Cele mai bune CYSA podcast-uri (2025)

1
Welcome to the CompTIA CYSA+ Certification 1:47

2M ago1:47

1:47

De către Dr. Jason Edwards

1
Episode 130: Root Cause Analysis and Incident Performance Metrics 13:59

5M ago13:59

13:59

Every incident response process must end with two critical questions: What went wrong? And how do we prevent it next time? In this final episode of Domain 4, we explore the structure and value of root cause analysis (RCA) and the metrics analysts use to evaluate incident response performance. You'll learn techniques for identifying the initial fail…

1
Episode 129: Regulatory and Law Enforcement Reporting 12:59

5M ago12:59

12:59

When a breach crosses a legal threshold, reporting to regulators or law enforcement may be required. In this episode, we examine the processes and obligations associated with regulatory reporting under frameworks like GDPR, HIPAA, PCI DSS, and state-level data breach laws. You’ll learn what types of incidents trigger mandatory disclosure, how quick…

1
Episode 128: Customer and Media Communications 13:31

5M ago13:31

13:31

Sometimes the most difficult part of a security incident isn’t stopping the threat—it’s explaining what happened to the people affected. In this episode, we explore how organizations communicate with customers, partners, and the media during and after an incident. You’ll learn what kinds of disclosures are required, what language builds trust, and …

1
Episode 127: Legal and PR Communications During an Incident 13:48

5M ago13:48

13:48

Communication during a security incident isn't just internal—it can affect your company’s reputation, legal standing, and customer trust. In this episode, we examine how security teams coordinate with legal departments and public relations professionals to craft official statements and limit liability. You'll learn how analysts contribute to this p…

1
Episode 126: Writing Effective Incident Response Reports 13:48

5M ago13:48

13:48

When the incident is over, the reporting begins. In this episode, we explore how security analysts write effective incident response reports that document what happened, how it was discovered, what actions were taken, and what outcomes resulted. You’ll learn how to construct a clear executive summary, provide a precise who-what-when-where-why break…

1
Episode 125: Incident Declaration and Escalation Procedures 13:30

5M ago13:30

13:30

Not every alert becomes an incident—but when one does, it needs to be declared formally and escalated swiftly. In this episode, we walk through the process of incident declaration, including the criteria used to define what qualifies as an incident and the steps analysts take to classify severity. You’ll learn how escalation procedures are triggere…

1
Episode 124: Stakeholder Communication for Incident Response 13:16

5M ago13:16

13:16

During an incident, clear and timely communication becomes a matter of urgency—not just best practice. In this episode, we cover how security analysts coordinate communication across teams and leadership tiers when responding to security events. You’ll learn how to identify the right stakeholders based on the severity and scope of the incident, and…

1
Episode 123: Identifying Stakeholders for Vulnerability Reporting 14:25

5M ago14:25

14:25

Not all stakeholders need the same level of technical detail—but all of them need accurate, timely, and actionable reporting. In this episode, we explore how analysts identify and tailor communication for different stakeholder groups during the vulnerability management process. You’ll learn who needs to know what—from system administrators and deve…

1
Episode 122: Metrics and KPIs in Vulnerability Management 13:32

5M ago13:32

13:32

You can’t improve what you don’t measure. In this episode, we focus on key performance indicators (KPIs) and metrics used to evaluate the effectiveness of vulnerability management programs. You’ll learn how metrics like vulnerability age, remediation time, recurrence rates, and vulnerability density across asset classes are used to benchmark perfor…

1
Episode 121: Inhibitors to Remediation 14:31

5M ago14:31

14:31

Even when vulnerabilities are known and documented, remediation doesn’t always move forward. In this episode, we examine the most common inhibitors to remediation—technical, procedural, and political obstacles that delay or prevent action. You’ll learn how factors like legacy systems, proprietary dependencies, business process interruptions, organi…

1
Episode 120: Action Plans and Remediation Communication 13:33

5M ago13:33

13:33

Once vulnerabilities are identified, the work isn’t done—it’s just beginning. In this episode, we explore how analysts develop and communicate action plans for addressing discovered risks. You’ll learn how patching schedules, configuration changes, user awareness efforts, and compensating controls are communicated clearly to technical teams, projec…

1
Episode 119: Creating and Understanding Compliance Reports 14:50

5M ago14:50

14:50

Security isn't just about stopping threats—it's also about proving due diligence. In this episode, we explore how security teams create and interpret compliance reports aligned with frameworks like PCI DSS, HIPAA, NIST 800-53, and ISO 27001. You’ll learn how reports are structured to demonstrate adherence to technical controls, timelines, audit req…

