| https://www.linkedin.com/in/phillipwylie/ | |
| https://twitter.com/PhillipWylie | |
| YouTube | https://www.youtube.com/c/phillipwylie |
| Website | http://thehackermaker.com |
Phillip Wylie
@phil@infosec.exchange
- 2.2K Followers
- 1.7K Following
- 1,017 Posts
Offensive Security Professional | Phillip Wylie Show & The Hacker Factory Podcast Host | The Pentester Blueprint concept creator & coauthor | @TribeOfHackers Red Team
Evan Dornbush: Desired Effect #cybersecurity #infosec #innovation #personalbranding https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Evan-Dornbush-Desired-Effect-e32c9en?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts
Evan Dornbush: Desired Effect by Phillip Wylie Show
SummaryIn this episode of the Phillip Wylie Show, host Phillip Wylie interviews Evan Dornbush, a seasoned cybersecurity professional with a rich history in the field. They discuss Evan's journey from a summer internship focused on cybercrime to his work with the NSA and his entrepreneurial ventures in cybersecurity. The conversation delves into the challenges of hiring in tech, the importance of proving technical skills, and the evolving landscape of security research. They also explore the impact of AI on cybersecurity, the economics of cybercrime, and Evan's new podcast aimed at educating listeners about vulnerabilities and exploits.Takeaways• Evan's journey into cybersecurity began with a summer internship focused on cybercrime.• The importance of hands-on experience in proving technical skills in cybersecurity.• Entrepreneurship in cybersecurity can lead to innovative solutions for hiring and skill assessment.• AI is changing the landscape of cybersecurity, creating both challenges and opportunities.• The economics of cybercrime are driven by profitability, making it a persistent issue.• Bug bounties provide a platform for researchers to monetize their skills and contribute to security.• The rise of CVEs reflects the increasing complexity and volume of software vulnerabilities.• Community involvement and education are crucial for the future of cybersecurity.• Evan's podcast aims to demystify vulnerabilities and educate the research community.• The need for better options for researchers to disclose and monetize their findings.Sound Bites"I was totally fanboying.""Research is protected free speech.""It's a shame there's nothing US based."Chapters00:00 Introduction and Background01:16 Evan's Hacker Origin Story04:15 Transitioning from NSA to Entrepreneurship06:53 The Mission of Point Three Security09:32 Innovative Hiring Practices in Cybersecurity12:32 Proving Technical Skills in Cybersecurity14:42 Breaking into Security Research17:51 The Evolving Landscape of Vulnerability Research20:55 The Value of CVEs vs Certifications23:59 The Economics of Cybercrime26:20 The Future of Exploit Markets30:07 Evan's New Podcast: Explain it Like I'm Five37:36 Closing Remarks and Nonprofit InvolvementResourceshttps://www.linkedin.com/in/evandornbush/https://www.desiredeffect.io/https://www.securityweek.com/ethical-zero-day-marketplace-desired-effect-emerges-from-stealth/https://podcasters.spotify.com/pod/show/hackersontherocks4https://goldstargamers.org/
The Power of Bug Bounty Automation with Nenad Zaric https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/The-Power-of-Bug-Bounty-Automation-with-Nenad-Zaric-e26c2dm?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts
The Power of Bug Bounty Automation with Nenad Zaric by Phillip Wylie Show
About The Guest(s): Nenad Zarick is a cybersecurity expert and the founder of Trickest, a platform that automates offensive security workflows. With over 15 years of experience in the field, Nenad has a deep understanding of bug bounty programs and the importance of automation in cybersecurity. Summary: In this episode, Phillip interviews Nenad Zaric, the founder of Trickest, a platform that automates offensive security workflows. Nenad shares his background in cybersecurity and how he got started in bug bounty programs. He emphasizes the importance of automation in bug bounty and explains how Trickest can help bug hunters optimize their efforts. Nenad gives a live demo of the platform, showcasing its features and capabilities. He also discusses the scalability of the platform and the benefits of automation in the future of cybersecurity. Key Takeaways: Bug bounty hunters need to automate their workflows to be successful.Trickest allows users to easily automate offensive security workflows without the need for manual scripting.The platform integrates various tools and provides a visual interface for building workflows.Users can schedule workflows and execute them on multiple machines for scalability.Automation is the key to the future of cybersecurity and can save time and improve efficiency. Nenad's and Trickest's social media and website: https://twitter.com/ZaricNenad_ https://www.linkedin.com/in/nenad-zaric/ https://twitter.com/trick3st https://www.linkedin.com/company/trickest/ https://trickest.com/
KJ Haywood: Exploring AI and Cybersecurity https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/KJ-Haywood-Exploring-AI-and-Cybersecurity-e2mkopg?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts
KJ Haywood: Exploring AI and Cybersecurity by Phillip Wylie Show
