BrakeSec Education Podcast – Details, episodes & analysis
Podcast details
Technical and general information from the podcast's RSS feed.
BrakeSec Education Podcast
Bryan Brake, Amanda Berlin, and Brian Boettcher
Frequency: 1 episode/9d. Total Eps: 455
Recent rankings
Latest chart positions across Apple Podcasts and Spotify rankings.
Apple Podcasts
🇺🇸 USA - techNews
21/06/2025#98🇩🇪 Germany - techNews
09/06/2025#97🇩🇪 Germany - techNews
08/06/2025#73🇩🇪 Germany - techNews
07/06/2025#61🇩🇪 Germany - techNews
06/06/2025#45🇺🇸 USA - techNews
06/05/2025#91🇩🇪 Germany - techNews
02/04/2025#88🇩🇪 Germany - techNews
01/04/2025#76🇩🇪 Germany - techNews
31/03/2025#60🇩🇪 Germany - techNews
30/03/2025#43
Spotify
No recent rankings available
Shared links between episodes and podcasts
Links found in episode descriptions and other podcasts that share them.
See all- https://mastersofscale.com/
574 shares
- https://brakesec.com/BrakesecRSS
564 shares
- https://brakesec.com/BDS-GooglePlay
564 shares
- https://youtube.com/
1087 shares
- http://www.youtube.com/c/BDSPodcast
592 shares
- https://twitter.com/brakesec
270 shares
- https://twitter.com/boettcherpwned
270 shares
- https://twitter.com/bryanbrake
270 shares
RSS feed quality and score
Technical evaluation of the podcast's RSS feed quality and structure.
See allScore global : 42%
Publication history
Monthly episode publishing history over the past years.
March23: buy browser extensions, attackers don't need exploits, socvel CTI quiz
Season 2025 · Episode 1
lundi 24 mars 2025 • Duration 01:12:38
Join the Discord! https://bit.ly/brakesecDiscord
Questions and topics: (please feel free to update or make comments for clarifications) * https://techoreon.com/http-flaw-in-apple-passwords-left-iphones-vulnerable/ * https://darkmarc.substack.com/p/attackers-dont-need-exploits-when * https://www.techzine.eu/news/security/129713/the-browser-is-riddled-with-bugs-2025-may-squash-them/ * https://medium.com/@vanvleet/compound-probability-you-dont-need-100-coverage-to-win-a2e650da21a4 (interesting article on quantifying attack risk by your coverage in MITRE) * https://www.promptfoo.dev/blog/agent-security/ * https://www.socvel.com/quiz/ - 20March2025 edition! * https://secureannex.com/blog/buying-browser-extensions/ - interesting article about browser extensions * https://gist.github.com/c0m4r/45e15fc1ec13c544393feafca30e74de?permalink_comment_id=5298117#gistcomment-5298117 * https://www.bleepingcomputer.com/news/security/-particle-chrome-extension-sold-to-new-dev-who-immediately-turns-it-into-adware/ * https://arealsociety.substack.com/p/you-can-just-take-things-cyber-letters?r=99bhj - oh boy, cyber ‘letters of marque’
Additional information / pertinent LInks (Would you like to know more?):
* VanVleet detection engineering podcast appearance: https://www.youtube.com/watch?v=5DAQkvOyqME * https://medium.com/@vanvleet/technique-analysis-and-modeling-ffef1f0a595a * https://github.com/prodaft/cradle/ * https://blog.talosintelligence.com/css-abuse-for-evasion-and-tracking/ * https://www.gdatasoftware.com/blog/2025/03/38161-analysis-fin7-anubis-backdoor
Show points of Contact: Amanda Berlin: https://www.linkedin.com/in/amandaberlin/ Brian Boettcher: https://www.linkedin.com/in/bboettcher96/ Bryan Brake: https://linkedin.com/in/brakeb Brakesec Website: https://www.brakeingsecurity.com Youtube channel: https://youtube.com/@BrakeSecEd Twitch Channel: https://twitch.tv/brakesec
Music:
Music provided by Chillhop Music: https://chillhop.ffm.to/creatorcred
"Flex" by Jeremy Blake Courtesy of Youtube media library
steam distributes malware in game form, RDP open from DOGE servers, hacking a supply chain for 50K
Season 2025 · Episode 1
lundi 17 février 2025 • Duration 01:01:47
Youtube VOD: https://www.youtube.com/watch?v=zu_smyQGvG4
-
https://cyberintel.substack.com/p/doge-exposes-once-secret-government
-
https://x.com/SteamDB/status/1889610974484705314 – supply chain issues can crop up anywhere… are you blocking people from steam and popular software downloads online?
