Purple Squad Security
74 episodes - English - Latest episode: over 3 years ago - ★★★★★ - 20 ratingsInformation Security, InfoSec, CyberSec, Cyber, Security, whatever you call it, we talk about it! From mobiles and desktops to data centers and the cloud, Purple Squad Security is here to help and give back to our community of information security professionals. We cover security topics for the red team, blue team, purple team, whatever team! We are a community of professionals, and this is one man's attempt to give back. CISSP, CISM, CEH credits can be obtained here! Also happy to provide info for OSCP, OSCE, and other Offensive Security certified professionals.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Special Episode - EliteCast Episode 1
January 05, 2021 08:35 - 23 minutes - 16 MBEpisode Notes Here's the first episode of my new podcast, EliteCast! This is intended to be a less technical podcast aimed at business leaders and decision-makers to help explain the importance of information security (or cybersecurity as it's normally called by the target audience). I'm a bit rusty, but I'll get there. Apparently, a 9-month hiatus does that to a man. I hope you enjoy it and you choose to subscribe. It should be live on the usual podcast sites, but if you want the RSS ...
Episode 71 - A Casual Conversation with The Cyber Mentor
March 08, 2020 14:13 - 42 minutes - 29.5 MBHeath "The Cyber Mentor" Adams stops by to have a nice casual chat about how he got into infosec, what he's currently working on, and how he's giving back to the community in a rather novel way. Definitely someone I respect as a great up-and-comer in the industry, this was a fantastic discussion for sure. Some links of interest: Website - https://www.thecybermentor.com/ Company - https://tcm-sec.com/ Discord - https://discord.gg/REfpPJB Twitter - https://twitter.com/thecybermentor You...
Episode 70 - Mul-Tea-Factor with Kat Sweet
February 23, 2020 14:35 - 42 minutes - 29.6 MBKat Sweet (@TheSweetKat) sits down to chat about incident response and security operations, all while sipping tea with me. Some links of interest: Kat's Twitter - @TheSweetKat Kat's Blog - thesweetkat.com Want to reach out to the show? There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Podcast Store: https://purplesquadsec.com/s...
Episode 69 - 2020 Show Update
February 09, 2020 15:10 - 31 minutes - 21.9 MBJohn sits down to talk solo about the show and what's in store for 2020. Some links of interest: EliteSec Website - https://elitesec.io EliteSec Twitter - @EliteSec_io Want to reach out to the show? There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Podcast Store: https://purplesquadsec.com/store Sign-Up for our Slack community...
Episode 68 - All About The Diana Initiative with Circuit Swan
January 20, 2020 02:34 - 40 minutes - 27.6 MBCircuit Swan stops by the show to talk all things Diana Initiative. If you're going to Hacker Summer Camp 2020, you may want to consider adding the Diana Initiative to your list of cons to attend. Some links of interest: Circuit Swan's Twitter: @CircuitSwan Diana Initiative Twitter: @DianaInitiative Website - https://www.dianainitiative.org Want to reach out to the show? There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHer...
Episode 67 - A casual conversation with Snow
December 15, 2019 15:31 - 48 minutes - 33 MBSnow stops by during the winter months to share with us the true origin of her hacker handle, stories from some physical penetration testing, a quick note on her Kringlecon talk, and so much more! A great way to round out the year! Some links of interest: Snow's Twitter: @_sn0ww Want to reach out to the show? There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podca...
Episode 66 - Fireside Chat with Adrian Cheek
December 01, 2019 16:35 - 42 minutes - 29 MBAdrian Cheek stops by the show this week to have a nice fireside chat with me. We talk about passive DNS, which Adrian first introduced to me a few years ago, and then move on to threat hunting. Adrian has a very interesting history and it was a joy to speak with him. Some links of interest: Adrian's Twitter: @Outkast_TI Farsight Passive DNS - https://www.farsightsecurity.com/solutions/dnsdb/ Want to reach out to the show? There's a few ways to get in touch! Purple Squad Security's T...