About the Guest: KJ Haywood: KJ Haywood is a seasoned professional in the field of cybersecurity with over 25 years of experience in governance and compliance. She has dedicated the last 11 years to security governance and has recently shifted focus to AI and generative AI, launching her company, Nomad Cyber Concepts. Her expertise lies in helping mid-sized organizations pivot their solutions and acquire or design AI tools. KJ holds an MIT certification in AI no-code model building and is a prominent figure in the cybersecurity community, frequently sharing her knowledge at conferences and through teaching and mentoring. Episode Summary: In this engaging episode of "The Phillip Wylie Show," Phillip Wylie welcomes KJ Haywood, a veteran in cybersecurity governance and compliance, to discuss the transformative impact of AI and generative AI on the industry. The conversation dives into KJ’s professional journey from human resources to cybersecurity, her passion for governance, and her recent pivot into AI, particularly focusing on her company's role in helping organizations integrate AI tools. The episode provides valuable insights into the importance of continually learning and staying updated in the cybersecurity field. KJ discusses the advent of generative AI, its rapid adoption since the release of ChatGPT, and the necessity for security practitioners to adapt. Listeners will gain an understanding of how to balance work and personal time to avoid burnout, the critical nature of governance in AI model design, and how to leverage community resources and certifications to advance one's career. Key Takeaways: Career Transition and Passion in Cybersecurity: KJ shares her unconventional journey from HR to cybersecurity, emphasizing the importance of following one's interests and continually learning. Impact of AI on Cybersecurity: Discussion on how generative AI is revolutionizing the field, the urgency of adapting, and KJ's role in helping organizations integrate AI tools. Balancing Work and Wellness: Strategies for managing work hours to avoid burnout, including recognizing personal productivity times and taking necessary breaks for mental health. Educational Resources for AI and Cybersecurity: KJ's recommendations for AI literacy, including free resources, certifications, and institutions offering comprehensive courses. Community and Networking: The importance of being involved in professional communities, attending conferences, and leveraging networks to stay updated and advance in one's career. Notable Quotes: "Are you absolutely sure you want to transition to this industry? Because you have to really love what you do because it's easy to get burned out." - KJ Haywood "The privileged access, remember we talked a lot about zero trust and privilege access back in the day. I think we're going to end up circling right back to that." - KJ Haywood "We need pen testers very much. Consider going into pen testing if you haven't already considered it." - KJ Haywood "I believe it's going to be similar to the shift with cybersecurity. Industry practitioners are going to have to pivot a little bit of their skill set and level themselves up." - KJ Haywood "I think artificial intelligence or any type of Gen AI tool, because there are going to be so many more that are going to be launched over the next, I'd say, three years, we're going to have so many." - KJ Haywood Resources: KJ Haywood: LinkedIn Nomad Cyber Concepts: Website Phillip Wylie: Pen Testing Book OWASP: Website MIT AI No-Code Course Women in Security and Privacy (WISP): Website SecureWorld: Website
Eric Cole: From CIA to Cybersecurity #cybersecurity #infosec #innovation #personalbranding https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Eric-Cole-From-CIA-to-Cybersecurity-e33n9o1?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts
Eric Cole: From CIA to Cybersecurity by Phillip Wylie Show
SummaryIn this episode of the Phillip Wylie Show, Dr. Eric Cole shares his journey from a computer science student to a cybersecurity expert with a rich history at the CIA. He discusses the importance of personal branding in the cybersecurity field, the transition from offensive to defensive security, and the need for CISOs to be recognized as chief officers within organizations. Eric emphasizes the significance of teaching and contributing to the cybersecurity community while also addressing the challenges posed by misinformation and the evolving landscape of technology.Takeaways• Personal branding can significantly enhance your career opportunities.• Eric Cole's journey into cybersecurity began with a CIA internship.• The transition from offensive to defensive cybersecurity is crucial.• Teaching is a natural progression for those passionate about cybersecurity.• CISOs should be recognized as chief officers, not just technical roles.• Cybersecurity is fundamentally a business problem that requires risk management.• Building a personal brand in cybersecurity is essential for visibility.• Embracing technology is vital for modern cybersecurity practices.• Data quality and correlation are more pressing issues than data storage.• Cybersecurity professionals must adapt to the evolving technological landscape.Sound Bites"CISO role is broken in most companies.""Embrace technology, don't fight it.""Don't think of cybersecurity as a roadblock."Chapters00:00 Introduction to Personal Branding in Cybersecurity01:11 Eric Cole's Hacker Origin Story09:44 Transitioning from CIA to Cybersecurity Leadership14:54 The Importance of Experience Over Pay20:11 Misinformation and Data Quality Issues24:36 The Role of the CISO in Modern Organizations30:24 Building a Strong Personal Brand32:42 Embracing Technology in CybersecurityResourceshttps://www.linkedin.com/in/ericcole1/https://secure-anchor.com/