-
https://www.landh.tech/blog/20250211-hack-supply-chain-for-50k/
-
https://medium.com/@cyberengage.org/rethinking-incident-response-from-picerl-to-dair-7b153a76e044
-
https://www.youtube.com/watch?v=3HRkKznJoZA <- 100 digits of pi
-
https://www.youtube.com/watch?v=rz4Dd1I_fX0 <- periodic table song
Additional information / pertinent LInks (Would you like to know more?):
-
https://www.socvel.com/quiz/
-
https://xphantom.nl/posts/Offensive-Security-Lab/
Show points of Contact:
Amanda Berlin: https://www.linkedin.com/in/amandaberlin/
Brian Boettcher: https://www.linkedin.com/in/bboettcher96/
Bryan Brake: https://linkedin.com/in/brakeb
Brakesec Website: https://www.brakeingsecurity.com
Youtube channel: https://youtube.com/@brakeseced
discord: https://discord.gg/brakesec
Twitch Channel: https://twitch.tv/brakesec
Music: https://chillhop.ffm.to/creatorcred "Flex" by Jeremy Blake
Courtesy of Youtube media library
25Oct - okta breached (again), Energy company hit by supply chain attack, and you can help hire the best people
Season 2022
jeudi 26 octobre 2023 • Duration 45:53
Subscribe on Twitch using Amazon Prime and watch us live: https://twitch.tv/brakesec
Check out our VODs on Youtube: https://www.youtube.com/@BrakeSecEd
Join the BrakeSecEd discord: https://discord.gg/brakesec
News:
https://www.darkreading.com/remote-workforce/1password-latest-victim-okta-customer-service-breach
https://www.documentcloud.org/documents/24075435-bhi-notice
https://www.shacknews.com/article/137505/ransomware-group-capcom-2020-arrested
https://www.nasdaq.com/articles/three-cybersecurity-sectors-that-resist-economic-downturns
2021-007-News-Google asking for OSS to embrace standards, insider threat at Yandex, Vectr Discussion
Season 2021 · Episode 7
dimanche 21 février 2021 • Duration 57:01
Links to discussed items:
Yandex Employee Caught Selling Access to Users' Email Inboxes (thehackernews.com)
Supply-Chain Hack Breaches 35 Companies, Including PayPal, Microsoft, Apple | Threatpost
Google pitches security standards for 'critical' open-source projects | SC Media (scmagazine.com)
https://www.kitploit.com/2021/02/damn-vulnerable-graphql-application.html
https://www.blumira.com/careers/?gh_jid=4000142004 sec evangelist @blumira
Check out our Store on Teepub! https://brakesec.com/store
Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com
#AmazonMusic: https://brakesec.com/amazonmusic
#Spotify: https://brakesec.com/spotifyBDS
#Pandora: https://brakesec.com/pandora
#RSS: https://brakesec.com/BrakesecRSS
#Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec
2021-006-Ronnie Watson (@secopsgeek), building a security monitoring system with ELK, and Wazuh - part2
Season 2021 · Episode 6
dimanche 14 février 2021 • Duration 39:21
Ronnie Watson (@secopsgeek)
Youtube: watson infosec - YouTube
watsoninfosec (Watsoninfosec) · GitHub
Feel free to add anything you like
Wazuh - fork of OSSEC (Migrating from OSSEC · Wazuh · The Open Source Security Platform)
Implementing a Network Security Metrics Programs (giac.org)
What to track.
Some suggested metrics to start with:
- Number of Successful Logons – from security audits.
- Number of Unsuccessful Logons – from security audits.
- Number of Virus Infections during a given period.
- Number of incidents reported.
- Number of security policy violations during a given period.
- Number of policy exceptions during a given period.
- Percentage of expired passwords.
- Number of guessed passwords – use a password cracker to test passwords.
- Number of incidents.
