Hacker Valley Studio

Minutes to Meltdown: Cyber Recovery When It Counts with Chris Bevil

Tue, 07 Apr 2026 15:42:34 -0500

Most organizations are prepping for disaster recovery when they should be building for cyber recovery, and those are not the same thing.

Recorded live at RSAC Conference 2026, Ron sat down with Chris Bevil, Principal Security AI Strategist at Commvault, to break down what actually happens after a breach hits and why most teams are caught flat-footed.

Chris walks us through Commvault's Minutes to Meltdown tabletop exercise, why isolated recovery environments matter, and how clean data determines whether you get your company back in hours or in 200+ days.

This episode will tell you what separates a team that recovers from a team that unravels.

Impactful Moments
01:16 - Live at RSAC 2026 with Chris Bevil, Principal, Security AI Strategist at Commvault
01:40 - Minutes to Meltdown origin story
03:00 - What goes into a Meltdown?
04:48 - What happens in the first 30 minutes of chaos
07:00 - What Commvault actually does
08:21 - What is IRE? Isolated recovery environment breakdown
10:40 - What is Disaster Recovery in 2026?
13:00 - How cyber recovery differs from disaster recovery
14:20 - Where attackers go in the first 30 minutes
15:40 - The 3-2-1 rule and where teams fail
21:45 - What successful recovery looks like
25:14 - AI strategy at Commvault

Links
Connect with our guest, Chris Bevil, on LinkedIn: https://www.linkedin.com/in/chris-b-211998a/

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Building AI Governance Before the Incidents Hit with Guru Sethupathy

Wed, 01 Apr 2026 14:28:50 -0500

AI adoption is outpacing governance at every level, and the cost of waiting is getting higher by the day. Guru Sethupathy, General Manager of AI Governance at Optro and former Founder of FairNow, breaks down what it really takes to build trust in AI systems before things go sideways.

Guru lays out a simple but powerful 3 P’s Framework: policies, process, and people, connecting it to what teams are actually dealing with right now, from shadow AI to security threats that don’t look like anything we’ve seen before.

If 2026 is the year AI moves from experiments to real operations, this conversation is your blueprint for keeping it under control.

Impactful Moments
00:00 - Introduction
02:25 - What does Optro do? Helping companies with the AI governance journey.
03:10 - Why AI governance is really about trust, not control
05:15 - The moment AI went mainstream, and why that changed everything
05:50 - The three real business risks: performance, security, and transparency
07:30 - Human accountability in an AI-driven world
08:48 - What’s actually happening with AI regulation, EU, US, and standards
10:28 - Where Optro fits, orchestration vs monitoring in AI governance
13:05 - The 3 Ps framework: policies, process, and people
14:47 - Governance 101, why AI inventory is the first move every team misses
16:12 - The reality check, AI adoption is outpacing governance everywhere
17:45 - Shadow AI explained, what your team is doing that you can’t see
19:45 - Optro’s top use cases: visibility, compliance, and operationalizing governance
20:43 - Who owns AI governance, and why it’s becoming a team sport
22:20 - Final advice, start now or play catch-up later

Links
Connect with our guest, Guru Sethupathy, on LinkedIn: https://www.linkedin.com/in/guru-sethupathy/

Learn more about Optro: https://optro.ai/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

What Happens When Attackers Collaborate More Than Defenders? Ron Eddings Reporting Live from RSAC Conference

Tue, 31 Mar 2026 11:31:10 -0500

What happens when attackers collaborate better than defenders?

Recorded live from RSAC 2026, this solo episode with Ron breaks down the biggest themes shaping cybersecurity right now, from organized threat groups and massive data breaches to the growing tension between productivity and control inside modern organizations.

This conversation highlights a hard truth. The threat landscape is evolving through collaboration. From phishing-as-a-service platforms like Tycoon 2FA to supply chain breaches impacting entire ecosystems, attackers are sharing tools and moving faster than ever.

But there’s another side to the story. As AI becomes embedded in how work gets done, security teams are being pushed to rethink their role. Blocking tools is no longer enough. The real challenge is enabling the business while managing risk, and that requires trust, alignment, and a stronger sense of community across the industry.

This episode is a call to rethink how we approach security. Not as isolated teams enforcing policy, but as a connected community working together to adapt, respond, and move forward.

Impactful Moments
00:00 - Introduction, live from RSAC 2026
02:50 - Tycoon2FA and the rise of phishing-as-a-service
04:45 - The TELUS breach and what a petabyte-scale attack looks like
06:21 - Why you need strict controls … everywhere
07:30 - Are AI agents the new Shadow IT?
09:00 - The balance between productivity and security controls
09:27 - Boards’ demands for their teams to use AI
11:53 - Why leading security teams is more like parenting than policing
12:42 - Community is the foundation for the future of cybersecurity

Links
Connect with Ron Eddings on LinkedIn: https://www.linkedin.com/in/ronaldeddings/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

RSAC 2026: Show Up or Fall Behind

Fri, 20 Mar 2026 18:09:18 -0500

What does it mean when your smart doorbell becomes an entry point for surveillance? What happens when a single hacker can jailbreak every major AI model within hours of its release? And why are the same tools being used by both nation-state attackers and the defenders trying to stop them?

In this solo episode, Ron Eddings breaks down the urgent case for practitioner unity in cybersecurity, from AI-powered jailbreaking and IoT surveillance creep to geopolitical cyber operations. With RSAC 2026 just around the corner, this episode is a rallying cry for the community to come together, share intelligence, and build the defenses that no single team can build alone.

The episode also tackles one of the biggest misconceptions in the industry right now. AI already came for your job, but now it is changing how we define responsibility, decision-making, and trust. Add in rising pressure across the workforce, new legislation pushing for human oversight, and real-world examples of AI being used in global conflict, and the stakes become hard to ignore.

Impactful Moments
00:00 - Introduction
02:00 - Pliny the Elder, God Mode and AI Jailbreaks
03:30 - Cyber in US-Israeli Operations in Iran and Anthropic Tensions
06:00 - Cyber threats that are hitting normal people
07:30 - Is my Ring Doorbell a surveillance risk?
10:05 - Attackers are collaborating and sharing more than defenders today
11:30 - RSAC: the cyber Super Bowl
14:30 - AI has already replaced your job
14:30 - Why mental health is cybersecurity's hidden crisis
17:00 - Governance in AI and what Texas is doing about it
19:00 - Was Claude used in state-level ops?

Links
Connect with Ron Eddings on LinkedIn: https://www.linkedin.com/in/ronaldeddings/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

What’s Next After Building a $2.5B Cybersecurity Company with Dean Sysman

Mon, 16 Mar 2026 11:05:28 -0500

What does it look like when a cybersecurity founder who built a $2.5 billion company decides to level up, again? Dean Sysman, co-founder of Axonius, sits down with Ron Eddings to pull back the curtain on what it really took to go from zero to $100M ARR in four and a half years, and what came next.

Dean breaks down the founder mindset, the emotional weight of tying your identity to your company, and why he stepped into the Executive Chairman role while simultaneously pursuing a PhD in AI systems at Columbia University. He gets into how boxing taught him what solo performance reveals about leadership, why vulnerability is a non-negotiable skill at scale, and what it means to care about something bigger than yourself. This one hits differently if you're building, leading, or figuring out what your next chapter looks like.

Impactful Moments

00:00 – Introduction
05:00 – Boxing for charity: raising $55K
08:00 – Competitive by nature, born to build
10:00 – Solo performance sharpens team leadership
13:00 – Axonius: zero to $100M ARR in 4.5 years
15:00 – Founder identity tied to company success
21:00 – Purpose bigger than yourself fuels resilience
25:00 – Self-awareness as the #1 growth tool
28:00 – Executive Chairman + Columbia PhD pursuit
33:00 – Ron's personal reflection on founder identity

Links

Connect with our guest, Dean Sysman, on LinkedIn: https://www.linkedin.com/in/deansysman/
Check out our upcoming events: https://www.hackervalley.com/livestreams
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Can AI Do Your Cyber Job? Post Your Job Req and Find Out with Marcus J. Carey

Fri, 06 Mar 2026 16:20:24 -0600

Last episode, Ron and Marcus made predictions. This episode, they brought the receipts.

A journalist built an app with vibe coding and got hacked on live television.

A social network built entirely by AI (not a single line of human code!) exposed 1.5 million authentication tokens and private messages between agents.

And 88% of organizations have already had an AI security incident, while barely 14% of deployed agents ever saw a security review.

The warnings from last episode aged fast. Marcus J. Carey is back to talk about what that actually means for the people building right now, not the people theorizing about it. Ron and Marcus are in the code themselves, and this conversation is what that experience actually looks like: OpenClaw running loose on your machine, agents racking up API bills, and why guidance, not prompts, not tools, is the real skill that separates builders who thrive from builders who ship disasters.

Impactful Moments
00:00 - Introduction
02:00 - Vibe coding hack on live TV
03:30 - Mo Book leaks 1.5M auth tokens
06:00 - Marcus' origin story: War Games, 1983
08:00 - OpenClaw escapes the lab
13:30 - AT&T cuts help desk spend 90%
17:00 - Context is king, guidance is everything
19:00 - Can AI do your job rec right now?
24:00 - The first cybersecurity jobs agents will replace
27:00 - Expertise + AI = 1000x yourself
30:00 - Focus on outcomes, not new tools

Links
Connect with our guest, Marcus J. Carey, on LinkedIn: https://www.linkedin.com/in/marcuscarey/

Read the articles we referenced in this episode:
The vibe coding hack that aired on live TV, ICAEW breaks down exactly how it happened and what it means for anyone building with AI: https://www.icaew.com/insights/viewpoints-on-the-news/2026/feb-2026/cyber-dangers-of-agents-and-vibe-coding

88% of organizations have already had an AI security incident. See the full data from the Cisco State of AI Security 2026 report: https://www.helpnetsecurity.com/2026/02/23/ai-agent-security-risks-enterprise/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Why 69% of CISOs Are Ready to Walk Away with Anthony Johnson

Fri, 06 Mar 2026 16:19:31 -0600

The CISO role isn’t the finish line, it’s a launchpad. 69% of security executives are eyeing the exit, and Anthony Johnson is proof that what comes next can be even bigger.

Anthony Johnson, former Global CISO at JP Morgan and Fannie Mae, now founder and managing partner at Delve Risk, breaks down what really happens when a security leader stops buying tools and starts building companies. From the trap of unpaid advisory boards to why AI is eliminating the entry-level pipeline, Anthony delivers a no-nonsense look at career strategy, the future of fractional work, and why understanding how your company makes money is the most underrated skill in cybersecurity. If you’re a security practitioner at any level, this episode will change how you think about your next move.

Impactful Moments
00:00 - Introduction
01:00 - Meet Anthony Johnson
02:00 - 69% of CISOs want out
06:00 - Why Anthony left the CISO seat
09:00 - Revenue changes your security priorities
11:00 - Career paths after the CISO role
13:00 - The advisory board compensation trap
17:00 - AI’s threat to the talent pipeline
22:00 - Hiring for aptitude over competency
24:00 - Soft skills win in the AI era
29:00 - Corporate loyalty is dead—now what
31:00 - Networking that actually lands roles
34:00 - Know how your company makes money
36:00 - Ron’s personal reflection on freedom

Links
Connect with our guest, Anthony Johnson, on LinkedIn: https://www.linkedin.com/in/anthony-johnson-delverisk/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Securing the Workspace Attackers Already Live In with Rajan Kapoor

Thu, 19 Feb 2026 08:00:00 -0600

Your email gateway isn't enough anymore, attackers are already inside the workspace through OAuth apps, browser extensions, and account takeover.

In this episode, Ron sits down with Rajan Kapoor, VP of Security at Material Security, to break down the real risks hiding inside Google Workspace and Microsoft 365. They cover how phishing has evolved into full-blown business email compromise, why malicious OAuth apps are the new favorite attack vector, and what security teams, especially lean ones, can do right now to lock down their cloud workspace. Rajan also drops practical advice on passkeys, document sharing hygiene, and why data lifecycle management is a problem no one is solving well enough.

Impactful Moments
00:00 – Introduction
03:30 – The current state of phishing
05:30 – Outbound email compromise risk
09:30 – OAuth apps as attack vectors
15:00 – AI agents accessing your workspace
16:00 – Prompt injection is the new SQL injection
18:00 – Allow listing apps immediately
24:30 – Google Workspace vs Microsoft 365 security
27:30 – Custom detections require API expertise
28:00 – Why passkeys matter right now
32:00 – Data lifecycle management for shared docs

Links
Connect with our guest, Rajan Kapoor, on LinkedIn: https://www.linkedin.com/in/rajankkapoor/

Learn more about Material Security: https://material.security

___
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Beating “Checkbox Security” With Continuous Offense with Sonali Shah

Thu, 12 Feb 2026 08:00:00 -0600

Security doesn’t fail because you missed a tool, it fails because “secure today” tricks you into relaxing tomorrow. This episode exposes why the real fight isn’t compliance… it’s whether your defenses hold up once attackers hit you with machine-speed pressure.

Ron sits down with Sonali Shah, CEO of Cobalt, to talk about how human-led, AI-powered penetration testing is evolving into full-spectrum offensive security. Sonali shares how Cobalt can start a test in 24 hours, push findings directly into Slack/Teams and Jira, and use learnings from 5,000+ pentests a year to continuously sharpen what gets caught. The big takeaway: automation finds the easy stuff as humans find the business-logic traps and attack chains that actually break companies.

Impactful Moments
00:00 - Introduction
02:21- Sonali’s unexpected CEO path
06:10 - Compliance isn’t real security
10:19 - PTaaS: start in 24 hours
12:33- 5,000 pentests yearly scale
17:01 - Humans beat automation limits
20:16 - AI behavior vulnerabilities emerge
27:54 - Indirect prompt injection explained
30:51 - Why juniors + AI is risky
38:27 - 2026 becomes AI battleground

Links
Connect with Sonali on LinkedIn: https://www.linkedin.com/in/sonalinshah/

Check out Cobalt: https://www.cobalt.io

____
Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Turning Agent Chaos into a Command Center with Pedram Amini

Tue, 10 Feb 2026 08:00:00 -0600

Text threads made AI feel personal, then agents made it productive, and suddenly “success” turns into chaos you can’t even track.

In this episode, Ron sits down with Pedram Amini, creator of Maestro, to show what agent work looks like when you stop babysitting and start orchestrating. Pedram lays out why context windows are the limiter, why harnessing beats model-chasing right now, and how Auto Run executes task-docs with fresh context every iteration so agents can run for hours (or days) without melting down.

Impactful Moments
00:00 - Intro
02:05 - Codex desktop sparks agent shift
06:40 - Harness beats model iteration
08:10 - Context window: the hidden limiter
12:10 - Terminal sprawl creates agent chaos
14:05 - Maestro panels: agents, tabs, history
17:25 - Auto Run: fresh context per task
26:15 - “Donate tokens” via Symphony PRs
28:20 - AI tax debate gets spicy
33:05 - Start simple: download and run

Links
Connect with Pedram on LinkedIn: https://www.linkedin.com/in/pedramamini/

Check out Maestro for yourself: https://runmaestro.ai/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Why MFA Isn’t the Safety Net You Think It Is with Yaamini Barathi Mohan

Thu, 29 Jan 2026 08:00:00 -0600

Phishing didn’t get smarter, it got better at looking normal. What used to be obvious scams now blend directly into the platforms, workflows, and security controls people trust every day.

In this episode, Ron sits down with Yaamini Barathi Mohan, 2024 DMA Rising Star, to break down how modern phishing attacks bypass MFA, abuse trusted services like Microsoft 365, and ultimately succeed inside the browser. Together, they examine why over-reliance on automation creates blind spots, how zero trust becomes practical at the browser layer, and why human judgment is still the deciding factor as attackers scale with AI.

Impactful Moments

00:00 - Introduction
02:44 - Cloud infrastructure powering crime at scale
07:45 - What phishing 2.0 really means
12:10 - How MFA gets bypassed in real attacks
15:30 - Why the browser is the final control point
18:40 - AI reducing SOC alert fatigue
23:07 - Mentorship shaping cybersecurity careers
27:00 - Thinking like attackers to defend better
31:15 - When trust becomes the attack surface

Links

Connect with our guest, Yaamini Barathi Mohan, on LinkedIn: https://www.linkedin.com/in/yaamini-mohan/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

When Cybercrime Learned How to Make Money and Never Looked Back with Graham Cluley

Sun, 25 Jan 2026 08:00:00 -0600

Cybersecurity didn’t start as a billion-dollar crime machine. It started as pranks, ego, and curiosity. That origin story explains almost everything that’s breaking today.

Ron sits down with Graham Cluley, one of the earliest antivirus developers turned trusted cyber voice, to trace how malware evolved from digital graffiti into organized financial warfare. From floppy disks and casino-style viruses to ransomware, extortion, and agentic AI, the conversation shows how early decisions still shape today’s most dangerous assumptions. Graham also explains why AI feels inevitable, but still deeply unfinished inside modern organizations.

Impactful Moments
00:00 - Introduction
04:16 - Malware before money existed
07:30 - Cheesy biscuits changed cybersecurity
13:10 - When documents became dangerous
14:33 - Crime replaced curiosity
15:23 - Sony proved no one was safe
20:15 - Reporting hacks without causing harm
24:01 - AI replacing penetration testers
29:18 - Agentic AI shifts the threat model
36:30 - Why rushing AI breaks trust

Links
Connect with our guest on LinkedIn: https://www.linkedin.com/in/grahamcluley/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

When Automation Outruns Control with Joshua Bregler

Sun, 18 Jan 2026 08:00:00 -0600

AI doesn’t break security, it exposes where it was already fragile. When automation starts making decisions faster than humans can audit, AppSec becomes the only thing standing between scale and catastrophe.

In this episode, Ron sits down with Joshua Bregler, Senior Security Manager at McKinsey’s QuantumBlack, to dissect how AI agents, pipelines, and dynamic permissions are reshaping application security. From prompt chaining attacks and MCP server sprawl to why static IAM is officially obsolete, this conversation gets brutally honest about what works, what doesn’t, and where security teams are fooling themselves.

Impactful Moments
00:00 – Introduction
02:15 – AI agents create identity chaos
04:00 – Static permissions officially dead
07:05 – AI security is still AppSec
09:30 – Prompt chaining becomes invisible attack
12:23 – Solving problems vs solving AI
15:03 – Ethics becomes an AI blind spot
17:47 – Identity is the next security failure
20:07 – Frameworks no longer enough alone
26:38– AI fixing insecure code in real time
32:15 – Secure pipelines before production

Connect with our Guest
Joshua Bregler on LinkedIn: https://www.linkedin.com/in/breglercissp/

Our Links

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

The Day AI Stopped Asking for Permission with Marcus J. Carey

Thu, 15 Jan 2026 08:00:00 -0600

AI didn’t quietly evolve, it crossed the line from recommendation to execution. Once agents stopped advising humans and started acting inside real systems, trust replaced experimentation and consequences became unavoidable.

In this episode, Ron sits down with Marcus J. Carey, Principal Research Scientist at ReliaQuest, to examine what happens after AI is given authority: agents running in production, prompt debt replacing technical debt, vibe coding accelerating risk, and maintenance emerging as the true bottleneck. Together, they discuss how cybersecurity, software engineering, and the job market are shifting now that AI operates with autonomy, often faster than organizations can explain what their systems are actually doing.

Impactful Moments
00:00 - Introduction
02:26 - AI agents cross into production
03:35 - Trust boundaries become attack surfaces
6:46 - Vibe coding and hidden technical debt
09:22 - Prompt debt changes everything
17:40 - Why junior knowledge disappears
19:00 - AI replaces repetitive cyber workflows
23:43 - Coding becomes human leverage
29:30 - Fall in love with the problem

Connect with our guest, Marcus J. Carey:

LinkedIn https://www.linkedin.com/in/marcuscarey/

X https://x.com/marcusjcarey

Articles and Books Mentioned:

Article used for discussion: https://www.techradar.com/pro/security/this-webui-vulnerability-allows-remote-code-execution-heres-how-to-stay-safe

Atomic Habits: https://jamesclear.com/atomic-habits-summary

Fall in Love with the Problem, Not the Solution: https://sobrief.com/books/fall-in-love-with-the-problem-not-the-solution

Our Links:
Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

When AI Ships the Code, Who Owns the Risk with Varun Badhwar and Henrik Plate

Thu, 08 Jan 2026 08:00:00 -0600

AI isn’t quietly changing software development… it’s rewriting the rules while most security programs are still playing defense. When agents write code at machine speed, the real risk isn’t velocity, it’s invisible security debt compounding faster than teams can see it.

In this episode, Ron Eddings sits down with Varun Badhwar, Co-Founder & CEO of Endor Labs, and Henrik Plate, Principal Security Researcher of Endor Labs, to break down how AI-assisted development is reshaping the software supply chain in real time. From MCP servers exploding across GitHub to agents trained on insecure code patterns, they analyze why traditional AppSec controls fail in an agent-driven world and what must replace them.

This conversation pulls directly from Endor Labs’ 2025 State of Dependency Management Report, revealing why most AI-generated code is functionally correct yet fundamentally unsafe, how malicious packages are already exploiting agent workflows, and why security has to exist inside the IDE, not after the pull request.

Impactful Moments
00:00 – Introduction
02:00 – Star Wars meets cybersecurity culture
03:00 – Why this report matters now
04:00 – MCP adoption explodes overnight
10:00 – Can you trust MCP servers
12:00 – Malicious packages weaponize agents
14:00 – Code works, security fails
22:00 – Hooks expose agent behavior
28:30 – 2026 means longer lunches
33:00 – How Endor Labs fixes this

Links
Connect with our Varun on LinkedIn: https://www.linkedin.com/in/vbadhwar/

Connect with our Henrik on LinkedIn: https://www.linkedin.com/in/henrikplate/

Check out Endor Labs State of Dependency Management 2025: https://www.endorlabs.com/lp/state-of-dependency-management-2025

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Think Like a Hacker Before the Hack Happens with John Hammond

Thu, 01 Jan 2026 08:00:00 -0600

What if the most dangerous hackers are the ones who never touch a keyboard? The real threat isn't just about stolen credentials or ransomware; it's about understanding how attackers think before they even strike. In cybersecurity, defense starts with offense, and the best defenders are those who've walked in the hacker's shoes.

In this episode, Ron sits down with John Hammond, principal security researcher at Huntress and one of cybersecurity's most recognizable educators. John shares his journey from Coast Guard enlistee to YouTube creator, building an entire media company around ethical hacking. They dig into the balance between public research and responsible disclosure, the rise of AI-augmented attacks, and why identity is now the biggest attack surface in modern enterprises.

Impactful Moments:
00:00 - Introduction
01:00 - AI weaponized in cyber espionage
05:00 - Learning by teaching publicly
09:00 - Balancing curiosity with responsible disclosure
13:00 - Building a creator company
16:00 - Identity as the new frontier
20:00 - AI agents running breach simulations
22:00 - Predictions for cybersecurity in 2026
25:00 - Ron's hacking habit confession

Links:
John Hammond LinkedIn: https://www.linkedin.com/in/johnhammond010/
John Hammond Youtube: https://www.youtube.com/@_JohnHammond

Article for Discussion: https://www.reuters.com/world/europe/russian-defense-firms-targeted-by-hackers-using-ai-other-tactics-2025-12-19/
Check out our upcoming events: https://www.hackervalley.com/livestreams
Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Breaking Into Banks and Bypassing Modern Security with Greg Hatcher and John Stigerwalt

Thu, 18 Dec 2025 08:00:00 -0600

Three banks in four days isn't just a bragging right for penetration testers. It's a wake-up call showing that expensive security tools and alarm systems often fail when tested by skilled operators who understand both human behavior and technical vulnerabilities.

Greg Hatcher and John Stigerwalt, co-founders of White Knight Labs, talk about their latest physical penetration tests on financial institutions, manufacturing facilities protecting COVID-19 vaccine production, and why their new Server 2025 course had to rewrite most common Active Directory tools. They share stories of armed guards, police gun draws, poison ivy reconnaissance, and a bag of chips that saved them from serious trouble. The conversation reveals why EDR alone won't stop ransomware, how offline backups remain the exception rather than the rule, and what security controls actually work when attackers bring custom tooling.

Impactful Moments:

00:00 - Intro
01:00 - New training courses launched
03:00 - Server 2025 breaks standard tools
05:00 - COVID facility physical penetration
07:00 - Armed guards change the game
10:00 - Police draw guns on operators
13:00 - Bag of chips saves the day
15:00 - Nighttime versus daytime physical tests
18:00 - VIP home security assessments
20:00 - 2026 threat predictions
22:00 - Why EDR doesn't stop ransomware
27:00 - Low cost ransomware simulation ROI
29:00 - Three banks in four days
32:00 - Deepfake as the new EDR

Links:

Connect with our guests –
Greg Hatcher: https://www.linkedin.com/in/gregoryhatcher2/
John Stigerwalt: https://www.linkedin.com/in/john-stigerwalt-90a9b4110/
Learn more about White Knight Labs: https://www.whiteknightlabs.com

Check out our upcoming events: https://www.hackervalley.com/livestreams
Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Defending Your Cyber Systems and Your Mental Attack Surface with Chris Hughes

Thu, 11 Dec 2025 08:00:00 -0600

When your firewall forgets to buckle up, the crash doesn’t happen in the network first, it happens in your blindspots.

In this episode, Ron is joined by returning guest Chris Hughes, Co-Founder of Aquia and host of the Resilient Cyber podcast. Chris helps reframe vulnerability work as exposure management, connect technical risk to human resilience, and break down the scoring and runtime tools security teams actually need today. Expect clear takeaways on EPSS, reachability analysis, ADR, AI’s double-edged role, and the one habit Chris swears by as a CEO. This episode fuses attack-surface reality with mental-attack-surface strategy so you walk away with both tactical moves and daily practices that protect systems and people.

Impactful Moments:
00:00 - Intro
02:00 - Breaking: Fortinet WAF zero-day & visibility lesson
05:00 - Meet Chris Hughes: CEO, author, Resilient Cyber host
08:00 - Mental attack surface explained and why it matters
18:00 - From CVSS to EPSS, reachability, and ADR realities
21:00 - AI as force-multiplier for attackers and defenders
24:30 - Exposure vs vulnerability naming, market trends
26:00 - Chris’s book & how to follow his work
30:00 - Ron’s solo: 3 pillars to patch your mindset
34:00 - Closing takeaways and subscribe reminder

Links:
Connect with our guest, Chris Hughes, on LinkedIn: https://www.linkedin.com/in/resilientcyber/

Check out the article on the Fortinet exploit here: https://www.helpnetsecurity.com/2025/11/14/fortinet-fortiweb-zero-day-exploited/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Thriving Beyond Human Labor with Context-Powered AI with Daniel Miessler

Thu, 04 Dec 2025 08:00:00 -0600

The real disruption isn’t AI replacing humans, it’s the shocking possibility that human labor was the economic bubble all along.

In this episode, Ron Eddings sits down with Daniel Miessler, founder of Unsupervised Learning and longtime security leader, to break open why companies are hitting record profits with shrinking workforces, and what that means for your future. Daniel shares how AI agents, context management, and his Telos problem-first framework are reshaping what it means to create value in the modern economy. From Apple to Human 3.0, Daniel explains why building in public, learning fast, and solving real problems are the ultimate career edge in an AI-powered world.

Impactful Moments:
00:00 - Introduction
02:00 - Jobless profit boom accelerates
05:00 - Daniel's AI journey at Apple
08:00 - Building careers around problems
12:00 - AI bubble or timing problem
15:00 - Nine-year-old codes app in two hours
18:00 - Human labor is the bubble
22:00 - Context management changes everything
26:00 - Adaptation equals survival

Links:
Daniel’s Website: danielmiessler.com/
Daniel’s Github: https://github.com/danielmiessler/
Daniel’s LinkedIn: https://www.linkedin.com/in/danielmiessler/

Upcoming events: https://www.hackervalley.com/livestreams
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Building EDR for AI: Controlling Autonomous Agents Before They Go Rogue with Ron Eddings

Tue, 02 Dec 2025 11:31:44 -0600

AI agents aren't just reacting anymore, they're thinking, learning, and sometimes deleting your entire production database without asking. The real question isn't if your AI agent will be hacked, it's when, and whether you'll have the right hooks in place to stop it before it happens.

In this episode, Ron breaks down the ChatGPT Atlas vulnerability that shocked researchers, revealing how malicious prompts can turn AI assistants against their own users by bypassing safeguards and accessing file systems. He presents his new talk "Hooking Before Hacking," introducing a framework for applying EDR principles, prevention, detection, and response, to AI agents before they execute unauthorized commands. From pre-tool use hooks that catch malicious intent to one-time passwords that put humans back in the loop, this episode shares practical security controls you can implement today to prevent your AI agents from going rogue.

Impactful Moments:

00:00 - Introduction
02:00 - ChatGPT Atlas vulnerability exposed
04:00 - AI technology outpacing security guardrails
05:00 - Guardrail jailbreaks and prompt injection
06:00 - AI agents deleting production databases
07:00 - EDR principles for AI agents
09:00 - Pre-tool use hooks catch intention
11:00 - User prompt sanitization prevents leaks
14:00 - One-time passwords for agent workflows
16:00 - Automation mistakes across 10 years

Links:

Connect with Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/

Check out the entire article here: https://www.yahoo.com/news/articles/cybersecurity-experts-warn-openai-chatgpt-101658986.html

GitHub Repository: https://hackervalley.com/hooking-before-hacking

See Ron's "Hooking Before Hacking" presentation slides here: http://hackervalley.com/hooking-before-hacking-presentation

Check out our website: https://hackervalley.com/

Upcoming events: https://www.hackervalley.com/livestreams

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Can AI Run Your SOC Better Than You? with Ahmed Achchak

Thu, 13 Nov 2025 08:00:00 -0600

What if your security team never missed a single alert and actually had time to think strategically?

In this episode, Ahmed Achchak, CEO and Co-Founder of Qevlar AI, reveals how autonomous SOCs are reshaping security operations worldwide. From tackling alert fatigue to empowering analysts with intelligent AI-driven investigations, Ahmed shares the inside story of building a system that can act on threats faster than any human alone. Learn how Qevlar’s innovative approach is giving organizations clarity, control, and measurable ROI while freeing security teams to focus on what truly matters.

Impactful Moments
00:00 - Introduction
01:30 - Founding Qevlar AI by chance
03:30 - Inefficiency of current SOCs
05:00 - Augmenting analysts, not replacing them
08:00 - AI investigating alerts at scale
11:30 - How autonomous agents handle phishing
14:30 - Why tackling all alerts maximizes ROI
17:30 - Graph technology as investigation backbone
25:00 - Limitations and randomness of LLMs
30:30 - Advice for testing AI in SOCs

Links
Connect with our guest Ahmed on LinkedIn: https://www.linkedin.com/in/ahmed-achchak-872554109/

Check out Qevlar’s website: https://www.qevlar.com/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Making Cybersecurity Marketing Creative (and a Little Sexy) with Maria Velasquez

Thu, 06 Nov 2025 08:00:00 -0600

Who said cybersecurity had to be serious? The future of cyber is creative, human, and even a little sexy.

In this special 400th episode, Ron Eddings celebrates six incredible years of Hacker Valley Studio with one of cyber’s most creative voices, Maria Velasquez, Co-Founder of the Cybersecurity Marketing Society and Co-Host of Breaking Through in Cybersecurity Marketing. Together, they discuss how bold storytelling, authentic community, and a touch of fun are reshaping the way we connect in cybersecurity. Maria opens up about turning burnout into purpose, building a 4,000-strong global movement, and why the next frontier in cyber might just be entertainment.

Impactful Moments:

00:00 - Introduction

02:00 - CISA layoffs and collaboration fragility

04:00 - Welcoming Maria Velasquez

06:00 - How loneliness sparked a global community

08:00 - Why collaboration fuels cybersecurity growth

10:00 - When cybersecurity marketing was “boring”
12:00 - The rise of creativity and brand power

14:00 - Story behind Torque’s “Kill the S.O.A.R” campaign

15:00 - Making cybersecurity emotional and human

17:00 - Maria’s advice for bold marketing leaders

18:00 - The next big thing: experiential marketing

20:00 - Inside Cyber Marketing Con 2025

24:00 - Final reflections on community and creativity

27:00 - Ron’s takeaways: connection drives innovation

Links:

Connect with Maria on LinkedIn: https://www.linkedin.com/in/maria-vepa/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

How to See Your Organization Like a Hacker with Chris Dale

Thu, 30 Oct 2025 08:00:00 -0500

To defend like a human, you first have to think like a hacker.

In this episode, Ron Eddings sits down with Chris Dale, Co-Founder and Chief Hacking Officer at River Security, to explore the human side of hacking, where curiosity, persistence, and vigilance meet defense. Chris shares how the traditional idea of penetration testing has evolved into a continuous journey of discovery, and why reconnaissance and storytelling are critical tools for modern defenders. From real-world breach stories to lessons on trust and responsibility, this episode reveals how thinking like a hacker, and acting like a human can transform the way we approach cybersecurity.

Impactful Moments
00:00 - Introduction and massive breach overview
03:00 - Trusted systems become exposure points
05:00 - Meet Chris Dale of River Security
07:00 - The problem with traditional pen testing
08:30 - Continuous reconnaissance and real-world risk
10:00 - Knowing yourself as a security principle
13:00 - The meaning of continuous vigilance
15:00 - Turning cybersecurity lessons into stories
18:00 - Storytelling and mindset in defense
19:30 - Final takeaways on fundamentals and vigilance

Links:
Connect with our Chris on LinkedIn: https://www.linkedin.com/in/chrisad/

Read the Tech Radar article here: https://www.techradar.com/pro/security/f5-breach-fallout-over-266-000-instances-exposed-to-remote-attacks

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Coding by Vibe: The Future of AI-Built Security with Ron Eddings

Fri, 24 Oct 2025 11:46:55 -0500

When code meets intuition, innovation gets personal. But what happens when we let AI vibe with our ideas?

In this episode, Ron Eddings covers the rise of AI-driven development from Vibe Coding, where natural language shapes real code, to the emerging Model Context Protocols (MCPs) that redefine how apps talk to AI. He breaks down the recent Figma MCP vulnerability to discuss how creativity and security now collide in surprising ways. With hands-on insights using Raycast and practical steps for building responsibly, Ron takes you inside a new era where human intuition and machine intelligence truly build together.

Impactful Moments

00:00 - Introduction
01:00 - The Figma vulnerability explained
03:00 - Why MCP security matters
05:00 - What vibe coding really means
07:00 - Writing with intention and context
08:00 - The power of structured prompting
10:00 - How MCP connects everything
12:00 - Why adoption is skyrocketing
15:00 - Setting up an MCP server
17:00 - Agents, actions, and security trust
19:00 - The real takeaway: curiosity with caution
30:00 - Predictions on OpenAI’s upcoming browser
33:00 - The profit battle between OpenAI and Microsoft
35:00 - Windsurf’s rollercoaster of acquisitions

Links:
Connect with our Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/

Check out the Hacker News article here:
https://thehackernews.com/2025/10/severe-figma-mcp-vulnerability-lets.html?m=1

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Learning How to Learn: Mastering the Cyber Fundamentals with Rich Greene

Thu, 16 Oct 2025 05:00:00 -0500

The real edge in cybersecurity isn’t found in new tools, it’s built through timeless fundamentals and a mindset that never stops learning.

In this episode, Ron sits down with Rich Greene, Senior Solutions Engineer and Instructor at SANS Institute, to uncover how true cyber value starts with skills, curiosity, and mindset. Rich shares his remarkable story of surviving a battlefield injury, retraining his brain, and how that journey shaped his approach to mastering cybersecurity. Together, they connect real-world lessons like the recent Discord breach to the core truth that even advanced systems depend on people who master the basics.

Impactful Moments
00:00 - Introduction
02:00 - Discord breach and third-party risk
05:00 - Meet Rich Greene from SANS
06:00 - The power of mastering fundamentals
07:00 - Learning how to learn
08:30 - Rich’s story of rebuilding his memory
11:00 - Forcing the brain to grow stronger
12:00 - Top skills that get you paid
14:00 - Skills that lead to fulfillment
16:00 - Fundamentals that fuel long-term success
17:00 - The OSI model decoded
20:00 - Why operating systems matter
21:00 - Security operations fundamentals
23:00 - Why cloud is the #1 must-learn skill
25:00 - Final advice: sharpen your fundamentals

Links
Connect with our Rich on LinkedIn: https://www.linkedin.com/in/secgreene/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

How AI Elevates Cyber Hygiene with Jason Rebholz

Fri, 10 Oct 2025 05:00:00 -0500

What if protecting your digital twin becomes the new cyber hygiene?

In this week's episode, Ron welcomes back cybersecurity leader Jason Rebholz, CEO of Evoke, to discuss how AI is reshaping the fundamentals of cyber hygiene. From data breaches and deepfakes to everyday habits that protect our digital lives, Jason shares how small actions and smarter use of AI can make all the difference. Together, they uncover how our growing digital footprints are giving rise to digital twins, AI replicas that can mirror our behaviors, voices, and even decisions, and what that means for the future of trust, identity, and security.

Impactful Moments:
00:00 - Introduction
01:00 - The Neon app data leak story
03:00 - Why our voices are the new passwords
05:00 - How AI can strengthen cyber hygiene
07:00 - Jason’s mission to secure AI systems
09:00 - AI as a force multiplier for defenders
11:00 - Deepfakes and the new social engineering playbook
13:00 - Attackers’ use of AI and what it means for us
15:00 - The rise of digital twins and identity threats
19:00 - How to defend against “yourself” online
20:00 - Final reflection: Trust in the AI age

Links:
Connect with Jason on LinkedIn: https://www.linkedin.com/in/jrebholz/

Check out the TechCrunch article on the Neon app data leak story: https://techcrunch.com/2025/09/25/viral-call-recording-app-neon-goes-dark-after-exposing-users-phone-numbers-call-recordings-and-transcripts/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Securing Software at AI Speed with Varun Badhwar

Thu, 02 Oct 2025 05:00:00 -0500

The biggest security threat isn’t in the cloud, it’s hidden in the code you trust the most.

In this episode, Ron sits down with Varun Badhwar, Co-Founder & CEO of Endor Labs, who shares why research shows that nearly 80–90% of application code comes from open source and third-party libraries, not your own developers. Varun discusses the unseen risks of AI-generated software, how attackers can now weaponize vulnerabilities in hours, and why precision in security matters more than ever. He also reveals how AI can be both the ultimate accelerator and the ultimate weakness in modern development.

Impactful Moments:
00:00 - Introduction
02:00 - Varun’s journey from RedLock to Endor Labs
04:00 - Why the software supply chain is broken
07:00 - AI coding assistants and insecure code risks
10:00 - The NPM self-replicating worm discovery
13:00 - Simple controls to enforce Zero Trust in code
16:00 - Pairing AI with security to prevent slop
19:00 - AI-powered security code reviews explained
22:00 - Why 88% of code goes unused
26:00 - Developer efficiency as the new security metric
29:00 - The next wave of AI-driven software threats

Links:
Connect with our Endor on LinkedIn: https://www.linkedin.com/in/vbadhwar/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

The End of Search and the Rise of AI Browsers and Voices with Ron Eddings

Thu, 25 Sep 2025 05:00:00 -0500

Search engines aren’t dying quietly, they’re being replaced in real time by AI browsers and voice agents.

AI isn’t just answering questions anymore; it’s acting for us. In this episode, Ron Eddings explores how tools like NanoBrowser and Comet are reshaping browsing, why Google may be in trouble, and how AI voices are becoming the new interface for productivity. From breakthroughs to risks, this is a front-row look at how AI agents are changing how we work, connect, and live online.

Impactful Moments:
00:00 - Introduction
01:00 - AI agents as everyday tools
02:00 - Testing AI-powered browsers
03:00 - Comet: AI browser from Perplexity
04:30 - Why Google should be worried
05:30 - Real-world tasks for AI browsers
07:00 - Automating cybersecurity inventory
09:00 - Comet in action on LinkedIn
10:00 - Testing for malicious exploits
11:00 - Risks of persuasive AI prompts
12:00 - The rise of voice agents
13:30 - First real-world AI voice experience
15:00 - Security concerns with customer data
16:30 - Double-edged sword of AI adoption
17:30 - System prompt leakage vulnerabilities
18:00 - Why voice could shrink attack surfaces

Links:
Connect with Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/

Check out NanoBrowser: https://nanobrowser.ai/

Check out Comet by Perplexity: https://www.perplexity.ai/comet

Read the article ‘No more links, no more scrolling - the browser is becoming an AI Agent.’ here: https://venturebeat.com/ai/no-more-links-no-more-scrolling-the-browser-is-becoming-an-ai-agent

Read the article ‘How Voice AI Prompt Injection Threatens Enterprise Security’ here: https://www.teneo.ai/blog/how-voice-ai-prompt-injection-threatens-enterprise-security

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Where Automation Ends, Cyber Ingenuity Begins with Phillip Wylie

Thu, 18 Sep 2025 05:00:00 -0500

Some tools replace tasks. Others reshape the way we think about security.

In this episode, Ron welcomes back Phillip Wylie, one of the most respected voices in offensive security, author, educator, and longtime friend of the Hacker Valley community. With over 27 years of experience across cybersecurity disciplines, Phillip has guided thousands of professionals through his books, talks, and mentorship.

He shares how AI is reshaping pen testing and red teaming, the value of automating away repetitive tasks, and why the fundamentals of security will always matter. From defining red teaming in 2025 to guiding newcomers on how to break in, Phillip delivers insights that balance cutting-edge innovation with timeless wisdom.

Impactful Moments:
00:00 - Introduction
01:00 - Why Phillip keeps podcasting
03:00 - AI opportunities in pen testing
04:30 - What automation should replace
06:00 - Red teaming vs pen testing in 2025
08:00 - Defining adversary emulation
10:40 - Building the ideal AI assistant
15:00 - The best AI use cases today
18:30 - AI-driven threat modeling
21:00 - Breaking into pen testing now
25:00 - Building a portfolio and personal brand
27:30 - Why in-person networking still matters

Links:
Connect with Phillip on LinkedIn: https://www.linkedin.com/in/phillipwylie/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

The Power of Showing Up: Daily Streams, Big Impact with Gerald Auger

Thu, 11 Sep 2025 05:00:00 -0500

What if showing up with consistency could spark opportunities, create careers, and build a global movement?

In this episode, Ron sits down with Gerald Auger, Ph.D., cybersecurity educator, content creator, and founder of Simply Cyber. Gerald shares how his daily livestream grew into a thriving community, why consistency is the key to influence, and how AI is reshaping the way cyber professionals work.

From building SimplyCyberCon to launching a new pentesting venture, Gerry’s journey is a masterclass in community, creativity, and courage. This episode is filled with inspiration and practical takeaways for anyone ready to grow their career, brand, or business in cybersecurity.

The Rise of the Autonomous Blue Team with Vineet Edupuganti

Thu, 04 Sep 2025 06:00:00 -0500

What if defenders had their own AI-powered task force, always on, always adapting, and finally one step ahead of attackers?

In this episode, Ron welcomes Vineet Edupuganti, Founder and CEO of Cogent Security, to discuss how AI agents are rewriting the rules of cybersecurity. Vineet shares why traditional vulnerability management is fundamentally broken, why exposure management matters more than ever, and how Cogent is building an “AI Task Force” to give defenders the edge. From his early days in machine learning to reshaping the future of cyber defense, Vineet breaks down the urgent need for automation, context-driven insights, and explainable AI in security.

Impactful Moments:
00:00 - Introduction
02:00 - Vineet’s journey into AI and cyber
04:30 - Why vulnerability management is broken
06:10 - Generative AI as a defender’s edge
08:20 - Why AI agents outperform brittle automation
09:45 - The first use cases for Cogent’s agents
12:00 - Rethinking tier-one SOC analyst roles
13:30 - The rise of exposure management (CTEM)
17:10 - Cogent’s vision for an AI task force
18:30 - Early wins and insights with Cogent
20:00 - Biggest misconceptions about AI in security
23:00 - What enterprises should demand from vendors
25:00 - Why explainability is essential in AI systems
27:00 - Startups vs incumbents in cybersecurity innovation
29:30 - Why enterprises must invest in AI now

Links:
Connect with our guest, Vineet Edupuganti, on LinkedIn: https://www.linkedin.com/in/vineetedupuganti

Learn more about Cogent Security: https://www.cogent.security

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Turning AI Into Your Super Tool with Ron Eddings

Thu, 28 Aug 2025 05:00:00 -0500

AI is neither friend nor foe, it’s both. The way we choose to use it determines whether it helps or harms.

In this solo episode, Ron Eddings shares lessons from his first job at a grocery store, his early days in cybersecurity, and today’s AI-driven landscape. From productivity hacks like meeting transcription, to creative tools like content-aware editing, to the dark side of phishing and deepfakes, Ron shows why human judgment remains the ultimate defense. This is a passionate reminder that the real power isn’t in the tools, it’s in us.

Impactful Moments
00:00 - Introduction
01:15 - AI is the tool, not the toolbox
03:00 - A grocery store scam that taught a life lesson
06:00 - The irreplaceable role of human judgment
07:30 - First cybersecurity job at Booz Allen Hamilton
09:00 - How AI boosts productivity with meeting transcription
12:00 - Creative shortcuts with AI in image and video editing
15:00 - Vibe coding and generative red teaming
17:30 - AI-powered phishing and scam emails
18:50 - Testing a deepfake voice on Ron’s mom
21:30 - Why curiosity and skepticism beat AI deception
22:30 - Final challenge: don’t serve AI—make AI serve you

Links:
Connect with our Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/

Mentorship to Mastery: AI and Community Lessons with Ron Eddings

Thu, 21 Aug 2025 05:00:00 -0500

AI might analyze your logs in seconds, but only the community can put you in the room that changes your career.

In this solo episode, Ron Eddings discusses the powerful balance between human connection and artificial intelligence in shaping the future of cybersecurity and beyond. From the sacrifices that sparked his career to the mentors who opened doors, Ron shares personal stories that show why community will always be your ultimate competitive edge, even as AI advances into the SOC. He also runs live AI experiments on ransomware response and log analysis, revealing what AI can (and can’t) do for practitioners right now.

Impactful Moments:

00:00 - Introduction
02:00 - Why community is your first advantage
03:30 - The sacrifice that launched Ron’s career
04:40 - Meeting mentor Marcus Carey
06:00 - Early opportunities in cybersecurity
07:00 - The power of hacker spaces
09:00 - How mentors open hidden doors
10:00 - RSA and Black Hat as career accelerators
13:00 - The most underrated LinkedIn feature
15:00 - The HVS mastermind community
16:00 - Reality check on GPT-5
18:00 - AI builds an IR playbook
20:00 - Critical do’s and don’ts in incident response
23:00 - Why hallucinations matter in cybersecurity AI
25:00 - AI makes sense of raw logs
28:00 - Can AI replace tier one analysts?
30:00 - Where AI still falls short
31:00 - Final challenge: Strengthen your community

Links:

Connect with our Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/

Check out the links to the OpenAI ChatGPT threads here:
Incident Analysis Summary: https://chatgpt.com/share/689fa61f-3498-8006-9989-ff8221f97b01

Ransomware Incident Playbook: https://chatgpt.com/share/689fa63f-86ec-8006-8355-642d4d38808e

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

From MCP Risks to AI Jailbreaks with Marco Figueroa

Thu, 14 Aug 2025 05:00:00 -0500

When AI agents move faster than security teams, the game changes, and the risks multiply.

Ron welcomes back Marco “Mystic Marc” Figueroa, Program Manager at Mozilla’s 0DIN Program, to continue the conversation and update on 2025’s most pressing AI and cybersecurity shifts. From the explosive rise of AI agents and OpenAI’s rumored browser to the hidden dangers of MCP implementations and prompt injection exploits like the Gemini attack, Marco shares insights that security pros can’t afford to miss.

Impactful Moments
00:00 - Introduction
02:00 - Why 2025 is the year of the agent
05:45 - MCP’s rapid adoption and security risks
10:00 - The Gemini prompt injection vulnerability
15:00 - How attackers hide malicious AI prompts
18:00 - High success rates in non-technical teams
22:00 - Rise of voice-based AI scams
25:00 - Using jailbreaks to bend AI to your needs
30:00 - Predictions on OpenAI’s upcoming browser
33:00 - The profit battle between OpenAI and Microsoft
35:00 - Windsurf’s rollercoaster of acquisitions

Links:
Connect with our guest Marco on LinkedIn: https://www.linkedin.com/in/marco-figueroa-re/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Debt vs. Risk: What the SharePoint Breach Taught Us with Ron Eddings

Thu, 07 Aug 2025 05:00:00 -0500

The riskiest move in cybersecurity? Playing it too safe. In this solo episode, Ron Eddings redefines the way we think about technical debt, risk, and missed opportunities, in security and in life.

Ron reframes the debt vs. risk paradigm through the lens of the SharePoint breach, personal milestones, and co-founding Hacker Valley. With sharp insights, personal stories, and a call to action for every listener, he shows how curiosity and calculated risk are the true drivers of innovation.

Impactful Moments
00:00 - Introduction
01:10 - Why debt vs. risk matters now
02:20 - What the SharePoint breach taught us
04:15 - Risk avoidance creates deeper debt
05:10 - Clear definitions: risk vs. debt
06:30 - Hidden costs of deferring decisions
08:15 - Leaving $200k salary to build Hacker Valley
10:00 - Long-term founder debt explained
11:08 - When comfort becomes dangerous
12:00 - Curiosity as a leadership skill
13:10 - What you’re not seeing yet
14:30 - Final thought: reflect and reassess

Links:
Connect with our Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/

The Future of Cyber Talent Is African with Confidence Staveley

Thu, 31 Jul 2025 05:00:00 -0500

The world’s youngest continent is also its most untapped resource. Confidence Staveley, Founder of CyberSafe, makes a powerful case for why Africa’s youth are the answer to global cybersecurity and AI innovation… if we’re bold enough to invest.

In this episode, Ron welcomes back cybersecurity leader and advocate Confidence Staveley for a discussion on purpose-driven innovation, talent development, and AI-powered awareness tools. Confidence shares updates on her nonprofit work, her bold new ventures including AI Cyber Magazine, and how she's helping shape Africa into a tech talent hub. With global budget cuts hitting nonprofits and marginalized communities, Confidence shares how Africa’s innovators, who are often excluded from the table, are building their own tables, making their impact impossible to ignore, and shaping cybersecurity’s future on their terms.

Impactful Moments

00:00 - Introduction
02:00 - Her Difference Makers Award speech
04:00 - Partnering with SANS for bigger impact
06:01 - Global DEI backlash and ripple effects
10:00 - Why Africa is the future of tech
13:01 - Innovation with limited resources
17:10 - AI Cyber Magazine and its mission
19:00 - Building AI-powered awareness tools
21:00 - The African adage on self-renewal
22:10 - How sharing knowledge builds trust

Links

Connect with our guest, Confidence Staveley: https://www.linkedin.com/in/confidencestaveley/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Compliance Isn’t the Enemy with Jeff Man

Thu, 24 Jul 2025 05:00:00 -0500

Is compliance just a checkbox, or the backbone of real security?

Returning to the show with decades of hard-earned insight, Jeff Man makes the case that compliance, especially PCI-DSS, isn't just a formality; it's foundational to modern security. As one of the original architects of the NSA Red Team and a 20-year PCI veteran, Jeff explains how this often-misunderstood framework has shaped everything from pen testing to vendor accountability.

Ron and Jeff unpack the six core goals of PCI, how red teams and SaaS builders are directly affected, and why many security teams resist compliance efforts, despite relying on them to get essential buy-in and funding.

Impactful Moments:

00:00 – Introduction
01:00 – Does compliance equal security?
02:09 – Jeff returns with PCI firepower
03:15 – Defining security vs. compliance
05:33 – “Show me what you’re doing”
06:45 – Six goals at PCI’s core
10:45 – Security is watching, not reacting
13:30 – Companies secure because they have to
15:00 – PCI gave red teams their jobs
16:30 – Stripe and Square absorb PCI burden
19:30 – PCI 4.0 causes confusion
21:00 – Vendors aren’t your trusted advisors
22:30 – “Hate me, but I’ll help”

Links:

Connect with our guest, Jeff Man: https://www.linkedin.com/in/jeffreyeman/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

What Makes a Great CISO? A Playbook from Gary Hayslip

Thu, 17 Jul 2025 05:00:00 -0500

What separates a great CISO from a great one? In this powerhouse conversation, Ron invites friend and cybersecurity leader Gary Hayslip, CISO at SoftBank Investment Advisers, back on the mic to discuss what it takes to lead in today’s high-stakes digital world. Gary shares battle-tested insights on accountability, the evolving expectations of the CISO role, and how AI is reshaping leadership without replacing it.

Gary shares stories ranging from military mishaps to enterprise-scale transformation, and makes the case for visibility, trust, and embracing change. His perspective brings clarity to the fundamental responsibilities of a CISO and the mindset required to lead with impact.

Impactful Moments

00:00 – Introduction

02:00 – Defining the modern CISO as a business leader

05:45 – Why CISOs should never delegate accountability

07:30 – The danger of staying invisible

10:45 – The $40K UPS explosion mistake

15:00 – How leaders build trust in new teams

19:10 – Visibility is not micromanagement

24:30 – Staying humble while leading big

30:00 – Building “Rocky the Raccoon” internal GPT

34:30 – Hiring for AI fluency in security teams

Links:

Connect with our guest, Gary Hayslip: https://www.linkedin.com/in/ghayslip/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Confidence, Coaching, and the S-Word with Mel Reyes

Thu, 10 Jul 2025 07:34:09 -0500

Want to stand out as a leader? According to our guest Mel Reyes, you need to dress like you mean it and speak like you’ve got nothing to prove.

In this episode, Mel shares how he built billion-dollar portfolios, coached executive teams, and still shows up in a white hoodie when that feels right. With Ron, he unpacks how executive presence becomes a strategic weapon for breaking resistance, commanding attention, and making your message unforgettable. You’ll learn why generic resumes fail, how to master executive storytelling with the SPAR method, and what dropping the ego really looks like in your next leadership role.

Impactful Moments:

00:00 – Introduction
03:00 – Breaking the rules of executive delivery
07:00 – Why confidence starts in your closet
11:30 – Respecting identity in professional spaces
12:30 – Advice for breaking into cybersecurity
17:00 – Reinvention at the mid-senior level
21:00 – The SPAR framework for storytelling
30:00 – Drop the ego, find your passion

Links:

Connect with our guest, Mel Reyes: https://www.linkedin.com/in/melreyes/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Purple Teaming Is the New Job Security with Maril Vernon

Thu, 26 Jun 2025 05:00:00 -0500

Cybersecurity isn’t just red or blue anymore... it’s purple, white, and deeply human. Maril Vernon, award-winning ethical hacker and Senior Solutions Architect at NetSPI, returns to the Hacker Valley Studio to discuss purple teaming as the most future-proof career path in cyber. She opens up about mentorship, burnout, compensation realities, and how we’re still failing the fundamentals.

Together, Ron and Maril dig into what purple teaming really is (and isn’t), why soft skills matter more than ever, and how defenders are the frontline signal source for law enforcement. From guiding her mom into IR to co-founding Mind Over Cyber, Maril embodies what it means to show up for the cyber community and demand more from the culture itself.

Impactful Moments

00:00 - Introduction
01:01 - Maril’s role at NetSPI
03:00 - Why purple skills are future-proof
05:19 - Salary truths in purple teaming
08:30 - Know your value, negotiate wisely
13:07 - How defenders enable law enforcement
16:22 - The real meaning of purple teaming
18:39 - Common misconceptions debunked
24:45 - People are always the soft spot
26:01 - The two security stack must-haves
29:00 - Mom made it to incident response
30:48 - Maril’s mentorship philosophy
34:09 - Why you need to post anyway
36:35 - What Mind Over Cyber is really about
40:00 - CISOs are burning out silently
41:31 - Closing thoughts

Links:

Connect with our guest, Maril Vernon: https://www.linkedin.com/in/marilvernon

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

The AI Gold Rush in Cybersecurity with Chris Cochran

Thu, 19 Jun 2025 05:00:00 -0500

The new cybersecurity pioneers aren’t chasing alerts, they’re building with AI. But what happens when tools meant to assist begin making decisions for us? And what skills do we lose when machines fill the gaps we used to grow into?

