and that includes the security community. If you have heard about twitter, wondered about a service that begins with ‘twit’ and have pondered the advantages and concerns – listen in to the Security Roundtable that discusses those very points. Our guest for this episode is Zach – security professional, friend of the show and curator of the Security Twits list. Twitter: www.twitter.com Zach: http://twitter.com/quine Michael: http://twitter.com/catalyst Martin: http://twitter.com/mckeay Security Twits: http://n0where.org/security-twits/ Next Recording: Saturday, October 11, 2008 @ 10a Eastern – look for the live stream (and your chance to participate) around 10:15. | 10/1/08 | Free | View In iTunes |
|
3 |
Security Roundtable for September 13 2008 | Welcome to the September 13, 2008 Security Roundtable. I know, we missed August – despite our best attempts (we recorded a flop – my fault – that we will make up and bring to you in the future). The time away gave us a chance to sit and plan. Whacky, right? As a result, Martin McKeay and I are evolving (improving) the Security Roundtable! Starting now, we’ll be recording every other week at 7 am Pacific/10a Eastern on Saturday mornings. And we’ll be streaming the recording live (http://hak5radio.com:8000/srt.mp3.m3u), opening a chat session and encouraging more bloggers and podcasters to join us. Of course, we will continue to distribute the recordings through this site – so if you have to do yard work, watch the kids, make us breakfast… you won’t miss a thing. The discussion continues in the Security Catalyst Community, too. In fact, in some cases, it may even start there… Our goal is simple: keep the program simple, under an hour and relevant while blending together the voices of the community. This is also an opportunity for members of the community to participate through segments. Rather than have a larger, static “panel” of people, we’re exploring more voices, shorter segments and more interactive. We’d love to know what you think, what you want to hear and if you want to be involved. While we consider this recording to be an experiment – it is a show where I learned from the conversation. In fact, I look forward to listening to it again. Our guest for the show is Marc Massar, Principal Solutions Architect at Venafi. I had interviewed Venafi previously (and liked their approach) and was happy to welcome Marc to the program. Our rules are/were simple: no sales pitch. Marc didn’t need the rules – he’s got a solid background and jumped right into a meaty discussion about the industry and how we can improve our solutions. Security Roundtable for September 13th, 2008 The next SRT will be recorded on September 27th, 2008 at 7:00 a.m. PDT. Martin will be at the McKeay Global HQ (with coffee) and I will be in Vegas, with Mountain Dew. The first program in October – we’ll both be in the same town, and are working now to be in the same place at the same time. Watch out! Want to be involved? Drop us a note and let us know… | 9/17/08 | Free | View In iTunes |
|
4 |
Security Roundtable for July 2008: Battling Botnets with Botnets | The July discussion started by exploring the concept of battling botnets with botnets. The genesis of the conversation was the paper, “Phalanx: Withstanding Multimillion-node Botnet,” written by Colin Dixon, Arvind Krishnamurthy and Tom Anderson. This came around the time buzz was being generated around the entire concept of battling botnets with botnets, and we decided to explore it with an open discussion that included ethics and unintended consequences. As it turns out – the discussion was that, and more. Much more. This discussion brought forth the value of the Security Roundtable – since we left with more questions than when we started. This is good! When listening to the discussion, perhaps it will stimulate even more questions! Thanks to the panel: Colin Dixon | http://www.cs.washington.edu/homes/ckd/ Andrew Hay | http://www.andrewhay.ca/ Martin McKeay | www.mckeay.net Michael Santarcangelo | www.securitycatalyst.com & www.intothebreach.com The discussion ran a bit longer than we alloted, yet even on our review listen proved worth every minute. We raised some interesting questions and look forward to sharing the conversation with you. This is only the beginning and