All Episodes
Displaying 151 - 180 of 221 in total
Access Control Models (Part 1) (Domain 4)
Access control models define who can access what, under which conditions—and in this episode, we begin our exploration with Mandatory Access Control (MAC) and Discreti...
Access Control Models (Part 2) (Domain 4)
In this second installment on access control models, we focus on more adaptive and scalable approaches: Role-Based Access Control (RBAC), Rule-Based Access Control, an...
Advanced Access Controls and Least Privilege (Domain 4)
Access controls must go beyond static roles to enforce the principle of least privilege in real time, and this episode explores how to implement more advanced models t...
Multifactor Authentication (MFA) Implementations (Domain 4)
Multifactor Authentication (MFA) is one of the most effective ways to prevent unauthorized access, and in this episode, we break down how to implement it effectively a...
MFA Authentication Factors (Domain 4)
Multifactor authentication is only as strong as the diversity and reliability of the factors it uses. In this episode, we explore each authentication factor category i...
Secure Password Management (Domain 4)
Passwords continue to serve as a primary access method for many systems, and in this episode, we examine what secure password management really looks like—from user be...
Privileged Access Management (PAM) (Domain 4)
Privileged accounts are the crown jewels of any IT environment, and their misuse—whether accidental or malicious—can lead to devastating breaches. This episode focuses...
Automation and Scripting in Security (Domain 4)
In modern cybersecurity, manual processes can’t keep up with the scale and speed of threats—making automation and scripting essential for operational success. In this ...
Technical Debt in Automation (Domain 4)
As security teams automate more of their operations, they often accumulate technical debt—shortcuts, fragile code, or undocumented scripts that create long-term risk. ...
Continuous Integration and API Automation (Domain 4)
Security needs to move at the speed of development, and that’s where continuous integration (CI) and API-driven automation come in. In this episode, we explore how CI ...
Benefits of Security Automation (Part 1) (Domain 4)
Security automation offers more than just saved time—it fundamentally transforms how teams operate by embedding consistency, speed, and scalability into their daily pr...
Benefits of Security Automation (Part 2) (Domain 4)
Building on the first part of our automation series, this episode explores how security automation improves scalability, incident reaction time, and team productivity....
Considerations for Security Automation (Part 1) (Domain 4)
As powerful as automation is, it’s not without challenges—and in this episode, we dive into the complexity and cost considerations that come with security automation p...
Considerations for Security Automation (Part 2) (Domain 4)
Continuing our discussion on automation pitfalls, this episode focuses on the risk of single points of failure, technical debt, and long-term support challenges. Centr...
Incident Response Process (Part 1) (Domain 4)
A strong incident response process can mean the difference between a contained event and a catastrophic breach—and in this episode, we break down the first half of the...
Incident Response Process (Part 2) (Domain 4)
Following detection and analysis, the next phases in an incident response plan are containment, eradication, and recovery—critical steps that stop the spread of an att...
Incident Response – Lessons Learned (Domain 4)
Every incident is a learning opportunity, and the final step of the response lifecycle—lessons learned—ensures that your team emerges stronger, smarter, and better pre...
Incident Response Training and Testing (Domain 4)
A well-written incident response plan is only useful if your team knows how to execute it—and the best way to build that confidence is through training and testing. In...
Root Cause Analysis and Threat Hunting (Domain 4)
Stopping an incident isn’t enough—you have to understand how it happened and whether something deeper is still lurking. This episode explores root cause analysis and t...
Digital Forensics Foundations (Domain 4)
When a security incident occurs, understanding what happened—and proving it—requires digital forensics. In this episode, we cover foundational concepts of digital fore...
Forensics – Data Acquisition and Reporting (Domain 4)
Capturing and reporting digital evidence is a delicate process that must be repeatable, verifiable, and legally defensible. In this episode, we focus on how to perform...
Forensic Evidence Preservation and E-Discovery (Domain 4)
Once digital evidence is collected, preserving it and producing it responsibly are the next critical steps—and in this episode, we focus on maintaining evidentiary int...
Leveraging Log Data (Part 1) (Domain 4)
Logs are the record books of your infrastructure, capturing who did what, when, and where—and in this episode, we explore how to extract value from them. We start with...
Leveraging Log Data (Part 2) (Domain 4)
In this continuation of our log analysis discussion, we shift from collection to interpretation—examining how different data sources support threat detection, forensic...
Vulnerability Scan Data and Automated Reporting (Domain 4)
Vulnerability scan data is only useful when it’s collected, organized, and presented in a way that drives action—and this episode explains how automated reporting tran...
Dashboards and Visualization Tools (Domain 4)
A well-designed dashboard can turn complex security data into fast, actionable insight—and in this episode, we explore how visualization tools help analysts, engineers...
Packet Captures in Investigations (Domain 4)
Packet captures are the most detailed and revealing form of network data available to defenders—showing not just what happened, but exactly how it happened, byte by by...
Introduction to Domain Five — Security Program Management and Oversight
Cybersecurity isn’t just about blocking attacks and managing firewalls. It’s also about building policies, assessing risk, managing vendors, and aligning security with...
Introduction to Security Governance (Domain 5)
Security governance is the blueprint for how an organization manages its security strategy, aligns it with business goals, and ensures accountability across all levels...
Key Security Policies and Standards (Domain 5)
Policies and standards are the written expression of an organization’s security expectations—and in this episode, we explore how they’re developed, communicated, and e...
