Category Archives: Podcasts

ContraRisk Security Podcast 0005: #BlackHatEU – SQLi

The ContraRisk crew is in chilly Amsterdam for Black Hat Europe 2013. And to get our coverage of the event rolling, we start with an old favourite – SQL injection (SQLi). » Listen or download now on the podcast page » Sumit ‘sid’ Siddharth, head of penetration testing for 7Safe (now part of PA Consulting), is a regular at security conferences, running… Read more »

ContraRisk Security Podcast 0004: biometric identity in the developing world

» Listen now on the podcast page » In this episode, Tracey Caldwell talks to Alan Gelb, a senior fellow at the Center for Global Development. He is the co-author, with Julia Clark, of the report ‘Identification for Development: The Biometrics Revolution‘ which looks at how biometric-based identity programmes are being used in developing countries. In contrast to rich countries, where biometric ID… Read more »

ContraRisk Security Podcast 0003: Security skills and certification

» Listen now on the podcast page » There simply aren’t enough properly trained security professionals to go round, according to a new report by professional body (ISC)². Its its sixth Global Information Security Workforce Study (GISWS) claims that the lack of skills isn’t just a security problem or a risk to organisations’ balance sheets and reputations when the inevitable attacks happen –… Read more »

ContraRisk Security Podcast 0002: keys, certificates and fast-changing websites

» Listen now on the podcast page » Keeping track of SSH keys and SSL certificates can be a real headache. Knowing who has access to what gets very complex when there are thousands of these things washing about in the organisation. A new report by the Ponemon Institute, sponsored by Venafi, has come up with some big, scary numbers in terms… Read more »

ContraRisk Security Podcast 0001: Java and rogue clouds #csp

» Listen to the podcast » » In the first ContraRisk Security Podcast, Steve Mansfield-Devine talks to Ross Barrett of Rapid7 about the problems with Java, and Richard Walters of SaaSID about the dangers posed by unauthorised use of cloud services within organisations. The first month of 2013 witnessed a series of Java zero-day flaws being used in exploit kits. Java vulnerabilities are… Read more »