Episode 65 - Fireside Chat with The Gibson
November 17, 2019 15:21 - 52 minutes - 36.2 MBI'm trying a slightly different format for the next few episodes, and I'd appreciate any feedback you may have. In this episode I sit down with The Gibson, mayor of hackers.town, to talk about a variety of things from the Fediverse, working with the under-serviced SMB market, old school technologies, and the Infosec community as a whole. We're all over the place, but it's a good thing. Just a nice casual conversation talking about things that interest us. Some links of interest: Gibso...
Episode 64 - Fireside Chat with Tanya Janca
November 03, 2019 15:16 - 50 minutes - 35 MBI'm trying a slightly different format for the next few episodes, and I'd appreciate any feedback you may have. In this episode I sit down with the amazing Tanya Janca for a fireside chat about her new company, Security Sidekick. They seem to have some pretty ambitious goals, and I couldn't think of anyone better to help make those a reality. Some links of interest: For Tanya: Tanya's Twitter: https://twitter.com/shehackspurple Tanya's Dev.to Profile: https://dev.to/shehackspurple T...
Episode 63 - Backdoors & Breaches with John Strand
October 20, 2019 14:08 - 42 minutes - 29.6 MBOh what I treat I have for you today! John Strand, former SANS instructor, long time co-host on Enterprise Security Weekly, Founder of Black Hills Information Security, and a whole lot more has taken time out of his busy schedule to stop by and talk about Backdoors & Breaches, the new IR card game from BHIS. Naturally we talk about more than just the game, but it was all as amazing as I had hoped. I trust you will enjoy listening to this one about as much as I enjoyed recording it. Some ...
Episode 62 - #ginfosec with InfoSecSherpa - Empathy as a Service
October 06, 2019 14:52 - 1 hour - 42.5 MBIt's been long enough, and it's time for Tracy "InfoSecSherpa" to return for another #ginfosec episode! This time around we're going to talk about Empathy as a Service, a talk that she recently did at DerbyCon. Soft skills will get you everywhere, and Tracy has some great advice to share about a topic she's very passionate about. Some links of interest: Tracy's Talk - https://www.youtube.com/watch?v=KILlp4KMIPA Tracy's OSINT-y Goodness Blog - medium.com/@InfoSecSherpa Tracy's Twitter -...
Episode 61 – Anniversaries and Updates
September 22, 2019 14:43 - 37 minutes - 25.7 MBAh, I love anniversaries. This is an anniversary episode celebrating 2 years of Purple Squad Security! Just a few personal rants and discussions for those interested in a bit of a behind the scenes view of things here at the show. No guests, just me blathering on about stuff. Enjoy! Some links of interest: Cyber City Website Twitter Podcast Store: https://purplesquadsec.com/store Want to reach out to the show? There's a few ways to get in touch! Purple Squad Security's Twitter: @...
Episode 60 – Tabletop D&D with Ken Johnson & Seth Law from Absolute AppSec
September 01, 2019 13:35 - 1 hour - 46.9 MBThe hiatus is over! Welcome back everyone to the latest episode of the Purple Squad Security podcast! In this episode we have Ken Johnson and Seth Law from the Absolute AppSec Podcast joining me for the latest session of Tabletop D&D. Enjoy! Some links of interest: Absolute AppSec Website Twitter Seth's Twitter Account: @sethlaw Ken's Twitter Account: @cktricky Want to hear about a new Infosec con? If you're in and around the Waterloo region area in October, why not check out Cybe...
Episode 59 – Business Processes in Infosec with Cheerio
July 07, 2019 14:03 - 55 minutes - 1 ByteWorking in information security has its own set of challenges, but aside from the technical challenges, many of us face hurdles within our own workspace. Working with non-technical folks can be painful to most of us, but it doesn't have to be! Cheerio joins me on this week's podcast to talk about how she uses business processes that she's learned from years of being in the small business space and has started to apply them to her role as a Cyber Threat Intelligence analyst! Some links of i...