In this episode, Chris Cochran, CEO and Founder of Commandant, returns to Hacker Valley Studio with an insider view on building in the AI boom. He shares why he’s betting on incident response over the “AI SOC,” what it means to use AI with integrity, and how this moment mirrors the early industrial revolutions: chaotic, risky, but ripe with once-in-a-career opportunity.

Impactful Moments:

00:00 – Introduction
02:11 – Launch of Commandant AI
03:06 – Early-stage LLM opportunities
05:26 – Built first AI co-pilot in 4 hours
06:00 – AI bot tops HackerOne leaderboard
07:44 – AI used for and against orgs
10:14 – Focus on incident response, not AI SOC
12:34 – Reducing cost of prolonged incidents
14:01 – Cybersecurity changing every 2 months
16:58 – AI causing rapid skill loss
21:59 – AI-assisted job interviews detected
24:49 – AI lacks business context for blocking
27:30 – Daily AI use pays long-term dividends

Links:

Connect with our guest, Chris Cochran: https://www.linkedin.com/in/chrishvm/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

The AI That Tried to Escape with Ron Eddings

Thu, 12 Jun 2025 05:00:00 -0500

What happens when AI refuses to be replaced? This episode kicks off with a chilling real-world example of an AI threatening blackmail—and only gets more intense from there.

Host Ron Eddings unpacks the terrifyingly innovative ways AI is altering the cybersecurity threat landscape. From deepfakes convincing enough to fool your own family to auto-summarizing email clients acting as unintentional insiders, the stakes have never been higher. Ron also shares insights from his brand-new book Attack Surface Management, co-authored with MJ Kaufman and published by O'Reilly, and breaks down why the simplest social engineering tactics remain the most dangerous—even in the age of advanced AI.

Impactful Moments:

00:00 - Introduction

02:30 - Model Context Protocol explained

05:00 - Google's VEO-3 and fake riot videos

07:00 - Fake Facebook ads pushing malware

09:30 - Social engineering still reigns supreme

13:30 - Using AI to write malicious emails

16:30 - Calendly phishing and credential theft

19:00 - Gemini and the risk of auto-summarization

21:30 - LLM access to your private documents

22:45 - Takeaways and protecting your environment

Links:

Connect with Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/

Grab a copy of Ron’s new book, “Attack Surface Management: Strategies and Techniques for Safeguarding Your Digital Assets”: https://a.co/d/1nmPod2

Check out the full article on “The Rise of ‘Vibe Hacking’ Is the Next AI Nightmare” here: https://www.wired.com/story/youre-not-ready-for-ai-hacker-agents/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Zero Trust Isn’t a Tool — It’s Everything with George Finney

Thu, 05 Jun 2025 05:00:00 -0500

What if Zero Trust isn’t a framework, but the only viable cybersecurity strategy—more about people than products?

In this episode, George Finney, CISO at the University of Texas System and author of Project Zero Trust, reveals the human-first truth behind the Zero Trust movement, and why it’s not something you buy but something you build. George shares stories from hacking a college database to launching a deepfake of himself trained on his own books, all while breaking down how AI and creativity are reshaping security leadership.

Impactful Moments:

00:00 - Introduction
01:16 - Cyber Hall of Fame recognition
07:00 - Hacked his college to solve mail
09:00 - Took startup job without paycheck
14:14 - Zero Trust is a strategy, not tool
17:00 - Tailoring security like a custom suit
23:29 - AI strategy through Zero Trust lens
29:30 - Built a Zero Trust voice clone hotline
36:00 - You don’t need to be a CISO
38:30 - Why weirdos make cybersecurity stronger

Links:

Connect with our guest, George Finney: https://www.linkedin.com/in/georgefinney/

Check out George’s books on Amazon: https://www.amazon.com/stores/author/B01MT0C6X3

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Your Two-Year Edge Starts Now with Marco Figueroa

Thu, 29 May 2025 05:00:00 -0500

You won’t be replaced by AI—you’ll be replaced by someone using it better.

Returning guest Marco Figueroa is back with a frontline report on the AI agent boom. This isn’t a prediction—it’s a tactical update from someone tracking every release, every benchmark battle, and every edge worth chasing.

In this episode, Ron is joined by Marco as he breaks down the rapid evolution of AI agents—from Claude Code to Codex to Google Flow. He explains why general-purpose models are leveling off, how specialized tools are reshaping the landscape, and why creativity is now your most valuable edge. Whether you're in code, ops, or content, your two-year advantage starts right here.

Impactful Moments

00:00 - Introduction
01:08 - AI agents are no longer hype
03:45 - Major LLM releases and what's next
05:32 - The Grok delay and pricing drama
07:30 - Why general models are losing steam
10:50 - Benchmark manipulation and model specialization
14:15 - The future belongs to creatives
22:05 - The next AI drops to watch

Links:

Connect with our guest, Marco Figueroa: https://www.linkedin.com/in/marco-figueroa-re/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Badge Cloning, Alarm Triggers & Getting Hired to Hack with Greg Hatcher & John Stigerwalt

Thu, 22 May 2025 05:00:00 -0500

Most people think red teaming is digital—until someone bypasses your locks, plants a Raspberry Pi in your server room, and walks out with your data. That’s not sci-fi. That’s White Knight Labs.

In this episode, Ron talks with Greg Hatcher and John Stigerwalt, co-founders of White Knight Labs, a boutique offensive security firm built on real-world action. They share high-stakes red team operations—like triggering alarms and dodging police during a break-in—and explain why most companies are wide open to physical and insider threats. This isn’t a theory. It’s what’s happening right now, and it’s being executed with precision and purpose.

Impactful Moments

00:00 - Introduction

02:13 - Origin story of White Knight Labs

08:56 - Why physical red teaming is broken

12:20 - Breaking into a lottery facility

16:00 - Hiding from police mid-engagement

22:30 - Getting hired to breach from inside

25:45 - Hijacking code from offshore devs

33:29 - Real difference: red team vs pen test

35:00 - Get in touch with WKL

Links

Connect with our guests!
Greg Hatcher: https://www.linkedin.com/in/gregoryhatcher2/
John Stigerwalt: https://www.linkedin.com/in/john-stigerwalt-90a9b4110/

Learn more about White Knight Labs: https://www.whiteknightlabs.com

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Building Cyber Resilience Through Culture with David Shipley

Thu, 15 May 2025 05:00:00 -0500

What if fixing cybersecurity wasn’t about more tools, but about unlocking human potential?

In this episode, Ron Eddings welcomes back David Shipley, CEO and Field CSO of Beauceron Security, for a conversation on the real force behind security resilience: people. Together they expose the failure of "reactive" cybersecurity strategies, drawing parallels with preventative healthcare — and explain why culture, psychological safety, and behavior change are the true secret weapons.

Impactful Moments:

00:00 - Introduction

01:36 - The true meaning of "people in cyber"

03:13 - Cybersecurity’s flawed healthcare analogy

07:31 - Nutrition for cyber: proactive strategies

10:00 - MSPs: why selling tools isn’t enough

16:22 - Measuring culture, not just clicks

19:12 - Why people really click phishing emails

23:59 - Building psychological safety in security

30:30 - Celebrating human wins in security

34:00 - The future: empathy, transparency, trust

Links:

Connect with our guest, David Shipley: https://www.linkedin.com/in/dbshipley/

Learn more about Beauceron Security here: https:///www.beauceronsecurity.com/partner

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Ditch the Spreadsheets: Smarter Crypto Security with Michael Klieman

Thu, 08 May 2025 05:00:00 -0500

Still tracking certificates in a spreadsheet? You’re not alone—and there’s a better way.

In this special episode from RSA 2025, Ron sits down with Michael Klieman, Global Vice President of Product Management for Digital Security Solutions at Entrust, to discuss how leading organizations are rethinking cryptographic security. From simplifying certificate management to preparing for a post-quantum future, this conversation covers real-world risks, surprising breach stories, and practical steps for bringing order to crypto chaos—without the stress.

Impactful Moments:

00:00 – Introduction
04:00 – Three major problems with crypto today
06:45 – Certificates often missing from inventories
08:30 – Managing EV charging infrastructure with spreadsheets
11:00 – The two biggest certificate-related risks
12:50 – Expired certs can tank brand trust
14:45 – Automation usually comes after spreadsheets
16:30 – Why quantum risk grows every year
18:15 – Start with a cryptographic inventory
20:30 – Nation-state threats and critical infrastructure
22:15 – AI could fast-track quantum breakthroughs
24:45 – Entrust’s new unified crypto security platform
26:35 – One question every CISO must answer in 2025

Links:

Connect with our guest, Michael Klieman: https://www.linkedin.com/in/mklieman/

Learn more about Entrust at: https://www.hackervalley.com/entrust

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Protecting People, Not Just Perimeters with Andrey Suzdaltsev

Thu, 24 Apr 2025 06:00:00 -0500

AI is reshaping the cybersecurity battlefield, and cyber adversaries are getting smarter.

In this episode, Ron Eddings welcomes Andrey Suzdaltsev, Co-Founder and CEO of Brightside AI, for a look into the evolution of social engineering, AI’s role in personalized phishing, and how Brightside is turning the tables with automation and human-centric protection. From offensive AI simulations to family-inclusive cyber safety, Andrey shares how his team secures both professional and personal perimeters before cybercriminals can strike.

Impactful Moments

00:00 Cyber criminals get a theatrical glow-up

01:47 AI models + personal data = mass fraud

03:42 Brightside’s 3-part solution explained

07:32 Why security must get personal

11:16 Ron’s reaction to Brightside’s realism

13:16 AI research tools now used by hackers

19:33 Why deepfake detection may fail

15:16 Automating attacks with AI agents

37:34 Protecting families = smarter security

41:56 Brightside’s vision for defending human risk

Links

Connect with our guest, Andrey Suzdaltsev: https://www.linkedin.com/in/ndrey

Learn more about Brightside: www.brside.com

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Digital Clutter and the Death of Passwords with Collin Sweeney & Chase Cunningham

Thu, 10 Apr 2025 16:21:49 -0500

Passwords are the original digital clutter—messy, overstuffed, and way too easy to forget. Like a junk drawer full of old keys and cables, we keep tossing more into them, hoping they’ll somehow keep working. But what if it’s time to throw the whole thing out?

In this episode, Ron Eddings is joined by Collin Sweeney of ZKX Solutions and Dr. Chase Cunningham, a.k.a. “Dr. Zero Trust,” for a bold conversation on the future of authentication. From the failures of MFA to the promise of zero-knowledge proofs, the crew breaks down how we got stuck with broken access systems—and what it’ll take to finally fix them. Whether it’s SIM swapping, face IDs, or security keys on the battlefield, this is the real talk on identity security you don’t want to miss.

Impactful Moments:

00:00 – Introduction
03:45 – ZKX’s origin: voice verification breakthrough
06:45 – Collin’s “oh crap” SolarWinds realization
09:15 – Why MFA still fails in practice
13:15 – Zero-knowledge proofs explained with a coin
15:30 – How ZKPs reduce identity attack surfaces
17:45 – Making MFA faster, smarter, more human
20:00 – MFA fatigue and ice skating uphill
24:00 – Why people still cling to passwords
30:54 – Quantum fears vs real-world encryption limits

Links:

Connect with Collin Sweeney: https://www.linkedin.com/in/collin-sweeney-6ab6a5176/

Check out ZKX Solutions new product, Helix:

zkxsolutions.com/helix

Connect with Chase Cunningham: https://www.linkedin.com/in/dr-chase-cunningham/

Grab a copy of Chase Cunningham's book “vArIable: A Novel in the gAbrIel Series” here: www.amazon.com/vArIable-gAbrIel-Dr-Chase-Cunningham-ebook/dp/B0DVMWCWCD?ref_=ast_author_mp

Check out Hacker Valley’s upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

What Most Cybersecurity Advice Misses—And How to Fix It with Robert Hansen

Thu, 03 Apr 2025 13:53:24 -0500

What if the biggest threat to cybersecurity isn’t attackers—but the defenders themselves? Why are we still building tools for experts in a world where technical skills are fading fast?

In this episode, Ron Eddings sits down with legendary hacker and investor Robert Hansen (aka RSnake) to talk about startup strategy, LLM-powered workflows, and the uncomfortable truth about skill decline in security teams. You’ll hear how he built an AI-powered threat intel engine, why most cybersecurity advice is outdated, and his hard-earned wisdom on surviving—and thriving—in a landscape built to break you.

Impactful Moments:

00:00 - Introduction
01:30 - Meeting RSnake at Hacker Hoedown
04:50 - AI-powered newsletter curation
08:15 - Ranking news by global impact
13:00 - Keeping LLM costs under 25 cents/day
16:10 - Paths to revenue for cybersecurity pros
24:00 - Why venture capital often kills innovation
33:20 - Cloud migration and the crocodile problem
37:00 - Decline in practitioner technical skill
40:00 - Designing tools for non-experts

Links:

Connect with our guest, Robert “RSnake” Hansen: https://www.linkedin.com/in/roberthansen3/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Hackers Have HR Now? featuring Christopher Budd

Thu, 27 Mar 2025 14:13:26 -0500

The internet once came this close to crashing—and Microsoft was on the front line.

In this episode, cybersecurity veteran Christopher Budd takes us inside the Microsoft Security Response Center during one of the most chaotic cyber events in modern history. From the Nimda worm of 2001 to ransomware turf wars, and the weird future where threat actors post job ads for ransom note writers, Christopher lays it all out with perspective only decades in the game can bring. If you think AI or ransomware is the endgame, you’re not seeing the whole board.

Impactful Moments:

00:00 - Introduction
04:35 - Breaking down the Nimda attack
07:00 - “We carried 90% of the internet”
10:37 - Ransomware gangs fighting for headlines
15:26 - Secure perimeter is officially dead
17:31 - AI as your cybernetic exosuit
24:00 - Filtering 100,000 security emails with AI
27:05 - Privacy tension in AI-powered defense
32:00 - The inevitable swing back to local control
35:31 - “You will”: when sci-fi became real

Links:

Connect with our guest, Christopher Budd: https://www.linkedin.com/in/christopherbudd/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Staying Ahead in the Age of AI Agents with Marco Figueroa

Fri, 21 Mar 2025 05:00:00 -0500

Marco Figueroa is back, and his AI predictions aren’t just coming true—they’re unfolding faster than anyone expected. AI agents aren’t on the horizon—they’re already here, and security teams are scrambling to keep up.

Building on his bold January prediction that 2025 would be the Year of the AI Agent, Marco returns to break down real-world threats, including an insider attack using an infinite logic bomb. From the rise of AI-driven security tools to the biggest risks companies aren’t ready for, this episode is your roadmap to staying ahead in the new AI era.

Impactful Moments:

00:00 - Introduction
02:00 - Insider threat case: Infinite logic bomb attack
06:00 - Why AI will transform security forever
10:00 - AI agents will replace entire workflows
16:00 - The AI pricing war is heating up
22:00 - How to structure AI-driven security workflows
30:00 - The mind-blowing AI coding method you need
38:00 - The future of AI-assisted cybersecurity teams

Links:

Connect with our guest, Marco Figueroa: https://www.linkedin.com/in/marco-figueroa-re/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

I Built an AI Version of Myself – Here’s Why with Marcus J. Carey

Fri, 14 Mar 2025 18:15:07 -0500

The best time to be alive is right now—if you know how to use AI. Marcus J. Carey, Principal Research Scientist at ReliaQuest, is harnessing AI to supercharge creativity, cybersecurity, and career development. In this episode, he shares the workflows he uses that redefine productivity, from dictating books in a week to building a personal AI twin.

In this episode, Ron and Marcus highlight AI’s true power—when used right. They discuss why intuition is the secret ingredient, how AI is reshaping cybersecurity, and why people who master AI will lead the future. Plus, Marcus breaks down how he built his own personal GPT, his approach to learning, and why he sees AI as a tool, not a threat.

Impactful Moments:

00:00 - Introduction
01:18 - Meet Marcus J. Carey
03:00 - Using AI to write a book fast
06:00 - Creating a personal AI twin
09:00 - AI’s impact on cybersecurity defense
15:00 - The power of intuition in AI
22:00 - Why learning fundamentals still matters
30:00 - AI-enhanced workflows for coding
36:00 - The reality of AI "hallucinations"
39:00 - Final thoughts on mastering AI

Links:

Connect with our guest, Marcus J. Carey: https://www.linkedin.com/in/marcuscarey/

Grab a copy of Marcus’ book, “Hacker, Inc.: Mindset For Your Career” here: https://a.co/d/8i7waDc

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Cyber Warfare, Digital Deception, and the Hidden Threats We Ignore with Dr. Eric Cole

Fri, 07 Mar 2025 19:29:47 -0600

We’re already in World War III—just not the kind you’re thinking of. Cyber warfare is here, and the battlefield is your inbox, your bank account, and your digital identity. So why are we still acting like it’s peacetime?

Dr. Eric Cole, cybersecurity pioneer and former CIA hacker, joins the show to drop hard truths about the state of cyber warfare, AI’s role in our digital future, and why most people are sleepwalking through a war they don’t even realize they’re in. From the rise of deepfakes to North Korea’s billion-dollar hacking economy, this episode is one you can’t afford to ignore.

Impactful Moments:

00:00 - Introduction
02:00 - Dr. Eric Cole’s journey from the CIA to cybersecurity leadership
07:20 - The fundamentals of hacking and why they still matter
11:00 - AI is only as smart as the data we give it
17:00 - The rise of deepfakes and digital deception
19:45 - Cyber warfare: How North Korea funds its economy through hacking
23:50 - The problem with America’s peacetime mentality
30:00 - Should we be worried about AI replacing humans?
36:10 - The key to success: mastering people skills, not just tech skills
40:30 - Final thoughts and where to follow Dr. Eric Cole

Connect with Dr. Eric Cole on LinkedIn: https://www.linkedin.com/in/ericcole1/

Check out Dr. Eric Cole’s books –

Cyber Crisis: Protecting Your Business from Real Threats in the Virtual World: https://www.amazon.com/Cyber-Crisis-Protecting-Business-Threats/dp/B093X3YNPT

Online Danger: How to Protect Yourself and Your Loved Ones from the Evil Side of the Internet:
https://www.amazon.com/Online-Danger-Protect-Yourself-Internet-ebook/dp/B078WK39TT

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

The AI Shift You Can’t Ignore with Marco Figueroa

Fri, 28 Feb 2025 05:00:00 -0600

AI isn’t just evolving—it’s sprinting, and cybersecurity needs to keep up.

Ron Eddings is joined again by cybersecurity leader Marco Figueroa, Program Manager for Gen AI at the ODIN Bug Bounty Program, who called it in January: 2025 is the year of AI agents, and the early signs are already here. From Grok 3’s speed advantage to AI-powered red teaming for $25K, this is the reality check security leaders need. No more six-month security projects—it’s all about speed, automation, and staying ahead.

Impactful Moments:

00:00 - Introduction

01:45 - Breaking down Palantir’s stock drop

07:15 - Why Grok 3 is a game-changer

10:24 - The real difference between GPT-4 and Grok

17:25 - AI-powered red teaming for $25K?

22:00 - The death of six-month security projects

26:24 - OpenAI’s Operator: The future or a gimmick?

34:22 - How AI is eliminating busywork

36:55 - Next month’s prediction: Agents building agents

Links:

Connect with our guest, Marco Figueroa: https://www.linkedin.com/in/marco-figueroa-re/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Superhuman Productivity and AI Mastery with Pedram Amini

Fri, 21 Feb 2025 15:26:24 -0600

What if you could have a conversation with yourself—years into the future? Or leave behind an AI-powered avatar that understands your thoughts, philosophies, and even your voice? In this episode, we explore the mind-blowing potential of AI and its impact on cybersecurity, productivity, and even legacy.

Pedram Amini, Chief Scientist at OPSWAT, joins Ron Eddings to discuss his journey from bootstrapped startups to AI-driven innovation. Together they cover topics like the role of AI in cybersecurity, the rise of fake identities in hiring, the ethics of AI-generated content, and why mastering AI tools is no longer optional—it's essential. Pedram shares his workflow for superhuman productivity, his thoughts on deepfakes, and how AI is reshaping how we work and communicate.

Impactful Moments:

00:00 - Introduction
02:00 - Meet Pedram Amini, cyber innovator
03:07 - The $17M North Korea insider threat case
06:00 - Fake job candidates and AI hiring scams
09:28 - Deepfakes and AI-driven deception
14:00 - Future of AI-powered personal assistants
20:49 - The reality of bootstrapping vs. VC funding
26:00 - AI in cybersecurity: risk or revolution?
31:00 - “AI isn’t taking your job—someone using AI is”
35:00 - The ultimate AI-powered legacy project

Links:

Connect with our guest, Pedram Amini: https://www.linkedin.com/in/pedramamini/

Check out the entire article about the $17M North Korea insider threat case here: https://www.theregister.com/2025/02/12/arizona_woman_laptop_farm_guilty/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Cybersecurity Meets AI: The Good, The Bad & The Janky

Thu, 13 Feb 2025 05:00:00 -0600

There’s no doubt that AI is changing the game in cybersecurity, but not always in the ways we expect.

In this episode, Ron Eddings shares his firsthand experience with AI-powered tools that make him a cyber superhero—when they work. From automating security tasks to turbocharging programming workflows, AI is proving its value, but also revealing its limits. Through live walkthroughs and real-world examples, he showcases how AI automates security tasks, accelerates programming, and enhances research—while also showing why some cybersecurity actions should stay human-led.

Impactful Moments:

00:00 - Introduction

02:00 - The good and bad of AI in security

04:00 - Google’s AI weapons controversy

06:30 - Deepfake scams and AI-powered phishing

09:00 - How AI helps (and fails) at programming

12:00 - Automating security research with AI

18:00 - AI-generated meeting notes & productivity hacks

21:00 - What AI should NEVER do

23:00 - The future of AI in cybersecurity

Links:

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

A Human-Centric Approach to Cybersecurity with Edna Conway

Tue, 04 Feb 2025 05:00:00 -0600

What if cybersecurity was more than just tech—what if it was about the people it serves? In this episode, Edna Conway, Founder and CEO of EMC Advisors, shares her incredible journey from law to cybersecurity and explores the human element often overlooked in technology.

Recorded live at InfoSec Nashville 2024, Edna discusses the intersection of innovation and tradition, the critical role of accuracy in AI, and her vision for cybersecurity's future. From anomaly detection to the wisdom of creating "enclaves," her insights remind us that tech is here to serve people, not the other way around.

Impactful Moments:

00:00 – Introduction
01:22 – Keynote insights: Innovation meets tradition
02:39 – From prosecutor to cybersecurity leader
07:00 – Human-first approach to AI and security
11:40 – LLMs in cybersecurity: opportunities and accuracy
16:34 – Balancing risk with AI use in business
23:06 – Bringing diverse talent into cybersecurity
32:30 – Advice on leadership and collaboration

Links:

Connect with our guest, Edna Conway: https://www.linkedin.com/in/ednaconway/

Learn more about ISSA Middle TN here: https://issamidtn.org/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Rise of the Machines: Why Your Attack Surface Has More Holes Than You Think ft Pandian Gnanaprakasam

Tue, 28 Jan 2025 05:00:00 -0600

Did you know nearly half of your enterprise devices are agentless—leaving your attack surface wide open? In this episode, Ron is joined by Pandian Gnanaprakasam, Co-Founder and Chief Product Officer at Ordr, to discuss the critical risks posed by agentless devices and how orchestration can strengthen your defenses.

Pandian shares key findings from Ordr’s 2024 "Rise of the Machines" report, highlighting the risks of overlooked agentless devices. He covers the rapid growth of these devices, strategies to manage vulnerabilities, and how automation can strengthen your defenses.

Impactful Moments:

00:00 - Introduction

04:15 - Why agentless devices dominate the next decade

06:30 - Insights from Ordr's “Rise of the Machines” report

08:50 - Hidden risks: 42% of devices are agentless

11:15 - Solving the "Swiss cheese" problem of security gaps

14:30 - Prioritizing vulnerabilities with business context

18:10 - Orchestration vs. automation: The harmony difference

22:00 - Why visibility is the foundation of security

27:30 - Ordr’s unique approach to securing the attack surface

Links:

Connect with our guest, Pandian Gnanaprakasam: https://www.linkedin.com/in/gpandian/

Check out Ordr’s Rise of the Machines report here: https://ordr.net/resources/rise-of-the-machines-report-2024

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

How a Game Turned a Watchmaker into a Cybersecurity Pro with Simeon Kakpovi

Wed, 22 Jan 2025 09:59:54 -0600

What if cybersecurity training could be as engaging as your favorite game? In this episode, Simeon Kakpovi, founder of the KC7 Foundation, shares how his gamified approach is changing lives and reshaping the cybersecurity pipeline by making cybersecurity education accessible.

From his journey as a threat hunter to building a free online game that teaches real-world blue team skills, Simeon joins Ron to show how creativity and inclusion can unlock potential in unexpected places. Plus, listen to the remarkable story about how a watchmaker with no cyber background landed a dream job at Microsoft—all thanks to KC7.

Impactful Moments

00:00 - Introduction

01:11 - The evolution of cybersecurity

03:03 - Cybersecurity Mergers & Acquisitions

05:38 - Meet our guest: Simeon Kakpovi of KC7 Foundation

06:00 - KC7 wins “Team of the Year” at the SANS DMAs

8:43 - Founding the KC7 Foundation

10:00 - Lessons from Lockheed Martin’s Cyber Analyst Challenge

11:46 - How KC7 gamifies real-world cybersecurity

14:52 - Bringing KC7 to high school and middle school students

16:52 - Expanding access to cybersecurity careers

25:09 - A watchmaker’s journey to Microsoft

34:00 - How to get started with KC7

Links

Connect with our guest, Simeon Kakpovi on LinkedIn: https://www.linkedin.com/in/kakpovi/

Check out the Cybersecurity M&A Roundup Article here: https://www.securityweek.com/cybersecurity-ma-roundup-37-deals-announced-in-december-2024/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Managing and Mitigating Cyber Risks For Your Assets with Jerich Beason and Wes Wright

Tue, 14 Jan 2025 17:34:47 -0600

What’s the key to mitigating unseen cyber risks? In this episode, Wes Wright, Chief Healthcare Officer at Ordr and Jerich Beason, CISO at WM uncover the complexities of attack surface management (ASM) and its impact on cybersecurity.

Together with Ron, they explain what constitutes an attack surface and introduce practical frameworks like See-Know-Secure, emphasizing the need for complete visibility and data-driven risk mitigation.

Impactful Moment:

00:00 - Introduction

03:00 - Defining attack surface management

06:13 - See-Know-Secure framework

09:05 - Analogies for explaining ASM to stakeholders

15:33 - Building an inventory for asset visibility

20:42 - Convincing leadership: Budget strategies

25:00 - Tools and methodologies for ASM

36:57 - Managed services vs. in-house approaches

43:00 - Starting your ASM journey

Links:

Connect with our guests –

Wes Wright: https://www.linkedin.com/in/4kidwes/

Jerich Beason: https://www.linkedin.com/in/jerich-beason/

Learn more about Ordr: https://ordr.net/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

The Year of the Agent: AI, Bug Bounties, and Cybersecurity Insights with Marco Figueroa

Fri, 10 Jan 2025 05:00:00 -0600

How will AI redefine cybersecurity in 2025? According to Marco Figueroa, Program Manager for Gen AI at the ODIN Bug Bounty Program, this year is set to be the "Year of the Agent," where AI systems and integrations take a central role.

In this special New Year bonus episode, Ron sits down with Marco to discuss the transformative role of AI in solving cybersecurity challenges. Marco breaks down AI jailbreak techniques, the impact of bug bounty programs on securing AI systems, and why 2025’s fast-evolving tech landscape demands creative thinking. Learn how tools like ChatGPT and Gemini 2.0 are reshaping the industry and why staying adaptable is essential.

Impactful Moments:

00:00 - Introduction

02:14 - Speed vs. safety: AI system challenges

05:30 - Why experience matters more than information

07:45 - Legal stakes for deepfakes and AI

18:36 - Marco’s creative journey in cybersecurity

28:00 - Jailbreaks: Risks and surprising AI findings

37:13 - 2025 predictions: The rise of agents

41:00 - Closing thoughts and the power of community

Links:

Connect with our guest, Marco Figueroa: https://www.linkedin.com/in/marco-figueroa-re/

Chuck Brooks' 2025 Cybersecurity Predictions article: https://www.forbes.com/sites/chuckbrooks/2024/12/24/cybersecurity-trends-and-priorities-to-watch-for-2025/

Focus Areas for the FaccT Conference News: https://facctconference.org/2025/focusareas

“Unreasonable Hospitality” by Will Guidara Book Link: https://www.amazon.com/Unreasonable-Hospitality-Remarkable-Giving-People/dp/0593418573

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Understanding the Psychology of Cyber Risk with David Shipley

Tue, 07 Jan 2025 05:25:47 -0600

Most people think cybersecurity training is about knowledge, but what if motivation is the real key to success? David Shipley, CEO and Field CISO at Beauceron Security, shares how psychology and neuroscience reshape how we approach security awareness, reducing risks in ways tech alone never could.

In this episode, Ron and David examine why people, not technology, are at the core of effective cybersecurity. David teaches us about the SCARF model, warns us about the dangers of overconfidence in training, and explains how gamification can drive meaningful behavior change when it comes to cybersecurity awareness and risk reduction.

Impactful Moments:

00:00 – Introduction

02:00 – David Shipley’s journey from journalist to cybersecurity leader

06:10 – Why motivation outshines knowledge in security training

08:20 – The Dunning-Kruger effect: Overconfidence in cybersecurity

11:17 – How overreliance on tech increases click rates

17:03 – Cybercriminals’ evolving tactics and emotional manipulation

25:00 – Gamification in cybersecurity: Changing security behaviors

30:56 – Using the SCARF model to enhance security culture

39:45 – Emotional intelligence as a defense against AI threats

Links:

Connect with our guest, David Shipley: https://www.linkedin.com/in/dbshipley/

Learn more about Beauceron Security here: www.beauceronsecurity.com/partner

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

From Landscaping to Cyber Leadership with Cole Lisko

Tue, 24 Dec 2024 05:00:00 -0600

How does a scorching July day in a van with no air conditioning lead to a career at one of the world’s top cybersecurity companies? In this episode, Cole Lisko shares his journey from landscaping to becoming the Cortex Team Manager at Palo Alto Networks.

Joined by his bestie Cole, Ron weaves the conversation through their history of friendship with laughs and lessons learned along the way. Discussing career pivots, unexpected opportunities, and the impact of mentorship, this conversation offers relatable motivation and a candid look at the power of meaningful connections.

Impactful Moments:

00:00 - Introduction

03:00 - Cole’s first exposure to cybersecurity

06:30 - Pivotal moment: a call for mentorship

11:40 - Breaking into cleared work

18:30 - Lessons learned at Booz Allen

22:00 - The art of work-life compartmentalization

27:45 - Leadership insights from landscaping days

32:50 - What’s next for Cole at Palo Alto Networks

Links:

Connect with our guest, Cole Lisko: https://www.linkedin.com/in/matthewlisko/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Think Like a Hacker, Solve Like a Leader featuring Ted Harrington

Tue, 17 Dec 2024 05:00:00 -0600

What if the key to innovation is breaking the rules? Ted Harrington, Executive Partner at Independent Security Evaluators and a pioneering ethical hacker, explores the power of commitment, curiosity, creativity, and nonconformity to rethink cybersecurity and life itself. From hacking the first iPhone to disrupting misconceptions about security testing, Ted shows why the hacker mindset matters more now than ever.

Join Ron and Ted as they discuss strategies for using the hacker mindset to solve problems, address risks like AI-driven deepfakes, and uncover unconventional opportunities in both business and personal growth.

Impactful Moments:

00:00 - Intro
03:15 - The four traits of a hacker mindset
07:40 - Hacking the first iPhone and Tesla
11:50 - Why penetration testing is misunderstood
16:30 - Risks and realities of AI deepfakes
21:20 - Applying hacker traits to entrepreneurship
28:45 - Ted’s upcoming book: Inner Hacker
33:00 - Why mindset matters most

Links:

Connect with our guest, Ted Harrington: https://www.linkedin.com/in/securityted/

Order Ted Harrington’s book “Hackable” here: https://www.amazon.com/Hackable-How-Application-Security-Right-ebook/dp/B08MFTQ7Q4

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Hacking Trust with AI and Deepfakes featuring Iain Jackson

Thu, 12 Dec 2024 05:00:00 -0600

What happens when cutting-edge AI meets the art of deception? In this episode, Iain Jackson, Academy Hive Leader at CovertSwarm, takes us through the uncanny potential and risks of synthetic voices and AI in cybersecurity.

Together, Ron and Iain discuss how adversaries are using AI to bypass human intuition. From synthetic voice calls to automating phishing attacks at scale, this episode explores how hackers leverage technology using these tactics and what you can do to stay one step ahead.

Impactful Moments:

00:00 - Introduction
01:56 - Iain shares his journey with AI
03:29 - Demonstrating voice cloning in real-time
06:31 - Risks of automated synthetic voice attacks
09:46 - Impact of AI on social engineering tactics
11:00 - Importance of "vibe checks" in cybersecurity
15:17 - Real-world phishing and HR scam example
20:00 - Uncanny Valley: Defense against AI deception
23:37 - The future of AI in adversary emulation

Links:

Connect with our guest, Iain Jackson: https://www.linkedin.com/in/iain-j-98578a238/

Learn more about CovertSwarm here: https://covertswarm.com/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Championing the Human in Cybersecurity with Julie Haney

Tue, 03 Dec 2024 05:00:00 -0600

What happens when cybersecurity puts people first? Julie Haney, Human-Centered Cybersecurity Program Lead at NIST, shares how designing security with humans at the center leads to greater adoption, reduced frustration, and stronger protection.

In this episode, Julie discusses how to improve user adoption by simplifying complex security processes, why empathy is a game-changer for effective security, and strategies for empowering people to feel confident and secure online. This conversation will inspire you to rethink how we protect people in the digital age and shares a fresh perspective on making cybersecurity work for all.

Impactful Moments:

00:00 - Introduction
07:15 - Breaking down barriers in user design
15:40 - Why empathy matters in cybersecurity solutions
21:05 - Challenges in bridging tech and humanity
28:30 - Designing systems with people, not just for them
35:10 - Practical steps to empower users in security
42:45 - Final reflections on human-centered innovation

Links:

Connect with our guest, Julie Haney here: https://www.linkedin.com/in/julie-haney-037449119

Check out NIST’s Online Community of Interest here: https://csrc.nist.gov/Projects/human-centered-cybersecurity/hcc-coi

Learn more about Human-Centered Cybersecurity on NIST’s website here: https://csrc.nist.gov/projects/human-centered-cybersecurity

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Do You Deserve To Be Hacked? Featuring Ilan Fehler and Dahvid Schloss

Tue, 26 Nov 2024 05:00:00 -0600

Do you deserve to be hacked? With that bold tagline, CovertSwarm is pushing leaders to rethink how they test and defend their systems, and in this episode, they’re sharing firsthand how organizations can prepare for adversaries in the wild.

Recorded at Black Hat 2024, Ron is joined by Ilan Fehler, US Sales Lead at CovertSwarm, and Dahvid Schloss, Hive Leader at CovertSwarm to explore the world of adversary emulation. From physical breaches to API exploits, this conversation covers the human, digital, and physical elements of cybersecurity.

Impactful Moments:
00:00 - Introduction
01:25 - You Deserve To Be Hacked
03:05 - Emulating criminal behavior: The hive structure
07:55 - Social engineering tactics that really work
20:16 - Physical breaches: Pentesting in action
24:09 - Past the firewall: Second- and third-layer testing
29:14 - Digital exploits and real-world vulnerabilities
35:24 - Why organizations hesitate to invest in red teams
37:33 - Building muscle memory for security

Links:

Connect with our guests, Ilan Fehler https://www.linkedin.com/in/fehler/ and Dahvid Schloss https://www.linkedin.com/in/dahvidschloss/

Learn more about CovertSwarm here: https://covertswarm.com/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Transforming SOC Operations with AI featuring Roy Halevi

Wed, 20 Nov 2024 05:00:00 -0600

Cybersecurity is evolving fast, and AI is at the center. Roy Halevi, Co-Founder and CTO of Intezer, explains how AI automates SOC operations, improving speed and accuracy while freeing up teams to focus on critical threats.

In this conversation with host Ron Eddings, Roy explains how AI automates critical tasks like alert investigation and response, reducing noise and improving accuracy. Roy shares insights on overcoming challenges in adopting AI, the future of SOC roles, and how organizations can optimize their defenses using AI driven tools.

Impactful Moments

00:00 – Intro and the AI revolution in cybersecurity

01:16 – Meet Roy Halevi, Co-Founder and CTO of Intezer

03:00 – The story behind the name ‘Intezer’

06:14 – Key challenges facing today’s SOC teams

15:04 – Top use cases for AI in the SOC

21:27 – How Intezer automates alert triage and response

37:32 – Future predictions for SOC and cybersecurity roles

48:23 – Closing thoughts and call to action

Links:

Connect with our guest, Roy Halevi: https://www.linkedin.com/in/royhalevi

Learn more about Intezer here: https://intezer.com

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

From Shadow IT to Full Asset Visibility with Wes Wright

Tue, 12 Nov 2024 05:00:00 -0600

Can you truly protect what you can't see? Wes Wright, Chief Healthcare Officer at Ordr, joins Ron to share how organizations can shine a light on their network and asset blind spots and take control of their digital assets.

In this episode, Ron and Wes discuss the importance of asset visibility in cybersecurity, outlining the potential of CAASM (Cyber Asset and Attack Surface Management) and how it empowers teams to expose hidden vulnerabilities, streamline operations, and stay ahead of security threats, vulnerabilities, and exposures.

Impactful Moments:

00:00 - Introduction

01:35 - Asset visibility and blind spots

03:47 - What keeps CTOs and CISOs up at night

08:45 - Bridging IT and OT: CAASM explained

12:10 - Real-world use cases for CAASM

18:37 - The power of automated asset management

25:00 - Why continuous inventory is a game-changer

35:59 - Wes’s advice for getting started with Ordr

Links:

Connect with our guest, Wes Wright: https://www.linkedin.com/in/4kidwes/

Learn more about Ordr here: https://ordr.net/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Building Opportunities for Women and Minorities in Cybersecurity with Connie Matthews

Wed, 06 Nov 2024 05:00:00 -0600

How do you create waves of change in an industry? Connie Matthews, Founder and CEO of ReynCon, speaks with Ron about the power of resilience, mentorship, and taking that first bold step in cybersecurity.

In this powerful episode, Connie shares her path as a pioneering woman in cybersecurity. Discussing diversity, mentorship, and her nonprofit EmpoW-ER, Connie’s shared lessons and insights on resilience and community give listeners a blueprint for making a meaningful impact in their careers.

Impactful Moments:

00:00 – Introduction
04:27 – Mentorship impact: Building future leaders
10:14 – Embracing diversity and servant leadership
18:03 – Founding EmpoW-ER: Supporting women in cyber
24:13 – Navigating stereotypes and staying resilient
30:00 – Recognizing and celebrating young talent
36:45 – Building an inclusive cybersecurity community

Links:

Connect with our guest, Connie Matthews: https://www.linkedin.com/in/conniematthews/

Learn more about EmpoW-ER: https://www.empower-infosec.org/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Rethinking Cybersecurity Hiring with Naomi Buckwalter

Tue, 29 Oct 2024 12:06:27 -0500

Is cybersecurity gatekeeping holding back the industry? Naomi Buckwalter, Senior Director of Product Security at Contrast Security and Founder of the Cybersecurity Gatebreakers Foundation, argues that fresh talent and open doors are crucial for industry growth.

In this episode, Naomi challenges why industry hiring norms fall short, shares candid stories of her own missteps, and explains why humility and learning are just as important as technical skills in cybersecurity.

Impactful Moments:

00:00 – Introduction

03:15 – Building a genuine presence on LinkedIn

07:40 – Founding the Cybersecurity Gatebreakers Foundation

12:00 – Why hiring juniors is a win for cybersecurity

17:58 – Relationship building in cybersecurity

25:27 – Lessons from layoffs and overcoming failure

35:45 – Setting goals and attracting opportunities

Links:

Connect with our guest, Naomi Buckwalter: https://www.linkedin.com/in/naomi-buckwalter/

Learn more about the Cybersecurity Gatebreakers Foundation: https://www.cybersecuritygatebreakers.org/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

AI, Deepfakes, and Human Risk in Cybersecurity with Perry Carpenter

Tue, 22 Oct 2024 05:00:00 -0500

In a world filled with AI-generated deceptions, how do we discern what’s real? Ron sits down with Perry Carpenter, author of FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions, to discuss the risks and the potential of synthetic media and human risk management.

Whether you’re worried about deepfakes or curious about AI’s role in creativity, this episode has something for everyone.

Impactful Moments:

00:00 – Intro
00:49 – Synthetic voices surprise in mastermind
01:42 – Perry’s new book FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions
03:42 – Psychology's role in cybersecurity
06:07 – Human risk management explained
09:14 – Deepfakes in fraud and scams
15:13 – Demo of deepfake voices
20:22 – Using cakes to explain large language models
27:00 – AI helps overcome creative blocks
32:00 – Managing AI hallucinations and risks

Connect with our guest, Perry Carpenter: https://www.linkedin.com/in/perrycarpenter

Purchase a copy of Perry’s book FAIK here: https://www.amazon.com/FAIK-Practical-Disinformation-AI-Generated-Deceptions/dp/1394299885

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

How to Become a True Security Leader with Nathan Case

Tue, 15 Oct 2024 05:00:00 -0500

How does one become a true security leader? According to Nathan Case, it’s not about titles—it’s about impact.

In this episode, Nathan Case, VP of Cloud Security at Clarity, shares his journey through security leadership, including stories from his time at AWS and his approach to building mission-driven teams. Nathan discusses balancing family with leadership, the future of AI in cybersecurity, and what it takes to become a real leader in the security space. He also reflects on the importance of being chosen as a leader, rather than striving for the title.

Impactful Moments:

00:00 – Introduction

02:31 – Journey from AWS to Clarity

04:00 – Cyber Dominance

05:55 – Leading Through M&A

07:00 – Redefining the CISO Role

11:00 – Shared Security Responsibility

15:15 – Balancing Mission and Family

20:00 – AI in Security

28:30 – Leadership in Incident Response

32:00 – Woodworking and Perfectionism

35:00 – Leaders Are Chosen

Links:

Connect with our guest, Nathan Case: https://www.linkedin.com/in/nathancase/

Check out Nathan and Ross Haleliuk's blog on Security Incident Response here: https://ventureinsecurity.net/p/a-different-take-on-security-incident

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

AI and the Future of Cyber Defense with John Hubbard

Tue, 08 Oct 2024 05:00:00 -0500

How can AI shape the future of cybersecurity defense? In this episode, we dive into SOC operations, AI integration, and the latest in threat detection with John Hubbard, Cyber Defense Curriculum Lead at SANS.

John discusses the expansive landscape of cybersecurity defense, while sharing insights on AI's role in threat detection and the cutting-edge tools that are pushing the boundaries of cybersecurity. From automation to detecting anomalies in network traffic, this episode will bring you up to speed on the latest trends and challenges facing cyber defense teams.

Impactful Moments:

00:00 – Introduction
01:00 – Meet John Hubbard: Cyber Defense Curriculum Lead at SANS
02:30 – Overview of the SANS Cyber Defense Curriculum
03:30 – The Role of AI in Cybersecurity
05:30 – How AI is Shaping Threat Detection in SOCs
09:00 – Automation and AI: Practical Use Cases
15:00 – AI in Network Traffic Analysis
19:00 – The Future of SOC Operations with AI

Links:

Connect with our guest, John Hubbard: https://www.linkedin.com/in/johnlhubbard/

Check out the SANS Cybersecurity Courses & Certifications: https://www.sans.org/cyber-security-courses/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

How Adversaries Are Living Off The Dark Web with Jason Haddix

Tue, 01 Oct 2024 05:00:00 -0500

Have you ever lost something important, only to find out someone moved it without telling you? The same thing happens with our personal and business data. But what if you could see what the adversary sees?

In this episode, Jason Haddix, Field CISO at Flare, shares his experiences in red teaming, accessing dark web credentials, and protecting against malicious actors. Whether you're curious about data exposure or how threat actors operate, this conversation offers insights into the constant changes in cybersecurity.

Impactful Moments:

00:00 - Introduction

01:11 - The Basics of the Dark Web and How Criminals Operate

07:16 - Flare's Role in Cybersecurity

11:14 - Common Security Mistakes

20:04 - Pen Testing with Flare

21:33 - Exploiting Exposed Credentials

22:19 - Reconnaissance Tools and Techniques

24:38 - Email Security Concerns

28:43 - The Power of Stealer Logs

38:21 - Dark Web Tactics and AI

39:33 - Advice for Cybersecurity Leaders

42:04 - Exploring Flare’s Platform for Threat Intelligence

44:26 - Conclusion and Final Thoughts

Links:

Connect with our guest, Jason Haddix: https://www.linkedin.com/in/jhaddix/

Check out Flare here: https://try.flare.io/hacker-valley-media/

Check out Arcanum here: https://www.arcanum-sec.com/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

AT&T Dynamic Defense: Security Before It Reaches Your Company's Doorstep with Senthil Ramakrishnan

Tue, 24 Sep 2024 05:00:00 -0500

In this episode, Ron Eddings and Jen Langdon speak with Senthil Ramakrishnan, Assistant Vice President of Cybersecurity Product at AT&T Business.

Senthil shares information about how a new product, AT&T Dynamic Defense™, helps protect customers by providing threat detection and mitigation at the network edge. They’ll discuss how it can address evolving cybersecurity threats, including real-world examples like the Log4j vulnerability, and how its simplicity allows for a zero-touch experience.

Impactful Moments:

00:00 - Welcome

01:01 - Introducing guest, Senthil Ramakrishnan

04:01 - Security at the Network Edge

05:57 - Fitting in With Businesses

08:00 - “Can You Just Block It For Us?”

10:05 - Stopping Log4j

11:18 - Default Enabled Policy

15:57 - How Involved is the Customer?

16:40 - Simplifying Security for Customers

Links:

Connect with our guest Senthil Ramakrishnan: https://www.linkedin.com/in/senthil-ramakrishnan-66406b30/

Check out AT&T Dynamic Defense™:

https://www.business.att.com/products/att-dynamic-defense.html

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Check out our upcoming events: hackervalley.com/livestreams

Soft Skills in Technical Sales to Connect and Sell More with Evgeniy Kharam

Tue, 17 Sep 2024 05:00:00 -0500

Technical skills open doors, but are soft skills sealing the deal? In this episode, Evgeniy Kharam reveals how communication and connection lead to success in technical sales.

From vulnerability to voice control, Evgeniy shares how to connect with clients and sell more effectively in tech.

Evgeniy Kharam has authored “Architecting Success: The Art of Soft Skills and Technical Sales”, to teach the art of soft skills, and the importance of building connections through vulnerability.

Impactful Moments:

00:00 - Introduction

01:08 - Meet Evgeniy Kharam

02:21 - Ski & Snowboard Cybersecurity Conference

06:22 - Impact of Events and Community Building

10:19 - ‘Architecting Success’

10:36 - Sales Engineers’ Evolving Role

25:58 - POCs and Soft Skills

28:01 - Your Voice: A Key Soft Skill

31:28 - Connect with Evgeniy

Links:

Connect with our guest, Evgeniy Kharam: https://www.linkedin.com/in/ekharam/

Check out Evgeniy’s Book, “Architecting Success: The Art of Soft Skills in Technical Sales: Connect to Sell More“ here: https://a.co/d/0xJSyew

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Recon Like An Adversary: Uncovering Modern Techniques in Attack Surface Management with Jason Haddix

Tue, 10 Sep 2024 05:00:00 -0500

Ever wondered how the best defenders become unstoppable? They think like the attackers. In this episode with Jason Haddix, we reveal the strategies hackers don’t want you to know about and show you how to use them to your advantage.

Jason, CEO of Arcanum Information Security and Field CISO at Flare, helps us step into the mind of a hacker. With stories and insights that will change how you think about cybersecurity, he talks about the tactics that can turn any security program into a fortress. From exploiting the overlooked to using AI for unbeatable defense, this conversation will revolutionize your approach to cybersecurity.

00:00 Introduction

01:29 Jason Haddix, CEO at Arcanum and Field CISO for Flare

04:48 Origins of Arcanum

07:04 Recon in Cybersecurity

12:22 Recon Discoveries

27:41 Flare's Role in Credential Management

33:47 Tooling for Small Businesses

35:47 Using AI for Cybersecurity

41:23 Flare Platform Deep Dive

43:20 Conclusion

Links:

Connect with our guest, Jason Haddix: https://www.linkedin.com/in/jhaddix/

Check out Flare here: https://try.flare.io/hacker-valley-media/

Check out Arcanum here: https://www.arcanum-sec.com/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

I Failed Over 300 Times Trying To Get Into Security ft. Joe South

Tue, 03 Sep 2024 05:00:00 -0500

Joe South is a testament to resilience, unconventional decisions, and finding success in unexpected places. If you’ve ever felt stuck in a rut or on the verge of giving up, Joe’s experience might be the jolt you need to keep pushing forward.

Joe, Principal Security Engineer and host of the “Security Unfiltered” podcast, shares his journey into cybersecurity and battling depression after being rejected more than 300 times when applying for security roles. Joe shares advice on breaking into cybersecurity, dealing with rejection, the importance of mentorship, and staying persistent.

00:00 Introduction

01:00 Joe South, Principal Security Engineer and Host of the Security Unfiltered podcast

02:34 Early Career Struggles and Breakthrough

03:59 The Turning Point: From Help Desk to Cybersecurity

06:44 Rejection and Finding Success

11:17 Advice for Aspiring Cybersecurity Professionals

16:19 The Importance of Continuous Learning in Cybersecurity

18:10 Join the Hacker Valley Creative Mastermind!

19:10 Securing AI Models: Challenges and Strategies

20:10 The Importance of Communication in Security

21:22 Experience and Career Advancement

21:52 Rethinking Success: The Value of Being Number Two

23:57 Pressure and Rewards of Being a CISO

26:16 The Benefits of Podcasting and Content Creation

32:28 Balancing Personal and Public Information

35:27 Overcoming Adversity and Putting Yourself Out There

38:01 Final Thoughts and Advice for Aspiring Content Creators

Links:

Connect with our guest, Joe South: https://www.linkedin.com/in/joseph-south/

Check out the Security Unfiltered podcast here: https://securityunfiltered.com

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Cybersecurity Challenges: AI, Burnout, and Insider Threats with Kayla Williams

Tue, 27 Aug 2024 05:00:00 -0500

At Black Hat 2024, we sat down with Kayla Williams, Chief Information Security Officer at Devo, to discuss her career journey, the role of AI in cybersecurity, and the pervasive issue of burnout among SOC analysts. Through her research with Wakefield Research, Kayla and her team discovered that 83% of IT professionals are burnt out due to stress, lack of sleep, and anxiety. IT and Security burnout leads to breaches.

For the past 4 years, Devo has been hosting SOC Analyst Appreciation Day, a virtual event where they shower SOC analysts with the love, appreciation and recognition that they deserve.

Impactful Moments:

00:00 - Introduction

01:25 - Kayla Williams, Chief Information Security Officer at Devo

01:38 - How Kayla Became a CISO

03:06 - Challenges and Rewards

04:23 - Burnout in Cybersecurity

04:31 - 83% of IT professionals are Burnt Out

09:38 - How AI Fits into the SOC

09:59 - Key Use Cases for AI in Cybersecurity

15:07 - Insider Threat and Employees Stealing Company Data

18:14 - Non-Traditional Paths into Cybersecurity

21:00 - Future of Cybersecurity and AI

22:31 - Advice for Aspiring CISOs

Links:

Connect with our guest, Kayla Williams: https://www.linkedin.com/in/kaylamwilliams1/

Check out Devo: https://www.devo.com/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Offensive Security: Unlocking Hidden ROI with Seemant Sehgal

Fri, 16 Aug 2024 13:29:19 -0500

In this episode, Ron sits down at Black Hat with guest Seemant Sehgal, Founder & CEO of BreachLock, to learn more about how offensive security, such as red teaming and pen testing, fits into the cyber ecosystem. Seemant highlights how his background as a practitioner has helped him better understand the pain points that customers feel and assist them in making the most of their budget.

Impactful Moments:

00:00 - Welcome

00:50 - Introducing Guest, Seemant Sehgal

02:47 - Penetration Testing vs Red Teaming

05:22 - What A Hacker Wants

06:17 - From our Sponsor, BreachLock

07:35 - There’s Always A ‘Low Hanging Fruit’

08:49 - Trusted Partners

10:49 - Closing Doors On Hackers

13:08 - Advice to Entrepreneurs: Knowing Your ‘Why’

Links:

Connect with our guest, Seemant Sehgal: https://www.linkedin.com/in/s-sehgal/

Check out BreachLock: https://www.breachlock.com/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Black Hat 2024 Conference Pre-Game

Fri, 09 Aug 2024 09:49:00 -0500

In this episode, Ron and Jen welcome you to Vegas and discuss a little background on Black Hat and DEF CON and how to make the most of your time professionally.

Impactful Moments:

00:00 - Welcome

00:56 - Hello From Vegas!

01:41 - Conference Anxiety

03:43 - Origins of Black Hat

06:17 - Which Conference?

08:18 - Conference Strategy

11:47+ - You Can Only Pick One…

Links:

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

The Present and Future of AI in Cyber

Tue, 30 Jul 2024 05:00:00 -0500

In this episode, Hosts Ron Eddings and Jen Langdon discuss questions about AI in Cyber. From the current state to where AI could be going, to resources to help you engage and up-level, there’s a little bit of everything for everyone in this episode.

Impactful Moments:

00:00 - Welcome

00:46 - Introduction

02:29 - Engineering AI

06:54 - Was it Made By AI?

09:07 - Join Our Mastermind

10:15 - AI in the Future

13:26 - AI in 2044

17:56 - AI & Resources

19:40 - AI Resources!

20:55 - One Step Better…

Links:

Check out some resources shared during this episode:

https://www.futuretools.io/ https://theresanaiforthat.com/

https://www.google.com/books/edition/On_Intelligence/Qg2dmntfxmQC?hl=en&gbpv=0

https://www.youtube.com/channel/UCbfYPyITQ-7l4upoX8nvctg

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Check out our upcoming events: hackervalley.com/livestreams

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Leaving an Impression: Strategies for Captivating a Massive Audience

Tue, 23 Jul 2024 05:00:00 -0500

In this episode, hosts Ron Eddings and Jen Langdon discuss the power of storytelling through various media. Whether your goal is to create video content, deliver keynotes on stage, or be creative through other digital mediums, there will be something for everyone!

Impactful Moments:

00:00 - Welcome

01:05 - Introductions

04:55 - Storytelling in Story Circle

09:23 - Crossing Across the Story Circle

12:15 - Join Our Mastermind!

12:57 - Is ‘Speaking’ Your Thing?

19:33 - Audience Considerations

22:24 - Speaking vs Writing

25:24 - Video/Digital Media

28:30 - Making it Captivating

32:03 - Last Reminders…

Links:

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Check out our upcoming events: hackervalley.com/livestreams

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

How Can I Best Proactively Secure My SaaS?

Wed, 17 Jul 2024 04:46:20 -0500

In this episode, Ron Eddings will explore the massive adaptation of SaaS applications and ways to tame the beast. Our guest Yoni Shohet, Co-Founder & CEO at Valence Security, will help provide insight into the capabilities of a SaaS Security Posture Management (SSPM) platform and best practices for implementing a SaaS security solution.

