Cover art for podcast Blue Security

Blue Security

100 EpisodesProduced by Andy Jaw & Adam BrewerWebsite

A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.

100 Episodes | 2020 - 2022

Post Quantum Series - Part 1 - Quantum Computers

August 8th, 2022

22:18

This week, Adam and Andy start a two part series on post-quantum computer information security. This first part goes into understanding how quantum computers work and how they differ from classical computers. While it's …

Exchange Online Protection Deep-Dive

August 1st, 2022

25:32

This week, Adam and Andy do a technical deep dive on Exchange Online Protection (EOP). They talk about the pre-delivery and post-delivery protections. They also talk about some of the zero-day protections that Defender …

Personal and Organization Privacy

July 25th, 2022

39:18

This week, Adam and Andy talk about privacy both in organizations and your personal life. They talk about some of the new Microsoft Purview Compliance Classifiers and how it might be an invasive for some orgs when …

Microsoft Security News

July 18th, 2022

31:35

This week, Adam and Andy talk about some security news relating to Microsoft. First they talk about a phishing campaign that Microsoft detailed that was going on affecting more than 10,000 orgs where the attackers are …

Risk Management and Data Protection

July 11th, 2022

24:48

This week, Adam and Andy talk about risk-centric security management and how to shift from looking at just severity of vulnerabilities to reducing …

Basic Auth, Zero Days, & Burnout

July 4th, 2022

36:48

This week, Adam and Andy catch up some news in their first live show in a couple of weeks. First they talk about CISA's guidance to federal agencies to switch from basic auth to modern auth due to the retirement of …

Secure Authentication to Azure VMs

June 27th, 2022

15:04

This week, Adam and Andy talk about different methods to modernize the way you authenticate to virtual machines located in Azure. The first is using Azure Active Directory and the second is using Azure Bastion. Listen …

Don't Phish Me, Bro

June 20th, 2022

28:16

This week, Adam and Andy talk about OMB procurement requirements changing due to increased cybersecurity defense, Gartner's thoughts on consolidated …

Securing Guest Access to M365

June 12th, 2022

26:42

This week, Adam and Andy talk about how to secure guest access and collaboration in Microsoft 365. They talk about the differences between member and …

Windows Defender Exploit Guard

June 6th, 2022

21:36

This week, Adam and Andy talk about Windows Defender Exploit Guard. This is a set of protections built into Windows Server and 10/11 operating …

Patch Management

May 30th, 2022

33:01

This week, Adam and Andy talk about patch management. This is basic security and some organizations are still struggling with it. They talk about the explosion of zero days and why continuous monitoring of patching is …

Domain Controller Security

May 23rd, 2022

23:36

This week, Adam and Andy talk about some updated guidance for securing domain controllers in a world where the cloud is a security imperative. They …

Cyber Threat Intelligence with Special Guest Charity Wright

May 16th, 2022

40:46

This week, Adam and Andy talk with threat intelligence expert Charity Wright. Charity talks about her military career and how she got selected as a Chinese linguist and worked with the NSA. Charity works for Recorded …

Andy was hacked!

May 9th, 2022

20:22

This week, Adam and Andy talk about passwordless news released on World Password Day and about how Andy was hacked...listen in to hear the details of what happened!

-------------------------------------------

Youtube …

MFA Bombing

May 2nd, 2022

20:16

This week, Adam and Andy talk about MFA bombing. This tricky compromise circumvents MFA. Listen on what it is and how to protect against it.

-------------------------------------------

Youtube Video Link: 

Interview with Special Guest Christina Morillo

April 25th, 2022

34:18

This week, Adam and Andy talk with Christina Morillo about identity, diversity in information security, and her book "97 Things Every Information …

VPNs vs SDPs

April 18th, 2022

31:20

Adam and Andy talk about VPN's versus Software Defined Perimeters (SDP) this week. They break down why companies still use VPN's and why they pose an infosec security risk. They present SDP's as a different way of …

Okta Says Sorry, Fake Warrants, New PCI Reqs

April 11th, 2022

33:06

This week's episode, Adam and Andy talk about some interesting infosec news including Okta's apology and how that affected their stock prices. They …

LAPSUS$

April 4th, 2022

41:14

This week's episode, Adam and Andy talk about the hacker group LAPSUS$. They go over what makes this group unique in the cybercriminal world and a breakdown of the latest high value targets.

