JTS LTD // RESOURCES // CPE TRACKER

Training and Education (CPE) Tracker

Several of my professional certifications require me to complete continuing professional education (CPE) credits, and to track that continuing education. Since I have to track it anyway, I figured that it might help someone if I put my training records online. So, if you're looking for content to consume in order to better understand security principles, go ahead and peruse the table below. My goal is to update this table quarterly.

Category
Title
Link
Status
Date and Time
CertificationPhysical Security ProfessionallinkComplete20220108
ConferenceNWCUA - Incident Response Tabletop ExerciseN/AComplete20180522, 240 minutes
DemoBlack Kite product demoN/AComplete20220420, 25 minutes
GroupDC541 (DefCon affiliate)N/AComplete20180109, 120 minutes
GroupDC541 (DefCon affiliate)N/AComplete20180210, 120 minutes
GroupDC541 (DefCon affiliate)N/AComplete20180310, 120 minutes
GroupDC541 (DefCon affiliate)N/AComplete20180609, 120 minutes
GroupDC541 (DefCon affiliate)N/AComplete20180721, 60 minutes
GroupDC541 (DefCon affiliate)N/AComplete20180908, 120 minutes
GroupDC541 (DefCon affiliate)N/AComplete20181110, 120 minutes
GroupDC541 (DefCon affiliate)N/AComplete20190209, 90 minutes
LectureCyber War is Still Not Taking Place, delivered to DC541N/AComplete20180310, 15 minutes
NIST SPNIST SP 800-100 Information Security Handbook: A Guide for ManagersPendingPendingPending
NIST SPNIST SP 800-101 Rev. 1 Guidelines on Mobile Device ForensicsPendingPendingPending
NIST SPNIST SP 800-114 Rev. 1 User's Guide to Telework and Bring Your Own Device (BYOD) SecurityPendingPendingPending
NIST SPNIST SP 800-115 Technical Guide to Information Security Testing and AssessmentPendingPendingPending
NIST SPNIST SP 800-121 Rev. 2 Guide to Bluetooth SecurityPendingPendingPending
NIST SPNIST SP 800-122 Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)PendingPendingPending
NIST SPNIST SP 800-123 Guide to General Server SecurityPendingPendingPending
NIST SPNIST SP 800-124 Rev. 1 Guidelines for Managing the Security of Mobile Devices in the EnterprisePendingPendingPending
NIST SPNIST SP 800-125 Guide to Security for Full Virtualization TechnologiesPendingPendingPending
NIST SPNIST SP 800-125B Secure Virtual Network Configuration for Virtual Machine (VM) ProtectionPendingPendingPending
NIST SPNIST SP 800-137 Information Security Continuous Monitoring (ISCM) for Federal Information Systems and OrganizationsPendingPendingPending
NIST SPNIST SP 800-144 Guidelines on Security and Privacy in Public Cloud ComputingPendingPendingPending
NIST SPNIST SP 800-145 The NIST Definition of Cloud ComputingPendingPendingPending
NIST SPNIST SP 800-146 Cloud Computing Synopsis and RecommendationsPendingPendingPending
NIST SPNIST SP 800-150 Guide to Cyber Threat Information SharingPendingPendingPending
NIST SPNIST SP 800-153 Guidelines for Securing Wireless Local Area Networks (WLANs)PendingPendingPending
NIST SPNIST SP 800-160 Vol. 2 Developing Cyber Resilient Systems: A Systems Security Engineering ApproachPendingPendingPending
NIST SPNIST SP 800-161 Supply Chain Risk Management Practices for Federal Information Systems and OrganizationslinkComplete20200326, 180 minutes
NIST SPNIST SP 800-163 Rev. 1 Vetting the Security of Mobile ApplicationsPendingPendingPending
NIST SPNIST SP 800-167 Guide to Application WhitelistingPendingPendingPending
NIST SPNIST SP 800-171 Guide to Integrating Forensic Techniques into Incident ResponselinkComplete20180831, 30 minutes
NIST SPNIST SP 800-171 Rev. 2 Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsPendingPendingPending
NIST SPNIST SP 800-171A Assessing Security Requirements for Controlled Unclassified InformationPendingPendingPending
NIST SPNIST SP 800-171B Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations: Enhanced
Security Requirements for Critical Programs and High Value Assets		PendingPendingPending
NIST SPNIST SP 800-177 Rev. 1 Trustworthy EmailPendingPendingPending
NIST SPNIST SP 800-181 National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce FrameworklinkPendingPending
NIST SPNIST SP 800-28 Version 2 Guidelines on Active Content and Mobile CodePendingPendingPending
NIST SPNIST SP 800-34 Rev. 1 Contingency Planning Guide for Federal Information SystemsPendingPendingPending
NIST SPNIST SP 800-39 Managing Information Security Risk: Organization, Mission, and Information System ViewPendingPendingPending
NIST SPNIST SP 800-40 Rev. 3 Guide to Enterprise Patch Management TechnologiesPendingPendingPending
NIST SPNIST SP 800-41 Rev. 1 Guidelines on Firewalls and Firewall PolicyPendingPendingPending
NIST SPNIST SP 800-44 Version 2 Guidelines on Securing Public Web ServersPendingPendingPending
NIST SPNIST SP 800-45 Version 2 Guidelines on Electronic Mail SecurityPendingPendingPending
NIST SPNIST SP 800-46 Rev. 2 Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) SecurityPendingPendingPending
NIST SPNIST SP 800-47 Security Guide for Interconnecting Information Technology SystemsPendingPendingPending
NIST SPNIST SP 800-50 Building an Information Technology Security Awareness and Training ProgramPendingPendingPending
NIST SPNIST SP 800-52 Rev. 2 Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) ImplementationsPendingPendingPending
NIST SPNIST SP 800-55 Rev. 1 Performance Measurement Guide for Information SecurityPendingPendingPending
NIST SPNIST SP 800-58 Security Considerations for Voice Over IP SystemsPendingPendingPending
NIST SPNIST SP 800-61 Computer Security Incident Handling GuidelinkPendingPending
NIST SPNIST SP 800-61 Rev. 2 Computer Security Incident Handling GuidelinkPendingPending
NIST SPNIST SP 800-66 Rev. 1 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security RulePendingPendingPending
NIST SPNIST SP 800-81-2 Secure Domain Name System (DNS) Deployment GuidePendingPendingPending
NIST SPNIST SP 800-83 Guide to Malware Incident Prevention and Handling for Desktops and LatptopslinkPendingPending
NIST SPNIST SP 800-83 Rev. 1 Guide to Malware Incident Prevention and Handling for Desktops and LaptopsPendingPendingPending
NIST SPNIST SP 800-86 Guide to Integrating Forensic Techniques into Incident ResponselinkPendingPending
NIST SPNIST SP 800-88 Rev. 1 Guidelines for Media SanitizationPendingPendingPending
NIST SPNIST SP 800-92 Guide to Computer Security Log ManagementPendingPendingPending
NIST SPNIST SP 800-94 Rev. 1 Guide to Intrusion Detection and Prevention Systems (IDPS)PendingPendingPending
NIST SPNIST SP 800-95 Guide to Secure Web ServicesPendingPendingPending
NIST SPNIST SP 1800-11 Data Integrity: Recovering from Ransomware and Other Destructive EventslinkComplete20230323
NIST SPNIST SP 1800-16 Securing Web Transactions: TLS Server Certificate ManagementlinkComplete20230323
Other2015–2016 SWIFT banking hacklinkPendingPending
OtherIFAP Electronic AnnouncementslinkPendingPending
OtherSignificant Cyber IncidentslinkPendingPending
OtherWikipedia: Office of Personnel Management data breachlinkPendingPending
Podcast[CORRECTED] Risky Business feature: A podcast on Bloomberg's absolutely wild Supermicro storylinkPendingPending
PodcastASIS 2017: Dallas PreviewlinkPendingPending
PodcastBBC Inquiry: What’s so scary about Huawei?linkComplete20190200, 23 minutes
PodcastBONUS: Behavioral Responses to Terror, extendedlinkComplete20180123, 15 minutes
PodcastBONUS: Behavioral Responses to Terror, extendedlinkPendingPending
PodcastCSIS: Collateral Damage? Research Collaboration in an Age of U.S.-China CompetitionlinkComplete20190600, 119 minutes
PodcastCSIS: Dead Cows, Oxblood and Other Cyber Vigilantes: A History of HacktivismlinkComplete20190711, 42 minutes
PodcastCSIS: The Real Costs of Huawei Technology: A Conversation with James LewislinkComplete20190628, 25 minutes
PodcastDtSR Episode 268 - CISOs Survival GuidelinkComplete20171221, 55 minutes
PodcastDtSR Episode 274 - Let's Talk Power GridlinkComplete20180207, 39 minutes
PodcastDtSR Episode 317 - Protecting Higher EducationlinkComplete20190102, 39 minutes
