Careers

This Is How You Get Skynet – PSW #677

This week, it's the 15 Year Anniversary Edition of Security Weekly! We celebrate with three roundtable discussions on Penetration Testing, Blue Team Techniques, and Hacker Culture!

Penetration Testing:

Join us for a lively discussion surrounding the topic of penetration testing. Sure, we've called out differences between vulnerability scanning and penetration testing. Moving past this particular issue, we'll explore how to effectively use penetration testing in your environments.

Blue Team Techniques

We often hear that offensive security techniques are "sexier" than defensive blue team techniques. In this panel discussion, we attempt to level the playing field (on so many levels...) between attackers and defenders. Keeping the evil attackers out of our networks and systems is a daunting task that requires creative thinking and creative solutions.

Hacker Culture:

Hacking matters. The term hacking has gotten away from us over the years. I believe we've reclaimed it, to a certain extent. The goal of this panel is to discuss all things hacking culture. What does it mean to be a hacker and how do we preserve the hacking ideology?

Visit https://securityweekly.com/ilf to learn more about them!

Visit https://securityweekly.com/risksense to learn more about them!

Visit https://securityweekly.com/coresecurity to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Segments

1. The State Of Penetration Testing Panel – PSW #677

Join us for a lively discussion surrounding the topic of penetration testing. Sure, we've called out differences between vulnerability scanning and penetration testing. Moving past this particular issue, we'll explore how to effectively use penetration testing in your environments.

This segment is sponsored by Core Security, A Help Systems Company.

Visit https://securityweekly.com/coresecurity to learn more about them!

Sponsored By

Core Security, A Help Systems Company

Guests

Diego Sor
Diego Sor
Security Consulting Services, Director at Core Security, a HelpSystems Company

Diego Sor is the Director of Security Consulting Services at Core Security. With more than 20 years of experience in the security industry, first as a software developer and then as security consultant, Diego is passionate about new testing strategies, methodologies, and offensive security research. His primary focus and expertise is delivering infrastructure and application security penetration tests.

Ed Skoudis
Ed Skoudis
President of SANS Technology Institute, Director of Holiday Hack Challenge at SANS Institute & Counter Hack

Ed Skoudis has taught cyber incident response and advanced penetration testing techniques to more than 12,000 cybersecurity professionals. He is a SANS Faculty Fellow and the lead for the SANS Penetration Testing Curriculum. His courses distill the essence of real-world, front-line case studies he accumulates because he is consistently one of the first experts brought in to provide after-attack analysis on major breaches where credit card and other sensitive financial data is lost.

Travis Smith
Travis Smith
Director, Malware Threat Research at Qualys

Travis is the Director of Malware Threat Research at Qualys. He has spent the past 15 years in the security industry with a focus on digital forensics and incident response. He holds a wide array of certifications ranging from GIAC Certified Penetration Tester to the CISSP, as well as an MBA with a concentration in information security. Travis has presented his research at conferences worldwide at venues such as BlackHat, RSA, and SecTor.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Doug White
Doug White
Professor at Roger Williams University
Jeff Man
Jeff Man
Information Security Evangelist at Online Business Systems
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

2. Innovative Blue Team Techniques Panel – PSW #677

We often hear that offensive security techniques are "sexier" than defensive blue team techniques. In this panel discussion, we attempt to level the playing field (on so many levels...) between attackers and defenders. Keeping the evil attackers out of our networks and systems is a daunting task that requires creative thinking and creative solutions.

This segment is sponsored by RiskSense.

Visit https://securityweekly.com/risksense to learn more about them!

Sponsored By

RiskSense

Guests

Brian Donohue
Brian Donohue
Intelligence Analyst at Red Canary

Brian has been writing about and researching information security for the last decade. He started his career as a journalist covering security and privacy. He later worked as a threat intelligence analyst, researching adversaries and threat techniques for a variety of major banks, retailers, and manufacturers. At Red Canary, Brian helps support open source tooling, and produces educational resources relating to threat research, intelligence, and detection engineering.