- Cost of monitoring during a given period – use your time tracking system if you have one.
6 Essential Security Features for Network Monitoring Solutions (solutionsreview.com)
Metrics of Security (nist.gov)
Security metrics are essential to comprehensive network security and CSA management. Without good metrics, analysts cannot answer many security related questions. Some examples of such questions include “Is our network more secure today than it was before?” or “Have the changes of network configurations improved our security posture?”
The ultimate aim of security metrics is to ensure business continuity (or mission success) and minimize business damage by preventing or minimizing the potential impact of cyber incidents.
DNS over HTTPs DNS over HTTPS - Wikipedia
2021-005-Ronnie Watson (@secopsgeek), building a security monitoring system with ELK, and Wazuh
Season 2021 · Episode 5
mardi 9 février 2021 • Duration 35:43
Ronnie Watson (@secopsgeek)
Youtube: watson infosec - YouTube
watsoninfosec (Watsoninfosec) · GitHub
Wazuh - fork of OSSEC (Migrating from OSSEC · Wazuh · The Open Source Security Platform)
Implementing a Network Security Metrics Programs (giac.org)
What to track.
Some suggested metrics to start with:
- Number of Successful Logons – from security audits.
- Number of Unsuccessful Logons – from security audits.
- Number of Virus Infections during a given period.
- Number of incidents reported.
- Number of security policy violations during a given period.
- Number of policy exceptions during a given period.
- Percentage of expired passwords.
- Number of guessed passwords – use a password cracker to test passwords.
- Number of incidents.
- Cost of monitoring during a given period – use your time tracking system if you have one.
6 Essential Security Features for Network Monitoring Solutions (solutionsreview.com)
Metrics of Security (nist.gov)
Security metrics are essential to comprehensive network security and CSA management. Without good metrics, analysts cannot answer many security related questions. Some examples of such questions include “Is our network more secure today than it was before?” or “Have the changes of network configurations improved our security posture?”
The ultimate aim of security metrics is to ensure business continuity (or mission success) and minimize business damage by preventing or minimizing the potential impact of cyber incidents.
DNS over HTTPs DNS over HTTPS - Wikipedia
Check out our Store on Teepub! https://brakesec.com/store
Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com
#AmazonMusic: https://brakesec.com/amazonmusic
#Spotify: https://brakesec.com/spotifyBDS
#Pandora: https://brakesec.com/pandora
#RSS: https://brakesec.com/BrakesecRSS
#Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec
2021-004-Danny Akacki talks about Mergers and Acquisitions - Part 2
Season 2021 · Episode 4
mercredi 3 février 2021 • Duration 47:45
Discussion on Mergers and acquisitions processes
On being acquired, but also if you’re acquiring a company
Best Practices
Best Practices of Mergers and Acquisitions (workforce.com)
The Role of Information Security in a Merger/Acquisition (bankinfosecurity.com)
Security Considerations in the Merger/Acquisition Process (sans.org)
The 10 steps to successful M&A integration | Bain & Company
Savvy Hackers Use Spearphishing to steal Wall Street M&A info (knowbe4.com)
“We’ve been acquired by X!”
First thing people think “oh no, what’s gonna happen to me.”
Check out our Store on Teepub! https://brakesec.com/store
Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com
#AmazonMusic: https://brakesec.com/amazonmusic
#Brakesec Store!: https://brakesec.com/teepub
#Spotify: https://brakesec.com/spotifyBDS
#Pandora: https://brakesec.com/pandora
#RSS: https://brakesec.com/BrakesecRSS
#Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec
2021-003- Danny Akacki, open communications, mergers&acquistions
Season 2021 · Episode 3
mardi 26 janvier 2021 • Duration 46:09
Discussion on Mergers and acquisitions processes
On being acquired, but also if you’re acquiring a company
Best Practices
Best Practices of Mergers and Acquisitions (workforce.com)
The Role of Information Security in a Merger/Acquisition (bankinfosecurity.com)
Security Considerations in the Merger/Acquisition Process (sans.org)
Women Unite Over CTF 3.0 (ittakesahuman.com)
The 10 steps to successful M&A integration | Bain & Company
Savvy Hackers Use Spearphishing to steal Wall Street M&A info (knowbe4.com)
“We’ve been acquired by X!”
