An award-winning cannabis podcast for women, by women. Hear joyful stories and useful advice about cannabis for health, well-being, and fun—especially for needs specific to women like stress, sleep, and sex. We cover everything from: What’s the best weed for sex? Can I use CBD for menstrual cramps? What are the effects of the Harlequin strain or Gelato strain? And, why do we prefer to call it “cannabis” instead of “marijuana”? We also hear from you: your first time buying legal weed, and how ...
…
continue reading
Inhalt bereitgestellt von Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
Ähnelt CISSP Cyber Training Podcast - CISSP Training Program
1
Real English Conversations Podcast – English for Global Professionals | Speak Clearly & Confidently at Work
Real English Conversations: Amy Whitney & Curtis Davies - English Podcast
1k
41
🚀 Real English Conversations – English for Global Professionals Are you an international professional working in English? Do you need to speak confidently and naturally in high-stakes business situations? You’ve just found your competitive advantage. 🎧 Welcome to the Real English Conversations Podcast — the go-to resource for intermediate to advanced English learners who want to communicate like a professional, not like a textbook. Hosted by Teacher Curtis Davies, Confidence, Pronunciation & ...
…
continue reading
Are you looking for more happiness, success and vitality in your life? Get inspired each week with wellness and performance expert, Integrative Medicine Fellow, author & keynote speaker, Kristel Bauer. Live Greatly shares empowering conversations and insights about happiness, wellness & success to support your personal and professional development. Kristel talks with top experts, leaders and inspiring individuals to help you embrace a growth mindset and excel in your work/life. Kristel then ...
…
continue reading
The key to learning Korean is how easy it is to stay motivated to learn the language. At TalkToMeInKorean.com, we provide a systematic curriculum of easy-to-follow lessons, and a wide selection of self-study Korean-learning books!
…
continue reading
Culips English Podcast: Practical English Learning Made Fun Learn and Explore: Join Culips for an exciting English learning journey. Our podcast focuses on teaching English idioms, slang, and phrasal verbs through fun and engaging conversations. Each episode helps you master English for real-life situations. Unique Learning Experience: Culips stands out by blending language skills with cultural insights. Our diverse hosts make learning relatable, covering a variety of everyday topics. You’ll ...
…
continue reading
Being positive is up to you. When you understand how your mind works, you really can create the life you desire.
…
continue reading
Named by Oprah as a thought leader for the next generation and one of Inc.’s 500 fastest growing companies, Marie Forleo’s goal is to help you become the person you most want to be. In this show, Marie and her guests share actionable strategies for greater happiness, success, motivation, creativity, productivity, love, health, contribution and fulfillment — often with a lot of laughs. From business, marketing and career advice, to tackling failure, disappointment and fear, to philanthropy an ...
…
continue reading
You can't save your way to your dream life anymore. The truth is, you’re gonna need to learn to make more money. The Travis Makes Money Podcast is not your typical personal finance show. Rather than shaming you for buying a Starbucks coffee or pressuring you to become a billionaire, we focus on empowering you to make more money so you can enjoy life today while preparing for your future. You don’t have to cut back so much that you miss out on the present, and you don’t need to become the nex ...
…
continue reading
The Voice of ASWJ Australia. Listen to & Download Our Latest Programs. Topics: Aqeedah (Creed), Tafsir Qur'an, Islamic Fiqh, History, Youth & Community programs, Medical & Health programs and much much more. Podcasts are in Arabic & English.
…
continue reading
Learn German in coffee-break lessons from the Radio Lingua Network. In each lesson we'll focus on the language you need to know and before long you'll be making yourself understood with native German speakers. 386357 Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Player FM - Podcast-App
Gehen Sie mit der App Player FM offline!
Gehen Sie mit der App Player FM offline!
))
CCT 254: Understanding APIs for the CISSP Exam (Domain 8.5)
Manage episode 489060746 series 3464644
Inhalt bereitgestellt von Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
Check us out at: https://www.cisspcybertraining.com/
Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout
Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv
Cybersecurity vulnerabilities continue to emerge in unexpected places, as evidenced by the recent Iranian-backed attacks on U.S. water treatment facilities through poorly secured Unitronics PLCs. This alarming development sets the stage for our deep dive into API security - a critical yet often overlooked aspect of modern cybersecurity strategy.