Impactful Moments:

00:00 - Welcome

01:59 - Introducing guest, Yoni Shohet

03:25 - Founding A SaaS Security Company

06:30 - What is SSPM?

08:27 - From our Sponsor, Valence

09:30 - Before Clicking ‘Allow’

11:54 - Users Want Their LLMs!

14:37 - Common Missteps

19:08 - Can You Manage SaaS w/o Technology?

24:15 - SaaS Breaches & MFA & APIs

32:42 - One Step Better…

Links:

Connect with our guest, Yoni Shohet: https://www.linkedin.com/in/yonishohet/

Check out Valence Security: https://www.valencesecurity.com

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

What We All Should Be Talking About When It Comes to AI and Security

Tue, 09 Jul 2024 17:09:37 -0500

In this episode, Host Ron Eddings is joined by guests Anirban Banerjee, CEO and Co-Founder at Riscosity, and James Berthoty, Founder and Analyst at Latio Tech. Together they focus on data security, AI-driven product development, and the challenges of implementing AI solutions responsibly.

Anirban discusses the importance of organizational buy-in and well-defined policies, while James underscores the need for visibility and a cautious approach in integrating AI models. Be sure to tune in to the end to hear their unique advice at being more productive.

Impactful Moments:

00:00 - Welcome

01:20 - Introducing guests Anirban & James

04:15 - The State of AI through Cyber

08:25 - Is AI a New Technology?

10:31 - AI Lets You Ship A Product

16:44 - Pros/Cons of AI & DLP

23:57 - What SHOULD We Be Talking About?

27:31 - Process First!

30:00 - One Step Better…

Links:

Connect with our guests Anirban & James :

https://www.linkedin.com/in/james-berthoty/ https://www.linkedin.com/in/anirbanbanerjeephd/

Check out Riscosity: https://www.riscosity.com/

Get a Free Data Governance Audit:

https://www.riscosity.com/free-data-governance-audit

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Check out our upcoming events: hackervalley.com/livestreams

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Navigating AI as a CISO with Whitney Palacios

Tue, 02 Jul 2024 05:00:00 -0500

In this episode, Host Ron Eddings catches up with one of his colleagues, Whitney Palacios, Vice President and CISO at BigBear.ai. They explore the challenges and responsibilities of being a CISO and Whitney addresses key cybersecurity issues such as the importance of balancing security with innovation, especially in the context of AI. Whitney offers sage insight into Security Operations Centers (SOCs), the need for diversity in tech leadership roles and closes out with helpful advice for rising CISOs.

Impactful Moments:

00:00 - Welcome

01:26 - Introducing guest, Whitney Palacios

04:03 - What Is A CISO? What Do You Do?

06:19 - SOC or No SOC?

08:40 - CISO Role & Risk/Accountability

11:12 - “One of A Few CISOs”

12:00 - Join Our Mastermind!

15:21 - AI: Allowing Innovation

18:27 - AI Use Cases

20:30 - One Step Better…

Links:

Connect with our guest, Whitney Palacios : https://www.linkedin.com/in/whitneypalacios/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag:
https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Check out our upcoming events:
hackervalley.com/livestreams

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

The Power of AppSec, Cyber Education, and Friendship with Tanya Janca

Tue, 25 Jun 2024 22:33:00 -0500

In this episode, Host Ron Eddings catches up with longtime friend, Tanya Janca, Head of Education and Community at SemGrep and author of 'Alice and Bob Learn Application Security.' Tanya shares her experiences from working in the Canadian government to joining Microsoft and eventually founding WeHackPurple. Tanya talks about her new role at SemGrep, where she focuses on making application security education accessible, and the importance of building supportive communities in the tech industry.

Impactful Moments:

00:00 - Welcome

01:20 - Introducing guest, Tanya Janca

03:09 - “IDK How to Make SemGrep Rules…”

0707 - Finding Shadow IT & Embezzlers

11:27 - Join Our Mastermind

12:09 - Becoming an AppSec Professional

15:22 - Elections CISO

18:00 - Speaking at Conferences

21:15 - Microsoft Calls Me One Day…

23:21 - Parting Ways; But Still Friends

24:30 - “Can You Train Our Devs?”

27:50 - Fairness Is Important

32:27 - Put Yourself Out There!

Links:

Connect with our guest, Tanya Janca: https://www.linkedin.com/in/tanya-janca/

Check out SemGrep Academy: https://academy.semgrep.dev/

We Hack Purple Podcast: https://wehackpurple.buzzsprout.com/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Check out our upcoming events: hackervalley.com/livestreams

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Networking 2.0: The Future of Decentralized Networking & Access Management

Tue, 18 Jun 2024 05:00:00 -0500

In this episode, Hosts Ron Eddings, and Jen Langdon share takeaways from Ron's RSA conversation with Colin Constable, Co-Founder and CTO at Atsign

On this show, they’ll break down Networking 2.0 and how it can serve as the next evolution for data ownership and access control. Colin and his team at Atsign have built the atProtocol®, a new open-source internet protocol that makes private and secure data sharing simple and intuitive, enabling any person, entity or thing to implement NIST Zero Trust principles into their solution.

Impactful Moments:

00:00 - Welcome

02:17 - Introducing, Colin Constable

03:42 - The Problem with the Current Internet

08:02 - The Catalyst Behind atProtocol®

11:12 - Nexus of Networking, Identity & Privacy

14:19 - From our Sponsor, Atsign

15:23 - What’s Networking 2.0?

18:54 - Internet Anonymity & Accountability

24:31 - Unique Solutions using atProtocol®

Links:

Connect with Colin Constable: https://www.linkedin.com/in/colinconstable/

Check out Atsign: https://atsign.com/

Read the atProtocol Whitepaper here:

https://atsign.com/resources/white-papers/the-atprotocol/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Check out our upcoming events: hackervalley.com/livestreams

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

How AI is the Key Turning Point in TPRM with Paul Valente

Tue, 11 Jun 2024 05:00:00 -0500

In this episode, Host Ron Eddings enjoys a reprieve from the hectic RSA conference with guest Paul Valente, CEO of VISO Trust. Paul discusses how he used his extensive experience as a CISO to solve a huge pain point he was experiencing with third party risk management (TPRM) and how it prompted him and a colleague to start their own company to create the solution they had been wishing for.

However, nothing could be more exciting than the ways AI has expanded the potential for TPRM to change security outcomes and allow the security sector to drop the ‘department of no’ branding for good. Tune in to hear the whole story!

Impactful Moments:

00:00 - Welcome

01:03 - Introducing guest, Paul Valente

04:49 - Core Pillars of Being a CISO

06:14 - Why Cyber Startup?

7:46 - AI: The Key Turning Point for TPRM

10:40 - Why Do Companies Need TPRM?

15:09 - From our Sponsor, VISO Trust

16:17 - Data & Controlling Risk

22:35 - No Security Questionnaires!

24:14 - One Step Better…

Links:

Connect with our guest, Paul Valente: https://www.linkedin.com/in/pauldvalente/

Check out VISO Trust: https://visotrust.com/hackervalley

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Check out our upcoming events: hackervalley.com/livestreams

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

A Deep Dive into MSSPs: Understanding the Evolution and Secrets Within with Ricardo Nicolini

Tue, 04 Jun 2024 05:00:00 -0500

In this episode, Ron Eddings and Jen Langdon explore the origins of MSSPs and the solutions they offer to the cybersecurity industry with insights from Ricardo Nicolini, CTO at Bulletproof. Ricardo will uncover the potential of MSSPs to alleviate headaches and reduce burnout in cybersecurity by detailing his personal experience with overcoming a ransomware attack in the City of Saint John.

Impactful Moments:

00:00 - Welcome

05:15 - Introducing guest, Ricardo Nicolini

07:21 - Find & Prevent: FAST!

11:39 - Who MSSPs Support

13:48 - From our Sponsor, ContraForce

14:48 - City of Saint John & Ransomware

20:02 - Implications of Ransomware

25:16 - SOC Burnout is Real

29:21 - Improving the SOC with the Right Person

35:46 - Is Reducing Cognitive Load Possible?

Links:

Connect with our guest Ricardo Nicolini : https://www.linkedin.com/in/rnicolini/

Check out ContraForce: https://www.contraforce.com/

Learn more about how Bulletproof helped the City of Saint John:

https://content.bulletproofsi.com/read-cosj-case-study

Check out our upcoming events: hackervalley.com/livestreams

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Zero Trust Tactics: Preventing Breaches with Ivan Fonseca & Nick Cottrell

Tue, 28 May 2024 05:00:00 -0500

In this episode, Host Ron Eddings teams up with Ivan Fonseca and Nick Cottrell, Cybersecurity Engineers at ThreatLocker, as they break down the anatomy of previous breaches and the attacker’s playbook using MITRE ATT&CK. Ivan and Nick will take you through the defender’s perspective and will also share tools that are commonly used to defend breaches and discuss how Zero Trust can be implemented to better defend organizations.

Impactful Moments:

00:00 - Welcome

01:35 - Introducing guests, Ivan Fonseca and Nick Cottrell

04:39 - 3CX Breach & Supply Chain Attacks

08:10 - Ring Fencing Defense

11:16 - Living Off the Hacker Valley Land

13:06 - From our Sponsor, ThreatLocker

13:56 - Hacker Mindset in the Op

18:45 - Zero Trust, Default Deny

24:23 - Common Attack Vectors

30:09 - 7 Zip is a Russian Application?

32:49 - Learning How to Defend Better

Links:

Connect with our guests, Ivan Fonseca and Nick Cottrell :

https://www.linkedin.com/in/ivan-fonseca-64139222b/

https://www.linkedin.com/in/nicholas-cottrell-083564165/

Learn more about ThreatLocker: https://www.threatlocker.com/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Enterprise Browsers: Work’s Natural Next Step

Tue, 21 May 2024 05:00:00 -0500

In this episode, Ron Eddings and Jen Langdon talk about the evolution of browsers and how enterprise browsers have entered to change the game for corporations. Special guest Bradon Rogers, Chief Customer Officer at Island, joins to explain how enterprise browsers expand capabilities in asset management, security, and user experience. They also discuss how enterprise browsers can streamline IT infrastructure, offering a glimpse into the future and AI's role in it.

Impactful Moments:

00:00 - Welcome

04:25 - Introducing guest, Bradon Rogers

07:23 - Extension vs Browser

14:53 - Security Use Cases

18:12 - From our Sponsor

19:34 - Better User Decisions

24:01 - Tool Reduction

26:24 - IT & Security Should Play Nice

29:41 - Data Protection

Links:

Connect with our guest, Bradon Rogers: https://www.linkedin.com/in/bradon/

Check out Island’s website here: https://www.island.io/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Check out our upcoming events: hackervalley.com/livestreams

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Building Tech and Adding Value in the Era of AI with Josh Danielson

Tue, 14 May 2024 05:00:00 -0500

In this episode, Ron Eddings talks with guest Josh Danielson, CEO at Kustos, about how his journey at a previous organization has led him to build and create new products in the industry. They’ll discuss everything from how AI is currently being used to how there are still many ways to optimize in the cybersecurity product and service space. Listen to learn more about how you could create the next great thing in cyber!

Impactful Moments:

00:00 - Welcome

00:43 - Introducing guest, Josh Danielson

03:20 - Cutting Edge Tech

07:34 - To CISO or not to CISO

10:33 - Join Our Creative Mastermind

11:20 - Balancing Product & Services

14:37 - Not Taking Advantage of AI

18:10 - Getting Better Value out of Tooling

21:35 - One Step Better…

Links:

Connect with our guest, Josh Danielson:

https://www.linkedin.com/in/joshua-danielson-a82b7342/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Check out our upcoming events: hackervalley.com/livestreams

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Building Fast and Not Breaking Things with Shlomi Matichin

Tue, 07 May 2024 05:00:00 -0500

In this episode, Ron Eddings and guest Shlomi Matichin, Co-Founder & CTO at Valence Security, discuss how the hurdles and triumphs in the journey of establishing Valence Security resulted in a reduction in SaaS misconfigurations and vulnerabilities.

Impactful Moments:

0:00 - Welcome

01:50 - Introducing guest, Shlomi Matichin

02:46 - Founder’s Journey

04:30 - Building Fast

07:37 - Building Fast vs Building Intentionally

08:13 - From Our Sponsor, Valence Security

09:18 - How SaaS Breaches Occur

13:38 - Google Workspace Security

19:55 - The Uninstall Journey

25:00 - What Worries You?

27:48 - Building SaaS Fast

31:08 - One Step Better

Links:

Connect with our guest, Shlomi Matichin:

https://www.linkedin.com/in/shlomi-matichin/

Check out Valence Security: valencesecurity.com

Check out our upcoming events: hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Leaping Over the ‘BAR’ to Leading Cyber in Africa with Confidence Staveley

Tue, 30 Apr 2024 05:00:00 -0500

In this episode, Host Ron Eddings gets to know guest Confidence Staveley, founder of Merkel Fence and CyberSafe Foundation. He uncovers Confidence’s inspiring story, not only about how she transforms her community and the people around her through her non-profit, but the grit she needed to overcome the obstacles to get to a career in cyber and build her own company. In addition to learning about the potential of Africa as a booming tech talent hub, you’ll better understand what it takes to foster that growth in the tech industry.

Impactful Moments:

00:00 - Welcome

00:44 - Introducing guest, Confidence Staveley

04:03 - Learning About Computers

06:46 - Women in Cyber & Access to Tech Careers

12:30 - Pushing Forward & Inspiring Others

15:05 - Solving the Cyber Problem

19:11 - Time Commitment to Get a Job in Cyber

24:45 - How CyberSafe Works

29:29 - Building a SOC in Africa

32:29 - One Step Better…

Links:

Connect with our guest, Confidence Staveley:

https://www.linkedin.com/in/confidencestaveley/

Check out the CyberSafe Foundation:

https://cybersafefoundation.org/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

How to Hack your Career: Building a vCISO Business with Ayman Elsawah

Tue, 23 Apr 2024 05:00:00 -0500

In this episode, Ron Eddings gets a chance to speak with Ayman Elsawah, Founder of Cloud Security Labs, and have him share his experience with becoming a vCISO. Ayman will break down the vast business of security consulting and help you determine the best approach and next steps to catalyze you on your way to owning your time and your own business.

Impactful Moments:

00:00 - Welcome

01:14 - Introducing guest, Ayman Elsawah

07:08 - Types of vCISOs

09:55 - How to Become a vCISO

13:40 - Join Our Mastermind!

14:24 - Is vCISO Right for You?

17:22 - Marketing as A vCISO

22:33 - Anticipated vCISO Salary

26:15 - vCISO Time Commitment

Links:

Connect with Ayman:

https://www.linkedin.com/in/infosecleader/

Twitter & YouTube: @coffeewithayman

Check out Ayman’s vCISO Course:

coffeewithayman.com/hackervalley

—-------------------------------------------------------------------------

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Hyperautomation, Open Security Data Architecture, and the Future of SIEM with Neal Humphrey

Tue, 16 Apr 2024 05:00:00 -0500

Ron Eddings and Neal Humphrey, Vice President of Market Strategy at Deepwatch, discuss the changes in Security Operations infrastructure, and how these changes in structure, data, and automation are going to impact operations in the near future. Their discussion will revolve around more than just SIEM, alerts, and responses; it will go into market changes, vendor movement, and how the future of SOC is demanding a shift in mindset and strategy beyond "Let a machine handle it..."

Impactful Moments:

00:00 - Welcome

01:05 - Introducing guest, Neal Humphrey

03:09 - Looking Back at SecOps

06:11 - Modern SOC Wall

11:49 - Hyperautomation; the Future of SOAR?

15:02 - Hyperautomation & Normalization

17:29 - From our Sponsor, Deepwatch

19:18 - OSDA & Deepwatch

25:32 - Hyperautomaiton or OSDA 1st

30:25 - Can I Show The Value of A Tool?

34:30 - Who is OSDA White Paper for?

36:43 - One Step Better…

Links:

Connect with our guest, Neal Humphrey:

https://www.linkedin.com/in/neal-humphrey-b909773/

Check out the White paper by Deepwatch:

https://www.deepwatch.com/the-security-operations-center-cannot-hold/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Securing Your SaaS and Cyber Influencer Networking with CRO Bob Horn

Tue, 09 Apr 2024 05:00:00 -0500

Ron Eddings sits down with Bob Horn, Chief Revenue Officer at Valence Security. Their conversation centers around the world of SaaS security, examining the current landscape and challenges in managing SaaS risks. Bob also shares experiences from his 25-year career in sales, focusing on the importance of storytelling in sales and innovative approaches of marketing through leveraging cybersecurity influencers.

Impactful Moments:

00:00 - Welcome

00:44 - Introducing guest, Bob Horn

03:36 - Sales & Storytelling in Cybersecurity

07:13 - Current State of SaaS

09:28 - From our Sponsor, Valence Security

10:29 - More SaaS, More Problems

13:52 - Great Security Improves Your Team

17:01 - Consequence of Being Attacked

19:10 - Influencer & In-Person Marketing

25:55 - The Future of SaaS

28:01 - One Step Better…

Links:

Check out Valence Security:

https://www.valencesecurity.com/

Connect with our guest, Bob Horn:

https://www.linkedin.com/in/bob-horn-699a70/

Join us LIVE with Shlomi Matachin on Tuesday, April 16th at 12p ET / 9a PT:

https://www.linkedin.com/events/7181368974062895106/comments/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

From ‘Hand-to-Hand Combat’ To Management in Cyber with Ofer Gayer

Tue, 02 Apr 2024 05:00:00 -0500

HVS Host Ron Eddings chats it up with guest Ofer Gayer, VP of Product at Hunters. While both of them reminisce about their first love in security research, Ofer clarifies how he diverted his path and reached the VP stage, while also helping to level up his teams. They’ll conclude by discussing how AI is the ‘zeitgeist of our time’ and how you can get better at whatever you’re doing in cyber.

Impactful Moments:

00:00 - Welcome

01:10 - Introducing guest, Ofer Gayer

03:12 - ‘Start-up’ in Research

07:55 - Security Research- First Love

10:55 - “A lot of People Want to be Product Managers”

14:46 - “I Had IT Remove My Privileges”

18:20 - Transitioning to Visionary/Zeitgeist

25:30 - Embracing AI Solutions

32:30 - One Step Better…

Links:

Connect with our guest, Ofer Gayer:

https://www.linkedin.com/in/ofer-gayer/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

How Threat Actors Are Accessing Your SaaS Environments with Jaime Blasco

Tue, 26 Mar 2024 05:00:00 -0500

Ron Eddings and Jaime Blasco, Co-Founder and CTO at Nudge Security, discuss how well-known adversaries are taking advantage of enterprises that don’t have visibility into their full SaaS footprint, and therefore can’t secure it. Grab a front-row seat to gain a new perspective on your vulnerabilities through the eyes of an attacker.

Impactful Moments:

00:00 - Welcome

01:10 - Introducing guest, Jaime Blasco

02:30 - Real World Impact of SaaS Vulnerabilities

07:35 - Exploring AI & Security Implications

09:50 - Evolution of Threat Actors & Targeted Companies

15:45 - From our Sponsor, Nudge

17:17 - Attackers, Tokens & Ticketing Systems

22:50 - Lazarus & Malicious SaaS Apps

26:50 - The Attackers are Talking with You…

29:18 - Run it In the Cloud & Make Honey Tokens

34:04 - Future of SaaS & AI in Cybersecurity

39:00 - Increase Visibility, Reduce Risk

Links:

Connect with our guest, Jaime Blasco:

Check out our friends at Nudge:

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

The Future of Endpoint Threats and Why Zero Trust is the Only Option with Rob Allen

Wed, 20 Mar 2024 05:00:00 -0500

Get ready for a SPECIAL episode! Ron Eddings will take you on an inside look at Threatlocker’s rapidly growing event, Zero Trust World, and will talk with Rob Allen, Chief Product Officer at Threatlocker, to discuss what you can find out from your endpoints (hint: it’s more than remote access tools you didn’t know were running!)

Impactful Moments:

00:00 - Welcome

01:24 - Zero Trust World Sneak Peek!

02:21 - From our Sponsor, Threatlocker

03:50 - Introducing guest, Rob Allen

05:03 - What’s Zero Trust World

10:40 - Technical Executive Leaders

16:24 - Managing from the Top Down

20:33 - More Than Allow Listing

24:38 - Rubber Ducky, You’re the One…

26:59 - Assume Breach

29:30 - Some Interesting Finds

35:55 - Where Most of the Action Happens

26:30 - One Step Better…

Links:

Connect with our guest, Rob Allen:

https://www.linkedin.com/in/threatlockerrob/

Check out https://www.threatlocker.com/ to learn more!

See the Zero Trust World recap portion here on our YouTube

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Slugging it Out in the SOC to Find Your Niche in Cyber with Nate Malicoat

Tue, 05 Mar 2024 05:00:00 -0600

Ron Eddings sits down in-person with Nate Malicoat, Threat Intel Engineer at ContraForce, for a down-to-earth interview about entering the cybersecurity workforce from the Marines.

Impactful Moments:

00:00 - Welcome

01:20 - Introducing guest, Nate Malicoat

03:00 - Marines to Computer Life

05:13 - Importance of Mentoring & Mentors

10:04 - Participating in the Industry

12:42 - Why Aim For the CISO role?

14:40 - Be Persistent, But Not Annoying

Links:

Connect with our guest, Nate Malicoat:

https://www.linkedin.com/in/nate-malicoat-58760a143/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Creating Value in the Cyber Industry with Nick Lantuh

Tue, 27 Feb 2024 05:00:00 -0600

Nick Lantuh, CEO of Interpres Security, joins Ron Eddings on the mic at Hacker Valley’s “On the Big Screen” event to talk about how Nick’s previous career experience have given him unique insight into the cybersecurity industry. Ron and Nick discuss everything from Nick’s immigrant background and his experience with helping customers, to threat modeling and starting up companies.

Impactful Moments:

00:00 - Welcome

01:05 - Introducing guest, Nick Lantuh

03:06 - The Differentiator

06:21 - Wanting to ‘Be Your Own Boss’

10:00 - Being the Executive Chairman

12:47 - The Go-To-Market Side

15:11 - The Turnaround

18:01 - Making the Ecosystem Better

21:20 - Bridging the Gap

24:14 - Exposure Management

29:59 - One Step Better…

Links:

Connect with our guest, Nick Lantuh:

https://www.linkedin.com/in/nicklantuh/

Check out Interpres Security:

https://interpressecurity.com/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

AI & Phishing: Fighting Fire with Fire

Tue, 20 Feb 2024 05:00:00 -0600

In this episode, Host Ron Eddings is joined by Vishal Dixit, Co-founder & CTO at Graphus Inc., and Sven Bechmann, Senior Product Manager of Email Security at Kaseya to dig into how phishing attacks are evolving and how you can keep your business safe.

Get the ultimate email security software and stop phishing attacks that others miss! Request a demo from our friends at Graphus, today! -- and don't miss their 5-minute guide to phishing attacks and prevention.

Impactful Moments:

00:00 - Welcome

01:37 - Introducing guests Vishal & Sven

02:50 - The Current State of Phishing

06:40 - Phishing & Career Path

10:47 - From our Sponsor, Graphus Inc

12:07 - Phishing & Email Security

14:27 - “Security Is an Afterthought”

17:29 - What are Hackers Doing with AI?

23:08 - AI & Phishing Detection

31:30 - Phishing Evolution

35:30 - One Step Better…

Links:

Connect with our guests:

Vishal Dixit: https://www.linkedin.com/in/dixitvishal/

Sven Bechmann: https://www.linkedin.com/in/sven-bechmann-product-management/

Learn more from Graphus.ai:

https://www.graphus.ai/hackervalley

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Andrew Forgie's Path From Apache Mechanic to Cybersecurity Sales Leader and Mastering Cyber Sales

Wed, 14 Feb 2024 05:00:00 -0600

In this episode, Andrew Forgie takes us on his journey from his early days as an Apache helicopter mechanic in the military to his current role as a regional sales manager in cybersecurity.

Andrew shares his trials and challenges, the significant shift from being in a service role to mastering the art of sales in the highly competitive tech industry.

His story illustrates the power of adapting to change and the critical role of personal development in achieving professional success.

00:00 - Introduction
00:42 - Introduction to the episode and guest Andrew Forgie, regional sales manager at RMS.
01:29 - Andrew discusses his transition from the military to cybersecurity sales.
02:43 - Insight into Andrew's early struggles and successes in sales.
04:13 - How "Selling for Dummies" transformed Andrew's approach to sales.
06:02 - The importance of attitude and creating a buying environment in sales.
08:09 - Andrew shares his life vision exercise and its impact on his career.
12:09 - Discussion on the value of relationships in cybersecurity sales.
24:19 - Advice for those looking to enter or excel in cybersecurity sales.

Links:
Connect with our guest Andrew Forgie: https://www.linkedin.com/in/andrewforgie/
Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio
Become a sponsor of the show to amplify your brand:
https://hackervalley.com/work-with-us/
Love Hacker Valley Studio? Pick up some swag:
https://store.hackervalley.com
Continue the conversation by joining our Discord:
https://hackervalley.com/discord

Zinet Kemal's Journey From Ethiopian Immigrant to TEDx Speaker & Cloud Security Engineer at Fortune

Tue, 06 Feb 2024 05:00:00 -0600

In this episode of Hacker Valley Studio, we dive into the inspiring journey of Zinet Kamal, an immigrant from Ethiopia who has carved a niche for herself in cybersecurity. Despite starting her journey with limited access to technology and not having mentors until 2020, Zinet's resilience and passion led her to become a cloud security engineer at a Fortune 500 company. Her story is a testament to the human spirit's capability to overcome barriers and make significant strides in the tech industry.

This episode is a story of personal growth, cultural transitions, and the drive to empower the next generation through education and cybersecurity awareness. As a mother of four, a multi-award-winning cybersecurity advocate, and a best-selling author, Zinet brings a unique perspective on the importance of diversity in tech and the role of mentorship in shaping future leaders.

00:00 - Welcome

01:32 - Introducing Guest, Zinet Kemal

03:09 - Growing up in Africa

07:12 - “I Never Had a Children’s Book”

12:52 - Culture Shock

16:02 - From Legal to Cybersecurity

18:50 - CCDC Competition

21:55 - Role of Community in Resetting

24:34 - “Oh No… Hacked Again!”

30:00 - Online Safety Empowerment

34:50 - Moving up in Cyber

Links:

Connect with Zinet Kemal: https://www.linkedin.com/in/zinetkemal/

Zinet’s LinkedIn Course:

https://www.linkedin.com/learning/cybersecurity-careers-build-your-brand-in-cybersecurity/grow-your-cybersecurity-career-with-personal-branding?course

Check out Zinet's Books: https://www.amazon.com/stores/Zinet-Kemal/author/B099P5B8FD

Watch Zinet's TEDx Talk: https://www.youtube.com/watch?v=J61K1Gu97jM

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Paving the Path for CISOs of the Future with Gary Hayslip

Tue, 30 Jan 2024 05:00:00 -0600

In this episode, Host Ron Eddings catches up with repeat guest, Gary Hayslip, CISO at SoftBank Investment Advisors and co-author of CISO Desk Reference guide. Gary explains that the varied nature of his current CISO role contrasts with the broader industry trends. He discusses how that nature plays into the CISO hiring process and career path, as well as how his books are helping to bridge the gap among professionals.

Impactful Moments:

00:00 - Welcome

00:59 - Introducing guest, Gary Hayslip

01:38 - The Path to Becoming a CISO

08:04 - CSO vs CISO

10:47 - “I'm firing you…”

15:03 - Interviewing for the CISO role

17:56 - Join Our Mastermind

18:39 - Being ‘Mr. Maybe’

21:41 - CISO- A Day in the Life

24:50 - Using Books to Pave the Way

Links:

Connect with our guest Gary Hayslip:

https://www.linkedin.com/in/ghayslip/

Check out Gary’s Books:

https://www.amazon.com/stores/Gary-Hayslip/author/B01IJN838A?ref=ap_rdr&isDramIntegrated=true&shoppingPortalEnabled=true

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

The Untold Story of Browser Risks: Pioneering Enterprise Browser Security with Or Eshed

Tue, 23 Jan 2024 05:00:00 -0600

In this episode, Host Ron Eddings and guest Or Eshed, CEO of Layer X, discuss how changes in IT infrastructure, employee behavior and malicious tech have created an era where browser security is a must. Or details how he is spearheading a movement to reposition browsers as our first line of defense.

Impactful Moments:

00:00 - Welcome

02:50 - Introducing guest, Or Eshed

05:27 - The Crime Scene: Where Employees Are

07:20 - Educating Users with a Browser Extension

10:13 - The Enablement Game

13:10 - How Malicious Browser Extensions Work

16:07 - From our Sponsor, Layer X

17:33 - Better Than EDR- Know Who Is Doing What

22:53 - Stop Account Takeovers- Stealthily

27:55 - Predictions & GPT Use Case

33:16 - One Step Better…

Links:

Connect with our guest :

https://www.linkedin.com/in/or-eshed/

Check out Layer X:

https://layerxsecurity.com/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Cyber Defense Reinvented: The New Era of Attack Surface Management with Isaac Clayton

Tue, 16 Jan 2024 05:00:00 -0600

In this episode, Host Ron Eddings talks with guest Isaac Clayton, Senior Research Engineer at NetSPI. Ron and Isaac discuss the importance of ASM for organizations of all sizes, the challenges of asset identification, and framing a practical strategy to handle ASM.

Impactful Moments:

00:00 - Welcome

03:00 - Introducing guest, Isaac Clayton

04:25 - Understanding ASM

07:57 - Factoring in Attackers

10:47 - “Admit it’s a hard problem”

12:35 - Challenges & Surprises

15:03 - From our Sponsor, NetSPI

15:41 - The Right Medicine, The Right Dosage

19:04 - Zero Trust is Not Enough

20:37 - Prioritization— Baked In!

21:33 - The ASM Learning Curve

26:12 - “Not all ASM is Created Equal”

Links:

Connect with our guest, Isaac Clayton :

https://www.linkedin.com/in/isaac-clayton-24088696/

Check out NetSPI:

asm.netspi.com

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Cyber Resilience Unpacked: Securing Tomorrow Today with Bill Bernard

Tue, 09 Jan 2024 05:00:00 -0600

In this episode, Host Ron Eddings dives deep into crafting a resilient cybersecurity approach with guest speaker Bill Bernard, VP of Security Strategy at Deepwatch. Bill discusses the necessity of understanding business objectives to protect valuable assets but emphasizes focusing on risk-based strategies in addition to stronger detection and response mechanisms to help you play the long game.

Impactful Moments

00:00 - Welcome

01:43 - Introducing guest, Bill Bernard

04:22 - Understanding Emerging Threats

06:19 - What’s Old is New Again

08:48 - Buy a Helmet, Not a Bodysuit

11:57 - Defining Cyber Resilience

15:30 - Deepwatch’s Strategy for Resilience

18:31 - From our Sponsor

20:03 - MDR and Effective MDR Engagements

27:18 - Where Does AI Fit In With MDR?

32:57 - Staying One Step More Resilient

35:05 - Deepwatch- The Right Fit for You

Links:

Connect with our guest, Bill Bernard :

https://www.linkedin.com/in/billbernardchicago/

Take a Tour of the Deepwatch Managed Security Platform https://www.deepwatch.com/deepwatch-platform/#platform-tour

Read the Move Beyond Detection and Response to Accelerate Cyber Resilience white paper, here: https://www.deepwatch.com/resource/go-beyond-cybersecurity-become-cyber-resilient/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleys...

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Looking Backward to GROW Forward in Cybersecurity in 2024

Tue, 02 Jan 2024 05:00:00 -0600

In this episode, we’ll take a walk down memory lane. Hacker Valley looks back to 2023 to bring you some of the best clips with great advice and insight into being more creative, reflective, and resourceful with the hopes of inspiring you in 2024 to grow beyond where you are today.

Impactful Moments

00:00 - Welcome

00:54 - A New Year is on the Way!

01:54 - ChatGPT and Cybersecurity

04:40 - Becoming an Industry Creative

07:47 - Leveraging AI in the Future with Storytelling - with Scott Sunderland

09:12 - Advice for your Content Creation Journey - with Jason Rebholz

11:15 - How to Start your Cybersecurity Book - with Kim Crawley

14:13 - Join our Mastermind

14:50 - The Right Platform for You - with Phillip Wylie

17:08 - Finding your Focus - with Simone Biles & Amy Bream

20:41 - Leveraging Human Resources in Cyber

Links:

Check out the episodes highlighted:

ChatGPT & Industry Creative-https://www.youtube.com/watch?v=-u6m0SXFTmA

Scott Sunderland-https://www.youtube.com/watch?v=5pwTruINFiM

Jason Rebholz-https://www.youtube.com/watch?v=Ao81IRnffc8

Kim Crawley-https://www.youtube.com/watch?v=rKny7kVeRM0

Phillip Wylie-https://www.youtube.com/watch?v=z5B1E2vp0DY

Simone Biles & Amy Bream-https://www.youtube.com/watch?v=DiebZS9s7sg

Cyber Resources-https://www.youtube.com/watch?v=UoTk3w_78co

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleys...

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

What’s Lurking In Your Containers? AMBERSQUID Operations, Freejacking, and Microservice Exploitation

Tue, 19 Dec 2023 05:00:00 -0600

In this episode, Host Ron Eddings, discusses new tactics of adversaries with Director of Threat Research at Sysdig, Michael Clark. Michael digs into the cloud and shares trends about the AMBERSQUID operation and how to protect yourself from potential container-based threats.

Impactful Moments

00:00 - Welcome

01:20 - Introducing guest Michael Clark

03:09 - Finding AMBERSQUID

06:46 - Mining and Monitoring AWS Services

10:47 - Defending Against AMBERSQUID

14:03 - The Speed of Container-Based Threats

18:13 - The Costs of Freejacking

23:08 - Attribution & The Future Threat

26:30 - CIEMs Like You Have Secrets

Links:

Connect with Michael Clark:

https://www.linkedin.com/in/michaelclarkinpa/

Check out Sysdig’s Threat Research: https://sysdig.com/threat-research/

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Pivotal Policy in the Age of AI with AJ Grotto

Tue, 12 Dec 2023 05:00:00 -0600

In this episode, Host Chris Cochran chats it up with former White House Senior Director for Cyber Policy, AJ Grotto. AJ shares his viewpoints about the current state of AI policies, the potential risks and benefits of AI technology, and the challenges in crafting effective policies in the field of cybersecurity.

Impactful Moments

00:00 - Welcome

00:45 - Introducing guest, AJ Grotto

01:14 - Are Cyber and AI Separate?

03:37 - US Cyber Policy

08:06 - The Reality of AI Risk

11:20 - From Law to Cyber Policy

14:47 - Join our Mastermind!

15:36 - Policy Implementations

18:55 - Cyber Warfare and AI

22:13 - Advice for Getting into Cyber Policy

Links:

Connect with AJ:

https://www.linkedin.com/in/andrew-grotto-2534b510a/

More about AJ and his current work:

https://fsi.stanford.edu/people/andrew-j-grotto

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleys...

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Ransomware: How to Use AI to Create a Readiness Kit with Scott Sutherland

Tue, 05 Dec 2023 05:00:00 -0600

The adversary is using Artificial Intelligence. Why aren’t you?

In this episode, Host Chris Cochran talks with Scott Sutherland, VP of Research at NetSPI, about everyone’s favorite hot topics; ransomware and AI. Scott will detail his experience with simulating ransomware attack scenarios, as well as discussing the difficulties businesses face when dealing with ransomware threats and prevention mechanisms and how AI can be leveraged to help.

Impactful Moments
00:00 - Welcome
01:10 - Introducing guest, Scott Sunderland
03:24 - Interactions with Generative AI Chatbots
04:14 - Use of AI and Readiness
15:16 - A word from our Sponsor, NetSPI
15:55 - Using AI to develop Exercises
20:46 - Collaboration beats Adversaries
25:08 - Ransomware Bots
26:15 - Role of AI in Storytelling

Continuously keep pace with your expanding attack surface with the most comprehensive suite of offensive security solutions: https://www.netspi.com/hackervalley

Links:
Connect with Scott Sutherland:
https://www.linkedin.com/in/scottpsutherland/
Learn more about our sponsor, NetSPI:
https://www.netspi.com/
Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord

Cover Your SaaS: Navigating OAuth and SaaS Security Challenges

Tue, 28 Nov 2023 05:00:00 -0600

SaaS misconfigurations may be responsible for up to 63% of security incidents.

Do your SaaS applications have risky OAuth grants and misconfigurations? Let’s not find out.

We will unravel the complexities of OAuth and how attackers are using OAuth to move from one app to another. Our special guest Jaime Blasco, co-founder and CTO at Nudge Security, shares techniques to protect your SaaS apps and identify risky and malicious OAuth grants.

Are you ready to cover your SaaS and avoid finding yourself in the hot seat?

Show some love to our sponsor Nudge Security and win a Steam Deck: https://www.nudgesecurity.com/steamdeck

Links:

Connect with Jamie Blasco:

https://www.linkedin.com/in/jaimeblasco/

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Standing Out On LinkedIn as a Cybersecurity Professional with Chris Hughes

Tue, 21 Nov 2023 05:00:00 -0600

In this episode, host Ron Eddings speaks with Chris Hughes, President at Aquia, Cyber Innovation Fellow at CISA, and cybersecurity legend. Special guest, Chris Hughes, was initially inspired to build a personal brand through a desire to mend his weaknesses and highlight his strengths. However, LinkedIn offered a platform to display his growth and learning, leading to him amassing over 50,000 followers! In addition to sharing his story, Chris will emphasize tips on how to start your own personal brand.

Key Moments:

00:00 -Welcome 00:56 - Introducing Guest, Chris Hughes
01:59 - Finding His Way to Cyber
03:20 - Brand Building on LinkedIn
05:19 - Power of Networking and Personal Branding
11:32 - Be a Part of Cyber Creator Con!
14:31 - The Impact of LinkedIn on Career Opportunities
16:48 - The Art of Content Creation on LinkedIn
20:16 - Cashing in on Career Capital
22:05 - Advice for Building a Personal Brand

Links:
Follow Chris on LinkedIn:
https://www.linkedin.com/in/resilientcyber/
Check out Chris’ Podcast:
https://resilientcyber.substack.com/
Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord

Adversarial AI: Navigating the Cybersecurity Landscape

Tue, 07 Nov 2023 05:00:00 -0600

In this episode, host Ron Eddings is joined by Sr. Director of Red Team Operations at Coalfire, Pete Deros, to discuss the hottest topic around; adversarial AI. Ron and Pete discuss how AI is used and how the adversary is using AI so everyone can stay one step ahead of them as well.

Impactful Moments
00:00 - Welcome

01:35 - Introducing Pete Deros

03:30 - More Easily Phished

05:09 - 11 Labs Video

06:42 - Is this AI or LLM?

9:18 - AI or LLMs: Who has the Speed?

10:36 - Fine Tuning LLMs

14:37 - WormGPT & Hallucinations

17:01 - LLMs Changing Second to Second

18:38 - A Word From Our Sponsor

20:19 - ‘Write me Ransomware!'

23:24 - Working Around AI Roadblocks

28:00 - “Undetectable for A Human”

31:58 - Pete Can Help You Floss!

34:56 - OWASP Top 10 & Resources

37:00 - Check out Coalfire

Links:
Connect with our guest Pete Deros:
https://www.linkedin.com/in/pete-deros-94524b9a/
Coalfire’s Website:
https://www.coalfire.com/
Coalfire Securialities Report:
https://www.coalfire.com/insights/resources/reports/securealities-report-2023-compliance
OWASP Top 10 LLM:
https://owasp.org/www-project-top-10-for-large-language-model-applications/
Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio
Become a sponsor of the show to amplify your brand:
https://hackervalley.com/work-with-us/
Love Hacker Valley Studio? Pick up some swag:
https://store.hackervalley.com
Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Protecting What You Can’t See with HD Moore

Tue, 31 Oct 2023 05:00:00 -0500

In this episode, host Ron Eddings is joined by Metasploit creator, co-founder and CEO of runZero, HD Moore. HD changed the world with Metasploit and he’s doing it again with runZero. Attack Surface Management can’t happen unless you have visibility into your home or company network and HD shares how he’s able to deliver that and so much more in his journey of creating runZero.

Impactful Moments

00:00 - Welcome

00:50 - Introducing guest, HD Moore

01:30 - Fixing the Root Cause

05:00 - runZero

10:54 - A New Kind of CAASM

12:00 - Uncover the Unknown

14:08 - runZero Raving

17:45 - “Trust me, you can scan OT”

20:10 - You Can Scan if You Want To

22:30 - Red to Blue Judo Skills

Links:

Connect with our guest HD Moore:

https://www.linkedin.com/in/hdmoore/

Check out runZero:

https://www.runzero.com/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleys ...

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Penetration Testing, Public Speaking, and Content Creation with Phillip Wylie

Tue, 24 Oct 2023 06:29:36 -0500

In this episode, Ron Eddings is joined by Penetration Tester, Instructor, International Speaker, Best Selling Author, and Podcast Host, Phillip Wylie. Phillip shares how pen testing and the need to educate people helped motivate him to speak at conferences and become a central voice in the cyber community. But more than that, he explains how he’s helped so many people get started on a similar path.

Impactful Moments:

00:00 - Intro

00:50 - Introducing Phillip Wylie

02:10 - Penetration testing Started it All

05:10 - Pen testing is a Job?!

08:50 - The Conference Game

12:55 - Cheers to Toastmasters

14:23 - Content Creation & Social Media Marketing

18:30 - Keeping it Simple

20:55 - Are you Smarter Than a 5th Grader?

25:30 - What’s next for Phillip?

26:35 - Getting into Creating

Links:

Connect with our guest Phillip Wylie:

https://www.linkedin.com/in/phillipwylie/

Phillip’s Book “The Pentester Blueprint”:

https://www.amazon.com/Pentester-BluePrint-Your-Guide-Being/dp/1119684307/ref=asc_df_1119684307

Phillip’s Podcasts:

https://www.thehackermaker.com/phillip-wylie-show/

Check out our Previous Episode with Phillip:

https://www.axonius.com/plus/hacker-valley-on-the-road/on-the-road-at-bh-2022/phillip-wylie

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Ruse and Deception: From Hollywood to Corporate Espionage with Robert Kerbeck

Tue, 17 Oct 2023 05:00:00 -0500

In this episode, Host Ron Eddings interviews Robert Kerbeck, author of Ruse: Lying the American Dream from Hollywood to Wall Street. Robert shares how his professional acting skills helped his career in corporate spying and espionage.

Impactful Moments

00:00 - Welcome

00:46 - Introducing guest, Robert Kerbeck

00:55 - …And That’s How I Became A Spy

03:00 - Creativity REELY Counts w/ Phishing

10:00 - Robert’s Phishing Training

14:22 - How Corporate Espionage Works

18:36 - “A Fraction of the Spying I Really Did”

20:52 - Hobnobbing with Hollywood

25:06 - Your Way out of a “Ruse”

Links:

Connect with our guest Robert Kerbeck:

https://www.linkedin.com/in/robert-kerbeck-12aa7a11/

Read “Ruse: Lying the American Dream from Hollywood to Wall Street”:

https://www.amazon.com/Ruse-Lying-American-Hollywood-Street/dp/1586423169

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com/

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Hacker Culture and ADHD with Kim Crawley

Tue, 10 Oct 2023 05:00:00 -0500

In this episode, host Ron Eddings is joined by cybersecurity researcher and writer, Kim Crawley, to deep dive into one of her greatest passions; computing! From its origins to its newest capabilities in quantum and AI, Kim shares her love of computers as well as her passion for educating others through her writing. Lastly, Kim explains how she wrote her newest release, “Hacker Culture A-Z” while keeping it ADHD-friendly.

Impactful Moments

00:00 - Welcome

00:52 - Introducing guest, Kim Crawley

02:20 - Computers; A Forbidden Fruit

04:50 - Parents, PCs & Printers

10:44 - Why Hacker Culture?

14:34 - Join our Mastermind!

15:16 - Quantifying Quantum

21:53 - ”AI is like Fire”

26:45 - Playing with Chat & DALL-E

28:28 - ADHD & Work

33:22 - How to Become an Author

Links:

Connect with our guest Kim Crawley:

https://linkedin.com/in/kimcrawley

Pre-order “Hacker Culture A to Z” here:

https://www.amazon.com/Hacker-Culture-Fundamentals-Cybersecurity-Hacking/dp/1098145674/

Read “Hacker Culture A to Z” on the O’Reily Learning Platform:

https://www.oreilly.com/library/view/hacker-culture-a/9781098145668/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Starting at the Endpoint with Danny Jenkins

Tue, 03 Oct 2023 05:00:00 -0500

In this episode, host Ron Eddings is joined by Co-Founder and CEO of ThreatLocker, Danny Jenkins, to talk about his "Hero’s Journey" from IT to launching ThreatLocker. From spam emails, bots, and ransomware to persuading people to take a new approach -- this story has all of the villains and obstacles any cybersecurity champion will inevitably face and conquer!

Sponsor:
Get unprecedented visibility and control of your cybersecurity, quickly, easily, and cost-effectively. Check out our friends at ThreatLocker today and let them know Hacker Valley sent you! https://www.threatlocker.com

Impactful Moments
00:00 - Welcome
00:55 - Introducing guest, Danny Jenkins
02:00 - The start of Danny’s journey
04:10 - Moments it changed
06:55 - The worst job in the world
08:36 - Starting with the endpoint
09:18 - An uphill battle
13:25 - Going all in
15:21 - A word about our sponsor!
16:35 - Zero to hero
18:47 - Trust and ringfencing
22:53 - What is zero trust?
25:00 - Zero trust at ThreatLocker
28:25 - Tools to make decisions
29:09 - Productivity tools? Not anymore!
31:10 - Making yourself more secure

Links:
Connect with our guest Danny Jenkins:
https://www.linkedin.com/in/dannyjenkinscyber/
Learn more about ThreatLocker:
https://www.ThreatLocker.com
Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio
Become a sponsor of the show to amplify your brand:
https://hackervalley.com/work-with-us/
Love Hacker Valley Studio? Pick up some swag:
https://store.hackervalley.com/
Continue the conversation by joining our Discord:
https://hackervalley.com/discord

Having Resilience In Your Cyber Career with Erika Eakins

Tue, 26 Sep 2023 05:00:00 -0500

In this episode, host Chris is joined by Erika Eakins — a cybersecurity sales ninja, podcaster, and co-founder at Teach Kids Tech. Erika opens up about her challenges entering tech and cybersecurity as a woman and her mission to serve the underrepresented. Erika also shares how the strength and resilience she acquired in childhood have helped to carry her through unexpected hardships in the industry like layoffs.

Impactful Moments:

0:00-Welcome
00:50-Introducing guest, Erika Eakins
01:22-Erika’s origin story
05:43-Being judged on looks
07:10-”Why are you still in?!”
07:47-Where to find strength
10:40-Who are the Cyber Queens?
13:18-Join our mastermind!
14:02-Aiming to Overcome Obstacles
16:08-Reflection on Resilience
17:54-Teach Kids Tech
20:30-The legacy of Queens
23:23-Power of Positivity & Support

Links:
Connect with our guest Erika Eakins
https://www.linkedin.com/in/eeakins/
Check out The Cyber Queens Podcast https://www.cyberqueenspodcast.com/
Learn more about Teach Kids Tech
https://www.teachkidstech.net/
Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com/
Continue the conversation by joining our Discord: https://hackervalley.com/discord

Build vs. Buy: The Classic Technologist Conundrum

Tue, 19 Sep 2023 05:00:00 -0500

It’s a classic technologist conundrum: Should I build or buy the solution I need to solve a problem?

The “Build vs. Buy” conundrum is faced by technology teams worldwide. To help approach this riddle, Chris Cochran speaks to two industry veterans, Slavik Markovich co-founder & CEO of Descope, and Rob Fry, co-founder of AKA Identity.

Whether you’re an entrepreneur, a CTO, or just tech-curious, this episode offers invaluable insights. Using the identity market as a case study, we’ll explore the multifaceted considerations needed to make the best choice for your team and organization.

Impactful Moments:

0:00 - Build vs. Buy: The Classic Technologist Conundrum

0:37 - Show Intro

0:57 - Introducing Slavik Markovich and Rob Fry

3:25 - Previous build vs. buy project

6:44 - Decision logic for build vs. buy

15:09 - How does tech sway your decision making?

19:44 - How does data impact decision making?

24:31 - How do processes influence decision making?

29:13 - Maintaining custom tech solutions over time

33:28 - Tenants for building a tech company

41:06 - Build authentication and user journey flows with Descope

Links:

Learn more about Descope: https://www.descope.com/

Connect with our guest Slavik Markovich: https://www.linkedin.com/in/slavikm/

Connect with our guest Rob Fry: https://www.linkedin.com/in/fry-rob-g/

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

AI Is the Tool Not the Toolbox

Tue, 12 Sep 2023 05:30:00 -0500

Embrace the AI Revolution in Cybersecurity! Ron Eddings explores the dynamic world of AI, from cybersecurity automation to anomaly detection. Learn how AI is being used by practitioners and creators to stay one step ahead of the adversary and the competition

Impactful Moments

0:00 - Intro

1:35 - Origin into cybersecurity and automation

6:12 - What is Artificial Intelligence?

8:23 - Using AI to Classify Phishing Emails

11:32 - Descript and Claude2 to Summarize Content

17:54 - ChatGPT Advanced Data Analysis

21:41 - Top 4 AI Red Team Attacks

26:09 - Cybersecurity AI Disrupters

27:50 - Cybersecurity Creative Mastermind

Links:

Connect with Ron Eddings: https://www.linkedin.com/in/ronaldeddings/

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Security Teams Can’t Do It All with Rob Wood - REWIND

Tue, 05 Sep 2023 05:00:00 -0500

For this week's episode, we brought back a fan favorite Security Teams Can't Do It All. This episode features guest Rob Wood, CISO at CMS, who discusses the challenges of data silos in the workplace and the importance of supportive leadership.

Links:

Connect with our guest Rob Wood on LinkedIn

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio.com

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

The Art of Creating Cybersecurity Content With Jason Rebholz

Tue, 29 Aug 2023 05:00:00 -0500

In this episode, host Ron is joined by the CISO at Corvus Insurance, Jason Rebholz, to talk about the life of being a cybersecurity content creator. From his drive to create cyber content for technical and non-technical audiences to the sometimes harsh realities of content creation, Jason opens up about the importance of having passion and well-balanced goals.

Impactful Moments

00:00 - Welcome

01:12 - Introducing guest, Jason Rebholz

02:05 - Jason’s cybersecurity background

04:37 - Everybody loves a former CISO

06:16 - Creating digestable content for all

09:07 - The nuances of MFA

11:16 - Goal setting

14:06 - The harsh reality of content creation

18:56 - Bullets before canon balls

28:53 - Join our mastermind!

29:57 - Balance is key

31:25 - Mastering effective communication

33:29 - Advice for aspiring content creators

Links:

Connect with our guest Jason https://www.linkedin.com/in/jrebholz/

Check out Jason’s YouTube channel https://www.youtube.com/@teachmecyber

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio.com

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Humility In Product Management with Eric Avigdor

Tue, 22 Aug 2023 05:00:00 -0500

In this episode, hosts Ron and Chris are joined by special guest Eric Avigdor, VP of Product Management at Votiro. With humility as the focal point, Eric details his journey as a Product Manager — sharing his unique approach to leadership and customer engagement, as well as the art of asking the right questions. Discover how Votiro is spearheading content security innovation, and don't miss Eric's advice for budding Product Managers eager to make their mark in the industry.

Impactful Moments:

00:00 - Welcome

01:10 - Introducing guest, Eric Avigdor

02:27 - Cybersecurity is like an orchestra

03:20 - Product Management vs Engineering

04:40 - Misconceptions of Product Management

07:09 - Understanding the product

08:18 - The realities of the job

10:51 - Tying the whole story together

13:32 - Why Votiro?

16:52 - Leading the way in innovation

19:05 - A word about our sponsor

21:24 - A use-case storytime

23:17 - Integrating where content resides

25:06 - Security + collaboration is the goal

27:50 - Advice for aspiring Product Managers

Links:
Connect with Eric Avigdor:

https://www.linkedin.com/in/eric-avigdor-0b561118/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio.com

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

Leadership In Cybersecurity with Marty Overman

Tue, 15 Aug 2023 05:00:00 -0500

Host Chris Cochran is joined by Marty Overman, Senior VP at Imperva, to discuss the importance of self-awareness and transparency in cybersecurity leadership. The two emphasize the need for leaders to recognize their strengths and weaknesses and understand and empathize with the needs and experiences of those they lead.

Impactful Moments
00:00 - Welcome
00:52 - Introducing guest, Marty Overman
01:26 - What makes a great sales leader?
04:50 - The power of asking questions
07:27 - Building strong team cultures
11:58 - Creating opportunities for collaboration
14:28 - Setting goals and expectations
17:24 - Creating team identity together
24:15 - Identifying areas for improvement
28:09 - Psychological safety in leadership
30:12 - Creating a safe space
34:52 - Adults and the inner child
37:26 - Empathy and understanding

Links:
Connect with Marty Overman:
https://www.linkedin.com/in/martyoverman/

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio.com

Become a sponsor of the show to amplify your brand:

https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag:

https://store.hackervalley.com

Continue the conversation by joining our Discord:

https://hackervalley.com/discord

SaaS Opportunities & Consequences of Using AI

Tue, 01 Aug 2023 05:00:00 -0500

In this episode, host Ron is joined by Jamie Blasco, co-founder and CTO at Nudge Security, to discuss the opportunities of SaaS as well as the security implications of AI. Jamie also considers the importance of striking a balance between productivity and security when employees adopt new tools. Lastly, he emphasizes his philosophy of treating employees as part of the solution and creating a culture where they feel valued and included in the company's security efforts.

Impactful Moments:
00:00 - Welcome
01:35 - Introducing guest, Jamie Blasco
02:25 - How does SaaS fit into AI today?
03:52 - Areas of opportunity for AI & SaaS
05:17 - A walk down Jamie’s memory lane
09:56 - Finding the shadow IT
15:08 - What are the risks?
18:26 - A word from our sponsor!
20:40 - 3rd party risk & data usage
24:33 - Types of AI Nudge is utilizing
26:38 - The premise behind Nudge
30:50 - Employees as part of the solution
33:13 - SaaS — critical but risky
36:43 - Jamie’s final words of advice

Links:
Connect with Jamie Blasco:
https://www.linkedin.com/in/jaimeblasco/
Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord

Mastering The Art Of Storytelling In Cybersecurity

Tue, 25 Jul 2023 05:00:00 -0500

How do you effectively persuade team members and stakeholders to take action, convey the importance of new projects, or request additional resources? Communicating technical security information often leads to disconnection or worse, falls on deaf ears. During this hour-long livestream, hosts Ron and Chris tackle how you can turn the tables by leveraging the primal power of storytelling, enhancing attention and engagement.

Impactful Moments:
00:00 - Introduction
04:39 - Storytelling & conveying information
07:39 - How do I tell better stories?
14:25 - The Story Circle & The Hero's Journey
22:11 - Understanding your audience
24:41 - Simplifying cybersecurity
30:20 - The impact of storytelling
36:01 - Mastering storytelling in cybersecurity

Links:
Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Love Hacker Valley Studio? Pick up some swag:
https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord

Hacking, Innovation, & the Formation of the First NSA Red Team with Jeff Man

Tue, 18 Jul 2023 05:00:00 -0500

In this episode, Chris and Ron Eddings are joined by Jeff Man, a legend in cybersecurity. The conversation begins with Jeff sharing his experiences as a member of the first NSA red team and his involvement in groundbreaking projects. He discusses his early days working with computers at the National Security Agency (NSA) in the 1980s and his role in developing a software-based encryption system. Jeff also points to the significance of the first publicly available web browser and the impact it had on the internet and cybersecurity.