Episode 58 – Malware Analysis with Kyle Andrus
June 23, 2019 15:12 - 43 minutes - 1 ByteOften times in information security, we look upon penetration testing and red teaming with awe and view those professions as the "sexy" side of security. Truth be told, the defensive side has a lot of exciting opportunities as well! Kyle Andrus joins me this week to talk about malware analysis, which I think is definitely one of the sexier sides of defense. Some links of interest: Practical Malware Analysis Book - https://nostarch.com/malware Cuckoo Sandbox - https://cuckoosandbox.org/ ...
Episode 57 – Tinker After Dark – Tinker Tales by the Fire
June 09, 2019 14:45 - 1 hour - 1 ByteThere were more than a few of you who were anxiously awaiting his return, and he's back! Tinker joins me once again to share some stories from his adventures in hackerland. In addition, I have given Tinker free reign to speak as he chooses, and naturally I participate as well. Fair warning, this is not safe for work or sensitive ears. I do ask that you try not to be offended, as his stories and reflections on those events makes for one excellent episode. Some links of interest: Tinker'...
Episode 56 – John Reads: Choose Your Own Red Team Adventure
May 26, 2019 14:10 - 32 minutes - 1 ByteA few weeks ago, Sam King on Twitter mentioned me in a tweet that included a link to a Medium post, but not just any Medium post. Tim MalcomVetter had posted up an "Choose Your Own Red Team Adventure", which I thought was just amazing! I used to read a lot of choose your own adventure books as a kid, so I was naturally excited! For this episode, I will be going through the story the first time, reading aloud as I try my hand at red teaming against a customer. I hope you enjoy! Some link...
Episode 55 – Talking Privacy with Matt Beland
May 12, 2019 14:11 - 49 minutes - 1 ByteCORRECTION: Early in this episode I mentioned that Amazon would ask for your email password when signing up for a new account. I meant to say Facebook, not Amazon. The practice has since been discontinued, but I wanted to make it clear that this was a Facebook practice, not Amazon. Amazon has not, to the best of my knowledge, ever done something like this. Sorry for the mixup. For most security professionals, we view the CIA triad as our grail. No, not the US government agency that wor...
Episode 54 – Tribe of Hackers with Marcus J. Carey
April 28, 2019 13:00 - 29 minutes - 1 ByteTribe of Hackers is a recently released book by Marcus Carey and Jennifer Jin that is a collection of stories from member of our community, or tribe as Marcus describes it. This was a great and insightful interview, and definitely one you will want to listen to if you haven't read the book yet. Some links of interest: Tribe of Hackers: https://www.amazon.com/Tribe-Hackers-Cybersecurity-Advice-World/dp/1793464189/ Tribe of Mentors (inspiration for Tribe of Hackers): https://www.amazon.com/...
Episode 53 – #Ginfosec with @InfoSecSherpa – All About Cons!
April 14, 2019 14:57 - 1 hour - 1 ByteOnce again I am pleased to share a #ginfosec episode with the woman who helps guide others through the mountains of infosec, Tracy InfoSecSherpa Maleeff! In this extended episode Tracy and I speak about conferences from the attendee point of view; what to expect, what to bring, how to go, and what you should aim to get from the con. Enjoy! Some links of interest: Tracy's Twitter: @InfoSecSherpa Sign up for Tracy's Nuzzle Newsletter: https://nuzzel.com/InfoSecSherpa Study on different no...
Episode 52 – John The Generalist
March 31, 2019 13:30 - 37 minutes - 1 ByteThis week John goes solo and decides to talk about a recent threat he spun up about on Twitter, naming himself as a generalist within Information Security and discussing what that means to him. Some links of interest: John's Twitter Thread We have a new store! Come check out the various Purple Squad Security goods you can buy to share your following and help the show. From stickers to mugs, we have a few items up for sale: https://purplesquadsec.com/store Want to reach out to the show?...
