Profile

Cover photo
Bryan Brake
147 followers|146,907 views
AboutPostsPhotosVideos

Stream

Bryan Brake

Shared publicly  - 
 
Anyone who follows me can enjoy one free play of this recording of fine instrumental music
1
Add a comment...
 
Brakeing Down Security Special interview this week! On the heels of their uber successful KickStarter campaign, we brought co-founder Ryan and one of the technical editors Anthony in to discuss what Cybrary is. We also discuss ways you can leverage it in your own business to get quality security awareness training, as well as train up your employees on infosec topics that can benefit your company and employees. You can find out more at http://www.cybrary.it   #training   #infosec   #CCNA   #Cybrary   #freestuff   #podcast   #interview  
1
Add a comment...
 
Brakeing Down Security continues our trek down the list of SANS Top 20 Critical Security Controls this week with #12 and #13 - Boundry Defense, and Controlled use of Administrative Privileges.  Learn what you can do to shore up your network defenses, and how to handle admin privileges... When to give that kind of access, and how to make privileged access as secure as possible while still allowing administrators to do their work. #SANS #infoSec    #top20  
#accesscontrol   #firewall   #networksecurity   #permissions  
We continue our trek down the list of SANS Top 20 Critical Security Controls this week with #12 and #13 - Boundry Defense, and Controlled use of Administrative Privileges.  Learn what you can do to shore up your network defenses, and how to handle admin privileges... When to give that kind of access, and how to make privileged access as secure as possible while still allowing administrators to do their work.     https://www.sans.org/media/crit...
1
Add a comment...

Bryan Brake

Discussion  - 
 
Illusion is working great, but I really need to have a screen lock that locks all the time, not just when I lock it. I can't have someone just coming up and unlocking the phone if I've failed to shut off the screen, and then wake up the phone just to click 'lock'. Is there a setting to lock it regardless of how I turn off the screen (power button, double-tap status, timeout, etc)?
1
Andrew Oldfield's profile photo2SHAYNEZ's profile photoBryan Brake's profile photo
9 comments
 
My idea of 'trusted' devices, and Android's is two different things... I thought it was a white list permitting only those devices to connect, not 'make my phone's security protections become lax when I'm paired to a BT/NFC device'
Add a comment...

Bryan Brake

Shared publicly  - 
 
+Brian Boettcher  went on vacation and was volunteering for Austin Bsides this week, and I needed to do a podcast, so I enlisted the aid of +Lee Brotherston  and +Jarrod Frates  discuss some important topics.  We discuss the seemingly short talent pool for IT/IS positions.  We talk about the ROWHAMMER vulnerability and how it may affect your organization. Additionally, we talk about how the NTP protocol is being maintained by one person and what can be done to help with that, as it is a critical piece of Internet Infrastructure, and finally, we figure out why PGP/GPG is not user-friendly, and if there are ways to make it better, or if it needs to be replaced permanently.
Mr. Boettcher went on vacation and was volunteering for Austin Bsides this week, and I needed to do a podcast, so I enlisted the aid of Lee Brotherston and Jarrod Frates discuss some important topics.  We discuss the seemingly short talent pool for IT/IS positions.  We talk about the ROWHAMMER vulnerability and how it may affect your organization. Additionally, we talk about how the NTP protocol is being maintained by one person and what can be d...
1
Add a comment...
 
Brakeing Down Security's own Mr. Boettcher got a hold of the developers and maintainers of the anonymizing network "I2P". We talked with "str4d" and "Jeff" this week.

In Part 1 of the interview, we discuss the technical aspects of I2P, how it functions, how 'Garlic routing' works, and how the flood Fill servers allow for I2P to function effectively.

In the final segment, we discuss form factors, specifically if I2P is available for embedded systems like Raspberry Pi.

If you find Tor not to your liking, give I2P a try... it's goals are the same, but the method of security and privacy are different. Plus, as you can hear from the podcast, it's very much a tight knit community of security and privacy enthusiasts.

 

Show notes, links, and contact info: 

https://docs.google.com/document/d/1Vh0HiUDXchesI2-BlthztoIIswZa0GZa_Jg0mOu0ao4/edit?usp=sharing

#i2p   #anonymous   #anonymity   #privacy   #security  
1
Add a comment...
In his circles
241 people
Have him in circles
147 people
Michael Gough's profile photo
Stephane Bura's profile photo
Brian Buhl's profile photo
Derek Gelinas's profile photo
Anshu Kumar's profile photo
Justin St. John's profile photo
Paul Drussel's profile photo
Michael Thomas's profile photo
Jeremy Molnar's profile photo
 
Much of InfoSec and Compliance is all about processes, procedures, controls, audits, and the proper management of all of these.  To do so, you need a proper framework to make these as seamless as possible. ITIL is one of these types of frameworks.

We introduce Mr. Tim Wood on the podcast, who has over 20 years of ITIL experience and began ITIL implementations in banks and Healthcare systems in the United Kingdom. He currently works with different industries to change culture and make an ITIL a reality.

This week, we go over the History of ITIL, and understand the various incarnations from v1.0 to v3.0. You quickly understand where security will start fitting into all those facets of the ITIL framework.