PodcastDtSR Episode 318 - War, Cyber and PolicylinkPendingPending
PodcastDtSR Episode 319 - Striking Out On Your OwnlinkPendingPending
PodcastDtSR Episode 320 - Specializing in ForensicslinkPendingPending
PodcastDtSR Episode 371 - Advancing SOC-as-a-ServicelinkComplete20191100, 38 minutes
PodcastFP's First Person: How Citizen Journalists Solved the Mystery of Malaysia Airlines Flight 17linkComplete20190300, 28 minutes
PodcastHackable?: Access GrantedlinkComplete20180207, 39 minutes
PodcastHackable?: Darknet Diaries Presents: Project RavenlinkComplete20191000, 62 minutes
PodcastHackable?: Face the FaxlinkComplete20190700, 27 minutes
PodcastHackable?: The Mr. Robot SpectacularlinkComplete20190800, 34 minutes
PodcastHoover Institution: Ex-Facebook security head Alex Stamos on cybersecurity, elections, and the Internet of ThingslinkComplete20181222, 27 minutes
PodcastKing's College London War Studies Podcast: Event: Cyber Strategy: The Evolution of Cyber Power and CoercionlinkComplete20180514, 52 minutes
PodcastPlanet Money #825: Who Started The Wildfire?linkComplete20190200, 21 minutes
PodcastPlanet Money #931: The IT Guy Vs. The Con ArtistlinkComplete20190900, 22 minutes
PodcastProfessor Messer's Network+ Study Group - January 2017linkComplete20191011, 68 minutes
PodcastRisky Biz Snake Oilers #2: Part 1: Crowdstrike, AttackIQ and Replicated explain their techlinkComplete20171219, 39 minutes
PodcastRisky Biz Snake Oilers #2: Part 2: Authentication tech from Yubico and RemediantlinkComplete20171220, 27 minutes
PodcastRisky Biz Soap Box: Bugcrowd founder and CEO Casey Ellis on the future of crowdsourced securitylinkComplete20171208, 32 minutes
PodcastRisky Biz Soap Box: Exploit kits are dead, at-scale social engineering the new blacklinkComplete20171206, 40 minutes
PodcastRisky Biz Soap Box: Keep your vendors honest with attack simulationlinkComplete20171207, 32 minutes
PodcastRisky Business #459 -- Actually yes, "cyber war" is real for UkrainelinkComplete20171109, 61 minutes
PodcastRisky Business #460 -- Haroon Meer talks Kaspersky drama, NotPetya, the cryptowars and morelinkComplete20171110, 44 minutes
PodcastRisky Business #461 -- AWS security with Atlassian's Daniel GrzelaklinkComplete20171113, 59 minutes
PodcastRisky Business #462 -- Does the Australian government want to break encryption?linkComplete20171114, 56 minutes
PodcastRisky Business #463 -- Black Hat's 2017 keynote speaker Alex Stamos joins the showlinkComplete20171115, 63 minutes
PodcastRisky Business #464 -- Why your game theory theories are wronglinkComplete20171117, 50 minutes
PodcastRisky Business #465 -- Charlie Miller on autonomous car securitylinkComplete20171120, 60 minutes
PodcastRisky Business #466 -- Breaking reverse proxies shouldn't be this easylinkComplete20171121, 56 minutes
PodcastRisky Business #467 -- HPKP as an attack vectorlinkComplete20171121, 39 minutes
PodcastRisky Business #468 -- Marcus Hutchins gets "Krebsed," the ICO bubble and morelinkComplete20171122, 54 minutes
PodcastRisky Business #469 -- More like EquiHAX. AMIRITE??linkComplete20171124, 47 minutes
PodcastRisky Business #470 -- Project Zero's Natalie Silvanovich on reducing attack surfacelinkComplete20171127, 60 minutes
PodcastRisky Business #471 -- Good Microsoft, bad MicrosoftlinkComplete20171128, 54 minutes
PodcastRisky Business #472 -- Iran DDoSed banks in 2012, US DoSed DPRKlinkComplete20171129, 50 minutes
PodcastRisky Business #473 -- Kaspersky is officially toastlinkComplete20171130, 52 minutes
PodcastRisky Business #474 -- Inside new, "invisible" Rowhammer attackslinkComplete20171201, 65 minutes
PodcastRisky Business #475 -- Matt Tait: US gov needs to put up or shut up on Kaspersky claimslinkComplete20171204, 64 minutes
PodcastRisky Business #476 -- Zeynep Tufekci on machine learning and disinformationlinkComplete20171205, 61 minutes
PodcastRisky Business #477 -- US mulls charges against Russian officials involved in DNC hacklinkComplete20171211, 42 minutes
PodcastRisky Business #478 -- Why a "Digital Geneva Convention" won't worklinkComplete20171212, 67 minutes
PodcastRisky Business #479 -- Oh, Uber. Oh, Apple.linkComplete20171213, 62 minutes
PodcastRisky Business #480 -- Uber, Kaspersky woes continuelinkComplete20171214, 55 minutes
PodcastRisky Business #481 -- Inside the Anthem breach with someone who was therelinkComplete20180102, 72 minutes
PodcastRisky Business #482 -- Meltdown and Spectre coverage without the flappy armslinkComplete20180130, 66 minutes
PodcastRisky Business #483 -- Internet censorship in Iran, ChinalinkComplete20180201, 62 minutes
PodcastRisky Business #484 -- What's up with the new 702?linkComplete20180205, 64 minutes
PodcastRisky Business #485 -- Infosec startups overfunded, good exits unlikelylinkComplete20180501, 55 minutes
PodcastRisky Business #486 -- Locking down AWS permissions with RepoKidlinkComplete20180504, 55 minutes
PodcastRisky Business #487 -- Guest Katie Moussouris on her recent Senate Subcommittee testimonylinkComplete20180514, 57 minutes
PodcastRisky Business #488 -- Stop users recycling passwords with the pwned passwords APIlinkComplete20180515, 55 minutes
PodcastRisky Business #489 -- (Deep) Fake NewslinkComplete20180516, 54 minutes
PodcastRisky Business #490 -- North Korea, 'cyber norms' and diplomacylinkComplete20180521, 51 minutes
PodcastRisky Business #491 -- The biggest infosec news week we've ever seenlinkComplete20180612, 53 minutes
PodcastRisky Business #492 -- Thomas Rid on sloppy active measureslinkComplete20180613, 61 minutes
PodcastRisky Business #493 -- SWIFT, pipeline attacks, Chrome's AV feature and morelinkComplete20180614, 44 minutes
PodcastRisky Business #494 -- Cisco customers have a bad week, plus a deep dive on WebAuthnlinkComplete20180709, 41 minutes
PodcastRisky Business #495 -- Russian Internet users are having a bad timelinkComplete20180710, 47 minutes
PodcastRisky Business #496 -- The China supply chain problemlinkComplete20180723, 61 minutes
PodcastRisky Business #497 -- Silvio's greatest hitslinkComplete20180904, 56 minutes
PodcastRisky Business #498 -- There sure is a lot of Microsoft Defender out there these dayslinkPendingPending
PodcastRisky Business #499 -- Is PGP actually busted and Signal pwnt? NoooopelinkComplete20180823, 73 minutes
PodcastRisky Business #500 -- Web asset discovery is getting usefullinkComplete20190611, 60 minutes
PodcastRisky Business #501 -- Trisis: signalling, deterrence or escalation?linkComplete20190612, 48 minutes
PodcastRisky Business #502 -- Inside China's hacker scenelinkComplete20190613, 62 minutes
PodcastRisky Business #503 -- North Korean tech in the global supply chainlinkComplete20190701, 62 minutes
PodcastRisky Business #504 -- Latest email frauds and changes to money mulinglinkComplete20190702, 57 minutes
PodcastRisky Business #505 -- Sanger vs FireEye, Reality Winner cops a plealinkComplete20190703, 45 minutes
PodcastRisky Business #506 -- How security teams can work with PRlinkComplete20190709, 59 minutes
PodcastRisky Business #507 -- For VladlinkComplete20190716, 56 minutes
PodcastRisky Business #508 -- Special guest Greg Shipley of In-Q-Tel's Cyber RebootlinkPendingPending
PodcastRisky Business #509 -- Just the usual mayhem and ownagelinkPendingPending
PodcastRisky Business #510 -- Hacky hack hacklinkPendingPending
PodcastRisky Business #511 -- Australia, Japan to ban Huawei, Struts drama, DNC lols and morelinkPendingPending
PodcastRisky Business #512 -- Five Eyes nations send clear message on encryptionlinkPendingPending
PodcastRisky Business #513 -- The DPRK indictment, BA gets owned, Webauthn issues and more [CORRECTED]linkPendingPending
PodcastRisky Business #514 -- New NSO Group report released and another State Department email breach. Drink!linkPendingPending
PodcastRisky Business #515 -- NSA staffer at centre of Kaspersky scandal jailedlinkPendingPending
PodcastRisky Business #516 -- The Facebook breach, e2e VOIP court verdict, Uber's record fine and morelinkPendingPending
PodcastRisky Business #517 -- Bloomberg's dumpster fire lights up infoseclinkPendingPending
