Insights, information
and resourcesAND

InfoSec has become a giant, marketing driven, bandwagon affair. However all is not lost, this talk will focus on 10 lessons that can be applied to your job (no matter what it is as long as its InfoSec related) that will help you do it better, stronger, faster etc…Providing information on topics such as: why does no one ever give me the funding I want and how do I get it? How can I do a useful penetration test? How do I build an effective security program that makes my job security 2+ years? And How do bad guys really think and how do I do that? OccamSec CEO Mark Stamford provides some tips on how to keep the organizations we work for secure, not lose our minds, and hopefully navigate the crazy.

Penetration Tests or Red Team? What are they? should you use them? if so, which one?

Vulnerability allows execution of any binary you want on macOS, bypassing the codesigning system.

The COVID-19 pandemic has caused hospital systems’ resources to be strained to the breaking point, and in some cases, beyond. Those who manage and use information systems need to take action now.

On October 8, 2020, OccamSec participated in a joint OWASP London and OWASP Suffolk meeting.

Establishing a beachhead is an important objective during many of our security assessments. To gain further access into an environment we need to get access to an Internet facing system, which can then be used to pivot into the network. The walkthrough below is a real life example, taken from one of our projects

Commercial drone programmes in the UK are being accelerated due to the restrictions enforced by the Coronavirus lockdown. From medical PPE drops from mainland UK to the Isle of Wight

During the ongoing COVID-19 outbreak many security professionals have by necessity been operating tactically & in response mode, trying to identify and mitigate the security risks of organisations that have had to move rapidly to remote working.

While some organizations are halting their use of Zoom due to security concerns and alerts that come on a seemingly daily basis; in some cases it might be the only option for some people and is still an immensely popular solution for remote meetings.

Davin and Mike speak with John Quigg, advisor for OccamSec and Senior Advisor at Spurrier Capital Partners. The trio talk about supply chain, previous major breaches, and how to marry IT and Operations teams to make effective changes.

Mike and Davin are joined by John Kindervag, creator of Zero Trust for the Season 2 Premiere of Burned by the Firewall! The trio discuss how Zero Trust came to be, its fundamentals, and some common myths. For anyone who is concerned with their current deployments, or who is considering setting up new infrastructure, this episode is for you!

In our season finale, Mike and Davin are joined by Cynthia Boumann, Head of Global Audit at Dover Corporation. She share her insights on the universe of risk, living through the winter storm in Texas, and why there should be now be a larger conversation on infrastructure and resilience.