Episode 51 – Fireside Chat with Chris Foulon
March 10, 2019 14:19 - 39 minutes - 1 ByteChris Foulon stops by for a fireside chat to talk about breaking into Infosec. For those unfamiliar with the fireside chat series, this is where we come in with a topic but no other real agenda. It's a casual conversation where I just have a casual conversation with my guest, similar to what would happen in hallway con. I hope you enjoy! Some links of interest: Chris' LinkedIn: https://www.linkedin.com/in/christophefoulon/ Chris' Twitter: @chris_foulon We have a new store! Come check ...
Episode 50 – Tabletop D&D with Tim De Block, Ed Rojas, Daniel Ebbutt, and Kyle Andrus
February 17, 2019 14:24 - 1 hour - 1 ByteIt's that time again! Yes, another Tabletop D&D episode is upon us! This time I asked Timothy de Block from the Exploring Information Security podcast to join me, along with a few interesting characters. Let's just say this particular episode is not for the faint of heart, and we have a few swears thrown in to keep with the atmosphere. Enjoy! Some links of interest: Exploring Information Security Podcast: https://www.timothydeblock.com/eis/ Tactical Edge: https://tacticaledge.co/index_...
Episode 49 – The Red Team Life with Curtis Brazzell
February 03, 2019 14:29 - 34 minutes - 1 ByteWhat is a red team? How does it differ from a penetration tester's day-to-day? How do red teams stay sharp? How do they stay motivated? These are a few of the questions I seek to have answered by Curtis Brazzell, a managing Security Consultant at Pondurance. It's a great interview and sheds light on the difference between red teaming and penetration testing. Some links of interest: Curtis' Twitter: https://twitter.com/CurtBraz Curtis' LinkedIn Profile: https://www.linkedin.com/in/cur...
Episode 48 – All About Magecart with Yonathan Klijnsma
January 20, 2019 16:28 - 51 minutes - 1 ByteMagecart - a web-based credit card skimming kit used by various groups to grab ahold of online shoppers credit cards. Interesting? You bet! On this episode of the Purple Squad Security podcast I have Yonathan Klijnsma, Head Researcher at RiskIQ, joining me to discuss their research on Magecart. Some links of interest: Inside Magecart Report - https://cdn.riskiq.com/wp-content/uploads/2018/11/RiskIQ-Flashpoint-Inside-MageCart-Report.pdf Ticketmaster breach - https://www.riskiq.com/blog/...
Episode 47 – Happy New Year! Show Updates and Other News
January 06, 2019 14:08 - 32 minutes - 1 ByteWelcome to 2019! John goes solo in this episode and talks about his personal goals for 2019, plus some updates for the show that should make things a bit more structured and hopefully more interesting for the listeners. Some links of interest: EliteSec Website: https://elitesec.io/ Want to reach out to the show? There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Po...
Episode 46 – Holiday Special – Storytime with Jayson E. Street
December 16, 2018 14:42 - 33 minutes - 1 ByteContinuing our storytime theme for the holidays, on this week's show we have a special guest, Jayson E. Street! For those who follow Jayson online, his hacker adventures bring him to all sorts of interesting places. Jayson shares a story of one of those places, in which he robs the wrong bank. Some of you may know this story, but he also provides us with an epilogue to this story that few have heard! Thanks Jayson! Some links of interest: Jayson's Website: http://jaysonestreet.com/ Ja...
Episode 45.1 – Holiday Special – Storytime with Tinker – NO MUSIC!!!
December 13, 2018 14:19 - 1 hour - 1 ByteHey everyone, this is a re-release of episode 45 with Tinker, but this one is WITHOUT the background music. I hope this makes up for the snafu in an otherwise great interview! Happy December everyone! Whatever holiday you may be celebrating this season, may it be enjoyable. I've decided for the month of December to treat myself, by having a bunch of people I hold in high regard to join me in sharing of their tales, similar to the fireside chats I've had in the past. We have no set agend...
