Security Culture Hacking: Disrupting the Security Status Quo (S04E20)
Play episode · 32 min

On this week, we listen in on the #AppSecUSA talk by Chris about Security Culture Hacking. You can find Chris on Twitter @edgeroute    

The post Security Culture Hacking: Disrupting the Security Status Quo (S04E20) appeared first on Security Journey Podcasts.

Microsoft Cloud IT Pro Podcast
Microsoft Cloud IT Pro Podcast
Ben Stegink, Scott Hoag
Episode 200 – The One About Mailboxes
In Episode 200, Ben and Scott talk about actions you can take to save the contents of your Site Mailboxes (remember those things?!?) if you still have them, a new cross-tenant mailbox migration service that has entered Public Preview, and the introduction of continuous access evaluation. Sponsors Sperry Software – Powerful Outlook Add-ins developed to make your email life easy even if you’re too busy to manage your inbox ShareGate - ShareGate's industry-leading products help IT professionals worldwide migrate their business to the Office 365 or SharePoint, automate their Office 365 governance, and understand their Azure usage & costs Office365AdminPortal.com - Providing admins the knowledge and tools to run Office 365 successfully Intelligink - We focus on the Microsoft Cloud so you can focus on your business Show Notes Phishing Scams or Compromised Accounts Retirement of site mailboxes Update: Retirement of Site Mailboxes in SharePoint Online Cross-tenant mailbox migration (preview) Cross-tenant mailbox migration in now in Public Preview Continuous access evaluation Conditional Access for Office 365 Apps Now Commercially Released About the sponsors Every business will eventually have to move to the cloud and adapt to it. That’s a fact. ShareGate helps with that. Our industry-leading products help IT professionals worldwide migrate their business to the Office 365 or SharePoint, automate their Office 365 governance, and understand their Azure usage & costs. Visit https://sharegate.com/ to learn more. Sperry Software, Inc focuses primarily on Microsoft Outlook and more recently Microsoft Office 365, where a plethora of tools and plugins that work with email have been developed. These tools can be extended for almost any situation where email is involved, including automating workflows (e.g., automatically save emails as PDF or automatically archive emails that are over 30 days old), modifying potentially bad user behaviors (e.g., alert the user to suspected phishing emails or prompt the user if they are going to inadvertently reply to all), and increased email security (e.g., prompt the user with a customizable warning if they are about to send an email outside the organization). Get started today by visiting www.SperrySoftware.com/CloudIT Intelligink utilizes their skill and passion for the Microsoft cloud to empower their customers with the freedom to focus on their core business. They partner with them to implement and administer their cloud technology deployments and solutions. Visit Intelligink.com for more info.
29 min
The Intrazone by Microsoft
The Intrazone by Microsoft
Microsoft
Partner Edition: Rightpoint with customer Grant Thornton
Mark and Chris talk with Microsoft partner Mark and Chris talk with Microsoft partner Rightpoint, along with Rightpoint customer, Grant Thornton. You'll hear about various successes resulting from numerous integration points across the Microsoft 365 suite. With SharePoint as their intranet base, Grant Thornton uses the Power Platform, Stream, Yammer and Power BI – along with programmatic approach to custom development and governance. Grant Thornton helped establish their modern intranet as a home for everything people need in the day-to-day when working with their peers and various communities of practice. Click here for this episode's corresponding blog post. Click here for transcript of this episode. Resources and Info Links: SharePoint | @SharePoint | SharePoint Community Blog | UserVoice OneDrive | @OneDrive | OneDrive Community Blog | UserVoice Mark Kashman | Twitter Chris McNulty | Twitter Jesse Murray | Twitter | LinkedIn * Rightpoint | Twitter | LinkedIn Doug Kalish | Twitter | LinkedIn * Grant Thornton | Twitter | LinkedIn Grant Thornton wins Knowledge Management award, "APQC Announces Inaugural Excellence in Knowledge Management Award; Names 13 Winning Organizations" Rightpoint on "Employee experience" Rightpoint on "Project Cortex" Grant Thornton LLP Case Study with Rightpoint SharePoint Fest Virtual Workshops (ongoing) Collaboration Summit's Learning Day (Oct.26.2020) and Networking Day [in VR] (Oct.27.2020) Collab365 GlobalCon4 | Twitter SharePoint Saturdays Microsoft 365 Content Services Partner Program Microsoft Partner Network Project Cortex aka.ms/projectcortex Microsoft Docs - The home for Microsoft documentation for end users, developers, and IT professionals. Stay on top of Office 365 changes Subscribe to The Intrazone at aka.ms/TheIntrazone Listen and subscribe to other Microsoft podcasts at aka.ms/microsoft/podcasts
49 min
Talk Python To Me [Full History]
Talk Python To Me [Full History]
Michael Kennedy (@mkennedy)
#287 Testing without dependencies, mocking in Python
