Profile

Cover photo
Bryan Brake
157 followers|155,891 views
AboutPostsVideos

Stream

Bryan Brake

Shared publicly  - 
 
Once you find a vulnerability, how do you handle patching it? Especially when devs have their own work to do, there are only so many man hours in a sprint or development cycle, and the patching process could take up a good majority of that if the vuln is particularly nasty.

One method is to triage your patches, and we discuss that this week with Mr. Boettcher. We also talk about how our respective company's handle patching of systems.

We also discuss what happens when compensating controls run out of effectiveness, and if there is a point at which they no longer are 'compensating' for anything any further.

#infosec  #podcast #security #patching   #management   #rss   
1
Add a comment...

Bryan Brake

Shared publicly  - 
 
Katherine Carpenter is a privacy consultant who has worked all over the world helping to develop guidelines for ethical medical research, sharing of anonymized data, and helping companies understand privacy issues association with storing and sharing of medical data.
 
This week, we discuss how companies should assign value to their data, the difficulties of doing research with anonymized data, and the ramifications of research organizations that share data irresponsibly.
 
#privacy   #anonymizing   #infosec   #podcast   #hipaa  
Katherine Carpenter is a privacy consultant who has worked all over the world helping to develop guidelines for ethical medical research, sharing of anonymized data, and helping companies understand privacy issues association with storing and sharing of medical data.   This week, we discuss how companies should assign value to their data, the difficulties of doing research with anonymized data, and the ramifications of research organizations th...
1
Add a comment...

Bryan Brake

Discussion  - 
 
I've seen a lot of posts online about the call history attempting to ID numbers, but every is showing up as "unknown", which means that you cannot call back nor can you add an 'unknown' number to your contacts. Has anyone had an issue with this? Is there a setting I'm missing that I can toggle that won't require me to try a factory reset, which "says" will fix it?
1
Bryan Brake's profile photo
 
So, after a factory reset, that did not fix the issue... anyone else have ideas? I'm running a Nexus 6 with the "CARBON-LP-5.1.1-UNOFFICIAL-20150612-1220" build.
Add a comment...

Bryan Brake

Shared publicly  - 
 
Join us again on the Brakesec podcast with +Michael Gough 

 In this podcast, you'll learn about:

Log analytics software techniques that can be used to parse system logs for naaty malware

Detecting Malware artifacts

learn about windows directory locations

looking for indicators like packing, changed hashes, etc

Tips for capturing malware using tools like RoboCopy

Learn about what code caves are and how malware hides inside them (http://www.codeproject.com/Articles/20240/The-Beginners-Guide-to-Codecaves)

 

SANS DFIR poster - https://www.sans.org/security-resources/posters/windows-forensics-evidence-of-75 

#malware   #infosec   #splunk   #loganalytics   #podcast   #windows  
In this podcast, you'll learn about: Log analytics software that can be used to parse system logs for naaty malware Detecting Malware artifacts learn about windows directory locations looking for indicators like packing, changed hashes, etc Tips for capturing malware using tools like RoboCopy Learn about what code caves are and how malware hides inside them (http://www.codeproject.com/Articles/20240/The-Beginners-Guide-to-Codecaves)   SAN...
1
1
Michael Gough's profile photo
Add a comment...

Bryan Brake

Shared publicly  - 
 
+Michael Gough  joined us again to discuss malware detection techniques on Windows systems. We talk about how you can modify Powershell's defaults to allow for better logging potential. Also, we find out some hidden gems that pretty much guarantee to let you know that you've been infiltrated. 

Stay for the powershell security education, and you also learn some new terminology, like "Malware Archaeology", Malwarians, and 'Log-aholic', to name a few...

#malware   #archaeology   #detection   #infosec   #podcast   #Malwarians   #logfiles   #intrusions   #DetectiveControls  
1
2
Michael Gough's profile photoStephanie Robertson's profile photo
Add a comment...

Bryan Brake

Off Topic (Nothing to do with Carbon)  - 
 
I noticed this issue with my LG G3 and I appear to have the same issue on my Nexus 6. I want to make a call, so I plug my headphones in. Shure SE215 earbuds. I make a call, and I can hear the people on the other end of the line... but the problem is that they don't hear me through the mic on the phone. I used to be able to use my headphones and the phone mic on my Note2 (using Carbon Rom), but once I upgraded to LP, and to newer phones, this functionality appears to have disappeared.  

I don't see an option to enable this, stock or otherwise... is there an app or setting I'm missing that will allow this to function as I mentioned above? It's almost like they require earbuds with the phone mic on it...
1
Add a comment...

