All Episodes
Displaying 101 - 120 of 130 in total
Episode 101: Attack Surface Management in Action
You can't protect what you can't see. In this episode, we explore the evolving discipline of attack surface management (ASM)—a proactive process that helps security te...
Episode 102: Secure Coding Best Practices for Analysts
You don’t need to be a developer to influence secure code—but you do need to understand what secure coding looks like. In this episode, we break down the most importan...
Episode 103: Secure Software Development Lifecycle (SDLC)
Security that begins in production is already behind schedule. In this episode, we take a holistic view of the Secure Software Development Lifecycle (SDLC), explaining...
Episode 104: Threat Modeling for Analysts
What if you could anticipate the attacker’s plan before they even launch it? In this episode, we introduce threat modeling as a method for identifying and prioritizing...
Episode 105: Domain 2 Review – From Scanning to Secure Development
Before moving forward, it’s time to reflect. In this comprehensive recap, we walk through the critical knowledge areas covered in Domain 2: Vulnerability Management. F...
Episode 106: Domain 3 Overview – Mastering Incident Response and Management
Welcome to Domain 3 of the CySA+ PrepCast, where we move from prevention and vulnerability management into response and containment. In this episode, we provide an ove...
Episode 107: Cyber Kill Chains – From Recon to Exploitation
To stop an attack, you must understand its progression. In this episode, we explore the Lockheed Martin Cyber Kill Chain—a widely used framework that maps the stages o...
Episode 108: The Diamond Model of Intrusion Analysis
What happens when we move beyond events and look at the relationships between adversaries, capabilities, victims, and infrastructure? In this episode, we introduce the...
Episode 109: MITRE ATT&CK Framework for Analysts
In this episode, we explore the MITRE ATT&CK Framework—a living matrix of adversary behaviors that has transformed how cybersecurity professionals track and respond to...
Episode 110: Open Source Security Testing Methodology Manual (OSSTMM)
The OSSTMM is often overlooked—but it provides a rigorous, standards-based approach to security testing that aligns with the goals of CySA+ and many compliance framewo...
Episode 111: Indicators of Compromise (IoCs) – Detection Foundations
Detecting an attack starts with recognizing the signs. In this episode, we explore Indicators of Compromise (IoCs)—artifacts that suggest an organization may have been...
Episode 112: Evidence Acquisition and Chain of Custody
Once an incident is detected, preserving evidence becomes a top priority. In this episode, we walk through the evidence acquisition process—from initial identification...
Episode 113: Data and Log Analysis During an Incident
Raw data becomes actionable intelligence when it’s properly analyzed. In this episode, we focus on the data and log analysis process during an incident, explaining how...
Episode 114: Containment, Eradication, and Recovery Phases
Detecting an incident is only the beginning. In this episode, we examine the containment, eradication, and recovery phases of incident response—what they are, how they...
Episode 115: Incident Preparation – Building a Response Program
The best incident response doesn’t start with detection—it starts with preparation. In this episode, we walk through the preparation phase of the incident response lif...
Episode 116: Post-Incident Activity and Organizational Learning
Once the smoke clears, the real improvement begins. In this episode, we explore the post-incident phase of the incident response lifecycle. You’ll learn how forensic a...
Episode 117: Domain 4 Overview – Reporting and Communication in Cybersecurity
Welcome to Domain 4 of the CySA+ PrepCast. In this episode, we introduce the principles of reporting and communication—critical soft skills that define how technical f...
Episode 118: Vulnerability Management Reporting Essentials
In this episode, we break down the core components of a vulnerability management report. You’ll learn how to organize and present data on discovered vulnerabilities, a...
Episode 119: Creating and Understanding Compliance Reports
Security isn't just about stopping threats—it's also about proving due diligence. In this episode, we explore how security teams create and interpret compliance report...
Episode 120: Action Plans and Remediation Communication
Once vulnerabilities are identified, the work isn’t done—it’s just beginning. In this episode, we explore how analysts develop and communicate action plans for address...