PodcastRisky Business #518 -- "Russian Cambridge Analytica" booted off Facebook after token hacklinkPendingPending
PodcastRisky Business #519 -- '90s IRC war between US and Russia intensifieslinkPendingPending
PodcastRisky Business #520 -- Tanya Janca talks security in the curriculumlinkPendingPending
PodcastRisky Business #521 -- Bears everywherelinkPendingPending
PodcastRisky Business #522 -- Alex Stamos co-hosts the show, reflects on Snowden disclosureslinkPendingPending
PodcastRisky Business #523 -- So many breacheslinkPendingPending
PodcastRisky Business #524 -- Huawei CFO arrested, US Government dumps on EquifaxlinkPendingPending
PodcastRisky Business #525 -- Back on deck for 2019!linkPendingPending
PodcastRisky Business #526 -- Huawei arrest in Poland, DPRK SWIFT hack conviction, more from the El Chapo triallinkPendingPending
PodcastRisky Business #527 -- Featuring Alex Stamos, The Grugq, Susan Hennessey, Brian Krebs, Kelly Shortridge and Bobby ChesneylinkPendingPending
PodcastRisky Business #528 -- Huawei dinged, epic FaceTime and Exchange bugslinkPendingPending
PodcastRisky Business #529 -- Special guest Rob Joyce, NSAlinkPendingPending
PodcastRisky Business #530 -- UAE's Project Raven, Bezosgate and morelinkPendingPending
PodcastRisky Business #531 -- Australia's political parties targeted, the Witt indictment and morelinkPendingPending
PodcastRisky Business #532 -- A big week of research and tech newslinkPendingPending
PodcastRisky Business #533 -- Ghidra release, NSA discontinues metadata program and morelinkPendingPending
PodcastRisky Business #534 -- Manning back in clink, automotive industry under attacklinkPendingPending
PodcastRisky Business #535 -- Stop giving Cloudflare moneylinkPendingPending
PodcastRisky Business #536 -- Mar-a-Lago arrest, ASUS supply chain attack and morelinkPendingPending
PodcastRisky Business #537 -- Assange arrested, WordPress ecosystem on firelinkPendingPending
PodcastRisky Business #538 -- Marcus Hutchins is a milkshake duck, Iranian APTs doxxed and morelinkPendingPending
PodcastRisky Business #539 -- Docker Hub owned, Cloudflare, Bloomberg under firelinkPendingPending
PodcastRisky Business #541 -- NSO Group makes global headlines. What next?linkPendingPending
PodcastRisky Business #542 -- Confusion reigns over Huawei banlinkPendingPending
PodcastRisky Business #543 -- NYTimes blames NSA for Baltimore hacks, Assange faces espionage chargeslinkPendingPending
PodcastRisky Business #544 -- NYTimes Baltimore report falls overlinkPendingPending
PodcastRisky Business #551 -- Post Vegas edition, more news than we can handlelinkComplete20191011, 73 minutes
PodcastRisky Business #567 -- ToTok, Iran and big-game ransomware galorelinkComplete20200131, 79 minutes
PodcastRisky Business #568 -- Let's DecryptlinkComplete20200203, 55 minutes
PodcastRisky Business #569 -- Bezos' Saudi hack claims, Glenn Greenwald facing cybercrime chargeslinkComplete20200203, 50 minutes
PodcastRisky Business #570 -- FTI report lands like a lead balloonlinkComplete20200214, 64 minutes
PodcastRisky Business #571 -- Is Joshua Schulte The Shadow Brokers?linkComplete20200214, 65 minutes
PodcastRisky Business #572 -- Equifax indictments land, some big Huawei newslinkComplete20200224, 66 minutes
PodcastRisky Business #613 -- It's time to check your Accellion logslinkComplete20210203, 50 minutes
PodcastRisky Business #614 -- So was it Florida Man or an Iranian APT?linkComplete20210210, 56 minutes
PodcastRisky Business Feature podcast: Alexa O'Brien on Wikileaks, intelligence and influencelinkComplete20200213, 45 minutes
PodcastRisky Business #615linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #616linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #617linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #618linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #619linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #620linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #621linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #622linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #623linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #624linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #625linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #626linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #627linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #628linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #629linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #630linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #631linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #632linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #633linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #634linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #635linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #636linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #637linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #638linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #639linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #640linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #641linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #642linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #643linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #644linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #645linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #646linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #647linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #648linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #649linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #650linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #651linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #652linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #653linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #654linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #655linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #656linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #657linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #658linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #659linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #660linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #661linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #662linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #663linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #664linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #665linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #666linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #667linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #668linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #669linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #670linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #671linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #672linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #673linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #674linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #675linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #676linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #677linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #678linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #679linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #680linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #681linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #682linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #683linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #684linkCompleteTimeframe lost; 1 hour
PodcastRisky Business #685 -- Australia releases the hounds, and it might just worklinkComplete20221119, 63 minutes
PodcastRisky Business #686 -- White House to move on spyware industrylinkComplete20221124, 59 minutes
