Day Two Cloud 134: Simplifying Infrastructure Access With StrongDM
StrongDM takes a proxy approach to the challenge of access and authentication. It uses a local client that can run on a Mac, Windows, or Linux device; a gateway to mediate access; and an administration layer for setting policies and permissions and auditing access.
Token Security Podcast | Senior Engineering Director at Zymergen on Code Reviews
At Token Security our goal is to teach the core curriculum for modern DevSecOps. Each week we will deep dive with an expert so you walk away with practical advice to apply to your team today. No fluff, no buzzwords. This week Jeff Burkhart, Senior Engineering Director at Zymergen talks code reviews, code review fatigue, and what to do when agile becomes tedious.
How To Prepare For Your First SOC 2 Audit A 30-90-120 Day Plan
Despite thousands of articles, there’s shockingly little actionable advice to help startups complete SOC 2. One area that usually requires some remediation is access controls. Most teams don’t have answers when auditors ask “who has access to a specific database or server and what queries did they execute?” That’s why we started strongDM- to manage and monitor access to every database, server, & environment.
Director of IT & Operations at Chef on What it Means to be Secure
This week we are joined by Ben Rockwood, Director of IT & Operations at Chef who shares what it means to be secure, and how compliance and controls play a part in that.
Daniel Leslie Director of Security Intelligence & IT Operations at Namely on the Human Side of Security
This week we are joined by Daniel Leslie at Namely who shares his take on the human side of security, and what security at scale looks like for his team. Max, Justin, and Daniel discuss the 3 core things to good company-wide security: psychological safety, vulnerability, and purpose. You have to address these things in a comprehensive manner.
Token Security Podcast | Alan Daines Chief Information Security Officer at FactSet on Phishing
In this episode Max Saltonstall and Justin McCarthy are joined by Alan Daines, Chief Information Security Officer at FactSet to talk about phishing, educating on it, and defending against it.
Token Security Podcast | Johnathan Hunt, VP of Information Security at InVision Talks Secure Code
In this episode Max Saltonstall and Justin McCarthy are joined by Johnathan Hunt, VP of Information Security at InVision to talk about pen testing, bug bounty programs, and secure code.
Token Security Podcast | NYC Cyber Command
This episode Max Saltonstall sits down in Manhattan with Quiessence Phillips, Deputy CISO and Head of Threat Management, City of New York and Colin Ahern, Deputy CISO, City of New York.
Token Security Podcast | Andrew Mulholland, Head of Core Infrastructure at BuzzFeed
In this episode Justin McCarthy sits down with Andrew Mulholland, head of core infrastructure at BuzzFeed to talk about security incident response, remote access policy, and a money-back guarantee for OSS.
Token Security Podcast | Troy Hunt
This episode Justin McCarthy has an in-depth chat with Troy Hunt, a respected web security expert, Pluralsite author, and creator of 'Have I Been Pwned?' They talk about all things password related including password reuse, biometrics, and the way security has changed over time.
Token Security Podcast | Harry Sverdlove Co-founder and CTO of Edgewise Networks
Justin McCarthy has an in-depth chat with Harry Sverdlove, Co-founder and CTO at Edgewise Networks. They talk about how network security is going through an evolution and is ripe for change right now, as well as a pragmatic look at the past, present and future of firewalls and their cousins.