[Owasp-boston] OWASP Boston - security podcasts review

Weiler, Jim Jim.Weiler at Staples.com
Thu Mar 9 17:24:37 EST 2006


I've been listening to lots of Computer Security presentations on my iPod
(MP3 files), and despite Business 2.0 magazine saying podcasts are not
'hot', I've found them a great way to spend some of the 5 hours a week
commuting time I have. I thought I'd share my opinion of the ones I've
found, and maybe some of you can let us know your opinions of any security
podcasts you know of. Most of these I found using iTunes as the podcast
aggregator, but I've included their direct links and their own self
description. I only included the ones you can subscribe to, not single
podcasts.

Generally no one's background, experience or job is described. None of these
are particularly about web application security except MightySeek, but they
can be interesting. There are others explicitly about network or VOIP
security that I have not included. I've included the iPod display and iTunes
description in order to judge how easy it is to select the one you want on
your iPod and to manage them in your library, like remembering which ones
you've listened to and deleting them.

There are some more to review but I wanted to get this list out. I'll send
out another set of reviews later. Let me know what you think.

Security Wire Weekly
SearchSecurity.com's Security Wire Weekly audio download is a brief newscast
recapping the week's top security news stories, as well as interesting
developments that you may not have known about.
http://feeds.feedburner.com/blogspot/ZhKn
JimW comment - 
just like it says, someone reading some news.
iPod display - 'Security Wire Weekly' and the date. Nothing on items covered
iTunes description - eventually lists the topics after telling you it's the
Security Wire Weekly edition of some sort, the reporter, and their title.
sound quality - good
 
Security Now!
TechTV's Leo Laporte and Steve Gibson take 20 to 30 minutes near the end of
each week to discuss important issues of personal computer security.
Sometimes we'll discuss something that just happened. Sometimes we'll talk
about long-standing problems, concerns, or solutions. Either way, every week
we endeavor to produce something interesting and important for every
personal computer user. 
http://www.grc.com/SecurityNow.htm
JimW's Comments - 
This is the best of all. There is a single topic which is well described and
well explained; every 4th podcast is listener Q+A. 
iPod display - The podcast name which appears in the iPod window contains
the topic and episode #
sound quality - very good
format - Host/tech speaker - Steve Gibson does most of the talking with Leo
asking useful questions and providing summations.
 
PaulDotCom Security Weekly
http://www.pauldotcom.com/security_weekly/ IT Security news, research,
vulnerability discussions, and interviews.
JimW comments - 
after 2 to 7 minutes discussing the host dudes various personal events of
the previous week, the topics mentioned above are discussed, with frequent
non-topic asides. If you are familiar with the exploits, news, research etc.
already, you will understand the discussion and comments, but sometimes the
situation, technology or procedures are not explained, sometimes they are. 
iPod display - 'PaulDotCom Security Weekly', episode, date.
iTunes description - exactly the topics covered, need to right click and
select description to see it all.
sound quality - good for the 2 main speakers, poor for anyone else.
format - host/cohost (both very technical), various others (also very
technical). 
 
SploitCast
Welcome to SploitCast, the podcast for hackers, geeks, and the security
paranoid. We are a group of students and IT professionals that have decided
to start a downloadable talk show. SploitCast will discuss a wide variety of
topics; these include, but are not limited to, new vulnerabilities, exploit
code, security and technology news, and possibly even cute little bunny
rabbits (but don't hold your breath). The SploitCast crew will also be
conducting interviews and round table discussions with other members of the
security industry
JimW coments - 
technical dudes discussing various computer security events, with frequent
non topic asides.
iPod display - sploitcast and episode #
iTunes description - full topic description
sound quality - good
http://www.sploitcast.com/ <http://www.sploitcast.com/> 
 
securitycatalyst
The independent information security podcast and blog with leading edge
insights in an easy to understand format
JimW comment - 
very diverse - technical; home user; enterprise level; homeland security. A
few topics per podcast are discussed and well covered.
iPod display - main topic or topics, sometimes preceded by 'Security
Cataltyst' and episode #.
iTunes description - very chatty long description about that show followed
by topic list - never got to the end of the topic list. 
sound quality - good
Format - usually single speaker, some interiews
http://www.securitycatalyst.com/ <http://www.securitycatalyst.com/> 
 
crypto-gram Security Podcast
reading of Bruce Schneier's crypto-gram newsletter
JimW comment -
 reading of Bruce Schneier's crypto-gram newsletter. The newsletter is
Bruce's comments on events of all kinds (political, technical, scientific,
computational), usually discussing some security aspect of that event.
Useful to hear security aspects (anonymity, authentication, authorization,
privacy, accountability, prevention, deterrence etc.) applied to real world
events.
format - reading of Bruce Schneier's crypto-gram newsletter
iPod display - 
iTunes description - each description has the same first 100 characters, I
never got out to the whole description for any episode.
sound quality - good
http://crypto-gram.libsyn.com/ <http://crypto-gram.libsyn.com/> 
 
mightyseek
http://www.mightyseek.com/
Mighty Seek is primarily a podcast about Web Application Security and
Development. The show is put together by Dan Kuykendall and whoever else he
can get to contribute. Dan Kuykendall BIO ***
Professional Career:
As Director of Engineering at NT OBJECTives, Inc., Dan Kuykendall focuses on
new threats and attack automation strategies for all aspects of Web
application/services security.
Prior to joining NT OBJECTives, Mr. Kuykendall worked as a Web Application
Software Engineer at Foundstone where he developed a web application for
managing the FoundScan network scanning software. During this time Mr.
Kuykendall was responsible for securing the web application from exploit
from the outside and in its communication with the scanning engine.
Mr. Kuykendall previously worked at one of the top 20 European financial
institutions as a Network Engineer and part of its emerging Network Security
Team. 
JimW comment - 
you get to listen to 60 seconds of the 1960's Mighty Mouse cartoon show song
at the start of each podcast; then a rambling presentation of content not
too well organized, basic application security topics.
format - single speaker
sound quality - good
iPod display - good topic description
iTunes description - even better topic description but so long and chatty
you can't see all of it unless you right click and choose description.
 
AdventuresInSecurity
http://www.adventuresinsecurity.com/podcasts.html
Weekly News and Security Management Tip
JimW comment - 
more large company issue oriented, very basic discussion of information
security topics, standard recommendations.
sound quality - too good; the 's's are piercing and there's been a smoke
detector in the background chirping about it's low battery for every show so
far.
iPod display - episode # and topic.
iTunes description- good description of topics.
14 to 50 minutes, can start with lots or little news before getting to the
'topic', interesting discussion of the news. Topic discussion can last 5 to
20 minutes.
 
CIO Strategy Center - Symantec
a daily editorial resource offering innovative insights and security
strategies for building an integrated, secure and resilient IT
infrastructure.
JimW comment - 
6 to 12 minute interviews and single speaker discussions about CIO level
issues, - general platitudes 
sound quality - good
iPod display - 'Podcast:' topic
iTunes description - 
 
Speaking of Security - the RSA Security Blog and Podcast.
http://www.rsasecurity.com/blog/index.asp
5 to 10 minutes of RSA product and company news and occasional 3 to 4 minute
interesting discusstion of information security topic by RSA staff.
JimW comment - 
mostly product stuff
sound quality - good
iPod display - Speaking of Secuity podcast #
iTunes description - good description of podcast topics

 

 
Jim Weiler
Staples North American Delivery
Application Security Architect
508 2533884
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-boston/attachments/20060309/3c759b66/attachment.html 


More information about the Owasp-boston mailing list