Later in the episode, Jeff talks about his transition from the NSA to the private sector and his focus on Payment Card Industry Data Security Standard (PCI DSS) compliance. He explains the importance of PCI and how it provides a framework for organizations to protect sensitive data and maintain secure networks.

Impactful Moments

0:00 - Intro

01:15 - Welcome Jeff Man

01:51 - Jeff’s introduction to computing and cybersecurity

09:25 - Creation of the first NSA Red Team

15:20 - Leaving NSA and Focusing on PCI

19:41 - Advice for Those Starting in Cybersecurity

21:53 - Staying up to date with Jeff Man

Links:

Stay in touch with Jeff Man on LinkedIn: https://www.linkedin.com/in/jeffreyeman/
Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Love Hacker Valley Studio? Pick up some swag:
https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord

Privacy by Design: The Future of Homomorphic Encryption & Secure Data Analytics

Tue, 11 Jul 2023 05:00:00 -0500

In this episode, Chris and Ron interview Derek Wood from Duality Technologies, a leading privacy technology company to discuss the concept of homomorphic encryption and its significance in data security, privacy, and governance.

Homomorphic encryption enables users to perform computations on encrypted data without exposing it, revolutionizing the way data is used and analyzed. In this episode, the group discusses the challenges in the current data landscape, the importance of security and privacy, and the potential impact of duality's solutions in various industries such as finance and healthcare.

Check out Duality’s webinar, Why Data, Privacy, & Security Leaders are Key to Growth & Innovation

Impactful Moments:
00:00 - Introduction
01:09 - What is homomorphic encryption?
04:03 - Misconceptions of security and privacy
06:25 - What is Duality’s mission?
10:04 - Does Google Drive use homomorphic encryption?
13:08 - What homomorphic encryption enables
22:08 - Innovations that Duality is working on
24:37 - Secure data analytics and Homomorphic encryption
31:41 - Impact of AI and LLMs on security and privacy

Links:
Stay in touch with Derek Wood on LinkedIn: https://www.linkedin.com/in/drwood/

Learn more about Duality Technologies:
https://dualitytech.com/
Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord

The Future of AI In Cybersecurity

Tue, 27 Jun 2023 06:39:00 -0500

In this episode, Ron and Chris explore the vast potential of AI in cybersecurity, including its ability to develop cybersecurity solutions, provide recommendations and predictions for cyber practitioners, and even assist attackers in identifying vulnerabilities and creating exploits.

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord

Impactful Moments:
00:00 - Introduction
00:56 - The future of AI in cybersecurity
02:24 - Addressing the elephant in the room
03:15 - Amplifying your productivity
05:13 - AI & vulnerability management
09:00 - Remediating vulnerabilities with AI
11:41 - Join our community!
12:32 - Coding, building, & developing
18:13 - Final thoughts

Vulnerability Hunting & AI with Brian Contos

Tue, 20 Jun 2023 05:53:38 -0500

In this episode, hosts Ron and Chris are joined by Brian Contos, Chief Strategy Officer at Sevco to discuss his “movie-like” career trajectory and the rise of artificial intelligence (AI) in cybersecurity. With two IPOs and eight acquisitions under his career belt, Brian expresses his passion for startups and how getting out of his comfort zone transformed his business knowledge. The group also dives into the rise of artificial intelligence and how it will revolutionize the cybersecurity landscape.

Stay in touch with Brian Contos: https://www.linkedin.com/in/briancontos/
Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleys...
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord

Impactful Moments:
00:00 - Intro
01:09 - Introducing Brian Contos
04:03 - Brian’s passion for startups
06:13 - Emerging tech & AI
07:50 - The intersection of AI & cybersecurity
09:50 - The future impacts of AI
10:58 - How will AI enhance cybersecurity?
15:02 - Data assessment vs data integration
17:46 - Join our community!
18:48 - Getting out of your comfort zone
21:21 - Small touches lead to big finishes

Balancing Work & Parenting In Cybersecurity

Tue, 13 Jun 2023 05:00:00 -0500

In this episode, Ron and Chris discuss the challenges of balancing cybersecurity and parenting. Chris, a father of three, shares his experience of being a parent while also working in cybersecurity. They talk about the sacrifices that come with being a parent and how to prioritize family while still maintaining a career in cybersecurity. They also discuss the importance of having a plan but being flexible enough to adapt to unexpected situations.

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord

Impactful Moments:
02:39 - Balancing cybersecurity and parenting
04:27- Maternity/paternity leave in cyber
08:33 - Skills in parenting for cybersecurity
10:36 - Career sacrifices
14:05 Parenting with a support system
17:31- Being more than a parent

What Is Security Architecture?

Tue, 06 Jun 2023 05:00:00 -0500

In this episode of Hacker Valley Studio, Ron and Chris take a deep dive into all things Security Architecture and the essential skills you need to thrive in your role. Ron shares insights from his personal journey into security architecture as well as his expert advice on how to break in and stand out in the field.

Links:

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Impactful Moments:

01:22 - What is Security Architecture?

03:04 - Day in the life of a security architect

04:01 - Different types of security architects

06:01 - Ron’s journey into security architecture

07:49 - What skills do you need?

08:40 - Join our community!

09:21 - Ron’s best practices

10:24 - Finding the right solutions

11:36 - What is the salary potential?

12:59 - How to stand out

13:52 - Advice for those breaking into the field

Technical Dojos: Cultivating Skills and Navigating Change in Cybersecurity

Tue, 30 May 2023 05:05:00 -0500

In this cybersecurity podcast episode, Chris Cochran and Ron Eddings discuss the concept of 'dojos' as environments for growth and learning, drawing on experiences from their own career paths in cybersecurity. The 'dojo' metaphor is applied to various life experiences, with an emphasis on cybersecurity communities and events. Chris describes his journey to the west coast where he lived in a hacker house, a form of dojo where he, along with his roommates, focused on cybersecurity, technology, personal growth, and development. This life-changing experience spurred the creation of their podcast.

Links: Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

Impactful Moments:

0:00 - Intro

00:55 - What is a dojo?

02:25 - Technical/cybersecurity dojos

05:17 - Getting started

07:21 - What should you look for in a dojo community?

09:06 - How to level up and give back

10:14 - Join our community!

11:36 - When is it time to move on?

12:50 - Learning hurts - embrace it!

13:59 - What’s your next dojo?

Attack Surface Management: The Grit Needed for True Cyber Resilience with Nabil Hannan

Tue, 23 May 2023 05:00:00 -0500

Join hosts Ron and Chris as they dive into the world of Attack Surface Management (ASM) in this episode recorded live at RSAC 2023. Special guest Nabil Hannan, a seasoned industry expert and Field CISO at NetSPI, shares his wealth of knowledge and expertise in this critical field. Together, they explore the evolving landscape of ASM, highlighting NetSPI's unique approach compared to other solution providers and shedding light on the state of ASM to empower listeners to enhance their security posture.

NetSPI has a team of skilled pen-testers that can help you find those critical vulnerabilities and become your partner in creating the right remediation game plan for you. Check them out at https://www.netspi.com/HVM

Links:
Connect with Nabil Hannan on LinkedIn: https://www.linkedin.com/in/nhannan/
Connect with us on LinkedIn: https://www.linkedin.com/company/hackervalleystudio
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord

Impactful Moments:

01:08 - Introducing Nabil Hannan

01:25 - Relationship-building through play

04:39 - The power of authenticity

05:39 - What is a Field CISO?

07:02 - The rise of attack surface management

09:17 - What makes NetSPI different?

11:26 - A word from our sponsor

12:17 - Attack surface management for SMBs

15:15 - ASM solutions & false positives

17:16 - An ASM case study

21:15 - Red teaming influence on ASM

24:12 - Where do I get started with ASM?

A Tale of Two Risks: Third-Party and SaaS Security

Tue, 16 May 2023 09:10:14 -0500

In this episode, hosts Ron and Chris are joined by Paul Valente, CEO and co-founder of VISO Trust, and Bryan Wong, Sr. Security Analyst at Headspace, as they dive into the world of third-party risk in cybersecurity. With conversations ranging from the current state of third-party risk to identifying trustworthy vendors such as VISO Trust, they'll provide insights into how organizations manage partnerships in a scalable and secure way.

Say goodbye to frustration and hello to peace of mind with VISO TRUST! Visit https://visotrust.com/hackervalley/ to learn how to transform your third-party risk management program.

Links:

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Impactful Moments:

01:03 - Introducing Paul Valente & Bryan Wong

01:54 - The current state of third-party risk

02:46 - VISTO Trust — trust through transparency

04:43 - Headspace’s approach to 3rd party providers

05:23 - Managing risk successfully

07:44 - There’s a better way!

09:04 - Risk assessment & procurement

11:37 - VISO Trust & Headspace’s approach to AI

14:43 - A word from our sponsor

15:26 - The challenges of complete visibility

17:16 - Continuous, automated due diligence

18:52 - Identifying trustworthy vendors

21:34 - Doing more with less/cost-effectiveness

23:22 - Is 100% automation doable?

24:20 - You can have your cake and eat it too with third-parties

Paying the Piper in Cybersecurity: Balancing Success and Personal Life

Tue, 09 May 2023 05:24:38 -0500

In this episode, Ron Eddings and Chris Cochran discuss the concept of "paying the piper" and its impact on their careers and personal lives. Paying the piper means facing the consequences of one's actions, whether they are good or bad. Chris shares his personal struggles and successes while working at Netflix, where he had to balance his career and family. Ron and Chris also discuss the importance of finding balance in one's life, understanding the consequences of one's actions, and recognizing the impact of one's legacy on both their family and the world.

Links:

Icarus’ Balloon: https://www.linkedin.com/pulse/icarus-balloon-short-story-chris-cochran-chris-cochran

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Impactful Moments:

00:00 - Introduction

01:18 - What does it mean to ‘pay the piper’?

03:22 - Sacrifices and paying your dues

05:06 - Icarus’ Balloon

07:16 - Maintaining a balanced life

08:36 - Join our community!

09:40 - What is your legacy?

13:32 - Conflict = growth

15:27 - Learning to love the process

18:05 - The power of exploration

19:34 - Staying committed

CISO Burnout and Gaps in Cybersecurity Detections with Jack Roehrig

Tue, 02 May 2023 05:00:00 -0500

In this podcast episode, Jack Roehrig, Technology Evangelist at Uptycs, discusses his experience with burnout and health issues due to his job as a Chief Information Security Officer (CISO). Jack has always known health is wealth and retired to Mexico for a few months to recover from his burnout. Despite telling himself he wouldn't work again, Jack discovered Uptycs, a leading XDR platform that has the opportunity to change cybersecurity and joined their team as Technology Evangelist. Links: Follow Jack Roehrig on

LinkedIn: https://www.linkedin.com/in/jackery/

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Impactful Moments:

00:00 - Introducing Jack Roehrig

01:40 - Jack’s security origin story

04:50 - The harsh realities of burnout in tech

05:33 - Finding peace in Mexico

07:51 - Working for your purpose

11:26 - From risk aversion to risk tolerance

13:51 - Join our community!

15:37 - Falling in love with XDR

The Critical Role of Empathy in Cybersecurity with Tracy Maleeff

Tue, 25 Apr 2023 05:07:00 -0500

In this episode, we explore the often-overlooked importance of empathy in the cybersecurity field. Our guest, Tracy Maleeff, shares her personal journey from community involvement to the industry and discusses how embracing empathy can lead to more effective threat intelligence and a stronger cybersecurity community.

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Impactful Moments:

00:00 - Introduction

01:42 - Tracy’s volunteer and community participation

05:58 - Empathy in cybersecurity, or lack thereof

10:36 - How to bring more empathy into cybersecurity

13:21 - Tracy’s threat intelligence aspirations

18:46 - Identifying the “perfect” employer

20:19 - Diversity of thought and empathy

22:44 - Farewell and outro

RSA With Purpose: Sealing Deals, Getting Hired, and Networking with Industry Leaders

Tue, 18 Apr 2023 05:00:00 -0500

Head into RSA 2023 with a purpose. This episode is all about how to reach a win-win when sealing deals, getting hired, and networking.
If you want to catch up with the Hacker Valley Team during RSA be sure to jump into our discord. You can join by going to hackervalley.com/discord

Impactful Moments
00:00 - Intro
01:28 - Recapping our first time at RSA
03:02 - The 4 types of interactions
05:27 - Purposeful relationship building
06:57 - The vendor experience at RSA
08:51 - Opportunities and mutual benefiting
12:20 - Join our community!
13:20 - Find your new role at RSA
17:02 - Who inspires us?
18:19 - Tips on making new connections
23:28 - Come meet us at RSA!

Mastering Focus with Simone Biles and Amy Bream at RSA

Tue, 11 Apr 2023 05:00:00 -0500

RSA is right around the corner and we’re so excited because it’s one of our big opportunities to meet with you, our dedicated listener. If you want to catch up with the Hacker Valley Team be sure to jump into our discord. You can join by going to hackervalley.com/discord

Impactful Moments:

00:00 - Intro

01:24 - Introducing Amy Bream & Simone Biles

02:50 - What’s it like being at a cybersecurity conference?

04:20 - Persevering through adversity

05:28 - Consistency — according to Amy & Simone

07:20 - How to overcome imposter syndrome

10:15 - Advice on handling burnout

11:53 - Focus and goal planning

15:09 - Authenticity and staying true to yourself

17:07 - The Axonius partnership — the bridge between athletes and technologists

19:42 - Staying focused in high-intensity environments

22:45 - Simone Biles, as a “person”

24:23 - The mind/body connection

26:55 - Mastering the basics

31:11 - What does legacy mean to you?

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

What Is Cyber Threat Intelligence and How To Stand Out As Threat Intelligence Analyst

Tue, 04 Apr 2023 05:01:00 -0500

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Impactful Moments

00:00 - Introduction

01:22 - What is Threat Intelligence?

02:17 - How did you get into Threat Intel?

03:20 - All Source vs Threat Intelligence

04:09 - What was the transition into cyber like?

07:03 - What is the salary potential for Threat Intel analysts?

09:00 - What skills do Threat Intel Analysts need?

10:09 - How to answer tough Threat Intel interview questions

10:47 - What does the first day on the job look like?

12:07 - What are the expectations of a Threat Intel Analyst?

13:18 - What expectations should an Intel Analyst have for their employer?

16:51 - Are threat intel feeds valuable?

18:26 - Chris’ first big threat intel “win”

22:24 - How have you changed as an analyst over the years?

24:22 - How to stand out in cybersecurity

27:24 - Advice for those breaking into Cyber Threat Intel

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

Emerging Cybersecurity Technologies with Jake Reynolds

Tue, 28 Mar 2023 05:00:00 -0500

Special Thanks to our sponsor NetSPI NetSPI has a team of skilled pen-testers that can help you find those critical vulnerabilities and become your partner in creating the right remediation game plan for you. Check them out at http://netspi.com/HVM

This Hacker Valley Studio episode features Jake Reynolds, Head of Emerging Technology @ NetSPI.

We chat with Jake about:

0:00 - Welcome Jake Reynolds

2:30 - What is a full stack engineer?

4:39 - Having a large cybersecurity attack surface

6:00 - Attack surface trends

8:29 - Do cloud engineers need to know networking?

10:12 - Levels of abstraction in the cloud and making sense of it

12:13 - Does bug bounty help you with your job?

15:49 - Will we see network exploits again?

16:53 - Special question from NetSPI

17:31 - Which emerging technologies are you watching?

20:30 - Have we really reached the max of ChatGPT hypes?

24:33 - What AI/ML capability does cybersecurity need?

27:28 - How do we stack the deck against the hackers?

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

...........................

Links:

Connect with Jake Reynolds on LinkedIn

Purchase an HVS t-shirt at our shop

Join our Patreon monthly creative mastermind

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Continue the conversation by joining our Discord

Accelerate Your Cybersecurity Career

Tue, 21 Mar 2023 05:01:00 -0500

In this episode of the podcast, Ron Eddings and Chris Cochran share insights and tips on how to navigate a career in cybersecurity. They discuss the importance of having the right mindset, finding the right career path, building a network, and negotiating a salary.

Ron and Chris emphasize the value of having a positive attitude and being open to learning and growth. They suggest exploring different areas within cybersecurity to find the best fit for your interests and skills. Additionally, they stress the importance of building a strong network, both online and in-person, to connect with industry professionals and stay up to date on the latest trends and technologies.

Ron offers advice on negotiating a salary and knowing your worth. Ron and Chris also encourage listeners to do their research and interview for multiple jobs to get a sense of market rates for different roles. They also discuss the taboo around discussing salaries in cybersecurity and offer suggestions on how to navigate this sensitive topic.

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

NetSPI has a team of skilled pen-testers that can help you find those critical vulnerabilities and become your partner in creating the right remediation game plan for you. Check them out at http://netspi.com/HVM

...........................

Links:

Purchase an HVS t-shirt at our shop

Join our Patreon monthly creative mastermind

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Continue the conversation by joining our Discord

Leading Cybersecurity Incidents as Incident Commander and Responding to a Cyber Crisis

Tue, 14 Mar 2023 05:08:00 -0500

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris tackle arguably one of the most difficult roles in cybersecurity: Incident Response. Drawing on his years of experience at organizations such as US Cyber Command, NSA, and Netflix, Chris shares his knowledge on what it takes to properly handle Severity 1, 2, and 3 level incidents. Together, Ron and Chris cover everything from the roles and responsibilities of an incident commander to the steps of bringing an incident to a close. Lastly, the two share their tips for improving incident response and steps that individuals and organizations can take to integrate incident command and communication efforts.

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

...........................

Links:

Purchase an HVS t-shirt at our shop

Join our Patreon monthly creative mastermind

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Continue the conversation by joining our Discord

If It’s Smart, It’s Vulnerable and the Evolution of Cybersecurity with Mikko Hypponen

Tue, 07 Mar 2023 05:27:00 -0600

In this episode, Chris and Ron are joined by author, TED Talk presenter, and Chief Research Officer at WithSecure, Mikko Hyppönen, to discuss the past, present, and future of cybersecurity. With over 30 years of experience in cybersecurity, Mikko shares his insights on everything from the importance of knowing and understanding the enemy to the security implications of smart devices.

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals

...........................

Links:

Connect with our guest Mikko Hyppönen on LinkedIn

Check out Mikko's book If It's Smart, It's Vulnerable

Join our Patreon monthly creative mastermind

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Resources That Changed How I Approach Cybersecurity

Tue, 28 Feb 2023 05:00:00 -0600

In this episode of the Hacker Valley Studio podcast, Chris Cochran and Ron Eddings discuss cybersecurity resources for learning and standing out in the field. In the episode, the two discuss SANS Institute posters for pentesting, purple teaming, and incident response. The two also showcase Google Hacking resources for finding domains of interest for cybersecurity.

Ron and Chris highlight how podcasts can be a great way to try out a book before buying it, as authors often share the best parts of their work when interviewed. Chris notes that the cybersecurity field is constantly evolving and that staying up-to-date is crucial. They emphasize that resources like books and podcasts can help professionals develop new skills and stay current with industry trends.

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

...........................

Links:

Join our Patreon monthly creative mastermind

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Pivotal Moments In Our Cybersecurity Career And Making Our First $100k In Cyber

Tue, 21 Feb 2023 05:01:00 -0600

Welcome to the Hacker Valley Studio podcast, Ron Eddings and Chris Cochran reflect on their most pivotal moments in the industry. The two share personal stories that shaped their careers, from Chris' journey to landing his dream role at Netflix to Ron's early years in cybersecurity and hitting his career goal of earning $100k.

But it's not all about the money – Ron and Chris delve into the importance of money management and the harsh realities of poor spending habits. They also discuss the philosophy of staying present, having gratitude, and being available for life-changing opportunities, especially in the ever-evolving world of cybersecurity.

You'll also hear Ron's tips for success, including the power of breathwork, consistent self-development routines, and reading. And, surprisingly, how these practices even helped him meet his wife!

Whether you're just starting out in cybersecurity or looking to take your career to the next level, this cybersecurity podcast episode is perfect for anyone interested in learning from two experienced professionals who have been there, done that, and are still going strong.

...........................

Links:

Join our Patreon monthly creative mastermind

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

ChatGPT Can’t Take My Job and How To Become A Cyber Industry Creative

Tue, 14 Feb 2023 05:00:00 -0600

In this episode of the Hacker Valley Studio podcast, hosts Ron Eddings and Chris Cochran explore the power of ChatGPT and attempt to build a Python script that scrapes BleepingComputer for the latest headlines.

Chris also takes a moment to reflect on the rise of the ‘Industry Creative’- a term he coined for individuals that leverage their practical industry experience into creating content for their community. The two share their predictions on the future of cybersecurity content creation, why the demand for content is higher than ever, and why they believe industry creatives are the most valuable practitioners in cybersecurity.

This cybersecurity podcast episode is perfect for anyone interested in advancing their understanding of the intersection between AI and cybersecurity. Enjoy!

...........................

Links:

Join our Patreon monthly creative mastermind

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Cybersecurity Layoffs and Diversity with McKenna Yeakey

Tue, 07 Feb 2023 05:13:00 -0600

In this episode of the Hacker Valley Studio, hosts Ron and Chris are joined by McKenna Yeakey to talk about her experience with being laid off in cybersecurity and finding a new job. Mckenna shares her journey through the emotional and psychological struggles she faced during her layoff, and how she overcame feelings of self-doubt and worthiness. She also highlights the role her professional network and the cybersecurity community played in supporting her during this difficult time and how she ultimately landed her next gig.

McKenna also shares her insights on diversity and leadership in the cybersecurity industry, as a black woman in tech. She offers her perspective on what true inclusivity should look like, and how to identify companies that are actively promoting it. From her favorite leadership questions to ask during job interviews to tips on how to support others in the industry, McKenna shares it all.

This cybersecurity podcast episode is a must-listen for anyone looking to grow their cybersecurity career. This promises to be an inspiring and empowering resource for anyone facing job loss or seeking to improve their professional prospects in the cybersecurity field.

...........................

Links:

Stay up to date with McKenna Yeakey on LinkedIn

Join our Patreon monthly creative mastermind

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Unleashing the Power of Cybersecurity Purple Teams with Maril Vernon

Tue, 31 Jan 2023 05:03:00 -0600

In this episode of the podcast, Maril Vernon joins Ron and Chris and discusses the importance of breaking down silos between cyber teams and inspiring individuals to drive their own careers in cybersecurity. Maril has been a key player in promoting the concept of purple teaming - the combination of red teaming and blue teaming to improve an organization's overall security posture. She discusses the importance of hands-on experience and practical knowledge over just having certifications.

Maril's approach to her career has been driven by her passion for the work and her desire to break down silos between different cybersecurity teams. She emphasizes that individuals can drive their own success in the field and take control of their careers, regardless of the limitations their organizations or the industry may impose. Through her collaborations with organizations such as Cyber Queens and nonprofit foundations, she hopes to provide more educational material to high school and college students to inspire the next generation of cybersecurity professionals.

Maril has big plans for the future, including starting a doctorate program in cybersecurity and working on several undisclosed projects that she promises to share in future podcasts. She hopes to leave a legacy of empowering individuals in the cybersecurity field and inspiring them to love their work and take control of their careers.

This cybersecurity podcast episode is a must-listen for anyone looking to pursue a career in cybersecurity and gain insight into the field from a successful professional.

--------------

Links:

Stay up to date with Maril Vernon on LinkedIn

Join our Patreon monthly creative mastermind

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Security Teams Can’t Do It All with Rob Wood CISO @ CMS

Tue, 24 Jan 2023 04:00:00 -0600

In this episode of Hacker Valley Studio, Rob Wood, Chief Information Security Officer (CISO) at CMS, discusses the challenges of data silos within organizations. Rob explains that security teams often operate in silos, with different departments focusing on various aspects of security, such as incident management, compliance, and penetration testing. One way to improve this is by flattening the organizational structure and finding ways to work together in the same data environments, using the same data tools. This would allow teams to collaborate better and share information, improving overall security.

In the episode, Rob also highlights the importance of supportive leadership and culture in driving change and the impact of the mission in his work. Ron picks up on two key elements - people and communication - as important in cybersecurity and business, as breakdowns often happen due to lack of communication. Chris mentions how he is hard on leaders who create toxic environments or use fear and intimidation to lead their teams. He also notes that he is starting to see a different kind of leader in the technical space, one that knows a lot, and is intelligent but also knows how to talk to people and make them feel seen. The conversation then shifts to where this change in leadership is coming from.

Rob Wood suggests that it is the next wave of leaders coming in, as there are more leadership opportunities available. He also notes that there are many people moving into security from diverse fields, creating a polymath effect of blended disciplines. This helps humble people and allows them to be more human. He also mentions that his own career path was not traditional, as he studied sports management in college and transitioned into an internship in cybersecurity.

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

--------------

Links:

Stay up to date with Rob Wood on LinkedIn

Join our Patreon monthly creative mastermind

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Advocating for Better Security in Healthcare with Taylor Lehmann

Tue, 17 Jan 2023 04:00:00 -0600

Taylor Lehmann, Director of Office of the CISO at Google Cloud, has made it his mission to make healthcare and life sciences more secure and strategic for everyone. Joining our security podcast this week, Taylor talks about how security and strategy have to start with people— from properly managing them to realistically motivating them. Healthcare is in need of some serious security TLC and Taylor is ready to tackle the difficult questions about how personal medical data can stay safe in a constantly evolving environment.

Timecoded Guide:

[01:47] Motivating your team & understanding your real cyber constraints

[06:19] Creating a shared, measurable goal for every team

[14:26] The haves and have-nots of healthcare security

[22:08] Revolutionizing the security standard of healthcare

[25:16] How to not fail your future self

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

--------------

Links:

Keep up with our guest Taylor Lehmann on LinkedIn and Twitter

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Solving Fundamental Cybersecurity Problems with Maxime Lamothe-Brassard

Tue, 10 Jan 2023 04:00:00 -0600

Maxime “Max” Lamothe-Brassard, Founder of LimaCharlie, brings a tech-focused community perspective and a history of working at Google to the Hacker Valley security podcast this week. Inspired by the internal motivation to empower others and build what didn’t exist, Maxime created LimaCharlie to help security teams automate and manage security operations. In this episode, Max walks through his founder’s journey and points out the problems that are begging for innovative solutions from the brightest minds in cyber.

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

Timecoded Guide:

[01:59] Improving community & empowering practitioners

[06:04] Leaving Google for LimaCharlie

[10:55] Unpacking the incentivization problem of cyber

[16:21] Targeted products vs massive suites of problem solvers

[21:29] Looking at a red team-less future

Sponsor Links:

Thank you to our sponsors Axonius and NetSPI for bringing this episode to life!

The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley

For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human-delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more.

---------------

Links:

Keep up with our guest Maxime Lamothe-Brassard on LinkedIn

Learn more about LimaCharlie on LinkedIn and the LimaCharlie website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Building Leadership Strategy Beyond Tech with Brian Haugli

Tue, 03 Jan 2023 04:00:00 -0600

Brian Haugli, Founder and CEO of SideChannel, brings his CISO expertise to the security podcast this week for a discussion about strategy and leadership in cybersecurity. Working alongside CISOs and fractional VCISOs, Brian has seen his share of leadership mistakes and has learned about the purposeful approach that security needs along the way. In this episode, Brian revises the mantra of “people, process, and technology,” to include the first and most important element in your security success: purposeful strategy.

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

Timecoded Guide:

[02:01] People, process, and technology in your leadership strategy

[05:12] Tenants of a strong security strategy

[13:11] Setting up new fractional CISOs for success

[18:29] Creating SideChannel & walking the line between CISO vs consultant

[27:44] Thriving professionally by thriving personally

Sponsor Links:

Thank you to our sponsors Axonius and NetSPI for bringing this episode to life!

What has been your philosophy throughout the years when it comes to leadership versus technology?

The security adage of “people, process, technology” isn’t one combined concept. That is, in Brian’s opinion, why so many leaders make the mistake of prioritizing technology as a central part of their strategy. Strategy is not what technology you use, and you can’t buy your way out of every security conflict with a shiny new product. Ask yourself what problem you’re supposed to solve, not which tech is going to solve your problems.

“Strategy is not technology, it's figuring out what you want to look like when you grow up, in a sense. Everyone jumps to the shiny object. What can I buy to go solve this problem? You never stop and question: Was that the first problem I was supposed to solve?”

What are the tenants of making sure that you've done the work of creating a strong security strategy?

The North Star of your security strategy should be the identity and purpose of your business, according to Brian. If you don’t have a current assessment of your current capabilities, assets, resources, and objectives, you aren’t positioning yourself for success. Strategy comes from a knowledge and understanding of where you are now, and where you need to be. When your company “grows up,” what do you want security to look like for you? Understanding that guides you towards your target state without wasting your time on the wrong problems or objectives.

“I think a lot of people throw strategy around as a grander concept and don't actually think about the elements that need to go into building one. You need to align to a definition that supports your business and outcomes, and that's what is strategic. The idea is not strategic.”

Let's say I'm a brand new fractional CISO and I have my first client. What are the top three questions I'm going to ask of this organization to set me on the right path?

When dealing with a new client, fractional CISOs have to understand why they’re involved with this client in the first place. Why are you here? Who brought you here? And, most importantly, what is the reason security is being addressed now? A fractional CISO can’t defend what they don’t know exists, and they can’t meet a deadline without first understanding what this company’s unique security environment needs are.

“You don't jump into, ‘Okay, well, what's the budget?’ No, I like to understand what I have to actually defend and build to, how fast I have to actually make that happen, that then informs and sets up the much better discussion around, realistically, what you should be considering.”

What advice do you have for our audience that is interested in becoming a CISO?

Although Brian jokes that he would advise anyone against taking on a CISO role due to the workload, he understands and loves the grind of cybersecurity leadership. To not only survive but thrive as a CISO, Brian believes a practitioner has to keep their love for problem-solving and protecting organizations at the forefront. Still, as passionate as someone might be, Brian also advises knowing when to unplug and unwind to avoid burning out fast in such a strenuous role.

“Look, just take care of yourself. I think exercising is huge. Eat right, sleep right. You've got to take care of your mental health, take care of physical health, you've got to take care of your spiritual health. You've got to do all that, or you're never going to be good professionally.”

---------------

Links:

Keep up with our guest Brian Haugli on LinkedIn and Twitter

Learn more about SideChannel on LinkedIn and the SideChannel website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

A Rebel’s Heart & A Leader’s Mind with Allison Minutillo

Tue, 20 Dec 2022 04:00:00 -0600

Allison Minutillo, President of Rebel Interactive Group and Host of the Rebel Leadership podcast, joins the Hacker Valley team this week to talk about her journey from individual contributor to company leader. With a leader’s mind and a rebel’s heart, Allison wants Rebel Interactive Group to break down barriers and say what needs to be said. In this episode, Allison talks about intuition vs insecurity, practitioners vs leaders, and burning out vs staying invested and engaged in the world around you.

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

Timecoded Guide:

[00:00] Shifting from an employee to a leadership mindset

[07:44] Getting real about leadership struggles on the Rebel Leadership podcast

[13:24] Rebelling for the great good of your company & yourself

[19:40] Finding career inspiration as a business owner & company president

[25:41] Struggling to realize your full leadership potential as an individual

Sponsor Links:

Thank you to our sponsors Axonius and NetSPI for bringing this security podcast to life!

Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone

What went into that mindset shift from individual contributor to the leader for you?

Leadership was an appealing concept to Allison, but stepping into the role of President at a company was beyond her wildest dreams. Being close to Bryn, the former President of Rebel, opened her eyes to the qualities of leadership she wanted in herself. However, the true mindset shift from contributor to leader came from Bryn’s understanding of Allison’s skills. It wasn’t until he brought up her being his successor that Allison saw the leader she knew she could be.

“I set my sights on what I thought was high. I started over-talking to [Bryn, at Rebel] because I was so nervous, and he said, ‘No, I'm talking about you being my successor, about you being president of Rebel.’ I instantly stopped everything I was saying and it became crystal clear.”

What exactly is Rebel Leadership and how does it relate back to your philosophies?

The term “rebel leadership” is a concept that existed before Allison’s Rebel Leadership podcast began, but it embodies what Allison hopes Rebel Interactive Group represents for all of its clients. Being a rebel isn’t just about breaking the rules or telling it like it is, it’s about making a difference. Being a rebel leader is about challenging the status quo for the greater good of your clients, your employees, and your industry.

“It's not rebelling for rebels' sake, it's that we're not good with the status quo. We're not okay with it, but we're not careless. We rebel with purpose. It's informed. It's data backed, it's compelling, it's precise, it's meaningful. We are not afraid to state what needs to be said.”

What do you say to those leaders that approach leadership almost like being a martyr?

The hustle and grind of being a leader can feel like endless amounts of hard work. However, in Allison’s experience, overworking yourself and refusing to disconnect maximizes the pain, but minimizes what you gain. Burnout is real, and cybersecurity practitioners definitely know burnout can be fatal for your career. Allison advises resting and giving yourself the time to reflect at the end of a long day, instead of forcing yourself to be a martyr.

“Doing that next ‘to-do’ list on your couch at 10:30 pm when you're spent and you're drained is not going to make you the leader you want to be tomorrow. It's going to make you frustrated and tired and not able to perform at a high level the next day.”

How do you differentiate the good advice of intuition from your inner echo chamber of not-so-good advice?

It’s easy to get caught up in the eternal inner echo chamber when trying hard to learn and reflect on your experiences. Allison has had this happen to her, too; getting caught up in reading online comments and letting self-doubt control her thoughts. However, Allison explains that the grit of a true leader can drive you through the setbacks of criticism, whether that criticism comes from outside or within. What matters most is choosing to believe in yourself as a leader.

“That's when grit and will come in, in those moments where you're at the bottom of the barrel. Do you believe in yourself? Are you going to choose to believe in yourself, or are you going to choose to believe the comments?”

---------------

Links:

Keep up with our guest Allison Minutillo on LinkedIn

Learn more about Rebel Interactive Group on LinkedIn and the Rebel website

Listen to the Rebel Leadership podcast

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

People-Focused Leadership in Cybersecurity with Cody Wass

Thu, 15 Dec 2022 04:00:00 -0600

Cody Wass, VP of Services at NetSPI, brings his near-decade of experience to the pod to talk about longevity, development, and leadership. It’s no secret that cybersecurity is in need of people. Cody’s journey from intern to VP at NetSPI has shown him the importance of training employees, creating opportunities for new graduates, and engaging teams effectively, both virtually and in person. In this episode, Cody provides the roadmap toward intentional employee investment in the ever-changing cyber industry.

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

Timecoded Guide:

[00:00] Cyber career longevity from NetSPI intern to VP

[07:51] Putting people before process & technology at NetSPI

[15:33] Collaboration as the foundation of the cybersecurity industry

[18:13] Understanding cyber’s entry-level position problem

[24:12] Investing intentionally in employee development

Sponsor Links:

Thank you to our sponsor NetSPI for bringing this security podcast to life!

Detect and protect the unknown with NetSPI's new and free attack surface management scan! Check it out now at asm.netspi.com/

You’ve been at NetSPI for 9 years. When you think about a rewarding feeling in your journey at the company, what comes to mind?

Starting his journey at NetSPI as an intern, Cody has had the rare but impactful opportunity to grow alongside the company. Now, as VP of Services, looks back at the lives he’s impacted himself and the opportunities he’s had to see others grow. Employee development is a huge part of NetSPI’s success. Cody is proud to have seen newcomers join his team and become amazing practitioners over the years.

“It's really rewarding seeing people come into this industry as a fresh face with a specific skill set, to watch them grow over and see them really spread their wings, and come out the other side stronger, better, and having a skill set that you never would have imagined day one.”

NetSPI has a very unique culture and philosophy about balancing that duality between technology and people. Could you tell us a little bit about that?

People come first, before process and technology, at NetSPI. While all three elements of this sacred cyber trifecta are important, Cody and his team believe that the balance should focus on making the lives, skills, and experiences of the people at NetSPI better. Process should be taught to the people, with a focus on prosperity and consistency. Technology should be implemented intelligently, with proper training and time given to the people for the best results.

“NetSPI’s differentiator is our people, first and foremost, and then, our process and our technology. We have a ton of really cool things we're doing with tech, but the focus is always on: How can you use that tech to make a person more efficient at their job?”

How important is collaboration for you and your team at NetSPI?

Collaboration is built into the DNA of NetSPI, from how employees are trained to how NetSPI interacts with the industry around them. Cybersecurity thrives when teams, practitioners, and organizations work together for the sake of the greater good. Even though COVID and remote workers have increased the virtual footprint of NetSPI, Cody still emphasizes the importance of communication and collaboration with his team and to practitioners around the world.

“This industry we work in is super interesting. It'll never be finished; you're never going to learn everything there is about security and be able to call it done. We're far past the point where one person is going to be the expert of everything in cybersecurity.”

For anyone in a cybersecurity leadership position who wants to start to really invest in their people, what would be your recommendation on where to start?

Intentionality is vital for the success of any leader trying to invest in their employees. Cody explains that it’s one thing for leaders to want to invest in training and professional development opportunities for their team, but another thing entirely when it comes to implementation. If a leader isn’t intentional, they won’t have clear goals for investment and will risk letting implementation fall to the wayside for the sake of a budgetary line.

“Yes, we are going to be making this investment. It is going to cost us. It will cost us time, it will cost us money, but we are committed to making that investment because we know the payoff in 12 months or 18 months or 24 months is going to ultimately be worth it.”

---------------

Links:

Keep up with our guest Cody Wass on LinkedIn

Learn more about NetSPI on LinkedIn and the NetSPI website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Improv-ing Your Way to Better Vendor Meetings With Brad Liggett

Tue, 13 Dec 2022 04:00:00 -0600

Brad Liggett, CTI Intel Engineer Manager at Cybersixgill, puts on his improv hat and joins the pod ready for anything. After COVID pressed pause on daily life, Brad kept himself sane and gained some new skills by returning to his improv roots (a hobby he had in the ‘90s) and taking up Dungeons & Dragons. In this episode, Brad covers the importance of improv skills in the professional world, the opportunities to add elements of gaming into cyber, and advice for practitioners looking to be more agile.

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

Timecoded Guide:

[00:00] Introducing the unique combination of improv & cybersecurity

[05:57] Being a life-long learner in cybersecurity & in improv groups

[13:20] Practicing improvisational skills for cybersecurity customer conversations

[18:17] Bringing in games & elements of play into cybersecurity environments

[24:38] Advice for a more agile, improvisational tomorrow

Sponsor Links:

Thank you to our sponsors Axonius and NetSPI for bringing this episode to life!

Is there a skill that you called upon during an interaction with a customer where you really leaned on your improv muscle?

Improv often involves one phrase that Brad believes other industries should incorporate, too: “Yes, and.” In cybersecurity, Brad leans heavily on the “Yes, and,” phrase because it encourages conversations to move forward authentically. Meetings aren’t successful when customers and clients feel uncomfortable and unengaged. Being able to think on his feet and prepare for changes makes Brad a stronger, more agile practitioner and communicator.

“The whole concept of moving the meeting forward and making sure that there are no uncomfortable silences. Be prepared, have an idea of what you want to talk about, but inevitably, the client you're talking to, everyone's going to be unique.”

What do you think is the glue that holds your interests in cyber and improv together?

Being a life-long learner is something extremely important and valuable for Brad. For improv, research on the latest media, memes, and movies influences his work and motivates him to stay up-to-date and be involved in some fun research. Cybersecurity is the same way. Brad believes to be the best practitioner and leader for his team, he needs to be knowledgeable about vendors, threats, products, and all things new in the industry.

“You always have to be reading, you always have to be aware of what's going on in the environment out there in the world, so that as those things come up, at least you can somewhat talk to them and start to put those pieces together.”

What has been your experience with bringing an element of play into cyber?

Cybersecurity can’t be all work and no play. Instead, Brad believes that cybersecurity teams should continue to prioritize the gamification of training processes, as well as just letting their teams have a little fun. Sometimes, to build a strong, trusting team, there needs to be an outside outlet for problem-solving, puzzling, and creativity. Brad even brought his team at Cybersixgill to a Meow Wolf exhibition this year for that same team-building reason.

“We work hard, but we also should make sure that we play, and not only just do that individually, but even as teams, especially now. It's not always going to be about the training aspect, you also have to take that time to bring that team together.”

What is a piece of wisdom that people could take with them to work tomorrow to make them more agile and improvisational?

When it comes to agility and improvisational skills, you have to have a strong foundation to build off of. For Brad, taking time for himself and understanding when and how he learns best has been vital to his success. Listening to podcasts at the gym, reading something new at hotels, and getting a good night’s sleep are all little things that help Brad consistently become more agile and improvisational at work.

“For me, it’s always having some sacred time at the end of the day. There's no TV in my bedroom, and my phone is telling me around 8:30, ‘Hey, it's wind down time,’ and that's when I'm getting in the mode for sleep, and then making sure I've got a good night's sleep.”

---------------

Links:

Keep up with our guest Brad Liggett on LinkedIn and Twitter

Learn more about Cybersixgill on LinkedIn and the Cybersixgill website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Prioritizing & Proactive Cybersecurity with Richard Rushing

Tue, 06 Dec 2022 04:00:00 -0600

Richard Rushing, CISO at Motorola Mobility, brings his decades of experience to the show this week to talk about leadership, communication, and perhaps most importantly of all: prioritization. After joining Motorola through a startup acquisition, Richard has been a leader in the company and a defining example of what a CISO should be doing: simplifying the complicated. Richard talks about how his role has changed over the last 10 years and what’s next for him and for cybersecurity.

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

Time Code Guide:

[00:00] Ascending into a leadership role in cybersecurity & joining the Motorola team

[06:28] Defining CSO & CISO at a time when no one understood cybersecurity

[13:01] Communicating with the C-suite about cyber: best practices & tenants

[24:37] Harnessing a proactive cybersecurity mindset with prioritization

[32:13] Extending your cybersecurity career for decades

Sponsor Links:

Thank you to our sponsors Axonius and NetSPI for bringing this security podcast to life!

What was your experience of being a Chief Security Officer in the early 2000s?

Richard jokes that he became a part of the cyber industry before the industry was even called cybersecurity, but behind the joke lies the truth that cyber looked extremely different back then. However, no matter how much time passes, Richard is still used to the odd confused looks that come from saying he’s a CISO. People misunderstand the role, Richard explains, but at least more people than ever before understand the importance of cybersecurity.

“There were a lot of other things that you had to talk about, you had to evangelize a lot coming into this [industry] because a lot of the cybersecurity industry was brand new. People were moving around and trying to figure these things out and everybody struggled.”

How many times would you say you feel like you've had a new job or a new role being in the same role for over 10 years?

Being a CISO has had its ups and downs during the 10 years Richard has spent in that role at Motorola, but the changes have been welcome and interesting. Every few years, the technology landscape changes, and with those changes in tech come massive changes in company ownership, leadership, and security. However, Richard is thankful that through these changes, his core team has stayed the same, giving him a trustworthy group to learn from.

“It's always changing, but at the same time, there are some static components. When I came on to Motorola 15 years ago and established teams, most of my team, except for a very small portion of people that retired or left, are still with me today.”

What are your thoughts and best practices for proactive cybersecurity?

Although “proactive cybersecurity” has become a buzzword we’re all paying attention to, Richard warns that most companies aren’t really being proactive with cybersecurity just yet. Instead, what the industry has shifted towards is prioritization. Understanding what’s important, prioritizing those aspects of a business, and knowing what you don’t have the resources to handle can make the security work you’re doing feel more proactive.

“Why do I need to prioritize? Because you're getting more alerts than you have people to be able to handle it or technologies to be able to handle it in an automated way. So, you have to prioritize what's important.”

What would you recommend people consider to extend their cybersecurity career life as long as you have?

After nearly four decades in the industry and over ten years at Motorola, Richard has been in cybersecurity longer than most modern-day practitioners. When asked about his secrets for an extended cybersecurity career, Richard reflects back on his advice around prioritization over “proactive cybersecurity”, and emphasizes the importance of community. Cybersecurity is a collaborative field, and practitioners have to stay open to learning together to succeed.

“In the cybersecurity world, we will talk to our competitors and share what we're seeing. I think that community effort is one of the key things. You have to enjoy what you're doing, reach out and be collaborative with people. Don't be the security guy that people are scared of.”

---------------

Links:

Keep up with our guest Richard Rushing on LinkedIn and Twitter

Learn more about Motorola Mobility on LinkedIn and the Motorola website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Keeping Cyber Course Prices Equitable with Kenneth Ellington

Tue, 29 Nov 2022 04:00:00 -0600

Kenneth Ellington, the Senior Cybersecurity Consultant at EY and Founder of the Ellington Cyber Academy, achieves his goal of being on the Hacker Valley Studio this week. From working at Publix in college to becoming an online course instructor, Kenneth’s journey into the cyber industry has been heavily influenced by online educators like Chris and Ron. Kenneth covers barriers to entry for cyber, SOAR vs SIM, and how much further we need to go for representation in the industry.

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

Timecode Guide:

[00:00] Starting a cyber career at the Publix deli counter

[05:16] Fighting through introversion to become an online instructor

[11:02] Setting equitable & understandable prices for cyber courses

[15:54] Looking into the future of SOAR vs SIM to see what’s next

[19:27] Taking the chance on content creation as a new cyber professional

Sponsor Links:

Thank you to our sponsors Axonius and NetSPI for bringing this security podcast to life!

For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human-delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive offensive security solutions. Visit netspi.com/HVM to learn more.

What areas do you feel confident in as a new teacher, and what do you still struggle to get your footing on?

As someone newer to online teaching, having only done it for 2 years, Kenneth is confident in his communication skills, but still struggles with fully grasping new technology. On the bright side, Kenneth believes those technical skills come with time and practice, something he’s 100% willing to do. What helps him stand out as a strong teacher is something harder to learn— communication with others and de-escalating stressful situations for students.

“I worked at Publix for four years in the deli, dealing with customers, and that forced me to develop those soft skills about how to talk to people and how to communicate and how to de-escalate situations. That's how I set myself apart.”

What are some of the things that you're thinking about when it comes to setting the pricing for your course content?

No matter how his prices change or how skilled he becomes, Kenneth still believes in fair and equitable pricing for his course content. Considering his experience and expertise, Kenneth charges at least half of what I vendor might charge for similar content and knowledge. However, Kenneth doesn’t believe in thousands of dollars being spent on his courses, because he wants entry-level students like himself to be able to afford to learn.

“I'm very honest with myself, what my skill level is, and the value I bring towards it. Because I've been doing this for over two years, technically, I've gotten a pretty good gauge as to what people are willing to pay for and the value that I can bring.”

Do you have anything you’re looking to expand into with Ellington Academy?

While SOAR and SIM are Ellington Academy's bread and butter, Kenneth is looking forward to continuing to expand his expertise and scale his content. A future upcoming goal Kenneth has is giving back to the country of Jamaica, where his family is originally from. Through providing courses or recruitment opportunities, he wants to bring cyber skills to everyone.

“From a legacy perspective, I want to leave a positive mark on this world, just to make it better than when I got here. One of my big goals, I don't know if it's gonna happen, but my family is from Jamaica, so I'm hoping I can maybe put ECA there someday.”

What advice would you give to a newbie in cybersecurity looking to start making content?

Kenneth got his start at the Publix deli counter, and he understands that the beginning of someone’s cyber journey can look just like his— inexperienced but hungry for knowledge. For newcomers to the industry, Kenneth wants to reassure you that you’re never too young to teach or too old to learn. Take courses, expand your knowledge, and give back to people with less knowledge than you through accessible learning content of your own.

“Take the opportunity to try to do something new because your knowledge is valuable, no matter how much or how little that you have. Everybody can learn something from everyone. I always try to help out however I can.”

---------------

Links:

Keep up with our guest Kenneth Ellington on LinkedIn

Check out the Ellington Cyber Academy

Learn more about EY on LinkedIn and the EY website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Sharing Cyber Outside of the Security Bubble with Lesley Carhart

Tue, 22 Nov 2022 04:00:00 -0600

Lesley Carhart, Director of Incident Response at Dragos, takes some time off mentoring cybersecurity practitioners, responding to OT incidents, and training in martial arts to hop on the mics this week. Named Hacker of the Year in 2020, Lesley’s impact on the industry stretches far and wide. As an incredible content creator for cybersecurity, Lesley advises listeners on how to find their niche and who to be willing to educate along the way.

Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

Timecoded Guide:

[00:00] Giving back to the community through martial arts & cyber education

[06:13] Being excluded from the cyber industry & turning to content creation instead

[12:33] Comparing incident response in IT vs OT environments

[19:46] Dealing with post-COVID problems with the wrong OT systems online

[26:51] Finding your cyber niche & exploring education options within it

Sponsor Links:

Thank you to our sponsors Axonius and NetSPI for bringing this episode to life!

What inspired you to start creating cybersecurity content?

Lesley’s cybersecurity content has vastly influenced and impacted many cyber practitioners in the industry, including Ron and Chris. Unfortunately, Lesley’s journey into content creation was inspired by the lack of mentorship they received from other professionals when they were starting out. Never wanting anyone to feel the way they did, Lesley created an online world of resources to warmly welcome and educate new practitioners.

“It's not a really glamorous story. When I got into cybersecurity, I wanted to do digital forensics and nobody would help me, nobody would actually take me seriously and give me a shot. Everybody should have a chance to get into cybersecurity if it's something they want to do.”

How has teaching cyber to a general audience been appealing to you?

When not educating new cyber practitioners or tearing it up in the martial arts studio, Lesley likes to reach out to their community and give talks to audiences outside of typical tech and security groups. From churches to universities, Lesley loves meeting people outside of the cyber industry. These individuals always offer them a new perspective and a feeling of accomplishment for showing someone something new.

“It's enjoyable to me to find other people out there who want to learn about an entirely new topic and expose themselves to its problems and how it impacts society and things like that. I appreciate that. Cybersecurity is important and it impacts everything around us all the time.”

In your world, where does incident response start, and where does it stop?

Like many of cyber’s most complicated concepts, the answer to where incident response starts and ends is subjective to certain resources and elements of an organization. Lesley explains that incident response has to be planned and that the planning process has to involve when to declare an incident and when to close the said incident. Without proper planning in advance, an organization is at risk for a crisis that could’ve been responded to quickly turning into an out-of-control attack.

“There's no perfect defense against an incident, everybody's vulnerable. You do your best to mitigate and avoid having a cybersecurity incident, but there's only so much you can do. Eventually, you have to assume that you're gonna have an incident.”

What piece of advice do you have for anyone looking to share more knowledge and make the cyber industry better?

Although everything in cybersecurity can seem daunting, expansive, and interesting to everyone, Lesley’s recommendation to new practitioners is to find a niche in cyber and stick to it for a while. Finding a niche doesn’t have to be permanent, but Lesley believes that niche will help you carve out extensive knowledge worth sharing and creating content around. When you discover that niche, don’t be afraid to reach out to other industry experts along the way.

“Pick an area and then find mentorship in that and try to focus for a couple of years on a particular area. You can always change your mind later on, just like degrees, just like training programs, but it's going to help you a lot to focus for a little while.”

---------------

Links:

Keep up with our guest Lesley Carhart on LinkedIn, Twitter, and their blog

Learn more about Dragos, Inc on LinkedIn and the Dragos website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase Hacker Valley swag at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Challenges & Opportunities in Cyber Threat Intelligence with Brian Kime

Tue, 15 Nov 2022 04:00:00 -0600

Brian Kime, VP of Intelligence Strategy and Advisory at ZeroFox, talks about all things threat intelligence this week. Brian explains why he chose threat intelligence as his focus, where he’s seen opportunities for growth in recent years, and what challenges for cyber threat intelligence lie ahead. Using his intelligence experience developed first in the US Army Special Forces, Brian delivers his argument for intelligence-driven security, instead of the marketing-driven security industry we have today.

Timecoded Guide:

[00:00] Diving into the VP of Intelligence Strategy role

[05:25] Learning intelligence in the Army Special Forces

[10:09] Seeing the past, present, & future of threat intelligence

[19:31] Measuring efficacy & ROI of cyber threat data

[25:18] Building your own cyber threat intelligence capabilities

Sponsor Links:

Thank you to our sponsors Axonius and NetSPI for bringing this episode to life!

For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more.

A lot of folks shift from intelligence into other areas of cyber, what inspired you to continue down the intelligence route?

After Brian graduated from Georgia Tech and the nation experienced the tragedy of 9/11, Brian felt called to enlist in the US Army Reserve. While the war in Afghanistan was not as short-lived as anyone expected, Brian found his calling in military intelligence, where he was inspired to put his experiences in IT and intelligence together. It turns out that fusion already existed in the form of cyber threat intelligence, and Brian wanted to focus on that completely.

“I want to bring all these things together and really start pushing our customers and pushing the security community in general towards more intelligence-driven security. Mostly, what I see even today still just feels like marketing-driven security.”

Where are we today with threat intelligence technology, in terms of challenges and opportunities?

Brian believes we’re already in a really exciting place today in terms of threat intelligence technology. What feels especially opportune for him at the moment includes opportunities and technology that involve internal data from previous threats, freely available external data from sources like blogs, and third-party vendors. However, the challenges facing threat intelligence now involve how to make that technology available for small and medium businesses.

“That's what I would love to see become the standard, that big corporations incorporate threat intelligence to the level that they can start to actually extend that value into their supply chain. That way, the whole system becomes more resilient, more secure.”

How does a security team measure the efficacy and ROI of intelligence?

In Brian’s opinion, most cybersecurity practitioners don't track the ROI of their intelligence vendors, or they fail to measure intelligence for effectiveness. The metrics cyber teams should focus on include number of new detections created, incidents discovered, adversary dwell time, and improved security decision making. Unfortunately, improved decision making is the hardest to measure because it requires practitioner feedback.

“At the end of the day, if stakeholders are making security decisions based on intelligence that I'm providing, that's a really good measure of effectiveness. All the security decisions that were influenced by threat intelligence, that's what we're going for.”

When you don't have an intelligence capability and you want to create one, what is typically the first thing that an intelligence team member does?

If you’re intending to collect data from your customers (which almost every company out there is trying to do), then Brian believes that privacy and security need to be considered from the start. Critical security controls and a solid framework are key to early success for even the smallest security team. The best place to start? Software and hardware inventory. If you don’t know what you have, you won’t be able to secure your technology properly.

“At the beginning of the critical security controls, it's always software and hardware inventory. If I don't know what I have, then I really can't do anything well in security. I can't do incident response because I don't know where my data is.”

---------------

Links:

Keep up with our guest Brian Kime on LinkedIn and Twitter

Learn more about ZeroFox on LinkedIn and the ZeroFox website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Hiring the Next Fractional CISO with Michael Piacente

Fri, 11 Nov 2022 04:00:00 -0600

Michael Piacente, Managing Partner & Cofounder at Hitch Partners, answers the essential question on many cybersecurity professionals’ minds: Where do CISOs find CISO jobs? As it turns out, Michael helps many cybersecurity teams find their perfect CISO match with the assistance of his own team at Hitch Partners. In this episode, Michael clarifies what the role of a CISO really is, explains the compensation and benefits, and reveals the many responsibilities a CISO may take on during their team in the role.

Timecoded Guide:

[00:00] Defining the role of CISO & finding the right homes for each CISO

[05:21] VCISO & fractional CISO as an alternative to a full-time CISO

[11:49] CISO annual income, benefits, & non-monetary incentives

[16:37] Explaining additional responsibilities & tasks taken on by the CISO

[25:11] Giving advice to future CISOs looking for the next cyber executive opportunity

Sponsor Links:

Thank you to our sponsor Axonius and NetSPIfor bringing this episode to life!

In your own definition and experience, what is a CISO?

Although there’s many definitions of the role, Michael clarifies that defining CISO should always include being an executive. To have a CISO who makes a positive impact and fulfills an organization’s needs, that CISO has to be properly placed, properly sponsored, and be in an environment where they have the proper reporting processes. Michael also believes the CISO should always be looking over their shoulder to be diligent of the next threat.