1
Episode 118: Vulnerability Management Reporting Essentials 14:43

5M ago14:43

14:43

In this episode, we break down the core components of a vulnerability management report. You’ll learn how to organize and present data on discovered vulnerabilities, affected assets, associated risk scores, remediation efforts, recurrence frequency, and mitigation timelines. We explain how to structure reports for different audiences—whether it's a…

1
Episode 117: Domain 4 Overview – Reporting and Communication in Cybersecurity 13:10

5M ago13:10

13:10

Welcome to Domain 4 of the CySA+ PrepCast. In this episode, we introduce the principles of reporting and communication—critical soft skills that define how technical findings are translated into business decisions. You’ll learn why analysts must be effective communicators, how reporting ties into regulatory requirements, and what makes security met…

1
Episode 116: Post-Incident Activity and Organizational Learning 13:10

5M ago13:10

13:10

Once the smoke clears, the real improvement begins. In this episode, we explore the post-incident phase of the incident response lifecycle. You’ll learn how forensic analysis is conducted to uncover technical root causes, how timeline reconstruction helps validate scope and sequence, and how organizations document lessons learned to avoid repeating…

1
Episode 115: Incident Preparation – Building a Response Program 13:32

5M ago13:32

13:32

The best incident response doesn’t start with detection—it starts with preparation. In this episode, we walk through the preparation phase of the incident response lifecycle, focusing on how organizations create, document, and test their response plans. You’ll learn about IR playbooks, tabletop exercises, escalation matrices, and readiness assessme…

1
Episode 114: Containment, Eradication, and Recovery Phases 13:08

5M ago13:08

13:08

Detecting an incident is only the beginning. In this episode, we examine the containment, eradication, and recovery phases of incident response—what they are, how they differ, and how they build upon one another to restore a secure state. You’ll learn how containment isolates the threat, eradication removes it from the environment, and recovery bri…

1
Episode 113: Data and Log Analysis During an Incident 13:49

5M ago13:49

13:49

Raw data becomes actionable intelligence when it’s properly analyzed. In this episode, we focus on the data and log analysis process during an incident, explaining how analysts sift through event logs, network traffic, system alerts, and application telemetry to reconstruct what happened. You’ll learn how to use timeline creation, correlation engin…

1
Episode 112: Evidence Acquisition and Chain of Custody 12:55

5M ago12:55

12:55

Once an incident is detected, preserving evidence becomes a top priority. In this episode, we walk through the evidence acquisition process—from initial identification to collection, storage, and transfer. You’ll learn what types of evidence are collected during security incidents, including disk images, memory dumps, log files, and email headers, …

1
Episode 111: Indicators of Compromise (IoCs) – Detection Foundations 13:58

5M ago13:58

13:58

Detecting an attack starts with recognizing the signs. In this episode, we explore Indicators of Compromise (IoCs)—artifacts that suggest an organization may have been breached or is under active threat. You’ll learn how IoCs include file hashes, domain names, IP addresses, registry keys, and behavioral anomalies, and how analysts discover them dur…

1
Episode 110: Open Source Security Testing Methodology Manual (OSSTMM) 13:58

5M ago13:58

13:58

The OSSTMM is often overlooked—but it provides a rigorous, standards-based approach to security testing that aligns with the goals of CySA+ and many compliance frameworks. In this episode, we explain what the Open Source Security Testing Methodology Manual is, why it matters, and how it provides structure to everything from reconnaissance and vulne…

1
Episode 109: MITRE ATT&CK Framework for Analysts 15:29

5M ago15:29

15:29

In this episode, we explore the MITRE ATT&CK Framework—a living matrix of adversary behaviors that has transformed how cybersecurity professionals track and respond to attacks. You’ll learn how the framework maps tactics (the goals of an attacker) to techniques (the methods they use), and how analysts use ATT&CK to build detection logic, design thr…

1
Episode 108: The Diamond Model of Intrusion Analysis 16:09

5M ago16:09

16:09

What happens when we move beyond events and look at the relationships between adversaries, capabilities, victims, and infrastructure? In this episode, we introduce the Diamond Model of Intrusion Analysis—a framework that gives analysts a structured way to examine threats by looking at key attributes and how they interact. You’ll learn how this mode…

1
Episode 107: Cyber Kill Chains – From Recon to Exploitation 14:26

5M ago14:26

14:26

To stop an attack, you must understand its progression. In this episode, we explore the Lockheed Martin Cyber Kill Chain—a widely used framework that maps the stages of a cyberattack from initial reconnaissance through delivery, exploitation, command and control, and beyond. You’ll learn how attackers move through each phase, and how defenders can …