PodcastRisky Business #687 -- Shady deeds in sunny places: Ransomware smashes Vanuatu, GuadeloupelinkComplete20221201, 54 minutes
PodcastRisky Business #688 -- APT41 pickpockets Uncle SamlinkComplete20221208, 63 minutes
PodcastRisky Business #689 -- FBI baulks at Apple's iCloud encryption pushlinkComplete20221215, 56 minutes
PodcastRisky Business #690 -- 2023 will be a rough year for critical online serviceslinkComplete20230112, 69 minutes
PodcastRisky Business #691 -- LockBit and "Pablo Escobar syndrome"linkComplete20230119, 57 minutes
PodcastRisky Business #692 -- Google search results spew malware, phishing siteslinkComplete20230126, 66 minutes
PodcastRisky Business #693 -- Hive takedown is the beginning, not the endlinkComplete20230202, 54 minutes
PodcastRisky Business #694 -- Cleansing fire claims ESXi, GoAnywhere serverslinkComplete20230209, 52 minutes
PodcastRisky Business #695 -- North Korea is ransomwaring hospitals, Russia to make "patriotic" hacking legallinkComplete20230216, 60 minutes
PodcastRisky Business #696 -- Why Twitter had to kill SMS 2FAlinkComplete20230223, 63 minutes
PodcastRisky Business #697 -- LastPass attacker: Do you gotta hand it to 'em?linkComplete20230302, 59 minutes
PodcastRisky Business #698 -- Why LastPass was probably DPRK*linkComplete20230309, 61 minutes
PodcastRisky Business #699 -- BYOD risks ramp uplinkComplete20230315, 60 minutes
PodcastRisky Business #700 -- Yevgeny Prigozhin's empire gets ownedlinkComplete20230328, 58 minutes
PodcastRisky Business #701 -- Why infosec is wrong about TikToklinkComplete20230303, 59 minutes
PodcastRisky Business #702 -- 3CX: It's like SolarWinds, but stupiderlinkComplete20230419, 61 minutes
PodcastRisky Business #703 -- Russia whines about its tech dependence on ChinalinkComplete20230501, 56 minutes
PodcastRisky Business #704 -- Why LLMs aren't an exploit bonanzalinkComplete20230503, 64 minutes
PodcastRisky Business #705 -- USA's Turla takedown marks a shift in tacticslinkComplete20230510, 54 minutes
PodcastRisky Business #706 -- Why BlackBerry thinks Cuba ransomware is a Russian frontlinkComplete20230517, 64 minutes
PodcastRisky Business #707 -- Inside China's information lockdown with Chris KrebslinkComplete20230524, 58 minutes
PodcastRisky Business #708 – China's lolbin-powered adventures in US critical infrastructurelinkComplete20230602, 53 minutes
PodcastRisky Business #709 -- Cl0p goes berserk with MOVEit 0daylinkComplete20230609, 56 minutes
PodcastRisky Business #710 -- Why your corporate VPN will get you ownedlinkComplete20230622, 62 minutes
PodcastRisky Business #711 -- Albanian authorities raid MEK camp over Iran hackslinkComplete20230627, 59 minutes
PodcastRisky Business #712 -- The 336,000 undead Fortigates of DOOMlinkComplete20230815, 69 minutes
PodcastRisky Business #713 -- Microsoft activates PR weasels after State Department hacklinkComplete20230816, 59 minutes
PodcastRisky Business #714 -- Microsoft vs Wiz: pistols at dawnlinkComplete20230817, 62 minutes
PodcastRisky Business #715 -- Pressure mounts on Microsoft to explain itselflinkComplete20230821, 59 minutes
PodcastRisky Business #716 -- This ain't your grandma's cloudlinkComplete20230825, 56 minutes
PodcastRisky Business #717 -- The kids are okay. At ripping your face off.linkComplete20230825, 61 minutes
PodcastRisky Business #718 -- Chaos and carnage, business as usuallinkComplete20230830, 51 minutes
PodcastRisky Business #719 -- FBI vapes 700,000 Qakbot infectionslinkComplete20230901, 54 minutes
PodcastRisky Business #720 -- How cloud identity provider federation features can get you mega-ownedlinkComplete20230906, 57 minutes
PodcastRisky Business #721 -- Why Storm-0558's Microsoft hack should have failedlinkComplete20230915, 58 minutes
PodcastRisky Business #722 -- Microsoft embraces Zero Trust... Authentication?linkComplete20230923, 59 minutes
PodcastRisky Business #723 -- MGM and Caesars: Western youths are working with ransomware gangslinkComplete20230929, 57 minutes
PodcastRisky Business #724 -- Exploitation moves away from Microsoft, Google and Apple productslinkComplete20231006, 55 minutes
PodcastRisky Business #725 -- Microsoft knifes VBScript, passkeys the new default for Google accountslinkComplete20231013, 44 minutes
PodcastRisky Business: An interview with Andrew Boyd, director of the CIA's Centre for Cyber IntelligencelinkComplete20230224, 53 minutes
PodcastRisky Business: Between Two Nerds: Why we hate the term "cyberwar"linkComplete20220829, 22 minutes
PodcastThe CMMC ExplainedlinkComplete20211223, 43 minutes
PodcastMarti Arvin and Anthony Buenger on the CMMC Framework [Podcast]linkComplete20211223, 15 minutes
PodcastAn Introduction to CMMC Assessment GuideslinkComplete20211223, 8 minutes
PodcastThe CMMC Level 1 Assessment Guide: A Closer LooklinkComplete20211223, 21 minutes
PodcastThe CMMC Level 3 Assessment Guide: A Closer LooklinkComplete20211223, 14 minutes
PodcastReviewing and Measuring Activities for Effectiveness in CMMC Level 4linkComplete20211223, 13 minutes
PodcastOptimizing Process Maturity in CMMC Level 5linkComplete20211223, 9 minutes
PodcastThe Virtual CISO Podcast, Episode #1. CMMC: What You Need to Know About DoD Cybersecurity Regulation w/ Katie ArringtonlinkComplete20211223, 61 minutes
PodcastThe Lazarus Heist Episode: Introducing The Lazarus HeistlinkComplete20210801, 3 minutes
PodcastThe Lazarus Heist Episode 1. Hacking HollywoodlinkComplete20210802, 34 minutes
PodcastThe Lazarus Heist Episode 2. Disaster movielinkComplete20210803, 37 minutes
PodcastThe Lazarus Heist Episode 3. SuperdollarslinkComplete20210804, 33 minutes
PodcastThe Lazarus Heist Episode 4. Billion dollar hacklinkComplete20210805, 39 minutes
PodcastThe Lazarus Heist Episode 5. Cyber warriorslinkComplete20210806, 42 minutes
PodcastThe Lazarus Heist Episode 6. Cyber slaveslinkComplete20210807, 40 minutes
PodcastThe Lazarus Heist Episode 7. Korean roulettelinkComplete20210808, 39 minutes
PodcastThe Lazarus Heist Episode 8. The multimillion mistakelinkComplete20210809, 36 minutes
PodcastThe Lazarus Heist Episode 9. The Macau connectionlinkComplete20210810, 41 minutes
PodcastThe Lazarus Heist Episode 10. Kill switchlinkComplete20210811, 45 minutes
PodcastThe Lazarus Heist Episode: Update from Jean and GeofflinkComplete20220717, 3 minutes
PodcastThe Lazarus Heist Lazarus Heist livelinkComplete20220417, 58 minutes
PodcastThe Lazarus Heist Season 2 trailerlinkComplete20220417, 3 minutes
PodcastThe Lazarus Heist S2.1 JackpottinglinkComplete20220418, 37 minutes
PodcastThe Lazarus Heist S2.2 Big BosslinkComplete20220419, 33 minutes
PodcastThe Lazarus Heist S2.3 HushpuppilinkComplete20230420, 39 minutes
PodcastThe Lazarus Heist S2.4 Fire and furylinkComplete20230422, 44 minutes
PodcastThe Lazarus Heist S2.5 ‘Olympic Destroyer’linkComplete20230424, 26 minutes
PodcastThe Lazarus Heist S2.6 False flagslinkComplete20230501, 37 minutes
PodcastThe Lazarus Heist S2.7 Crypto comradeslinkComplete2023//04//24
PodcastThe Lazarus Heist S2.8 Bitcoin banditslinkComplete2023//05//01
PodcastThe Lazarus Heist S2.9 Big spenderslinkComplete2023//05//08
PodcastSecurity Management Highlights December 2017linkComplete20180122, 24 minutes
PodcastSecurity Management Highlights January 2018linkComplete20180129, 19 minutes
PodcastSecurity Management Highlights July 2017linkComplete20180122, 23 minutes
PodcastSecurity Management Highlights July 2017linkPendingPending
PodcastSecurity Management Highlights November 2017linkPendingPending
PodcastSecurity Management Highlights October 2017linkPendingPending
PodcastSecurity Management Lightning Round August 2017linkPendingPending
PodcastSecurity Now #647: The Dark CaracallinkComplete20180205, 109 minutes
PodcastSFS Episode 172 - Security Awareness Deep DivelinkPendingPending
PodcastSFS Episode 173 - Vendor RelationshipslinkPendingPending
PodcastSFS Episode 174 - Doing Threat Intelligence SmartlylinkPendingPending
PodcastSFS Episode 190 - BurnoutlinkPendingPending
PodcastSFS Episode 191 - Gone Phishin'linkPendingPending
PodcastSFS Episode 193 - Chief Information Security Oh-CraplinkPendingPending