Syntax976: From Curiosity to Cybersecurity #cybersecurity #infosec #innovation #personalbranding https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Syntax976-From-Curiosity-to-Cybersecurity-e30sgto?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts
Syntax976: From Curiosity to Cybersecurity by Phillip Wylie Show
SummaryIn this episode of the Phillip Wylie Show, host Phillip Wylie engages in a conversation with Syntax, a prominent figure in the hacker community. They discuss their connection through social media, the vibrant hacker culture, and Syntax's personal journey into hacking, which began at a young age. The conversation explores the evolution of the hacker community, emphasizing inclusivity and diversity, and offers valuable advice for aspiring cybersecurity professionals. Syntax shares insights on the importance of curiosity and networking within the community, making this episode a rich resource for anyone interested in cybersecurity.Takeaways• Syntax's journey into hacking began at age 10.• The hacker community values knowledge over appearance.• Inclusivity in cybersecurity has improved over the years.• Conferences like DEF CON foster a sense of family.• Curiosity is essential for success in cybersecurity.• Networking is crucial for professional growth.• The hacker culture is built on sharing and collaboration.• Diversity in the community enhances innovation.• Engaging with others at conferences can lead to opportunities.• Continuous learning is vital in the tech field.Sound Bites• "I was super shy and quiet."• "Teach yourself to be curious."• "Talk to everyone."Chapters00:00 Introduction and Connection03:24 Syntax's Hacker Origin Story11:13 The Evolution of the Hacker Community18:00 Diversity and Inclusion in Cybersecurity25:24 Advice for Aspiring Cybersecurity Professionals30:23 Closing Thoughts and Conference RecommendationsResourceshttps://x.com/syntax976https://www.linkedin.com/in/brandon-prince-27a0ab51/
Ryan Pullen: Insights from a Cybersecurity Pro and TED Talk Featured Speaker https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Ryan-Pullen-Insights-from-a-Cybersecurity-Pro-and-TED-Talk-Featured-Speaker-e2ioale?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts
Ryan Pullen: Insights from a Cybersecurity Pro and TED Talk Featured Speaker by Phillip Wylie Show
About the Guest: Ryan Pullen is a cybersecurity expert based in the UK who specializes in offensive cybersecurity pathways. With a unique entry into the field through a job found on Gumtree, Ryan has carved a formidable career that moved from defensive roles into offensive cybersecurity and later involved in adversarial simulations and penetration testing. He has extensive experience in incident response and has worked on notable projects, including those in collaboration with Stripe OLT, where he is now a board member. Ryan has been instrumental in the evolution of cybersecurity since the mid-2000s, bringing a wealth of knowledge, especially in SOC operations and Microsoft security practices. Episode Summary: In this enlightening episode of the Philip Wylie show, Ryan Pullen joins the podcast to share his extensive journey and insights in the cybersecurity world. Ryan delves into the progression of cybersecurity practices over the past decade and offers invaluable advice to those looking to start or advance in the industry. From discussing the importance of networking to the nuances of job hunting in the cyber sector, Ryan provides a rich overview of technical and career-developing strategies. Ryan emphasizes how persistence and self-improvement play crucial roles in both penetrating the cybersecurity job market and excelling within the field. He illustrates this point through his own 'hacker origin story', showcasing the benefits of seizing the right opportunities and the importance of continuous learning and networking. Additionally, the conversation covers resources for aspiring SOC analysts and the value of understanding an offensive cybersecurity mindset even in defensive roles. The takeaway is clear – whether you're stepping into red teaming, SOC operations, or pen testing, embracing an inquisitive attitude and expanding your network are key. Key Takeaways: The pathway to a cybersecurity career is varied, and taking opportunities as they come can be pivotal in finding success. Networking is vital in the cybersecurity industry, as personal connections often lead to job opportunities and growth. Understanding challenges from an offensive cybersecurity mindset is beneficial for roles across the security spectrum. For those looking to enter the field, platforms like TryHackMe, HackTheBox, and Let's Defend offer valuable hands-on experiences. Becoming a public speaker in the cybersecurity realm can open up new opportunities and serve as an effective way to give back to the community. Notable Quotes: "Networking is key, especially for people trying to get their foot on the ladder." "My journey starts with, well, I was playing with this and this was interesting to me and I didn't want to put it down." "The more you do anything, the better you're going to get." "For anyone looking to start, have a go at all of the online kind of labs and free tools." Resources: LinkedIn (https://www.linkedin.com/in/ryan-pullen/) TryHackMe (https://tryhackme.com) HackTheBox (https://www.hackthebox.eu) Let's Defend (https://www.letsdefend.io/) Kusto Detective Agency (https://detective.kusto.io/)