We know our unit tests should be relatively independent from other parts of the system. For example, running a test shouldn't generally call a credit card possessing API and talk to a database when your goal is just to test the argument validation. And yet, your method does all three of those and more. What do you do? Some languages use elaborate dependency passing frameworks that go under the banner of inversion of control (IoC) and dependency injections (DI). In Python, the most common fix is to temporarily redefine what those two functions do using patching and mocking. On this episode, we welcome back Anna-Lena Pokes to talk us through the whole spectrum of test doubles, dummies, mocks, and more. Links from the show *Anna-Lena's personal site*: alpopkes.com *100 Days of Code episode*: talkpython.fm/186 *Anna-Lena on Github*: github.com *PyCon talk from Lisa Road (2018) - “Demystifying the patch function”*: youtube.com *PyCon talk from Edwin Jung (2019) - Mocking and Patching Pitfalls*: youtube.com *Keynote talk “Finding Magic in Python” (about magical universe* *project)*: youtube.com *Blog post about mocking in Python*: alpopkes.com *Stackoverflow post on difference between stubs and mocks*: stackoverflow.com *Freezegun project*: github.com *KI Macht Schule (AI goes to school)*: ki-macht-schule.de *Code Combat*: codecombat.com *PDB++*: github.com Sponsors Linode Monday.com Talk Python Training
1 hr 3 min
The Cloudcast
The Cloudcast
Cloudcast Media
Confidential Computing
Vikas Bhatia (@vikascb, Head of Product, Azure Confidential Computing) and Ron Perez (@ronprz, Intel Fellow, Security Architecture) talk about the technologies and architecture behind Azure Confidential Computing *SHOW: *472 *SHOW SPONSOR LINKS:* * CloudAcademy -Build hands-on technical skills. Get measurable results.  * Get 50% of the monthly price of CloudAcademy by using code CLOUDCAST * Datadog Security Monitoring Homepage - Modern Monitoring and Analytics * Try Datadog yourself by starting a free, 14-day trial today. Listeners of this podcast will also receive a free Datadog T-shirt. * BMC Wants to Know if your business is on its A-Game * BMC Autonomous Digital Enterprise *CLOUD NEWS OF THE WEEK *- http://bit.ly/cloudcast-cnotw *PodCTL Podcast is Back (Enterprise Kubernetes) *- http://podctl.com *SHOW NOTES:* * Azure Confidential Computing * Intel and Microsoft Azure partnership page * Intel® SGX: Moving Beyond Encrypted Data to Encrypted Computing * Confidential Computing Consortium (website) *Topic 1 *- Welcome to the show. Before we dig into today’s discussion, can you give us a little bit about your background? *Topic 2 *- Defense in Depth is a strategy that has long been in place in Enterprise computing. We’ve seen previous approaches that connected the OS or Application with the Hardware (e.g. Intel TXT). How has this space evolved over the last few years, and what are some of the reasons why we need another level of depth? *Topic 3* - Let’s talk about the technology basics of Confidential Computing. What are the software elements (Application, OS, SDK) and what are the hardware elements?  *Topic 4 *-  What is the normal migration path for a company to move workloads into Confidential Computing environments? Is this primarily for new workloads, or does it apply to existing applications too?  *Topic 5 *- Azure has the ability to deliver either Confidential VMs, or recently added Confidential containers along with AKS. When does it make sense to be confidential in one part of the stack vs. other?  *Topic 6 *- What are some areas where you’re seeing the broader ecosystem (e.g. technology partners or end-user customers) beginning to expand out the functionality of Confidential Computing? *FEEDBACK?* * Email: show at thecloudcast dot net * Twitter: @thecloudcastnet
40 min
Kubernetes Podcast from Google
Kubernetes Podcast from Google
Adam Glick and Craig Box
Research, Steering and Honking, with Bob Killen
Bob Killen is co-chair of Kubernetes’ SIG Contributor Experience and was last week elected to the project’s Steering Committee. He worked in academia for 15 years, latterly working on research projects using Kubernetes, with a focus on computer security. He’s now made the leap to working on Cloud Native full time at Google. Bob joins us to explain why Kubernetes twitter is occasionally full of cartoon geese. Do you have something cool to share? Some questions? Let us know: * web: kubernetespodcast.com * mail: kubernetespodcast@google.com * twitter: @kubernetespod Chatter of the week * Relive New Zealand’s General Election coverage - 57% of the electorate voted early! * tl:dr; Jacinda won by a lot * One NZ electorate had a 421 vote lead on the night * Ballot box in Washington State * Click here to take the Audience Survey: thank you for helping us make a better show for you! News of the week * VMware Tanzu Kubernetes Grid 1.2 is GA * Red Hat integrates Ansible and OpenShift * Changes to the KubeCon EU * Episode 107, with Priyanka Sharma * Cloud Native in China survey results * Introducing HA MicroK8s * Episode 60, with Mark Shuttleworth * Helm turns 5 * Episode 102, with Mark Butcher * Google Cloud Code adds support for 400+ CRDs * A holiday gift from AKS Links from the interview * University of Michigan * Little Bobby Tables * Another Bobby Tables! * 2600 * Beige boxes * Red