PodcastSFS Episode 194 - Evaluating Security Product VendorslinkPendingPending
PodcastSFS Episode 197 - After the Penetration TestlinkPendingPending
PodcastSFS Episode 198 - Building a Security Strategy Part 1linkPendingPending
PodcastSFS Episode 199 - Building a Security Strategy Part 2linkPendingPending
PodcastSFS Episode 200 - Building a Security Strategy - Part IIIlinkPendingPending
PodcastSFS Episode 201 - CelebrationlinkPendingPending
PodcastSFS Episode 208 - All Good Things...linkPendingPending
PodcastThe Guardian: A week in the life of 8chan: Chips with Everything podcastlinkComplete20190900, 24 minutes
PodcastThe Guardian: Dark Patterns: the art of online deception – Science Weekly podcastlinkComplete20190700, 27 minutes
PodcastThe Guardian: Finding dark patterns online: Chips with Everything podcastlinkComplete20190700, 27 minutes
PodcastThe Guardian: How much does Google know about you? – podcastlinkComplete20190900, 28 minutes
PodcastThe Guardian: Is Facebook spying on you?linkComplete20190400, 29 minutes
PodcastWar College: Bellingcat Talks Tankers, Deepfakes, and State PropagandalinkComplete20190711, 32 minutes
PodcastWar on the Rocks - Fear Not the Blue-Haired Soldier?linkComplete20180515, 36 minutes
PodcastWar on the Rocks - The Big Cyber SpectacularlinkComplete20180216, 49 minutes
ReadingA daily grind: Filtering Java vulnerabilitieslinkPendingPending
ReadingA Tale of Two Frameworks: The NIST CSF and NIST RMF Are Not the SamelinkComplete20171213, 10 minutes
ReadingAlleged Iranian Hackers Target U.S. Universities to Steal Intellectual Property, Report RevealslinkPendingPending
ReadingAn Inside Look Into the World of Nigerian ScammerslinkPendingPending
ReadingAn Introduction to NIST Special Publication 800-171 for Higher Education InstitutionslinkComplete20180831, 30 minutes
ReadingAppendix B: Mapping Cybersecurity Assessment Tool to NIST Cybersecurity FrameworklinkPendingPending
ReadingAPT 34 Is an Iran-Linked Hacking Group That Probes Critical Infrastructure (Wired)linkPendingPending
ReadingAPT1: Digital appendix and indicatorslinkPendingPending
ReadingAPT1: Exposing one of China's cyber espionage unitslinkComplete2017
ReadingAPT1: technical backstage malware analysislinkPendingPending
ReadingAPT28: A Window Into Russia's Cyber Espionage Operations?linkComplete20200219, 60 minutes
ReadingAPT28: At the Center of the StormlinkComplete20200221, 60 minutes
ReadingAPT30 and the Mechanics of a Long-Running Cyber Espionage OperationlinkPendingPending
ReadingAPT37 (Reaper): The Overlooked North Korean ActorlinkComplete20180713, 30 minutes
ReadingAPT40: Examining a China-Nexus Espionage ActorlinkPendingPending
ReadingAustralian National University 'hit by Chinese hackers'linkPendingPending
ReadingBehind the Syrian Conflict's Digital Front LineslinkPendingPending
ReadingBig data meets Big Brother as China moves to rate its citizenslinkPendingPending
ReadingBrewing up trouble: Analyzing four widely exploited Java vulnerabilitieslinkPendingPending
ReadingChina-based hacking crew pokes holes in UK firms and drains datalinkPendingPending
ReadingChinese hackers reportedly targeted 27 universities for military secretslinkPendingPending
ReadingChinese Hackers Target Universities in Pursuit of Maritime Military SecretslinkPendingPending
ReadingChinese human rights activists claim their Google emails were hackedlinkPendingPending
ReadingChoose Adventure: Safe Travel in Dangerous PlaceslinkComplete20231116
ReadingCIA pulled officers from Beijing after breach of federal personnel recordslinkPendingPending
ReadingCIA pulls staff from China after US government hacklinkPendingPending
ReadingDeloitte: NIST Special Publication 800-171 for Higher EducationlinkPendingPending
ReadingDigital bread crumbs: Seven clues to identifying who's behind advanced cyber attackslinkPendingPending
ReadingDLL Side-loading: A thorn in the side of the anti-virus industrylinkPendingPending
ReadingDoJ indicts Iranian hackers for stealing data from 144 US universitieslinkPendingPending
ReadingF.B.I. Bars Some China Scholars From Visiting U.S. Over Spying FearslinkPendingPending
ReadingFeds warn: China sending ‘thousands’ of spies to US collegeslinkPendingPending
ReadingFFIEC 2016 Information Security HandbooklinkPendingPending
ReadingFFIEC Booklet: Outsourcing Technology Services (3 sections)linkComplete20171207, 15 minutes
ReadingFFIEC Cybersecurity Assessment ToollinkPendingPending
ReadingFFIEC Information Technology Examination Handbook Information SecuritylinkPendingPending
ReadingFIN10 - Anatomy of a Cyber Extortion OperationlinkPendingPending
ReadingGoogle Official Blog: A new approach to ChinalinkPendingPending
ReadingHackers target research from UK universitieslinkPendingPending
ReadingHackers target UK universities accredited by NCSClinkPendingPending
ReadingHacking the Street - FIN4 Likely Playing the MarketlinkPendingPending
ReadingHot knives through butter: Evading file-based sandboxeslinkPendingPending
ReadingHow to Build a Security Operations Center (On a Budget) (Alien Vault)linkPendingPending
ReadingHow to Use (and Not Use) the NIST CSFlinkPendingPending
ReadingIANS Data Compromise AwarenesslinkPendingPending
ReadingIFAP Electronic AnnouncementslinkPendingPending
ReadingIn China's Push For High-Tech, Hackers Target Cutting-Edge U.S. FirmslinkPendingPending
ReadingInsights into Iranian Cyber Espionage: APT33 Targets Aerospace and Energy Sectors and has Ties to Destructive Malware (Mandiant/FireEye)linkPendingPending
ReadingInvestigating PowerShell attackslinkPendingPending
ReadingISMG 2015 Breach Preparedness and Response StudylinkPendingPending
ReadingLegality in Cyberspace - An Adversary View (Strategic Studies Institute)linkPendingPending
ReadingLeviathan: Command and control communications on planet EarthlinkPendingPending
ReadingMysterious factory break-in raises suspicions about Chinese visitlinkPendingPending
ReadingNCUA Letter 2007-CU-01 Enclosure Evaluating Third Party RelationshipslinkComplete20171207, 20 minutes
ReadingNCUA Letter 2007-CU-13 Evaluating Third Party RelationshipslinkComplete20171207, 10 minutes
ReadingNCUA Letter 2008-CU-07 FFIEC Release of Updated Business Continuity Planning Examination HandbooklinkPendingPending
ReadingNCUA Letter 2008-CU-09 Evaluating Third Party Relationships QuestionnairelinkComplete2017
ReadingNCUA Letter 2008-CU-20 Evaluating Current Risks to Credit UnionslinkPendingPending
ReadingNCUA Letter 2010-CU-03 Concentration RisklinkPendingPending
ReadingNCUA Letter 2013-CU-12 Supervisory Guidance on Enterprise Risk ManagementlinkPendingPending
ReadingNCUA Letter 2016-CU-12 Risk-Based Examination Scheduling PolicylinkPendingPending
ReadingNCUA Letter 2017-CU-02 Evaluating Compliance Risk – Updated Compliance Risk IndicatorslinkComplete2017
ReadingNIH, FBI accuse scientists in US of sending IP to China, running shadow labslinkPendingPending
ReadingNIST Cyber Security Framework (CSF): Aligning to the NIST CSF in the AWS CloudlinkPendingPending
ReadingNIST Cyber Security Framework (CSF): Aligning to the NIST CSF in the AWS CloudlinkPendingPending
ReadingNIST: Best Practices in Cyber Security Chain Risk ManagementlinkPendingPending
ReadingOnline Banking Attacks Were Work of Iran, U.S. Officials Say (New York Times)linkPendingPending
ReadingOperation "Ke3chang": Targeted attacks against ministries of foreign affairslinkPendingPending
ReadingOperation Saffron RoselinkComplete2017
ReadingPoison Ivy: Assessing damage and extracting intelligencelinkPendingPending
ReadingRed Line Drawn: China recalculates its use of cyber espionage (Mandiant/FireEye)linkComplete20180217, 30 minutes
ReadingReport – APT 37 (Reaper)linkPendingPending
ReadingReport – APT 38: Un-usual SuspectslinkPendingPending
ReadingReport – APT30 and the Mechanics of a Long-Running Cyber Espionage Operation: How a Cyber Threat Group Exploited
Goverments and Commercial Entities across Southeast Asia and India for over a Decade		linkPendingPending