APIs form the connective tissue of our digital world, enabling seamless communication between different software systems. However, this interconnectivity creates numerous potential entry points for attackers. From RESTful APIs with their statelessness to enterprise-focused SOAP protocols and the newer GraphQL systems, each implementation brings unique security challenges that must be addressed proactively.
We explore the most common API security threats facing organizations today: injection attacks that exploit poorly coded interfaces, broken authentication mechanisms that enable unauthorized access, sensitive data exposure through improper configurations, and man-in-the-middle attacks that intercept communications. Understanding these threats is just the beginning - implementing robust countermeasures is where real security happens.
Authentication and access controls form the foundation of API security. OAuth, OpenID Connect, and token-based authentication systems provide powerful protection when implemented correctly. However, token management practices - including secure storage, proper revocation procedures, and regular refreshing - are equally critical yet frequently overlooked components of a comprehensive security strategy.
API gateways emerge as perhaps the most valuable security control in your arsenal. Acting as centralized checkpoints, they provide enhanced visibility, consistent authentication enforcement, traffic throttling capabilities, and simplified management across numerous API connections. Cloud-based API gateways from major providers offer scalability and robust features that on-premises solutions struggle to match.
Beyond the technical controls, we discuss the human element of API security. The most secure implementations balance protection with functionality while fostering collaboration between security professionals and developers. As I emphasize throughout the episode, effective security isn't about forcing compliance - it's about building bridges of understanding between teams with different expertise.
Ready to strengthen your API security posture or prepare for your CISSP exam? Visit cisspcybertraining.com for free questions, comprehensive courseware, and a proven blueprint for certification success.
Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
Kapitel
1. Episode Introduction (00:00:00)
2. Water Facility Hacks & Security Risk (00:01:32)
3. API Security Fundamentals (00:04:48)
4. Common API Security Threats (00:08:00)
5. Authentication & Access Controls (00:11:55)
6. API Gateways & Management (00:16:35)
7. Testing & Best Practices (00:28:22)
8. Final Thoughts & Resources (00:38:24)
282 Episoden
Teilen
Manage episode 489060746 series 3464644
Inhalt bereitgestellt von Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
Check us out at: https://www.cisspcybertraining.com/
Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout
Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv
Cybersecurity vulnerabilities continue to emerge in unexpected places, as evidenced by the recent Iranian-backed attacks on U.S. water treatment facilities through poorly secured Unitronics PLCs. This alarming development sets the stage for our deep dive into API security - a critical yet often overlooked aspect of modern cybersecurity strategy.
APIs form the connective tissue of our digital world, enabling seamless communication between different software systems. However, this interconnectivity creates numerous potential entry points for attackers. From RESTful APIs with their statelessness to enterprise-focused SOAP protocols and the newer GraphQL systems, each implementation brings unique security challenges that must be addressed proactively.
We explore the most common API security threats facing organizations today: injection attacks that exploit poorly coded interfaces, broken authentication mechanisms that enable unauthorized access, sensitive data exposure through improper configurations, and man-in-the-middle attacks that intercept communications. Understanding these threats is just the beginning - implementing robust countermeasures is where real security happens.
Authentication and access controls form the foundation of API security. OAuth, OpenID Connect, and token-based authentication systems provide powerful protection when implemented correctly. However, token management practices - including secure storage, proper revocation procedures, and regular refreshing - are equally critical yet frequently overlooked components of a comprehensive security strategy.
API gateways emerge as perhaps the most valuable security control in your arsenal. Acting as centralized checkpoints, they provide enhanced visibility, consistent authentication enforcement, traffic throttling capabilities, and simplified management across numerous API connections. Cloud-based API gateways from major providers offer scalability and robust features that on-premises solutions struggle to match.
Beyond the technical controls, we discuss the human element of API security. The most secure implementations balance protection with functionality while fostering collaboration between security professionals and developers. As I emphasize throughout the episode, effective security isn't about forcing compliance - it's about building bridges of understanding between teams with different expertise.
Ready to strengthen your API security posture or prepare for your CISSP exam? Visit cisspcybertraining.com for free questions, comprehensive courseware, and a proven blueprint for certification success.
Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
Kapitel
1. Episode Introduction (00:00:00)
2. Water Facility Hacks & Security Risk (00:01:32)
3. API Security Fundamentals (00:04:48)
4. Common API Security Threats (00:08:00)
5. Authentication & Access Controls (00:11:55)
6. API Gateways & Management (00:16:35)
7. Testing & Best Practices (00:28:22)
8. Final Thoughts & Resources (00:38:24)
282 Episoden
Todos los episodios
×
Willkommen auf Player FM!
Player FM scannt gerade das Web nach Podcasts mit hoher Qualität, die du genießen kannst. Es ist die beste Podcast-App und funktioniert auf Android, iPhone und im Web. Melde dich an, um Abos geräteübergreifend zu synchronisieren.
Ähnelt CISSP Cyber Training Podcast - CISSP Training Program
An award-winning cannabis podcast for women, by women. Hear joyful stories and useful advice about cannabis for health, well-being, and fun—especially for needs specific to women like stress, sleep, and sex. We cover everything from: What’s the best weed for sex? Can I use CBD for menstrual cramps? What are the effects of the Harlequin strain or Gelato strain? And, why do we prefer to call it “cannabis” instead of “marijuana”? We also hear from you: your first time buying legal weed, and how ...
…
continue reading
1
Real English Conversations Podcast – English for Global Professionals | Speak Clearly & Confidently at Work
Real English Conversations: Amy Whitney & Curtis Davies - English Podcast
1k41
🚀 Real English Conversations – English for Global Professionals Are you an international professional working in English? Do you need to speak confidently and naturally in high-stakes business situations? You’ve just found your competitive advantage. 🎧 Welcome to the Real English Conversations Podcast — the go-to resource for intermediate to advanced English learners who want to communicate like a professional, not like a textbook. Hosted by Teacher Curtis Davies, Confidence, Pronunciation & ...
…
continue reading
Are you looking for more happiness, success and vitality in your life? Get inspired each week with wellness and performance expert, Integrative Medicine Fellow, author & keynote speaker, Kristel Bauer. Live Greatly shares empowering conversations and insights about happiness, wellness & success to support your personal and professional development. Kristel talks with top experts, leaders and inspiring individuals to help you embrace a growth mindset and excel in your work/life. Kristel then ...
…
continue reading
The key to learning Korean is how easy it is to stay motivated to learn the language. At TalkToMeInKorean.com, we provide a systematic curriculum of easy-to-follow lessons, and a wide selection of self-study Korean-learning books!
…
continue reading
Culips English Podcast: Practical English Learning Made Fun Learn and Explore: Join Culips for an exciting English learning journey. Our podcast focuses on teaching English idioms, slang, and phrasal verbs through fun and engaging conversations. Each episode helps you master English for real-life situations. Unique Learning Experience: Culips stands out by blending language skills with cultural insights. Our diverse hosts make learning relatable, covering a variety of everyday topics. You’ll ...
…
continue reading
Being positive is up to you. When you understand how your mind works, you really can create the life you desire.
…
continue reading
Named by Oprah as a thought leader for the next generation and one of Inc.’s 500 fastest growing companies, Marie Forleo’s goal is to help you become the person you most want to be. In this show, Marie and her guests share actionable strategies for greater happiness, success, motivation, creativity, productivity, love, health, contribution and fulfillment — often with a lot of laughs. From business, marketing and career advice, to tackling failure, disappointment and fear, to philanthropy an ...
…
continue reading
You can't save your way to your dream life anymore. The truth is, you’re gonna need to learn to make more money. The Travis Makes Money Podcast is not your typical personal finance show. Rather than shaming you for buying a Starbucks coffee or pressuring you to become a billionaire, we focus on empowering you to make more money so you can enjoy life today while preparing for your future. You don’t have to cut back so much that you miss out on the present, and you don’t need to become the nex ...
…
continue reading
The Voice of ASWJ Australia. Listen to & Download Our Latest Programs. Topics: Aqeedah (Creed), Tafsir Qur'an, Islamic Fiqh, History, Youth & Community programs, Medical & Health programs and much much more. Podcasts are in Arabic & English.
…
continue reading
Learn German in coffee-break lessons from the Radio Lingua Network. In each lesson we'll focus on the language you need to know and before long you'll be making yourself understood with native German speakers. 386357 Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Player FM - Podcast-App
Gehen Sie mit der App Player FM offline!
Gehen Sie mit der App Player FM offline!