First thing people think “what’s gonna happen to me.”
Check out our Store on Teepub! https://brakesec.com/store
Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com
#AmazonMusic: https://brakesec.com/amazonmusic
#Brakesec Store!: https://brakesec.com/teepub
#Spotify: https://brakesec.com/spotifyBDS
#Pandora: https://brakesec.com/pandora
#RSS: https://brakesec.com/BrakesecRSS
#Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec
2021-002-Elastic Search license changes, Secure RPC patching for windows, ironkey traps man's $270 million in Bitcoin
Season 2021 · Episode 2
mardi 19 janvier 2021 • Duration 46:50
Secure RPC issue -
Elastic Search
https://anonymoushash.vmbrasseur.com/2021/01/14/elasticsearch-and-kibana-are-now-business-risks
“There are those who will point to the FAQ for the SSPL and claim that the license isn’t interpreted in that way because the FAQ says so. Unfortunately, when you agree to a license you are agreeing to the text of that license document and not to a FAQ. If the text of that license document is ambiguous, then so are your rights and responsibilities under that license. Should your compliance to that license come before a judge, it’s their interpretation of those rights and responsibilities that will hold sway. This ambiguity puts your organisation at risk.”
Doubling down on open, Part II | Elastic Blog - license change affecting Elastic Search and Kibana
MongoDB did something similar in 2018: mjg59 | Initial thoughts on MongoDB's new Server Side Public License (dreamwidth.org)
Hacker News Discussion: MongoDB switches up its open source license | Hacker News (ycombinator.com)
[License-review] Approval: Server Side Public License, Version 2 (SSPL v2) (opensource.org)
“We continue to believe that the SSPL complies with the Open Source
Definition and the four essential software freedoms. However, based on its
reception by the members of this list and the greater open source
community, the community consensus required to support OSI approval does
not currently appear to exist regarding the copyleft provision of SSPL.
Thus, in order to be respectful of the time and efforts of the OSI board
and this list’s members, we are hereby withdrawing the SSPL from OSI
consideration.”
(could be ‘open-source’, but negative feedback on mailing lists and elsewhere made the remove it from consideration from OSI)
Open Source license requirements: The Open Source Definition | Open Source Initiative
What does this mean?
If you have products that utilize ElasticSearch/MongoDB/Kibana in some way, talk to your legal teams to find out if you need to divest your org from them. These are not ‘opensource’ licenses… they are ‘source available’
It might not affect your organization and moving to SSPL might be feasible. If your product makes any changes internally to ElasticSearch,
Notable links
JTNYDV - specifically the CIS docker hardening
Twitter: @jtnydv
https://www.coindesk.com/anchorage-becomes-first-occ-approved-national-crypto-bank
https://www.cnn.com/2021/01/15/uk/bitcoin-trash-landfill-gbr-scli-intl/index.html
Check out our Store on Teepub! https://brakesec.com/store
Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com
#AmazonMusic: https://brakesec.com/amazonmusic
#Brakesec Store!: https://brakesec.com/teepub
#Spotify: https://brakesec.com/spotifyBDS
#Pandora: https://brakesec.com/pandora
#RSS: https://brakesec.com/BrakesecRSS
#Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec
2021-001-news, youtuber 'dream' doxxed, solarwind passwords bruteforced, malware attacks
Season 2021 · Episode 1
mardi 12 janvier 2021 • Duration 46:57
Dream Doxxed:
Minecraft YouTuber Dream Doxxed Following Speedrun Controversy (screenrant.com)
Osint issues… found him by breadcrumbs and using zillow internal pics of his house. Craziness
How to Use APIs (explained from scratch) (secjuice.com)
Hackers target cryptocurrency users with new ElectroRAT malware | ZDNet
Cobalt Strike and Metasploit accounted for a quarter of all malware C&C servers in 2020 | ZDNet
Check out our Store on Teepub! https://brakesec.com/store
Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com
#AmazonMusic: https://brakesec.com/amazonmusic
#Brakesec Store!: https://brakesec.com/teepub
#Spotify: https://brakesec.com/spotifyBDS
#Pandora: https://brakesec.com/pandora
#RSS: https://brakesec.com/BrakesecRSS
#Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec
Related Shows Based on Content Similarities