Infosec News Catch Up

March 28th, 2022

29:07

This week's episode, Adam and Andy catch up on some infosec news including the new Cyber Incident Reporting Act signed into law last week and other …

Helpdesk Security

March 21st, 2022

29:51

This week's episode, Adam and Andy talk about helpdesk security. Enterprise helpdesks are often a popular target for cybercriminals because they have …

War in the Digital Age

March 14th, 2022

31:34

This week's episode, Adam and Andy talk about the Russian invasion of Ukraine and the information war that is happening behind the scenes. They go over some specific takeaways on what to focus on in this heightened …

Windows Hello for Business Revisited

March 7th, 2022

26:11

This week's episode, Adam and Andy talk about the new cloud key trust deployment model for Windows Hello for Business in hybrid environments. Cloud key trust greatly simplifies the deployment of Windows Hello for …

Password Cracking

February 28th, 2022

20:46

This week's episode, Adam and Andy talk about the basics of password cracking. Understanding how passwords are cracked by offensive security and …

Geopolitical Crises and Cybersecurity

February 21st, 2022

23:13

This week's episode, Adam and Andy talk about some of the geopolitical crises happening around the world with Russia and China and how that affects …

Windows Defender Application Control

February 14th, 2022

22:52

This week's episode, Adam and Andy continue their Windows Security series and talk about Defender Application Control. This is a great feature built …

Tabletop Scenarios with Special Guests Nate Gardner and Gavin Ashton

February 7th, 2022

47:00

This week's episode, Adam and Andy have a great time chatting with fellow cybersecurity professionals Nate Gardner and Gavin Ashton walking through …

News Smash

January 31st, 2022

33:45

This week's episode, Adam and Andy talk catch up on some infosec news including BadUSB, President Biden's memorandum for National Security Systems, …

Windows Device Management with Special Guest Shannon Fritz

January 24th, 2022

59:05

This week's episode, Adam and Andy talk with special guest Shannon Fritz on Windows Device Management. If you haven't listened to Shannon's episode …

F12 and Find Out

January 17th, 2022

23:22

This week's episode, Adam and Andy talk about the importance of the nomenclature we use in information security. They also talk about the perception of information security to those who are not in the field and how that …

Digital Asset Management

January 10th, 2022

24:33

This week's episode, Adam and Andy talk about a fundamental important program for security defenders: asset management. It may not be the most exciting aspect of security but knowing what you have makes it a lot easier …

A look back on 2021

January 3rd, 2022

30:28

This week's episode, Adam and Andy give an update on Log4j/Log4Shell insights from the Google Security Team. They also look back on some of the …

Work Life Balance

December 27th, 2021

37:51

This week's episode, Adam and Andy talk all about a healthy work life balance. With the pandemic still on-going and working from home or hybrid work environments looking like they are not going away, it's time to …

Threat and Vulnerability Management

December 20th, 2021

29:44

This week, Adam and Andy talk all about how to start and run a threat  and vulnerability program at your company. From asset management,  scanning, …

Log4Shell

December 13th, 2021

34:14

This week, Adam and Andy talk all about the Log4Shell vulnerability affecting the log4j Java library. They give an overview on how it works and how …

Security Champions

December 6th, 2021

21:21

This week, Adam and Andy talk about a security champions program. This is a way to bolster the security culture and develop representatives in each …

Things are getting better

November 29th, 2021

32:53

This week, Adam and Andy talk about how they see things improving in the cybersecurity industry from the Department of Justice and the US government investigating and hunting down cyber criminals and sanctioning the NSO …

Zero Trust, Amazon Security, and other news

November 22nd, 2021

34:04

This week, Adam and Andy talk about some recent infosec news, a shocking article about Amazon's lack of security, and what zero trust means to them.

-------------------------------------------

Youtube Video Link:

Ignite 2021 Fall Highlights

November 15th, 2021

35:57

This week, Adam and Andy go over some of the endpoint, Windows, and security announcements from Ignite. If you were too busy to watch any of the sessions or read about the updates, listen in as they give the highlights …

Cybersecurity Talent Gap

November 8th, 2021

39:42

This week, Adam and Andy talk about the cybersecurity talent gap. They give advice to those who are trying to break into the field as well as hiring managers on changing the way they look at recruiting to widen the …

Microsoft Digital Defense Report, Consumer Expectations, and Gartner

November 1st, 2021

39:25

This week, Adam and Andy talk about Microsoft's Digital Defense Report,  consumer expectations of "invisible" security, and should you rip out an …

Windows 365 with Special Guest Bradley Dupay

October 25th, 2021

52:51

This week, Adam and Andy talk with Microsoft's Global Black Belt Specialist, Bradley Dupay, about the all new cloud PC offering called Windows 365. …

