Podcast Episodes

Reverse Engineering BMCs and Other Firmware - Vladyslav Babkin - BTS #15

Vlad is part of the Eclypsium research team and has discovered several flaws in BMC ecosystems. He comes on the show to talk about his journey and cover the details behind BMC vulnerabilities and att…

Published on 2 years, 1 month ago

Protecting The Federal Supply Chain - John Loucaides - BTS #14

John Loucaides, SVP Strategy at Eclypsium, joins us on the show to discuss protecting the federal supply chain!

This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to l…

Published on 2 years, 2 months ago

Network Device Supply Chain Security - Nate Warfield - BTS #13

We dig into network devices/appliances, why they are still around, who is attacking them, and how. Just why are attackers using network devices in ransomware campaigns and how do we stop them? Tune-i…

Published on 2 years, 2 months ago

Dealing with The Digital Supply Chain - Ramy Houssaini - BTS #12

Ramy Houssaini joins us to discuss the challenges enterprises face when dealing with supply chain threats, risks and vulnerabilities. We'll explore how to identify cybersecurity gaps in your various …

Published on 2 years, 6 months ago

SCRM and Supply Chain Security Up and Down the Stack - Steve Orrin - BTS #11

Supply Chain threats and industry / government initiatives like EO 14028 are driving a deeper understanding and a set of requirements for applying supply chain risk management (SCRM) and increased tr…

Published on 2 years, 6 months ago

Learning About Firmware Security - Xeno Kovah - BTS #10

Firmware security is a deeply technical topic, that's hard to get started in. In this talk, Xeno will discuss some past work in firmware security, and how he has organized resources such as a low lev…

Published on 2 years, 6 months ago

Accidentally Learning about Security: From Firmware to the Cloud, Brian Richardson - BTS #9

Brian Richardson didn't start out wanting to do marketing or computer security... but after starting his career as a BIOS programmer, he tripped and fell into technical marketing (aka "Binary to Engl…

Published on 2 years, 7 months ago

BTS #8 - Richard Hughes

The LVFS is a project used by over 130 different vendors, from all positions of the supply chain. It decompresses, decompiles, then analyses firmware looking for issues, and then automatically builds…

Published on 2 years, 7 months ago

Nicholas Starke - BTS #7

Discuss current events in firmware security, such as the techniques utilized in BlackLotus. We will compare Baton Drop with Grub2 capabilities.

Segment Resources:

https://starkeblog.com/

Show Not…

Published on 2 years, 8 months ago

BTS #6 - Vincent Zimmer

This session will provide an overview of the history of host firmware, or BIOS, focusing on the arc of the Unified Extensible Firmware Interface. It will include the development of defenses like UEFI…

Published on 2 years, 8 months ago