Ephemeral Security

Hosted by Steve Stonebraker

TechnologyInterviews guests

Website RSS feed

Episodes

Latest episode

Mar 2025

Language

EN-US

About the show

Interviews and fun with professionals, hackers, and everything in between.

Listen to episodes

17 recent

March 26, 20251 hr 21 min

Jason Costain - Fraud Defense with Javloc

Jason Costain, founder of Javloc, joins us to discuss his 30 years of experience in fraud prevention and bank defense systems. Jason shares insights into the evolution of fraud, from early check scams to modern-day threats like voice deepfakes and machine learning-driven credit card fraud. He also highlights the UK's regulatory responses, the importance of customer education, and the role of technology in combating scams. Jason introduces Javloc's mission to help banks and companies enhance their scam defenses.Highlights Include:Early experiences with fraud and the evolution of scam tactics.The impact of real-time payments and internet banking on global fraud.UK regulatory measures like the voluntary refund code and consumer protection reforms.Advanced scam techniques, including voice deepfakes and machine learning.The role of banks in educating customers and implementing biometric security measures.Javloc's approach to advising organizations on fraud prevention.Pick of the Week:Steve Stonebraker - Real Dictators podcast.Jason Costain - Surrounded by Psychopaths by Thomas Erikson.Guest:Jason Costain - https://www.linkedin.com/in/jason-costain-b529746/Javloc - https://www.javloc.com/Links:Podcast Website: ⁠⁠⁠⁠https://ephemeralsecuritypodcast.com⁠⁠⁠⁠Steve's Other Podcast: ⁠⁠⁠https://aolunderground.com/⁠⁠⁠Brakertech LLC: ⁠⁠⁠⁠https://brakertech.com⁠⁠⁠⁠Github: ⁠⁠⁠⁠https://github.com/ssstonebraker⁠⁠⁠⁠Social:LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/in/stevestonebraker⁠⁠⁠⁠Twitter: ⁠⁠⁠⁠https://twitter.com/brakertech⁠⁠⁠⁠Credits:Audio Editing by Sam Fox - ⁠⁠⁠⁠sam.fox.london@gmail.com⁠⁠⁠⁠Intro music by Margo Stonebraker

January 24, 202546 min

Dr. Ethan Heilman - Enhancing Security with Bastion Zero and Exploring AI Ethics

Dr. Ethan Heilman, CTO of Bastion Zero, joins us to discuss the latest advancements in secure access technology and the ethical implications of AI systems. Dr. Heilman explains how Bastion Zero provides secure, passwordless access to servers, databases, and Kubernetes clusters without the need for VPNs or SSH keys. Key features include session recording, multi-factor authentication (MFA), and short-lived credentials to ensure robust security. Highlights include: Bastion Zero’s Approach to Secure Access: Eliminates shared credentials by using SSL identities and MFA. Enables real-time session monitoring and auditing. Supports secure access for on-premises and cloud environments (AWS, GCP, etc.). Introduces Split Cert, a multi-party computation (MPC) technique for generating secure, short-lived database credentials without single points of compromise. Remote Desktop Protocol (RDP) and Kubernetes Access: Pick of the Week: Steve Stonebraker - ⁠The man who broke into Windsor Castle to assassinate the late Queen with a crossbow had discussed his plans with his AI chatbot girlfriend Man Dies by Suicide After Talking with AI Chatbot, Widow Says Ethan Heilman - A Collection of Unmitigated Pedantry – A history blog offering in-depth, approachable explorations of historical topics. Guest: Dr. Ethan Heilman - ⁠⁠https://www.linkedin.com/in/ethan-heilman-39896934/⁠⁠ BastionZero's website - ⁠https://www.bastionzero.com/ ⁠ Video on how multiple MFA works with Bastion Zero - ⁠https://brakertech.com/aws-systems-manager-session-manager-on-steroids/ Links: Podcast Website: ⁠⁠⁠https://ephemeralsecuritypodcast.com⁠⁠⁠ Steve's Other Podcast: ⁠⁠https://aolunderground.com/⁠⁠ Brakertech LLC: ⁠⁠⁠https://brakertech.com⁠⁠⁠ Github: ⁠⁠⁠https://github.com/ssstonebraker⁠⁠⁠ Social: LinkedIn: ⁠⁠⁠https://www.linkedin.com/in/stevestonebraker⁠⁠⁠ Twitter: ⁠⁠⁠https://twitter.com/brakertech⁠⁠⁠ Credits: Audio Editing by Sam Fox - ⁠⁠⁠sam.fox.london@gmail.com⁠⁠⁠ Intro music by Margo Stonebraker

