In learning the craft of Infosec I find one of the best ways to stay on top of and get good context into the going-ons in the industry are podcasts. Some will teach, others will inform, and some are just damn fun to listen to. I’ve assembled a list of my favorites and a little bit about each one, enjoy!
Risky Biz
Risky Biz is my first find and often my favorite infosec podcast to listen to. Has a format of news segment, feature interview, and sponsor segment, pushed out weekly. The news segment is often informative and hilarious just a joy to listen to the host Patrick Gray and his co-host Adam Boileu. The feature interview is often a great deep dive into the latest trends and technical research. And in the sponsor segment Patrick finds a way to extract real value from the vendors that give you insight into how their tools actually work, better than their marketing departments. As well Patrick does a great job vetting vendors, so it is rare to hear about any security theater vendors there.
Paul’s Security Weekly
Security Weekly is really a collection of several shows started by the original shows namesake Paul Asadoorian and a large group of co-hosts each focused a specific segment of the information security space. I tend to listen to the main Security Weekly, Hack Naked News, Enterprise Security Weekly on a regular basis with some of the other shows every once in a while.
The main show tends to be a blend of interviews with working infosec professionals, news breakdowns, and often whiskey driven tomfoolery.
Enterprise Security Weekly look specifically at enterprise defense, both tool and trying to make sense of the vendor space for this industry. Often resulting in rants on vendor marketing teams which really struggle to explain the basics around, what problem is there, how does your product solve it.
Hack Naked News, a wrap up program focus just on the weeks top news. Good for trending analysis and knowing some of the top stories for the week, but check out the other programs for more in detail on the topics covered here.
Sans Internet Stormcast
The Stormcast is put out by the SANS institute one of the premier places for infosec training hosted by Johannes Ullrich. These podcasts are daily during the workweek and tend to be 5-10 minutes in length focused very heavily on latest security vulnerabilities, and research by members of the SANS community. Offers a great insight to the daily trends and snips of technical info that often lead you down a rabbit hole of the SANS site to get the gory details.
Beers with Talos
Beers with Talos is a much newer podcast with only 13 episodes out as of this post. It comes out about every other week and is hosted by Cisco’s Talos research arm. Provides great detail into the groups recent investigations, such as the CCleaner backdoor they discovered. Again great insight into very current trends and cutting edge security research.
Defensive Security Podcast
The Defensive Security podcast is hosted by two blue teamers Jerry Bell and Andrew Kalat who look at the current trends and analyze it from their perspective providing a reasoned defenders point of view. Their site host a plethora of great resources I didn’t even realize until loading it up while writing this, looks like I know where the next internet time sink for me will be. This podcast is entirely listener supported with no commercial ties, a proud distinction the hosts make listeners aware of. Good on em.