Mastodawn

Mike Lisi: Mike Hacks Things #cybersecurity #infosec #innovation #personalbranding https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Mike-Lisi-Mike-Hacks-Things-e30l4ov?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts

Mike Lisi: Mike Hacks Things by Phillip Wylie Show

SummaryIn this episode of the Phillip Wylie Show, Phillip Wylie and Michael Lisi discuss their backgrounds in hacking and penetration testing, the importance of diverse experiences in the tech field, and the value of certifications like OSCP. They also explore pathways into offensive security, the mission of the Red Team Village, and the role of Capture The Flag (CTF) competitions in learning. The conversation emphasizes the significance of networking and community involvement in the cybersecurity industry.Takeaways• Michael Lisi shares his journey into hacking, starting from building computers as a teenager.• The importance of sharing origin stories to motivate others in the cybersecurity field.• Diverse experiences in IT roles can enhance skills in penetration testing.• The OSCP certification provides valuable hands-on experience, but the landscape of certifications is evolving.• Networking and community involvement are crucial for career advancement in cybersecurity.• The Red Team Village aims to raise awareness and provide skill development in offensive security.• CTFs are beneficial for learning but should not be the sole focus of skill development.• Exploring different roles can help individuals find their true interests in cybersecurity.• The importance of understanding business operations for effective penetration testing.• Volunteering and participating in events can lead to valuable connections and opportunities.Sound Bites• "I didn't have a plan to be a hacker."• "Don't shy away from some of those other roles."• "You want to be as efficient as possible."Resourceshttps://www.linkedin.com/in/mikelisi/https://x.com/MikeHacksThingshttps://malteksolutions.com/https://redteamvillage.io/Chapters00:00 Introduction and Background02:27 Hacker Origin Story06:48 The Importance of Diverse Backgrounds12:59 The Role of OSCP in Career Development16:47 Pathways into Offensive Security19:14 Overview of the Red Team Village22:19 The Value of CTFs in Cybersecurity

Spotify for Creators

Phillip Wylie 12h ago

Chris Traynor: Hack Your Way Into a Cyber Security Career #cybersecurity #infosec #innovation #personalbranding https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Chris-Traynor-Hack-Your-Way-Into-a-Cyber-Security-Career-e339gvo?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts

Chris Traynor: Hack Your Way Into a Cyber Security Career by Phillip Wylie Show

SummaryIn this episode of the Phillip Wylie Show, Chris Traynor shares his journey into the cybersecurity field, discussing his hacker origin story, the impact of post-breach opportunities, and the nuances of breaking into offensive security. He emphasizes the importance of hands-on experience, the role of certifications, and shares engaging stories from his pen testing career. Chris also provides valuable insights on the security mindset and the collaborative nature of cybersecurity.Takeaways• Chris Traynor emphasizes the importance of community involvement in cybersecurity.• Post-breach organizations often have better budgets for security training and tools.• Transitioning into offensive security requires a shift in mindset to think like an attacker.• Certifications can help get past initial job screenings but are not always indicative of skill.• Hands-on experience is crucial for success in pen testing roles.• Building home labs can provide practical experience in cybersecurity.• Understanding the stories behind security incidents is vital for effective communication.• Not all security systems can be 100% secure; it's about managing risks effectively.• Collaboration between security teams and organizations is essential for improvement.• Training should focus on practical applications and real-world scenarios.Sound Bites"I wanted to figure out how things work.""Certifications do serve their purpose.""Hands-on experience is the biggest thing."Chapters00:00 Introduction to Cybersecurity and Community Engagement01:40 Chris Traynor's Hacker Origin Story05:06 Leveraging Post-Breach Opportunities07:24 Breaking into Offensive Security13:04 The Role of Certifications in Cybersecurity19:38 Gaining Hands-On Experience in Pen Testing22:45 Notable Pen Testing Stories and Experiences29:02 Final Thoughts on Security and CollaborationResourceshttps://www.linkedin.com/in/chris-traynor/https://www.antisyphontraining.com/instructor/chris-traynor/

Spotify for Creators

Phillip Wylie 12h ago

The Art of Red Teaming with Shani Peled https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/The-Art-of-Red-Teaming-with-Shani-Peled-e26ccfr?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts

The Art of Red Teaming with Shani Peled by Phillip Wylie Show

About The Guest: Shani is a young and talented offensive security professional who has made a name for herself in the industry. With a background in computer science and physics, she started her cybersecurity journey in the Israeli intelligence course during her military service. After gaining valuable experience in the army, she joined CYE, where she currently works as a Red Teamer. Shani is passionate about helping organizations improve their security posture and enjoys the challenge of finding unique entry points and assessing real risks. Summary: In this episode, Phillip Wylie interviews Shani, a talented Red Teamer at CYE. Shani shares her journey into the cybersecurity world, starting with her military service in the Israeli intelligence course. She highlights the importance of hands-on training and the unique skills required to be successful in the Red Team industry. Shani also discusses the challenges faced by organizations in prioritizing vulnerabilities and assessing real risks. She emphasizes the need for Red Teamers to think like real attackers and understand the crown jewels of the organizations they are testing. Shani also dives into the world of cloud security and the common vulnerabilities she encounters during cloud assessments. She stresses the importance of proper cloud migration and the responsibility organizations have in securing their cloud environments. Throughout the conversation, Shani provides valuable insights and advice for aspiring Red Teamers, emphasizing the need for passion, creativity, and a deep understanding of the IT world. Key Takeaways: Prioritizing vulnerabilities and assessing real risks is a major challenge for organizations. Red Teamers should think like real attackers and understand the crown jewels of the organizations they are testing. Misconfigurations in storing technical secrets and exposed resources are common vulnerabilities in cloud environments. Proper cloud migration is crucial, and organizations have a responsibility to understand their cloud environment and secure it. Red Teamers should focus on reconnaissance and understand the techniques behind tools to be effective in their assessments. Shani's LinkedIn: https://www.linkedin.com/in/shani-peled-28b3211a3/ CYE LinkedIn and website: https://www.linkedin.com/company/cyesec/ https://cyesec.com/

Spotify for Creators

Phillip Wylie 15h ago

Bdubzz: Building Connections in Cybersecurity #cybersecurity #infosec #innovation #personalbranding https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Bdubzz-Building-Connections-in-Cybersecurity-e31r3ov?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts

Bdubzz: Building Connections in Cybersecurity by Phillip Wylie Show

SummaryIn this episode of the Phillip Wylie Show, Phillip Wylie interviews Bdubzz, a member of the cybersecurity community who shares his journey from a curious child to a professional in application security. Bdubzz discusses the importance of networking, community engagement, and personal branding in the cybersecurity field. He emphasizes the value of volunteering, public speaking, and content creation as ways to grow and connect with others in the industry. The conversation highlights the significance of having a hacker mindset and the opportunities available in Governance, Risk, and Compliance (GRC).Takeaways• Bdubzz has always had a hacker mindset, starting from childhood.• Networking is crucial for job opportunities in cybersecurity.• Volunteering at local events can accelerate community connections.• Public speaking is a skill that improves with practice.• Personal branding is important for visibility in the industry.• Blogging is a foundational step in content creation.• Newcomers to the industry have valuable insights to share.• GRC offers a comprehensive view of cybersecurity practices.• Building friendships in the community can lead to job opportunities.• Being open-minded is essential for learning and mentoring.Sound Bites"Your name is in that person's head.""We all have that one thing in common.""Be consistent in all of that."Chapters00:00 Introduction to the Cybersecurity Community01:01 Bdubzz's Hacker Origin Story03:06 Current Role in Application Security04:43 Networking and Building Relationships11:42 Conferences and Community Involvement14:21 Public Speaking and Personal Growth18:37 Personal Branding and Content Creation27:02 The Importance of GRC in Cybersecurity28:07 Closing Thoughts and Future AspirationsResourceshttps://www.linkedin.com/in/bbrittwhite/https://brittwhite.io/

Spotify for Creators

Phillip Wylie 16h ago

Eva Benn: The Power of Resilience in Cybersecurity #cybersecurity #infosec #innovation #personalbranding https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Eva-Benn-The-Power-of-Resilience-in-Cybersecurity-e2v12lv?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts

Eva Benn: The Power of Resilience in Cybersecurity by Phillip Wylie Show

SummaryIn this episode of the Phillip Wylie Show, host Phillip Wylie interviews Eva Benn, a leader in the cybersecurity field. Eva shares her inspiring journey from a disadvantaged background in Bulgaria to leading the Microsoft Red Team. She discusses the importance of resilience, the role of gaming in developing cybersecurity skills, and offers valuable advice for aspiring professionals in the field. The conversation also covers personal branding, networking authentically, and the significance of continuous learning and growth in one's career.Takeaways• Eva Benn's journey from Bulgaria to leading the Microsoft Red Team is inspiring.• Resilience and determination are key to overcoming challenges.• Gaming can develop strategic thinking skills beneficial for cybersecurity.• Participating in CTFs is crucial for building skills and credibility.• Networking should be genuine and not forced.• Personal branding involves sharing valuable insights and experiences.• Continuous learning is essential in the ever-evolving field of cybersecurity.• Diverse backgrounds can provide unique advantages in cybersecurity roles.• It's important to understand the entire cybersecurity landscape before specializing.• Building meaningful connections takes time and authenticity. Sound Bites• "You have to do what you need to do."• "Be genuine, take it slow."• "You have what it takes."Chapters00:00 Introduction and Background01:12 Eva's Hacker Origin Story04:50 Overcoming Challenges and Embracing Opportunities10:19 The Importance of Hands-On Experience14:05 Advice for Aspiring Pen Testers17:22 Tips for Job Seekers in Cybersecurity21:57 Building a Personal Brand24:51 Networking Naturally30:01 Final Words of WisdomResourceshttps://www.linkedin.com/in/evabenn/https://www.evabenn.com/

Spotify for Creators

Phillip Wylie 1d ago

From Hacking to Entrepreneurship: The PhantomSec Story #cybersecurity #infosec #innovation #personalbranding https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/From-Hacking-to-Entrepreneurship-The-PhantomSec-Story-e3327fl?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts

From Hacking to Entrepreneurship: The PhantomSec Story by Phillip Wylie Show

SummaryIn this episode of the Phillip Wylie Show, host Phillip Wylie engages with cybersecurity experts Grant Smith and Justin Perez, exploring their unique journeys into the world of hacking and cybersecurity. The conversation delves into their origins as hackers, the founding of their company PhantomSec, and the innovative techniques they are developing for EDR evasion. They discuss the importance of hands-on experience in cybersecurity education, the value of certifications, and what qualities they look for in ideal candidates for cybersecurity roles. The episode provides insights into the evolving landscape of cybersecurity and the challenges faced by newcomers in the field.Takeaways• Justin's early fascination with technology led to his hacking journey.• Grant's childhood pranks sparked his interest in cybersecurity.• PhantomSec was born out of a need for better EDR evasion tools.• Hands-on experience is crucial for success in cybersecurity.• Curiosity drives innovation in the cybersecurity field.• Many educational institutions lack practical cybersecurity training.• Certifications can help but shouldn't be the only focus for candidates.• Real-world experience often outweighs theoretical knowledge in hiring.• CVE contributions can enhance a candidate's profile significantly.• Passion and curiosity are key traits for success in cybersecurity.Sound Bites• "That's like kind of the hacker story."• "You have to learn those things."• "Don't get discouraged as well."Chapters00:00 Introduction to Cybersecurity Journeys01:13 Hacker Origin Stories: Justin Perez04:12 Hacker Origin Stories: Grant Smith06:57 The Birth of PhantomSec10:08 Innovations in EDR Evasion13:49 Getting Started in Offensive Security16:20 The Role of Education in Cybersecurity21:01 The Importance of Hands-On Experience24:50 Certifications and Their Value29:32 Evaluating Candidates in CybersecurityResourceshttps://www.linkedin.com/in/justin-perez215/https://www.linkedin.com/in/grant-smith-cyber/https://www.linkedin.com/company/phantom-cyber-group/https://phantomsec.tools/

Spotify for Creators

Phillip Wylie 1d ago

Michael Jenks: Lessons from a Former DoD Professional https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Michael-Jenks-Lessons-from-a-Former-DoD-Professional-e2fmn61?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts

Michael Jenks: Lessons from a Former DoD Professional by Phillip Wylie Show

About the Guest: Michael Jenks, commonly referred to as "Jenks," is an esteemed figure with an extensive background in the Department of Defense (DoD). With a penchant for cybersecurity and a wealth of experience in cyber warfare, Jenks offers a valuable skill set that has been honed in high-stakes environments where precision and accuracy are paramount. Having started his journey in computer science, he quickly developed a fascination with digital code and its impact. Transitioning from dial-up ISPs to L-3 Communications, where he gained clearance for classified work, Jenks eventually founded his own defense contracting company specializing in offensive and defensive cyber operations. Episode Summary: In this riveting episode of the Phillip Wylie Show, host Phillip examines the intersection of cybersecurity and defense backgrounds through his conversation with Michael Jenks from Interpris. The dynamic dialogue delves into how professionals from critical sectors, such as the Department of Defense, bring innovative solutions and meaningful perspectives to the cybersecurity industry. Jenks shares his 'origin story,' which follows a trajectory starting from gaming and IRC administration, leading to a computer science degree and an impressive tenure at various defense-related roles. His story highlights a critical insight: that the best cybersecurity defenses are often forged in the crucible of real-world operations where the cost of failure is immense. Central to the conversation, Jenks unravels the methodology behind Interpris—a platform designed to contextualize and elevate existing cybersecurity tools through continuous threat exposure management. Leveraging a thorough understanding of threat profiles, Interpris aims to help organizations prioritize potential risks based on industry, operations, and data sensitivity. The platform's philosophy is clear—fortify defenses by optimizing tools that organizations already possess, using informed strategies and continuous monitoring to proactively counter advanced cyber threats. Key Takeaways: Cyber professionals with DoD experience bring invaluable expertise to cybersecurity solutions. Interpris focuses on improving an organization's security posture by providing context and strengthening existing tools. Assume breach approach and implementing best practices are essential for a robust security posture. Insider threats are as significant as external threat actors, making holistic security measures necessary. The emergence of AI in both offensive and defensive cybersecurity tools is rapidly changing the landscape. Notable Quotes: "I mean, man, if you have it, background, a clearance, man, there are just a ton of jobs." -Michael Jenks "From just the digital realm. Gamer growing up. Cut my teeth on hacking back in the day." -Michael Jenks "You already have enough tools, right. It's really just that optimized configuration, that prioritization, that customization." -Michael Jenks "It's my job to defend this environment. I have no idea where we're protected, where we're not." -Michael Jenks "What we're doing is weaving together all of these products, from EDR, from network sensing, to firewall, to your ESM." Michael Jenks Resources: https://www.linkedin.com/in/michaeljenks/ https://www.linkedin.com/company/interpres-security/ https://twitter.com/InterpresSec https://interpressecurity.com/

Spotify for Creators

Phillip Wylie 1d ago

Nahamsec: Hacker, Content Creator, Pentester, Trainer #cybersecurity #infosec #innovation #personalbranding https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Nahamsec-Hacker--Content-Creator--Pentester--Trainer-e2uo4pj?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts

NahamSec: Hacker, Content Creator, Pentester, Trainer by Phillip Wylie Show

SummaryIn this episode of the Phillip Wylie Show, host Phillip Wylie interviews Ben Sadeghipour, known as NahamSec, a prominent figure in the bug bounty community. They discuss NahamSec's journey into hacking, his achievements in bug bounties, and the importance of personal branding and content creation in the cybersecurity field. NahamSec shares insights on transitioning from part-time to full-time bug bounty hunting, the role of automation and AI in the industry, and offers advice for newcomers looking to break into bug bounties. The conversation emphasizes the value of creativity, curiosity, and continuous learning in becoming a successful hacker.Takeaways• NahamSec's journey into hacking began unintentionally as a child.• He achieved the milestone of earning over a million dollars in bug bounties.• Transitioning from part-time to full-time bug bounty hunting requires dedication and understanding of the ecosystem.• Diverse ventures in cybersecurity can enhance skills and knowledge.• Understanding web applications is crucial for bug bounty hunters.• Automation should come after mastering manual exploitation techniques.• AI tools can assist in bug bounty hunting but should not replace manual skills.• Personal branding is essential for career growth in cybersecurity.• Content creation can take many forms, including writing and blogging.• Continuous learning is vital in the ever-evolving field of cybersecurity.Sound Bites• "I have a company called Hacking Hub."• "You need to understand how web apps work."• "Writing is content creation."Resourceshttps://x.com/NahamSechttps://www.linkedin.com/in/nahamsec/https://www.instagram.com/nahamsechttps://www.nahamsec.com/https://www.youtube.com/nahamsecHands-On Web Exploitation Course (NahamSec's Bug Bounty Course)https://app.hackinghub.io/hubs/nahamsec-bug-bounty-course?v=nahamsecdotcom&_trk=09934e30d001cfb67886dca52660e548

