All Episodes
Displaying 41 - 52 of 52 in total
Making Sense of API Authentication with OAuth and JWT
API authentication is one of those areas where a simple “just use tokens” answer quickly runs into messy reality. In this audio edition of my Tuesday “Insights” featur...
How Security Champions Change the Security Conversation
Security teams are almost always outnumbered by the volume of product ideas, feature changes, and platform migrations moving through an organization. In this episode, ...
Keeping API Keys, Tokens, and Passwords Out of the Wrong Hands
Secrets management for API keys, tokens, and passwords is often the quiet difference between a minor configuration mistake and a major breach. In this narrated audio v...
Turning SIEM Events Into Actionable Signals
If your Security Information and Event Management (SIEM) platform feels like a wall of noise, this episode is for you. We walk through what SIEM use cases really are, ...
Third-Party Risk Questions That Actually Matter
This audio episode explores Third-Party Risk Management (TPRM) as a practical, everyday part of how your organization works with vendors, cloud platforms, and service ...
When Source Code Spills Keys, Tokens, and Credentials
When secrets leak into source code, they rarely announce themselves with flashing lights. In this audio companion to Bare Metal Cyber’s Tuesday “Insights” feature, we ...
Building Security Into CI/CD Without the Buzzwords
This narrated episode explores DevSecOps in CI/CD pipelines as a practical way to build security into the same paths your code already takes from commit to production....
Turning MITRE ATT&CK into a Defense Roadmap
Threat-informed defense can feel abstract until you connect it directly to how real attackers move through your environment. In this narrated breakdown, we walk throug...
Triage 101 – What Really Happens After an Alert Fires
When a security alert fires, what really happens in those first few minutes? This narrated edition of our Tuesday “Insights” feature in Bare Metal Cyber Magazine walks...
Reading Your Environment Through Logs, Events, and Alerts
In this episode of Bare Metal Cyber’s Tuesday “Insights” feature, we unpack how security logs, events, and alerts can move from noisy fragments to a clear, trustworthy...
Making Sense of Security Control Types
Security controls are often described as policies, tools, and processes, but in practice they shape how your defenses behave before, during, and after an incident. In ...
Making Defense in Depth Actually Work
Defense in depth is one of those phrases everyone uses, but few teams can clearly describe in terms of everyday work. In this narrated edition of our Tuesday “Insights...