Lesley Carhart: ICS DFIR Expert #cybersecurity #infosec #innovation #personalbranding https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Lesley-Carhart-ICS-DFIR-Expert-e2vc3am?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts
Lesley Carhart: ICS DFIR Expert by Phillip Wylie Show
SummaryIn this episode of the Phillip Wylie Show, host Phillip Wylie speaks with cybersecurity expert Lesley Carhart about her journey into the field, the importance of community and mentorship, and the unique challenges of working in industrial control systems (ICS) forensics. Leslie shares her hacker origin story, discusses the complexities of ICS security, and recounts a fascinating case study involving a mysterious incident at a power plant. The conversation emphasizes the need for diversity in tech and the vital role of community support in navigating cybersecurity careers.Takeaways• Lesley Carhart's journey into cybersecurity began at a young age with a passion for computers.• The importance of mentorship in the cybersecurity community cannot be overstated.• Industrial Control Systems (ICS) present unique challenges in cybersecurity due to their critical nature.• Understanding processes is key to succeeding in ICS cybersecurity.• Diversity in the tech field has improved over the years, allowing for more varied backgrounds in cybersecurity.• Real-world investigations in ICS can lead to unexpected and humorous outcomes, like the moth story.• Community involvement is crucial for career advancement in cybersecurity.• Self-study and networking are essential for breaking into the cybersecurity field.• The job market for junior cybersecurity professionals is competitive, making community connections vital.• Lesley encourages senior professionals to mentor newcomers to the field. Sound Bites• "I hope we don't end up back there."• "It's been a grand adventure."• "Mentorship can be so, so valuable."Chapters00:00 Introduction to Cybersecurity Community Connections01:43 Lesley Carhart's Hacker Origin Story06:57 Diving into ICS and OT Forensics09:47 Challenges in Industrial Cybersecurity Training13:25 The Complexity of Digital Forensics in ICS15:45 The Moth Story: A Case Study in ICS25:34 The Importance of Community in Cybersecurity30:37 Closing Thoughts and Social Media ConnectionsResourceshttps://www.linkedin.com/in/lcarhart/https://bsky.app/profile/hacks4pancakes.comhttps://infosec.exchange/@hacks4pancakes
From Military to Cybersecurity: John Rodriguez on Mentorship, Ransomware, and Building Resilient Defenses #cybersecurity #infosec #innovation #personalbranding https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/From-Military-to-Cybersecurity-John-Rodriguez-on-Mentorship--Ransomware--and-Building-Resilient-Defenses-e34bk1b?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts
From Military to Cybersecurity: John Rodriguez on Mentorship, Ransomware, and Building Resilient Defenses by Phillip Wylie Show
The Phillip Wylie Show episode featuring John Rodriguez from Cyber Dagger:🔍 Episode Summary:In this episode of The Phillip Wylie Show, cybersecurity expert John Rodriguez, founder of Cyber Dagger, shares his inspiring journey from the military to launching a cybersecurity company. John dives into the critical challenges faced by educational institutions and nonprofits, the growing threat of ransomware, and why a holistic security strategy is vital. He emphasizes the power of mentorship, community service, and continuous hands-on learning in shaping the next generation of cybersecurity professionals. This conversation is packed with real-world insights, career tips, and practical approaches to improving cyber defenses.✅ Key Takeaways:Giving back through cybersecurity strengthens communities and builds talent pipelines.Diverse backgrounds, like military service, offer valuable skills for cyber careers.Schools and nonprofits are prime targets for ransomware and must prioritize security.Mentorship and guidance are essential to developing future cyber leaders.Adversarial thinking is crucial for effective red teaming and threat response.Building in-house tools and platforms can greatly improve cyber resilience.Don’t rush—take time to master the fundamentals and stay curious.🎧 Memorable Sound Bites:"It's important that we stay together.""Don't rush through it.""Leave it better than what you found it."🕒 Episode Chapters:00:00 – Intro to John Rodriguez & Cyber Dagger02:22 – From Military to Cybersecurity04:45 – Mentorship's Role in Cybersecurity07:05 – Securing K–12 and Nonprofits09:31 – Ransomware Realities in Education12:16 – Why Incident Response Matters15:48 – Pen Testing vs. Incident Response18:18 – Real-World Testing in Cybersecurity21:38 – Role of EDR & Security Platforms24:53 – Military Influence on Cyber Strategy27:49 – Holistic Security: Why It Matters31:05 – Building In-House Security Tools36:09 – Career Advice for Aspiring Pros41:15 – The Power of Mentorship & Community🔗 Resources & Links:Connect with John Rodriguez: LinkedInLearn more about Cyber Dagger: Website | LinkedIn
The latest episode features Cyber Dagger, founder John Rodriguez shares his journey from military service to launching his own cybersecurity company.
YouTube: https://youtu.be/S7RzIaoqUkk
Other platforms: https://phillipwylieshow.com/subscribe