Spotify for Creators

Phillip Wylie 1d ago

Fletus Poston III: Navigating The Ever Changing Career Landscape Of Cybersecurity #cybersecurity #infosec #innovation #personalbranding https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Fletus-Poston-III-Navigating-The-Ever-Changing-Career-Landscape-Of-Cybersecurity-e2ucvpi?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts

Fletus Poston III: Navigating The Ever Changing Career Landscape Of Cybersecurity by Phillip Wylie Show

Summary In this episode of the Phillip Wylie Show, Phillip Wylie interviews Fletus Poston, discussing his journey in cybersecurity, the evolution of email security, and the shift to cloud technology. Fletus shares valuable advice for those looking to break into the field, emphasizing the importance of networking, mentorship, and soft skills. He also provides insights from his experience as a hiring manager, discusses career paths in cybersecurity, and highlights the significance of work-life balance. The conversation concludes with Fletus encouraging listeners to engage with their community and prioritize their well-being. Takeaways • Networking and mentorship are crucial for career growth. • Soft skills are as important as technical skills in cybersecurity. • Your resume should highlight your most relevant experiences at the top. • Participating in community events can lead to job opportunities. • It's okay to transition out of cybersecurity if it's not fulfilling. • Understanding the evolution of technology is key to staying relevant. • Cloud technology has transformed disaster recovery and business continuity. • Engaging with peers can provide valuable insights and support. • Career paths in cybersecurity can vary widely; explore different roles. • Work-life balance is essential for long-term success and happiness. Sound Bites • "It's okay to try this field and not stay." • "You can transition out of the field." • "Are you regretting Monday morning?" Chapters 00:00 Introduction and New Year Reflections 04:51 The Shift to Cloud Solutions 12:02 Networking and Online Platforms 20:13 The Importance of Soft Skills 29:57 Maintaining Work-Life Balance Resources https://www.linkedin.com/in/fletusposton/ https://x.com/fletusposton

Spotify for Creators

Phillip Wylie 1d ago

Jason Downey: Semi-Pro Kickboxer Turned Pentester https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Jason-Downey-Semi-Pro-Kickboxer-Turned-Pentester-e2cu4l5?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts

Jason Downey: Semi-Pro Kickboxer Turned Pentester by Phillip Wylie Show

About The Guest: Jason Downey is a pen tester at Red Siege, a boutique pen testing firm. He has been in the industry for almost three years and specializes in network pen testing, social engineering, and physical assessments. Jason has a background in network administration and security, and he is passionate about sharing his knowledge and helping others in the industry. Summary: Jason Downey, a pen tester at Red Siege, joins the podcast to discuss his journey into the world of pen testing and the importance of networking and building relationships in the industry. He emphasizes the need for a strong foundation in networking fundamentals and active directory knowledge. Jason also shares his favorite resources for learning infrastructure pen testing and highlights the collaborative nature of the industry. Key Takeaways: Building a strong network is crucial in the information security industry and can open up opportunities for job prospects and knowledge sharing. Networking fundamentals and active directory knowledge are essential for successful pen testing, as most corporate infrastructures rely on these technologies. Specializing in a specific area of pen testing can be beneficial once you have a solid foundation and understanding of the fundamentals. Online resources such as Google, Hacktricks XYZ, and ired team can provide valuable information and guidance for learning infrastructure pen testing. Quotes: "The power of your network is crucial in the information security industry. It can help you bypass the traditional education, experience, and certification requirements." - Jason Downey "To break something, you have to know how it functions first. Understanding the fundamentals is key to successful pen testing." - Jason Downey "Active directory knowledge is mission critical in pen testing, as most companies rely on it for their infrastructure." - Jason Downey Socials and Resources: https://twitter.com/hackandbackpack

Spotify for Creators

LinkedIn	https://www.linkedin.com/in/phillipwylie/
Twitter	https://twitter.com/PhillipWylie
YouTube	https://www.youtube.com/c/phillipwylie
Website	http://thehackermaker.com