Facebook Outage Learnings and Windows 11 security

October 18th, 2021

34:02

This week on the Blue Security Podcast, Adam and Andy talk about the Facebook outage and what security defenders can learn from reading their after actions report. They also dive into Windows 11 and the security …

You are going to be a victim of ransomware

October 11th, 2021

21:17

This week on the Blue Security Podcast, Adam and Andy talk about planning to be a victim of ransomware. This is a mindset shift. Instead of focusing …

TPM design limitations and Apple-Google app store actions

October 4th, 2021

27:46

This week on the Blue Security Podcast, Adam and Andy talk about two interesting topics. The first is a pentesting company's successful hack …

Protonmail kerfuffle

September 27th, 2021

17:17

This week on the Blue Security Podcast, Adam and Andy talk about the hot water Protonmail got themselves into when the news reported that they  provided IP address and device information on a Protonmail account to the …

Misconceptions about MDM

September 20th, 2021

43:03

This week on the Blue Security Podcast, Adam and Andy go over a bunch of misconceptions about mobile device management spurred by some chatter on …

One year anniversary!

September 13th, 2021

31:08

This week on the Blue Security Podcast, Adam and Andy celebrate one year of the podcast looking back on past episodes and key takeaways.

-------------------------------------------

Youtube Video Link:

Apple's Protections for Children

September 6th, 2021

34:07

This week on the Blue Security Podcast, Adam and Andy talk about Apple's new proposed iOS 15 feature to protect children. They break down the technical details of how Apple differs from the other tech companies already …

Security News Edition: Lockfile, Razer, and T-mobile

August 30th, 2021

32:42

This week on the Blue Security Podcast, Adam and Andy breakdown some of the latest infosec news. They go over some hardening advice on the current …

Windows Hello for Business

August 23rd, 2021

35:07

This week on the Blue Security Podcast, Adam and Andy discuss the enterprise-ready passwordless solution that's already built into your Windows 10 …

Mistakes that hinder a security team's success with Special Guest Nate Gardner

August 16th, 2021

19:30

This week, Nate Gardner joins Andy to talk about mistakes that security teams can make that will hinder their success at organizations. And these aren't technical errors. Listen in because these mistakes can mean the …

Secure Privileged Access

August 9th, 2021

45:57

This week, Adam and Andy go through Microsoft's best practice on securing privileged access. This documentation is amazing and extremely detailed. There are some great tips including administration and secure device …

Windows Defender Application Guard

August 2nd, 2021

22:57

This week, Adam and Andy continue their series on Windows security by talking about Windows Defender Application Guard. This is a great security …

Pegasus, Twitter MFA, & Underfunding Infosec

July 25th, 2021

30:03

This week, Adam and Andy discuss some interesting articles that were published during the week. Pegasus, a suite of mobile phone exploits, was big in the news again. Twitter released a report on their MFA adoption. And …

CISA's RVA findings and what it means for organizations

July 19th, 2021

50:49

This week, Adam and Andy go over CISA's (Cybersecurity & Infrastructure Security Agency) Risk and Vulnerability Assessments finding for 2020. In …

The Tech We Use

July 12th, 2021

42:29

This week, Andy and Adam take a break from cybersecurity and have a little fun talking about the tech they use. They chat about their phones, computers, headphones, mics, and more! Below are links to the products they …

Information Protection with Special Guest Rachel O'Shea

July 5th, 2021

44:18

This week, Rachel O'Shea, a Senior Technical Specialist in Compliance at Microsoft, join Adam and Andy to talk about information protection and governance. Rachel has a wealth of experience in compliance and she talks …

Should you block or allow this app?

June 28th, 2021

34:09

This week, Adam and Andy talk about what infosec professionals should consider when being asked to block or allow an application.

Special Episode - Programming Note

June 21st, 2021

5:18

Adam and Andy have some news to share!

--- Send in a voice message: https://anchor.fm/blue-security-podcast/message

Windows Defender Credential Guard

June 21st, 2021

27:03

This week, Adam and Andy do a deep technical dive on Windows Defender Credential Guard. This security feature is part of Windows 10 Enterprise and …

The True Cost of Ransomware

June 14th, 2021

34:40

This week, Adam and Andy talk about how cyberattacks and ransomware incidents are increasing in  frequency and how the financial impact is getting greater both for  payments and for recovery. They go over the sometimes …

Digital Every Day Carry (EDC)

June 7th, 2021

42:48

This week, Adam and Andy talk about their digital "Every Day Carry" (EDC). These are tools they use personally on an every day basis to keep …

That Infosec Op-Ed

May 31st, 2021

45:59

This week, Adam and Andy talk about the op-ed written by Prof Allen Gwinn in The Hill that had the information security community up in arms. They …