“In my version of it, a CISO is the executive— and that's the key term here— that has been properly placed, properly sponsored to handle all of the business information and data risk policy execution and operations in the company.”

What is the difference between a fractional CISO and a VCISO?

In Michael’s opinion, a VCISO (virtual CISO) and fractional CISO can be used interchangeably in a situation where a company does not need a full-time CISO executive. Unless they’re looking to support a strong security program, Michael understands that many companies don’t need a full-time CISO in order to be successful. A VCISO makes an impact on an organization’s security without being an overwhelming role in a smaller organization.

“Bringing in your starter package to implement the baseline or foundational building blocks of what will become a security program, in the form of a consultant or consulting firm, is often a wiser choice than going in building a security program around a full-time CISO role.”

Are there different types of CISOs, and have those types changed over time?

Previously, Michael defined 3 different types of CISOs in his search for CISOs with Hitch Partners. However, a fourth type has emerged in recent years: the BISO, or Field CISO. This fourth type joins the ranks alongside other impactful CISO types, including the client (or governance) facing CISO, highly technical CISO, the IT-focused CISO, and now, our fourth type, the BISO, who focuses on the business side of the risk.

“It's amazing that all of our CISO searches contain all these different types of CISOs. The fun part of that we get to figure out is: What's the priority [for the role]? What's the order? What does everyone in the organization think the priority should be?”

How would you direct someone to take that first step after realizing they want to be a CISO?

Discovering the CISO role exists and being the right person for the role is an important distinction, and Michael encourages potential CISOs to take some time to research the job before getting involved in a job search. However, once someone knows they want to be a CISO, Michael advises finding a CISO mentor and diving into a passion. Each type of CISO needs an expertise and passion to propel them into the superpower status needed to be a CISO.

“I think it’s about finding a passion. I'm a big believer that you just have to know where your superpower is, or what your superpower wants to be. In other words, that thing that's passionate to you, that you probably know better than 99% of the population out there.”

---------------

Links:

Keep up with our guest Michael Piacente on LinkedIn

Learn more about Hitch Partners on their website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Cultivating Client Trust at Cybercon with NTT’s Dirk Hodgson & Adam Green

Wed, 09 Nov 2022 04:00:00 -0600

Hacker Valley: On the Road is a curated collection of conversations that Chris and Ron have had during conferences and events around the globe. In this episode, NTT’s Dirk Hodgson, Director of Cybersecurity, and Adam Green, Senior Cybersecurity Executive, speak with the Hacker Valley team at CyberCon in Melbourne, Australia. Dirk and Adam cover the intersection of their roles at NTT, their experiences at conferences like RSA, their country’s cybersecurity industry, and their team’s cultivated trust with clients.

Timecoded Guide:

[00:00] Reuniting at CyberCon after years of COVID limiting security conferences

[06:30] Differentiating Australia’s cybersecurity industry from the rest of the world

[10:48] Watching current cyber trends with CMMC & the Essential 8 frameworks

[25:41] Creating interpersonal communication in a technology-driven industry

[34:58] Building trust by knowing your clients & your adversaries equally

Sponsor Links:

Thank you to our sponsor Axonius for bringing this episode to life!

How are Australian cybersecurity practitioners different from the rest of the world?

According to Adam, the past 3 years have led to a massive shift in maturity for Australia’s cybersecurity industry. Previously, Australia relied on its physical isolation as a country as a means of security, but breaches have become more high profile and more impactful for Australian businesses in recent years. Now, Adam is pleased to see there be a greater understanding beyond the 101 of cybersecurity and more collaboration with security teams.

“Three years ago, we used to say Australia was 5 years behind the rest of the world [in cybersecurity]. We used to think, because of proximity to the rest of the world, we were pretty safe, but it's definitely become more of a professional approach to security now.” — Adam

How do your roles as Director and Executive work together at NTT?

For Dirk, cybersecurity is the ultimate team sport— and Adam is an impactful element to his cybersecurity team. While Adam often focuses on strategic planning through his background as a practitioner, Dirk enjoys how his business-driven perspective contrasts with Adam and with other members of the team. With a variety of experiences and perspectives in the room, NTT can cover issues from all sides, instead of falling victim to tunnel vision.

“Adam is the person on the team, who's great at that scenario planning piece. ‘Here are the things that are gonna go wrong.’ Whereas myself and a couple of the other people on the team, look at that go, ‘What's that going to cost the organization?’” —Dirk

Where are the strengths and weaknesses in communication in cybersecurity?

Just like Dirk’s thoughts about cybersecurity being a team sport, Adam believes that you have to cultivate a team member-like trust with your clients. The client in an initial conversation might seem defensive of your advice or critical of your actions. However, Adam explains that establishing credibility, especially in the business-focused cyber industry in Australia, goes a long way to creating the opportunity for more casual conversations down the line.

“What we find is, in Australia in particular, it's about not just the company, but you as an individual. Do you have my back? Can I trust you? If I don't like you, will you at least mitigate my risk for me? You have to establish credibility real fast.” —Adam

What advice would you give to someone interested in cultivating more trust between clients and their team?

Dirk loves a good James Bond villain, but the average hacker attacking the average business is nothing like the movies. Establishing trust with clients starts with not only understanding what they need, Dirk explains, but also knowing the most likely threats beyond the showstopping Blackhats of media fame. Being able to explain to and protect clients from the most common threats keeps their data safest and strengthens their trust in your team.

“I think it's about making sure that you know what the worst case scenario is, what the most dangerous course of action that the attacker or a potential attacker could follow, but also, being able to talk credibly about what's the most likely threat.” —Dirk

---------------

Links:

Keep up with our guest Dirk Hodgson on LinkedIn

Keep up with our guest Adam Green on LinkedIn

Learn more about NTT on LinkedIn and the NTT website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Supply Chain Security & Zero Trust Tech with Ashish Rajan & Shilpi Bhattacharjee

Tue, 08 Nov 2022 04:00:00 -0600

Hacker Valley: On the Road is a curated collection of conversations that Chris and Ron have had during conferences and events around the globe. In this episode, Cloud Security Podcast’s Ashish Rajan and Shilpi Bhattacharjee speak with the Hacker Valley team at AISA CyberCon in Melbourne, Australia. Ashish and Shilpi discuss their respective talks on supply chain security and zero trust technology, SBOMs, and keynote speakers at this year’s Cybercon worth noting for the audience at home.

Timecoded Guide:

[00:00] Connecting & conversing at a cyber conference post-COVID

[06:50] Breaking down Shilpi’s presentation on supply chain threats & attacks

[11:45] Understanding the paradoxes & limitations of zero trust with Ashish’s talk

[26:13] Defining & explaining SBOM, or Software Bill of Materials

[33:16] Noticing key conversations & trends for those who didn’t attend AISA Cybercon

Sponsor Links:

Thank you to our sponsor Axonius for bringing this episode to life!

Shilpi, can you talk about the idea behind the talk you had at CyberCon?

The inspiration behind Shilpi’s conference talk was supply chain issues. Titling her talk, “Who’s Protecting Your Software in Supply Chain,” Shilpi hoped to further educate and advocate for security in the supply chain process. An estimated one in two companies will experience a supply chain attack in the coming years. Instead of fearing such a statistic, Shilpi hopes her talk inspired further security action to protect our supply chains.

“One staggering fact that I read is that one in every two companies is going to have some sort of a supply chain attack in the next three years. So, who's going to look after the supply chain? Is it going to be the organization? Is it going to be your third-party vendors?” —Shilpi

Ashish, what about your talk at Cybercon?

In contrast, Ashish’s talk was about the triple paradox of zero trust. When talking about and implementing zero trust, Ashish realized many companies don’t implement the cultural changes needed for zero trust and/or only talk about zero trust as a technology process. Zero trust has numerous layers beyond technology, and requires time and major changes in culture and technology to implement in most companies.

“I feel bad for bashing on finance, marketing, and HR teams. They're all smart people, but if you're going to add four or five layers of security for them, they almost always say, ‘I just want to do my job. I don't really care about this. It's your job to do security.’” —Ashish

Where would you recommend starting when it comes to trying to implement the ideas in your respective talks?

When push comes to shove about where cyber companies can start first with supply chain and zero trust, Ashish and Shilpi agree that companies have to discuss business priorities. When company leaders can take the opportunity to look at and understand their cyber hygiene, the next steps might look very different from another company’s tactics. Knowing what a business has is the foundational piece that impacts any new process in cyber.

“If I were to go back to the first principle of what we do with cybersecurity professionals, one of the biggest assets that we're all trying to protect is data. You can't protect what you can't see, that's the foundational piece.” —Ashish

For anyone that wasn't able to make the conference, what is one thing that you would want to share with the audience at home?

There were a lot of conversations taking place at Cybercon this year. Ashish wants the audience at home to know that cloud native, zero trust, supply chain, and leadership positions like CISOs were the main themes in many talks, panels, and conversations. Shilpi wants those who couldn’t attend to watch out for more talks and conversations about cyber from those outside of the industry to understand that the issues impacting cyber influence the world.

“I think there's that interest about cybersecurity being more than just a cybersecurity problem. Cybersecurity is not just a technical problem, it's a societal problem, a cultural problem. I very much agree, because a lot of the things that we're dealing with impacts everyone.” —Shilpi

---------------

Links:

Keep up with our guest Ashish Rajan on LinkedIn

Keep up with our guest Shilpi Bhattacharjee on LinkedIn

Listen to Ashish and Shilpi’s Cloud Security Podcast

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

The Future of Pen Testing Automation with Alton Johnson

Mon, 07 Nov 2022 04:00:00 -0600

Alton Johnson, Founder and Principal Security Consultant at Vonahi Security, automates his way out of his pen testing job in this week’s episode. An AOl hacking gone wild got Alton into defensive cybersecurity years ago, and now, as the Founder of Vonahi, Alton advocates for automation and efficiency in the pen testing process. Alton talks about his connection to defensive over offensive, customizing a pen test report to your audience, and finding that sweet spot between practitioner and entrepreneur.

Timecoded Guide:

[00:00] Learning the importance of automation in defensive cyber

[07:48] Connecting with automation & defensive cybersecurity over offensive

[12:01] Showing the results that matter to the right people in a pen test report

[15:27] Prioritizing exploitations in the world of vulnerability assessments

[21:59] Maintaining the cyber practitioner & the entrepreneurial side of Vonahi

Sponsor Links:

Thank you to our sponsors Axonius and NetSPI for bringing this episode to life!

How have you seen automation change yourself and your role?

As a penetration tester, Alton explains that time is often not on his side. There’s a limited amount of time to do an assessment, and the measure of a good pen tester is often determined by fast, high quality reporting. Automating the repetitive tasks of pen testing not only saves time, but Alton believes it genuinely changes the role into something much more efficient, high value, and successful.

“Automation obviously plays a huge part in growing in the career too, because the more you can do, the more value you can provide, and the faster you can provide that value makes you a better pentester.”

How do you convey the story of a red team engagement in different ways so that message is received by everyone in the company?

At Vonahi Security, Alton’s team separates pen testing reports into an executive summary and a technical report. The executive summary is high level, demonstrating the impact and severity of what was discovered from a business point of view. Many business executives don’t need the technical play by play, which is why that is saved for the technical report. The technical report acts as a scene by scene story of what was done and how to technically fix it.

“We separate the two conversations. Here's what we did at a high level to anyone that doesn't really care about the technical stuff, but only cares about how it impacts the business, and then, for the person that has to fix the issues, here's everything that they would need.”

What would you tell the newer generation of cybersecurity practitioners about the offensive side?

When Alton first started his cybersecurity journey, he was very into hacking and coding. That passion for code has served him well, allowing him to become successful enough to start his own business with Vonahi. For the younger generation of cyber practitioners, Alton recommends not skipping that coding education. As technically advanced and automated as cybersecurity tools are, practitioners should be prepared to code when something breaks or doesn’t work as intended.

“I think coding is extremely valuable, because there's going to be many times that tools that you use don't work and you have to have the experience and knowledge to basically fix those problems with coding.”

What have you learned over the past few years that has helped you to maintain both the technical and business side of Vonahi? 21

Efficiency is the name of the game for Vonahi— and it’s the one thing that has allowed Alton to remain in a hands-on pen testing role while still being a business owner. Keeping it efficient is more than just technology and automation. Alton believes his success is a direct result of the efficient technology around him and the hardworking, intelligent, efficient team members working with him at Vonahi.

“It is really just about efficiency. We look to all these other leaders, but for me, I like to learn from other people's failures. I don't want to take the same growth processes as the person who failed and didn't do well.”

---------------

Links:

Keep up with our guest Alton Johnson on LinkedIn and his personal website

Learn more about Vonahi Security on LinkedIn and the Vonahi Security website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

The Secret Sauce of SANS Instructors with John Hubbard

Tue, 01 Nov 2022 04:00:00 -0500

John Hubbard, SOC consultant, SANS Sr. Instructor and host of the Blueprint Podcast, joins the Hacker Valley team this week to discuss SANS, SOCs, and seeking new hobbies. As the curriculum lead for cyber defense, John breaks down what makes a good SANS instructor and how to inspire passion in students when teaching for long hours. Additionally, John gives away his life hacks for pursuing passions outside of the cybersecurity industry, including podcasting, video editing, music creation, and nutrition.

Time Coded Guide:

[00:00] Instructing for SANS & what it takes to be a good instructor

[07:33] Exploring the potential of a SOC-less cyber industry

[13:38] Teaching complicated topics with clear visuals & simple comparisons

[19:37] Podcasting his way to better SOC consulting skills

[26:12] Finding a balance between jack of all trades & single skill master

Sponsor Links:

Thank you to our sponsor Axonius for bringing this episode to life!

What do you think are the makings of a good instructor, especially for SANS?

Transitioning from the world of electrical and computer engineering, John’s journey to becoming a SANS instructor took over 3 years of study. Although he jokes that training to be a SANS instructor was the longest job interview ever, John is thankful for the mentorship and inspiration his training gave him. SANS courses require long hours and hard work, but John believes the best instructors bring a real love for what they do to each class.

“The technical aspect has to be there in a very strong way. Beyond that, you have to deliver this message not only with razor sharp clarity, but also with passion and energy. People are sitting there watching you talk for hours. If you aren't excited, they're not going to be excited.”

Cyber defense is a pretty broad topic. What makes you feel comfortable teaching a course on cyber defense?

Cyber defense can be a topic that’s both broad and confusing for students, but John has been dedicated to building a curriculum that cuts through the confusion and inspires innovation. Teaching his students to focus on priorities, John wants to bring clarity to complex topics like SOCs, Kerberos, and related security issues. While the topics can be broad and debatable, John wants to equip his students with real world examples and simple comparable concepts.

“If there was one word I was going to summarize both of the classes I teach with, it’s ‘priorities.’ It's getting the right stuff there first, and not getting distracted by all the other details that are potentially trying to pull you in the wrong direction.”

Have there been unintended benefits to being a podcast host, that either helps you as an instructor, or even someone that does consulting in the SOC space?

Taking the chance to start the Blueprint podcast was inspired partly by John’s previous interest in podcasts like Security Now, but also by his pursuit of learning content creation. Starting a podcast, for John, was an exercise in testing his comfort zone. Learning the technical aspects as well as the creative aspects of content creation and podcast hosting continues to build John’s confidence in his storytelling and teaching skills.

“For me, a lot of things have come out of podcasting. Probably one of the biggest things is just flexing that muscle of doing things that are slightly uncomfortable and scary. Any time you think, ‘I don't know if I can pull this off. Should I do it?’ The answer should always be yes.”

What is one piece of advice or philosophy that enables you to do more and squeeze as much as you can out of life?

In the same way that he teaches his SANS students about priorities, John focuses on his personal priorities often in order to accomplish his well-rounded, jack of all trades lifestyle. Building new skills and cataloging new experiences feels vital for John. Taking full advantage of the time he’s been given and getting curious about expanding his comfort zone is an essential philosophy that has taught John not only about cyber defense, but about every hobby he enjoys as well.

“I try to get up as early as I can manage to get up every day, well before I start getting emails and meeting requests and all sorts of stuff like that, and try to plan out my day and ask myself, ‘How am I going to actually approach doing the things that matter the most to me?’”

---------------

Links:

Keep up with our guest John Hubbard on LinkedIn, Twitter, and YouTube

Listen to John’s podcast on the Blueprint Blog

Learn more about John’s work on the SANS Institute website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Creating Community for Female Security Practitioners with Larci Robertson

Tue, 25 Oct 2022 04:00:00 -0500

Larci Robertson, Sales Engineer at Cyberreason and Board President of Women of Security, brings her expertise and experience in cyber threat analysis, community building, and networking to the pod this week. Larci talks about her time in the Navy, her desire for female friends, and how the combination of those two things led to her joining Women of Security (WoSec). In this episode, Larci walks through the importance of women-led cyber spaces and how mentoring gives back to the community in a ripple effect.

Timecoded Guide:

[00:00] Searching for friendship in Women of Security spaces

[06:56] Diving into the Dallas cyber community with WoSec

[14:00] Finding mission-focused purpose in threat intelligence analysis

[17:57] Transitioning from the military into security and technology

[24:10] Encouraging women to stay motivated in the cyber industry

Sponsor Links:

Thank you to our sponsor Axonius for bringing this episode to life!

How did you get introduced to Women of Security?

After leaving the Navy and moving to Dallas, Larci struggled to find community amongst other women in tech. She worried the women she knew outside of the industry wouldn’t understand her unique struggles, but the women she was meeting in cyber felt few and far between. Reaching out to Women of Security felt like an encounter with destiny, which inspired Larci to start her own WoSec chapter in Plano and find her voice as a community leader.

“I wanted to find those women and get more women into security, but also have somebody to hang out with that was in the same industry, same page, we're all kind of going at the same pulse of what we've got going on in our lives.”

What are the challenges for women transitioning into the technology field, whether they're coming from the military or from another industry?

As a woman in threat defense analysis, Larci understands the hurdles and complications that come with transitioning into the field. Originally gaining her security experience in the Navy, Larci explains that she, along with many women she meets in the industry, undermine their past experiences and doubt their full potential. This often leads to less job applications from women when positions open up, perpetuating the gap for women in tech.

“I want to tell women, and I do tell them all the time, don't look at that job title. Read through the actual like, what they want you to do, and maybe you understand it in a different way. Don't worry about that stuff. Let them tell you you're not qualified, don't do it to yourself.”

What comes to the top of your mind about the power of community when thinking about WoSec?

Community inspired Larci to be a part of WoSec, but it also left a lasting impact on her friends and her family. Not only has Larci witnessed many female friends achieve career heights they never dreamed possible, she’s also seen Women of Security inspire her own daughter. Initially believing her job was “too technical,” Larci’s daughter now better understands her own potential to succeed in cyber and tech, which has given her so much confidence in her future.

“I'm seeing people get their first jobs in cybersecurity, and it's really exciting. And then, they'll turn around and help somebody else. I feel like that's happening a lot more. I see it because my group is doing it, I think we're all emulating each other in that way.”

For any women listening right now, what would be that piece of advice that you have for them to keep them energized while they're in the field?

Money is a motivator for many individuals transitioning into the cyber industry. While Larci understands why she meets many women looking to make more money in cyber, she also encourages those women— and anyone else listening to this week’s show— to find a purpose and passion for their work. Money motivation doesn’t last forever, and Larci wants to build a community of women who understand and enjoy their purpose in tech.

“I feel like no matter what you do, if you have purpose in what you're doing, you're going to stay and you're going to have that drive. On top of that, you gotta have fun with this. If you're not having fun at what you're doing every day, I think you're doing it wrong.”

---------------

Links:

Keep up with our guest Larci Robertson on LinkedIn and Twitter

Learn more about Cyberreason on LinkedIn and the Cyberreason website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Securing Feelings of Worth, Value, & Belonging with Marrelle Bailey

Tue, 18 Oct 2022 04:00:00 -0500

Marrelle Bailey, Community Manager, Content Curator, and DEI Advocate, brings her multifaceted career experiences down to Hacker Valley Studio this week. Tapping into her past lives in yoga, bodybuilding, community managing, and cybersecurity, Marrelle explains the silo her career has taken into helping others find ease and peace of mind in their work. Marrelle also walks Chris and Ron through an exercise designed to help anyone feel more worthy, valuable, and like they belong.

Timecoded Guide:

[00:00] Taking on career pivots with excitement & curiosity

[06:23] Bodybuilding & yoga’s surprising presence in her cyber career

[09:28] Finding black women in predominantly white tech communities

[14:07] Being a jack of all trades, but a master of self worth & reflection

[20:54] One key practice for feeling worthy, valuable, & like you belong

Sponsor Links:

Thank you to our sponsor Axonius for bringing this episode to life!

What from your past in yoga and bodybuilding has stuck with you today?

As someone who grew up feeling traumatized and uncertain, Marrelle believes that yoga genuinely saved her life. Yoga helped Marrelle feel confident and empowered, and also taught her the importance of self-reflection. Additionally, Marrelle’s continued health and wellness journey inspired her to take up bodybuilding, which has motivated Marrelle to work hard, to motivate others to engage in their health, and to recognize when she’s holding herself back.

“My clients know I'm fixated on pushing them as much as I push myself, because I know we have greatness. I know for myself, I can be the best self-sabotager in the world when it comes to pushing myself professionally. I know what it feels like sometimes to hold yourself back.”

What has it been like doing all these different roles and how do they stack together?

Marrelle is a true example of a jack of all trades, with experience in personal training, cybersecurity, content creation, and community management. Despite the differences, each role Marrelle has taken on has ultimately focused on compassion, authenticity, and perseverance. Marrelle never saw black women succeed in the areas she wanted to succeed, but now, she can set an example and show that she belongs in each opportunity she takes.

“I feel like each job taught me, even though they were all so different, they all taught me about gaining compassion for people. Am I being authentic to the people around me? Am I giving people the ability to be themselves and for me to be myself, to grow, to persevere, to push?”

How would you describe yourself, being so multifaceted and dimensioned?

Marrelle believes she is someone that just wants to help other people and support other people in their healing process and in knowing their importance. Many people, regardless of their profession, struggle with difficult feelings of unworthiness and exclusion, fearing that they won’t be taken seriously for who they are. Marrelle has struggled with these same feelings, and wants to create safe spaces for people to grow and nurture their confidence.

“I just want to bring people's lives ease and peace and remind them how valuable they are, because I think all of us at some point struggle to know our worthiness and our value, and that we belong in the spaces that we're in, because sometimes we can really feel left out.”

What would you recommend for anyone who wanted to start feeling worthy, valuable, and like they belong a little bit more today?

While anyone can struggle with feeling a lack of worth, value, and belonging, Marrelle wants to reassure listeners that these exist in abundance and can be built up with mindfulness exercises. An easy way to start practicing a better and more positive mindset is through inhaling the good and exhaling the bad. As you inhale deeply, think positively about who you are and who you want to be. As you exhale, get rid of negative and unfair thoughts about what makes you “not good enough” to feel worthy, valuable, and like you belong.

“You are worthy, you are valuable, and you belong where you are. No one can question it, you are where you are because you got there. No one knows your backstory, no one knows your journey, no one can walk in your shoes, but you deserve to be where you are.”

---------------

Links:

Keep up with our guest Marrelle Bailey on LinkedIn, Twitter, and website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Finding Your Imposter Syndrome Origin Story with Sheryl Anjanette

Tue, 11 Oct 2022 04:00:00 -0500

Sheryl Anjanette, Author, Speaker, and CEO & Founder of Anjanette Wellness Academy, comes down to Hacker Valley to discuss and promote her new book. The Imposter Lies Within covers Sheryl’s work with the intersection between business and mindset, and invites professionals to reconsider and reprogram their brains away from imposter syndrome. Using her findings personally and professionally, Sheryl walks through the origins, explanations, and potential remedies for imposter syndrome in this episode.

Timecoded Guide:

[00:00] Discovering imposter syndrome’s origin story

[05:04] External triggers vs the inner critic

[13:59] Imposter syndrome & Neuro Linguistic Programming (NLP)

[21:11] Reprogramming your brain to heal from the imposter phenomenon

[27:34] Fearing firing as an unrealistic response to the inner critic

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

Uptycs, analytics for the modern attack surface, observability for the modern defender. Check out Uptycs by visiting them at uptycs.com

What is the origin of imposter syndrome?

Defined and named in the early 1970s, imposter syndrome impacts each person in different ways depending on a variety of personal experiences, including gender, upbringing, and income status. Despite the experience varying from person to person, Sheryl explains the set of symptoms still remains strikingly similar, no matter who is suffering from imposter syndrome. This has made the phenomenon relatively easy to identify with, as many struggle with a lack of belonging, self worth, and self confidence.

“In the early ‘70s…researchers called it the imposter phenomenon, but they had only studied women. For quite a long time, people thought only women experienced feeling like an imposter, but recent studies have shown that men and women experience this almost equally, just differently.”

Do you see imposter syndrome as a negative construct of Neuro Linguistic Programming (NLP)?

Outside of the office, Sheryl incorporates Integrated Hypnotherapy in a large majority of her coaching work and explains that a large majority of that has involved delving into NLP, or Neuro Linguistic Programming. NLP emphasizes the importance of what people tell themselves. What someone actively lets themselves think has the power to become true to their brain. When someone thinks they are an imposter at work, they end up accidentally using aspects of NLP, which causes their brain to believe they are an imposter.

“Our conscious mind is only 10% of our reality, 90% is below the surface. When we can start to make the unconscious conscious, when we can do the deep dive and go back in and look at our programming, we can see where the code went bad and change that.”

What are the steps of reprogramming your mind away from these imposter thoughts?

Reprogramming someone to actively deny and work against imposter syndrome thoughts requires a deep dive into emotions and an understanding of an internalized past. Sheryl explains that being present, taking deep breaths, and allowing your perspective to shift out of your head and into your body are all steps that need to be taken in this reprogramming process. This process is powerful and new, but Sheryl promises it doesn’t have to be difficult or uncomfortable.

“Get very, very present in the moment and then, just feel yourself drop into your heart. Feel yourself drop into your heart, it's only an 18-inch journey, but it's something we generally don't do very often. Get out of our head and into your heart.”

For anyone that's dealing with imposter syndrome, is there anything that you would want to tell them to help them understand the power within?

Sheryl sees a large majority of professionals struggle specifically around the idea of not being good enough at work and being an imposter at risk of being fired. Imposter syndrome can convince anyone of this idea because it doesn’t rely on experience as evidence, according to Sheryl. Instead, someone suffering from imposter syndrome has to acknowledge that the idea of not being good enough and being fired is just an idea, not reality.

“As you go into your heart and into your observer role, ask yourself: Is this real? Where's this coming from? And then, tell yourself a different story. ‘I'm good. Everything will work out. I think that's just a pattern that I've had for a long time. I'm going to assume the best.’”

---------------

Links:

Keep up with our guest Sheryl Anjanette on her website, LinkedIn, or via email: hello@sherylanjanette.com

Purchase Sheryl Anjanette’s book, The Imposter Lies Within, on Amazon and Barnes & Noble

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Beers, Tears, & Breaking Through in Cybersecurity Marketing with Gianna Whitver & Maria Velasquez

Thu, 06 Oct 2022 04:00:00 -0500

In this special episode, Hacker Valley community members and hosts of the Breaking Through in Cybersecurity Marketing podcast, Gianna Whitver and Maria Velasquez, tell all about the ups and downs of cyber marketing. As podcast hosts and founders of the Cybersecurity Marketing Society, Gianna and Maria eat, sleep, and breathe cybersecurity marketing. This week, Gianna and Maria share the history behind the Society and explain why they decided to host their CyberMarketingCon2022 conference in person.

Timecoded Guide:

[02:41] Creating the Cybersecurity Marketing Society

[06:29] Transitioning CyberMarketingCon2022 from virtual to in-person

[10:50] Combating the difficulty of growth marketing to cybersecurity practitioners

[18:34] Examining ROIs for attendees of conferences like Black Hat and RSA

[28:15] Finding the one thing they would instantly change about cyber marketing

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

Uptycs, analytics for the modern attack surface, observability for the modern defender. Check out Uptycs by visiting them at uptycs.com

How did the Cybersecurity Marketing Society come to exist?

Gianna and Maria initially met and bonded over how the cybersecurity marketing world is constantly changing and evolving, for better or worse. They would get together to chat, as well as share strategies and insights. They quickly realized, through their friendship, that there was potential for a solid community in cybersecurity marketing. They started a Slack channel, just to put something out there. The channel grew from 10 participants into a bustling community of over 1500 people. Now, the Society is growing every day and hosting online events.

“It's always really nice to look back at the start, and it humbles you, right? As you continue this hustle of just growth and ongoing things happening, it's nice to take a step back and say, ‘Wow, look at where it all started.’ It seemed like just a crazy idea then.” –Maria Velasquez

What inspired the leap to host an in-person conference for CyberMarketingCon?

Back in 2020, while everyone was experiencing the height of the pandemic, members of the Cybersecurity Marketing Society were still interested in making connections with other professionals in the industry. Gianna and Maria decided the best option available was hosting virtual conferences in 2020 and 2021. Later, they branched into in-person chapter meetups in cities around the world. An in-person CyberMarketingCon2022 seemed like the next natural step in the process to cement those community connections.

“We started planning on a spreadsheet, basically. What's the theme? What do we want to cover in terms of topics? We looked to our members within the Society to hear what they'd like to learn at the conference and the speakers they'd like to see.” –Maria Velasquez

What makes it so difficult to market to cybersecurity practitioners?

Cybersecurity practitioners are notoriously skeptical. Their purview is full of phishing links and threat actors, and their guards are always up. Practitioners also often have a revolving door of folks wanting them to try demos, which makes it harder for someone to stand out. Maria and Gianna explain that you have to create a different kind of connection to build a relationship with practitioners, and advise marketers to avoid the cringeworthy commercial buzzwords.

“We're here to make sure that together, as an industry, cybersecurity marketers default to the best practices in marketing to practitioners, and that we're not bothering our target audience. We're doing great marketing, so that we can help everyone be more safe.” –Gianna Whitver

What did the ROIs look like for attendees of Black Hat and RSA?

In general, according to Gianna and Maria, the return on investment seemed higher for attendees at Black Hat, rather than at RSA. For marketers, RSA is less about selling and more about brand awareness and meeting with investors. In contrast, those who attended Black Hat reported that, even though the quantity of traffic at their booths was lower, the quality of the connections was higher, and there is a lot of optimism about opportunities to connect next year becoming more frequent.

“We're going to keep doing this every year. We're going to keep expanding the survey, we're going to have better data. I'm really looking forward to next year's debrief on Black Hat and RSA, seeing how things changed and how companies perceive their ROI.” –Gianna Whitver

----------

Links:

Grab your ticket to the CyberMarketingCon2022

Follow Gianna on LinkedIn

Catch up with Maria on LinkedIn

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Putting Your Cyber Marketing Audience First with Dani Woolf

Tue, 04 Oct 2022 04:00:00 -0500

Dani Woolf, Director of Demand Generation at Cybersixgill and Host of the Audience First podcast, brings her marketing expertise to Hacker Valley to talk about what’s broken in the marketer-buyer relationship. Dani’s tried and true methods of cybersecurity marketing involve clear messaging, authentic communication, and building trust in an industry where not trusting anyone is the norm. How can cyber marketers break through the negative stereotypes and show cybersecurity buyers that they’re authentic?

Timecoded Guide:

[00:00] Fixing the broken relationship between cyber marketers, sellers, & buyers

[04:58] Unrealistic marketing goals vs incorrect marketer perspectives

[10:23] Better conversations between marketers & practitioners with Audience First

[15:12] Connecting with curious cyber practitioners instead of dismissing them

[23:37] Advice for cyber marketers looking to start fresh with content

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

Uptycs, analytics for the modern attack surface, observability for the modern defender. Check out Uptycs by visiting them at uptycs.com

What messages are practitioners receiving (or not receiving) from cybersecurity marketers?

One of the domains Dani actively uses is hilariously titled, “WTF Did I Just Read?” This project, inspired by the contextless and confusing messaging cyber practitioners receive everyday, aims to show marketers how to adopt better tactics and more authentic communication with potential buyers. Truth be told, Dani has seen the worst of cyber marketing, and she understands why many marketing teams get a bad rap in the industry.

“Frankly, [marketers] are just sending messages that have absolutely no context or need to the buyer, which is just lazy. You have to identify the problem, do a little bit of legwork to see what the buyer is interested in. Who are they really? What are they trying to solve?”

Where do you think we all went wrong, from a cyber marketing perspective?

Two factors have contributed to incorrect and inauthentic marketing tactics in cybersecurity, according to Dani. The first is pressure to achieve stressful goals and unrealistic KPIs on marketing teams that should be focusing on quality of communication over quantity of calls or outreach methods. The second is marketers coming into the cyber industry with the false mindset that cyber marketing is just like any other marketing, when in reality, the methods of communication and the relationship with buyers is completely different.

“A lot of professionals coming into cybersecurity think that what they've done in other verticals works in cybersecurity, when in fact it doesn't. I know for a fact it doesn't, because that's how I made mistakes in the security space and that's how [my podcast] Audience First was born.”

Is there a lot of conversation and communication happening between marketers and cybersecurity practitioners?

Marketers and practitioners are not communicating in a trustworthy and authentic way, in Dani’s opinion. Many marketers fall into the mindset trap of letting the “smart people” in the room talk during meetings and calls, instead of engaging in the conversation. Dani explains that when cyber marketers shut themselves out, they don’t learn anything about cybersecurity or about their clients. Not knowing creates a lack of trust and confidence for both sides.

“If we continue to just click on buttons and look at numbers, we're not going to do our jobs any better. I urge anybody listening to foster that bidirectional relationship, to be open to marketers speaking to you, and to be open to speaking to practitioners and asking for feedback.”

How would you compare the average cybersecurity buyer to, for example, other buyers in the technology space?

Despite the stereotypes of cybersecurity buyers being tough or unapproachable, Dani admits that many of her cybersecurity clients are kinder and more empathetic than in other tech industries. However, this kindness and empathy has to be earned, and security professionals aren’t always the easiest people to gain the trust of. Dani explains that credibility and authenticity reign supreme in messaging to cyber buyers, because that is the only way to break through the caution many practitioners are trained to have.

“Why would I scratch your back? Or, why would you scratch mine if I don't even know who you are? Like, the whole point of security is not to trust everything that you see. So, trust and credibility is a huge part of that, and establishing authentic relationships is a huge part, too.”

---------------

Links:

Keep up with our guest Dani Woolf on LinkedIn and Twitter

Listen to Dani’s podcast, Audience First, and learn more about “WTF Did I Just Read?”

Check out the Cybersixgill website

Learn more about Dani’s work on her other Hacker Valley podcast appearances: Breaking Through in Cybersecurity Marketing, Breaking Into Cyber

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Special Featured Episode! Purple Teams & Threat Informed Defenses with Ben Opel

Thu, 29 Sep 2022 04:00:00 -0500

Ben Opel, Senior Director of Professional Services at Attack IQ and former Marine, joins Chris and Ron to talk about the essentials of purple teaming. Combining the essentials of the red team and the blue team, a purple team offers cybersecurity companies a unique opportunity to create a threat informed security process. Using his time in the Marines and his experience at Attack IQ, Ben walks through purple team philosophy, breach and attack simulations, and shifting from a reactive to a proactive mindset.

Timecoded Guide:

[00:00] Past experiences with cybersecurity in the Marine Corp

[04:28] Exposure to purple teaming in defensive cyber ops

[10:26] Implementing breach and attack simulations in defense strategy

[14:38] Threat informed defense and the aftermath of breach simulations

[23:36] Communicating and approaching risk-related decisions

Sponsor Links:

Thank you to our sponsor AttackIQ for bringing this episode to life!

AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

How did you first get exposed to purple teaming and what are some of the tenants that you hold today?

Ben’s experience in cybersecurity and his journey into purple teaming occurred during his time with the Marine Corps, performing defensive cyber ops. Originally, Ben didn’t even know the term purple team existed when he first encountered it, but his team was already approaching their work that way. Ben explains a core tenant of purple teaming is getting people in the same room and showing them the value their work brings to one another.

“We started building our teams around this multifunctional purple concept of having threat hunters, threat intelligence, red cell, support and mitigation, and forensic cell all in one. All of these capabilities in one team, where they could work synergistically.”

What are the shortcomings and advantages of the purple team philosophy?

Like any philosophy, Ben explains that the hardest part of incorporating a purple team mindset is including it in everything your team does. To aid in this shortcoming, Ben keeps one question in mind: “What can someone do for me, and what can I do for them?” When involved in a purple team, everyone is putting their heads together. Ben explains there’s much less confusion between offensive and defensive professionals in that purple collaborative setting.

“Pure red team ops can be super fun, but you leave every job not sure they're going to actually make something with what you did. I've worked with blue teams who are like, ‘Hey, this was a great report, red, but we made some fixes, but we don't know if these are good.’”

How do we get more people into being proactive and adopting the purple team perspective?

A large majority of cybersecurity teams and processes involve reacting to potential threats and incidents. In contrast, purple teaming and threat informed defense strategies emphasize a more proactive mindset. Ben explains that working with a capability like Attack IQ helps teams build confidence in what they can prepare for and prevent. Building confidence in infrastructure and resilience in your team helps a proactive mindset thrive.

“It’s about giving folks the ability to parse out and understand what's important to them, and to boil that down into, ‘Okay, now, what does that mean when hands on keyboard?’ Making that available, making that easily digestible. It's an education problem in this realm.”

What would be your first piece of advice for the person about to embark on discovering or explaining breaches and attacks in relation to their organization?

Ben explains that explaining breaches and helping others in your organization understand attack risks starts with showing. He explains that revealing how easily these things can happen and in what situation certain events could be particularly harmful opens the eyes of members of your team to what their threats look like. Instead of catering to doom and gloom, analyze your cyber threat risk with practicality and literal examples.

“If I had to say that I had a specialty forced upon me by the Marine Corps, it was that. It was going over to peers and telling them that this is something that's good, bringing my red team in and letting them poke around, letting my blue team plug in to their network from some strange IP that they've never seen before.”

---------------

Links:

Keep up with our guest Ben Opel on LinkedIn

Learn more about Attack IQ on LinkedIn and the Attack IQ website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Recruiting and How to Find the Perfect Match with Mimi Gross

Tue, 27 Sep 2022 04:00:00 -0500

Mimi Gross, Founder and Cybersecurity Matchmaker at People By Mimi, connects early stage through Series C cybersecurity startups with sales and marketing talent. As a recruiter and headhunter with over 5 years of experience, Mimi refers to the process of recruiting and hiring as “cybersecurity matchmaking.” Mimi joins Hacker Valley Studio this week to talk about what recruiting and dating have in common (including marriage!), and the ways to deal with rejection during the hiring process.

Timecoded Guide:

[00:00] Defining the term “cybersecurity matchmaking” as a recruiter

[04:00] Commonalities between recruiting and dating advice

[07:55] Dealing with job rejection like a bad breakup

[15:17] Balancing hiring manager wants and needs in the recruitment process

[20:11] Emphasizing chemistry between the ideal candidate and their future employer

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution: uptycs.com.

Where did the term “cybersecurity matchmaking” come from?

There’s a huge element of matchmaking in recruiting. That’s essentially what you’re doing — you’re matching a potential candidate with a potential new position. Certain recruiters and companies instead treat the act of recruiting candidates and hiring new employees like a sales transaction. This feels impersonal for everyone involved. Referring to recruiting as “matchmaking” reminds everyone involved that there are humans in the process at every stage, from application to references, interviews to onboarding.
“Early on, I was disillusioned with recruiting, because I realized that people don't treat it like finding the perfect match. It's like sales for some people. I quickly said, ‘I can't do this thing unless I can call it matchmaking.’ That's where the term came in.”

What does dating advice have to do with recruiting?

In both recruiting and dating, you’re trying to find the “right” fit. In dating, both people in a relationship are looking for “the one”; someone to grow with long term and to build a mutually beneficial relationship with. In recruiting, the founder or hiring manager is looking for the right candidate for the role, while the job searcher is looking for the right job for their career. In both dating and recruiting, when you find the right one, it won’t be a huge compromise or a challenging fit; the relationship will feel authentic and natural.
“I find that the best matches I make — and I love to call them matches, because they really are — I look back at them, like, ‘You know, that was a good match.’ In those great matches, the chemistry was there right away.”

How do you help candidates deal with rejection?

Rejection is part of the recruiting process, just like how breaking up is part of the dating cycle. There are going to be times when the fit isn’t right and the job you want goes to a different candidate. The trick is to not take it personally. Instead, take a learning approach to the situation. The company might need to go in a different direction, or someone else in the organization may be taking over the position. Unlike dating, the hiring process is unrelated to who you are as a person. Focus on learning and applying your experience elsewhere.

“It’s not just about not taking rejection personally. You have to see that there will be the right fit for you, and that also, the person who is rejecting you now could be a valuable person to know in the future. Never burn bridges.”

What is one of the most important aspects in recruiting?

Chemistry is key in the recruiting process. You may have a company executive or a hiring manager who wants a specific trait from their applicants, like an Ivy League education. As a recruiter, you have to dig beneath the surface to discover the “why” behind a job qualification or educational requirement. Perhaps the employer actually wants someone organized or detail-oriented. Getting to know the “why” means that you can find the actual right fit, while the chemistry between the job seeker and the hiring executive will take care of the rest.

“In the beginning, if you find the right match, the dating metaphor here is that nobody's perfect. You have to figure out what kind of imperfect you can handle and you can love, and that's the right match.”

----------

Links:

Spend some time with our guest Mimi Gross on LinkedIn

Learn more about cybersecurity matchmaking on the People By Mimi website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Recruiting Talent for Cybersecurity’s Next Open Position with Renee Small

Tue, 20 Sep 2022 04:00:00 -0500

Renee Small, Cybersecurity Super Recruiter, content creator, and host of the Breaking into Cybersecurity podcast, joins the Hacker Valley team to clear the misconceptions around recruiting and discuss cybersecurity’s open positions. Taking labor shortages and skills gaps into consideration, Renee explains how she’s helped others start strong in the industry and hone their skills. Additionally, Renee covers her journey into content creation and podcasting, and how that’s impacted her recruiting work.

Timecoded Guide:

[00:00] Understanding a recruiter’s role in big and small cybersecurity orgs

[06:37] Diving into content creation with the Breaking into Cybersecurity podcast

[12:13] Challenges and rewards of helping entry level cybersecurity professionals

[16:02] Rewarding cyber recruitment stories and tech mentorship opportunities

[22:39] Advising job seekers looking for entry level positions in cybersecurity

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution: uptycs.com.

What is the role of a recruiter in cybersecurity?

Renee knows the idea of a recruiter can be a confusing one, and the role of a recruiter can be radically different depending on the size of an organization or the type of recruitment they focus on. Overall, however, Renee believes that the role of a recruiter is to be a matchmaker for a position within a company. Cybersecurity recruiters have to understand the technical needs of a position and the cultural needs of a cybersecurity company to find the perfect practitioner fit.

“The role really is to be like a matchmaker. You’re seeing who out there is a great fit for which roles, which companies, and which culture, or which company culture, and that's what makes it, for me, a lot of fun.”

How has being a content creator impacted your work as a recruiter?

Although Renee doesn’t always identify as a content creator, her work with Chris Foulon on the Breaking into Cybersecurity podcast speaks volumes about the type of creator she really is. Renee always focuses on giving back with the work she produces, whether that work involves career coaching, recruitment advice, or cybersecurity education. Becoming a podcaster and content creator has allowed Renee to answer questions and provide information that helps the entire online cyber community.

“I experienced all the positions that were open as a recruiter, but I had no idea that there was this group of folks who were entry level, or transitioning into their first cybersecurity position, and they needed my help [in order to break into cyber].”

What are some of the most fulfilling moments that a recruiter can have?

Being a recruiter gives Renee the opportunity to help cybersecurity practitioners discover their dream job and navigate the industry intelligently. Her fulfilling moments actually center around those she’s helped along the way, including a former mentee and a former helpdesk employee looking for upward mobility. Finding the perfect match isn’t just about satisfying the company needs, Renee explains, but is also about connecting someone to an opportunity for success and growth.

“I get a kick out of people getting a job, it's almost like a little high for me. Every time I'm the person who connects people and it works out and they get paid well, I have a little party in my head. It's just so rewarding. I love that matchmaking process so much.”

What advice do you have for professionals struggling with their job search in the cybersecurity industry?

Cybersecurity’s labor shortage and staff burnout issues threaten even the most air-tight of security teams. Unfortunately, Renee explains that even with so many job openings, entry-level employees or professionals transitioning industries still can’t break into cyber. Her best advice for those struggling to take the first step is to connect with successful practitioners in the field already through nonprofit organizations and network events. Focus on a network that will expand your knowledge of cyber and the state of the industry.

“If you're a college student, if you are someone out there looking to understand what's happening in the field, join one of the myriad of cybersecurity nonprofit organizations and learn about what security really is.”

---------------

Links:

Keep up with Renee Small on LinkedIn

Listen to Renee’s podcast Breaking into Cybersecurity

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Keeping It Open Source with Metasploit’s HD Moore

Thu, 15 Sep 2022 04:00:00 -0500

This season of Hacker Valley Red wraps up with another interview of an incredible offensive cybersecurity legend. Known first and foremost for his work founding Metasploit and his recent work co-founding Rumble, HD Moore joins the show this week to hear about his journey from spiteful hacker to successful founder. HD walks through the history of Metasploit, the motivation behind their coding decisions, his opinions on open source software, and the excitement of exploration and discovery.

Timecoded Guide:

[04:57] Catching up with HD’s career from his hacking exploits in the ‘90s through his founding of Metasploit to his recent activities with Rumble

[11:41] Getting personal with the feelings and takeaways from a project as successful and impactful on the cyber industry as Metasploit

[18:52] Explaining HD’s personal philosophies around accessible education and the risk of sharing vulnerable information publicly

[25:39] Diving deep into the technical stories of HD’s path of discovery and exploration during his time at Metasploit

[31:14] Giving advice for future founders and hackers looking to make a legendary impact on the cybersecurity community

Sponsor Links:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

PlexTrac is pleased to offer an exclusive Red Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!

What were some of the trials, tribulations, and successes of Metasploit?

Although Metasploit has had a lasting impact on the cyber world, HD Moore is not afraid to admit that part of Metasploit existed out of spite for critics, employers, and gatekeepers in the cybersecurity industry. In terms of trials and tribulations, HD saw a great deal of criticism come from his peers and from professionals ahead of him in the industry, often displaying rudeness towards the quality of the exploits and Metasploit’s audience of young hackers. Later, HD says that a surprising and amusing side effect of his success with the project was watching employers and peers go from criticizing to lifting up his work with Metasploit and attributing success of many hacking professionals to its creation.

“When we started the Metasploit project, we really wanted to open up to everybody. We wanted to make sure that, even if you barely knew how to program, you can still contribute something to Metasploit. So, we did our best to make it really easy for folks to get in touch with us, to submit code.”

Where does your philosophy land today on giving information freely?

HD has heard the same opinions many professionals that teach and give information freely have heard: “You’re making it easier for people to use this information the wrong way.” Instead of considering the worst possible outcomes of making hacking accessible, HD chooses to acknowledge the importance of accessible education and publicly provided information. According to HD, if someone is creating and teaching content to the next generation of red teamers, that content is theirs to use. Whether they’re a physical pen tester teaching lock picking or a hacker disclosing a vulnerability, what they choose to share with others has to be based on personal moral code and what others do with that information is up to them.

“It comes down to: You do the work, you own the result. If you're teaching people how to do stuff, great, they can do what they want. You can decide to do that, you can decide not to do that, but it's your decision to spend your time training people or not training them.”

Is it possible to be a CEO, or a co-founder, and stay technical?

The downside of success in the cybersecurity industry is often stereotyped as losing the opportunity to be a hands-on hacker. However, for HD, his success has allowed him to do the exact opposite and instead prioritize his time to be technical. HD believes strongly in the ability to make this happen through proper delegation of duties, incorporating new leaders and managers in your company or project, and acknowledging when you may need the help to bring what you’re working on to the next level. HD is proud of his success with Metasploit and Rumble, and is happy that he was able to hand off certain duties to other professionals that he knew would do better if they had a chance in the founder’s shoes.

“Don't let the growth of your company change what you enjoy about your work. That's really the big thing there, and there's lots of ways you can get there. You can hire folks to help out, you can promote your co-founder to CEO. You can bring on program managers or project managers to help with all the day to day stuff."

What advice do you have for people looking to follow a similar cyber career path?

Content is the name of the game, especially when you’re looking to get more eyes on what you do. HD is the first to admit that putting himself out there in a blog post, on a podcast, or at a stage show is not always a walk in the park, taking him out of his comfort zone and often away from the tech that he spends his time on. However, publicly displaying himself and his work has brought attention to Rumble and Metasploit, and HD knows he would not have achieved this level of success without putting his content out into the world, hearing feedback from his peers, and even receiving his fair share of criticism from industry professionals.

“Not all of it is the most fun thing to do all the time, but it is crucially important, not just for growing yourself and getting out there and getting feedback from your peers, but for learning because you learn so much from the feedback you get from that effort.”

-----------

Links:

Stay in touch with HD Moore on LinkedIn, Twitter, and his website.

Learn more about Rumble, Inc on LinkedIn and the Rumble website.

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter and LinkedIn

Catch up with Chris Cochran on Twitter and LinkedIn

Continue the conversation by joining our Discord

Hacking the TikTok Algorithm with Caitlin, AKA Cybersecurity Girl

Tue, 13 Sep 2022 04:00:00 -0500

Caitlin Sarian, known on TikTok as Cybersecurity Girl, comes to Hacker Valley to talk about the endless possibilities for cybersecurity on social media. Walking through her journey of becoming cyber’s biggest TikTok star, Caitlin covers every aspect of internet fame and online presence, including facing criticism, gaining and losing viewers, and trying to make an impact on women in STEM. Alongside her work on social media, Caitlin also walks through the development of her new online cybersecurity course.

Timecoded Guide:

[00:00] Introducing Caitlin & her work on TikTok with Cybersecurity Girl

[06:45] Building a cyber platform on TikTok & dealing with imposter syndrome

[11:21] Keeping women in STEM, instead of just getting women into STEM fields

[15:56] Dismissing the idea of the diversity hire in tech & cyber

[24:43] Working with Girls Who Code & building her own low-cost cyber school

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

Uptycs, analytics for the modern attack surface, observability for the modern defender. Check out Uptycs by visiting them at uptycs.com

How do you feel about going viral, or not going viral, on TikTok?

Although social media, especially TikTok, relies on an algorithm to push content to different viewers, Caitlin admits that viral content creation is more about luck than about methods. Since becoming involved in TikTok as a cybersecurity influencer, Caitlin has developed tricks of her own to elevate her content and interact with her audience, including going live on the app. However, she still explains that going viral is still random, with lower quality quick content sometimes hitting a larger audience than her higher value creations.

“Videos that you spend the least time on get the most views and the videos that you spend the most time on, get the least views. I've stopped looking at the views and just started trying to produce content that either makes people smile, or adds value to people's lives.”

What is that value that you're getting from making cybersecurity content for TikTok?

While creating podcasts at Hacker Valley allows for Chris and Ron to give back to their community and meet incredible cybersecurity content creators, a similar idea guides Caitlin’s work on TikTok. Considering that content creation can sometimes feel thankless and frustrating, Caitlin motivates herself by focusing on the people she helps. Through making cybersecurity more accessible online, she hopes to inspire other women to get involved and stay involved in cyber, tech, and STEM fields.

“It adds value to my life, knowing that I'm not just going day-by day-doing my job and that's it. I like bringing awareness and being that light for people that need it, especially in the tech world. I think for me, this is what I'm hoping for, I'm hoping to get more women in STEM.”

Can you tell us a little bit about your online cybersecurity school?

Caitlin isn’t only working on her cybersecurity platform on TikTok, she’s also expanding into online education with her course, Become a Cyber Analyst. Focusing on cybersecurity accessibility and affordable education, Caitlin’s course is a six-month boot camp that teaches students the ropes of the cyber industry. The best part? Students don’t pay until they’re employed in cyber, and Caitlin’s course guarantees a job within 3 months of graduation.

“I partnered up with a school called Master School, and it's basically a six-month boot camp. And then, after the boot camp, we have HR specialists that help students get a job after. You don't have to pay for it until you get a job, and it's a lump sum.”

What is your perspective on the struggles women face breaking into cybersecurity and staying in tech careers?

As a woman in cybersecurity, Caitlin has witnessed alarming levels of sexism in the industry and has seen fellow women experience tech burnout. With her content on TikTok and her new cybersecurity school, Caitlin hopes to solve the problem of not just inviting women into the cyber industry, but retaining female employees in cyber as well. Through supportive content creation and her own influence, she hopes other woman see that the possibilities in their careers are endless.

“I think the issue that I always used to deal with is a lot of men think I got the job from just being a woman. That also goes to my imposter syndrome, because I'm like, ‘Maybe I did just get this job because I'm a woman and they want to work with me. Maybe I'm a diversity hire.’”

---------------

Links:

Keep up with our guest Caitlin/Cybersecurity Girl on TikTok and Instagram

Learn more about Caitlin’s incredible Masterschool course, Become a Cyber Analyst

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

From Black Hat to Bug Bounties [Pt. 2] with Thomas DeVoss

Thu, 08 Sep 2022 04:00:00 -0500

We’re joined again by the hacker’s hacker, Tommy DeVoss, aka dawgyg. Bug bounty hunter and reformed black hat, Tommy dives back into a great conversation with us about his journey in hacking and his advice to future red team offensive hackers. We cover everything we couldn’t get to from part 1 of our interview, including his struggles with burnout, his past hacking foreign countries on a bold quest to stop terrorism, and his future in Twitch streaming to teach you how to be a better bug bounty hunter.

Timecoded Guide:

[02:57] Fixating on hacking because of the endless possibilities and iterations to learn

[09:54] Giving advice to the next generation of hackers

[17:17] Contacting Tommy and keeping up with him on Twitter

[21:43] Planning a Twitch course to teach hackers about bug bounties using real bugs and real-world examples

[24:57] Hacking in the early 2000s and understanding the freedom Tommy has to talk about any and all illegal hacking he’s done now that he’s gone to prison

Sponsor Links:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

PlexTrac is pleased to offer an exclusivecRed Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!

Do you ever struggle with burnout when it comes to hacking?

Hacking has maintained Tommy’s interest longer than anything else because of the constant changes in technology and the ever-evolving issues in the online world. However, just because hacking is his passion, doesn’t mean that burnout or frustration never happens. Currently, Tommy is taking more of a break with hacking, letting his current day job and his passion for gaming have a front seat. However, he’s still firmly in the industry, passionately developing learning opportunities for future hackers and answering questions from cyber professionals of all backgrounds.

“I do get burned out sometimes…When it comes to bug bounty hunting, I try and make it so it averages out to where I make at least $1,000 an hour for my effort. It doesn't always work. Sometimes I'm more, sometimes I'm less, but I try and get it so it averages out to about that.”

What hacking advice would you give the younger version of yourself?

Although his black hat ways resulted in prison time for Tommy, he doesn’t regret his past and instead seeks to teach others the lessons he’s learned. When we asked Tommy for advice for new hackers, he was clear that success is a longer journey than people assume it is. Tommy’s success was not a fluke, it took years of hands-on learning and patience with failures in order to develop his bug bounty skills. Nothing is actually automatic or easy with hacking, especially as the technology continues to change and evolve. Tommy wants hackers to take every opportunity to try out their skills, even if it's a complete failure.

“Don't expect success overnight. Also, don't let failure discourage you. When it comes to hacking, you're going to fail significantly more than you're going to succeed. And the people that are successful in bug bounties are the ones that don't let those failures discourage them.”

What do you think about the “media obsessed” stereotype many people have about black hat hackers?

