20

I'm a hard core dyslectic who wants to read up on all things security without the reading part. So I want to know what good high quality security podcasts are there? I'm interested in almost everything ranging from crypto to the latest scam.

I was listening to Security Now for a while but it was becoming repetitive and only focusing on the latest windows bugs (but for people like me then I have to recommend episode 1-50, they are very interesting a bit old but good). And that's why I want a new source of information.

EDIT!

I did not know this at he time of my post but Steve Gibson - one of the co hosts and the "expert" on Security Now - is also on attrition.org

Michael
  • 2,118
  • 15
  • 26
KilledKenny
  • 1,662
  • 4
  • 19
  • 28
  • 1
    Related question for developers: http://security.stackexchange.com/questions/571/what-security-resources-should-a-white-hat-developer-follow-these-days – makerofthings7 Apr 15 '11 at 03:35
  • see https://archive.org/details/stevegibsoninterviewrawsocketsgrc see 45:15 into that file he admits he "set up a deliberate disinformation campaign from the beginning" and try to find articles from the old site grcsucks. – barlop May 07 '14 at 22:16

10 Answers10

18

As someone who spends a lot of time listening to podcasts I'll rattle off a few I've found to be very enjoyable.

Eurotrash Security Podcast

Probably my favourite podcast as it's European albeit a bit light on technical content. News and chat based mainly. They cover a lot of the conferences which is good if you can't get to many (like me). The European slant on the news is particularly good as there is quite a difference between US data privacy law and European so often there are considerations which don't get covered on the other podcasts I'll now list.

I also enjoy their MicroTrash podcasts. Short interviews with people, typically regarding their talks at conferences.

Pauldotcom Security Weekly

Almost the de facto security podcast. Despite the advertising and the stick they get for being corporate I still rate this as just about the best podcast all round (if it weren't for my European bias it would be my favourite). The show provides regular segments of news, interviews and technical stuff. Lots of in jokes so I suggest you download the back catalogue (I did, took me about six months to get through it, they've been going five years).

Exotic Liability

What can you say about this one? If you're looking for pound-for-pound security content then EL is perhaps a bit lighter than the others but what you do get is the unique view of the world shared by Chris Nickerson and Ryan Jones. Be prepared for lots of swearing, outrageous, completely inappropriate jokes that will leave you crying with laughter in the car (or wherever you listen) grateful that no-one knows what you were laughing at. You're going to hell if you listen. ;-)

In between the laughs what you will get is straight-talking, no nonsense opinion on the state of information security today. Chris and Ryan's qualification to discuss security is beyond question (for me anyway) and sometimes you can learn an awful lot from a throw-away comment from one of those guys. They get your brain thinking about security in the right way imho. Nickerson focuses on security from a perspective of business impact. CEO's don't care if you got "root". They do care if you got their data.

Social Engineer Podcast

This is another excellent podcast focused, as you might imagine from the name, on the human element of security. The guys behind it include Muts and Chris from Offensive Security (think BackTrack) and Rel1k (Dave Kennedy) who wrote the Social Engineering Toolkit (SET).

The thing I like about it is they have a guest interview each month who is nothing to do with security, typically. They try to interview people who use social engineering skills, such as framing, micro-expressions or plain acting, in their day-to-day jobs in order to get a much broader view of the world of human manipulation. If you enjoy human psychology like me it's fascinating.

Southern Fried Security Podcast

Only listened to a couple of episodes of this but I enjoyed the short, news focused format. They tend to keep it to half an hour.

Infosec Daily Podcast

Literally it's daily. I've got a massive stack to listen to and again, I've only managed to listen to a couple but again, the guys behind it are well regarded in the industry so got to be worth a listen.

Security Justice is also supposed to be good although I've not listened to any of those yet. This is co-hosted by Jack Daniel, someone again who is well regarded in the industry.

All of these are easy to find in iTunes, if I can work out how to extract a link from iTunes to each I'll try and post them on here later.

Marc Wickenden
  • 671
  • 3
  • 6
12

In addition to some of the ones listed above another excellent source of news and commentary is risky.biz. Based out of Australia, it has some good local content as well as coverage of the big global security stories. Well produced and winner of some online media awards, this is worth a listen.

