Backup and recovery, Pen testing, Leadership, Blue Team

PSW #687

March 19, 2021



Sponsored By


sponsor
Visit https://securityweekly.com/plextrac for more information!

Dan will run through some customer testimonials on how they are using Plextrac effectively to get the real work done in security!

This segment is sponsored by PlexTrac.

Visit https://securityweekly.com/plextrac to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

Getting The Real Work Done With Plextrac

Guests

Dan DeCloss

Dan DeCloss – Founder / CEO & President at PlexTrac

@wh33lhouse

Dan has over 15 years of experience in cybersecurity. Dan started his career in the Department of Defense and then moved on to consulting where he worked for various companies. Prior to PlexTrac, Dan was the Director of Cybersecurity for Scentsy where he and his team built the security program out of its infancy into a best-in-class program. Dan has a master’s degree in Computer Science from the Naval Postgraduate School with an emphasis in Information Security. Additionally, Dan holds the OSCP and CISSP certifications.

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Jeff Man

Jeff Man – Sr. InfoSec Consultant at Online Business Systems

@MrJeffMan

Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon. Currently a Sr. InfoSec Consultant for Online Business Systems.

Joff Thyer

Joff Thyer – Security Analyst at Black Hills Information Security

@joff_thyer

Joff is a Security Analyst for Black Hills Information Security and has over 15 years of experience in the IT industry in roles such as enterprise network architect and network security defender. He has experience with intrusion detection and prevention systems, penetration testing, engineering network infrastructure defense, and software development.

Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research at InGuardians

@haxorthematrix

Larry’s core specialties include hardware and wireless hacking, architectural review, and traditional pentesting. He also regularly gives talks at DEF CON, ShmooCon, DerbyCon, and various BSides. Larry holds the GAWN, GCISP, GCIH, GCFA, and ITIL certifications, and has been a certified instructor with SANS for 5 years, where he trains the industry in advanced wireless and Industrial Control Systems (ICS) hacking. Larry’s independent research for the show has led to interviews with the New York Times with MythBusters’ Adam Savage, hacking internet-connected marital aids on stage at DEFCON, and having his RFID implant cloned on stage at Shmoocon. When not hard at work, Larry enjoys long walks on the beach weighed down by his ham radio, (DE KB1TNF), and thinking of ways to survive the impending zombie apocalypse.

Lee Neely

Lee Neely – Senior Cyber Analyst at Lawrence Livermore National Laboratory

@lelandneely

Lee Neely is a senior IT and security professional at Lawrence Livermore National Laboratory (LLNL) with over 25 years of experience. He has been involved in many aspects of IT from system integration and quality testing to system and security architecture since 1986. He has had extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. Lee has worked with securing information systems since he installed his first firewall in 1989.

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Tyler Robinson

Tyler Robinson – Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

@tyler_robinson

As the Managing Director of Offensive Security & Research at Trimarc, Tyler leads a team of high-performance security professionals within the offensive security field by simulating sophisticated adversaries and creating scalable offensive security platforms using the latest techniques as seen in the wild. With over 2 decades of experience, Tyler specializes in Red Teaming, APT threat modeling, blackbox network penetration testing, and Physical/Social-Engineering. Tyler has presented at multiple conferences including BSides, DefCon and Blackhat panels, SANS security events and to multiple branches of the military.

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!

Audio



Sponsored By


sponsor
Visit https://securityweekly.com/plextracseries for more information!

The first episode of Security Weekly’s podcast mini-series with PlexTrac “Getting the Real Work Done in Cybersecurity” starts with PlexTrac’s bread and butter, Purple Teaming! The group – along with special guest Bryson Bort of SCYTHE – discuss the ins and outs of purple teaming. Topics covered on the show include the importance of collaboration within your security team, the idea of a milestone-based approach to security, purple teaming engagements, and much more.

This segment is sponsored by Plextrac.

Visit https://securityweekly.com/plextracseries to learn more about them!

Visit https://www.securityweekly.com/series to view the entire PlexTrac Mini Series! Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

Plextrac Mini-Series Episode 1: Purple Teaming

Guests

Bryson Bort

Bryson Bort – Founder & CEO at SCYTHE

@brysonbort

Bryson is the Founder and CEO of SCYTHE and Founder of GRIMM. Prior to launching SCYTHE and GRIMM, Bryson led an elite research & development (R&D) division that directly contributed towards National Security priorities and interest. Prior to that he developed an enterprise R&D program and supported creation of a cybersecurity strategy as a Deputy CTO and Program Director focused on supporting technology research and global infrastructure for the DoD and the Intelligence Community.