January 5, 202456 min

Jim Rigney - Senior Director - InfoSec Architecture, Engineering, Operations

We dive deep into the evolution of neworks and security from early internet to today. Mentioned in the show:Cyber Trust Mark Pick of the Week: Steve Stonebraker - The Artifice Girl Jim Rigney - Healthy Gamer GG - "You Are Burned Out And Don't Even Know It" Episode Show Notes: Jim Rigney - https://www.linkedin.com/in/rigney/ Links: Podcast Website: ⁠⁠https://ephemeralsecuritypodcast.com⁠⁠ Steve's Other Podcast: ⁠https://aolunderground.com/⁠ Brakertech LLC: ⁠⁠https://brakertech.com⁠⁠ Github: ⁠⁠https://github.com/ssstonebraker⁠⁠ Social: LinkedIn: ⁠⁠https://www.linkedin.com/in/stevestonebraker⁠⁠ Twitter: ⁠⁠https://twitter.com/brakertech⁠⁠ Credits: Audio Editing by Sam Fox - ⁠⁠sam.fox.london@gmail.com⁠⁠ Intro music by Margo Stonebraker

August 19, 20231 hr 13 min

Dan Nowak - Threat Intelligence, Insider/Nation State Threats, and Beyond

Chat with Dan Nowak about threat intelligence, insider threats, deception techniques, intellectual property theft, Made in China 2025, Unlimited Warfare, the future of ransomware, and Defcon. Pick of the Week: Steve - The Americans Dan - Meat Church Guys - The Whisky Bent Barbecue Episode Show Notes: Dan Nowak - ⁠https://www.linkedin.com/in/nowakdaniel/⁠ Website: www.celsus.io Substack: ⁠https://archetypesandobjectives.substack.com⁠ Links: Podcast Website: ⁠https://ephemeralsecuritypodcast.com⁠ Steve's Other Podcast: https://aolunderground.com/ Brakertech LLC: ⁠https://brakertech.com⁠ Github: ⁠https://github.com/ssstonebraker⁠ Social: LinkedIn: ⁠https://www.linkedin.com/in/stevestonebraker⁠ Twitter: ⁠https://twitter.com/brakertech⁠ Credits: Audio Editing by Sam Fox - ⁠sam.fox.london@gmail.com⁠ Intro music by Margo Stonebraker

June 28, 202330 min

Matt Wright - Senior Security Engineer

Chat with Matt Wright, Senior Security Engineer on Cloud Security Posture Management (CSPM), Attack Surface Management (ASM), Artificial Intelligence. We also cover some news, talk about zero days, and responsible disclosure Episode Show Notes: Matt Wright - https://www.linkedin.com/in/matt1337/ Links: Podcast Website: ⁠https://ephemeralsecuritypodcast.com⁠ Github: ⁠https://github.com/ssstonebraker⁠ Brakertech LLC: ⁠⁠https://brakertech.com⁠⁠ Social: LinkedIn: ⁠https://www.linkedin.com/in/stevestonebraker⁠ Twitter: ⁠https://twitter.com/brakertech⁠ Credits: Audio Editing by Sam Fox - sam.fox.london@gmail.com Intro music by Margo Stonebraker

October 5, 20221 hr 14 min

Presenting: AOL Underground "AOL History from the people that lived it - Erci Stern"

Erci Stern tells us her origin story.  We review in depth how she battled users that were uploading Warez on a customer's Anonymous FTP site and also hear a funny story about Slingo.  She takes us through her entire career at AOL where she started in Site Reliability (Systems Administration/Operations), moving to Information Security/QA, and then went into project management.  We also cover her life after AOL where she went back to System Administration and has been a champion of security along the way throughout her career. Other topics include Configuration Management, Security Certifications, passion projects, etc..  Erici also shares with us her experience mentoring at "Girls who Code" and advice for girls that want to go into IT. Guest: Erci Stern Host: Steve Stonebraker CoverArt: Created by Broast (https://broast.org), original idea by LampGold. -- AOL Underground Podcast Follow us on twitter - @AOLUnderground @brakertech Merch - https://www.redbubble.com/people/AOL-Underground/shop Donate - https://www.buymeacoffee.com/AOLUnderground Contact the Host - https://aolunderground.com/contact-host/ Reconnect with old AOLers - https://discord.gg/reaol https://aolunderground.com/community/