Peter T
  • 121
  • 3
4

Pauldotcom's Security Podcast is very interesting and talks about a wide range of security topics

In addition, SecuraBit's podcast is equally as intensive.

Both of these offer discussions of vulnerabilities and other assorted security topics and they also often have guest speakers from the industry. Both great resources!

PalmerBomber
  • 347
  • 4
  • 7
4

There is a new one that was just launched by the guys that make .NET Rocks, RunAs, etc, called Lock Down: http://www.lockdownpodcast.com/

With any luck it'll turn into a decent podcast.

Steve
  • 15,155
  • 3
  • 37
  • 66
4

Despite the negative references I (also a dyslexic and very auditory) find gems in the Security Now podcasts with Leo Laporte and Steve Gibson. All the 297 weekly episodes are online with complete google-able text transcripts (not the mark of a charlatan in my book). CISSP recognizes the podcasts as continuing education. These are weekly. If you want 30 minutes monthly discussing meta level details the IEEE/Cigital Silver Bullet Security Podcast is a good listen.

zedman9991
  • 3,377
  • 15
  • 22
3

I only ever listened to the OWASP Podcast.

I would assume that most other answers, are, ahem -- terrible -- or terrifying (and/or boring), because well -- they just are.

Like, for example, one time I finished an episode of SecuraBit, at least according to my Google Listen records, but I don't remember the show or who that guy was who they interviewed, or even who they are. Completely unremarkable and literally that uninteresting. Like most podcasts.

atdre
  • 18,885
  • 6
  • 58
  • 107
  • 2
    I forgot to note my bias since I helped run some of the OWASP Podcasts as like an editor or commentary filler or something. Don't listen to any except for the ones filled with Italians or Persians -- you can usually tell by their last names or the countries that they are from or have lived in. Or at the very least start with those ones. – atdre Apr 14 '11 at 21:24
3

Exotic Liability is undergoing some big changes, most notably, it's losing Nickerson. He said the new corporate sponsors thought he was too vulgar. That vulgarity was actually just what myself (and a few others I know) needed. Here's an e-mail he put out back on April 1:
" A message to all members of EL

All,

We have had a good run. After almost 2 years and 70 episodes we have finally caved in to the pressures above. Like all good things have to come to an end, this too is a sad day for us. Luckily, the newly formatted site EL has gained a number of amazing corporate sponsors and will continue on. EL will continue to bring you high quality security content but with a new look and feel . EL hopes to keep you all as listeners and I will definitely remain one of them.

Unfortunately, in the re-branding of the site there have been some staff changes. I have removed myself from the show to support them from afar. I was apparently too vulgar for the new syndicated network and had to go in order for Lizzieand Lix to get the amazing funding they have gotten. Thank you for listening.... and keep on keeping on....

This is not the last you will hear from me on the show but please.... keep what we built something to remember!

Nickerson

Visit EL at: http://www.exoticliability.com/?xg_source=msg_mes_network "

harley
  • 391
  • 2
  • 4
1

Security Now by Steve Gibson is entertaining, and you can learn a lot by listening over the archives.

Full transcripts on the website are a nice touch too.

ℳ  .
  • 153
  • 4
  • 4
    Isn't Steve Gibson on the attrition.org Errata/Charlatans page -- http://attrition.org/errata/charlatan/ -- looks like he is. Oops, -1 for you! – atdre Apr 15 '11 at 07:53
  • 1
    @atdre - I hadn't seen the charlatans page before. Thanks! Good to see Mr Evans up the top of that list :-) – Rory Alsop Apr 15 '11 at 10:05
  • 2
    Wow, I'd never seen this list before. Seems I have some reading to do. :-) – ℳ  . May 03 '11 at 06:30
1

Many of these podcasts seem to be gone now. Three current and active good ones are:

Defensive Security Podcast

Down the Rabbit Hole Podcast

user53042
  • 11
  • 1
0

SANS Daily "Stormcast" https://isc.sans.edu/podcastdetail.html ;-). Daily 5 minute infosec news summary.

ISC
  • 9
  • 1
  • 1
    This is only of my favorite InfoSec podcasts, and one of only two that I personally feel is valuable enough to try to catch every episode. – Xander Oct 19 '16 at 18:43
  • How can a 5 minutes daily summary possibly qualify as a "good high quality security podcast"? – UTF-8 Oct 19 '16 at 18:54