1
Episode 106: Domain 3 Overview – Mastering Incident Response and Management 14:50

5M ago14:50

14:50

Welcome to Domain 3 of the CySA+ PrepCast, where we move from prevention and vulnerability management into response and containment. In this episode, we provide an overview of what incident response means in modern organizations and how it’s structured in the CySA+ exam. You’ll learn how incident response differs from general troubleshooting, and w…

1
Episode 105: Domain 2 Review – From Scanning to Secure Development 13:38

5M ago13:38

13:38

Before moving forward, it’s time to reflect. In this comprehensive recap, we walk through the critical knowledge areas covered in Domain 2: Vulnerability Management. From scanning types and validation workflows to secure coding, asset prioritization, compensating controls, and risk decisions—you’ll get a structured review that reinforces everything…

1
Episode 104: Threat Modeling for Analysts 13:59

5M ago13:59

13:59

What if you could anticipate the attacker’s plan before they even launch it? In this episode, we introduce threat modeling as a method for identifying and prioritizing potential threats based on how applications and systems are designed. You’ll learn how threat modeling is performed using techniques like STRIDE, kill chain analysis, and data flow d…

1
Episode 103: Secure Software Development Lifecycle (SDLC) 14:05

5M ago14:05

14:05

Security that begins in production is already behind schedule. In this episode, we take a holistic view of the Secure Software Development Lifecycle (SDLC), explaining how security is integrated into every phase of software creation—from planning and design to development, testing, deployment, and maintenance. You'll learn how threat modeling, secu…

1
Episode 102: Secure Coding Best Practices for Analysts 15:13

5M ago15:13

15:13

You don’t need to be a developer to influence secure code—but you do need to understand what secure coding looks like. In this episode, we break down the most important secure development practices that analysts should know when evaluating application risk or reviewing vulnerability reports. Topics include input validation, output encoding, secure …

1
Episode 101: Attack Surface Management in Action 14:45

5M ago14:45

14:45

You can't protect what you can't see. In this episode, we explore the evolving discipline of attack surface management (ASM)—a proactive process that helps security teams identify, map, and reduce the ways in which an attacker could compromise an organization. You'll learn how ASM incorporates both internal and external assets, including shadow IT,…

1
Episode 100: Vulnerability Prioritization and Escalation 14:40

5M ago14:40

14:40

In a world where thousands of vulnerabilities exist, how do you decide which to address first? In this episode, we break down the art and science of vulnerability prioritization—how analysts combine CVSS scores, asset value, exploitability, and business context to triage effectively. You’ll learn how to identify which issues must be escalated to le…

1
Episode 99: Policy, Governance, and SLO Integration 14:42

5M ago14:42

14:42

Cybersecurity doesn’t happen in a vacuum—it happens under governance. In this episode, we explain how policies, governance structures, and service-level objectives (SLOs) shape the work of the security analyst. You’ll learn how vulnerability management policies define scan frequency, remediation timelines, and exception criteria—and how governance …

1
Episode 98: Risk Management Principles for Vulnerability Response 15:44

5M ago15:44

15:44

Effective vulnerability management is built on sound risk management principles. In this episode, we explore the four classic risk response strategies—accept, avoid, transfer, and mitigate—and how they apply to real-world cybersecurity scenarios. You'll learn how security analysts recommend and evaluate responses based on the nature of the vulnerab…

1
Episode 97: Documenting and Handling Exceptions 14:08

5M ago14:08

14:08

Sometimes a vulnerability can’t be fixed—at least, not right away. In this episode, we explain how analysts and risk managers document and process exceptions: formal records of accepted risk where vulnerabilities are not remediated within standard timelines. You’ll learn when exceptions are appropriate, what approvals are required, and how expirati…

1
Episode 96: Maintenance Windows and Update Timing 13:46

5M ago13:46

13:46

Security teams can’t just apply patches whenever they want—especially in enterprise environments where uptime and availability are critical. In this episode, we explore how maintenance windows are scheduled, documented, and coordinated to apply updates without disrupting core business operations. You’ll learn how organizations balance risk reductio…

1
Episode 95: Patch and Configuration Management Lifecycle 15:13

5M ago15:13

15:13

Vulnerabilities don’t just exist—they persist, especially when patch and configuration management processes are weak. In this episode, we walk through the full lifecycle of patching and secure configuration: from initial discovery and testing, to staged deployment, validation, and rollback planning. You'll learn how patch management tools integrate…

1
Episode 94: Control Types and Their Purposes 15:13

5M ago15:13

15:13

Not all security controls serve the same function. In this episode, we explain the various types of controls used across cybersecurity programs and why it’s important to understand their classification. You’ll learn the difference between managerial, operational, and technical controls—and how each can be preventative, detective, responsive, or cor…

