On this week’s show we’ll be chatting with information security’s enfant terrible Nathaniel Wakelam about some recon tricks he’s been using in bug bounty programs. He uses some nice tricks to rapidly identify ephemeral resources that often result in some spectacular hacks, like, say, being able to download all of REDACTED’s source code. That one was cool because it was a temporary resource that got popped – that’s something you have to watch these days.
This week’s show is brought to you by Cylance! Cylance makes machine learning-based AV software that by all reports works really well. Cylance CTO and co-founder Ryan Permeh is this week’s feature guest and we’re talking about something that we touched on last week – gaming machine learning. Does Cylance worry that a determined attacker will be able to gradually input bad data into Cylance’s learning set and game the whole system? Well, no, they’re not worried about it, but it’s definitely something they pay attention to. That’s really interesting stuff and it’s coming up after this week’s feature interview.
Adam Boileau, as always, pops in for this week’s news.
Links to everything are in this week’s show notes.