Summary

This 1 hour podcast was recorded live at the March 7th, Chicago Cloud Security Alliance chapter meeting, where we were fortunate enough to have a panel of attorneys discuss the issues with cloud security from a legal perspective.  I hope you find the content stimulating, if not a little bit worrisome.

Apologies for some of the flaws in the audio, but this was an ad-hoc recording and I didn't have time to clean up the taps and paper shuffling that the super-sensitive microphone picked up.

This was the first recording using the mobile Zoom H4n, and I think you'll agree it's an amazing piece of tech.

This podcast is posted as-is, and hosting is provided courtesy of HP.

Synopsis

The guest on this podcast will blow your mind ... literally.  He is none other than the "human hacker" himself, Christopher Hadnagy, who has written a book and now runs social-engineer.org.  Chris is a long-time friend of mine and an invaluable resource in the psy-ops James Bond style social engineering world.  Chris knows his stuff, and he's willing to teach you if you're willing to listen... so buckle down and get educated on social engineering background, tricks and even the 6 things your company must do to prevent being a victim of social engineering attacks.  Oh ... and let's not forget, somewhere in this episode Chris makes you an offer you can't refuse, just for you Down the Rabbithole listeners, how cool is that?  If you've ever thought about taking a class, or having your organization fortified against social engineering attacks but didn't think it was within your budget - listen to this podcast ... 

Guest

 Christopher Hadnagy - Chris, or as his friends on Twitter know him - @HumanHacker - is a fountain of knowledge on social engineering and the art and science behind corporate-level offense and defense using the human mind.  Chris has written a book called Social Engineering: The art of human hacking, and runs social-engineer.org contributing to community through teaching, speaking and writing as well as hosting a heck of a podcast on the fascinating topic of social engineering.  Chris's organization offers SE penetration testing, education and is at the forefront of social engineering tactics for the defensive good.

Links

• The official social engineering portal - Social-Engineer.org
• Register for social engineering training & services through Chris's organization here

Synopsis

I had the pleasure of sitting down with Nathaniel Dean, someone I had met through a mutual colleague's introduction, and hear about a neat concept that takes the software security program to a new level.  Interestingly enough, Nathaniel runs a red team but it's guaranteed to be unlike any red team you've probably ever worked with.  The crazy thing?  It's working.  We talk through the mechanics, psychology, and business implications of what he's driving, and how he's rollig up his sleeves and getting it done which is probably more important than anything else.

Jack in and get a 25-minute does of knowledge from someone I know you'll learn something from.

Guest

• Nathaniel Dean - Business Information Security Officer at a major financial institution.  Nathaniel has been managing and building programs in this space for a long time, and his experience shows.