Bryan Brake

Discussion  - 
 
Question for the group. I live in Seattle, and frequently go to Canada, because reasons...  I know that when I traveled to France with my Note 2 last year, I was unable to connect to phone or data networks there and make calls. Obviously, calling Verizon to ask for help was impossible without the phone being back on stock. So, does anyone use Carbon, across international borders (specifically US > other countries) using current LP builds with no issues? Like make calls, data, etc.  I get international calling plans activated when I go, so price isn't an issue.  I just want to know that I won't have to go back to stock when I travel...
1
Matt Bloomfield's profile photoElric Erekose's profile photoBryan Brake's profile photo
6 comments
 
I bought it off Amazon and it was advertised as 'unlocked'
Add a comment...
In his circles
250 people
Have him in circles
157 people
Dennis Ahbor's profile photo
Amber Vandivort's profile photo
Stephane Bura's profile photo
Dominic Amann's profile photo
Switz Antivirus UK's profile photo
Munir Kotadia's profile photo
dumiter vlad's profile photo
Ryan Corey's profile photo
Andrejs Roslakovs's profile photo

Bryan Brake

Shared publicly  - 
 
After last week's discussion of end-user training in the SANS top 20 security controls, we realized that it would be great to discuss how a company involved in training does proper training.

 

So we hit up our sponsor at Cybrary.it to discuss their end-user security training track and how companies can use it to help their employees to be more secure in their workplace.

 

We end the podcast with a bit of audio from the Bsides Austin blue/red panel Mr. Boettcher moderated. He asked them about training and it's worth. The first answer from Justin Whitehead is telling as to how he believes training will fail regardless. His answer was chilling in fact, and we hope to continue that conversation with him in the future about it.

#infosec   #training   #security   #cybrary   #podcast  
1
Add a comment...

Bryan Brake

Shared publicly  - 
 
In an incident response, the need for clear communication is key to effective management of an incident. This week, we had +Michael Douglas, DFIR instructor at SANS, and +Jarrod Frates , who is a pentester at InGuardians, and has great experience handling incidents. Find out some roles in an incident response (the Shadow, the event coordinator, the lead tech), and how companies should have an IR plan that handles various 'incident severities'.

Jarrod updates us on "TheLab.ms" and how you might like to help them! 

Finally, We are holding a contest to win a ticket to DerbyCon, full instructions are below. We are giving away two tickets. 

DerbyCon 1st Ticket contest expires 31 July 2015. Full instructions are at http://brakeingsecurity.com/2015-032-incident-response-effective-communication-and-derbycon-contest

  #infosec   #podcast   #derbycon   #DFIR   #hackerspaces  
2
Add a comment...

Bryan Brake

Shared publicly  - 
 
Roxy, who we interviewed a few months ago on our podcast about hackerspaces, is back with us this week to discuss a project she is working on, called 'Big Brown Cloud'. If you've ever wanted to setup your own fake blog and send people to it to gain information on possible attacks, you've come to the right place.  

 

We also get an update on the hackerspace that Jarrod, Sean, and Roxy were getting setup a few months ago. They've come a long way, and they are about to move into their new facility

https://thelab.ms/

http://directory.libsyn.com/episode/index/id/3657921

#activedefense   #infosec   #podcast   #hackerspaces   #cloud   #wordpress   #brakeingdownsecurity  
Roxy, who we interviewed a few months ago on our podcast about hackerspaces, is back with us this week to discuss a project she is working on, called 'Big Brown Cloud'. If you've ever wanted to setup your own fake blog and send people to it to gain information on possible attacks, you've come to the right place.     We also get an update on the hackerspace that Jarrod, Sean, and Roxy were getting setup a few months ago. They've come a long way,...
1
Add a comment...

Bryan Brake

Computer security  - 
 
+Michael Gough   joined us to discuss malware detection techniques on Windows systems. We talk about how you can modify Powershell's defaults to allow for better logging potential. Also, we find out some hidden gems that pretty much guarantee to let you know that you've been infiltrated. 

Stay for the powershell security education, and you also learn some new terminology, like "Malware Archaeology", Malwarians, and 'Log-aholic', to name a few...

#malware   #archaeology   #detection   #infosec   #podcast   #Malwarians   #logfiles   #intrusions   #DetectiveControls  
1
Add a comment...

Bryan Brake

Shared publicly  - 
 
This week, we discuss various methods of enabling companies to move applications to cloud based platforms. 

We discuss containers, like Docker, and how various hosting services handle converting businesses from a traditional data centers to a secure. cloud based entity.

We even discuss securing the data in the cloud, preventing bad guys from accessing it, as well as the cloud provider themselves, who can be served with a subpeona to hand over data.

Brakeing Down Security would like to thank FireHost for allowing Chase and Mike to join us.

#infosec   #security   #managedservices   #cloudcomputing   #podcast  
This week, we discuss various methods of enabling companies to move applications to cloud based platforms.  We discuss containers, like Docker, and how various hosting services handle converting businesses from a traditional data centers to a secure. cloud based entity. We even discuss securing the data in the cloud, preventing bad guys from accessing it, as well as the cloud provider themselves, who can be served with a subpeona to hand over d...
1
Add a comment...
People
In his circles
250 people
Have him in circles
157 people
Dennis Ahbor's profile photo
Amber Vandivort's profile photo
Stephane Bura's profile photo
Dominic Amann's profile photo
Switz Antivirus UK's profile photo
Munir Kotadia's profile photo
dumiter vlad's profile photo
Ryan Corey's profile photo
Andrejs Roslakovs's profile photo
Basic Information
Gender
Male
Story
Introduction
I'm a CISSP that loves working in the security field.
Bragging rights
I lived on the island of Diego Garcia.
Links
Contributor to