Chris Abella
Chris Abella
Principal SE at ExtraHop Networks

Chris Abella is a Principal Systems Engineer with ExtraHop Networks, where he has spent eight years delivering network analytics and forensics at scale. His passion for data and applied machine learning shows up in the office and in his personal pursuits. Outside the office, he enjoys being a mediocre runner and passable cook.

David Kennedy
David Kennedy
CEO at TrustedSec

David Kennedy is founder of Binary Defense and TrustedSec. Both organizations focus on the betterment of the security industry. David also served as a board of director for the ISC2 organization. David was the former CSO for a Diebold Incorporated where he ran the entire INFOSEC program. David is a co-author of the book “Metasploit: The Penetration Testers Guide”, the creator of the Social-Engineer Toolkit (SET), Artillery, Unicorn, PenTesters Framework, and several popular open source tools. David has been interviewed by several news organizations including CNN, Fox News, MSNBC, CNBC, Katie Couric, and BBC World News. David is the co-host of the social-engineer podcast and on several additional podcasts. David has testified in front of Congress on two occasions on the security around government websites. David is one of the founding authors of the Penetration Testing Execution Standard (PTES); a framework designed to fix the penetration testing industry. David was the co-founder of DerbyCon, a large-scale conference started in Louisville, Kentucky. Prior to the private sector, David worked for the United States Marine Corps and deployed to Iraq twice for intelligence related missions.

Doug Burks
Doug Burks
CEO at Security Onion Solutions

Doug Burks started Security Onion in 2008 to provide a comprehensive platform to help folks peel back the layers of their enterprise and make their adversaries cry. Today, Security Onion has over 1,000,000 downloads and is being used by organizations around the world for threat hunting, enterprise security monitoring, and log management. In 2014, Doug started Security Onion Solutions LLC to help those organizations by providing training, professional services, and hardware appliances. Doug is a CEO, public speaker, teacher, former president of the Greater Augusta ISSA, and co-founder of BSides Augusta, but what he really likes the most is catching bad guys.

Srinivas Mukkamala
Srinivas Mukkamala
Chief Executive Officer and Co-Founder at RiskSense, Inc.

Dr. Srinivas Mukkamala is a co-founder and the CEO of RiskSense, Inc. He has been researching and developing security technologies for over 15 years, working on malware analytics (focusing on medical control systems and nontraditional computing devices), breach exposure management, web application security, and enterprise risk reduction. Mukkamala was one of the lead researchers for Computational Analysis of Cyber Terrorism against the U.S. (CACTUS). He has been published in over 120 peer-reviewed publications in the areas of information assurance, malware analytics, digital forensics, data mining, and bioinformatics. He has a patent on Intelligent Agents for Distributed Intrusion Detection System and Method of Practicing. Mukkamala received his Bachelor of Engineering in Computer Science and Engineering from the University of Madras, before obtaining his Master of Science and Ph.D. in Computer Science from New Mexico Tech.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Doug White
Doug White
Professor at Roger Williams University
Jeff Man
Jeff Man
Information Security Evangelist at Online Business Systems
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

3. Hacking Matters Panel – PSW #677

Hacking matters. The term hacking has gotten away from us over the years. I believe we've reclaimed it, to a certain extent. The goal of this panel is to discuss all things hacking culture. What does it mean to be a hacker and how do we preserve the hacking ideology?

This segment is sponsored by Innocent Lives Foundation.

Visit https://securityweekly.com/ilf to learn more about them!

Sponsored By

Innocent Lives Foundation

Guests

Bill Swearingen
Bill Swearingen
Sr Cyber Strategist at IronNet Cybersecurity

Bill has devoted his career to protecting critical infrastructure and Fortune100 companies from advanced cyber threats. He brings direct experience with being on the front lines, and an in-depth understanding of the challenges our customers are faced with — and what problems they are wanting to solve. Bill has a proven track record of creating, developing, and managing strong technical teams needed to provide Incident Response, Digital Forensics, Vulnerability Assessment, Penetration Testing, and Policy enforcement for large (Fortune 150) corporations such as CenturyLink and Sprint.