we invite you to share your ideas, insights and feedback in the Security Catalyst Community. Additional Links Mentioned http://www.cs.washington.edu/homes/ckd/ –> you can download the paper here http://www.icir.org/vern/papers/cdc-usenix-sec02/ Joining the conversation in the Security Catalyst Community Share your ideas in the Security Catalyst Community. Your participation is your currency (means no charge to join) – the more you contribute the more you learn and the more valuable the community becomes to everyone (so dive in and share). If you have not yet registered, please remember to use firstname.lastname as the standard. | 7/9/08 | Free | View In iTunes |
|
5 |
Security Roundtable for June 2008: Clarion Call of the Jericho Forum | If you believe the Jericho Forum has called for the end to firewalls, then you need to stop what you’re doing and take a listen to this month’s Security Roundtable. After attending an interesting discussion during RSA, Martin and I invited the Jericho Forum to join us at the roundtable to talk more about what Jericho Forum is, an what it does. We learned a lot and share the discussion with you… Joining us on the program: Michael Santarcangelo – The Security Catalyst and author of Into the Breach Martin McKeay – Host of the Network Security Podcast and Captain Privacy Chris Hoff – Luminary and Jogger Paul Simmonds (bio below) – Co-Founder Jericho Forum Shane Buckley (bio below) – CEO Rohati Systems Learn more about Jericho Forum: http://www.opengroup.org/jericho/ Paul Simmonds, Co-founder and board of management Jericho Forum & former CISO, ICI Until May 2008 Paul Simmonds was the CISO at ICI (www.ici.com). Paul’s varied career has included Electronic counter-measures, Theatre Lighting, North Sea Oil control systems, JET (Nuclear Fusion Research) and commercial radio. Prior to joining ICI in 2001 he was Head of Information Security with a high security web hosting company and before that spent seven years with Motorola, as global information security manager. Paul was awarded European Chief Security Officer of the year at the 2005 SC Magazine Awards and is listed in both the 2004 & 2005 global top 50 most powerful people in networking by the US publication Network World. Paul sits on the management board of the Jericho Forum and the Executive Advisory Board of ISSA UK. He also is a British Canoe Union Level 3 Kayak Coach. Shane Buckley, President & CEO, Rohati Systems, Inc. Shane Buckley is the President and Chief Executive Officer at Rohati Systems, Inc. Buckley comes to Rohati with more than 20 years of global executive and general management expertise, having held senior executive positions in the United States, Europe, the Middle East and Asia-Pacific. Before taking the helm at Rohati, Buckley served as Chief Operating Officer at Nevis Networks, Inc. a leader in network access control. Previously, he was Vice President of Worldwide Enterprises for Juniper Networks. Prior to that, he served as the International President of Peribit Networks, the leader in Network Optimization. Juniper Networks purchased Peribit in June 2005 for $380M. Before Peribit, Buckley served as Chief Executive Officer of Conduit Software, a provider of Directory Assistance and Wireless Applications solutions. Previously, he was Vice President, EMEA at 3Com. In this role, he managed a $2.2 billion business unit and was responsible for 3Com’s distribution strategy, OEM partnerships and reseller channels. Buckley also chaired 3Com’s Global Distribution Council, was a member of the company’s worldwide OEM steering team, and served as 3Com’s head of operations for the Asia-Pacific Region based in Hong Kong and Tokyo. Buckley is a frequent speaker at high-level industry trade shows and events such as Gitex, CeBIT and The Wall Street Journal Europe conference. He has also contributed to a number of magazines and news programs including MSNBC, SABC and Middle East Business news. He holds an engineering degree from the Cork Institute of Technology in Ireland. | 6/11/08 | Free | View In iTunes |
|
6 |
Security Roundtable for May 2008 | RSA Conference – Beyond the Hype | For the May SRT, we welcomed: Dr. Anton Chauvakin | http://chuvakin.blogspot.com/ James Costello | http://genesyswave.blogspot.com/ Jennifer Leggio | http://mediaphyter.wordpress.com/ Martin McKeay | http://www.mckeay.net/ Michael Santarcangelo | http://www.securitycatalyst.com/ We discussed the RSA 2008 conference from a variety of perspectives. | 5/14/08 | Free | View In iTunes |
