ISC StormCast for Thursday, February 23rd 2017
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 23 February 2017
⏱️ 5 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Thursday, February 23rd, 2017 edition of the Sansanet Storm Center's Stormcast. My name is Johannes Ulrich, and today I'm recording from Scottsdale, Arizona. |
| 0:13.3 | Netflix made yet another interesting security tool open source. This security tool focuses on mobile device management. What it is, it's |
| 0:23.6 | a web application that your users can use to review their devices security posture. It |
| 0:30.6 | does integrate with a number of different mobile device management systems. So if your user is connected to one of these |
| 0:39.8 | systems, then this tool will go out, pull the information from that system, and then |
| 0:45.8 | present it to the users with suggestions on how to improve the security for their device. |
| 0:53.1 | Now, they do support Google's mobile device management. They also |
| 0:57.4 | support YAMF for Macs. That's a very popular system for iOS. And then also Land Desk for Windows. |
| 1:07.0 | And the number of different configurations being reviewed here are the basics essentially |
| 1:13.3 | like disk encryption, like screen lock, is the device jail broken or rooted? |
| 1:18.9 | Now unlike some systems that then force the user to make changes, this system just suggests |
| 1:26.8 | that the user makes changes to the device and leaves it really up to the changes. This system just suggests that the user makes changes to the device and leaves it |
| 1:30.1 | really up to the user to then make the actual change. So there's more control with the user, |
| 1:36.5 | but the user is informed as to what's wrong with their device. Overall, this looks really |
| 1:42.8 | interesting and Netflix made it available as a dockerized |
| 1:46.3 | application, so it shouldn't really be that terribly difficult to install for anybody. |
| 1:51.6 | And then we got yet another interesting blog by Alexander Klingk, this time about how |
| 1:57.3 | Firefox uses intermediate certificate authority certificates. |
| 2:01.6 | The problem here is that if you go to an HTTP website, what you usually receive from the website is the website certificate |
| 2:09.6 | and the signing certificate that was used to sign this particular website certificate. |
| 2:16.6 | Now your browser will validate the signing certificate |
| 2:19.9 | using one of the root certificates that are preinstalled with the operating system or the browser. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.