Information Security Leadership with Special Guest Doug Turecek

May 24th, 2021

41:37

This week, Adam and Andy talk with Doug Turecek. Doug has over 25 years of experience in information technology and is currently the Information …

Colonial Pipeline and other news

May 17th, 2021

33:40

This week, Adam and Andy talk about the Colonial Pipeline ransomware incident, the executive order President Biden signed on improving cybersecurity, …

Security Change Management

May 10th, 2021

35:49

This week Andy and Adam talk about security change management. Rolling  out a security change or a new security product can be difficult and …

Browser Security

May 3rd, 2021

41:08

This week Andy and Adam talk about browser security. They break down why it's important to secure your browser's configuration and recommendations on settings for Edge, Chrome, and Firefox. They also dive into some …

Mentorship with Special Guest Matt Wood

April 26th, 2021

36:48

This week Andy and Adam chat with Matt Wood. Matt is an information security manager who was Andy's first mentor in infosec. They talk about the importance of mentorship, what the relationship is like, and how to go …

M365 Productivity Tips and Tricks

April 19th, 2021

33:55

This week, Adam and Andy take a break from security and give you their favorite tips and tricks for the M365 Suite. Hopefully you learn something and …

Zscaler Security with Raja Khalid

April 12th, 2021

39:55

This week, Adam and Andy chat with Raja on Zscaler, one of our favorite tools when it comes to DNS security (and more!). Zscaler is a scalable …

Mac Management with Special Guest Matthew Ward and Matt Benyo

April 5th, 2021

56:14

This week, Adam and Andy are joined by Matthew Ward and Matt Benyo to talk about Mac Management. Macs are more and more important in enterprises and …

How to get into cybersecurity and the skills you need

March 29th, 2021

52:35

This week, Adam and Andy cover how people can break into the cybersecurity industry and the skills they might need prior to finding their first job. …

Azure Sentinel with Special Guest John Joyner

March 21st, 2021

42:18

This week, Microsoft MVP John Joyner joins the show to talk about Azure Sentinel. If you're in the market for a SIEM or looking to bolster your …

Physical Security with Special Guest Wesley Strey

March 15th, 2021

34:55

This week, Andy is joined by Wesley Strey to talk about the subdomain of physical security. There are so many great parallels between information security and physical security. We hope listeners walk away with a better …

Say Goodbye to Domain Join with Special Guest Shannon Fritz

March 8th, 2021

1:01:07

This week, Shannon Fritz joins the show to talk about device identity and why you should start joining your devices to Azure Active Directory. This …

Cloud Application Security Brokers

February 28th, 2021

40:07

This week, Adam and Andy talk about cloud application security brokers (CASB). The podcast is focused more around Microsoft Cloud App Security but …

Password Managers

February 22nd, 2021

40:24

This week, Adam and Andy talk about password managers. They discuss on password managers can protect you from phishing attacks, pros/cons of storing …

What is EvilGinx and How do you protect against it?

February 15th, 2021

41:38

This week, Adam and Andy talk about a Red Team/Pentesting tool called EvilGinx. They explain how this tool works and how cyber-criminals can use it …

Modern Device Management

February 8th, 2021

44:59

This week, Adam and Andy go over modern device management. They discuss how to use device based conditional access to make access decisions on corporate or personal devices spanning different operating systems in the …

Real-world Ransomware Experience with Special Guest Gavin Ashton

February 1st, 2021

40:19

This week, Adam and Andy speak with Stealthbits security strategist, Gavin Aston. Gavin wrote the blog "Maersk, me & notPetya" and brings a unique percepective to information security defense as someone who's …

Application Security with Special Guest Tanya Janca

January 25th, 2021

59:10

This week, Adam and Andy speak with application security guru, Tanya Janca, author of Alice and Bob learn Application Security. It was an amazing conversation where they touched on secure app design practices, password …

Secure Messaging

January 18th, 2021

37:17

This week, Adam and Andy go over some news about Microsoft Defender for Identity and Intel's new CPU ransomware protection. There was also some news …

Solarwinds Revisited and Tech Policy under a Biden Administration

January 11th, 2021

35:04

This week, Adam and Andy revisit some more guidance that has come out about Sunburst/Solarigate since the initial breach. Additionally, they share …

Information Security Tips & Tricks for Parents

January 4th, 2021

31:40

Happy New Year! To ring in the new year, this week's episode focuses on parents who are working from home while having to help home school their kids …

Merry Christmas! Learn how to spin up your own VM lab and dev environments

December 27th, 2020

33:46

This holiday week, Adam and Andy give you some advice on how to spin up your own virtual machine lab and dev environment. They go through SaaS …