Episode 44 – SANS Holiday Hack Challenge with Ed Skoudis
November 18, 2018 15:01 - 50 minutes - 1 ByteSo, a very popular season is coming up shortly. I'm not talking about Thanksgiving (for my US listeners) and I'm not talking about Christmas for my Christian listeners. No, I'm talking about the season that all good little hackers look forward to - the time when the SANS Holiday Hack Challenge is released! This is probably one of the most ambitious CTFs I have ever known about, and I am lucky enough to get one of the main drivers behind it to join me for today's episode! Ed Skoudis joins...
Episode 43 – Not all vulnerabilities are created equal with Tanya Janca
November 04, 2018 13:07 - 55 minutes - 1 ByteVulnerability disclosure is one of those things that either brings a smile or a scowl to your face, depending on what end of the disclosure you're on. For some, it's a thing of pride, and hopefully a monetary reward! For others, it's a punch to the gut, fear inducing, "Oh crap!" moment because someone has shown you a flaw you weren't aware of. But what if the disclosure isn't actually a valid vulnerability? That's the topic for this episode discussion, and thankfully I have someone who kn...
Episode 42 – CyberZoology with Patrick Kelley
October 21, 2018 15:03 - 56 minutes - 1 ByteDefending is hard. The adage of "an attacker only has to be right once" is a bit played out, but it does have a hint of truth in that trying to defend everything is a monumental task. Defenders are often short on budgets, short on time, and short on patience for silly sayings like these. This week I'm happy to have Patrick Kelley on to talk about some very interesting work he has done on coming up with defensive techniques for freight trains using a Raspberry Pi! If you want to hear abou...
Episode 41 – Cyber Security Awareness Month with Tracy Maleeff
October 07, 2018 15:31 - 1 hour - 1 ByteOctober is Cyber Security Awareness Month, and with that who better to help share some ideas on how to give back to the community than our own InfoSecSherpa! Tracy Maleeff joins me to talk about Cyber Security Awareness Month, #ginfosec and #inforum. This will be one of the most relaxed Infosec podcasts you'll hear this year.... Some links of interest: GetCyberSafe (Canada) - https://www.getcybersafe.gc.ca/cnt/rsrcs/csam/thms-en.aspx StaySafeOnline (US) - https://staysafeonline.org/ncsam...
Episode 40 – Tabletop D&D With Rally Security
September 23, 2018 15:12 - 1 hour - 1 ByteIt's that time again! With milestone episode 40, we have another Tabletop D&D episode for you to enjoy! This time around we are joined by a few members of the Rally Security podcast to face some scenarios and see how they fare. Let's just say this was a rather impressive episode for a number of reasons. Some links of interest: Rally Security Homepage - http://rallysecurity.com/ Rally Security Twitch - https://www.twitch.tv/rallysecurity Rally Security Twitter - https://twitter.com/Rall...
Episode 39 – John’s OSCP Journey
September 16, 2018 15:01 - 58 minutes - 1 ByteOver the past few months, John has been working on obtaining his OSCP certification. Recently he attempted and successfully passed the exam! In this episode he goes over his journey, what he learned as well as a few tips to help those attempting this rather difficult certification. Some links of interest: Penetration Testing - A Hands On Introduction to Hacking - https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641 Web Application Hacker's Handbook 2nd Edi...
Episode 38 – Discussing the Cyber Kill Chain with Amanda Berlin
August 26, 2018 16:41 - 49 minutes - 1 ByteThe cyber kill chain. For some, it's a nice framework to help build your defenses and help during an incident. For others, it is an over hyped and rigid list that no real attacker follows anymore. However you view the cyber kill chain, it is a strong pillar within Infosec, especially when it comes to defending your network. Amanda Berlin joins me today to talk about the cyber kill chain, what it is and how to disrupt attacks using it! Some links of interest: Amanda's Disrupting The Kill...