Hosts

Dan DeCloss

Dan DeCloss – Founder / CEO & President at PlexTrac

@wh33lhouse

Dan has over 15 years of experience in cybersecurity. Dan started his career in the Department of Defense and then moved on to consulting where he worked for various companies. Prior to PlexTrac, Dan was the Director of Cybersecurity for Scentsy where he and his team built the security program out of its infancy into a best-in-class program. Dan has a master’s degree in Computer Science from the Naval Postgraduate School with an emphasis in Information Security. Additionally, Dan holds the OSCP and CISSP certifications.

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Shawn Scott

Shawn Scott – Vice President of Success at PlexTrac

@shawnhscott

Shawn honed his expertise during 23 years of service in the United States Air Force, where he led both kinetic and cyber operations. After retirement from the DoD, he operated an information security consultancy where he developed a profound distaste for manual report writing. After discovering and using PlexTrac to save countless hours, Shawn joined the PlexTrac team in 2019 to help others realize these same benefits.

Audio



In the Security News, If software got a security grade, most would get an F, SolarWinds hackers got some source code, new old bugs in the Linux kernel, hack stuff and get blown up, stop hacking “beer”, weekly Chrome zero day, Mirai lives, long live Marai, how attackers could intercept your text messages, and rigging the election, the Homecoming Queen election that is.

Register to attend Joff Thyer’s upcoming Wild West Hacking Fest course “Enterprise Attacker Emulation and C2 Implant Development”: http://bit.ly/JoffsC2Class Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

Security Grades, Mirai, Quantum Cryptography, & Hacking “Beer”

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Jeff Man

Jeff Man – Sr. InfoSec Consultant at Online Business Systems

@MrJeffMan

Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon. Currently a Sr. InfoSec Consultant for Online Business Systems.

Joff Thyer

Joff Thyer – Security Analyst at Black Hills Information Security

@joff_thyer

Joff is a Security Analyst for Black Hills Information Security and has over 15 years of experience in the IT industry in roles such as enterprise network architect and network security defender. He has experience with intrusion detection and prevention systems, penetration testing, engineering network infrastructure defense, and software development.

Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research at InGuardians

@haxorthematrix

Larry’s core specialties include hardware and wireless hacking, architectural review, and traditional pentesting. He also regularly gives talks at DEF CON, ShmooCon, DerbyCon, and various BSides. Larry holds the GAWN, GCISP, GCIH, GCFA, and ITIL certifications, and has been a certified instructor with SANS for 5 years, where he trains the industry in advanced wireless and Industrial Control Systems (ICS) hacking. Larry’s independent research for the show has led to interviews with the New York Times with MythBusters’ Adam Savage, hacking internet-connected marital aids on stage at DEFCON, and having his RFID implant cloned on stage at Shmoocon. When not hard at work, Larry enjoys long walks on the beach weighed down by his ham radio, (DE KB1TNF), and thinking of ways to survive the impending zombie apocalypse.

Lee Neely

Lee Neely – Senior Cyber Analyst at Lawrence Livermore National Laboratory

@lelandneely

Lee Neely is a senior IT and security professional at Lawrence Livermore National Laboratory (LLNL) with over 25 years of experience. He has been involved in many aspects of IT from system integration and quality testing to system and security architecture since 1986. He has had extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. Lee has worked with securing information systems since he installed his first firewall in 1989.

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Tyler Robinson

Tyler Robinson – Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

@tyler_robinson

As the Managing Director of Offensive Security & Research at Trimarc, Tyler leads a team of high-performance security professionals within the offensive security field by simulating sophisticated adversaries and creating scalable offensive security platforms using the latest techniques as seen in the wild. With over 2 decades of experience, Tyler specializes in Red Teaming, APT threat modeling, blackbox network penetration testing, and Physical/Social-Engineering. Tyler has presented at multiple conferences including BSides, DefCon and Blackhat panels, SANS security events and to multiple branches of the military.

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!

  • Our next live webcast will be on April 29th at 11am ET where you will learn how to prepare for modern ransomware attacks! Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

Audio

prestitial ad