1
Episode 93: Compensating Controls in Vulnerability Management 16:47

5M ago16:47

16:47

What happens when you can’t fix a vulnerability directly? In this episode, we introduce the concept of compensating controls—alternative safeguards put in place to reduce risk when a vulnerability cannot be immediately remediated. You’ll learn how network segmentation, monitoring, air gapping, and tightly scoped access policies are used to minimize…

1
Episode 92: Local/Remote File Inclusion (LFI/RFI) 14:59

5M ago14:59

14:59

Sometimes attackers don’t need to upload malicious files—they just need to include them. In this episode, we explore Local File Inclusion (LFI) and Remote File Inclusion (RFI) vulnerabilities, which allow attackers to manipulate file paths in application inputs and force systems to load unintended or external code. You’ll learn how LFI can be used …

1
Episode 91: Privilege Escalation Techniques and Dangers 13:44

5M ago13:44

13:44

Attackers often start with limited access—but they rarely stay there. In this episode, we break down privilege escalation vulnerabilities, which allow attackers to move from low-level accounts to administrative or root-level control. You’ll learn the difference between vertical and horizontal escalation, how flaws in permissions, service configurat…

1
Episode 90: Remote Code Execution (RCE) Threats 14:59

5M ago14:59

14:59

Few vulnerabilities are as critical—or as devastating—as remote code execution. In this episode, we explore how RCE vulnerabilities allow attackers to run arbitrary code on target systems, often with high privileges and zero user interaction. You’ll learn how RCE flaws emerge from input validation failures, memory corruption bugs, insecure deserial…

1
Episode 89: Server-Side Request Forgery (SSRF) 14:59

5M ago14:59

14:59

Some of the most dangerous requests come from inside the house. In this episode, we unpack Server-Side Request Forgery (SSRF), a vulnerability that allows attackers to trick a server into sending requests to internal services, external endpoints, or cloud metadata APIs. You’ll learn how attackers abuse server-side functionality to pivot into otherw…

1
Episode 88: Identification and Authentication Failures 14:28

5M ago14:28

14:28

If attackers can bypass your login system, the rest of your defenses may not matter. In this episode, we explore identification and authentication failures such as broken login flows, weak password policies, exposed session tokens, and improper use of multifactor authentication (MFA). These flaws make it easy for attackers to impersonate users or h…

1
Episode 87: End-of-Life and Legacy Component Risk 13:36

5M ago13:36

13:36

Running outdated software isn't just inconvenient—it’s dangerous. In this episode, we explore the risks posed by end-of-life (EOL) systems and unsupported components, which often lack vendor patches, security updates, or compatibility with modern security tools. You'll learn how attackers specifically target legacy platforms due to known vulnerabil…

1
Episode 86: Security Misconfiguration Issues 14:15

5M ago14:15

14:15

Even the strongest tools can be rendered useless by poor configuration. In this episode, we explore how security misconfigurations—ranging from default credentials and exposed directories to verbose error messages and unrestricted administrative interfaces—create pathways for attackers. These issues often appear in cloud platforms, web servers, mob…

1
Episode 85: Insecure Design Patterns 13:01

5M ago13:01

13:01

Not all vulnerabilities are bugs—some are architectural. In this episode, we explore the concept of insecure design, a growing concern recognized in recent OWASP rankings. You’ll learn how poor design choices—such as excessive trust in client input, lack of threat modeling, or missing authorization layers—can create exploitable conditions even when…

1
Episode 84: Directory Traversal Vulnerabilities 14:09

5M ago14:09

14:09

When input isn’t properly restricted, users can end up accessing far more than intended. In this episode, we break down directory traversal vulnerabilities—flaws that allow attackers to manipulate file paths and access sensitive files or directories outside of the intended web root. You’ll learn how inputs like ../ or encoded path characters can le…

1
Episode 83: Cross-Site Request Forgery (CSRF) 15:18

5M ago15:18

15:18

In this episode, we examine Cross-Site Request Forgery, or CSRF—a vulnerability that tricks authenticated users into executing unwanted actions on a web application. You’ll learn how attackers exploit user sessions by embedding malicious links or scripts in third-party sites, emails, or ads, effectively hijacking user privileges to perform unauthor…

1
Episode 82: Injection Flaws Explained 13:37

5M ago13:37

13:37

Injection vulnerabilities have been on the OWASP Top Ten for years—and for good reason. In this episode, we explain how SQL, command-line, and LDAP injection flaws allow attackers to manipulate input to execute unintended commands or access unauthorized data. You’ll learn the anatomy of a basic injection attack, how user input is weaponized, and wh…

Podcasturi care merită ascultate

CYSA Podcast-uri

Podcasturi care merită ascultate

Ghid rapid de referință