Episode 37 – Bring Your Own Land with Nathan Kirk
August 12, 2018 16:29 - 31 minutes - 1 ByteLiving off the land is a term well understood by both offensive and defensive teams. For offensive teams, it's meant by using the technologies already present on the system, such as Powershell, Python, and even Perl for those who like a challenge (or are facing an older Unix system). On the defensive side, enhanced logging and locked down configurations are put in place to detect and prevent the use of these tools by malicious actors to either catch or prevent these actors from doing harm....
Episode 36 – The Joy of CTFs with Derek Rook
July 29, 2018 17:17 - 45 minutes - 1 ByteCapture The Flag games, or CTFs, are a popular way for infosec pros to brush up on the offensive skills. From VulnHub to HackTheBox, there are a few different ways to quote "get your hack on"! Derek Rook (@_r00k_) joins me today to talk about CTFs and how they can assist in your Infosec journey, regardless of your role. Some links of interest: Derek's YouTube Channel - https://www.youtube.com/channel/UCMACXuWd2w6_IEGog744UaA Derek's Twitch Stream - https://www.twitch.tv/r00k_infosec ipp...
Episode 35 – Container Security with Jay Beale
July 15, 2018 17:11 - 53 minutes - 1 ByteFrom jails to virtual machines, process isolation is the "holy grail" of security. Lately, containers have been the go-to for modern organizations in order to scale and implement things like microservices. Jay Beale of InGuardians fame joins me to talk all about container security! Some links of interest: Securing Applications with Linux Containers (Webinar by Jay Beale) Docker security - Using containers safely in production (Article by Adrian Mouat) Clair (Container Scanner) - https:/...
Episode 34 – Exploring Powershell with Mick Douglas
July 01, 2018 16:48 - 53 minutes - 1 ByteLiving off the land is pretty standard fare for pen testers. On Linux systems, the go-to is usually Python, but on Windows it's all about Powershell. This week I'm fortunate enough to sit down with Mick Douglas to talk all things Powershell! Some links of interest: Powercat - https://github.com/besimorhino/powercat Mick wants to give a special shout out to Luke Baggett for all the great work he's done on this project! Kansa - Dave Hall was the original author - https://github.com/davehu...
Episode 33 – 3 Pillars for Starting a Security Program
June 17, 2018 17:28 - 43 minutes - 1 ByteIn this episode John goes at it alone and discusses his own experiences with starting up a security program at different organizations by focusing in on what he views are the 3 key pillars for a new security program. Some links of interest: CIS Critical Security Controls - https://www.cisecurity.org/controls/ Malware Archeology - Logging Cheat Sheets - https://www.malwarearchaeology.com/cheat-sheets/ Linux Security Incident Log Review Checklist - https://zeltser.com/security-incident-log-...
Episode 32 – Fireside Chat with Deviant Ollam
June 03, 2018 17:00 - 57 minutes - 1 ByteContinuing on with my fireside chat series, where I bring on a guest to just have a casual chat and see where the conversation takes us, my guest this time is Deviant Ollam. Well known for his work with TOOOL and the locksport community, we take a different path and talk about physical penetration testing as well as hear some great stories from the road. Some links of interest: Deviant's Twitter: @deviantollam The CORE Group: https://enterthecore.net/ And for fun: Check Box Secure: htt...
Episode 31 – Killing the Pen Test with Adrian Sanabria
May 20, 2018 16:58 - 49 minutes - 1 ByteThe penetration test, or pen test as it's commonly referred to, is one of the great necessary evils in Infosec today. My guest for this episode is Adrian Sanabria, who has an interesting thought - let's kill the pen test! Adrian has been in the industry for quite some time in quite a variety of roles, so he has some great experience and insights to share. Let's see what his replacement for a pen test entitles! Some links of interest: Adrian's Twitter: @sawaba Savage Security: https://ww...
