Publications and Presentations by Teri Radichel

Teri Radichel is a professional cybersecurity speaker, trainer, and author. The following are links to some of her past presentations, articles, blog posts, books, and security classes. For more information please follow Teri on Twitter @teriradichel, contact her on LinkedIn, or visit the 2nd Sight Lab website to see services she offers such as cloud security training, cloud penetration testing and cloud security assessments.

Cybersecurity Books

Cybersecurity for Executives in the Age of Cloud.

Learn about cybersecurity fundamentals such as networking, identity and credentials, encryption, vendor assessments, supply chain security, security automation, DevOps and more. Written at the executive level…


2nd Sight Lab cloud security news and notable cyber security industry information for the week of May 1–7, 2021

2nd Sight Lab | Cybersecurity | Vulnerabilities | Malware | Threat Reports | Breaches and Attacks | Cost of a Data Breach | Laws & Legal | Investments

2nd Sight Lab News

It’s official. We’re moving. 2nd Sight lab has new office space and we’re working on all the related moving details at the moment. We’re working on cloud penetration tests and security assessments for cloud accounts and cloud security products at the same time so we’ve been extra busy.


2nd Sight Lab cloud security news and notable cyber security industry information for the week of April 24 — April 30, 2021

2nd Sight Lab | Cybersecurity | Vulnerabilities | Malware | Threat Reports | Breaches and Attacks | Cost of a Data Breach | Laws & Legal | Investments

2nd Sight Lab News

Teri Radichel, CEO of 2nd Sight Lab, will be presenting at CloudLIVE 2021 ~ a cloud security conference from CloudHealth by VMWare. This presentation will cover five top threats to your cloud and how to defend against them. Find out why breaches are occurring and more effective risk management strategies to defend against them. Register today!

Cybersecurity

A group prepared a report with strategies for combatting ransomware. It…


Cybersecurity History from a British Perspective

Cyber Spies

I recently listened to Cyber Spies, by Gordon Corera as an audiobook.

Did you know that prior to the prevalence of NSA spying, the British were intercepting much of the world’s communications? How about the fact that a French spy first alerted the US that Russia stole plans for an American military plane?

Do you know the story of the secret recipe for a prized Chinese tea that was stolen by India in an early form of corporate espionage? Perhaps this event kicked off rounds of retaliation that spread into cyberspace. The book doesn’t say this but it made me…


Google Chrome overrides system DNS settings in some cases, possibly bypassing third-party security services and tools.

I wrote a blog post about a great service from CloudFlare you can use to easily block known malicious and unwanted domains when browsing the web. Additionally, some companies block unwanted TLDs completely as I wrote about in this article on Indicators of Compromise in DNS Logs a few years ago.

Unfortunately, if you are using Google Chrome, your attempts to use DNS to protect end-users or yourself may be thwarted if a malicious or unwanted domain is blocked by DNS servers or services, but not by Google DNS servers. Some have pointed out differences between NXDOMAIN responses and 0.0.0.0…


2nd Sight Lab cloud security news and notable cyber security industry information for the week of April 10–16, 2021

2nd Sight Lab | Cybersecurity | Vulnerabilities | Malware | Threat Reports | Breaches and Attacks | Cost of a Data Breach | Laws & Legal | Investments

2nd Sight Lab News

Teri Radichel, CEO of 2nd Sight Lab, will be presenting at CloudLIVE 2021 ~ a cloud security conference from CloudHealth by VMWare. Find out how to protect yourself from recent cloud breaches and secure your cloud accounts. More soon but get registered today!

If you are an IANS customer 2nd Sight Lab now offers classes through IANS. That may make it easier for existing IANS customers to take…


A break from cybersecurity to see some beautiful things

You may have seen my other blog posts about travels, road trips, and my move across the county. I took the cross-country move as an opportunity for a break and another road trip. It was so great to finally get out after being extremely cautious and barely leaving my house for so long.

As with cybersecurity we took appropriate measures to reduce risks. I got additional roadside assistance insurance to get help should the car have any issues along the way. Both I and my co-pilot on this adventure had had one vaccination shot. I tested negative for the virus…


Choose the correct flow for the application you’re building

I get a lot of questions about authentication and authorization on my cybersecurity consulting calls. I’ve also seen presentations on JWT, OAuth, and OpenID Connect missing critical aspects of secure implementations. When I’m performing penetration tests on AWS, Azure, and GCP, I often find mistakes in these areas. Make sure you understand all the details of this critical security control to avoid leaving your application open to attacks.

Sometimes developers mistakenly think because they are using JWTs, OAuth, and OpenID connect, they are secure. These acronyms are thrown around a lot but just implementing these technologies is not enough. …


How to take a more holistic approach to cloud security

In my experience taking many different types of cybersecurity classes and listening to presentations, I felt like I learned things abstractly and in pieces. Instead of getting a blueprint for a house, I got a hammer and some nails in one class and some lumber in another and instructions for the plumbing in yet another class but now how it fits into the overall architecture.

For example, you might learn about the OWASP top 10 which deals with application security in one class. In another class, you might learn about dissecting network packets and looking at the payloads to determine…

Teri Radichel

Cloud Security Training and Penetration Testing | GSE, GSEC, GCIH, GCIA, GCPM, GCCC, GREM, GPEN, GXPN | AWS Hero | Infragard | IANS Faculty | 2ndSightLab.com

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store