July 28, 20222 hr 10 min

Presenting: AOL Underground "Origin story of a Digital Forensic Incident Responder (DFIR)"

Surf Kahuna (Ryan Chapman) shares his origin story about a series of events that occurred on AOL that rocked his world and led him down the path of digital forensics.  Then Steve and Ryan talk espionage, multiple Advanced Persistent Threats, retro gaming, password spraying, ransomware, and what has helped Ryan be successful in Infosec. Guest: Surf Kahuna/Mac Diablo (Ryan Chapman) Host: Steve Stonebraker CoverArt: Created by Broast (https://broast.org), original idea by LampGold. -- Ryan Chapman Follow Ryan on Twitter - @rj_chap Ryan's Blog - https://incidentresponse.training/ Author of SANS FOR528 "Ransomware for Incident Responders" - for528.com/course Instructor of SANS FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques  - https://www.sans.org/cyber-security-courses/reverse-engineering-malware-malware-analysis-tools-techniques/ Part of the @CactusCon crew - https://www.cactuscon.com/ -- AOL Underground Podcast Follow us on twitter - @AOLUnderground @brakertech Merch - https://www.redbubble.com/people/AOL-Underground/shop Donate - https://www.buymeacoffee.com/AOLUnderground Contact the Host - https://aolunderground.com/contact-host/ Reconnect with old AOLers - https://discord.gg/reaol https://aolunderground.com/community/

June 15, 202248 min

Sandeep Lahane - Deepfence

Chat with Sandeep Lahane, CEO of Deepfence, on how ThreatStryker is changing the game for Cloud Workload Protection.  We go deep in to the product's unique full SSL decryption and packet capture capability, identification of an organizations most vulnerable endpoints, and automated workflows to remediate compromised systems. Episode Show Notes: Sandeep Lahane - https://www.linkedin.com/in/sandeep-lahane-b9520a4/ Deepfence - https://deepfence.io/ Review of Deepfence's sandbox environment - https://brakertech.com/deepfence-cloud-native-workload-protection-for-infosec-pros/ Links: Podcast Website: https://ephemeralsecuritypodcast.com Blog: https://brakertech.com Github: https://github.com/ssstonebraker Social: LinkedIn: https://www.linkedin.com/in/stevestonebraker Twitter: https://twitter.com/brakertech Credits: Intro music by Margo Stonebraker

June 8, 20221 hr 6 min

Ryan Fried - Senior Security Engineer & Adjunct Professor

Chat with Ryan Fried about being and adjunct professor in the Cyber Security space, being a virtual CISO and talking to executives, purple teaming, true positive security incidents, validating your controls and what you think you know, and Atomic Red Team.  Episode Show Notes: Ryan Fried - https://www.linkedin.com/in/ryan-fried-65747938/ Atomic Red Team - https://github.com/redcanaryco/atomic-red-team Bloodhound - https://github.com/BloodHoundAD/BloodHound Checkov - https://www.checkov.io/ Links: Podcast Website: https://ephemeralsecuritypodcast.com Blog: https://brakertech.com Github: https://github.com/ssstonebraker Social: LinkedIn: https://www.linkedin.com/in/stevestonebraker Twitter: https://twitter.com/brakertech Credits: Podcast edited and mastered by Charlie Clark, https://www.fiverr.com/chuckaudio Intro music by Margo Stonebraker

May 16, 202233 min

Lisa Falzone and Michael Green - Athena Security

Chat with Lisa Falzone and Michael Green of Athena Security Athena Security focuses on Entryway Security - https://www.athena-security.com/ Guests Michael Green, CEO and Co-Founder Lisa Falzone, President and Co-Founder Show Notes https://ephemeralsecuritypodcast.com/athena-security/ Podcast edited and mastered by Charlie Clark, https://www.fiverr.com/chuckaudio Intro music by Margo Stonebraker 