|
7 |
September Security Round Table: Do we have privacy anymore? | Welcome to the Security Round Table for September, where our panel of passionate security and privacy professionals considers the question: Do we have privacy anymore? Our Panel Michael Santarcangelo – Moderator – expert on changing the way people protect information. www.securitycatalyst.com & www.intothebreach.com Rebecca Herold – Information security, privacy and compliance professor, writer and consultant. http://www.realtime-itcompliance.com & http://www.privacyguidance.com Andrew Hay – Manager of Integration Services @ Q1 Labs, blogger (http://www.andrewhay.ca), author (OSSEC Host-based Intrusion Detection) Dr. Anton Chuvakin – Chief Logger and Blogger from the “No privacy – ‘get over it!’ camp” - http://www.securitywarrior.org Martin McKeay – Affectionately called Cpt. Privacy by Mike Rothman, he still refuses to wear tights and a cape (especially the tights) http://www.mckeay.net Dan York – Producer and Co-Host, Blue Box: The VoIP Security Podcast – http://www.blueboxpodcast.com/ & http://www.voipsa.org/blog/ Talking points Definition of privacy How does privacy in the 21st century differ from privacy in the 20th century and before? How have the attitudes of government and the populace changed privacy in the last decade? Does the average end user understand privacy? Online databases What can we do today and can we recover the privacy we’ve lost (or never had)? Coming in October In October we will be exploring the role/value of end-user awareness with a panel of differing opinions. If you are responsible for creating an end-user awareness program – this is an episode you will not want to miss! As an added bonus, we’re going to start using Talk Shoe for our monthly SRT episodes – and after the show taping, Security Catalyst Community (http://www.securitycatalyst.org) members will have the option to participate in a live Q&A session. If you have ideas for topics or want to be invited to serve on one of our panels, contact me directly at securitycatalyst@gmail.com | 9/23/07 | Free | View In iTunes |
|
8 |
The Security Round Table for August 2007 – Security Career Success | The August Security Round Table podcast assembled an expert panel to explore the keys to a successful security career - and how you can find the perfect job for you. We recorded this discussion on Tuesday, August 14th 2007 and present it now for your listening pleasure. | 8/17/07 | Free | View In iTunes |
|
9 |
The Security Roundtable for February 2007 – OpenID | We’re back! Dan York, Martin McKeay and Michael Santarcangelo came together to revitalize the SRT effort and concept. First up – Dan York led an effort to research and put together a program on OpenID. In this episode, we explore the question, “what is open ID and should we care?”- Dan York, Blue Box: The VoIP Security Podcast- Martin McKey: The Network Security Podcast- Michael Santarcangelo: The Security CatalystThese show notes are going to be swamped with links and information about OpenID. A HUGE thank you to Dan York for an amazing effort, here. This is actually the single best collection of OpenID links I’ve yet to see.If you feel like discussing OpenID (or looking to find some positive and passionate security professionals), come discuss this in the Security Catalyst Community: http://community.securitycatalyst.com/forums/index.phpHere is the OpenID thread: http://community.securitycatalyst.com/forums/index.php/topic,46.0.htmlNOTE – found another recent (Dec 2006) podcast about OpenID:- blog entry – http://herestomwiththeweather.blogspot.com/2006/12/openid-podcast.html (interesting notes about moving a site over to OpenID)- MP3 – http://www.stuffopolis.com/interactive/openid.mp3- Outline – http://www.stuffopolis.com/interactive/openid_talk.txt Main focus of the show – what is OpenID and why should you care? Why is OpenID in the news right now? Microsoft Announcement at RSA generated news – announced by Bill Gates in keynote: Microsoft view: http://www.identityblog.com/?p=668 JainRain view: http://kveton.com/blog/2007/02/06/cardspace-openid-working-together/ Sxip Identity: http://identity20.com/?p=90 Netmesh: http://netmesh.info/jernst/Digital_Identity/cardspace-openid.html Brad Fitzpatrick (who wrote OpenID back at LiveJournal): http://brad.livejournal.com/2287909.html - see the TailRank summary for follow-on commentary Digg adopts OpenID: http://www.techcrunch.com/2007/02/20/kevin-rose-at-fowa-digg-adopts-openid Slashdot discussion – good comments: http://yro.slashdot.org/comments.pl?threshold=0&mode=thread&commentsort=0&op=Change&sid=221002 Excellent summary – “Five Key Takeaways from Microsoft, OpenID Announcement“Other recent news – AOL support OpenID: http://journals.aol.com/panzerjohn/abstractioneer/entries/2007/02/15/aol-and-openid-where-we-are/1406It also appears that AOL enabled OpenID support for all 63 million AIM users! – http://chimprawk.blogspot.com/2007/02/is.html What is OpenID? What problem is it trying to solve? Main OpenID website – http://www.openid.net/Wikipedia – http://en.wikipedia.org/wiki/OpenIDCommunity marketing – http://iwantmyopenid.org/illustrated overviews: OpenID 1.1 protocol flow – http://openid.net/pres/protocolflow-1.1.png http://www.openidenabled.com/openid/openid-protocol OpenID pingpong – http://enthusiasm.cozy.org/archives/2005/05/openid-part-iii-pingpong/ Screencast – http://simonwillison.net/2006/openid-screencast/ Presentation – http://identity20.com/media/ETECH_2006/ – great history of web identity systems – gets into company-specific stuff at the end, but does a nice overall job. OpenID specification- http://openid.net/specs.bmlZDNet: “The Case for OpenID” – http://blogs.zdnet.com/digitalID/?p=78 How does it work? See http://openid.net/about.bmlList of presentations at http://openid.net/presentations.bmlOpenID screencast – http://simonwillison.net/2006/openid-screencast/From http://www.openidenabled.com/openid/about-openidGood description of process (from Microsoft’s Kim Cameron ): An interaction starts with the user telling the RP (relying party) what her URL is (1). The RP consults the URL content to determine where the user’s IP is located (not shown). Then it redirects the user to her IP (identity provider) to pick up an authentication token, as shown[...] | 3/15/07 | Free | View In iTunes |
|
10 |
Security Round Table Episode #6 | Finally, the sixth episode of the Security Round Table! Earlier this month we had the opportunity to talk with Krishna Kurapati, Chief Technology Officer of Sipera Systems. We know that Intstant Messaging is in the workspace and is increasingly harder to block. Should it be blocked, how can it be blocked or should it become part of the corporate infrastructure, just like voice and email? And more importantly, what are the dangers of Instant Messanging? Thanks once more to Krishna Kurapati for joining us on the conference call. He answered an email sent out by Dan York to the VOIP Security mailing list with very short notice. Present on this episode: Larry Pesce | Pauldotcom Security Weekly Alan Shimel | SSAATY (Still Secure After All These Years) Martin McKeay | Network Security Podcast And this will be the last time I ever give Michael a hard time for taking a couple of weeks to post a podcast. – Martin | 10/30/06 | Free | View In iTunes |
|
11 |
Security Round Table – Episode 5 – Security of VoIP in the Enterprise | Join us for our fifth exciting episode of the Security Round Table. Our special guest (and now newest member) is Dan York from: Blue Box: The VoIP Security Podcast. In this episode, we look at the general overview of VoIP technologies and the security risks – as well as the myths. Dan is a true expert and instructor on this topic – and school was definitely in for the SRT team! Joining in on this episode: Paul Asadorian | Pauldotcom Security Weekly Martin McKeay | Network Security Podcast Larry Pesce | Pauldotcom Security Weekly Michael Santarcangelo | The Security Catalyst Alan Shimel | SSAATY (Still Secure After All These Years) Dan York | Blue Box: The VoIP Security Podcast | 10/2/06 | Free | View In iTunes |
|
12 |