boxes * Steve Jobs, Steve Wozniak and the Blue Box * Jeff Sica * ARC-TS: Advanced Research Computing — Technology Services * Great Lakes, the UMich HPC cluster * Kubernetes the New Research Platform - Lindsey Tulloch, Brock University & Bob Killen, University of Michigan * kube-batch * Volcano * Orchestructure meet-up and Mario Loria * SIG Contributor Experience * Episode 74, with Jorge Castro * Episode 100 with Paris Pittman * Kubernetes Steering Committee * 2020 Election * Election results * Travel support program * HONK * Untitled Goose Game * /honk * Ian Coldwater’s goose-themed talk from KubeCon NA 2019 * honk.ci * Announcement * GitHub repo * Challenges * Walkthrough * KubeCon NA events: * SIG Honk AMA: Ian Coldwater, Duffie Cooley, Brad Geesaman, Rory McCune * Having Cloud Native Fun with HonkCTL: Jeff Sica * SIG Beard: see episode 46, with Aaron Crickenberger * Bob Killen on Twitter
25 min
How I Launched This: A SaaS Story
How I Launched This: A SaaS Story
From Google Cloud
Supporting an Inclusive Workplace With Kanarys Co-Founder and CEO Mandy Price
On this episode of How I Launched this, Stephanie (@swonful) and Carter (@carterthecomic) are excited to welcome the CEO of Kanarys, Mandy Price. The Kanarys platform is the first technology platform that fosters collaboration between companies and employees on diversity, equity, and inclusion (DEI) in the workplace. Through gathering anonymous employee data, the Kanarys platform brings about lasting change in DEI by helping companies get the specific data and insights they need to diagnose, prioritize, and optimize DEI efforts. Mandy starts the show by distinguishing between diversity, equity, and inclusivity, stressing that these should be the goals of every workplace. Diversity, the mix of different social and ethnic backgrounds,is important. But equally important is an environment where each person has equal access to resources and feels welcome and nurtured within the company. Her unfortunate experiences with inequity in office settings sparked the idea for Kanarys. By giving employees a mechanism to voice their concerns, report instances that make them uncomfortable, and more, Kanarys empowers employees to effect change in work environments. Managers' jobs are also made easier, as the platform gives them the data they need to find and fix DEI issues and bring about change.  Later, Mandy describes the process that brought Kanarys to their current platform and details the user experience. The company dashboard offers insights and support to give businesses the best chance at change, while the employee dashboard provides a safe space for discussions on equity and inclusion. She outlines the types of data Kanarys collects and how, and explains how this process has evolved over time. Kanarys also helps companies with implementation plans once data is analyzed.  Mandy talks about her personal journey and how it influenced her entrepreneurial path. She smiles talking about the Kanarys team and how important it is to find employees who believe in your mission. To wrap up the show, Mandy offers valuable advice on how to build and run a powerful team and tells us about the new Resource Center they've just released. Episode Links: *Kanarys** **Kanarys Resource Center** **Google Accelerators** **GFS Black Founders Fund Blog** **GFS Black Founders Fund Recipients**  **Kanarys on Twitter** **Kanarys on LinkedIn*
44 min
Streaming Audio: A Confluent podcast about Apache Kafka
Streaming Audio: A Confluent podcast about Apache Kafka
Confluent, original creators of Apache Kafka®
Ask Confluent #18: The Toughest Questions ft. Anna McDonald
It’s the first work-from-home episode of Ask Confluent, where Gwen Shapira (Core Kafka Engineering Leader, Confluent) virtually sits down with Apache Kafka® expert Anna McDonald (Staff Technical Account Manager, Confluent) to answer questions from Twitter.  Find out Anna’s favorite Kafka Improvement Proposal (KIP), which  will start to use racially neutral terms in the Kafka community and in our code base, as well as answers to the following questions:  * If you could pick any one KIP from the backlog that hasn't yet been implemented and have it immediately available, which one would you pick? * Are we able to arrive at any formula for identifying the consumer/producer throughput rate in Kafka with the given hardware specifications (CPU, RAM, network, and disk)?  * Does incremental cooperative rebalancing also work for general Kafka consumers in addition to Kafka Connect rebalancing? They also answer how to determine throughput and achieve your desired SLA by using partitions.  EPISODE LINKS * Watch Ask Confluent #18: The Toughest Questions ft. Anna McDonald * From Eager to Smarter in Apache Kafka Consumer Rebalances * Streaming Heterogeneous Databases with Kafka Connect – The Easy Way * Keynote: Tim Berglund, Confluent | Closing Keynote Presentation | Kafka Summit 2020 * Join the Confluent Community Slack * Learn more with Kafka tutorials, resources, and guides at Confluent Developer * Live demo: Kafka streaming in 10 minutes on Confluent Cloud * Use *60PDCAST* to get an additional $60 of free Confluent Cloud usage (details)
34 min
More episodes
Search
Clear search
Close search
Google apps
Main menu