Episode 30 – Infosec D&D Tabletop with Jerry Bell and Andrew Kalat from Defensive Security
May 06, 2018 17:03 - 55 minutes - 1 ByteIt's that time again! We're doing another Infosec tabletop in a D&D style, this time with the fine gentlemen from the Defensive Security podcast! Jerry and Andrew join me for another infosec tabletop with all new scenarios, pitfalls, and approaches. Special thanks to Ryan McGeehan and his Tabletop Scenarios twitter account for providing the ideas behind this episodes "challenges". Some links of interest: The Defensive Security Podcast: https://defensivesecurity.org/ Jerry's Twitter: @mal...
Episode 29 – The Importance of Community in Infosec w/ Cheryl “3ncr1pt3d” Biswas
April 29, 2018 16:52 - 46 minutes - 1 ByteThe idea of "community" is an important one, especially if you talk about a group of people who want to help improve their skills by sharing their ideas, experiences, etc, with like minded individuals. The Infosec community is no exception to this. In fact I would argue that it is one of the strongest communities I have encountered yet! Joining me this week is Cheryl "3ncr1pt3d" Biswas to talk about the Infosec community, what makes it special, and the importance of it. In addition we wil...
Episode 28 – John’s Weird Path To #Infosec And Other Ramblings
April 22, 2018 16:40 - 42 minutes - 1 ByteWith no guest this week, John decides to share his own story about how he got into #infosec and some other thoughts he's had about the journey and why it's a never ending adventure to learn new things. Some links of interest: MeetUp.com OSSEC Wazuh (OSSEC Alternative) Want to reach out to the show? There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purpl...
Episode 27 – Infosec and Mental Health with Danny Akacki
April 15, 2018 16:39 - 47 minutes - 1 ByteStress. Depression. Anxiety. Fear. Uncertainty. Doubt. All of these symptoms and conditions are well known to anyone who has spent a few years in security. This can be a heavy topic, but it's one that we should discuss openly and often. Danny Akacki joins me on this episode to talk about his own mental health, what are some of the things that has helped him, and he also gives us some insight on his contributions back to the community through the creation of infosanity.org, a website d...
Episode 26 – DFIR in the Cloud with Jonathon Poling
April 08, 2018 16:22 - 49 minutes - 1 ByteFrom the crowd to the cloud, we shift focus this episode to a topic that may be holding back some infosec professionals from embracing the cloud - namely what to do when you're attacked? Digital Forensics and Incident Response (DFIR) is a topic we've covered in the past, but that was from a more traditional view. I'm fortunate enough to have Jonathon Poling (@JPoForenso) join me again to revisit DFIR, but this time from a cloud perspective. What's easier, what's harder, and what's differe...
Episode 25 – Securing The Crowd with Nicolas Valcarcel
March 25, 2018 16:28 - 54 minutes - 1 ByteThe crowd. Recently gaining attention again due to some news events that were much ado about nothing, there is still a bit of a mystery with crowdsourcing and how best to secure it. Organizations like Bug Crowd and HackerOne have shown it can be used for specific security tasks, but what about in general? Nicolas Valcarcel joins me on this episode to share his thoughts and experience with security the crowd and what organizations should be aware of when considering using the crowd for the...
Episode 24 – Fireside Chat with Joe Gray
March 18, 2018 16:04 - 54 minutes - 1 ByteIn the first of a new format, I sit down with Joe Gray with only a handful of questions and just chat. We cover things from Through The Hacking Glass, upcoming talks that Joe will be doing, to the various conferences that Joe will be attending. Lots of great information and stories were shared, and if you'd like to provide feedback, please reach out and let me know! Also, make sure you listen for a special easter egg that Joe has for those who are in the Atlanta area in September for entr...
Episode 23 – Speaking to Developers with James Jardine
March 11, 2018 16:57 - 1 hour - 1 ByteContinuing with the theme of soft skills that any infosec professional should have, this episode will focus on developers. I sit down with James Jardine from the DevelopSec podcast to talk about how best to communicate with developers. Just like executives, developers have a different language and approach that is needed in order to communicate effectively. Trying to avoid the all-to-common animosity between developers and security, James and I discuss some strategies to help build bridge...