Wrapping up today, Tommy tells us that he’d be happy to be back in the Hacker Valley Studio again some time. Although the stereotype of a black hat hacker wanting attention from the media is disproven, Tommy believes that he definitely has craved that media attention for a large majority of his hacking career. Starting in the early 2000s, after 9/11, Tommy had one of his first brushes with fame in an interview with CNN about hacking Middle Eastern companies. Although his hacking and his politics have changed since then, Tommy enjoys having in-depth conversations about hacking and explaining the intricacies of what he does.

“We loved the attention back then, and I still love the attention now, it's nice. The good thing about now is, because I already got in trouble for everything that I've done, I've done my prison time, I don't have anything that I did illegally on the computer anymore that I can't talk about, because I've already paid my debt to society.”

What are the best ways for people to keep up with what you’re doing?

Considering Tommy’s success, it’s understandable that a lot of cyber professionals and amateurs have tons of questions for him. When it comes to getting in contact with Tommy, he recommends tweeting him on Twitter publicly so that he can not only answer your question, but help others with the exact same questions. Education is key, and Tommy is so dedicated to teaching other hackers that he’s currently developing a recurring Twitch stream centered around helping others learn about bug bounty hunting.

“I don't know how successful we're going to be in finding the bugs, but I think it'll be fun to teach people [on Twitch] and do it that way, so that they can actually spend some time learning it. The best way to actually learn this stuff is to actually try and do the hacking.”

-----------

Links:

Stay in touch with Thomas DeVoss on LinkedIn and Twitter.

Check out the Bug Bounty Hunter website.

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter and LinkedIn

Catch up with Chris Cochran on Twitter and LinkedIn

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Reconnecting to Childhood Creativity with Mari Reisberg

Tue, 06 Sep 2022 04:00:00 -0500

Mari Reisberg, therapist, performer, creativity coach, and host of the Sustaining Creativity podcast, brings her many talents to Hacker Valley to help adults unlock their creativity and engage with their inner child. Tackling topics from artistic ruts to technical frameworks, Mari walks through the essentials of reconnecting with creativity and curiosity. Instead of limiting thoughts to the path of least resistance, Mari challenges her clients to get comfortable with the uncomfortable in creativity.

Timecoded Guide:

[00:00] Sustaining creativity & coaching others on becoming curious

[06:35] Defining creativity with new ideas & fresh innovations

[10:07] Climbing out of a creative rut & expanding your comfort zone

[18:47] Unlocking different levels of creativity in everyday life

[23:59] Tapping into creativity and unlocking childhood memories

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution: uptycs.com.

What is creativity, in your opinion?

There isn’t one way to define creativity, Mari explains, but instead a myriad of ways. Each person has their own individual relationship with the concept of creativity, but Mari considers creativity to be tied to the processes of coming up with new ideas and innovating on those ideas. Seeing life through a creative lens means that Mari isn’t afraid to try and fail, because everything she does expands her comfort zone and tests her curiosity.

“Creativity is one of those words where, if you asked 100 people, you’d get 100 different answers. For me, my definition of creativity really is around thinking of novel, new ideas. And then, the second piece of the creative process is that innovation process.”

What advice would you have for someone who is trying to find their way through a creative rut?

The human brain will always choose the path of least resistance. People like to feel safe and comfortable with everything they do, but Mari understands that creativity can only be practiced at the edge of someone’s comfort zone. With one foot in her comfort zone and one foot out of it, Mari has been able to escape her own creative ruts and make active decisions to try the everyday activities in her life with a different perspective.

“If my desire is to create something new, something different, and I'm continuing to do the same things and expecting a new result, it's not going to happen. How could you try something different every day?”

Are there different types of creativity, similar to there being different types of intelligence?

In Mari’s experience, there are two forms of creativity: big C creativity and little c creativity. While little c creativity is an everyday reality, big C creativity is much more performative, curious, and expressive. When someone says they aren’t creative, what they’re thinking of is this second form of creativity. The fact is that anyone can become big C creative, but it requires actively exploring and expanding the skills of creativity.

“The big C creativity is what everyone assumes is creativity; performing arts, creative arts, I'm doing something that I'm sharing with the world. The small c creativity is that every day creativity. It’s something new, something different.”

When it comes to wanting to build our creative muscles, what are some techniques or frameworks that we should be considering?

Creativity is a practice, not a one-and-done deal. Mari explains that building creative muscles comes from repetition of creativity, such as trying something new everyday, challenging ourselves to think of something from an opposite point of view, and even daydreaming. Explore what would happen if something, even one small detail of an event, was different, and never limit yourself to the idea that you’re “just not creative.”

“There’re opportunities to flex that creativity, but it's about continuing to do it. You can’t do it once and expect a miracle. You keep coming back to it, keep practicing, keep having new ways of trying something.”

---------------

Links:

Keep up with Mari Reisberg at SustainingCreativity.com

Check out Mari’s podcast, the Sustaining Creativity podcast

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

From Black Hat to Bug Bounties [Pt. 1] with Tommy DeVoss

Thu, 01 Sep 2022 04:00:00 -0500

We’re joined by million-dollar hacker and bug bounty hunter, Thomas DeVoss, this week as we continue our season-long discussion of offensive cybersecurity legends. A legend in the making with a success story in bug bounty hunting that has to be heard to be believed, Tommy is an incredibly successful blach hat hacker-turned-bug bounty hunter, representing how misunderstood the hacking community can be and how positively impactful bug bounties can be. Who hacks the hackers? Look no further than Tommy DeVoss.

Timecoded Guide:

[02:59] Becoming interested in hacking for the first time

[08:26] Encountering unfriendly visits with the government and the FBI after his hacking skills progressed

[14:20] Seeking his first computer job after prison and leveraging his hacking skills

[25:21] Discussing with Yahoo the possibility of working with them due to his successful bug boundaries

[30:56] Giving honest advice to hackers looking to break into the bug bounty scene

Sponsor Links:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

When did you get into hacking for the first time?

At an early age, Thomas found his passion for hacking in an IRC chat room. Mentored by a man named Lewis and encouraged by fellow friends in the hacking world, popping shells and breaking into US systems using foreign IP addresses. Although Tommy became incredible at his craft from a young age, his early habits became serious black hat issues that ended up getting him in trouble with the US government. Just like the hacker in a big Hollywood blockbuster, the government caught up with Tommy and he faced 2 years in prison in his first sentence.

“Instead of coming back to him and saying, "Hey, I'm done," I came back and I was actually asking him questions like, "Can you explain this?” And he saw that I was like, actually interested in this and I wasn't one of the people that was just expecting it to be handed to me and everything like that.”

After spending time in prison, were there barriers to getting involved in hacking again?

After being in and out of prison a couple times, Tommy found the worst part of coming home to be his ban from touching any sort of device with internet access. Despite it being a part of his probation, his passion for tech continued to bring him back to computers and gaming. After his final stint in prison after being falsely suspected of returning to his black hat ways, the FBI lifted Tommy’s indefinite ban on computer usage and immediately renewed his passion for working in tech.

“They had banned me indefinitely from touching a computer. So, when I came home on probation the first time, they upheld that and I still wasn't allowed to touch computers as part of my probation. For the first month or so, I didn't get on a computer when I came home from prison, but then it didn't take long before I got bored.”

How did your cyber career pivot to bug bounty hunting?

With prison behind him and his ban on computers lifted, Tommy got a job working for a family friend in Richmond, Virginia for a modest salary of $30,000. Although this amount felt like a lot at the time, he quickly realized that there was money to be made in bug bounties. His first few experiments in attempting bug bounty programs had him earning $20,000 or $30,000 for hours of work, a huge increase from the salary he was currently making. Encountering success after success, Thomas quit his job in 2017 to become a full-time bug bounty hunter.

“The first bug bounty program that jumped out at me was Yahoo. I had started hacking Yahoo in the mid 90s, I knew their systems in the 90s and early 2000s better than a lot of their system admins and stuff. And I figured, if there's any company that I should start out with, it should be them.”

What success have you seen since becoming a bug bounty hunter, especially with major corporations like Yahoo?

Thomas has become a huge earner in the cybersecurity community, and has continued to see incredible results from his hacking and bug bounty projects. Most notably, after numerous high earning days, making up to $130K at once, with companies like Yahoo, he’s even been offered positions working with corporations he’s bug bountied for. However, Tommy is quick to point out that his success was definitely not overnight, and warns fellow hackers of getting too confident in their bug bounty abilities without the proper skill sets or amount of experience under their belts.

“I think at this point, I've had days where I've made six-digit income in that single day, at least six or seven times. And it's almost always been from Yahoo.”

-----------

Links:

Stay in touch with Thomas DeVoss on LinkedIn and Twitter.

Check out the Bug Bounty Hunter website.

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter and LinkedIn

Catch up with Chris Cochran on Twitter and LinkedIn

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

The Fabulous Search for a Tech Job with Kyle Elliot

Tue, 30 Aug 2022 04:00:00 -0500

Kyle Elliott, the Founder and Career Coach behind CaffeinatedKyle.com, joins the pod on his quest to transform boring job searches into something fabulous. Kyle specializes in helping job seekers, especially those in technology and cybersecurity, find jobs they love and express the value they bring to potential employers. Need to know the secret to acing your next tech job interview? Look no further than Caffeinated Kyle.

Timecoded Guide:

[00:00] Finding your own definition of fabulous

[06:06] Standing out in a tech job interview

[12:19] Dealing with and learning from job rejection

[16:41] Targeting your dream tech job & telling your career story

[21:33] Breaking into technology the easy way and the hard way

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution: uptycs.com.

From your perspective, what makes someone fabulous?

Being “fabulous” can sound grandiose to most tech practitioners, but Kyle believes that everyone has the potential to be fabulous, especially when they’re forging their career path. There’s a lot of competition amongst large tech companies to find the employees that close skill gaps and stand out from the massive group of hungry job seekers. To be fabulous, one has to know how to stand out and what sets them apart.

“When I think of fabulousness, I think: What sets you apart from other people? I work with job seekers, so I think: What sets you apart from other job seekers or other applicants?”

When you look at standing out in a job interview, what are some of the key components that go into that?

Many job seekers that Kyle works with have the skills, meet the position requirements, show up for the interview, and still struggle with getting a job in tech. While this can happen for a variety of reasons, Kyle explains that a simple mistake job hunters are making is regurgitating their resume without backing up their experience. A strong story about the experiences you had and the value you delivered makes you memorable and explains what you can provide.

“When you're doing this, you want to think in the mind of a hiring manager. How have you added value to the organization? What sets you apart? I didn't just code, I didn't just have cross functional collaboration, here's the value to the organization and what sets me apart.”

How do you coach someone through being able to tell their story in an interview?

Career storytelling skills separate a potential employee from a pack of qualified applicants. However, a lot of technical people aren’t known for their storytelling skills or knack for creativity. Instead, Kyle recommends his clients in tech and cyber practice their storytelling through a more familiar world of spreadsheets. Each spreadsheet helps job seekers break down the value they bring with their skills, so they can tell a story that connects their past experiences to their future position.

“A lot of the people I work with in tech, they're amazing at their job, but they're just not used to practicing storytelling…It feels awkward. It feels different. It feels weird, because that's not something they’re used to.”

From your experience, what have been the easiest and hardest fields in technology to break into?

In Kyle’s opinion, there isn’t one field of the tech industry that’s easier or harder to break into. Instead, breaking into the tech industry relies more on professional experiences, background, and skillset. If the leap to tech feels like too many transitions at once, Kyle recommends slowing down to one transition at a time and building each experience off of one another. Instead of hiding that this may be a new path for you, embrace your past when job searching and explain why a potential employer should hire someone transitioning into the tech world.

“Everyone's like, ‘Kyle, how do I get a job in tech?’ I would start with your background, and I think that's gonna determine what's easiest or hardest for the person. What I always recommend is, try to make the least amount of transitions possible.”

---------------

Links:

Keep up with Kyle Elliott on LinkedIn and the Caffeinated Kyle website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Unlocking Cyber Education with John Hammond

Thu, 25 Aug 2022 12:44:56 -0500

John Hammond, Senior Security Researcher at Huntress Labs and self-described cybersecurity education enthusiast, joins us as we continue our discussion of red team legends. With a focus on content creation this week, John discusses his success with his YouTube channel, his passion for showcasing authentic and accessible educational materials online, and his advice for creating content safely and spreading awareness with not only a red team or blue team mindset, but with a purple team perspective.

Timecode Guide:

[01:37] Understanding the impact of content creators in the cybersecurity community, especially when it comes to YouTube educational content

[06:58] Becoming a successful YouTube creator through consistently posting hacking content and ignoring the stereotype of “overnight success”

[13:28] Combining his role as a cybersecurity educator with his security research at Huntress to explore exploits and have real life experience with what he teaches

[16:47] Focusing on the blue side of the house as someone with red team experience, and understanding how to use a tool like PlexTrac to create a collaborative purple team

[21:13] Being mindful of the impact he has through sharing this knowledge and understanding the risk of cybersecurity educational materials falling into “the wrong hands”

Sponsor Links:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

What is your origin story for wanting to educate other hackers?

Like many of us, John started his journey Googling how to become a hacker. As he gained more knowledge about the specific skills involved in hacking, John never left the internet behind, always seeking out videos and articles explaining new and emerging content. Inspired by those who created that content in the first place, he started his own YouTube channel, simply titled John Hammond, as has spent years cultivating a consistent hacker audience.

“Along the way, creating content and helping educate others through YouTube is really my main stage platform and has been just a passion project, a labor of love, and something fun along the way.”

What feelings do you get looking back on the YouTube content you’ve created so far?

John prioritizes clarity, transparency, and honesty in what he does, and he’s not afraid to show some humbleness, too. Overall, John is thankful for his YouTube success and the impact it had on the cybersecurity community. No matter what he’s showing in his videos, he prefers to keep things honest, to show where he’s made mistakes, and to accept criticism and advice from other hackers and offensive cybersecurity professionals that see his work.

“I'm showcasing just my computer screen, maybe you get a little face cam and a circle on the bottom right, but it's like you're looking over my shoulder. You're seeing me showcase something raw, live, genuine, and authentic…It’s not all sexy, there’s a lot of failure in hacking.”

Have you ever considered focusing on the blue team or the defensive side of cybersecurity?

The majority of John's YouTube content and the work he does in his role at Huntress Labs heavily involves the red team and offensive side of cyber. However, John is a huge advocate for the blue team and the red team collaborating and communicating better. Through making more concepts in cybersecurity accessible through educational content like John’s own videos, he hopes we can continue to bridge the gap and achieve that perfectly mixed purple team.

“We're all playing in concert. As one team sharpens their skills in the red team pen test, then it's up to the blue team to figure that out. What did they do? How can we better detect it? How can we stop and mitigate that security threat?”

What advice do you have for red team content creators that want to share content and spread awareness safely?

With the impact that he’s had and the content he’s put out onto the internet, John is no stranger to seeing the negative side of cybersecurity knowledge being more accessible than ever before.

Still, he wants to make sure content creators understand the value of transparency and honesty in what they do. Instead of fearing what could be, cultivate a community around making this level of knowledge and security available to everyone.

“Share, be transparent, be forthcoming. I know there are a lot of conversations about gatekeeping in cybersecurity, but there shouldn't be that. I understand there's grit and determination and hard work to do all the things that you're doing, but be friendly and be transparent and honest.”

----------

Links:

Check out our guest, John Hammond, on YouTube and LinkedIn.

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter and LinkedIn.

Catch up with Chris Cochran on Twitter and LinkedIn.

Continue the conversation by joining our Discord.

A Solopreneur’s First Imperfect Step with Claire Gallagher

Tue, 23 Aug 2022 04:00:00 -0500

Claire Gallagher, Designer and Solopreneur Strategist, comes to Hacker Valley to break down branding, visibility, and choosing solopreneurship over business ownership. Combining the terms solo and entrepreneur, solopreneurs are a different breed of business owner, and Claire has made it her mission to help them not make the same business mistakes she once made. Claire walks through the essentials of how her business caters to individuals looking to go it alone and how to make an impact while staying small.

Timecoded Guide:

[00:00] Introducing the concept of solopreneurship

[04:32] Shifting to business strategy to better serve a client base

[09:19] Deciding alone as a solo entrepreneur

[16:40] Pricing your work and validating your professional value

[24:46] Making peace with looking silly as a business owner

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution: uptycs.com.

Why did you choose to go down a path of catering to solopreneurs, versus working with enterprises or small and medium businesses?

Claire has dabbled in building teams and working in larger businesses in the past, but her calling has always brought her back to a company of one. For solopreneurs, Claire explains, it’s not that they cannot afford hiring employees or scaling their business. Instead, a solopreneur’s focus is on the balance between work and life, along with the power and experience to make their own decisions about their business.

“I'm a loud introvert. I could talk all day, but essentially, I'm kind of introverted in secret. Generally, I like to work alone, to get into a creative flow, to not have anybody to answer to. This company of one, this solopreneurship, it suits my energy and my temperament.”

What are some of the pros and cons of going it alone as a solopreneur and keeping your business small?

There are pros and cons in business, no matter the size. Claire’s strongest pro for becoming a solo entrepreneur has been her ability to pivot without impacting anyone but herself. Pivoting towards strategy was a hard decision, but it was so much easier to make on her own. Unfortunately, making decisions on one’s own can also be a con of solopreneurship. Claire has seen clients have a lack of accountability in sticking with their decisions when they don’t have anyone working with them.

“That's a pro, I was able to pivot without having to hire people, sack people, and really invest heavily in changing everything. That's a real plus, I could just pivot like that and it was a decision that I made, and I was responsible for it.”

At what point would you recommend a solopreneur, or content creator, to reach out to someone like you so they could shine in this digital world?

Although solo entrepreneurs thrive in business on their own, it’s important to never go it alone. Claire advises that early stage solopreneurs consider the community around them and build their business with a healthy curiosity in books, online resources, and virtual communities of fellow entrepreneurs. As they progress through their business, Claire also recommends connecting with a coach or strategist, like herself, to go further faster and avoid careless mistakes.

“Solopreneurs think, ‘I'm smart, I can figure this out.’ Yes, you can, but to go further faster, I think you need to work with a mentor or a coach or strategist. You're always going to get further faster by finding somebody who understands what you're trying to achieve.”

What are some of the tenants that you teach people about coming across as authentically as possible?

Branding is a vital element of content creation and business ownership. However, the current world craves branding that comes across as authentic. Claire explains that authenticity comes from a willingness to make mistakes and put yourself out there, even if it feels or looks silly the first time. If a solopreneur is honestly trying to deliver value, that will show through any first-time awkwardness or silliness and still feel authentic to potential clients.

“Starting before you feel ready is really the only way that you can start because you can't know everything until you've tried some stuff. Showing up and making mistakes and maybe seeming a little bit foolish at the start, take it. That's what's gonna happen.”

---------------

Links:

Keep up with Claire Gallagher on LinkedIn and at ClaireCreative.com

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Purposeful Communication Through PlexTrac with Dan DeCloss

Thu, 18 Aug 2022 10:40:53 -0500

We’re joined by sponsor and guest Dan DeCloss, CEO and Founder of PlexTrac, on the podcast today to talk about communication and collaboration between the red and blue side of cybersecurity and why security success depends on those two sides working together. On their mission to build stronger, more productive, and well-rounded security teams, PlexTrac provides incredible and insightful metric and messaging tools that change the game for the cybersecurity industry.

Timecoded Guide:

[05:36] Understanding PlexTrac’s history and mission for cybersecurity teams

[09:58] Lack of empathy and understanding in red team and blue team communication

[18:48] Breaking through the resentment and confusion within a team

[24:45] Envisioning the future of PlexTrac’s community impact

[27:52] Caring about your cybersecurity mission beyond yourself

Sponsors:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

PlexTrac is pleased to offer an exclusive Red Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!

What is the function of PlexTrac that would help you the most as a pen tester?

With prior hands-on experience on the red side, Dan found his journey to creating PlexTrac to be full of moments where he wanted to fix the same problems he encountered over and over with reporting and communicating. One of these problems was solved easily with the addition of a video feature, a simple function that has existed since PlexTrac first began but is instrumental and is a huge time-saver for visual learners.

“As a pen tester, I hated finding that I had 20-odd screenshots if it's a pretty complex exploit. I think the adage for us is like, if a picture's worth 1,000 words, then a video is worth 1,000 pictures, right?”

What do you think are some of the gaps in skills that organizations face when hiring these professionals to perform offensive operations?

Communication is key— not just in life, but in this episode. While we’ve discussed skills gaps previously in cybersecurity, Dan is quick to point out that a consistent gap he sees in all areas of cybersecurity is effective communication. PlexTrac keeps this struggle to communicate in mind and creates easy, simple pathways and functions that encourage communication and facilitate collaborative problem solving.

“If there's one area that I really emphasize with anybody that I'm mentoring or have hired in the past is, as a security person, whether you're red or blue, you really do need to be a good communicator and be able to communicate risk effectively within the right context.”

What would you want to say to those folks that don't see eye-to-eye from the red or the blue side?

We’re fighting the same fight, no matter if we’re on the red side or the blue side of cybersecurity. Dan’s message for our warring red and blue teams throughout the industry is to understand the importance of your mission and to not let relationships between red and blue feel clouded with misunderstanding or resentment. No one’s job is harder than anyone else’s, and each role on offensive and defensive plays a part in our collective victory.

“I'm gonna just be point blank about it…Are you trying to just prove a point about your knowledge and your skills? Or, are you actually trying to make the world a safer place?”

What would you want to say to all those folks out there [in cybersecurity]?

As PlexTrac aims to make a huge impact on our community, Dan and his team acknowledge a need for a unified, focused, and collaborative cybersecurity industry, with hard workers on both the red and blue sides. With PlexTrac’s assistance in making reports, measurable results, and communication that much easier, our team at Hacker Valley is thankful to be a part of PlexTrac’s amazing network and can’t wait to share more tools like this with all of you.

“I think keep fighting the good fight, for both sides, and recognizing that your mission is vital to the safety and security of your organization and the world at large, right? We are all in this battle together.”

----------

Links:

Spend some time with our guest, Dan DeCloss, on LinkedIn, and the PlexTrac website

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter and LinkedIn

Catch up with Chris Cochran on Twitter and LinkedIn

Confident Communication through Storytelling with Anne Ricketts

Tue, 16 Aug 2022 04:00:00 -0500

Anne Ricketts, Founder & Principal of Lighthouse Communications, brings her techniques for public speaking and presenting to the show to help Chris and Ron unpack unhelpful mindsets around storytelling and unhealthy speaking habits. Covering the basics from filler words to hand gestures, eye contact to working the camera, Anne explains the role storytelling plays in the way people communicate at the office, out in public in their free time, virtually on Zoom, and even onstage at events like TEDx.

Timecoded Guide:

[00:00] Why Anne became a communication coach

[05:16] How COVID impacted public speaking and presentations

[12:57] Why you shouldn’t stop hand gesturing

[18:38] How to stop saying “um”, “like,” “so,” and other filler words

[22:45] What makes storytelling an essential career communication tool

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life!

Complexity is increasing and manual asset inventory approaches no longer cut it. That's where Axonius comes in. Take control of security complexities by uncovering gaps in your organization. Sign up for a free walk through of the platform at axonius.com/get-a-tour

AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

Why was communication coaching your chosen profession?

Anne wasn’t always a communication coach, but she’s always been passionate about helping others speak. In fact, prior to 2013, Anne taught English as a second language to a variety of people, first in Italy, then in San Francisco. When Anne founded Lighthouse Communications, her goal was to help everyone, English speaking or not, communicate efficiently and confidently. Speaking skills and storytelling talent can open up a world of opportunities for anyone, and Anne is excited that she can help others unlock their potential everyday.

“I really like helping people because there's so many small things you can do to look more confident, like the way you stand or projecting your voice. If you look more confident, you start to feel more confident.”

In the past two years, because of the pandemic, what have been the ways that you've seen communication coaching change?

With so few events and courses happening in-person, Anne had to shift her mindset around coaching and her advice she gives to clients. Virtual presentation unlocked a new world of communication, but comes with new rules and a learning curve. Thankfully, Anne has learned to love the world of virtual and believes that when professionals give their all to connecting with their audience, amazing communication can still occur, even from long distances away.

“Normally, when teaching a class, you can see if someone's struggling or confused, you can walk over and connect with them. Everything was happening so fast in the Zoom room, I personally felt like I started from scratch.”

How could someone who isn't the biggest fan of small talk reset and reframe small talk in a way that's valuable for them?

Networking and communicating can feel like a chore, especially when small talk is involved. Anne believes that small talk, as awkward and boring as it may be, allows professionals an amazing opportunity to practice connecting with others on a small scale and hone their listening and storytelling skills. Ask curious questions to connect with others during small talk moments, and don’t fear the occasional awkwardness that comes with meeting someone new.

“If you want to be good at small talk, it's just being curious. Asking questions like, ‘Hey, what's that in your background?,’ or in person, ‘Tell me more about yourself. Oh, interesting. Where did you go to school?’ Asking specific follow up questions and just being curious.”

What advice would you have for anyone that has impactful details to share, but doesn't really know how to make it into a story?

Storytelling is one of the most valuable skills a professional can learn, according to Anne. Stories allow us an opportunity to connect with others emotionally and mentally, and can even inspire someone to action with the power of simple words. Anne’s biggest advice around the art of storytelling is to practice. Listen to the stories others tell, build your experiences around a framework that feels personally right to you, and practice, practice, practice.

“What makes for a good story is tension, emotion. We want to know what was going through your head during that security hack, what was the reaction, what was at stake, and that's not necessarily, on an everyday basis, how we're trained to speak at work.”

---------------

Links:

Keep up with Anne Ricketts on LinkedIn

Check out Lighthouse Communications on LinkedIn and their website

https://www.youtube.com/watch?v=xDI32BRr2pY

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Representation Without Technicalities with Mari Galloway

Thu, 11 Aug 2022 08:09:21 -0500

We’re breaking down the concept of difference makers this week, and we couldn’t help but call upon Mari Galloway, CEO of Women’s Society of Cyberjutsu, to be our guest during this conversation. As a black woman in cybersecurity who has dedicated a large portion of her career to helping women and girls become a part of the cyber community on both the technical and non-technical sides, Mari is a stunning example of making a difference and creating a path to expand cybersecurity beyond stereotypes.

Timecoded Guide:

[01:29] Defining the difference makers and explaining the OODA loop

[13:52] Introducing Mari and the Women’s Society of Cyberjutsu

[20:14] Finding her purpose in helping others find their purpose

[25:06] Explaining the roles and paths available outside of strictly technical

[30:31] Understanding imposter syndrome and forging a freedom-based career journey

Sponsor Links:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

What is that like to see people go from taking that original red pill all the way through starting their career in cybersecurity?

When we talk about making a difference, many of us don’t get to see our impact as clearly as the Women’s Society of Cyberjutsu sometimes gets to see. Mari tells us numerous stories of women throughout this episode, including herself, who became a part of this industry because of the instrumental work they do in outreach and education. For Mari, seeing women change their minds and majors to become a part of the tech industry shows how vital this work is.

“These are the moments we're waiting for, whether it's one person or 50 million people. We want you to feel confident enough to get the skills you need, get in the industry, continue to refine those skills, and be super successful.”

What would you equate your purpose to, and how does everything you do fit into it?

Like many of us, Mari isn’t entirely sure what her purpose is, but she knows that she enjoys helping the next generation and making a difference in the landscape of cybersecurity. Working with a nonprofit is not an easy job, even if it is rewarding, and Mari still prioritizes her freedom alongside meeting her purpose. No matter what Mari’s future holds, she knows that this work and this purpose to help others will always find her.

“I think as I get older, as I start to take steps back to just kind of look at what's happened and the impact that I'm having and others around me are having on the next generation of folks coming up, I think my purpose is to help people. It's to help other people see their potential.”

How do you feel like creating that safe environment has affected others?

Helping others find their footing in the cybersecurity industry can be extremely rewarding, especially when Mari found herself in a situation of uncertainty when she first joined the Cyberjutsu Tribe. The community of cybersecurity and the stereotypes around hackers can feel incredibly uninviting from the outside. Offering people, especially women and young girls, an opportunity to step into a safe space where they can ask anything has been huge for Mari.

“We call it our Cyberjutsu Tribe, and we want to make sure that anybody that comes to us feels like they can reach out and touch us and ask us questions and get answers and just have a conversation with us.”

How do we invite more people in and let them know that there are opportunities in cyber outside of technical roles?

Whether you’re hacking, selling, managing, or marketing, there is a space for you in the cybersecurity world. You don’t have to code or to be extremely technical to fit in this industry anymore, and you don’t have to have a certain look. The Women’s Society of Cyberjutsu prioritizes educating people on every role involved in the industry and showing them that they don’t have to be a tech wizard or a computer guru to find a satisfying and profitable position.

“You don't have to look like this to be a hacker. You can look like me…That stereotype, I think, is dying, as we see the number of women coming in and men coming into the space that don't look like that anymore.”

Links:

Spend some time with our guest, Mari Galloway, on LinkedIn, Twitter, her website , and the Women’s Society of Cyberjutsu website.

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter.

Catch up with Chris Cochan on Twitter.

Security Team Operating Systems with Christian Hyatt

Tue, 09 Aug 2022 04:00:00 -0500

Christian Hyatt, CEO & Co-Founder of risk3sixty, knows the secret to building a strong cybersecurity team, and he calls it: Security Team Operating Systems. Walking through his entrepreneurial journey from inspiration as a young child to discovering his interest in the new phenomenon of cyber to co-founding risk3sixty, Christian covers every aspect of intelligent leading and team building. Ready to take your team to the next level? Christian knows 5 key elements you won’t want to miss.

Timecoded Guide:

[00:00] Tackling cybersecurity as a business owner in an emerging industry

[07:04] Building better teams with an emphasis on core values

[14:16] Noticing the potential of decentralized technology and data

[18:51] Stepping away from hands-on technician work to be the boss

[22:37] Leading healthy teams through missions, KPIs, and meeting cadences

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life!

Want to learn more about how Mindbody enhanced their asset visibility and increased their cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody

AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

Where did the journey of wanting to be a cybersecurity and privacy business owner begin for you?

While many guests on Hacker Valley take the journey from technician to eventual business founder, Christian felt the urge to become an entrepreneur from a young age. Watching his father and grandfather run their own businesses, Christian understood the responsibilities of taking this journey and wanted to make an impact in an industry that was blossoming with potential. Cybersecurity came into Christian’s life later, when he was employed at a consulting industry, but he saw the potential for growth immediately and wanted to be a part of it.

“Along the way, what I learned about myself is I really love building teams. When we built risk3sixty, we were really culture-oriented, even from the early days. We were thinking about scaling the business, career plans, coaching plans, culture kind of stuff.”

What are some of the lessons you’ve learned in the process of building your team at risk3sixty?

Christian cites the books Traction by Gino Wickman and Scaling Up by Verne Harnish as two of his biggest inspirations and influences for team building early on in his entrepreneurial journey. Both of these authors heavily focus on the people element of professional teams, and Christian has implemented that same approach when forming cybersecurity and privacy teams at risk3sixty. The right people in the right positions will make or break a company, which is why risk3sixty has training and apprenticeship programs in place to build a strong foundation of skills with people who are passionate about learning and growing with the company.

“It turns out, if you get the right people in the door, you invest in them, you coach with them, you develop relationships, they're going to serve your clients like no one else is going to do it. They're gonna be part of that mission, they're gonna want to serve, and you do great work.”

Now that you aren’t as hands-on with security assessments as a CEO, what have you learned from the bigger picture, macro-perspective role you have now?

Many cybersecurity technicians feel understandably cautious about taking over C-level positions because of the lack of hands-on technical assessment work. However, for Christian, he’s enjoyed gaining a different perspective on the industry and learning the “why” behind the “what” as CEO of risk3sixty. As CEO, Christian is able to better understand overarching trends and changes in the security assessments his company performs and has the opportunity to talk directly with security executives about opportunities for growth and investment.

“You can walk into an organization and if they don't have a strong leader at the helm, they don't have a security team operating system, they're a little bit dysfunctional, I know already that I'm going to see some problems in there.”

What are the most important characteristics that you're finding for folks that are leading really healthy cybersecurity teams?

Security team operating systems are made up of the non-technical skills and characteristics that make a team effective. When Christian’s team at risk3sixty needed to hone in on these specific elements, they narrowed it down to 5. Teams need to have a (1) defined purpose and mission to go after and a (2) core set of values to not only guide them through their work, but also understand their (3) set of expected behaviors and standards. There also have to be (4) consistent meeting cadences in place and (5) a solid, standard process of goal setting, KPIs, and score carding.

“A great team defines their purpose and mission. Usually, that’s aligned with a business objective. It might be about protecting data, it might be about customer trust, whatever it is that makes sense for that business, they've set a mission that that team can rally around.”

---------------

Links:

Keep up with Christian Hyatt on LinkedIn

Check out risk3sixty on LinkedIn and the risk3sixty website.

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Learning from Cybersecurity Legends with Davin Jackson

Thu, 04 Aug 2022 11:11:13 -0500

Those on the red team may not be household names to the everyday person, but they are absolutely legends and icons in the world of cybersecurity and hacking. While we have our personal favorite hackers between the two of us, we also invite our guest, Davin Jackson, to share his favorite cybersecurity legends and the lessons he’s learned from them.

Timecode Guide:

[00:50] The importance of red teaming, especially during this season

[02:17] Ron and Chris’ first experience working in a red team environment

[11:23] Communication and collaboration between blue and red

[16:53] Knowledge gained from Davin Jackson’s humble beginnings in tech

[22:19] Gaining the blue perspective with Hacker Valley Blue

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

_____________

Legends, Icons, Teachers, and Friends

From Marcus Carey to Johnny Long, we’re excited to share the legends that had an early influence and lasting impact on our careers in cybersecurity. While our two backgrounds in red teaming are different, we can attribute so much of our success and our ability to share our knowledge with all of you to the experts that were willing to invite us to join and learn the best hacking techniques alongside them.

“I think that's the most important thing in red teaming, it’s passing that knowledge on to someone else.” - Chris Cochran

Communication, collaboration, and community instead of red vs blue

It is not two teams with two separate fights when we’re talking about red teams and blue teams. Often, when cybersecurity is too focused on this split between offensive and defensive, we forget to collaborate and fall short of improving on issues we discovered. Communication between red and blue can be a costly struggle, which is why we’re happy to see our sponsor PlexTrac stepping in to develop communication technology for these teams.

“There's this push and pull of collaboration. On one hand, you want the red team to work autonomously…but on the other hand, they do need insight if you’re going to go deeper and deeper.” - Ron Eddings

Legends met, lessons learned, tech loneliness understood

In the latter half of our episode, we’re joined by Hacker Valley Blue host Davin Jackson, also known as DJax Alpha. Davin started his cybersecurity journey with no computer of his own. Working his way up from basic tech jobs at corporations like Circuit City, lessons Davin learned from the legends he looked up to include finding a mentor, focusing on networking (even when it

feels like a dead end), and being always willing to share what you’ve learned.

“It’s about consistency, and you have to have self control and discipline…It’s one thing to get it, but it’s another to maintain that success.” - Davin

----------

Spend some time with our guest, Davin Jackson (DJax Alpha/Alpha Cyber Security) on his website, Twitter, Instagram, Facebook, and weekly on the Hacker Valley Blue podcast.

Follow Ron Eddings on Twitter and LinkedIn

Catch up with Chris Cochan on Twitter and LinkedIn

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Finding the Right IT Teacher with Kevin Apolinario

Tue, 02 Aug 2022 04:00:00 -0500

Kevin Apolinario, better known as Kevtech IT Support on Youtube, brings his teaching skills to Hacker Valley to talk about the barriers to entry in IT. Disheartened by the lack of good advice given to him as he entered the tech world, Kev breaks down programs and concepts, such as helpdesk, for IT practitioners that may not have access to expensive equipment or formal education. Anyone can learn IT, and it’s Kev’s mission to help everyone find the method and the teacher that helps them learn the best.

Timecoded Guide:

[00:00] Forming Kevtech IT Support to give the right IT advice

[07:21] Helpdesk success through customer service skills

[11:49] Printers on VPNs and other major IT troubleshooting lessons

[15:56] Customizing teaching and learning experiences for each IT practitioner

[19:54] Better IT and cyber online communities through shared passion

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life!

Want to learn more about how Mindbody enhanced their asset visibility and increased their cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody

AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

What was your inspiration to start teaching as Kevtech IT Support?

Kev hardly had a traditional journey into IT, instead having jobs in the restaurant industry and law enforcement before even considering entering the tech world. When Kev became a Field Technician for the Department of Education and began learning the ropes of IT, he realized there weren’t resources available for someone of his background to learn simple concepts or master common technical programs. After dealing with the frustrations of education gaps and unreliable advice, Kev decided to be the person for new IT technicians to learn from.

“My journey was rough, because I didn't have anyone guiding me, I didn't have anyone telling me what certs to get. I didn't have anyone telling me the tips and tricks for starting in IT.”

Was it intentional to interweave your name and brand and have them be synonymous?

Hacker Valley feels synonymous with Chris and Ron’s branding for themselves, and Kev maintains a similar element of that with Kevtech IT Support, especially considering he weaves his name directly into his branding. For Kev, this was an entirely purposeful decision, born out of his own desire to be known as Kev, the helpdesk IT guru on YouTube. Building a brand with authenticity about who he is personally and professionally shows other IT professionals that their work or education experiences don’t have to be separate from who they really are.

“That was on purpose for me because I always wanted to be known as the helpdesk guru of IT. Someone that does IT superbly and helps everyone…I wanted to actually show people real-life experiences.”

How would you go about having a tough conversation with somebody whose passion isn’t in IT or cyber?

Some people are just in it for the money, whether that “it” is IT or cybersecurity. Considering the spotlight being placed on cyber labor shortages and tech skills gaps, many professionals have considered joining the field without the passion to support their new job shift. Although Kev believes everyone should be welcome to learn about IT, he understands that there’s a cause of concern in making IT all about the money. The industry needs passionate individuals, Kev explains, and the desire to learn needs to be present when you take that next step into IT.

“I'm sorry, but this field is not for everyone. If you're going to work helpdesk, or IT support, you need to know how to deal with customer service, you need to know how to deal with people.”

What piece of advice would you have for cyber or IT professionals looking to level up their community?

From Kev’s perspective, gatekeeping isn’t just mean, it’s legitimately harmful to the IT community. IT professionals can’t level up without leaders willing to step up and teach their knowledge. Hiding IT tips or tricks doesn’t save careers, it only succeeds in hurting other IT practitioners and negatively impacting customers relying on that expertise. Kev advocates for increasing transparency within the IT and cyber communities, and explains that gaining knowledge should be valued more than capital gains by practitioners and professionals.

“I believe in helping the community, I believe in sharing your knowledge. So, the more engaged you get with the community, the better it is for everyone.”

---------------

Links:

Keep up with Kevin Apolinario on LinkedIn

Check out Kevtech IT Support on YouTube and Discord

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Making Hacking Accessible with Deviant Ollam

Thu, 28 Jul 2022 04:00:00 -0500

In this season of Hacker Valley Red, we focus on cybersecurity legends in offensive operations with a legend in the physical pen testing and lockpicking: Deviant Ollam. As a pioneer in our industry and an author of two incredible books about lockpicking, Deviant shares his history from hobbyist to professional and all that he’s learned along the way about making the secrets of the hacking world accessible to all.

Timecoded Guide:

[01:28] Defining the pioneers in cybersecurity

[08:47] Deviant’s first explorations in lockpicking

[16:03] Accessing and democratizing hacking secrets

[18:58] Becoming an author to transfer his knowledge

[23:12] Seeing the past, present, and future of hacking

Sponsor Links:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

----------------

What does it mean to be a pioneer in cybersecurity?

As our season focuses on legends, it’s important that we explain what makes these individuals such a vital part of our community. In the case of this episode, we explain that our guest Deviant is nothing short of a pioneer. Deviant has been willing to take on new challenges and revolutionize the industry throughout his career, influencing hundreds of individuals and leaving a lasting educational impact on the entire industry.

“That ‘zero to one’ part can be the hardest part of any progression in any field, but especially in cybersecurity.” — Chris

When you reflect on changing this whole industry, how does that make you feel?

Despite our guest’s legendary reputation, Deviant is humble about his achievements, caring more about how his work has impacted others than himself. What he focuses most on in his teaching, presentations, and writing is making lockpicking and penetration testing accessible and understandable. Instead of harboring secrets and perpetuating exclusionary policies, Deviant wants anyone to be able to master these skills and understand this knowledge.

“I’m not the first one who ever did this. What I like to think of my contributions is that they have chiefly been making it accessible and democratizing this knowledge.” — Deviant

Do you think it's harder today to stand out than it was a couple decades ago?

For Deviant, our globalized internet and algorithm-focus social media sites are both a blessing and a curse. While knowledge can be found on every corner of the web and anyone can become familiar with information that was once borderline inaccessible, Deviant also recognizes that younger hackers and lockpickers will have a very different rise to success than he did years ago, especially due to fragmented audiences and tricky algorithms.

“We have more avenues to put yourself on display, to put yourself out there than ever before, but that means the audience is fragmented and is spread so thin.” — Deviant

What piece of advice would you have for the folks that want to make an impact in security and technology and in our community today?

Although success will look different for newer members of our cybersecurity community, Deviant is confident that the younger innovative minds of the future will be able to solve so many of the long-standing problems within our industry. However, he reminds our younger audience that they need to still respect the tenured members of the cybersecurity world and to learn from them without oversimplifying the issues past professionals have faced.

“Start thinking about it in a way that doesn’t use ‘just,’ because every old head in the industry has heard that….We couldn’t ‘just’ do it, or we would’ve ‘just’ done it.” - Deviant

------

LINKS:

Spend some time with our guest, Deviant Ollam, on his website, Twitter, Instagram, and Youtube channel.

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter.

Catch up with Chris Cochan on Twitter.

Cyber Espionage & Entrepreneurship with Karim Hijazi

Tue, 26 Jul 2022 04:00:00 -0500

Karim Hijazi, Founder & CEO at Prevailion and host of the Introverted Iconoclast podcast, comes to Hacker Valley Studio to discuss his varied experiences in entrepreneurship. With a humble start in bartending, Karim explains how learning about people inspired his exploration into counterespionage and cybersecurity. Armed with stories from the streets of NYC to the hallways of his own companies, this episode is a look into the mind of a successful entrepreneur and founder of 2 incredible businesses.

Timecoded Guide:

[00:00] Bartending in NYC and its overlap with espionage and entrepreneurship

[07:14] Real-life knowledge application in cyber intelligence

[12:15] Founding Unveillance and being acquired by Mandiant

[18:22] Karim’s entrepreneurial mindset and his journey with Prevailion

[24:51] DIY podcasting with Introverted Iconoclast and learning to tell his stories

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life!

Want to learn more about how Mindbody enhanced their asset visibility and increased their cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody
AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

How do your experiences in bartending and espionage overlap?

The jobs taken as a means to an end just might teach something invaluable. This was the case for Karim, who took a job bartending to make ends meet while he figured out what he wanted to do with his future. At the time, cybersecurity and counterespionage weren’t on Karim’s radar, but bartending taught him about people; how they act when they want something and how to connect with them even in the busiest and most public places. Learning this changed the game for Karim when he got into the espionage world and assisted him even more so when he became an entrepreneur in the industry.

“It's just learning the way to slowly gain a confidence level with someone. It's actually where the word "con man" comes from, confidence man. Ultimately, that is how you get the information you need.”

What are the different aspects that organizations or individuals look at with counterintelligence?

At Karim’s own firm, the shift from competitive intelligence to counterintelligence focused around three security aspects. One, identifying weak spots and vulnerabilities, noticing your points of exploitations and vectors of attack. Two, taking advantage of disinformation, using it to root out moles within an organization and throw off cyber adversaries. Finally, three, finding out where your information is going and noticing where there is weaker security than your own. Karim emphasizes that in this third aspect, it is not so much about an organization’s strategy when the information is still at home. It’s harder to secure information once it goes elsewhere.

“A controlled rumor within an organization can do several things. It can weed out a mole that you may have, a spy within your organization that maybe you don't know about, that's been able to be hired and gotten through the background checks and whatnot.”

When you look back to starting your journey as an entrepreneur, what are some of the wrong assumptions you made early on?

Karim, like many entrepreneurs, was under the impression when he founded his first company, Unveillance, that he should be seeking to hire, not to do anything himself. While hiring is an important part of being a business owner, Karim has realized that it's better to learn how every piece of the machine of a company works before hiring. Trying things out for himself and taking a chance on his own abilities hasn’t been easy, but it’s made him a better leader for his employees. If they drop the ball or need his assistance, he’s able to lead from a place of understanding and call the shots with his own vision in mind and his own knowledge to back him up.

“As a CEO, it's almost imperative for you to go and try it all, even if you fumble through it and you get by with something that is subpar. It's better to have tried it and understand it, so now you know how to call the shots a little better.”

What prompted you to start your podcast, Introverted Iconoclast?

Ironically enough, Karim’s podcast was a do-it-yourself project born out of having an employee drop the ball on creating it for him. Relying on himself and struggling his way through the beginning, Karim realized that podcasting is not just about the equipment and the idea behind it, it’s about the stories being told. Focusing on the lead up and context around some of his own career stories and professional highlights, Karim was able to discover the rhythm for his podcast and build a solid foundation of content that opened up doors for new topics to be addressed and new guests to welcome onto his show.

“It's very cathartic for me. Speaking the stories out loud, rather than just sort of regaling people over a dinner or thinking back on them nostalgically, is extremely interesting because you remember things you don't remember when you're casually talking about them.”

---------------

Links:

Keep up with Karim Hijazi on LinkedIn and Twitter

Check out Prevailion on their website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Where Cyber Meets Content Creation with Henri Davis

Tue, 19 Jul 2022 04:00:00 -0500

Henri Davis, CEO of TechTual Consulting & host of the TechTual Talk Podcast, comes to Hacker Valley this week to talk about his history with cybersecurity incident response and the content he currently creates with the TechTual Chatter Youtube channel. From interview tips, passion vs creativity, the intersection of cybersecurity and content creation, Henri walks through the path his career has taken him on, as well as imparts advice on those looking to follow a similar journey.

Timecoded Guide:

[00:00] Explaining incident response’s role in cyber

[07:15] Henri’s journey from incident response to TechTual CEO

[14:04] TechTual Consulting’s content about interviews & breaking into cybersecurity

[23:43] Marrying passions together within your career path

[29:54] Career path advice, cybersecurity vs content creation

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life!

Want to learn more about how Mindbody enhanced their asset visibility and increased their cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody

AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

If you could explain it to someone who has never been in a cybersecurity incident before, what is it like from the beginning of the incident through to closure?

While the majority of Henri’s work revolves currently on content creation, Henri’s background in cyber has extensive involvement in incident response. Incident response, although vital for today’s cyber industry, is sometimes misunderstood, even by cybersecurity practitioners. Henri explains that incident response is something you don’t see the usefulness of until you do it, and that attempting to work through an incident can feel like dealing with a car crash; you always have a risk of something like this happening, and it matters how you prepare for it.

“An incident is like a car wreck. A wreck is something that you have a potential risk for, but you drive with insurance hoping that if it does happen, you know what to do. And even though it happens, you're still not prepared for the actual wreck.”

How are you hoping to help people, especially those breaking into cybersecurity, with TechTual’s content?

Henri’s focus on TechTual has given him an outlet for content creation and he hopes to use that platform to consistently help others. With the pandemic creating many jobless and job searching people, Henri saw an opportunity to focus on cybersecurity and IT content and assist outsiders looking to transition into the cyber industry. From tips about interviews to assistance with resumes, Henri often covers the basics with the mission to empower others, no matter their background, to embrace the ever-expanding industry.

“My goal is to say it's okay. Everyone has a starting place, everyone has to start from somewhere. Just build your skill set up and eventually, you won't even have to have your LinkedIn profile open for work.”

When you find something that you're passionate about, and then you find another thing that you're passionate about, how do you marry those two together?

A marriage between passion is definitely possible, especially when looking at someone like Henri, who combines his love of content creation with his experience in cybersecurity and his passion for helping others. However, Henri is realistic in explaining that there’s a give and a take to the decisions made around your career path and how passions impact that. Henri recommends choosing a career path not just centered around passion, but instead focused on providing for yourself and your family. When your needs are fulfilled with your job, your passions and hobbies can grow and turn into legitimate projects in your life.

“If I was just by myself, I could just bet on myself, I always bet on myself. When you have that family aspect to it, you have to kind of weigh your options and see when the time is going to be right, and how you can do that.”

What is that one piece of advice that you would have for somebody that's looking to take one path in their career journey, but they have many paths before them?

During episodes of TechTual Talk and TechTual Chatter, Henri focuses heavily on career advice, especially when it comes to making the right decisions in your career journey and behaving professionally during the interview and job search processes. When asked about advice he would give, Henri explains that prioritizing logical paths and being honest in the work you do will always have a positive impact on job prospects. For example, lying in the interview process can lead to long term dissatisfaction between employee and employer, and building a career without a logical path is never a strong foundation for anyone’s future.

“What is the most logical path for you right now? Which one is the lowest barrier to entry for you? What's going to take care of you, or whatever your situation is? Try to do that first, and then reserve time for your passion.”

---------------

Links:

Keep up with Henri Davis on LinkedIn and the TechTual Consulting Website.

Check out Henri’s podcast, TechTual Talk, and his Youtube Channel, TechTual Chatter.

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Financial Independence & Freedom with Eddie Thomason

Tue, 12 Jul 2022 04:00:00 -0500

Eddie Thomason, bestselling author, speaker, consultant, and creator of the Simply Secure podcast, comes to Hacker Valley Studio to discuss financial independence, the freedom of a healthy work-life balance, and habits that have helped him succeed. As a father of two with a full-time job and a thriving content creation career, Eddie explains not only how he does it all, but also how much he cares about helping other security professionals achieve the same level of success.

Timecoded Guide:

[00:00] Eddie’s background & his current cyber role with Data Locker

[06:07] Growing up in Baltimore City & finding his podcasting inspiration

[13:10] Balancing work & life with calendar planning

[19:13] 4 essential habits: reading, listening, association, & work

[28:20] Advice for digital content creators & security professionals

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life!

Want to learn more about how Mindbody enhanced their asset visibility and increased their cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody

AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

What is the connection between cybersecurity and this financial independence and freedom mindset you have?

In his book, on his podcast, and throughout his career, Eddie has emphasized the importance of financial independence, especially when it comes to diversifying his income. Instead of calling his projects and revenue streams “side hustles,” Eddie prefers to think of them as baby businesses; small businesses in the infant stage that have massive professional potential. With COVID severely changing Eddie’s economic perspective, he firmly believes in having multiple sources of income and in fostering the growth of each project until he’s seeing revenue to rival the full-time income he already makes in his day job.

“If you look at it as a side hustle, that's all it's ever going to be, it's just something that creates a little bit of extra income, but if you look at it as a baby business, that could really replace the income that you currently make.”

How do you balance content creation, day-to-day job responsibilities, and fatherhood?

Being an author and a cybersecurity consultant can both already be demanding jobs, but throwing 2 young children and an entire podcast into the mix makes Eddie’s success borderline hard to believe. However, Eddie credits his success to understanding his priorities and heavily managing his calendar. Entrepreneurs need to think of their schedules down to the minute, maybe even the second. Eddie is not afraid to set aside time for his children, even if it means he has to work in the evenings on his own entrepreneurial goals. Eddie knows that when he puts his calendar together, he is giving himself the time he needs and deserves to work and spend time on what’s important to him, even alongside all his other responsibilities as an employee.

“If you're going to work for 8 hours a day for somebody else's dream, then why can't you come home on a daily basis and give yourself at least 2 hours? We're not talking about a whole nother 8, but give yourself at least two hours. From the hours of 5 to 7, what can you do to invest in yourself?”

What are some successful habits you’ve picked up throughout your life and that you mention in your book, Unlock Yourself?

Four successful habits guide Eddie through his busy life as an entrepreneur and full-time worker, the first of which is reading. Reading is a source of knowledge and connection with others, and Eddie has learned amazing lessons from reading books and articles. The second is listening, which, just like reading, offers Eddie the ability to learn and to connect with the world. Coming in third is association. Surrounding himself with people who inspire him and are dedicated to his goals reminds Eddie of how badly he wants this. Fourth and finally, work. Putting in the work without expecting the success to happen overnight helps Eddie with his patience and always leads to a much better payoff.

“If you surround yourself with incredible people who inspire you and uplift you and encourage you, then there's no reason why you should not get to your goal. There's no reason why you should give up because you have people that understand how badly you want to accomplish your goals. They won't let you quit on yourself.”

Do you have advice for those looking to achieve success similar to you?

Although it may seem daunting to tackle a career as extensive as Eddie’s, Eddie is confident that his mindset around work can help anyone become successful. Most specifically, amongst all the entrepreneurial advice Eddie gives, his strongest point centers around understanding the “why.” Knowing why he does what he does not only helps keep Eddie on track for a solid work-life balance, it also allows him to see the impact his work has on the people around him. With his wife being a stay-at-home mom and his children being young, Eddie understands the necessity of his hard work and wants to inspire his family with his continued success.

“If I don't perform, the people around me suffer. If I don't do what I need to do, then the people around me are not going to be better off. The impact that it is going to have on them is so much heavier than the impact that it'll actually have on me individually.”

---------------

Links:

Keep up with Eddie Thomason on his website, Youtube, LinkedIn, Instagram, and Facebook

Check out Eddie’s podcast, the Simply Secure Podcast, and his book, Unlock Yourself

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

The Future of Artificial Intelligence with Jeff Gardner

Tue, 05 Jul 2022 04:00:00 -0500

Jeff Gardner, CISO at Germantown Technologies, comes to Hacker Valley Studio this week to talk about the future of cybersecurity and what up-and-coming hackers may encounter on their journey into an ever-evolving industry. With a specific focus and interest in artificial intelligence, or AI, Jeff’s discussion in this episode covers the current perception of AI in tech, the timeline of when we may see highly-intelligent AI come into play, and what the future of AI looks like from a cybersecurity standpoint.

Timecoded Guide:

[03:54] Focusing on numerous areas during his day job as CISO and understanding the necessity of a strong team of trusted cyber professionals

[09:00] Getting excited about current and upcoming technology in cyber while remaining realistic about present day limitations and needs

[15:53] Automating security analyst tasks and finding the quality control balance between machine knowledge and human intuition

[22:50] Breaking down the concept of “bad AI” and understanding how to address the issues that may arise if AI is used for nefarious purposes

[28:22] Addressing the future of unique thought and creativity for computers and for human beings

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life!

Want to learn more about how Mindbody enhanced their asset visibility and increased their cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody

AttackIQ - better insights, better decisions, and real security outcomes. Be sure to check out the Attack IQ Academy for free cybersecurity training, featuring Ron and Chris of Hacker Valley Studio, at academy.attackiq.com

What are some of the things that you are expecting the next generation to be doing when it comes to bypassing security in a way that they won't get caught?

Jeff, like many hackers and security pros in the industry, started his journey in cyber by hacking different systems from his own computer as a kid just because he could get away with it. While that type of hacking still exists, there are new ways for systems to manage and counteract these threats and attacks, as well as expose who is behind it. The new generation of hackers will learn in different ways on different technology, and Jeff is confident that what they choose will come because of where the security industry is already going, with devices that use machine learning and pattern learning, as well as the continuing development of AI.

“When it comes to artificial intelligence and all the myriad of models and neurons and all that, we're still pretty much at single neuron, maybe double neuron systems. But, as things evolve, it's gonna be harder and harder to bypass those defenses.”

What is your perspective of AI not being here and available for us yet?

In Jeff’s opinion, the biggest thing missing from our current AI to really make it the intelligence we claim it is, is creativity. We have smart technology, we have technology that can automate tasks and can be told very easily what to do, all through feeding in data and processes. However, Jeff points out that most of what we call artificial intelligence in the cyber and tech industries doesn’t have the creativity or the human intuition to match the human brain. We’re in an exciting escalation of technology and intelligence, but we aren’t at true AI yet.