Chloé Messdaghi
Chloé Messdaghi
VP of Strategy at Point3 Security

Chloé Messdaghi is the VP of Strategy at Point3 Security. In addition to her passion of keeping people safe and empowered both on and offline, she is also interested in increasing the numbers of marginalized genders in information security. She is the co-founder of Women of Security (WoSEC) and Hacking is NOT a Crime, and the founder of WeAreHackerz (WomenHackerz). She is a keynote speaker at major information security conferences and events, and serves as a trusted source for national and sector reporters and editors. She holds a Master of Science (M.S.) from The University of Edinburgh, and a BA in International Relations from University of California, Davis, as well as a Certificate in Entrepreneurship from Wharton and other professional certificates.

Cyndi Gula
Cyndi Gula
Partner at Gula Tech Adventures

Cyndi is a Managing Partner at Gula Tech Adventures which focuses on cyber technology, cyber policy and recruiting more people to the cyber workforce. Since 2017, GTA has invested in dozens of cyber start-ups and funds and supported multiple cyber nonprofits and projects. Cyndi is a cyber start up operations expert. She has started and run licensing, human resources, legal, facilities, accounting, marketing, channel, support and sales operations for both Tenable Network Security, which went public on the NASDAQ in 2018, and Network Security Wizards, where she was President and helped it grow to a successful exit 18 months after being founded. As a Gula Tech Adventures managing partner, she is helping our cyber start-ups scale and make important decisions about their organizational structure, facilities, product licensing, customer support, recruiting strategy, culture, managing their cash flow and having the processes in place to succeed and have fun.

John Loucaides
John Loucaides
VP Federal Technology at Eclypsium

John Loucaides is the VP of Research and Development at Eclypsium, the comprehensive cloud-based device security platform that protects enterprise devices all the way down to the firmware and hardware level. Headquartered in Portland, Oregon, the company was named to Fast Company’s annual list of the World’s Most innovative Security Companies for 2020, the CNBC Upstart 100 list, and Gartner’s Cool Vendor list for Security Operations and Threat Intelligence. John has extensive history in hardware and firmware threats from experience at Intel Corporation and the United States government. At Intel he served as the Director of Advanced Threat Research, Platform Armoring and Resiliency, PSIRT, and was a CHIPSEC maintainer. Prior to this, he was Technical Team Lead for Specialized Platforms for the federal government.

Ron Gula
Ron Gula
President at Gula Tech Adventures

Ron is President at Gula Tech Adventures which focuses on cyber technology, cyber policy and recruiting more people to the cyber workforce. Since 2017, GTA has invested in dozens of cyber start-ups and funds and supported multiple cyber nonprofits and projects. From 2002 to 2016, Ron was the co-founder and CEO of Tenable Network Security. He helped grow the company to 20,000 customers, raise $300m in venture capital and grow revenues to $100m, setting up the company for an IPO in 2018. Prior to Tenable, Ron was a cyber industry pioneer and developed one of the first commercial network intrusion detection systems called Dragon, ran risk mitigation for the first cloud company, was deploying network honeypots in the mid 90s for the DOD and was a penetration tester for the NSA and got to participate in some of the nation’s first cyber exercises. Ron is involved in a variety of cyber nonprofits and think tanks including Defending Digital Campaigns, the Center for Internet Security, the National Security Institute and the Wilson Center. In 2020, Ron was honored to receive the Northern Virginia Technology Council Cyber Investor of the Year award and the Baltimore Business Journal Power 10 CEO award.

Shane McCombs
Shane McCombs
COO at Innocent Lives Foundation

Shane comes to ILF with more than 25 years of experience in the tech industry, combined with more than a decade of experience in C-level roles. In those critical capacities, Shane led enterprise-wide initiatives within project management, customer relationship management and acquisition, policies and procedures, process improvement, and infrastructure. Shane is also an accomplished public speaker and trainer, focused on change management, professionalism, social engineering, and corporate security.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Doug White
Doug White
Professor at Roger Williams University
Jeff Man
Jeff Man
Information Security Evangelist at Online Business Systems
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security
prestitial ad