019 - What Counts as a Security Breach (and What Doesn't)

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/24/23/90/2423905b-487e-2520-3ad2-00f478b6fc6d/mza_7073609555861685168.jpg/600x600bb.jpg

SysAdmin Weekly

Andy Syrewicze and Eric Siron

29 episodes

5 days ago

Welcome to the SysAdmin Weekly Podcast, your go-to source for IT-related content tailored to busy system administrators in the trenches. Hosted by longtime sysadmins and Microsoft MVPs Andy Syrewicze and Eric Siron, this show dives deep into the challenges and solutions that matter most to sysadmins on any given day. From technical know-how to real-world insights, SysAdmin Weekly is dedicated to those tireless professionals who keep our digital world running. Tune in for relevant topics, expert advice, and engaging discussions to make your busy schedule a little bit easier.

Technology

RSS

All content for SysAdmin Weekly is the property of Andy Syrewicze and Eric Siron and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/43491027/43491027-1744907546315-ca57736645d66.jpg

019 - What Counts as a Security Breach (and What Doesn't)

SysAdmin Weekly

54 minutes 8 seconds

2 months ago

019 - What Counts as a Security Breach (and What Doesn't)

"Compromised." We throw the word around like everyone agrees what it means, but do we?

This week, Andy and Eric dig into the many faces of compromise in a security context and why it’s not a simple definition

In this episode:

- What actually counts as a security compromise (and why the answer is “it depends”)

- Full breach vs. partial breach: Does it even matter?

- Why lateral movement should keep you up at night

- Session token hijacking in M365 and why MFA isn’t a silver bullet

- The Myth of the Green Matrix Terminal Hacker (aka Hollywood hacking nonsense)

- How risk profiling and layered defenses can contain the blast radius

- Real-world detection failures and the “10,000 alert problem”

- Practical steps to tune logs, outsource monitoring, and avoid burnout

📬 Reminder! - You can subscribe to the SysAdmin Weekly Companion Newsletter (link below) or email your own security horror story to contact@sysadminweekly.com!

Episode Resources:

- SysAdmin Weekly Companion Newsletter

- AndyOnTech

- Project Runspace

- SysAdmin Weekly 012 - Identity is the New Firewall

- Evilginx (Reverse Proxy Phishing Toolkit)

- Debian 13 “Trixie” Release Notes

- Ghost CMS Overview