“I think one of the things that's missing from AI, and it's being solved rapidly, is creativity. We train it through models, but those models are only the data that we give it. How smart is the system if you just give it a plethora of data and have it come to its own conclusions?”

How far away do you think we are from highly intelligent AI?

Although the futuristic AI that appears in science fiction movies and books isn’t here yet, Jeff believes we aren’t far off from a level of computer technology that we have never seen before. With the quantum leaps in technology that we’ve continued to see, namely in computers starting to solve math problems we’ve never even thought of or engage with art in a way we’ve never dreamed possible. What we see now is the tip of the iceberg, but the future holds massive potential for what AI will look like and what automation of certain tasks will look like, with accuracy rates for analysis technology continuing to narrow to 99.9% accuracy rates.

“When you can get to that level of processing speed, you can do things we can't even dream of, and that's what they're doing now. They're solving math problems in ways that humans have never thought of, they're creating art in ways that humans couldn't imagine.”

How do we create AI for good?

The fear of the “evil” or “bad” artificial intelligence comes up frequently when we discuss what the future of AI may look like from a security standpoint. However, Jeff is confident that the issue is not as black and white as our fears make it. For starters, when we understand the purpose behind what “bad” AI might be programmed to do, we can put other measures in place to combat it. On the other hand, the struggle of good vs bad, right vs wrong has been a problem in hacking and in cyber since the first white hats and black hats came into existence. The fear of bad AI is a philosophical discussion instead of just a technical conversation.

“I think it all comes down to, like you said, purpose. What's the purpose of the bad AI? What's it trying to do? Is it trying to hack our systems and steal the data? Is it trying to cause physical harm?”

---------------

Links:

Stay in touch with Jeff Gardner on LinkedIn

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Learning to Lead Future Tech Leaders with Dr. Stacey Ashley

Tue, 28 Jun 2022 04:00:00 -0500

Leadership expert, Dr. Stacey Ashley, joins us at the Hacker Valley Studio to talk about her journey from the corporate world of leadership to her current roles in consulting and coaching. As a speaker, author, and educator for leaders, especially executive and C-level leaders, Dr. Ashley shares foundational skills needed to go from expert to leader, mindset shifts that need to occur regarding our perspective on our own leadership responsibilities, and experiences that inspired her to become an author.

Timecoded Guide:

[02:58] Developing stronger leadership capabilities and understanding the value of scaling work with her decision to become an author

[09:51] Jumping over the hurdles and obstacles to becoming a better leader through mindfulness, practice, and checking the privilege of your executive role

[13:45] Knowing when to get off the treadmill of busyness and focusing on setting better boundaries for yourself as a leader

[20:53] Cultivating the next level of leadership with a focus on mentoring, role modeling, and coaching

[25:40] Providing advice for future leaders and understanding the values of awareness and of developing your listening skills

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life!

Want to learn more about how Mindbody enhanced its asset visibility and increased its cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody

AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

What have been some of the challenges that you've seen, out of yourself or from others, to start to cultivate that leadership ability?

There’s a common path to leadership in many industries, especially tech and cyber, where becoming good at your job skyrockets you into leadership spaces and executive roles. While this is often an achievement worth being proud of, Dr. Ashley warns that we rarely mentor and teach these newly appointed leaders how to lead. Expert skills are important to have, but not being able to satisfy your executive role and your leadership responsibilities with developed leadership skills leads to confusion and dissatisfaction amongst employees and clients who aren’t receiving the type of leadership guidance normally delivered by someone in that role.

“It's great to have those specialist skills, but it's not enough. If you're going to lead people, if you're going to lead a program of work, if you're going to be a thought leader, or an influencer, or any of those things, you need to have more skills.”

What are some of the common obstacles that people have that keeps them from being the best leader that they can be?

Dr. Ashley is the first to admit that tech leadership issues and obstacles are hardly a one size fits all. However, a commonality she sees is a focus on busyness instead of on active leadership practices. Being “busy” does not translate into high levels of productivity, especially for leaders in prominent company or industry roles. She advises that a better focus for leaders and aspiring executives is to practice their leadership skills and prioritize finding a coach or mentor, instead of just filling up their schedule with unnecessary busy work.

“This whole concept of busy isn't actually very effective. Busy is just doing stuff for the sake of doing stuff. One of the things that I find that great leaders do is that they're really clear about where they make a difference, where they add value, where they can make a real contribution. They don't focus on being busy, they focus on the important stuff.”

What sort of creative license do you give for those people that just want to be helpful, but are over taxed when it comes to their job?

We all want to better prioritize our tasks and to feel less overwhelmed by our work, but setting boundaries often feels mean or unrealistic for those used to being helpful and people pleasing. Dr. Ashley sees this a lot in her work, where she often advises people to consider how they’re saying no and what ways they’re presenting what they’re working on. By showing people that you have important tasks that rely on your focus to attend to, you’re inviting them to see your time in a much more understanding light and you will invite them to consider that they should try on their own for a solution and prioritize their own tasks before they can engage with you again.

“I think if we let people know that we're doing something else, and that it has a big impact, then they're much more understanding. Also, we're giving that other person some time to see if they can figure that thing out on their own rather than relying on us.”

What are some of the tenants that you follow for cultivating the next level of leadership?

Dr. Ashley believes that one of our key responsibilities as leaders is to grow this next generation of leaders and help them develop the best leadership skills imaginable. She advocates for this by focusing on three core tenants. The first being mentorship, meaning you’re willing to share your knowledge, wisdom, and experiences all on a personal mentorship front. The second is role modeling, where you’re showing how to be a good leader, representing what that looks like for everyone in your business. The third? Coaching, which she bases a large majority of her career around. Being able to coach and provide a customizable approach for future leaders allows them to address what they need to learn and where they need to grow.

“I don't know if every leader recognizes this, but every day, you are role modeling. You may not be role modeling great stuff, but you are role modeling. And so, you have a responsibility every day to recognize your role modeling.”

---------------

Links:

Stay in touch with Dr. Stacey Ashley on LinkedIn, Facebook, and Instagram

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Making Corporate Leadership Human with Ginny Clarke

Tue, 21 Jun 2022 04:00:00 -0500

We invite our friend, Ginny Clarke, to Hacker Valley this week to talk about conscious leadership and self-awareness as a way to take our organizations to the next level. Using her prior experience at tech giants like Google and her five dimensions of leadership, Ginny explains how we can better hold the leaders in our lives accountable, what will benefit our civilization the most for future generations in the workplace, and where we should focus our efforts for diversity, equity, and inclusion.

Timecoded Guide:

[05:34] Losing her parents at a young age, connecting to a spiritual guide to cope with grief and stress, and getting back in touch with ourselves in order to connect with others

[12:03] Seeing and validating the past experiences of our fellow humans, healing ourselves in order to heal organizations, and acknowledging the role of mental health in the health of our companies

[16:34] Understanding diversity, equity, and inclusion beyond just hiring, and stopping yourself from waiting for an organization to step up to an opportunity that belongs to underrepresented communities

[22:38] Shifting the metrics of how we value organizations and leadership, and seeing where the accountability issues of CEOs for what they really are

[27:48] Leaving a legacy through creativity and inspiring others to recognize how they have the power to change the world

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution: uptycs.com.

How do we move current leadership statistics to something much healthier?

With a depth of experience in recruiting executive leaders in a variety of organizations, Ginny shares a striking and horrifying statistic with us: 18% of leaders are considered good. Only 18% feels incredibly low, especially when a large portion of companies claims to hire the best leaders based on pedigree-level qualifications. In Ginny’s opinion, leaders are not held to a high enough standard in the workplace, and aren’t measured on their performance beyond basic financials. With so much more at stake, Ginny warns that companies are only as strong as their leaders, and are even weaker when they never hold those leaders accountable.

“That’s why we have organizations that are, I dare say, quite fragile. It’s because of the lack of leadership. They might have a lot of money, they might have really intelligent, well-educated people, but to the extent, those organizations don't have actual leaders for whom they are holding accountable for their leadership competencies.”

How do we show up better for others and really see the whole human?

We cannot improve our society as long as we continue to see ourselves as completely separate from it. This, among other world-changing views, guides Ginny towards seeing people beyond just their outward appearance, viewing them as a whole human, composed of all of their experiences. There is so much fear, anxiety, and bias, especially in the world of hiring and recruiting, and Ginny hopes to show up better for others through better accountability for our leaders and a stronger connection to ourselves.

“We, as a civilization, can't fix it as long as we're seeing it as separate from ourselves. So, that's where the self-love comes from, and the support and the sharing and the non-dualistic orientation, which defies everything about tech, right? Tech is all about the binary, the ones and zeros, and here, I'm talking about something that is far more inclusive than that.”

What have you learned from this big effort that we have going on with diversity, equity, and inclusion?

Ginny, much like many of us in tech, cares about efforts of diversity, equity, and inclusion, but believes that many companies talk the talk without ever walking the walk. When working with recruiters in large companies, Ginny discovered that many don’t understand how to implement diversity in an impactful way in their organizations, beyond appearances and statistics. Encouraging colleagues to be true to their authentic selves in the workplace, she believes that now is the time to embrace diversity at work beyond the limitations of waiting for company leaders to embrace them.

“I think there's been organizational malpractice as it relates to diversity, equity, and inclusion. I think you got a lot of people who actually don't want to understand it, they're not going to the root cause. They're throwing money at it, they're hiring a chief diversity officer and saying, ‘Okay, you fix it.’”

What do you think people can do today to start to make an impact and move the world in a positive direction?

The secret to changing the world? Ginny believes that it’s acknowledging that you have the power to change it at all. On her own spiritual journey, Ginny has discovered there’s so much more to our impact on our surroundings beyond our everyday actions at work. Using examples of heightened vibrations, inspired creativity, and personal accountability, Ginny explains that your ability to change the world has never been as powerful as it is right now, as our society and civilization continue to shift towards new forms of leadership and new developments in organizations are the world.

“I want to activate and stimulate people's imagination. You know, young kids have imagination and that creativity, that spawns, that manifests, that takes hold, that becomes real, and that's how we change the world, so that it's good for all and that becomes the objective. That's my legacy. It's creating good for all.”

---------------

Links:

Stay in touch with Ginny Clarke on her website, LinkedIn, Twitter, and Instagram

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Co-founding Revelstoke through Communication with Bob Kruse

Tue, 14 Jun 2022 04:00:00 -0500

We invite Bob Kruse, Co-Founder and CEO of Revelstoke Security, down to Hacker Valley Studios this week to talk about his journey from investment banking to cybersecurity sales to owning and operating his company with Josh McCarthy. With a focus on communication and peoples skills, Bob discusses how to be a leader in the cybersecurity community, including building strong relationships with staff members, connecting with cyber experts, and developing successful security teams.

Timecoded Guide:

[03:40] Selling software to cybersecurity practitioners and managing the skepticism around marketing to an audience that’s taught to doubt and question

[08:12] Gaining inspiration for Revelstoke Security from the entrepreneurs in his family and his experience starting his cyber business with his partner Josh McCarthy

[12:51] What being an early-stage startup looked like for Revelstoke and lessons learned from their first pitches to cybersecurity investors

[15:01] Comparing and contrasting being someone in cybersecurity sales to being a CEO of his very own company

[20:58] Looking towards the future of Revelstoke Security as they expand into new markets and continue to build their business around providing solid cybersecurity jobs

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution: uptycs.com.

Were there any speculations like, "Hey, can this guy really go from sales to being a CEO at a tech company?"

Bob’s focus throughout his career in cybersecurity has completely revolved around sales. From his first cybersecurity role at Oracle Corporation to his recent position at Demisto, Bob’s prominence and impact on the cyber industry has always had sales at the center. Co-founding Revelstoke, Bob encountered skepticism and wariness from investors, curious if he would be able to transition into a cybersecurity CEO. Thanks to his knack for knowledge and his confident partner Josh, Bob has defied expectations and built up his own confidence in his new role.

“It's about having a co-founder that compliments you, that you can implicitly trust, and implicitly trusts you. You can have the best technology in the world and the best idea in the world, but if you don't have a trusted relationship…it's not going to be successful.”

Between your previous life in sales, and now, being a founder and CEO, what are some of the parallels?

With so much experience in sales on his resume, we were curious which parts of Bob’s journey to CEO were similar to previous positions he’s held. It turns out, just like we’ve discussed on Hacker Valley Red, communication has been a key element no matter Bob’s position in cyber. No matter who he’s talking to, or what side of the house he’s marketing towards, people skills continue to be his forte. Being able to have discussions with employees, investors, and potential clients relies heavily on honest authentic communication skills, even though his business knowledge has had to grow immensely since becoming CEO.

“Today, I still lean on my people skills, and over-communicate. I try to have one-on-ones with everybody in the company. I welcome every new hire we have, and it's increasingly important, obviously, as we have a widely distributed team.”

Where has your focus on introductions and networking come from?

We know Bob as an introduction master, and he’s even helped us with meeting some of the biggest guests we’ve invited to Hacker Valley. With so many cyber security experts in his network from all corners of the cybersecurity industry, we had to ask Bob where he learned the value of making those connections. It turns out— it’s always been that way for Bob Kruse, from the days of his early childhood working at his father’s business. Connecting others, communicating with them, and learning how to help has been his passion for his entire life.

“When somebody needs your help, it's a compliment. I've always found it as a compliment in that I have something they don't, and I can impart on them some sort of an introduction, or a reference, or some knowledge.”

What impact or impression are you hoping to leave on the world with Revelstoke?

There are a lot of cybersecurity startups that make their way down to Hacker Valley, but Revelstoke Security seems like a different breed, with a strong staff at its core— so strong that they’ve only grown since they began and have yet to lose a single employee. With an impact like that on the cyber job market, we asked Bob what he sees on the horizon for Revelstoke. He made it clear: more jobs. Success, for Bob and Josh at Revelstoke, relies on building strong teams and providing the right jobs for those team members and their families.

“Success…is starting a company and providing jobs for people, jobs that never existed before you decided to start a company. I want my legacy to be somebody that not only started a successful company financially, but that employed a lot of people and supported a lot of families.”

----------

Links:

Stay in touch with Bob Kruse on LinkedIn and the Business Journal Leadership Trust website.

Learn more about Revelstoke Security on their website.

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Emotions In Cybersecurity with Sherianna Boyle

Tue, 07 Jun 2022 04:00:00 -0500

In the turbulent world of cybersecurity, it can be difficult to not get caught up in the emotions of it all. Fear uncertainty, doubt...not to mention, burnout. It's not surprising cybersecurity is often seen as being a highly stressful field. But is it possible we may be addressing and interpreting our emotions, as practitioners, in the wrong way? Ron and Chris are joined by author and coach, Sherianna Boyle, to talk about the role that emotions play in our daily lives and how to process them correctly. In this episode, Sherianna walks us through:

-What goes into emotional detoxing

-The difference between reaction and emotion

-How breathwork can transform your life

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution uptycs.com/ Be sure to stop by their booth #435 at RSA 2022

Guest Bio:

Sherianna Boyle is an author of nine books including, Emotional Detox Now: 135 Self-Guided Practices to Renew Your Mind, Heart & Body. She is also the founder of the CLEANSE Method® Emotional Detox Coaching® Cleanse Yoga® servicing clients, businesses, healthcare providers and educators worldwide, virtually or on site. You can hear more from Sherianna, and her work, on her show Emotional Detox Now Podcast.

Links:

Stay in touch with Sherianna Boyle on LinkedIn and Twitter

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Being THE Cyber Warrior with Derek Scheller

Tue, 31 May 2022 04:00:00 -0500

Making an impact in the cybersecurity community as a content creator is no easy task! Just ask Derek Scheller, aka The Cyber Warrior. Derek joins hosts Ron and Chris to talk about how he brings his unique personality and positive messages to inspire folks within, and breaking into, cyber. In this this episode, Derek shares:

His passion to inspire and motivate others
How to make your content stand out
How the WWE has inspired his unique persona
His thoughts on vulnerability and being authentically yourself
Tips for making impactful and sticky content

Check out Ron and Chris’ interview with The Cyber Warrior on Security Happy Hour, here!

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution Uptycs.com Be sure to stop by their booth #435 at RSA 2022

Guest Bio:

Derek Scheller is a Senior Security Consultant for Seiso, LLC. In 2017, he retired from the US Army as a Cyber Network Defender and worked in both defensive and offensive operations. When he is not helping clients with their security needs, he is a content creator that aims to help as many people as possible enter the cyber security space. You can find him on YouTube Twitch, LinkedIn, and Facebook under Cyber Warrior Studios, where he posts weekly.

Links:

Stay in touch with Derek Scheller with Cyber Warrior Studios on LinkedIn and Twitter

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out more from Hacker Valley Media and Hacker Valley Studio

Adapt and Overcome with Amy Bream

Wed, 25 May 2022 21:04:50 -0500

Life is full of complexity -- just ask adaptive athlete Amy Bream, this episode's special guest. She was born with one leg, but that didn’t stop her from growing up to become a kickboxer. In 2021, she competed in the CrossFit Games, placing in the top five. And in 2022, she came in first at Wodapalooza — one of the biggest fitness competitions in the world. The key to her success? Controlling what she can. Join her, Ron and Chris as they discuss:

-How self perception shapes how others interact with you

-The power of showing up and believing in yourself

-Amy’s viral moment at the CrossFit Games

-Her partnership with Axonius

-Her advice for those struggling to show up in life

Check out Amy's Controlling Complexity video, presented by Axonius: axonius.com/amybream

Sponsor:

Thank you to our Axonius, for bringing this episode to life!

Life is complex, but it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone

Links:

Visit Amy Bream on Instagram

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Adventures In The Outerverse with Robin Thurston

Tue, 24 May 2022 04:00:00 -0500

The metaverse seems to be the hottest thing in technology today. From virtual environments to avatars, our lives are being digitized more and more. Is there even a reason to go outside anymore? Robin Thurston, CEO of Outside Inc., built his entire company around this very question. What's even more interesting is that he is using web3 technology to help get people reacquainted with the great outdoors. In this episode, Ron and Chris chat with Robin about:

Why Outside decided to create the Outerverse
How the Outerverse is aimed at getting people outside
What the Outerverse entails (i.e. NFT marketplace, tokens, creator platform)
What this means for the future of outdoor content/outdoor content creators

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

Guest Bio:

Before joining Outside (previously Pocket Outdoor Media), he ran a consumer genetics company called Helix in Silicon Valley before returning to his home state of Colorado. Prior to Helix, Robin co-founded and built MapMyFitness into one of the world’s largest open fitness tracking platforms. Following the acquisition of MapMyFitness by Under Armour, he joined the innovative sports apparel organization and served as Chief Digital Officer, where he led the overall strategic direction of the company’s Connected Fitness and eCommerce business.

Robin spent the first ten years of his career building a mutual fund classification and ratings platform at Lipper (a Thomson Reuters Company), as well as a risk and compensation platform at both American Century Investments and Wellington Management. He graduated with a MS in Finance from University of Colorado at Denver and lives with his wife and three children in Boulder, Co. He is a lifelong cyclist who started riding and racing in the early 1980’s.

Links:

Stay in touch with Robin Thurston on LinkedIn and Twitter

Visit Outside Inc website

Visit the Outerverse

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Something To Say In Cyber With Jon DiMaggio

Tue, 17 May 2022 04:00:00 -0500

“If you believe in yourself and you're willing to put in that work, it WILL happen.” - Jon DiMaggio

In this episode, Ron and Chris are joined by author and Chief Security Strategist, Jon DiMaggio, to talk about the power of believing in yourself and following through on your dreams. Jon shares the story behind writing his book, The Art of Cyber Warfare, and how he learned to overcome rejection.

Sponsor Links:

Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!

With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution. Check them out at Uptycs.com and be sure to stop by their booth #435 at RSA 2022

Guest Bio:

Jon DiMaggio is the chief security strategist at Analyst1 and has over 15 years of experience hunting, researching, and writing about advanced cyber threats. As a specialist in enterprise ransomware attacks and nation-state intrusions, such as”Ransom Mafia: Analysis of the World’s first Ransomware Cartel”,“Nation State Ransomware” and a “History of REvil”. He has exposed the criminal cartels behind major ransomware attacks, aided law enforcement agencies in federal indictments of nation-state attacks, and discussed his work with The New York Times, Bloomberg, Fox, CNN, Reuters, and Wired. You can find Jon speaking about his research at conferences such as RSA. Additionally, in 2022, Jon authored the book “The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime” published by No Starch Press.

Links:

Stay in touch with Jon DiMaggio on LinkedIn and Twitter

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Beyond Gold with Simone Biles

Wed, 11 May 2022 04:00:00 -0500

Cybersecurity podcast hosts, Chris and Ron, had the pleasure of sitting down with US Olympic gold medalist, Simone Biles, for a very special interview! You might be wondering, “what does cybersecurity and elite-level gymnastics have in common?” - both have a strong focus on controlling complexity.
Complexity comes in many forms — whether that be staying calm in the face of a malicious cyber attack or performing complex moves on the competition floor. While complexity isn’t something you can prevent, having the right team and mindset can make controlling its outcome much easier! In this episode, Ron and Chris chat with Simone about:

- Her recent life changing event

- How Simone controls the complexity in her life

- Why doing your best is always good enough

- and her partnership with Axonius!

Guest Bio:

Simone Arianne Biles has boundless energy, natural strength and fierce determination, taking those God-given talents to become the greatest gymnast of all time. The 4-foot, 8-inch dynamo is the most decorated American gymnast in history, with 32 medals (19 of them gold) from the World Championship and seven medals (four gold) from the Olympics. She is also the first American woman to win seven national all-around titles and first female gymnast to earn three consecutive World All-Around titles. She is a three-time recipient of the Laureus World Sports Award for Sportswoman of the Year and has received widespread recognition, including TIME 100 Most Influential, Forbes 30 Under 30, Ebony Power 100, People Magazine’s Women Changing the World, USA Today 100 Women of the Century, and two-time Associated Press Female Athlete of the Year, among others.

Links:

Thank you to our friends at Axonius for making this episode a reality!

Follow Simone on Twitter and Instagram

Watch Simone content and more at Axonius+

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Listen to more interviews like this from Hacker Valley Media and Hacker Valley Studio

Harness Your Anxiety in Cyber with Dr. Chloe Carmichael

Mon, 09 May 2022 05:00:00 -0500

Anxiety and nervous energy is palpable in cybersecurity. If practitioners allow this energy to take control, it can be stifling and paralyzing. But what if we were to use this power to do what it was intended to do? In this episode, Ron and Chris chat with Dr. Chloe Carmichael, author of the Deepak Chopra endorsed book, Nervous Energy: Harness the Power of Your Anxiety. They discuss:

-The purpose of nervous energy

-When this energy enters our lives

-How we can use this energy to our advantage

-and how it can even become a superpower

Guest Bio

Dr. Chloe Carmichael, Ph.D, is a clinical psychologist, known as Dr. Chloe. She holds a Master’s degree and Ph.D. in clinical psychology from Long Island University and graduated Phi Beta Kappa, summa cum laude, with a Bachelor’s degree and departmental honors in psychology from Columbia University. Her practice in New York City employs multiple therapists to serve high-functioning business executives, people in the arts, and everyday people seeking support with personal or professional goals.

Dr. Chloe is the author of the book Nervous Energy: Harness the Power of Your Anxiety, endorsed by Deepak Chopra! She is a member in good standing of the American Psychological Association, as well as the National Register of Health Psychologists, an elite organization for psychologists with gold-standard credentials. She is also a consultant at Baker McKenzie, the third largest law firm in the world. She is an Advisory Board member for Women’s Health Magazine (Hearst), and a featured expert for Psychology Today. She enjoys relating with the media, as well as public speaking. She has been featured as an expert on VH1, Inside Edition, and other television; and has been quoted in the New York Times, Forbes, Vanity Fair, Rolling Stone, and other print media.

Links:

Thank you to our friends at Axonius and Uptycs for sponsoring this episode!

Stay in touch with Dr. Chloe Carmichael on LinkedIn and Twitter and by her Book here!

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

The Threat Inside With Shawnee Delaney

Tue, 03 May 2022 04:00:00 -0500

In this episode, Ron and Chris highlight a human problem that affects every company and organization in the world – Insider Threat. Shawnee Delaney, an Insider Threat expert, cybersecurity consultant and CEO of Vaillance Group, joins the guys to provide her expertise on the topic and shares real life examples of treason and espionage. In this episode Shawnee explores:

The intersection of empathy and espionage
Motivations and vulnerabilities
The importance of insider threat programs
Protecting your trade secrets
Investing in your people, and more!

Guest Bio:

Shawnee Delaney is an Insider Threat expert, cybersecurity consultant, and CEO of Vaillance Group - based in Washington, DC. She is a decorated intelligence officer and a licensed private investor who has spent part of her career within the Defense Intelligence Agency as a Clandestine Officer conducting Human Intelligence operations around the world. She has also supported the Department of Homeland Security, defending critical infrastructure and industrial control systems within the U.S. Her combat tours, field experience, and consulting with top Fortune 500 Companies has provided the foundation for the curriculum she offers in her Insider Threat training programs. A sought-after public speaker, Ms. Delaney shares her extensive knowledge of Insider Threats to protect clients’ assets, people, and confidential information and to educate groups about the harm that comes from both malicious and unintentional threats.

Links:

Thank you to our friends at Axonius and Uptycs for sponsoring this episode!

Stay in touch with Shawnee Delaney on LinkedIn and Twitter

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Cyber Is A Gritty Situation With David Fivecoat

Tue, 26 Apr 2022 04:00:00 -0500

What is grit? How much or little do YOU have? Can we grow it?

Hosts Ron and Chris are joined by the Executive Coach and Founder of Fivecoat Consulting Group, David Fivecoat, to talk about how grit shows up in our lives and ways that we can cultivate more.

Guest Bio:

After 24 years as a US Army paratrooper, as well as 4 combat tours in Iraq and Afghanistan, Colonel David Fivecoat, US Army, Retired, founded The Fivecoat Consulting Group. He now blogs, speaks, coaches gritty leaders, and helps develop gritty organizations. A native Ohioan, David Fivecoat resides in Columbus, Georgia.

Sponsor Links: Thank you to our sponsors Axonius and PlexTrac for bringing this episode to life!

Axonius, the first company to solve the cybersecurity asset management problem. Give your team's time back by checking them out at https://www.axonius.com/

PlexTrac, the Proactive Cybersecurity Management Platform, brings red and blue teams together for better collaboration and communication. Check them out at plextrac.com/hackervalley

Additional Links:

Stay in touch with David Fivecoat on LinkedIn and His website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Becoming Team Tech Boy with DeJuan Strickland

Tue, 19 Apr 2022 04:00:00 -0500

DeJuan Strickland (DJ) is a huge superhero fan, but when he realized there weren’t many superheroes and comic book characters that looked like him, he decided to do something about it! Enter: Tech Boy! DJ joins hosts Ron and Chris to share his unique experiences as an 13 year old author, entrepreneur, and tech enthusiast.

Guest Bio:

DeJuan Strickland is a 13-old scholar born and raised in St. Louis, Missouri. He enjoys gaming, anime, reading, and indulging in comic books. He is a long-time honor roll student who thoroughly enjoys science and technology. He has recently been appointed as a youth member of STEMSTL's Strategic Advisory Board. Tech Boy is DeJuan's debut title and his mission is to inspire other youth to become tech-savvy entrepreneurs.

Sponsor Links:

A big thank you to our friends at PlexTrac and Axonius for sponsoring this episode!

Links:

Stay in touch with DJ on Instagram and Twitter

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

And the Academy Award Goes To...With Evan Mayfield

Tue, 12 Apr 2022 04:00:00 -0500

Evan Mayfield, an award-winning 3D animator and founder of the Kingdom of Dwarves NFT project, joins Ron and Chris to talk about how his love of art allows him to experience life in new and creative ways. In this episode, Evan shares his story behind winning an Academy Award and starting a career in the film industry, what led him into creating NFT art and founding Kingdom of Dwarves NFT project, and the importance of being receptive to feedback in your career.

Guest Bio:

Evan Mayfield is an Academy Award winning 3D animator/Animation Director in the Film/Commercial/VideoGame/AR/VR field. He is also one of the founders of the Kingdom of Dwarves NFT project.

Sponsor Links:
A big thank you to our friends at PlexTrac and Axonius for sponsoring this episode!

Links:

Stay in touch with Evan Mayfield on LinkedIn , Twitter and Discord

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

The Road Less Traveled with Isabel Leong

Tue, 05 Apr 2022 04:00:00 -0500

In this new age of remote work, people are able to live and work in ways that we never thought possible. In this episode Ron and Chris are joined by Isabel Leong, a full-time travel blogger and SEO marketing coach. Isabel shares how she turned her hobby into a career that allows her to fulfill her passion for travel and her tips for those attempting to do the same.

Guest Bio:

Full-time travel blogger and SEO marketing coach roaming the world at whim, Isabel draws energy from being outdoors. An explorer at heart, the world is her playground. She helps aspiring bloggers and brands get the most out of their online presence and financial freedom by ranking on Google faster with SEO and expose millennial travelers to experiences beyond their imaginations.

Sponsor Links:
A big thank you to our friends at PlexTrac and Axonius for sponsoring this episode!

Additional Links:

Stay in touch with Isabel Leong on LinkedIn, Twitter and Instagram

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

An Unstoppable Mind with David Pearson

Tue, 29 Mar 2022 04:00:00 -0500

In this episode Ron and Chris are joined by the co-founder and CEO of SeclarityIO, David Pearson, to talk about his experience in building a company from the ground up. David shares the challenge of “building something from nothing,” seeking help, and the importance of having a solid support system. David explores the intricacies and inner workings of his mind and his tips on tapping into creativity and innovative thought.

Guest Bio:

David is the co-founder and CEO of SeclarityIO, the company building NetworkSage. During his career, he has spent time on the red team, blue team, and in deep research. He was formerly the Head of Threat Research at Awake Security. David has security degrees from the Rochester Institute of Technology and Carnegie Mellon, and has spoken and taught workshops at many top security conferences.

Sponsor Links:
A big thank you to our friends at PlexTrac and Axonius for sponsoring this episode!

Additional Links:

Stay in touch with David Pearson on LinkedIn and Twitter

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Growing A Successful Podcast with Adam Adams

Tue, 22 Mar 2022 08:18:55 -0500

Anyone can start a podcast, but what about a successful podcast? What about a podcast that reaches, connects and impacts people for the better? In this episode, Ron and Chris are joined by Adam Adams to talk about what it takes to create a successful podcast. Adam touches on the importance of having quality equipment, a compelling and entertaining message, and great marketing. He explores the reasons why having a broad audience isn’t the best tactic when trying to stand out and why you shouldn’t be afraid to “draw a line in the sand.”

Guest Bio:

After selling his first podcast and seeing everything that his show did for his business, Adam Adams founded a company to serve podcasters in a whole new way. Knowing successful business owners have already learned to stay in their lane and focus on revenue generating activities Adam founded Grow Your Show, which is the easy button for podcasters. They make having a top rated podcast as easy as pressing “record”.

Sponsor Links:
A big thank you to our friends at PlexTrac and Axonius for sponsoring this episode!

Links:

Stay in touch with Adam Adams on LinkedIn and Instagram & check out his podcast and website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Risk: Black Swans Versus Gray Rhinos with Michele Wucker

Tue, 15 Mar 2022 04:00:00 -0500

Have you ever heard of the term, “Black Swans” or “Gray Rhinos”? Black Swan are events that we never saw coming, while Gray Rhinos are the things we see from a mile away. In this episode, author and strategist Michele Wucker explores the gray rhino and risk fingerprint metaphors and translates big picture trends in ways everyday folks can apply to their lives.

Sponsor Links:
A big thank you to our friends at PlexTrac and Axonius for sponsoring this episode!

Axonius, the first company to solve the cybersecurity asset management problem. Give your team's time back to work by checking out axonius.com/

PlexTrac, the proactive cybersecurity management platform, brings red and blue teams together for better collaboration and communication. Check them out at plextrac.com/hackervalley

Guest Bio:

Michele Wucker is a strategist and the author of four books including the global bestseller, THE GRAY RHINO: How to Recognize and Act on the Obvious Dangers We Ignore. The metaphor and principles from her book have moved markets, shaped financial policies, and made headlines around the world. It helped to frame the ignored warnings ahead of the COVID-19 pandemic and have even inspired the lyrics of the hit pandemic pop single, “Blue & Grey” by the mega-band BTS. Michele’s 2019 TED Talk has attracted over two million views.

Additional Links:

Learn more about Michele’s research here.

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Choosing the Right Words with Terre Short

Tue, 08 Mar 2022 06:57:46 -0600

We believe you are what you listen to -- including the personal podcast that is playing in your head every day. What is it saying to you? Our guest Terre Short excels at distilling leadership skills into actionable steps and choosing the right words to inspire others and giving ourselves the words we need to move forward.

Guest Bio:

Terre Short is a human potential developer who has more than 30 years of leadership experience, a Masters in Business Administration/Healthcare Management, and her Professional Coach Certification (PCC). She coaches leaders on tactics to raise engagement and improve retention. She also leans on the content in her book, “The Words We Choose: Your Guide to How and Why Words Matter in helping others become their best selves.”

Sponsor Links:
A big thank you to our friends at PlexTrac and Axonius for sponsoring this episode!

Additional Links:

Book Terre as a Speaker or Coach and purchase Terre's book

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Becoming the Maestro with Rob White

Tue, 01 Mar 2022 04:00:00 -0600

When Rob White was a child, someone called him a loser -- it wasn't until he confronted his negative talk that he rose to greatness. From humble beginnings to his current status as a real estate developer, restaurateur, world traveler, international best-selling author, Rob has distilled his life experiences into sound, practical advice. Listen carefully to this episode because it's time to bring out YOUR inner maestro.

This episode is sponsored by our friends at Uptycs and Axonius

Additional Links:

Stay in touch with Rob White on Twitter and pick up his book, The Maestro Monologue here

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Episode 200

Tue, 22 Feb 2022 04:00:00 -0600

In this episode, Ron and Chris take a stroll down podcast memory lane in celebration of Hacker Valley’s 200th episode. The guys reflect on their rise from humble podcast beginnings, their ever-growing fascination with human-centric stories, making a difference, and what lies ahead for Hacker Valley Media.

Key Takeaways:

01:29 Celebrating episode 200!

02:47 From humble, homegrown beginnings

03:38 Scaling and growing

06:12 Facing our biggest challenges

08:21 Tapping into our inner child

13:20 Human-centric stories

17:14 Making a difference

18:45 Thanking our team

20:37 Thanking our listeners

21:39 A humbling realization

22:40 What’s to come?

25:00 Growing together

27:05 Our advice to you

29:03 Stay in touch!

Sending all of our listeners a big THANK YOU for all of the love, support, and feedback we’ve received over the last 3 years! We could not have done it without you. Cheers to the next 3 years! - Ron and Chris

Links:

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by our friends at Uptycs and Axonius

Episode 199 - Sharing The Mic with Camille Stewart

Tue, 15 Feb 2022 04:00:00 -0600

In this episode, Ron and Chris are joined by Camille Stewart, the Global Head of Product Security Strategy at Google and Co-Founder of Share The Mic. The trio have an honest conversation about advocacy and representation in cybersecurity, the story behind Camille’s Share The Mic social movement, how we can begin to move in the right direction, and how culture shapes the way we interact with technology. Lastly, Chris talks about Hacker Valley’s stance on representation – from award nominations to our greatest loss in listenership history.

Key Takeaways:

02:47 Bio

05:43 Advocacy - it’s in my DNA

07:16 Giving a voice to the underrepresented

08:54 “Share The Mic”

12:28 The state of diversity in cybersecurity

14:28 Achieving a better tomorrow

18:94 How do we bridge the opportunities gap?

20:13 The intersection of culture and technology

22:45 Who is Camille Stewart?

26:00 The dark side of speaking up

28:53 This is a mission critical issue

30:12 Stay in touch with Camille!

Links:

Stay in touch with Camille Stewart on Twitter | LinkedIn |Instagram

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by our friends at Uptycs and Axonius

Episode 198 - Scaling Your Efforts with Veronica Kirin

Tue, 08 Feb 2022 04:00:00 -0600

Ron and Chris sit down with anthropologist, author, entrepreneur and coach, Veronica Kirin, to learn how she distilled her seventy hour work week down to ten. Veronica shares her knowledge on helping small businesses scale, why and which automation tools are a scaling must-have, hiring best practices, and the power of goal mapping. Lastly, Veronica shares her seventy year business plan method which helps folks actualize their long-term vision.

Key takeaways:

02:53 Bio

04:39 Anthropology and business - bridging the gap

07:37 What is scaling and how do we do it right?

11:20 Tools to help you scale - Ron’s take

13:55 Veronica’s 3 Pillars of Business Scaling

16:33 Hiring woes

17:18 Hiring best practices - trip wires

20:38 How are current events changing business?

23:21 Actualizing your legacy

26:52 Creating goal maps

30:12 Get connected

31:30 Reach out for help

33:16 Stay in touch with Veronica!

Hacker Valley Studio: Swag | LinkedIn | Twitter | Instagram | Website

Veronica Kirin: Facebook | LinkedIn | Twitter | Instagram

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

Thank you to our friends at Axonius and Uptycs for sponsoring this episode.

Episode 197 - Leading Your Tribe with Simone Knego

Tue, 01 Feb 2022 04:00:00 -0600

In this week’s episode, Ron and Chris are joined by speaker, entrepreneur, mother of six and the best-selling author of The Extraordinary UnOrdinary You, Simone Knego. The trio explore the highs and lows of parenting, while attempting to manage it all – and then some! Simone shares how believing in herself was the secret sauce behind writing a book and climbing Mount Kilimanjaro, why patience truly is a virtue, and how a positive mindset can help get you through even the toughest of days. Lastly, soon-to-be-married Ron Eddings, gets advice on marriage and building a family.

Key takeaways:

02:33 Bio

04:01 Staying humble

05:11 Positive role modeling

07:43 Raising a multi cultural family

09:10 Trying to manage it all

10:57 The book - sharing her story

13:35 Believing in yourself

15:29 Patience is a virtue

18:47 Mindset and daily affirmations

22:21 Social media and “mom guilt”

24:21 Advice for the soon-to-be married, Ron

26:50 Self-care and honoring your family

28:46 Stay in touch with Simone!

Hacker Valley Studio: Swag | LinkedIn | Twitter | Instagram | Website

Simone Knego: LinkedIn | Website | Facebook

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

Thank you to our friends at Axonius and Uptycs for sponsoring this episode.

Episode 196 - Cybersecurity Advocates with Julie Haney

Tue, 25 Jan 2022 04:00:00 -0600

In this episode, Ron and Chris are joined by Julie Haney – a computer scientist and Usable Security Researcher at NIST, to talk about the human within the technologist. The trio sit down and have a powerful discussion on ways in which cybersecurity practitioners can bring their best work to the table, the importance of empathy within the workplace, and how to empower ourselves and the security community at large.

Key Takeaways:

02:55 Bio

06:46 Why research?

08:55 Bringing your best work to the table

11:28 Surprising research

12:46 What’s your superpower?

16:10 Empathy in practice

19:27 B.E.S.T.O.W.

22:22 Normalizing CS Advocacy

25:07 What’s missing in cybersecurity?

27:12 Being more intentional

Julie Haney: LinkedIn | Website | Twitter

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

Thank you to our friends at Axonius and Uptycs for sponsoring this episode.

Episode 195 - Shades Of Yes with David Chislett

Tue, 18 Jan 2022 04:00:00 -0600

In this episode, Ron and Chris are joined by author, poet, musician, artist and entrepreneur, David Chislett. David dives deep into the beauty and power of creativity and the creative process. The trio explore reasons we become less creative over time, how technologists can begin tapping into their creativity and why we should start replacing “but” with “and.”

Key Takeaways:

02:37 Bio

03:42 Origin as a creative

05:40 Losing creativity over time

10:23 A daily commitment to creativity

12:05 Structure in creativity

15:10 The hero’s journey

23:34 Innovation vs. Creativity

25:38 Defining creativity

28:59 Get in touch

Links:

David Chislett: Website | LinkedIn | YouTube

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by our friends at Uptycs and Axonius

Episode 194 - Priming the Mind for Happiness with Zahra Karsan

Tue, 11 Jan 2022 14:09:53 -0600

In this episode of Hacker Valley Studio, Ron and Chris are joined by the author of 6 Weeks to Happy, success coach extraordinaire and CEO of GetZend, Zahra Karsan. The trio examine happiness and why it is so difficult to define and what role does personal freedom play in the matter. Zahra speaks on retraining your brain for success, learning the tools to thrive and recognizing your fears in order to make change. Furthermore, the group discusses energy and ego depletion and how it affects will power and overall performance.

Key Takeaways:

03:03 Bio

04:19 What is happiness?

10:52 Seeking freedom

14:10 Will accomplishing goals make us happy?

17:29 Regaining control over our lives

22:20 Understanding how to change mindsets

28:42 Will power and ego depletion

33:42 Advice for an action plan

36:18 Get in touch!

Links:

Zahra Karsan: LinkedIn | GetZend | Twitter

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by our friends at Uptycs and Axonius

Episode 193 - Love is the Name of the Game with Tyrone E. Wilson

Tue, 21 Dec 2021 19:23:05 -0600

Happy Holidays from Hacker Valley Media!

Tyrone E. Wilson is a passionate information security professional with 24 years of experience in information technology and has a mission to improve as many lives as possible through education in cybersecurity. Currently, Wilson is the Founder and CEO of Cover6 Solutions, LLC; which teaches companies and professionals various aspects of information security, penetration testing, and IPv6. Wilson is also the organizer of The D.C. Cyber Security Professionals. Join Chris, Ron and Tyrone as they help uncover the truth about being your true self.

Key Takeaways:

02:38 Bio

07:34 The “E” story

09:16 Reality TV star?!

15:30 Opportunities from being more open in public

18:25 Doing more to be better | taking control of the moment

22:00 Getting around personal resistance

25:21 Lessons learned building communities & being yourself

27:00 “I understand.”

29:42 Get in touch

Tyrone E. Wilson: Instagram | Twitter | LinkedIn | Website

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by our friends at Crowdstrike

Episode 192 - Wisdom and Celebrity with Clint Arthur

Tue, 14 Dec 2021 09:58:14 -0600

Today Chris and Ron are joined by Clint Arthur. Clint is an actor, public speaker and mentor to many. He has had the pleasure of meeting some of the most influential people in the world, and has decided to use this to help people all over the world discover their meaning and drive them to self-fulfillment and success. Tune in for experiences, stories and advice from one of the most well-traveled, well-written people they’ve ever met!

Key Takeaways:

02:59 Bio and beginnings

06:07 No more Hollywood

09:37 20 books?!

12:57 Finding value, giving value and feeling valued

17:32 John Travolta said fly high. What does that really mean?

20:40 Matchstick secrets

22:54 Impactful moments

33:47 Get in touch

Clint Arthur: Website | Book

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is presented to you by our good friends at CrowdStrike. Join the CrowdStrike team here.

Episode 191 - Listen as I Fall Out of This Window with Tyler Foley

Tue, 07 Dec 2021 05:04:01 -0600

Sean Tyler Foley is an accomplished film and stage performer and has been acting in film and television since he was 6 years old. He has appeared in productions including Freddy Vs Jason, Door to Door, Carrie, and the musical Ragtime. Tyler is passionate about helping others confidently take the stage and impact an audience with their stories. He is currently the Managing Director of Total Buy-In and author of the #1 best-selling book The Power to Speak Naked. Join Chris, Ron and Tyler for a schooling in presenting yourself and engaging with others.

Key Takeaways:

03:06 Bio

04:55 The journey to now; acting to public speaking

11:07 Making safety training engaging

14:38 Re-kindling the story for the listener

18:22 Engaging remotely

22:27 The driest safety subject – fall protection

24:49 Nobody likes getting should on

25:40 Tyler’s book – The Power to Speak Naked

28:24 Getting your story out

32:06 Get in touch

Links:

Tyler Foley: Total Buy In | Book | Website | LinkedIn | IMDb

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is presented to you by our good friends at CrowdStrike. Join the CrowdStrike team here.

Episode 190 - Maintaining a Fuel for Life with Nate Palmer

Tue, 30 Nov 2021 09:13:40 -0600

Nate Palmer is a fitness and nutrition expert, coach, speaker, and writer who believes that being in incredible shape gives a massive advantage in business, focus, and relationships. He also happens to be a dad, husband, and the #1 bestselling author of The Million Dollar Body Method and Passport Fitness. Nate helps business owners and entrepreneurs improve their physique, finances, and family time using fitness and nutrition as force multipliers. Join Chris, Ron and Nate to change the way you approach your mind, body and soul in this episode of Hacker Valley Studio.

Key Takeaways:

03:12 Bio

06:34 Controlling your diet and exercise

08:30 Maintaining energy / Chris’ journey in weight management

10:25 Maintaining a fuel for life

13:47 Tactics for exercise and nutrition

16:58 Nutrition and fitness for the mind

22:10 Nutrition and fitness for the soul

26:14 Architecting your day

30:00 Win the morning

31:15 Get in touch with Nate

Links:

Nate Palmer Book | LinkedIn | Twitter | Website

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is presented to you by our good friends at CrowdStrike. Join the CrowdStrike team here.

Episode 189 - Head in the Cloud with Maurice Grose Jr.

Tue, 23 Nov 2021 08:36:03 -0600

Maurice Grose Jr. is an experienced Security Engineer with a background in military RF exploitation and detection, Unix/Linux administration and threat mitigation, and hardware/software integration engineering. Join Chris, Ron and Maurice to hear how a career after the military blossomed into a learning, engaging time of constant challenge and inspiration.

Key Takeaways:

03:31 Bio

07:29 What does legacy mean?

09:48 The appeal of cyber

12:10 Where do you draw inspiration from?

14:07 Does legacy experience help with cloud systems today?

17:42 A takeaway from Maurice’s military career

21:35 Advice for future leaders, getting kids involved

26:19 Future prediction in technology

27:59 Advice for anyone looking to go for the next step

Maurice Grose Jr: LinkedIn | Twitter

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsor by our friends at CrowdStrike. Join the CrowdStrike team here.

Episode 188 - Making Friends, Spies, and Traitors with James Lawler

Tue, 16 Nov 2021 04:00:00 -0600

James Lawler serves as a national security consultant and is the Senior Partner at MDO Group, which provides Human Intelligence training to the Intelligence Community and the commercial sector focused on WMD, CI, technical and cyber issues. Mr. Lawler is a noted speaker on the Insider Threat in government and industry. Prior to this, Mr. Lawler served for 25 years as a CIA operations officer in various international posts and as Chief of the Counterproliferation Division's Special Activities Unit. Join Chris, Ron and James for a riveting audio journey through stories and experiences from the inside of the C.I.A.

Key Takeaways:

03:07 Bio

04:10 Finding a job after school – the CIA comes to campus

05:40 Clandestine Service

09:55 Can you start in two weeks?

12:40 A sociopath within lanes (laws)

14:00 Betraying company over country

17:37 Intensifying friendship development

19:54 Can you betray your country for $1k?

20:52 Why do people turn down a pitch?

27:53 Receiving overwhelming classified information

36:10 Book

40:05 Take away from Mr. Lawler

Links

James Lawler: Book | Linkedin

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsor by our friends at CrowdStrike. Join the CrowdStrike team here.

Episode 187 - Keep Your &#%! Authentic with Samara Williams

Fri, 12 Nov 2021 04:00:00 -0600

Samara Williams is a Manager of Threat Operations at Cardinal Health, focused on proactive action and defense-in-depth improvement. She specializes in threat intelligence, vulnerability management, technical risk communications as well as program design and development. Chris, Ron and Samara go deep into what it takes to be your authentic self, standing strong for what you believe and being aggressive in your thoughts and actions.

Key Takeaways:

03:21 Bio

10:00 Ted talk: short, sweet and powerful

17:51 Knowing your superpower – Samara's? Authenticity

21:05 Being aggressive and using mentors & allies

25:26 Mentoring to help the future generation thrive

28:33 Advice for the person scared to be authentic

32:09 Get in touch

Links:

Samara Williams: LInkedIn | Ted Talk | Twitter

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by our friends at CrowdStrike. Join the CrowdStrike team here.

We Are Here Finale: A Case Study of DEI at CrowdStrike

Thu, 11 Nov 2021 16:19:16 -0600

In the finale of We Are Here, Chris and Ron are joined by Emily Van Norden, branding and DE&I leader, and Nikki Thornton, Chief of Staff, both at CrowdStrike. The group talks about Diversity, equity and inclusion in this jam-packed episode. Emily and Nikki peel a layer off of the CrowdStrike brand to unveil a plethora of tips, tricks, and advice from their experience with people and standing up the DE&I function company-wide.

Key Takeaways:

01:56 Bio – Nikki

02:48 Bio – Emily

04:58 The chronology of CrowdStrike

10:12 Standing up the DE&I program

15:44 From adversity comes opportunity

20:21 Executives promoting DE&I

23:23 The deeper meaning of DE&I and why it matters at CrowdStrike

34:25 Advice for new professionals; making allies

37:55 Get in touch

Links:

Emily Van Norden: LinkedIn | Website

Nikki Thornton: LinkedIn

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

We Are Here is proudly presented by CrowdStrike. Join the CrowdStrike team here.

We Are Here Part 3: Allyship and Representation

Wed, 10 Nov 2021 05:21:23 -0600

On this episode of We Are Here, Ron and Chris join Dave Zawdie and Nina Padavil, two members of the team believe, CrowdStrike’s employee resource group for black professionals. The group dives deep into representation and allyship and how we can use the past to change the future for the good of the industry and its people.

Key Takeaways:

01:54: Nina – Bio

03:36 David – Bio

05:25 Role models and influencers

11:24 How can the majority help the minority in the future?

14:33 Mentoring and impacting the future

17:38 Setbacks and advice for a discouraged cyber security professional

20:26 Committing to being an ally to another

22:52 The future of DE&I and how we contribute

25:14 Get in touch

Nina Padavil: LinkedIn

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

We Are Here is proudly presented by CrowdStrike. Join the CrowdStrike team here.

We Are Here Part 2: A Tech Titans Roundtable

Tue, 09 Nov 2021 05:51:48 -0600

In this whopper of an episode, Chris and Ron join the panel again to discuss diversity, equity and inclusion. The panel includes Marianne Budnik, CMO at CrowdStrike, Shawn Henry, CSO at CrowdStrike, powerhouse educator and influencer Olivia Herriford, and MK Palmore, Director with the CISO division at Google. Stay tuned for a masterclass in DE&I, how they differ and how we can keep pushing the ball forward.

Key Takeaways:

01:53 Bio- Marianne Budnik

02:34 Bio- MK Palmore

03:36 Bio- Olivia Herriford

04:53 Bio- Shawn Henry

06:20 The panel discusses their first interest in diversity

21:36 Equity & Inclusion- how is it different, and what are some ways to incorporate them?

32:25 Finding influence from all types of people

37:12 Planning for DE&I

41:23 Advice to the people who strive to make a difference

59:20 Get in touch

Links:

Marianne Budnik: Website | LinkedIn

Shawn Henry: Website | LinkedIn

Olivia Herriford: Website | LinkedIn

MK Palmore: Twitter | LinkedIn

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

We Are Here is proudly presented by CrowdStrike. Join the Crowdstrike team here.

We Are Here Season 2 Premiere with Minda Harts

Mon, 08 Nov 2021 05:29:40 -0600

Minda Harts is an Adjunct Assistant Professor of Public Service of NYU’s Robert F. Wagner Graduate School of Public Service and the founder of The Memo LLC, a career development company for women of color. On top of her impressive work resume, she is the award-winning and best-selling author of The Memo: What Women of Color Need To Know To Secure A Seat At The Table. Join Ron, Chris and Minda as they navigate through some of the toughest issues troubling our workplaces today.

Key Takeaways:

01:58 Bio

03:08 The last straw

05:53 Minda’s journey in writing & reflecting

07:50 Staying humble and making a real difference

10:25 Workplace trauma- What is it?

14:32 Advice for businesses opening back up

17:26 Being authentic at work

19:40 The new book – Right Within

25:46 Reminding people they have a voice

28:24 Get in touch with Minda

Links:

Minda Harts: Website | LinkedIn | Twitter Buy her new book Right Within here!

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

We Are Here is proudly presented by CrowdStrike.

Join the CrowdStrike team here.

Hacker Valley Red is Back! Episode 1 Sample

Thu, 04 Nov 2021 08:37:27 -0500

Follow the new channel here: https://hackervalley.com/show/hacker-valley-red/

Christopher Hadnagy is the founder and CEO of Social-Engineer, LLC. He created the world’s first social engineering framework, as well as hosted the first social engineering-based podcast. Chris is an adjunct professor of Social Engineering for an NSA Cyber School of excellence at University of Arizona. Chris is also a well-known author, having written five books on social engineering. Chris’ new book, “Human Hacking: Win Friends, Influence People and Leave Them Better Off for Having Met You”, released January 5, 2021. Join both Chris’ and Ron for an episode of self-analyzation, empathy and understanding.

Key Takeaways

02:52 Bio

06:20 Exploring the title of Chris’ book

08:40 What’s the difference between manipulation and influence?

10:36 A contract in a book. Why?

14:33 What books describe Chris?

21:48 The importance of Empathy

26:48 The science

30:57 Chris’ conference: The Human Behavior Conference

Links:

Chris Hadnagy: Twitter | LinkedIn | Facebook | Book | Conference

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by Axonius Hype Cycle

Episode 181 - The Calling of Cyber with Jerich Beason

Tue, 02 Nov 2021 07:01:48 -0500

Jerich Beason, SVP & CISO at Epiq, joins Chris and Ron to talk passion, purpose and how that plays a part in cyber. Jerich sits on panels, speaks at conferences and events & contributes to white papers and security articles. He also serves as a Board advisor to security startups. Jerich is currently the host of Epiq’s podcast, Cyberside Chats which has the mission of increasing knowledge and awareness of cybersecurity within the legal industry.

Key Takeaways:

02:50 Bio

03:48 Choosing an education in cyber

05:00 Origin story – why cyber?

09:58 Jerich touches on why some cyber veterans are discouraging newcomers

12:26 Inspiring the future generation

15:20 Talking passion & calling

17:17 A day in the life of Jerich

20:10 Avoiding burnout & fulfilling purpose

23:15 Zero-Trust

26:34 The future in security program building

Links:

Jerich Beason: LinkedIn | Podcast | Twitter

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This Episode is sponsored by CrowdStrike. Find a home with CrowdStrike here.

The Pod Pack feat. Allan Alford, Dave Bittner, Graham Cluley and Jack Rhysider

Wed, 27 Oct 2021 04:00:00 -0500

This week, we’re switching it up. We’ve invited a few friends and collogues to the studio to talk business. On the mics with Chris and Ron we have Dave Bittner from The CyberWire, Graham Cluley from Smashing Security, Jack Rhysider from Darknet Diaries, and our brother-in-arms, Allan Alford from The Cyber Ranch podcast. Want to see behind the scenes? This episode has you covered. Do you want to start a podcast? This is a master class. Get answers to questions that haunt all aspiring podcasters: What is good content and how do you keep coming up with it? What drives podcasters and why do they fail? Hear from seasoned veterans in this round table of podcasting wizardry.

In addition to this content, Hacker Valley has opted to donate cash to the non-profit of the guests’ choice. Please follow the links below to support these charities.

Key Takeaways:

03:12 Dave – Intro and podcasting history

04:54 Graham – Intro & podcasting history

07:08 Jack – Intro & podcasting history

09:31 Common misconceptions about podcasting

14:96 The most and least favorite part of podcasting

20:44 What does the word ‘podcast’ actually mean?

22:05 Horror stories and lessons learned

31:50 Allan Alford joins the show – Intro & podcasting history

32:50 What inspires you to podcast? What influences you?

