All Episodes
Displaying 21 - 40 of 63 in total
Episode 20 — Determine Attack Surface Fast: Trust Boundaries, Data Flows, Code Reviews, Discovery
This episode focuses on rapid attack surface determination, a skill SecurityX tests because it underpins secure architecture decisions, threat modeling, and incident r...
Episode 21 — Model Threat Applicability: Control Selection With and Without Existing Systems
This episode teaches you how to decide whether a threat is actually applicable to a given environment and, more importantly, how that decision changes the controls you...
Episode 22 — Secure AI Adoption: Prompt Injection, Data Poisoning, Model Theft, and Model DoS
This episode focuses on the security risks that emerge when organizations adopt AI capabilities, with emphasis on the threat categories SecurityX is most likely to pro...
Episode 23 — Reduce AI Risk: Guardrails, DLP, Permissions, Disclosure, and Overreliance Traps
This episode teaches how to reduce AI risk in ways that are measurable and enforceable, because SecurityX questions often reward controls that limit blast radius and p...
Episode 24 — Design Resilient Systems: Component Placement for Firewalls, IDS/IPS, WAF, VPN, NAC
This episode explains resilient security architecture through the lens of component placement, because SecurityX frequently tests whether you understand where controls...
Episode 25 — Engineer Availability and Integrity: Scaling, Recoverability, Persistence, Geography
This episode teaches how to engineer availability and integrity into systems as first-class requirements, a theme SecurityX tests by presenting outages, replication fa...
Episode 26 — Define Security Requirements Early: Functional, Non-Functional, and Usability Tradeoffs
This episode focuses on defining security requirements early enough that they shape design, budgeting, and testing, because SecurityX commonly penalizes late-stage “bo...
Episode 27 — Build Security Through the SDLC: Coding Practices, Reviews, Testing, and Retesting
This episode teaches how to embed security into the software development lifecycle so weaknesses are prevented and detected repeatedly, which is why SecurityX often as...
Episode 28 — Handle Supply Chain Risk in the SDLC: Software, Hardware, Assurance, and EOL
This episode focuses on supply chain risk inside the SDLC, because SecurityX increasingly tests whether you understand that modern systems are assembled from third-par...
Episode 29 — Integrate Controls Into Secure Architecture: Defense-in-Depth, Hardening, Legacy Reality
This episode teaches how to integrate controls into an architecture so security is layered, intentional, and resilient to single failures, which is why SecurityX frequ...
Episode 30 — Enable Detection by Design: Central Logging, Monitoring, Alerting, and Sensor Placement
This episode focuses on designing detection as an architectural feature rather than an afterthought, because SecurityX scenarios often hinge on whether your monitoring...
Episode 31 — Design Data Security Controls: Classification Models, Labeling, and Tagging Strategies
This episode teaches how to design data security controls that start with classification and become enforceable through consistent labeling and tagging, because Securi...
Episode 32 — Operationalize DLP Architecture: At Rest, In Transit, and Data Discovery
This episode explains how to operationalize data loss prevention as an architecture, not a single tool, with attention to the three places SecurityX scenarios commonly...
Episode 33 — Secure Hybrid Architectures and Third-Party Integrations Without Weak Trust Boundaries
This episode teaches how to secure hybrid architectures and third-party integrations by focusing on trust boundaries, identity assertions, and data flow controls, beca...
Episode 34 — Measure Control Effectiveness: Assessments, Scanning, and Metrics That Drive Action
This episode focuses on measuring control effectiveness in ways that produce decisions, because SecurityX often rewards answers that prove a control is operating as in...
Episode 35 — Design Secure Access Systems: Provisioning, Deprovisioning, Federation, and SSO
This episode teaches how to design secure access systems from end to end, because SecurityX frequently tests whether you understand that the safest authentication meth...
Episode 36 — Apply Access Control Models Precisely: RBAC, ABAC, MAC, DAC, and Enforcement Points
This episode builds the access control model precision that SecurityX loves to test, because many exam questions are really asking whether you can match a governance r...
Episode 37 — Build PKI Architecture That Works: CA/RA, Templates, OCSP Stapling, Certificate Types
This episode explains how to build PKI architecture that works in production, which SecurityX tests because certificate failures can cause outages, trust breakdowns, a...
Episode 38 — Secure Physical and Logical Access Control Systems With Auditable Decisions
This episode teaches how to secure physical and logical access control systems as one coherent capability, because SecurityX often tests whether you understand that ph...
Episode 39 — Securely Implement Cloud Capabilities: CASB, CI/CD, Containers, Serverless, API Security
This episode focuses on securely implementing cloud capabilities in a way that keeps pace with delivery, because SecurityX commonly tests cloud scenarios where the cor...