All Episodes
Displaying 81 - 100 of 119 in total
Episode 81 — External Reporting: Bug Bounties and Responsible Disclosure (4.3)
This episode explains external vulnerability reporting through bug bounty programs and responsible disclosure. Students should understand that bug bounties create a st...
Episode 82 — Monitoring Resources: Systems, Applications, Infrastructure, and Log Aggregation (4.4)
This episode introduces the resources security teams monitor to detect threats, investigate activity, and support reporting. Students should recognize that useful moni...
Episode 83 — Alerting Operations: Scanning, Archiving, Reporting, and Alert Tuning (4.4)
This episode explains alerting operations and why effective monitoring requires more than simply turning on every possible alert. Students should understand how scanni...
Episode 84 — Monitoring Tools: SIEM, DLP, Vulnerability Scanners, Orchestration, and Packet Analyzers (4.4)
This episode covers major monitoring tools and the role each plays in visibility, detection, and response. A security information and event management platform collect...
Episode 85 — Monitoring Protocols and Data Flow: NetFlow, SNMP, Syslog, SCAP, Port Mirroring, and Dashboards (4.4)
This episode explains common monitoring protocols and data sources used to understand system and network activity. NetFlow summarizes traffic patterns between systems,...
Episode 86 — IAM Lifecycle: Provisioning, Deprovisioning, Permissions, and Identity Proofing (4.5)
This episode introduces identity and access management lifecycle activities from initial account creation through role changes and account removal. Provisioning create...
Episode 87 — Federation and SSO: SAML, LDAP, and OAuth (4.5)
This episode explains federation and single sign-on at a Security+ level by focusing on what these technologies help accomplish. Federation allows identity information...
Episode 88 — Account Types and Privilege Models: User, Privileged, Service, Third-Party, and Emergency Access (4.5)
This episode covers common account types and explains why each requires different controls, monitoring, and review. Standard user accounts support daily work and shoul...
Episode 89 — MFA: Tokens, Biometrics, OTPs, Backup Codes, and Bypass Risks (4.5)
This episode explains multifactor authentication and the common methods used to strengthen login security. Students should understand hard tokens, soft tokens, biometr...
Episode 90 — Access Models and Modern Authentication: JIT Access, Passkeys, Passwordless, and Credential Monitoring (4.5)
This episode covers access control models and modern authentication methods that reduce reliance on standing privileges and reusable passwords. Students should underst...
Episode 91 — Automation Use Cases: Provisioning, Desired State, Anomaly Detection, and Ticketing (4.6)
This episode explains how automation supports security operations by making common workflows faster, more consistent, and easier to repeat. Students should understand ...
Episode 92 — Automation Risks and Guardrails: Logic, Complexity, Financial Risk, and Process Risk (4.6)
This episode covers the risks that appear when automation executes bad logic quickly, repeatedly, or at scale. Students should understand that automation can amplify m...
Episode 93 — AI in SecOps: Agentic AI, Chatbots, Predictive Analysis, AI-Augmented Baselines, and CI/CD (4.6)
This episode explains how AI can support security operations through assistant-style tools, agentic workflows, predictive analysis, AI-augmented baselines, and integra...
Episode 94 — Incident Response Preparation: Training, Tabletop Exercises, Playbooks, Simulations, and Roles (4.7)
This episode covers the preparation phase of incident response, where organizations define how they will act before an actual security incident occurs. Students should...
Episode 95 — Identification and Investigation: Detection, Advisories, Threat Hunting, Forensics, and Chain of Custody (4.7)
This episode explains how teams identify and investigate potential security incidents using alerts, advisories, threat hunting, forensics, and evidence handling. Detec...
Episode 96 — Containment Through Post-Incident: Isolation, Negotiation, Recovery, Reporting, Lessons Learned, and RCA (4.7)
This episode covers the incident response path from containment through post-incident activity. Containment limits damage by isolating systems, disabling accounts, blo...
Episode 97 — Investigation Data Types: Access, Device, Server, Application, Authentication, Communication, and Audit Logs (4.8)
This episode explains the major log categories used during security investigations and how each source contributes part of the incident story. Access logs show who rea...
Episode 98 — Investigation Sources: Vulnerability Scans, Automated Reports, NetFlow/IPFIX, Surveillance, and Packet Captures (4.8)
This episode covers investigation sources beyond standard logs, including vulnerability scans, automated reports, NetFlow, IPFIX, surveillance footage, dashboards, and...
Episode 99 — Evidence and Stakeholders: File Integrity, Memory Dumps, Bit Copies, Snapshots, HR, Legal, and Log Parsing (4.8)
This episode explains evidence handling and stakeholder involvement during security investigations. File integrity checks help confirm whether files were changed, whil...
Episode 100 — GRC Artifacts: Guidelines, Benchmarks, Advisories, Implementation Guides, and Reference Architectures (5.1)
This episode introduces governance, risk, and compliance artifacts that help organizations build consistent security programs. Guidelines provide recommended practices...