Our thoughts on Fireeye, Solarwinds, and Sunburst

December 21st, 2020

34:25

This week, Adam and Andy give you their thoughts on the Fireeye and Solarwinds breach. They also give defenders advice on immediate steps to help …

Passwordless Authentication

December 14th, 2020

38:02

Passwordless authentication is one of those rare features that strengthens security while making it easier for users to sign in. This week, Adam and Andy breakdown passwordless authentication options for enterprises in …

Conditional Access

December 7th, 2020

34:56

This is it! Adam and Andy are finally diving into conditional access. They give an overview on what conditional access is including different types of conditional access like user, sign-in, and device based. Stick …

Work from Home - Tips and Tricks

November 30th, 2020

26:08

On this week's episode, Andy and Adam give you their tips and tricks for working from home. Having been in mature work from home company cultures, …

Our thoughts on Chris Krebs, Infosec Job Security, and Infosec Qualifications

November 23rd, 2020

24:38

On this week's episode, Andy and Adam give their thoughts on the firing of Chris Krebs, former director of CISA. They also talk about their opinions …

Active Directory Security with Special Guest Morgan Patzwald

November 16th, 2020

36:57

This week, Morgan joins Adam and Andy on the podcast to discuss on-prem Active Directory security. They dive into administrator privileges, best practice for account creation, GPO's, and server admins. They also discuss …

Single-Sign On (SSO) and Self-Service Password Reset (SSPR)

November 9th, 2020

31:57

This week, Adam and Andy go over why you should think about using an Identity Provider (IDP) to onboard your SaaS apps to use SSO. They also talk …

How did we get into information security and career progression advice

November 2nd, 2020

43:19

This week, Adam and Andy bring you a bonus episode where they talk about how they got into information security and offer advice on career progression in IT and cybersecurity.

Documentation:

Free Microsoft Developer's …

Ransomware protection - Part 4 - Windows 10 Security, Network Segmentation, Detection and Recovery

October 26th, 2020

29:32

This week, Adam and Andy wrap up the ransomware series by first going over controlled folder access in Windows 10 security and Onedrive for Business …

Ransomware Protection - Part 3 - Admin Rights, Email Protection, Phishing Training

October 19th, 2020

33:58

This week, Adam and Andy continue the conversation on techniques and tools to protect your organization from ransomware. They dive into the concept …

Ransomware Protection - Part 2 - EDR, Patching, and Pentesting

October 12th, 2020

32:23

This week, Adam and Andy continue the conversation on techniques and tools to protect your organization from ransomware. They dive into EDR …

Ransomware Protection - Part 1 - Soft Skills and Endpoint Protection

October 5th, 2020

33:33

Due to the recent ransomware attacks, Adam and Andy use this episode to kick off a series on how to protect your company from ransomware. We started with how security professionals need to have soft skills in order to …

Enabled MFA!

September 28th, 2020

30:46

In this episode, Adam and Andy talk about why if you have not enabled MFA for your identity provider (IDP), this should be your top priority today. …

Geo-restricting IP addresses, Password policies, Defense against password spray attacks

September 21st, 2020

31:57

In this first episode, Adam and Andy discuss whether geo-restricting IP addressing is considered "good" security. They also discuss Azure AD password protection as a method to protect against password spraying attacks.

Loading ...

Are you the creator of this podcast?

Verify your account

and pick the featured episodes for your show.

Listen to Blue Security

RadioPublic

A free podcast app for iPhone and Android

  • User-created playlists and collections
  • Download episodes while on WiFi to listen without using mobile data
  • Stream podcast episodes without waiting for a download
  • Queue episodes to create a personal continuous playlist
RadioPublic on iOS and Android
Or by RSS
RSS feed
https://anchor.fm/s/37babf1c/podcast/rss

Connect with listeners

Podcasters use the RadioPublic listener relationship platform to build lasting connections with fans

Yes, let's begin connecting
Browser window

Find new listeners

  • A dedicated website for your podcast
  • Web embed players designed to convert visitors to listeners in the RadioPublic apps for iPhone and Android
Clicking mouse cursor

Understand your audience

  • Capture listener activity with affinity scores
  • Measure your promotional campaigns and integrate with Google and Facebook analytics
Graph of increasing value

Engage your fanbase

  • Deliver timely Calls To Action, including email acquistion for your mailing list
  • Share exactly the right moment in an episode via text, email, and social media
Icon of cellphone with money

Make money

  • Tip and transfer funds directly to podcastsers
  • Earn money for qualified plays in the RadioPublic apps with Paid Listens