 

Tim Wood's Presentation: https://drive.google.com/file/d/0B-qfQ-gWynwiVS0zLTZidml0VzA/view?usp=sharing (view only)

#ITIL #InfoSec #Management #frameworks #processes   #improvement  
Much of InfoSec and Compliance is all about processes, procedures, controls, audits, and the proper management of all of these.  To do so, you need a proper framework to make these as seamless as possible. ITIL is one of these types of frameworks. We introduce Mr. Tim Wood on the podcast, who has over 20 years of ITIL experience and began ITIL implementations in banks and Healthcare systems in the United Kingdom. He currently works with differen...
1
Add a comment...

Bryan Brake

Shared publicly  - 
 
It's that time of year again...  when all the reports come out that shows how various industries did over the last year.

Brakeing Down Security went over the results of the Verizon PCI report.  Did companies do worse this year, or could they have actually improved? Listen to our analysis, and what companies can do to learn from this, and how you can use this report to help get a leg up when your QSA comes calling.

 

 http://www.verizonenterprise.com/pcireport/2015/

 

Pay IRS using "Snapcard": http://www.coindesk.com/pay-taxes-bitcoin-snapcard-pay-irs/

 

According to the US Internal Revenue Service (IRS), virtual currencies are treated as "Property": http://www.irs.gov/uac/Newsroom/IRS-Virtual-Currency-Guidance


#infosec   #pci   #security   #bitcoin   #breaches  
It's that time of year again...  when all the reports come out that shows how various industries did over the last year. Brakeing Down Security went over the results of the Verizon PCI report.  Did companies do worse this year, or could they have actually improved? Listen to our analysis, and what companies can do to learn from this, and how you can use this report to help get a leg up when your QSA comes calling.    http://www.verizonenterpri...
1
Add a comment...
 
We invited the organizers of the "TheLab.ms", a Dallas, Texas based hacker/makerspace on the podcast to talk about why they wanted to start a #makerspace, the costs and plans to setup a #hackerspace, and some of the things you can do with a makerspace. We also understand the sense of community and the learning environment gained from these places. 

If you are looking to start a 'space in your area, or looking to understand why they are needed in a community, you'll want to listen to Roxy, Sean, and Jarrod talk about the highs and lows and even some of the gotchas in setting up a space.
#makingadifference   #hackers   #3dprinter   #costumemaker  
1
Add a comment...
 
I picked up my LG G3 a bit ago, and immediately rooted it, but continued running stock. I'm wanting to put Illusion Rom on, and I know that I need to do a 'clean' install. It's been a few years since I have done a fresh install (started with liquid rom on my Note 2 years ago). TWRP has a 'default wipe' which clears dalvik, cache, and data... is this considered a 'clean' wipe, or do I need to do an 'advance' wipe, and wipe everything (dalvik cache, System, data, Internal Storage, cache) and leave the External SD?

I came from Carbon Rom on my Note 2 to this place. Nice to see an active community over here, just hope Google doesn't mess it up by changing the format of the communities when they move to 'Streams'...
1
michael hartman's profile photoDavid Causey's profile photoBryan Brake's profile photo
16 comments
 
Cool, thanks
Add a comment...
 
In our continuing discussion with Jeff and "Str4d", we got right to the heart of the matter: Privacy and anonymity.

If you're trying to remain anonymous, what steps do the devs of I2P use to keep themselves as anonymous as possible.  We also touch on what the "Browser Exploitation Framework", and why it scares the heck out of Jeff.

Finally, I ask them if there is any real 'good' sites on I2P, because of how the media seems to latch on to any story where we hear the bad things of any anonymizing network, is there a way we can improve the image of anonymizing networks.

 *** If you have a blog, and it's about security/privacy/compliance, please consider adding us as a write-in for '2015 Best New Security Podcast' here:

https://www.surveymonkey.com/s/securitybloggers***

 

Show notes: https://docs.google.com/document/d/1Vh0HiUDXchesI2-BlthztoIIswZa0GZa_Jg0mOu0ao4/edit?usp=sharing

#i2p   #anonymity   #privacyandsecurity   #metadatacollection   #metadata   #tor   #eepsites  
1
Add a comment...

Bryan Brake

Shared publicly  - 
 
The second part of our interview with Pawel discussed Content management systems, and how you can integrate CSP in Drupal, Django, and the like.

Content managers, you'll want to listen to this, especially about how CSP can help you secure the content on your systems, as well as protect customers from web based attacks using the sandboxing functions of CSP 
The second part of our interview with Pawel discussed Content management systems, and how you can integrate CSP in Drupal, Django, and the like. Content managers, you'll want to listen to this, especially about how CSP can help you secure the content on your systems, as well as protect customers from web based attacks using the sandboxing functions of CSP Pawel's Blog = ipsec.pl Pawel's CSP builder app = cspbuilder.info Quick Guide to CSP: ht...
1
Add a comment...
People
In his circles
241 people
Have him in circles
147 people
Michael Gough's profile photo
Stephane Bura's profile photo
Brian Buhl's profile photo
Derek Gelinas's profile photo
Anshu Kumar's profile photo
Justin St. John's profile photo
Paul Drussel's profile photo
Michael Thomas's profile photo
Jeremy Molnar's profile photo
Basic Information
Gender
Male
Story
Introduction
I'm a CISSP that loves working in the security field.
Bragging rights
I lived on the island of Diego Garcia.
Links
Contributor to