All Episodes
Displaying 141 - 160 of 222 in total
Episode 141: Operating System Security Enhancements (Domain 4)
The operating system is the beating heart of any computing device—and securing it properly lays the groundwork for all other defenses. In this episode, we focus on OS-...
Episode 142: Secure Protocol Implementation (Domain 4)
Not all protocols are created equal—and using the wrong one can open a serious security hole in your environment. In this episode, we examine the implementation of sec...
Episode 143: DNS Filtering and Email Security Enhancements (Domain 4)
DNS and email are two of the most commonly exploited services in cyberattacks—and securing them requires layered, policy-driven controls. In this episode, we explore D...
Episode 144: File Integrity Monitoring and Data Loss Prevention (Domain 4)
File Integrity Monitoring (FIM) and Data Loss Prevention (DLP) tools are essential for detecting tampering and protecting sensitive data from unauthorized exfiltration...
Episode 145: Network Access Control and Endpoint Protection (Domain 4)
Controlling access at the point of connection is one of the most effective ways to prevent unauthorized entry, and in this episode, we explore the implementation of Ne...
Episode 146: User Behavior Analytics (Domain 4)
User Behavior Analytics (UBA) shifts the security paradigm from rules-based alerts to behavioral baselines, allowing defenders to spot anomalies that signal potential ...
Episode 147: User Account Provisioning and Permission Management (Domain 4)
Creating, modifying, and revoking user accounts may sound like routine IT work—but it’s a fundamental part of security control. In this episode, we examine account pro...
Episode 148: Identity Proofing and Federation (Domain 4)
Before you can secure access, you have to know who’s requesting it—and identity proofing ensures that the person behind a login is who they claim to be. In this episod...
Episode 149: Single Sign-On (SSO) and Protocols (Domain 4)
Single Sign-On (SSO) allows users to access multiple systems with a single set of credentials, enhancing both convenience and security when implemented with care. In t...
Episode 150: Interoperability and Attestation (Domain 4)
As organizations adopt more diverse platforms, cloud services, and third-party integrations, the ability for systems to work together securely—known as interoperabilit...
Episode 151: Access Control Models (Part 1) (Domain 4)
Access control models define who can access what, under which conditions—and in this episode, we begin our exploration with Mandatory Access Control (MAC) and Discreti...
Episode 152: Access Control Models (Part 2) (Domain 4)
In this second installment on access control models, we focus on more adaptive and scalable approaches: Role-Based Access Control (RBAC), Rule-Based Access Control, an...
Episode 153: Advanced Access Controls and Least Privilege (Domain 4)
Access controls must go beyond static roles to enforce the principle of least privilege in real time, and this episode explores how to implement more advanced models t...
Episode 154: Multifactor Authentication (MFA) Implementations (Domain 4)
Multifactor Authentication (MFA) is one of the most effective ways to prevent unauthorized access, and in this episode, we break down how to implement it effectively a...
Episode 155: MFA Authentication Factors (Domain 4)
Multifactor authentication is only as strong as the diversity and reliability of the factors it uses. In this episode, we explore each authentication factor category i...
Episode 156: Secure Password Management (Domain 4)
Passwords continue to serve as a primary access method for many systems, and in this episode, we examine what secure password management really looks like—from user be...
Episode 157: Privileged Access Management (PAM) (Domain 4)
Privileged accounts are the crown jewels of any IT environment, and their misuse—whether accidental or malicious—can lead to devastating breaches. This episode focuses...
Episode 158: Automation and Scripting in Security (Domain 4)
In modern cybersecurity, manual processes can’t keep up with the scale and speed of threats—making automation and scripting essential for operational success. In this ...
Episode 159: Technical Debt in Automation (Domain 4)
As security teams automate more of their operations, they often accumulate technical debt—shortcuts, fragile code, or undocumented scripts that create long-term risk. ...
Episode 160: Continuous Integration and API Automation (Domain 4)
Security needs to move at the speed of development, and that’s where continuous integration (CI) and API-driven automation come in. In this episode, we explore how CI ...