ReadingReport – APT41: A Dual Espionage and Cyber Crime OperationlinkPendingPending
ReadingReport – HAMMERTOSS: Stealthy Tactics Define a Russian Cyber Threat GrouplinkPendingPending
ReadingReport – Hiding in Plain Sight: FireEye and Microsoft Expose Obfuscation TacticlinkPendingPending
ReadingReport – Russia’s APT28 Strategically Evolves its Cyber OperationslinkPendingPending
ReadingReport – Southeast Asia: An Evolving Cyber Threat LandscapelinkPendingPending
ReadingRussian hack of 2016 elections didn't happenlinkPendingPending
ReadingSANS Institute: "A Credit Union Increased Network Security With Network Access Control Based on Great Bay Software Beacon"linkComplete20171115, 15 minutes
ReadingSidewinder Targeted Attack against Android in the golden age of ad librarieslinkPendingPending
ReadingSignificant Cyber IncidentslinkPendingPending
ReadingSupply chain analysis: From quartermaster to sunshoplinkPendingPending
ReadingSuspected North Korean hackers target universities using Chrome extensionlinkPendingPending
ReadingTechnical Implementation of NIST/FFIEC CSF – Detailed Hardening and Vulnerability Management TechniqueslinkPendingPending
ReadingThe AlienVault® Incident Response Toolkit: Putting the OODA Loop to Work in the Real World (Alien Vault)linkPendingPending
ReadingThe Canada-China Cyber Agreement Remains QuestionablelinkPendingPending
ReadingThe CIA Campaign to Steal Apple's SecretslinkPendingPending
ReadingThe Design and Evaluation of Physical Protection SystemslinkComplete20220107
ReadingThe Cuckoo's Egg: Tracking a Spy Through the Maze of Computer EspionagelinkComplete20211130
Reading13 Hours: The Inside Account of What Really Happened in BenghazilinkComplete20220600
ReadingThe Siege of Mecca: The Forgotten Uprising in Islam's Holiest Shrine & the Birth of Al-QaedalinkComplete20220700
ReadingThe Siege: 68 Hours Inside the Taj HotellinkComplete20220800
ReadingThe Exile: The Stunning Inside Story of Osama bin Laden and Al Qaeda in FlightlinkComplete20220900
ReadingThe Little Malware That Could: Detecting and defeating the China Chopper Web ShelllinkPendingPending
ReadingThomas Rid - Cyber War (Essay) (Routledge)linkPendingPending
ReadingTop words used in spear phishing attackslinkPendingPending
ReadingTop-ranked Australian university hit by Chinese hackers: medialinkPendingPending
ReadingTracking Users on the Internet with Behavioral PatternslinkPendingPending
ReadingVolume1_2017_TAG_Cyber_Security_Fifty Controls (The Amoroso Group)linkPendingPending
ReadingVolume2_2017_TAG_Cyber_Security_Luminary Interviews (The Amoroso Group)linkPendingPending
ReadingVolume3_2017_TAG_Cyber_Security_Vendor_Listings (The Amoroso Group)linkPendingPending
ReadingWhat Is Intellectual Property, and Does China Steal It?linkPendingPending
ReadingWhy the OPM Hack Is Far Worse Than You ImaginelinkPendingPending
ReadingWikipedia: 2015–2016 SWIFT banking hacklinkPendingPending
ReadingWikipedia: Office of Personnel Management data breachlinkPendingPending
ReadingWindows Management Instrumentation (WMI) offense, defense, and forensicslinkPendingPending
ReadingZero Days, Thousands of Nights (RAND Corporation)linkPendingPending
Travel SecuritylinkPendingPending
Travel SecuritylinkPendingPending
Travel SecuritylinkPendingPending
Travel SecuritylinkPendingPending
Travel SecuritylinkPendingPending
Video[Webinar] Applying the NIST Framework to Secure AWSlinkPendingPending
Video2 1 1 Jason Scott Rescuing The Prince of Persia from the sands of timelinkComplete20171011, 53 minutes
Video2013 NIST Training Pt 1: SP 800-39 - Hosted by the California Information Security OfficelinkPendingPending
Video2013 NIST Training Pt 2: SP 800-30 - Hosted by the California Information Security OfficelinkPendingPending
Video2013 NIST Training Pt 3: SP 800-37 - Hosted by the California Information Security OfficelinkPendingPending
Video2013 NIST Training Pt 4: SP 800-53 - Hosted by the California Information Security OfficelinkPendingPending
Video2017 08 31 12 02 Using the NIST Cybersecurity Framework to Guide your Security ProgramlinkPendingPending
VideoA True Spy Thriller: Computer Hacking, Security, Espionage, and U.S. Counterintelligence (1990)linkComplete20180828, 43 minutes
VideoAn Introduction to NIST 800-191 with Mark Riddle and Devin Casey of ISOOlinkComplete20200316, 48 minutes
VideoARCHIVE TEAM: A Distributed Preservation of Service AttacklinkComplete20171011, 44 minutes
VideoAssessing your Current Cyber Security Posture with NIST • Step 1 | SpectorlinkPendingPending
VideoAWS Certified Cloud Practitioner Training 2020 - Full CourselinkPendingPending
VideoAWS Live re:Inforce - Permission Guardrail Use CaseslinkPendingPending
VideoAWS Live re:Inforce - Permission Guardrail Use CaseslinkPendingPending
VideoAWS re:Inforce 2019: Aligning to the NIST Cybersecurity Framework in the AWS Cloud (GRC203-R)linkComplete20200316, 47 minutes
VideoAWS re:Inforce 2019: Architecting Security through Policy Guardrails in Amazon EKS (SDD411)linkPendingPending
VideoAWS re:Inforce 2019: AWS Security Hub: Manage Security Alerts & Automate Compliance (DEM15)linkPendingPending
VideoAWS re:Inforce 2019: Best Practices for Choosing Identity Solutions for Applications (FND215)linkPendingPending
VideoAWS re:Inforce 2019: Capital One Case Study: Addressing Compliance and Security within AWS (FND219)linkPendingPending
VideoAWS re:Inforce 2019: Encrypting Everything with AWS (SEP402)linkPendingPending
VideoAWS re:Inforce 2019: Enforcing Security Invariants with AWS Organizations (SDD314)linkPendingPending
VideoAWS re:Inforce 2019: Everything You Wanted to Know about Compliance but Were Afraid to Ask (GRC208)linkPendingPending
VideoAWS re:Inforce 2019: Evolving Perimeters w/ Guardrails, Not Gates (SDD331)linkPendingPending
VideoAWS re:Inforce 2019: How to Act on Your Security & Compliance Alerts with AWS Security Hub (FND218)linkPendingPending
VideoAWS re:Inforce 2019: Leadership Session: Governance, Risk, and Compliance (GRC326-L)linkPendingPending
VideoAWS re:Inforce 2019: Managing Multi-Account AWS Environments Using AWS Organizations (FND314)linkPendingPending
VideoAWS re:Inforce 2019: Mitigate Misconfigurations with AWS Service Catalog and Control Tower (FND311)linkPendingPending
VideoAWS re:Inforce 2019: Network Visibility into the Traffic Traversing Your AWS Infrastructure (SEP209)linkPendingPending
VideoAWS re:Inforce 2019: Pragmatic Container Security (DEM11-R)linkPendingPending
VideoAWS re:Inforce 2019: Securing Serverless and Container Services (SDD306)linkPendingPending
VideoAWS re:Inforce 2019: Security at the Speed of Cloud: How You Can Do It Now (GRC304)linkPendingPending
VideoAWS re:Inforce 2019: Security Benefits of the Nitro Architecture (SEP401-R)linkPendingPending
VideoAWS re:Inforce 2019: Security Best Practices the Well-Architected Way (SDD318)linkPendingPending
VideoAWS re:Inforce 2019: The Fundamentals of AWS Cloud Security (FND209-R)linkPendingPending
VideoAWS re:Inforce 2019: Using AWS Control Tower to Govern Multi-Account AWS Environments (GRC313-R)linkPendingPending
VideoAWS re:Invent 2018 - Keynote with Andy JassylinkPendingPending
VideoAWS re:Invent 2019 - Keynote with Andy JassylinkPendingPending
VideoAWS re:Invent 2019: Monitor security & automate compliance checks with AWS Security Hub (DEM157)linkPendingPending
VideoAWS Security by DesignlinkPendingPending
VideoAWS VPC Masterclass Webinar (2018) - Part 1linkPendingPending
VideoBlack Hat 2013 - Exploiting Network Surveillance Cameras Like a Hollywood HackerlinkPendingPending
VideoBlack Hat 2013 - OPSEC Failures of SpieslinkPendingPending
VideoBreak Me01 And You Shall Know Me By My Trail of Documentation Jason ScottlinkComplete20171011, 43 minutes
VideoBSides DC 2017 - PCI for Pen TesterslinkPendingPending
VideoCDS 2018 | ATT&CKing FIN7: The Value of Using Frameworks for Threat IntelligencelinkPendingPending
VideoCDS 2018 | Beyond Shared Responsibility: Using a Next-Gen SIEM to Secure Your CloudlinkPendingPending
VideoCDS 2018 | Convinced By Imposters You Think You KnowlinkPendingPending
VideoCDS 2018 | Cyber Security Takes A VillagelinkPendingPending