SRT Episode 4 – Responsible Reporting of Breaches | How many times have you wondered what you would do if you find out your company wasn’t protecting information as they promised? What if you were a consultant or contractor? Is there a right way to report on privacy and security breaches? Join the Security Round Table with Special Guest Randal Schwartz to discuss this important issue. On this episode: Larry Pesce | Pauldotcom Security Weekly | Haxor the Matrix Martin McKeay | Network Security Blog & Podcast Michael Santarcangelo | The Security Catalyst Randal Schwartz | Stonehenge | Legal Information: Friends of Randal Schwartz Note: we did reach some interesting conclusions and directions for future advancement. Continue the discussion at the Security Catalyst Community (currently open to trusted catalysts until October 15, 2006 when it becomes available to the entire community). | 9/17/06 | Free | View In iTunes |
|
13 |
Security Roundtable Discussion: NAC | Join me while I listen to a spirited discussion between Alan Shimel, Richard Stiennon, Mike Rothman and Chris Hoff about the relative merits and downfalls of Network Access (or Admission) Control. This all started a couple of weeks ago when Richard and Alan started a little disagreement between them about NAC on their blogs. Chris and Mike decided they needed to throw some fuel on fire, which generally seems to be their way. After reading their back and forth, I invited them to join me on a Skype call where they could each explain their positions and how the other bloggers were wrong. While this is a fairly serious security topic, as NAC seems to be one of the technologies everyone is talking about, we took the whole argument in fairly light-hearted manner. I hope you enjoy listening to the podcast as much as we enjoyed recording it. Thanks again to Richard to saving my bacon when I had technical problems with my recording software. And while I was part of the podcast, I was mostly just an innocent observer. I think I learned more that way. -Martin McKeay | 8/13/06 | Free | View In iTunes |
|
14 |
Security Round Table – Episode 3 – Liability for Vulnerabilities and Responsible Reporting | I am excited to present to you the SRT’s third episode. The goal of these podcasts is simple: bring together podcasters and occassional guests to discuss important security topics. This episode had some great (read: diverse) representation as we tackled the issue of who should be responsible for vulnerable code and “good practices” around notification, patching and the like. This podcast went a bit longer than planned, and I suspect we could have kept talking all night long! I personally learned quite a bit and enjoyed the opportunity to explore some of these issues and hear different perspectives. I hope you enjoy it too! Joining us on this effort was:Martin McKeay (The Network Security Podcast)Paul Asadoorian (Pauldotcom Security Weekly)Jamal Khan (Hdaar Security Radio)Alan Shimel (Still Secure, After All These Years)Ron Woerner (Security Catalyst Contributor) Ideas? Comments? Suggestions? securitycatalyst@gmail.com Michael (The Security Catalyst) | 7/21/06 | Free | View In iTunes |
|
15 |
Security Round Table – Episode 2 – What to do about stolen laptops and Privacy in the EU | Join Michael Santarcangelo of the Security Catalyst podcast, Martin McKeay of the Network Security Podcast and special Guest Alan Shimel from the Still Secure Podcast. We shared an energetic and insightful discussion about the recent reports of laptop theft leading to identity breach (or the possibility of it) and then talked about privacy and breaches in the EU. | 6/24/06 | Free | View In iTunes |
|
16 |
CleanSecurity Round Table – Episode 1 – Email Security | Listen in as Martin McKeay (Network Security), Dan Kuykendal (Mighty Seek), Larry Pesce (Pauldotcom Security) and Michael Santarcangelo (The Security Catalyst) discuss email security during the first Security Round Table. We recorded the podcast from a conference bridge, so the quality is about what you would expect from the broadcast radio.This is our first effort – and I learned some ideas that I wrote down, and hope you do, too! Please send us feedback and let us know what other topics you would like for us to cover. | 5/25/06 | Free | View In iTunes |
| Total: 16 Episodes |
Listeners also subscribed to
- IT Security Expert UK Podcast
- Dave @ ITSecurityExpert.co.uk - IT Security Expert - Information Security Expertise
- View In iTunes
- Adventures in Security
- Tom Olzak
- View In iTunes
