The Southern Fried Security Podcast
Join Andy Willingham, Martin Fisher,Steve Ragan, Yvette Johnson, and Joseph Sokoly as they discuss information security, news, and interview interesting people. Get in the discussion at

Well, if the Mayans got it right this is gonna be the final episode of our three year run....but we're not holding our breath.

Andy and Martin talk about the Top 5 Stories of 2012 and share what they think 2013 will be "The Year of"...

Be sure to join Martin at Shmoocon in February for his talk on Bringing The Sexy Back to Defense In Depth...

Direct download: SFS_Podcast_-_Episode_94.mp3
Category:podcasts -- posted at: 8:55pm EDT

Join Martin, James (@myrcurial) Arlen, and Alex (@alexhutton) Hutton as they record the final microcast from SecZone 2012....

We promise that no hackers or podcasters were injured during the recording of this podcast.

Direct download: Microcast_3_from_SecZone.mp3
Category:microcasts -- posted at: 4:13pm EDT

Martin takes a few minutes to talk to Andy Ellis (known better to some as @csoandy), Chief Security Officer for Akamai and James Arlen (@myrcurial) to talk about their presentations coming up at SecZone 2012.  There's also a brief discussion of how the "Cabana Track" is working out here.

Direct download: SFS_Podcast_-_Cali_Microcast_2.mp3
Category:microcasts -- posted at: 7:13pm EDT

Welcome to Cali!

Martin is attending and speaking at SecZone 2012 in Cali, Colombia this week.  In this first microcast we talk with Ed Rojas who is the organizer, chief host, and Main Man of SecZone.

The audio quality is not quite what we'd like it to be...we'll try to find quieter locations for future microcasts.

Direct download: SFS_Podcast_-_SecZone_Microcast_1.mp3
Category:microcasts -- posted at: 7:25am EDT

This evening, Martin, Steve, Andy, and Joseph Tackled some stuff that just makes you say “duh.”

Starting off, we talked about the exciting Macy’s Thanksgiving Day Ticker Tape Parade, which unleashed confidential data upon unsuspecting parade watchers:,0,4718007.story

We went straight from there to a sticky topic that’s been making the rounds lately about AT&T:

To lighten the mood, we talked about some of Facebook’s recent decisions and how it’s affecting the greater Facebook population:

We also talked about good friend of the podcast Wendy Nather’s article on Threat Intelligence Hype:

And as a reference for those of you interested in the incident response report for South Carolina that we discusses a few weeks back, that’s available for public viewing now:

As always, you can find the podcast here or on iTunes:
And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter.

Direct download: SFS_Podcast_-_Episode_93.mp3
Category:podcasts -- posted at: 8:41pm EDT

Martin, Andy, and Steve get together to talk about....

3 Ways (with 2 of them being decent and one a complete FAIL) To Get Execs to Listen About Risk....  (Summary: There is no ROI for Security....)

A typical article on Anon....with some good comments from Steve on OpVendetta

3 smart people and one chucklehead talk to George V. Hulme about BCP/DR when you are using The Cloud

Direct download: SFS_Podcast_-_Episode_92.mp3
Category:podcasts -- posted at: 8:54pm EDT

For the first time in who knows how long, we had the whole crew on the show this evening, and we hit some really fun stories.

First, there are a few upcoming InfoSec events that you might want to be aware of. First, BSidesDFW is this upcoming weekend, November the 3rd: 

Next weekend are three different BSides events, BSidesDelaware, Portland, and Jackson:

Then we jumped into our first story for the evening, the recent breach in South Carolina:

Once our heads stopped spinning from some of those quotes, we went into a pretty cool, old style hack that Barnes and Noble recently disclosed:

From those, we transitioned into a discussion on Incident Response:

As well as Mike Rothman's great article on security tradeoffs:

After our MAD Security Minute for the week, we wrapped up with a discussion of IAM from Darkreading:

As always, you can find the podcast here or on iTunes:
And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter.
Direct download: SFS_Podcast_-_Episode_91.mp3
Category:podcasts -- posted at: 9:26pm EDT

Martin recorded an interview with Matt and Chris talking about an open source project sponsored by SecureState to bring a pragmatic and usable risk framework to "the masses".

You can get more information on iRisk at:

More MAD Security minutes coming starting next episode!

Direct download: SFS_Podcast_-_Episode_90.mp3
Category:podcasts -- posted at: 5:29pm EDT

This evening we had a special guest, the always lovely @securityintern, along with our regular crowd of misfits.

We wasted no time jumping straight in to our stories tonight, led off by good friend of the podcast, Wendy Nather's story on When Monitoring becomes a liability:

We followed that up with an interesting article from Microsoft, discussing malware and software piracy:

And last but not least, we dove into an article the likes of which only comes around every now and then. An article so special and full of wisdom that we had to bring it up:

We close tonight with a brief interview with Martin's co-presenter at HouSecCon, Michelle Klinger.

As always, you can find the podcast here or on iTunes:
And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter.
Direct download: SFS_Podcast_-_Episode_89.mp3
Category:podcasts -- posted at: 8:51pm EDT

Martin got invited to speak (with the always fantastic Michelle Klinger) at HouSecCon 2012 (  We take a couple of minutes to talk with Michael Farnum (@m1a1vet) about the conference.

Direct download: HouSecCon_2012_MicroCast.mp3
Category:podcasts -- posted at: 2:53pm EDT