All Episodes
Displaying 121 - 140 of 222 in total
Episode 121: Vulnerability Identification Methods (Part 2) (Domain 4)
Continuing our exploration of how vulnerabilities are identified, this episode focuses on external and community-driven methods, including penetration testing, bug bou...
Episode 122: System and Process Auditing (Domain 4)
Auditing is how security teams verify that controls are working, policies are being followed, and no one is operating outside expected behavior—and in this episode, we...
Episode 123: Vulnerability Analysis and Prioritization (Part 1) (Domain 4)
Once vulnerabilities are identified, the next challenge is determining which ones require immediate action—and that’s where vulnerability analysis and prioritization c...
Episode 124: Vulnerability Analysis and Prioritization (Part 2) (Domain 4)
Expanding on the concepts of vulnerability prioritization, this episode introduces industry-standard scoring and classification systems like CVSS (Common Vulnerability...
Episode 125: Vulnerability Response and Remediation (Part 1) (Domain 4)
Finding vulnerabilities is only useful if you have a plan to fix them—and this episode dives into the critical processes of response and remediation. We begin with pat...
Episode 126: Vulnerability Response and Remediation (Part 2) (Domain 4)
Not all vulnerabilities can be patched right away, and in these cases, compensating controls, segmentation, and exceptions become essential components of a realistic r...
Episode 127: Validation of Remediation Efforts (Domain 4)
Fixing a vulnerability doesn’t mean it’s gone—it means it needs to be verified. In this episode, we focus on the importance of validating remediation efforts to ensure...
Episode 128: Effective Vulnerability Reporting (Domain 4)
Clear, actionable reporting is the bridge between technical discovery and organizational response, and in this episode, we explore what makes vulnerability reports use...
Episode 129: Monitoring Computing Resources (Domain 4)
Monitoring is the heartbeat of any modern security operation, providing real-time visibility into systems, applications, and infrastructure. In this episode, we explor...
Episode 130: Key Security Monitoring Activities (Part 1) (Domain 4)
Monitoring is most valuable when it drives action, and in this episode, we explore foundational activities that turn data into defense—starting with log aggregation, a...
Episode 131: Key Security Monitoring Activities (Part 2) (Domain 4)
Beyond real-time alerting, monitoring supports long-term visibility, compliance, and forensics through disciplined reporting and archiving practices. In this episode, ...
Episode 132: Alert Response and Validation (Domain 4)
Alerts are only effective when they result in meaningful, timely responses—and this episode explores how organizations structure alert triage, validation, and remediat...
Episode 133: Security Monitoring Tools (Part 1) (Domain 4)
Choosing the right tools shapes how effectively you can detect, understand, and respond to threats. In this episode, we focus on foundational monitoring tools like the...
Episode 134: Security Monitoring Tools (Part 2) (Domain 4)
Building on our previous discussion, this episode explores more advanced and specialized monitoring tools—starting with Security Information and Event Management (SIEM...
Episode 135: Endpoint and Data Security Monitoring Tools (Domain 4)
Endpoints—laptops, desktops, mobile devices—are where most cyberattacks begin, making endpoint security monitoring a frontline defense. In this episode, we explore too...
Episode 136: Network-Based Monitoring Tools (Domain 4)
The network is where everything intersects—making it one of the most important vantage points for threat detection. In this episode, we examine key tools used for moni...
Episode 137: Vulnerability Scanning Tools and Practices (Domain 4)
Proactive security means finding and fixing weaknesses before attackers do, and vulnerability scanning is the tool that makes that possible at scale. In this episode, ...
Episode 138: Enhancing Firewall Capabilities (Domain 4)
Firewalls are often the first line of defense—but they’re only as effective as the rules, architecture, and tuning behind them. In this episode, we explore advanced fi...
Episode 139: Enhancing IDS/IPS Effectiveness (Domain 4)
Intrusion Detection and Prevention Systems (IDS/IPS) are powerful tools—but their effectiveness depends entirely on tuning, context, and visibility. In this episode, w...
Episode 140: Web Filtering and Content Security (Domain 4)
Web filtering and content security are essential for managing user behavior and blocking malicious or inappropriate content before it ever reaches the endpoint. In thi...