VideoCDS 2018 | Defending Against Evolving Network Security ThreatslinkPendingPending
VideoCDS 2018 | Evolving to an Intel-led Security OrganizationlinkPendingPending
VideoCDS 2018 | Finding the Threats that Matter with Managed DefenselinkPendingPending
VideoCDS 2018 | Hello, Carbanak!linkPendingPending
VideoCDS 2018 | Hunting for PlatinumlinkPendingPending
VideoCDS 2018 | Influence Operations Targeting the 2018 U.S. MidtermslinkPendingPending
VideoCDS 2018 | Interpreting Telemetry Data to Evaluate Threat RelevancelinkPendingPending
VideoCDS 2018 | Lessons Learned: Legal Issues That Arise During Incident InvestigationslinkPendingPending
VideoCDS 2018 | Phishing, Impersonation, and Malware: Defending Email Against Today’s Advanced ThreatslinkPendingPending
VideoCDS 2018 | Premediation: The Art of Proactive RemediationlinkPendingPending
VideoCDS 2018 | Putting Your Incident Response Plan to the Test: How Ready Are You, Really?linkPendingPending
VideoCDS 2018 | Red Line Redrawn? Chinese APTs ResurfacelinkPendingPending
VideoCDS 2018 | The 2018 SEC Guidance on Cybersecurity and the Responsibilities of the Board of DirectorslinkPendingPending
VideoCDS 2018 | Two Factor Evolution: How Attackers Evade Multi-factor AuthenticationlinkPendingPending
VideoCDS 2018 | Unmasking APT XlinkPendingPending
VideoCDS 2018 | You’ve Got Mail!linkPendingPending
VideoCommon Marking Errors on Classified DocumentslinkPendingPending
VideoConfessions of a Cyber Spy Hunter: Eric Winsborrow at TEDxVancouverlinkPendingPending
VideoControlled Unclassified InformationlinkPendingPending
VideoControlled Unclassified InformationlinkPendingPending
VideoControlled Unclassified Information - Introduction to MarkinglinkPendingPending
VideoControlled Unclassified Information: Unauthorized Disclosure: Prevention and ReportinglinkPendingPending
VideoCSIAC Webinar - Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and OrgslinkComplete20180905, 65 minutes
VideoCSIAC Webinar - Protecting CUI in Nonfederal Information Systems and OrganizationslinkComplete20180905, 71 minutes
VideoCSIAC Webinars - Meeting DFARS Controlled Unclassified Information (CUI) Compliance Standards for Federal ContractorslinkPendingPending
VideoCSS2017 Session 14 SANS Training - NIST Cyber Security FrameworklinkPendingPending
VideoCSS2018LAS16: NIST CyberSecurity Framework Usage and Overview - SANSlinkPendingPending
VideoCSS2018LAS16: NIST CyberSecurity Framework Usage and Overview - SANSlinkPendingPending
VideoCTI Summit Keynote - Cliff Stoll - (Still) Stalking the Wily HackerlinkComplete20180827, 65 minutes
VideoCyber Security: A Practical Application of NIST Cybersecurity FrameworklinkPendingPending
VideoCybersecurity Framework 4 years later: What’s next for cybersecurity?linkPendingPending
VideoCybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certification | EdurekalinkPendingPending
VideoDARKTRACE DemolinkComplete20171220, 5 minutes
VideoDARKTRACE DemolinkComplete20171220, 7 minutes
VideoDEF CON 18 - Jason Scott - You're Stealing It Wrong! 30 Years of Inter-Pirate BattleslinkComplete20171011, 56 minutes
VideoDEF CON 22 - Gene Bransfield - Weaponizing Your Pets: The War Kitteh and the Denial of Service DoglinkPendingPending
VideoDEF CON 25 - Professor Plum - Digital Vengeance Exploiting the Most Notorious C&C ToolkitlinkPendingPending
VideoDEF CON 25 Recon Village - Rhett Greenhagen - Skip Tracing For Fun and ProfitlinkComplete20171015, 43 minutes
VideoDEFCON 17: That Awesome Time I Was Sued For Two Billion DollarslinkPendingPending
VideoDefcon 18 - How I met your girlfriend - Samy Kamkar - Part .movlinkPendingPending
VideoDefcon 18 -My life as a spyware developer - Garry Pejski - Part.movlinkPendingPending
VideoDEFCON 19: The History and the Evolution of Computer ViruseslinkComplete20180911, 50 minutes
VideoDefcon 21 - Forensic Fails - Shift + Delete Won't Help You HerelinkComplete20180913, 47 minutes
VideoDemo of Darktrace & Cyberseer Threat Analytics ServicelinkComplete20171220, 15 minutes
VideoDeploy a DoD Secure Cloud Computing Architecture Environment in AWS (119681)linkPendingPending
VideoDerbyCon 3 0 3104 The Mysterious Mister Hokum Jason ScottlinkComplete20171011, 42 minutes
VideoDerivative Classification Training - RevisedlinkPendingPending
VideoDesigning your Cyber Security framework using NIST guidelineslinkPendingPending
VideoFireEye Cyber Defense Summit Keynote Series: Grady Summers, FireEye Exec VP & CTOlinkPendingPending
VideoFireEye Cyber Defense Summit Keynote Series: John Watters, FireEye EVP of Global Services & IntellinkPendingPending
VideoFireEye Cyber Defense Summit Keynote Series: Kevin Mandia, FireEye CEO and Board DirectorlinkPendingPending
VideoFireEye Cyber Defense Summit Keynote Series: NSA Sr. Technical Director David HoguelinkPendingPending
VideoGDPR Compliance: “Explain Like I’m Five” with Data Privacy ExpertlinkPendingPending
VideoGDPR Compliance: What You Need to Know Before May 2018linkPendingPending
VideoGeorge Gilder: Forget Cloud Computing, Blockchain is the FuturelinkPendingPending
VideoGetting Started with AWS | Amazon Web Services BASICSlinkPendingPending
VideoGig05 Pen Test War Stories Why my job is so easy and how you can make it harder Aaron HerndonlinkPendingPending
VideoHow to Build a Cybersecurity Program based on the NIST Cybersecurity FrameworklinkPendingPending
VideoHow to Defend Against Web Application Security ThreatslinkPendingPending
VideoHow to Detect and Mitigate Guardrail Violations with AWS Control Tower - AWS Online Tech TalkslinkPendingPending
VideoHow to Make Sense of Cybersecurity FrameworkslinkPendingPending
VideoHow-to Penetration Testing and Exploiting with Metasploit + Armitage + msfconsolelinkPendingPending
VideoHuman Subjects Research Training: "Protecting Human Subjects" - Module 1linkPendingPending
VideoHuman Subjects Research Training: "Protecting Human Subjects" - Module 2linkPendingPending
VideoHuman Subjects Research Training: "Protecting Human Subjects" - Module 3linkPendingPending
VideoIn the Realm of the Hackers (Complete)linkPendingPending
VideoInformation Security Oversight Office Training SeminarlinkPendingPending
VideoIntro to Risk Management & NIST Cyber Framework 101linkPendingPending
VideoIntroduction to AWS SecuritylinkPendingPending
VideoIntroduction to AWS ServiceslinkPendingPending
VideoIntroduction to Metasploit for Penetration TestinglinkPendingPending
VideoIntroduction to Microservices, Docker, and KuberneteslinkPendingPending
VideoIntroduction to Risk Management via the NIST Cyber Security FrameworklinkPendingPending
VideoISOO - CUI Briefing - January 27, 2017linkPendingPending
VideoI've Got Logs and LEM, Now What?linkPendingPending
VideoJason Scott - The City On The Edge Of WhateverlinkComplete20171011, 48 minutes
VideoJason Scott - THE RACE TO UNDELETE HISTORYlinkComplete20171011, 67 minutes
VideoLearn How Pentesters Use Nmap To Exploit Their Victims ComputerlinkPendingPending
VideoLog and Event Manager DemolinkComplete20171122, 27 minutes
VideoMastering Chaos - A Netflix Guide to MicroserviceslinkPendingPending
VideoMetasploit with NexposelinkPendingPending
VideoMission (Not) Impossible: Applying NIST 800-53 High Impact-Controls on AWS for GDPR CompliancelinkPendingPending
VideoMonitoring 101 - SolarWinds Lab #37linkPendingPending
VideoMonitoring 102: Class Continues - SolarWinds Lab #41linkPendingPending
VideoMonitoring 201: Beyond the Basics - SolarWinds Lab #54linkPendingPending
VideoNexpose DemolinkPendingPending
VideoNexpose Getting Started VideolinkPendingPending
VideoNexpose ScanninglinkPendingPending
VideoNIST 800 171, Best Practices WebinarlinkPendingPending
VideoNIST 800-35 IT Security Services - Part 1linkPendingPending
VideoNIST 800-35 IT Security Services - Part 2linkPendingPending
VideoNIST 800-37 Rev. 2 - Risk Management Framework FundamentalslinkPendingPending
VideoNIST 800-39 Step 1: Risk Framing - Part 1linkPendingPending
VideoNIST 800-39 Step 2: Risk AssessmentlinkPendingPending
VideoNIST 800-39 Step 3: Risk ResponselinkPendingPending
VideoNIST 800-39 Step 4 - Risk MonitoringlinkPendingPending
VideoNIST 800-39: Risk Management Process FundamentalslinkPendingPending
VideoNIST 800-39: Step 1 Risk Framing - Part 2linkPendingPending
VideoNIST 800-50 Part 1 - Building an IT Security Awareness and Training ProgramlinkPendingPending
VideoNIST 800-50 Part 2 - Designing an IT Security Awareness and Training ProgramlinkPendingPending
VideoNIST 800-50 Part 3 - Developing IT Security Awareness and Training MateriallinkPendingPending
VideoNIST 800-50 Part 4 - Implementing an IT Security Awareness and Training ProgramlinkPendingPending
VideoNIST 800-50 Part 5 - IT Security Awareness and Training Program Post-ImplementationlinkPendingPending
VideoNIST Cybersecurity Framework and PCI DSSlinkPendingPending
VideoNIST Cybersecurity Framework Practitioner TraininglinkPendingPending
VideoNIST RMF - System and Common Control Authorizations - Part 1linkPendingPending
VideoNIST RMF - System and Common Control Authorizations - Part 2linkPendingPending
VideoNIST RMF Categorize - IntroductionlinkPendingPending
VideoNIST RMF Categorize - Step 1linkPendingPending
VideoNIST RMF Categorize - Step 2linkPendingPending
VideoNIST RMF Categorize - Step 3linkPendingPending
VideoNIST RMF Categorize - Step 4linkPendingPending
VideoNIST RMF: Roles and ResponsibilitieslinkPendingPending
VideoNIST SP 800-53, Revision 5 Security Controls for Information Systems and Organizations - 1 overviewlinkPendingPending
VideoPCI Compliance Crash Course WebinarlinkPendingPending
VideoPCI Data Security Standard 3.0, Fully ExplainedlinkPendingPending
VideoProtect Privileged Accounts with your SIEMlinkPendingPending
VideoProtecting Human Subjects and Institutional Review Boards: An OverviewlinkPendingPending
VideoPulling Back the Curtain on Airport Security: Can a Weapon Get Past TSA?linkPendingPending
VideoRecords Management Training for Federal AgencieslinkPendingPending
VideoRed Team vs. Blue Team on AWSlinkPendingPending
VideoREDCap Introduction Class - Presented by Bas de Veer MS Research ConsultantlinkPendingPending
VideoRenowned Author Cyber Pioneer Cliff Stoll Mesmerizes at CrowdStrike ConferencelinkComplete20180827, 63 minutes
VideoRunning an SQL Injection Attack - ComputerphilelinkPendingPending
VideoSave Game - The Emularity and the Future of Infinite GamelinkComplete20171011, 59 minutes
VideoSolarWinds Log and Event Manager Technical OverviewlinkComplete20171122, 28 minutes
VideoState of the Hack - Episode 01: "State of the FIRST"linkPendingPending
VideoState of the Hack - Episode 02: “Cafe Bohannon”linkPendingPending
VideoState of the Hack - Episode 03: Hunting Targeted Attackers at Scale, Live-ish from RSAlinkPendingPending
VideoState of the Hack - Episode 04: Illuminating the AdversarylinkPendingPending
VideoState of the Hack - Episode 8: Cyber Security in 2019 and BeyondlinkPendingPending
VideoState of the Hack Episode 06: Black Hat USA 2018 EditionlinkPendingPending
VideoState of the Hack Special Black Hat Edition featuring Katie NickelslinkPendingPending
VideoState of the Hack Special Black Hat Edition featuring Matt GraeberlinkPendingPending
VideoState of the Hack Special Black Hat Edition featuring Sean MetcalflinkPendingPending
VideoState of the Hack Special Cyber Defense Summit Edition: FLARE vs. CarbanaklinkPendingPending
VideoState of the Hack Special Cyber Defense Summit Edition: Understanding the GRU IndictmentslinkPendingPending
VideoState of the Hack Special Cyber Defense Summit Edition: Upgrading to APT38linkPendingPending
VideoState of the Hack: #NoEasyBreach REVISITEDlinkPendingPending
VideoState of the Hack: APT41 - Double Dragon: The Spy Who Fragged MelinkComplete20190909, 31 minutes
VideoState of the Hack: Behind the ATM Heist & Other Red Team StorieslinkPendingPending
VideoState of the Hack: Episode 05: Down PeriscopelinkPendingPending
VideoState of the Hack: Episode 9 - Holiday APT SpectacularlinkPendingPending
VideoState of the Hack: One Year after the APT1 ReportlinkComplete20190619, 22 minutes
VideoState of the Hack: Ransom Acts of FlynesslinkPendingPending
VideoState of the Hack: Trending 10 Years of Breach ResponselinkPendingPending
VideoState of the Hack: Your Payment Cards Are Our Business CardslinkPendingPending
VideoTalk by Cliff StolllinkComplete20180724, 59 minutes
VideoThe 11 Tasks in the Prepare (at the SYSTEM Level) Step of the RMFlinkPendingPending
VideoThe 2 Tasks in the IMPLEMENT Step of the NIST RMFlinkPendingPending
VideoThe 3 Tasks in the CATEGORIZE Step of the NIST RMFlinkComplete20200512, 22 minutes
VideoThe 5 Tasks in the AUTHORIZE Step of the NIST RMFlinkPendingPending
VideoThe 6 Tasks in the ASSESS Step of the NIST RMFlinkPendingPending
VideoThe 6 Tasks in the SELECT Step of the NIST RMFlinkPendingPending
VideoThe 7 Tasks in the MONITOR Step of the NIST RMFlinkPendingPending
VideoThe 7 Tasks in the Prepare (at the ORGANIZATION Level) Step of the RMFlinkPendingPending
VideoThe KGB, the Computer, and Me (Complete)linkComplete20180422, 57 minutes
VideoThe Nexpose Vulnerability ScannerlinkPendingPending
VideoThe NIST Cybersecurity Framework 4 Step GuidelinkPendingPending
VideoThe NIST Cybersecurity Framework summarylinkPendingPending
VideoThe Snowden files -- the inside story of the world’s most wanted man | Luke Harding | TEDxAthenslinkPendingPending
VideoTop 12 AWS NIST Security and Compliance Best PracticeslinkPendingPending
VideoTracking a Spy Through the Maze of Computer Espionage: Early Hacking Techniques - History (1989)linkPendingPending
VideoVCFMW 11 - Bil Herd: Tales From Inside CommodorelinkPendingPending
VideoVirtual Session: NIST Cybersecurity Framework ExplainedlinkPendingPending
VideoWhy Google won't protect you from big brother: Christopher Soghoian at TEDxSanJoseCA 2012linkPendingPending
VideoYou've Already Been Hacked! Now What? - SolarWinds Lab #27linkPendingPending
WebinarCampus Research Computing Consortium: HIPAA-aligned data and Public Cloud Platforms: An ongoing journey through technical,
cost, compliance, and information assurance challenges		linkComplete20200116, 60 minutes
WebinarCUES: Managing Third Party CybersecuritylinkComplete20180411, 60 minutes
WebinarCUES: Simplifying Cyber Security and Today's Growing Regulatory CompliancelinkComplete20180213, 60 minutes
WebinarDecember 2017 Webinar PCI DSS V 3 2 RequirementslinkPendingPending
WebinarFERPA 101 for Educational Agencies - Webinar Recording (2011)linkPendingPending
WebinarFFIEC: Financial Services Cybersecurity Profile: A NIST-based approach to harmonize cybersecurity risk management and compliancelinkComplete20180919, 60 minutes
WebinarFS-ISAC/NCUA: NCUA’s Automated Cybersecurity Examination Tool (ACET)linkComplete20180405, 120 minutes
WebinarGDPR Compliance: “Explain Like I’m Five” with Data Privacy ExpertlinkPendingPending
WebinarGDPR Compliance: What You Need to Know Before May 2018linkPendingPending
WebinarHuman Subjects Research Training: "Protecting Human Subjects" - Module 1linkPendingPending
WebinarHuman Subjects Research Training: "Protecting Human Subjects" - Module 2linkPendingPending
WebinarHuman Subjects Research Training: "Protecting Human Subjects" - Module 3linkPendingPending
WebinarPCI Compliance Crash Course WebinarlinkPendingPending
WebinarPCI Data Security Standard 3.0, Fully ExplainedlinkPendingPending
WebinarProtecting Human Subjects and Institutional Review Boards: An OverviewlinkPendingPending
WebinarREDCap Introduction Class - Presented by Bas de Veer MS Research ConsultantlinkPendingPending
WebinarMS-ISAC Presentation: Texas August Ransomware IncidentlinkComplete20200319, 60 minutes
WebinarCITI Program: GDPR: Top Noncompliance Risks and Mitigation StrategieslinkComplete20210416, 60 minutes
WebinarRiskonnect Risk@Work Series: Building a Business Case for GRClinkComplete20230316, 60 minutes
WebinarSMA STRATCOM Speaker Session: How Strategy Must Align to Strategic Environments: Deterrence and Initiative Persistence w/ Dr. Richard HarknettlinkComplete20230510, 30 minutes

Click here to return to JTS, Ltd.