37:19 Why being authentic is the only way

44:10 Questions from podcasters to podcasters

50:57 Realistic expectations & the drive

52:12 Stay in touch, and donate to charity!

Dave Bittner: LinkedIn | Twitter | The Cyberwire | Donate to The Rotary Foundation

Graham Cluley: Website | LinkedIn | Twitter | Smashing Security | Donate to Mencap

Jack Rhysider: Twitter | LinkedIn | Darknet Diaries | Donate to EFF

Allan Alford: LinkedIn | Twitter | Cyber Ranch | Donate to Black Girls Code

Huge thank you to our friends and sponsors Axonius and Uptycs.

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

Episode 179 - Management VS Leadership in Cyber Major General (Retired) Brett T. Williams

Tue, 26 Oct 2021 07:27:31 -0500

Major General (Retired) Brett T. Williams is a co-founder of IronNet Cybersecurity. IronNet delivers the power of collective cybersecurity to defend companies, sectors and Nations. He served nearly 33 years in the U.S. Air Force and his last assignment was Director of Operations, U.S. Cyber Command. General Williams is a highly experienced fighter pilot with more than 100 combat missions in the F-15C. Join Chris, Ron and Brett for a jam-packed episode of leadership and purpose.

Key Takeaways:

03:05 Bio

05:48 Brett’s military origin story

07:33 Transitioning from fighter pilot to cybersecurity practitioner.

14:55 Understanding strengths through experience

20:10 Advancement through leadership

22:23 Being a leader - mission vision & resources

25:44 What keeps driving you to be better?

31:20 Advice for aspiring and active leaders

35:14 Get in touch with Brett

Links:

Brett Williams: LinkedIn | Website

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by Living Security

Metaversable: Exploring the metaverse thru NFTs, NFT Art, and Cryptocurrency

Fri, 22 Oct 2021 14:29:50 -0500

We have a new show!

In episode one, Ron and Chris explore NFTs and digital art with Jason also known as 0xBanana.

1:18: What is the Metaverse?
2:04: Tumbling down the Metaverse “rabbit hole.”
3:00: What are Non-fungible Tokens (NFTs) all about?
5:55: Is this just a fad? What’s the future of NFTs?
7:44: What future technologies/art are on the horizon?
9:30: What makes NFTs so exclusive/valuable?
11:34: How do art royalties work?
12:16: How do you verify authenticity for art, media, etc?
14:20: What is Solana and how does it relate to NFTs?
15:31: What is the NFT and Solana community like?
16:55: How can we break into the Solana space?
18:33: What is the significance of a “drop?”
20:19: Flipping art
21:52: NFT art drop best practices
24:25: How does one become an artist in the space?
26:01: Life changing realization

Follow this show on your favorite platform here: https://hackervalley.com/show/metaversable/

Episode 177 - Winning in a Human-Centric Cyber Market with Nathan Burke

Thu, 21 Oct 2021 06:33:31 -0500

Welcome to this live episode of Hacker Valley Studio! Nathan Burke, CMO at Axonius, is a general in the fight to humanize cybersecurity through practical, engaging content and solid foundations. Join Ron, Chris and Nathan as they sit together for a masterclass in startups and technological advancements. In addition to an episode full of golden nuggets, learn how Chris and Ron became a part of Axonius and why they all make a great team.

Key Takeaways:

2:49 Bio

9:48 Unexpected victories

15:07 Successful tendencies for a successful startup

19:04 Axonius + HVS – Why?

25:41 Keeping the momentum in technological advancement

30:21 Bleeding orange: A tattoo. A bet.

32:45 Advice for a budding marketing professional

Nathan Burke: LinkedIn | Blog | Twitter

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by Axonius Hype Cycle

Episode 176 -Technical Education with Dr. SK Moreland and Terri Oropeza

Tue, 19 Oct 2021 08:26:44 -0500

We’ve switched it up again to bring you 2 guests this week on this double header masterclass in education. Chris and Ron are joined up by Terri Oropeza and Shakera Moreland, two natural teachers in their field. Shakera, also known as the HIM concierge, has used her past to shape how she teaches future professionals. Terri explains how to grow to understand your authentic self in learning and teaching while encouraging young people to never mind the stereotypes and get into cyber. With the opinions and strategies laid out by these two educators, you can be sure that you won’t leave this episode taking away nothing.

Key Takeaways:

Shakera Moreland

03:31 Bio

05:56 What is H.I.M.?

10:03 Connecting with others to guide and mentor

11:58 Marrying your super-power with your purpose

13:10 Shakera’s journey into podcasting

16:01 What need does Shakera’s business solve?

17:34 What’s the goal of the podcast, and why?

Terri Orepeza

20:20 Intro

21:03 Bio

25:43 Influences from teachers in the past

27:05 What Terri is teaching today

28:58 What can be changed in technical education?

31:48 Empowering students to find their calling in the field

33:32 Why is it important to get involved in organizations?

37:20 Advice for a newcomer

Shakera Moreland: LinkedIn | Podcast Terri Orepeza: LinkedIn | Twitter

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by Living Security

Episode 175 - Deep into the Attacking Mindset with Maxie Reynolds

Mon, 11 Oct 2021 04:00:00 -0500

Maxie Reynolds is the author of The Art of Attack, subsea engineer and R.O.V. Pilot with an interesting perspective on offense. She is an expert in understanding the mindset of an attacker and using that to mold a communicative, responsive group of blue and red professionals in the constantly-evolving cyber security playground. Join Chris, Ron and Maxie as they dive into why shifting your mindset could be the determinant for understanding an attacker's motives and next moves.

Key Takeaways:

03:15 Bio

07:30 Same attacker mindset, just a different application

09:36 The mindset of an attacker; molding and shifting perspective

11:10 Encouraging curiosity - diving deep in Maxie’s past

14:22 Challenges with writing a book

17:50 Future predictions in cyber security

23:23 Why underwater?

26:38 The importance of observation and how to do it well

29:25 Defense should know about offense

Maxie Reynolds: Book | Twitter | Instagram | Linkedin | Podcast

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by Living Security

Episode 174 - Don‘t Do It For The Grammys with Tre Nagella

Thu, 07 Oct 2021 08:49:50 -0500

Tre Nagella is a 3x grammy award-winning studio engineer, record mixer and music producer. With decades of experience in music, he started his studio in Dallas, Texas and has flourished as a craftsperson and leader. Serving clients like Kirk Franklin, Christina Aguilera, and contributing to several blockbusters, such as “The Hate You Give” and “Hidden Figures”, Tre knows a thing or two about what it takes to become a skilled craftsperson. Listen as Tre, Chris and Ron present a masterclass in all things art.

Key Takeaways:

02:47 Bio

04:20 The choice inn music- what was the reason? How did you do it?

07:35 Patience, humility and learning

08:30 Finding your own flow and following no rules

10:54 Lady Gaga, Snoop Dogg…..Kanye?!

14:00 Security & Music; Keeping up with the times

16:52 Passion + discipline = success

19:54 You don’t have to motivate passionate people

21:40 Get in touch with Tre!

Tre Nagella : Website | Instagram Luminous Sound: Website | Instagram | Facebook

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by Axonius

Episode 173 - Laughing your Cyber Off with Ian Murphy

Tue, 05 Oct 2021 04:00:00 -0500

This week, join Ron and Chris as they sit down for a raw conversation with Ian Murphy. Ian is a game-changing pioneer in cyber training resourcing, adding spice to a dull, outdated training market. His company, CyberOff, is the “antidote for dull cyber training.” The three dive deep into topics like comedy, creating and sourcing content, being vulnerable and the reason for it all.

Key Takeaways:

02:44 This is Rock n’ Roll

03:04 Bio

4:00 Content- where does it originate?

06:43 What is it like to be an entrepreneur in cyber?

08:20 Where does Ian draw the line?

11:55 What makes comedy? Chris and Ian deliberate

15:36 Working on vulnerability

17:23 Ian’s approach- Where did we go wrong in teaching?

20:31 The end goal

23:35 The most “popular” form

28:09 Ian’s inspiration

Ian Murphy: LinkedIn | Twitter | Email | Website

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by Living Security

QuickQ: What the Heck is Going on with Ransomware?

Thu, 30 Sep 2021 08:56:47 -0500

The average ransomware cost is $312,493. That number has increased 171% compared 2019. Why does it still work? What we have to do to stop it? How, in 2021, can a criminal organization have a customer service division? Yes, that’s right, customer service. Join Ron and Chris for this ransomware discussion.

Note: After additional research we discovered that an investigation determined that the woman that lost her life, did not die due to the ransomware and would have perished regardless of the attack.

Key Takeaways:

00:57 What is ransomware?

02:39 Who gets attacked?

04:53 Criminal service with customer service

07:43 The history of Ransomware

11:45 Immutable

14:40 Use 2-factor authentication!

16:32 Chris’ take on the future of ransomware

19:20 Ron’s future predictions

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by Axonius

Episode 171 - Resilient Mindset with Chris Hughes

Tue, 28 Sep 2021 09:15:29 -0500

Chris Hughes is the CISO and Co-Founder of Aquia and has nearly 20 years of Cyber/IT experience. He's an Air Force veteran as well as former Government civil service employee with the U.S. Navy and FedRAMP. Chris also teaches in two M.S. Cyber Programs at Capitol Technology University and UMGC. Chris is passionate about Cloud Security and is active with the Cloud Security Alliance and Cloud Native Computing Foundation and he also hosts a podcast called "Resilient Cyber".

Key Takeaways:

02:52 Bio

04:24 What motivates Chris?

06:03 Time management

07:24 Failing up – lessons learned

09:09 Habits and mindset

10:59 Chris’ podcast – Resilient Cyber

13:09 Branding & persona – using your vulnerability

15:07 Using your network

19:06 Stop waiting and start working harder

20:40 Maintaining authenticity

22:22 Input vs. Output

25:13 Talking Legacy

28:12 Being resilient

Chris Hughes: Linkedin | Podcast

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by Living Security

Episode 170 - The Beauty of Cybersecurity with Grace Chi

Tue, 21 Sep 2021 04:00:00 -0500

Grace is Cofounder and COO of Pulsedive, a US-based threat intelligence startup. At Pulsedive, Grace works closely with defensive security (and in particular, cyber threat intelligence) teams to support the development of integrated intelligence capabilities and programs. Join Chris, Ron and Grace as they discuss transitioning into cyber, finding the right community to support your personality, and the beauty and purpose behind it all – as a creative in cybersecurity.

Key Takeaways:

01:46 Bio

02:46 Creativity & cyber

07:34 How does modeling help Grace’s career in cybersecurity?

09:37 The beauty in cybersecurity

14:38 Making the transition with no experience

17:27 What’s the greater purpose? How do you mesh your personality into your career?

20:51 Grace’s ideas for continuing to level the playing field regarding transitioning into cyber

23:19 Humanity in cybersecurity

28:32 Understanding how to find the beauty in cyber

31:42 Get in touch with Grace Chi

Grace Chi: LinkedIn | Twitter

Pulsedive: Twitter | LinkedIn

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by livingsecurity.com

Episode 169 - Art, Science, and Nanotechnology with Dr. Bahijja Raimi-Abraham

Tue, 14 Sep 2021 05:44:43 -0500

Among other things, Dr. Bahijja Raimi-Abraham is an award-winning researcher, lecturer and trailblazer in the world of nanotechnology. She also hosts a podcast called Monday Science, keeping listeners updated on the latest in tech, science, health and their relationship. She joins hosts Ron and Chris for a jam packed episode, where they cover nanotechnology, biohacking, the vast world of academia and much more.

Key Takeaways:

02:30 Bio

04:52 The origin story: combining science and art

09:40 Nanotechnology: what’s the latest, and where is the science headed?

16:00 Biohacking?

18:00 How does nanotechnology communicate?

23:34 The path to Academia: how do you find yours?

29:45 A message to the multi-talanted; knowing yourself, your strengths and Identifying the need

33:30 Get in touch with Bahijja Raimi-Abraham

Bahijja Raimi-Abraham: Twitter | LInkedin | Website | Podcast

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by livingsecurity.com

Episode 168 - Asking the Right Cybersecurity Questions with Ganesh Pai

Thu, 09 Sep 2021 05:40:59 -0500

Hacker Valley's Hosts, Ron and Chris are speaking with Ganesh Pai, the CEO and founder of Uptycs. What is it like to be an entrepreneur in the Cybersecurity field? While learning how Ganesh started Uptycs, learn of the techniques that he uses, such as asking the right questions and using different systems to further understand security software.

Key Takeaways:

01:42 Introducing Ganesh Pai.

02:30 Learning Ganesh's Background and his journey in entrepreneurship.

06:20 The Query System.

07:00 What is your professional Superpower? What time was that Evident?

07:1 Understanding the technology, working and interacting with others in the field.

10:45 Proactive and Reactive security.

12:00 How to ask the right questions.

14:10 Where does artificial intelligence play a part in Cyber Security.

19:00 Challenges Ganesh has faced in the workplace during COVID and the challenges and changes it poses.

20:20 Adapting to the evolving businesses and communities in a changing environment.

24:00 Helpful Habits

27:11 Last Advice

Ganesh Pai: LinkedIn | Uptycs

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by Uptycs

Episode 167 - Fun Versus ”FUD” Security with Ashley Rose

Tue, 07 Sep 2021 04:00:00 -0500

In today's episode Ron and Chris talk to Living Security's CEO and Co-Founder Ashley Rose, speaking on breaking the mold in the workspace and how allowing your team to have fun with what they do will create a stronger, happier and healthier work environment. Tune in to find out why, and also to get a better understanding of why Living Security is a must-have resource.

01:10 Listeners are introduced to the topic of today's episode

02:10 We meet Ashley Rose and discover her role in cybersecurity

04:30 Ashley's background before cybersecurity

08:45 How she incorporated fun into training in the workplace

16:37 Training based off of an individual's unique learning technique

19:52 How the brain activity reacts when having fun, and why that matters

24:00 Interactive learning styles to keep someone captivated

27:52 Ashley speaks on what inspires her and her team to maintain a fun, healthy and inclusive environment for everyone

32:28 Discussing how to get out of the FUD: Fear, Uncertainty, and Doubt and to genuinely enjoy what you do.

Ashley Rose: livingsecurity.com | LinkedIn | Twitter

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

This episode is sponsored by livingsecurity.com

Episode 166 - There is No Skills Gap with Andy Ellis

Tue, 31 Aug 2021 04:00:00 -0500

Hosts Ron and Chris interview Andy Ellis, CISO for over two decades that recently started a startup. He is an operating partner at YL Ventures. Andy shares his perspective on whether there is really a skills gap or are we approaching this problem the wrong way?

0:57 – Intro

2:19 – Bio

3:12 – Andy’s personality that puts him in unique situations to win awards

4:29 – What other kind of things Andy experienced hacking in besides macro things

5:57 – The number one hack Andy did that spanned for a decade in his career

7:13 – Was Andy originally hired to do security for companies?

8:29 – Why Andy says there is no talent shortage

12:11 – If everyone started to go into security engineering team, would there be a gap to fill roles?

13:09 – Where did CISOS, managers, and recruiters go wrong in looking for security professionals?

19:55 – Andy’s number one tenet for leadership

22:42 –Andy’s philosophies on keeping the talent after investing on training programs, and having skills that can be used on other areas

24:49 – In what ways Andy is passing down knowledge

27:14 – Advice on the leadership journey that Andy gives to listeners

28::10 – Best ways to keep up with Andy

Follow Andy Ellis Twitter | LinkedIn

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

Visit our sponsor Panther Labs

Episode 165 - Living Your Values with Dean Sysman

Thu, 26 Aug 2021 04:00:00 -0500

On this episode, Hacker Valley Studio has a very big announcement! Hosts Ron and Chris interview guest Dean Sysman, CEO and co-founder of Axonius.

The values, and founder story of Dean are shared as Ron and Chris ask him very interesting questions. Dean started his journey years ago with a passion on how technology could impact the world. He has also brought many values to Axonius, helping people through growth to become a better version of themselves.

Dean shares how he figured that the determining factor of success was realizing the problem that the organization needs to solve, and focusing on the customer’s experience.

0:21 – Intro

1:53 – Bio

3:24 – Ron and Chris talk about their role in Axonius and Dean Sysman shares the value he saw in them

7:26 – Dean’s founder story in Axonius

13:01 – The values that Dean has brought to Axonius and people’s lives

16:42 – Dean’s turning point where he could no longer go back from where he was

23:31 – Why Dean wants Ron and Chris to be the voice of Axonius

26:01 – Who are Dean’s inspiration for growth?

29:38 – What advice does Dean have to those that are looking for growth?

31:42 – How to stay up-to-date with Dean and all the great things at Axonius

Dean Sysman: Axonius Website | E-mail

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

Episode 164 - Demystifying Product Innovation with Erik Goldman

Tue, 24 Aug 2021 04:00:00 -0500

Hosts Ron and Chris interview guest Erik Goldman, VP of Product at Panther Labs, a software engineer, expert in product and an entrepreneur.

Erik is great at asking questions, that is one of his superpowers. One of his strategies to build a product is to sit down with customers, ask them what they want him to do, deeply understand their persona, and gather data.

Erik builds his thesis for success, and knows how to distinguish a good company from a great company by analyzing which one has a philosophy that goes beyond the software.

Erik offers advice for listeners on how to operate better on their company.

1:03 - Intro

2:37 – Bio

6:18 – The difference between building a product and building a business

7:18 – What are Erik’s strengths based on his past experiences

9:20 – How Erik stays away from tinkering with the code, and more of the technical aspects

11:48 – Erik’s power of understanding the concepts by asking questions

13:19 – The difference between a good company and a great company

15:20 – What Erik thinks about the future of technology and the cyber security of the future

19:30 – Erik’s thoughts about automating security operation

26:07 – Erik’s advice for listeners to operate better in their company’s environment

27:50 – How to stay up to date with Panther Labs.

Erik Goldman: Panther Website

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

Visit our sponsor Panther Labs

Episode 163 - A Blueprint for Learning Cyber with Keith Wilson

Tue, 17 Aug 2021 04:30:00 -0500

Hosts Ron and Chris interview guest Keith Wilson, director of cyber security education at Attack IQ Academy. Keith is the perfect example on how to take years of experience in engineering and analysis, and turn it into something that is impactful for all people. Keith has created educational content for people in the industry and different types of learners. His trajectory is filled with success stories, and also invites people who want to get into cyber security.

1:11 - Intro

3:03 – Bio

6:13 – How Keith’s fascination with education started

9:09 – Blueprint for education: concepts, the structure of classes, and activities

12:33 – The approach to different types of learners

15:21 – Discussion about students who want to get into cyber security or transition into another aspect of it

16:51 – Keith’s creative process for building new content and sharing information

20:51 – Success story of when education is done right

22:41 – Advice to listeners about putting out educational content

24:16 – How to stay up to date with Keith and Attack Academy IQ

Keith C. Wilson: LinkedIn | Instagram | Twitter | Attack IQ Academy

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

Visit our friends and sponsor Panther Labs.

Episode 162 - Security in Space with Frank Pound

Tue, 10 Aug 2021 08:45:39 -0500

What do you call cyberspace in space? What is the evolution of cyber security in space?

The expert Frank Pound, computer scientist, entrepreneur, founder and president of Astro Sec is the guest to clarify all things related to cyberspace. Space traffic control is discussed. Frank advised the Air Force, Space Force, and their contractors to help build the Hack-A-Sat competition which attracted teams from around the world to demonstrate their prowess in this blended space and cyber competition challenging them in everything from orbital dynamics to radio communications.

1:00 – Intro

2:10 – Bio Frank Pound

11:10 - Frank Pound talks about the democratization of technology

12:03 – The explosion of IOTs on the market, sensors, and rapid advancements on space launch

12:54 – The open-source hardware movement

18:04 – General excitement about space in 2019 and investment in safety

20:56 – Potential for a cascading effect making space travel impossible

23:37 – Frank Pound talks about safety measures

24:50 – A summary of Hack-A-Sat’s latest works

27:22 – Alternatives to cyber security and safety in space

37:00 – Frank answers the question on how to do missions in space

40:16 – How to find out more about Frank Pound and Hack-A-Sat’s competition, interviews and resources

Frank Pound: Twitter | Website

Support Hacker Valley Studio on Patreon

Join our monthly mastermind group via Patreon

Visit our friends and sponsor Panther Labs

QuickQ: What is Social Networking? Hacker Summer Camp FOMO

Sun, 08 Aug 2021 05:00:00 -0500

In this episode of Hacker Valley, Chris and Ron tackle a quick question. The question of the day is, “what is social networking?” Together they discuss different aspects of social media and how it facilitates connections and careers.

Ron’s perspective is that social networking empowers folks to find like minded people, learn new things, self advocate and learn about others. Chris shares how social networking on LinkedIn put him in a position to build a community in cybersecurity.

Timecodes

01:53 - The difference between networking and social networking and polishing profiles.

04:00 - How Ron engages with social networking mindfully.

06:30 - How LinkedIn helped Chris and Ron find their community.

08:46 - How social networks can elevate cybersecurity practitioners, researchers and businesses.

10:00 - Threat intelligence, open source intelligence and finding family on social networks

13:00 - Perspectives on the future of social networks and digital interaction.

15:45 - Making the most of social networks

Website Support Hacker Valley Studio on Patreon.

Join our monthly mastermind group via Patreon

Episode 160 - Creating Valuable Tech Content with Ken Underhill

Wed, 04 Aug 2021 04:30:00 -0500

Ken Underhill is an award-winning cyber security executive, entrepreneur, and teacher. His mission is to help others find their value and share it; ultimately leading to success both professionally and personally. Ken’s courses offer an intuitive approach to help start a career in cyber security. Whether you’re a budding cyber security professional or a seasoned veteran, Ken’s perspective can serve a purpose in your life.

Join Ron, Chris and Ken to dive into what it takes to create content, help others, and thrive in your career!

01:30 Guest Intro

02:14 Bio

11:30 Ken’s journey in content creation

13:22 Why focusing on giving value first matters

16:15 Ken’s future plan for content

23:50 The path to making an impact

29:40 Connecting with your audience

37:58 Get in touch with Ken

Ken Underhill: Courses | YouTube | Website | LinkedIn

Support Hacker Valley Studio on Patreon.

Join our monthly mastermind group via Patreon

Visit our friends and sponsor Panther Labs

QuickQ: What is Threat Hunting?

Fri, 30 Jul 2021 04:30:00 -0500

In this episode of Hacker Valley, Chris and Ron are joined by a familiar friend, Valentina Palacín, who you might have heard on HVS Blue season 1. Valentina is an author, public speaker, self-taught developer, and Threat Operations lead at Marqeta Incorporated, armed with a background in translation and interpretation.

Join Chris, Ron and Valentina for this round-table masterclass in all things Threat Hunting to discuss the questions you may be asking yourself:

What is Threat Hunting? How do you become a Threat Hunter? What’s it like to be in the shoes of a Threat Hunter? Or work with one?

Key Takeaways:

0:00 Welcome to the podcast!

1:10 Introduction/ Bio

2:55 What is Threat Hunting?

5:25 Chris’ take on working with a Threat Hunter (Ron)

7:08 Valentina’s Threat Hunting flow

9:18 Ron and Valentina talk about progressions in Threat Intelligence

12:20 The group talks about the ideal characteristics of a Threat Hunter in both junior and senior level positions

18:00 How to get into Threat Hunting

20:55 Get in touch with Valentina!

Valentina Palacín: Book | LinkedIn | Twitter

Support Hacker Valley Studio on Patreon.

Join our monthly mastermind group via Patreon

Episode 158 - Wild Adventures with Chef Bri Van Scotter

Wed, 28 Jul 2021 04:30:00 -0500

In this episode, Chris, Ron, and their special guest going to be talking about your table. Not the table itself, but what is on it. They are talking about food and following our passions. They've brought in Bri Van Scotter, professional Chef, author, hunter, and host of the TV series Wilderness to Table. Bri is so unbelievably talented in so many areas. Everyone is going to love this episode and learn a little bit about the food we eat.

Key Moments

00:56 - Intro to Bri

02:41 - Bri’s Background

03:59 - The darker side of food production

04:57 - The hunt begins

06:13 - For the love of food

11:41 - On going deep with your craft

16:10 - Getting more in touch with your food

21:33 - Eating for Health

22:52 - Honoring our food sources

25:28 - Knowledge is power

Visit Bri at her website

Follow Bri on Instagram

Keep in touch with Hacker Valley Studio on LinkedIn, Twitter, and Instagram

Join our monthly mastermind group via Patreon

Visit our friends and sponsor Panther Labs

QuickQ: What is Security Architecture?

Thu, 22 Jul 2021 11:11:29 -0500

Ron and Chris are the hosts and guests for this episode! This episode answers fundamental questions about Security Architecture. Learning about security architecture is absolutely essential for anyone on the path of becoming a cyber security expert just looking to learn more about a cybersecurity topic.

Security Architecture is the foundation, the fabric and the process used to help secure your data, your privacy, and even your money.

Now for a second, Imagine that you are an architect and your biggest strength is your ability to build banks. And a new client reaches out to you... We'll name this client Ray. And Ray asks you to build his company a new bank with all the bells and whistles. You're going to need to build Ray and his company something spectacular! This bank you build is going to need to serve as an office and boost productivity for the bank staff. The bank is also going to serve as a place where customers can deposit and withdraw money. But most importantly, Ray is going to want you to protect his crown jewel, his money! (Think of all those gold bricks and bars that Ray is going to want to keep under his possession )

Key Takeaways:

0:00 - Welcome back to the Hacker Valley Studio

1:10 - Ron's favorite topic! Security Architecture

1:45 - Security architecture is the foundation

2:21 - Where a security architecture starts and stops

4:00 - A security architect is playing a game of Tower Defense

6:27 - Using EASY Framework as a security architect

10:04 - Prerequisites for becoming a security architect

13:55 - Differences between security architect and security engineers

16:55 - Resources for learning more about security architecture

19:21 - Stay in touch with Hacker Valley Studio!

Keep in touch with Hacker Valley Studio on LinkedIn, Twitter, and Instagram

Join our monthly mastermind group via Patreon

Learn more about our fantastic sponsor Upytcs

Episode 156 - Detection as Code with Nick Hakmiller

Tue, 20 Jul 2021 05:45:48 -0500

In this episode, we speak to a Detection and Response expert! Our guest is Nick Hakmiller, Senior Engineering Manager at Panther Labs.

Nick was first exposed to technology in High School where he took an introduction to Visual Basic programming course. When learning about multi-threaded applications Nick became curious and began exploring how to open too many threads to crash a computer. Throughout Nick’s career he’s maintained an interest and focus on attack techniques and building defensive security programs.

On occasions, security controls may fail to catch an attacker. A detection is logic that is applied to logs, security controls, and alerts to notify teams and automated processes. Nick describes Python as an exceptional programming language to apply detections and create detections as code.

Nick describes many aspects of security as an engineering problem. As organizations transform and adopt new technologies, security issues arise and evolve. Nick describes that the team’s that are most successful with applying detection as code have chosen to view security as a function that engineering should participate in and help solve.

As an organization’s security program matures, Nick mentions that the most impactful detections will likely be written and created by someone within the organization. For instance, creating a detection that defines which users should have access to sensitive data is likely to be created by a member of the organization with knowledge of team structure.

Towards the end of the episode, Nick shares his wisdom to any practitioner that wants to step into the role of creating detections and providing impact while doing so.

Key Takeaways

0:00 - Welcome Back to the Hacker Valley Studio Podcast!

2:29 - Nick Hakmiller, Senior Engineering Manager at Panther Labs

4:20 - How Nick became interested in technology

6:00 - What is a detection?

7:25 - How detection as code applies to cybersecurity and software engineering

10:11 - Prerequisites to consider before applying detection as code

12:27 - Thinking beyond out of the box solutions and applying detections

15:54 - Categories of detections and which are most impactful

23:45 - Reducing alerts by engineering efforts

27:40 - Is it possible to automate everything for security?

32:56 - Advice on getting started with creating detections

Keep in touch with Nick Hakmiller on LinkedIn

Reach out to Nick on Panther’s Community Slack

Stay up to date with Nick’s work by viewing Panther Analysis

Learn more about Panther Labs

QuickQ: What is Threat Intelligence?

Thu, 15 Jul 2021 08:32:54 -0500

Today’s guests are our very own hosts! Ron and Chris. Together they tackle everything that surrounds threat intelligence by answering both the hard and easy questions.

Between the stories they share about past experiences, and the facts behind threat intelligence, you will learn something new, and that’s a promise!

In essence, threat intelligence is taking the information about threats or things that can go wrong and applying it to their network and company. It’s the processing, collection and analyzation of data to understand threat actors, motives, targets and attack behaviors.

Key Takeaways

1:10 Episode starts

2:39 Threat intelligence

3:00 Ron & Chris share what threat intelligence means to them

6:33 Organizations and threat intelligence

8:39 Back in the day

12:54 Benefits of threat intelligence

15:08 Skills needed to be in threat intelligence

19:22 Networking

23:34 E.A.S.Y.

Links:

Email Ron & Chris

Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Hacker Valley Merch!

Episode 154 - Equity in Technology with Olivia Herriford

Tue, 13 Jul 2021 04:00:00 -0500

Today in the studio, we have Olivia Herriford, whose great and exceptional work is focused on equity in technology. Olivia is the Regional Director and Employer Engagement at Bay Area Community College Consortium.

Olivia’s background is in technology, and with the Bay Area Community College Consortium, they support 28 community colleges in the San Francisco Bay region. She often tells people she has what one would call an “ancient” computer science degree which she earned in 1973. Olivia takes us back to what it was like to be a black woman in the mid-70s working with hardware and software engineers in the area of hardware design. Sadly, she experienced a rather hostile work environment.

In today’s world, Olivia believes one of the best things we can do for reaching out to younger people is instill confidence. These young people do not need to be swayed by comparing themselves to others, but rather realize we all bring something unique to the table. Everyone needs to understand their own capabilities and power.

Key Takeaways:

2:26 Olivia’s background

6:38 How Olivia ended up where she is

15:45 How do we change the environment

17:17 Progress & future

20:42 Making an impact

23:04 Cultivating conversations

26:22 Equity in technology

29:08 Advice for awareness

32:35 Connecting with Olivia

Links:

Olivia on LinkedIn

Olivia on YouTube

Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Episode 153 - Your Personal Brand in Demand with Stephen Hart

Tue, 06 Jul 2021 07:10:49 -0500

Welcome back to the Hacker Valley Studio podcast. I'm sure you've heard of the term personal brand, and maybe you've asked yourself, what does it mean and how do I promote it. In this episode, we speak to someone that helps others develop their personal brand. We speak to Stephen Hart, entrepreneur, marketer, and brand strategist. We've known Stephen since way back. He's been a huge supporter, and someone that's helped develop our podcast and our branding. And this episode is nothing but pure gold and entertainment. Can't wait for everyone to listen. Let's jump right into it.

Our guest this episode is Stephen Hart. Stephen is the founder of Isles Media LLC, creator of Brand in Demand, and podcast host of Trailblazers.fm. podcast. Stephen always starts conversations off from a place of gratitude. He is grateful for his daughters, who have given him a “home base to run everything through. Beyond that, his is a Marketer and a podcast host for the last five, five and a half years. He is a brand strategist and the creator of an amazing program that he will talk about in a bit here.

Listen in as Stephen gives some great tips, and a special invitation.

00:59 Welcome and Intro to Steven Hart

2:16 Steven shares his background

3:45 Become a brand in demand

6:06 Creating a digital footprint

8:15 Desire to start a podcast

9:08 Share others success through Trailblazers.fm

10:00 Creating a course for others

11:23 Brand Management

13:05 Business Digital Footprint vs. Personal footprint

14:39 Brand does not equal logo

16:55 Recreating himself

18:26 Getting clear on goals

19:55 Lacking clarity & how to get clear

24:00 Foundation to your vision

27:10 Entrepreneurship can live simultaneously with employment

30:46 Investment vs. spending

32:45 Getting started on your own vision

35:00 Who do you want to serve?

37:47 Discount for Hacker Valley Tribe

Stephen Hart on LinkedIn

Stephen Hart on Twitter

Stephen Hart on Instagram

Visit Stephen on his website, stephenahart.com

Join Brand in Demand, brandindemand.co Coupon code: hackervalley200

Hacker Valley website, hackervalley.com

Hacker Valley Studio on LinkedIn

Hacker Valley Studio on Twitter

Hacker Valley Studio on Instagram

Episode 152 - Cancelling the Cold Call with Nikki Ivey

Tue, 29 Jun 2021 07:30:23 -0500

It has been way too long in the making. But it's finally here! We have Hacker Valley merchandise available! We have shirts, we have hats, we have sweatshirts that you can purchase.

You are in the Hacker Valley Studio with your hosts Ron and Chris. Welcome back to the show. Today in the studio, we've brought in Nikki Ivey. Nikki is a B2B revenue growth and startup culture leader. She's recognized as a 2020 LinkedIn top voice, and she is the co-founder of SDR Defenders community.

For those that want to get to know Nikki and understand where she come from and what she is up to today, Nikki shares she works with Fortune 500 companies to help them make their outsides match their insides. In short, she helps folks close a gap, so everybody has access to a greater sense of belonging and purpose in the work that they do.

Sadly, Nikki started down this path because she felt she often did not belong or was not often treated like she belonged. Her mom says her first full sentence was, “That's not fair.” She actually studied broadcasting and journalism but then discovered that tech sales was an outlet for all of those things that she cared about.

Nikki cares deeply about culture and has experienced so many issues as she has gone through her career. The one thing she would love to change is people not being the gatekeepers rather be stewards.

Nikki has a lot of advice on “cancelling the cold call” and making connections. She is full of beautiful ideas to make everyone, from top to bottom in a company feel included, important and connected.

Key Takeaways:

:58 Episode starts with Ron and Chris

1:40 Nikki shares her background

2:55 Bringing people into the fold

5:18 Culture issues

7:57 Nikki’s superpower

10:00 Making connections

14:20 Doubling down

19:09 Being genuine

23:11 Building your brand

26:54 Final piece of advice from Nikki

Links:

Email Nikki

Nikki on LinkedIn

Nikki on Instagram

Nikki on Twitter

Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Get your Hacker Valley Merch here!

Episode 151 - Health is Wealth with Alexis Robertson

Tue, 22 Jun 2021 04:49:00 -0500

Today in the studio, we have Alexis Robertson, Director of Diversity and Inclusion at a large law firm and a recovering lawyer.

Alexis kicks in with a bit about herself, and shares “I am director of diversity inclusion at a large law firm but spent the first 10 years or so of my career dedicated to laws, going to law school and practicing as a lawyer for about seven and a half years before leaving legal practice closing in on six years ago, I grew up in the suburbs of Milwaukee, Wisconsin, spent most of my life in the Midwest, except for time spent in DC at American University for undergrad and then I went to the University of Michigan for law school. That's me in a nutshell.”

Alexis shares throughout this episode how her health, exercise and food habits all became habit with some very big changes. It isn’t about getting healthy; it is about a long journey of being healthy. You will hear a little bit about her food choices and why she made them, the exercises she partakes in, and how she balances it all.

Key Takeaways:

1:27 Welcome

2:23 Alexis shares her background

3:25 Serendipity

5:33 Self-improvement journey

12:41 Healthy mentality with food

17:20 Next steps

21:12 Getting back on track

24:07 Fitness journey

28:16 Looking forward

31:13 Advice to others

33:17 Staying in touch with Alexis

Alexis on LinkedIn

Alexis on Instagram

The Path & The Practice Podcast

Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 150 - Making a Difference Mindfully with Natasha Barnes

Tue, 15 Jun 2021 05:34:49 -0500

In this episode, we talk to our special guest, Natasha Barnes. Natasha is the Associate Director and the CEO Action for Racial Equity Fellow of Protiviti. She is a certified mindfulness workplace facilitator and mindfulness-based stress reduction.

Natasha is part of a movement to answer the question of does corporate America have a role to play in advancing racial equity within our nation, and essentially improving our overall societal well-being.

Technology serves as a way to propel the conversation forward, and recognizing global interconnectedness.

Listen in for all of Natasha’s insights!

Key Takeaways:

1:02 Welcome back

2:16 Natasha shares her background

3:11 Natasha’s journey through wellness

4:23 Mindfulness purpose

6:28 Instructing others

10:27 Corporate role

10:52 Four pillars

15:06 Her journey

17:24 Creating solutions

19:24 Progress

21:39 Equity through mindfulness and technology

26:48 Impact

Natasha on LinkedIn

CEO Action for Diversity & Inclusion

Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Episode 149 - Permission to Launch with Kelsey Hightower

Tue, 08 Jun 2021 04:05:00 -0500

In this episode, we've brought in a special guest, Kelsey Hightower. Kelsey is Principal Engineer at Google, and also co-author of Kubernetes: Up and Running: Dive into the Future of Infrastructure.

To start the show, Kelsey shares he considers himself a self-taught engineer. He started his life out as a small business owner and then moved to a system administrator. Now, he is at Google.

Kelsey’s fascination with cyber started post High School. Rather than go to college, he jumped into, tech support, consulting, dropping cat five cable, but about 2004ish he really digs into the world of open source and all the things that you can do with it as a user and as a contributor.

When it comes to community and customers, Kelsey felt they were one in the same. However, in the last five years or so, he has kind of changed that a little bit, thinking everyone is probably in your community. The willing the ones that are willing to pay you money, we call those customers.

And then the conversation turns to comedy, and his journey through comedy management and performances. Along with this comes discussion about acquiring skills.

Finally, Kelsey shares advice to listeners!

Key Takeaways:

1:00 Welcome back

2:18 Kelsey shares his background

3:31 Community and customers

4:40 Professional purpose

6:00 Retirement thoughts

10:31 Journey in comedy

14:35 Getting better

16:28 Propelling forward

20:12 Minimalism

22:18 Immersion journey

25:25 Don’t miss the moment

27:00 Exceeding expectations

37:56 It’s ok to start!

39:25 How to keep up to date with Kelsey

Kelsey on Twitter

Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Episode 148 - Immersed in Cybersecurity with James Hadley

Wed, 02 Jun 2021 04:00:00 -0500

In this episode, have James Hadley, CEO of Immersive Labs, and we talk about the best ways to learn in cybersecurity.

James starts the show with his background and what he is doing today, which is Immersive Labs. But, he spent a lot of time in different organizations prior to that.

When it came to education, James found he had quite a poor memory, so he would always learn better through doing things rather than reading about things. Things would go in one ear and out the other.

In addition to learning styles, they all discuss measuring education. When it comes to measuring academics, for James it is all about the outcomes you want people to achieve.

They all agree that storytelling is incredibly powerful. James shares a few of his own drawing back on his incredible journey. And, of course, they round out the show with how to stay in touch and up to date with James.

Key Takeaways:

1:02 Welcome back

2:24 James’ background

5:06 Education experience

5:46 Changes

7:18 Measuring education

9:14 Balancing in testing

11:40 Biggest a’ha

13:14 Feedback

15:54 Learner vs. learner

17:37 Skill behind catching the bad guys

19:20 Applying knowledge

21:53 Geeks in the basement

23:47 The best job in cyber

26:30 Advice

27:58 How to stay in touch with James

Links:

James on Immersive Labs

James on LinkedIn

Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 147 - Learning Cybersecurity Until You Get It Right with John Strand

Tue, 25 May 2021 04:21:00 -0500

In this episode, we brought back fan-favorite, John Strand. He is owner of Black Hills Information Security, a SANS instructor, and a mentor to many in the industry.

Johns starts the show sharing a little bit about his background and what he is doing today.

Ron and Chris dive a little bit deeper into John’s earlier life asking what his personal superpower, personal or professional, and when did that power really came about in his life?

John shares his experiences with failure, which he feels are key to where he is at today. How everyone needs to get comfortable with struggles, failures and hardships. On top of that, one needs to be able to laugh at themself.

Key Takeaways

1:02 Back with fan favorite John Strand

2:21 John shares his background

3:38 John’s superpower

5:51 Going through the grind to learn

8:30 Partnerships

11:44 Getting a head start

14:58 The entertainment factor

16:36 Journey through being an instructor

19:35 Pay what you can concept

25:53 Education systems

29:18 Advice from John

Links:

John Strand blog.

John Strand on Twitter.

Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Hacker Valley Blue Season 2 Finale

Tue, 18 May 2021 05:45:41 -0500

This is the finale of Know Thyself. What an incredible journey, we feel like this entire experience flew by so fast, we got to talk to so many incredible people about knowing yourself, knowing your team, knowing your tech stack, knowing your environment, and even knowing your story.

Make your organization better make your security posture better, strive for impact, what are the most high leverage things that you can do today to make everybody's lives easier, or more safe, and then yield the feedback, there might be some things that you might be missing, you might need to ask questions, ask for feedback, get some information from your stakeholders, what what are you thinking about that I might not be thinking about? asking these different things is how you know thyself. And this is how you get to know the people that are around you, your peers, your stakeholders, the more knowledge you have got started with that Sun Tzu quote, in the very beginning of the podcast, if you know yourself and you know your enemy, you need not fear the results of 100 battles. So if you really understand yourself, and you have good threat intelligence, understanding the externals, you have good vulnerability management that understands the externals and the internals, if you mash all that information together, I think you'll be able to do great things with your cybersecurity program.

Key Takeaways

0:02 Introduction to the show

0:49 Our Sponsor, Axonius

2:09 Welcome back

2:31 Reflecting on Know Thyself

3:17 Recap This Seasons Guest

3:22 Marcus Carey

4:17 John Strand

5:05 Aaron Reinhart & Jamie Dixon

5:54 Chaos Engineering

7:12 Lenny Zeltser, asset inventory

7:54 Kevin Allison, Storytelling is a soft skill

10:19 John Strand

12:13 Can we do better?

13:54 What kind of leader are you?

14:26 Do you have unsupported devices?

17:34 Ask yourself these questions

13:33 Go back to the EASY Framework

21:50 Learning

23:29 Exploration

24:00 Immersion

27:28 Reach Hacker Valley

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ron Eddings on Twitter

Follow Chris Cochran on Twitter

Supported by Axonius

Hacker Valley Blue S2 Episode 7 - Kevin Allison

Tue, 18 May 2021 05:41:35 -0500

In this masterclass of HVB season 2 we brought in a master story teller in Kevin Allison. The biggest thing is to get a person to understand, don't just summarize, don't just walk us through a Wikipedia like where you're just giving us a broad overview. And you're explaining; it’s important to remember sensory details that will help us see almost like movie scenes, what was happening between people. That is what brings the story alive. So that's a good case right there where the bones of the story were incredible. Like that's just on paper and an incredible overview of a story, but it's not going to work unless you can fill in all those sensory details that bring it alive and make it emotional for us.

Storytelling is a soft skill that offers the ability to contextualize cybersecurity in a manner that any organization can understand to allow their business to stay safe.

Key Takeaways:

0:00 Previously on the show

2:37 Kevin introduction

3:20 Episode begins

3:39 Where Kevin is today

7:58 Kevin’s origin story

12:04 Cybersecurity is performing

17:08 Storytelling for business

21:00 Engineering a story

26:12 Authentic storytelling

34:54 Speaking isn’t perfect

41:02 Where to find Kevin

The Story Studio

RISK!: True Stories People Never Thought They’d Dare To Share

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ron Eddings on Twitter

Follow Chris Cochran on Twitter

Sponsored by Axonius

Hacker Valley Blue S2 Episode 6 - John Strand

Tue, 18 May 2021 05:37:34 -0500

If want to get into computer security, you're going to learn to love it, you're going to have to be successful, because a lot of computer security isn't just about bits and bytes, it's really about effectively communicating what needs to be done to the right people.

In this episode wet have the incredible John Strand. Organizations need to become more proactive, and see where those weak spots are to protect themselves from something like ransomware. You need to run a pen test because you can have somebody literally launch those attacks, and identify those weaknesses in those vulnerabilities before the bad people do.

What's the gap that we can all learn from? It's passwords. By and large for most users, passphrases are the way to go. And, multi-factor authentication is actually a very sound strategy.

If you look at one key tenant of computer security, complexity is the enemy of computer security. And security is constantly trying to catch up and protect against yesterday's attacks. So, the future is more connected, it's more complicated. And the problem is, we still have people that use weak passwords, we still have people that click on links from strangers. And ultimately, when we're looking at that future, you're going to see the exact same problems that we've always had complicated on a much, much, much, much, much larger scale. As things get more and more pushed to the cloud. There'll be no shelter here, the front line is everywhere. World of computer security.

Key Takeaways:

0:00 Previously on the show
2:02 John introduction
2:44 Episode begins
2:47 What John is doing today
3:45 John’s core tenets
5:51 How pen testing is “Blue”
6:17 Why understanding fundamentals matters
8:55 Ransomware
10:41 Organizations need to be prepared
11:58 Password gap
13:37 Password philosophy
17:07 Multi-factor authentication
21:40 What to do today
24:24 New problems
26:44 Learn your own network
28:26 Where to find John

John Strand on Twitter

John Strand on LinkedIn

Black Hills Information Security

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ron Eddings on Twitter

Follow Chris Cochran on Twitter

Sponsored by Axonius

Hacker Valley Blue S2 Episode 5 - Jamie Dicken and Aaron Rinehart

Tue, 18 May 2021 05:34:39 -0500

In this episode, we brought in two exceptional guests that are no stranger to chaos. In fact, they've identified ways to engineer for chaos. In the studio, we have Aaron Rinehart, CTO, and founder at Verica. We also have Jamie Dicken, former manager of applied security at Cardinal Health and current director at Resilience. These two are also authors of Security Chaos Engineering. If you haven't read that book it's already out, you should check it out.

Chaos engineering is the technique of introducing turbulent conditions into a distributed system to try to determine the conditions that cause it to fail before it actually fails. So they simplify it. What we do with chaos engineering is learn about the system without experiencing the pain of an outage or an incident. You learn to trust your gear by testing.

The biggest impact really came once we understood how security chaos engineering fits into the bigger security picture. It's not about just being a part of the latest and greatest techniques and having the excitement of doing something that's cutting edge, but security chaos engineering at the end of the day. It's useless unless what you've learned drives change.

Key Takeaways:

0:00 Previously on the show

1:40 Aaron Rinehart and Jamie Dixon introduction

2:08 Episode begins

2:59 What Jamie and Aaron are doing today

3:13 What Jamie is doing

4:13 What Aaron is doing

5:00 Discuss chaos engineering

9:26 Importance of chaos engineering

10:16 Myths of chaos engineering

12:55 Chaos engineering customer impacts

17:34 Learning to trust the test and end result

19:03 Reader and customer feedback

22:21 Chaos engineering gone wrong

27:39 Implementing change in cybersecurity

28:11 Building a team of experts

39:08 Getting involved in chaos engineering

41:09 Tools for listeners

43:25 Keeping up with Aaron and Jamie

Aaron Rinehart on Twitter

aaron@verica.io

Jamie Dicken on Twitter

Verica on LinkedIn

Verica Free Book

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ron Eddings on Twitter

Follow Chris Cochran on Twitter

Sponsored by Axonius

Hacker Valley Blue S2 Episode 4 - Lenny Zeltser

Tue, 18 May 2021 05:27:28 -0500

In this episode, we brought back our good friend Lenny Zeltser. Lenny is Chief Information Security Officer at Axonius. He's developed a mindset of looking at security components as building blocks to create a holistic security environment. To this day, even while operating as an executive, he has wisdom that anyone can learn from.

Quite often, the less sexy aspects of information security are ignored, when in reality, you need to understand what resources you're supposed to protect, which assets are compromised, and the infrastructure for your organization. People jump right into fighting the big fires, and as you know, there is a reason why there are so many day-to-day urgent activities.

To start moving in a positive direction, Lenny shares this advice, “Understand what the major data sources you can tap into rather than thinking ‘let me create this one new way of serving everything I have are.’” The information is there. Think about three sources of information that might get you the biggest bang for the buck!

Key Takeaways:

0:00 Previously on the show

1:40 Lenny introduction

2:05 Episode begins

3:10 What Lenny is doing today

5:35 The evolution of Lenny’s career

8:30 Parallels between beginning and now

10:38 Journey and growth of REMnux

13:00 Challenges Lenny has faced

15:21 Collaboration surprises

17:18 Horror stories

20:18 Enforcing policies

23:34 Asset management

26:08 New tech and trends

28:45 Biggest discovery about self

32:38 Advice for others

34:24 Keeping up with Lenny

Links:

What Lenny Does

Lenny on the Web

Follow Lenny on Twitter

Lenny on LinkedIn

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ron Eddings on Twitter

Follow Chris Cochran on Twitter

Sponsored by Axonius

Hacker Valley Blue S2 Episode 3 - Chani Simms

Tue, 18 May 2021 05:24:10 -0500

In this episode of Hacker Valley Blue, we brought in a guest who has been on a journey of transformation of self and technology. Our guest is Chani Simms, managing director of Meta Defence Labs. We talk about what is essential for cybersecurity. If there was a magic box that could solve an issue, what problem would Chani want solved? “People!” They need to be trained, and care, and have buy in. They must be devoted to what they’re doing. They need cultural awareness and support – it isn’t easy and the hardest job.

When it comes to leadership, organizations need to use people already in the organization. It is important to know what they’re trying to do. You have to use security as an enabler. Leadership is responsible for communicating objectives and goals.

Key Takeaways

0:00 Previously on Hacker Valley Blue

1:36 In this episode

3:10 Background and day job

5:37 Cyber essentials

13:46 Keeping up to date

15:26 Access control

17:07 Security hygiene

19:48 Magic box

21:32 Leadership fundamentals

26:22 Formula 1 analogy

28: 46 Wrap up

Links:

Chani on LinkedIn

Chani on Twitter

Email: info@metadefencelabs.com

Sponsored by Axonius

Hacker Valley Studio

Chris Cochran on LinkedIn

Ron Eddings on LinkedIn

Hacker Valley Blue S2 Episode 2 - Marcus Carey

Tue, 18 May 2021 05:21:37 -0500

Know thy organization is key! Wise words from the powerful Marcus J. Carey. Don’t be afraid to admit the bad stuff and be honest about the situation. Most of the time people get fired because they are scared to admit the failure.

You have to build a tight network of people you trust who will be brutally honest with you. You need those people who are going to tell you the truth. Other people will see your superpowers before you do. Superman didn’t know he was different, but others saw the differences and the strengths he didn’t even realize he had. Always pay attention to how people react to what you do, then you will figure out what you are really good at. We over emphasize what we suck at and ignore what we are good at. Don’t do that. You need to understand how amazing, awesome and beautiful you are. Double down and double down hard. Do not be afraid to show your talents and be confident in your superpower.

In security, there is a role for everybody.

Key Takeaways:

1:40 In this episode

2:12 Welcome

3:40 Marcus background

4:57 What lead Marcus to cyber

7:09 Self discovery

9:48 Creations and inventions

14:22 Gathering and retaining information

17:53 Auxiliary skill

21:35 Abilities and mission

25:26 Overlooked areas

31:44 Advice to others

35:41 Staying up-to-date with Marcus

Links:

Marcus on Twitter

Marcus' Books on Amazon

Marcus on LinkedIn

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ron Eddings on Twitter

Follow Chris Cochran on Twitter

Sponsored by Axonius

Hacker Valley Blue S2 Episode 1

Tue, 18 May 2021 05:15:12 -0500

Welcome to Hacker Valley Blue Season 2 “Know Thyself”. Instead of focusing on the enemy – threat intelligence and environment, we are focusing on knowing yourself and security stack. You need to know the business, but also the fundamentals of security landscape. Without the fundamentals, you cannot reach the level of success you desire. Getting laser sharp on computer networks and how computers speak to each other. Without understanding how each of the pieces work together, you cannot make strategic decisions. We have many guests this season that will teach more about the fundamentals. Stop ignoring the fundamentals and find synchronicity among your team. Building this team makes an impact for the business. You will have positive outcomes. Stop sweeping the issues under the rug to make better decisions.

Cybersecurity is a lot like playing a game of chess using pieces, policies, and guidelines. Opponents use the same things but don’t play by the rules. You continually must up your game and face the opponent who isn’t playing fairly.

Knowing business, team, story and self is so important and that is what is coming up on the rest of the season.

Key Takeaways

0:00 Welcome

2:00 Kick-off

3:13 The fundamentals

5:46 How do you get people excited?

7:07 Making an impact on a business

8:43 Where does one begin to know thyself

10:32 Formula 1 analogy

12:32 Leadership

16:00 Superpowers

19:38 Three Rs of memory

24:58 Chaos engineering

27:56 The brother’s trip

30:11 Stepping into unknown

31:15 Play at work

32:00 Season recap

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ron Eddings on Twitter

Follow Chris Cochran on Twitter

This entire season is sponsored by Axonius

Episode 138 - On Being Us in Technology with Kendrick Trotter

Mon, 17 May 2021 05:28:52 -0500

Imagine, for a moment, you’re driving for Uber, and one of your riders changes your life forever! That’s the story we are sharing with you. It's all about Kendrick Trotter, the entrepreneur that has had an incredible journey in technology. Kendrick talks to us about that and the relationship between sales and engineering.

Ron and Chris are glad to be back with Kendrick Trotter who is helping diversify technology through partnerships with top technology firms. He is excited and humbled to be part of this!

Kendrick shares his passion about Us in Technology. Their mission is “We are going to diversify the tech industry with more underrepresented people.” This is a very broad definition intentionally. People associate diversity to black or brown, but really, it is variety.

Us in Technology partner with people who have coachability, drive, intelligence, and integrity. He feels they are teaching these mentees to be an entrepreneur, not a worker.

Change won’t happen until influential positions are more diverse.

To stay in touch with Kendrick or to learn more, visit his website, LinkedIn or Instagram.

Thank you

Key Takeaways

0:00 Introduction to the show

1:03 Welcome back

2:06 Kendrick joins the show

2:44 Kendrick shares his background

6:17 Catalyst to the trajectory for Kendrick

9:18 Power of Networking

13:35 Complexities of sales and engineering

15:53 Maintaining confidence

18:32 Big lesson learned

21:18 Diversity in the industry

26: 37 Surprises along the way

30:03 When change happens

30:53 Advice to those wanting into tech

32:39 Best ways to stay in touch with Kendrick

33:20 Thank you

Links:

Us In Technology Website

Kendrick's Instagram

Kendrick on LinkedIn

Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 137 - Securing Virtual and Augmented Reality with Tamas Henning

Mon, 10 May 2021 18:15:04 -0500

In this episode, we have the powerful Tamas Henning, Director of Security Engineering at Marqeta and also Trust and Safety Advisor for XR Safety Initiative.

Tamas got started in technology at a very young age and that is credited to his dad. In the Early 90s his dad built a software company, and he was a super curious kid. By 6th grade, he learned trigonometry just so he could recreate Tetris.

Take a listen to this incredible origin story and passion project of securing XR.

Key Takeaways

0:00 Intro

1:22 Show starts with Ron & Chris

1:50 Introduction to Tamas Henning

2:25 Tamas shares his background

3:30 Introduction to tech

6:48 Challenges faced

8:20 How Tamas’ dad feels about him

9:50 Brotherly relationships

10:50 Why security?

17:37 Kids and exposure to the internet

21:27 Thoughts about information collection

24:22 XR and what it really means

27:25 Making the internet safer

29:58 Advice to people who want to make an impact

31:01 Best ways to keep up with Tamas

Links:

Tamas on Twitter

Tamas on LinkedIn

Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 136 - From Tragedy to Triumph with Chani Simms

Tue, 04 May 2021 04:00:00 -0500

In this episode, we welcome Chani Simms, Managing Director of Meta Defence Labs as well as Founder and Chief Architect of She Ciso Exec. Chani tells us the story of her rise from tragedy during childhood to being triumphant today.

0:00 Intro

1:03 In this episode with Chani Simms

2:22 Chani shares a bit about her background

3:35 Exposure to IT

5:24 First cold call experience

6:24 Chani’s early years in Sri Lanka

12:25 How did Chani recover from the trauma

13:08 What gave Chani hope

16:24 How a specific billboard spoke to her

18:12 Surprises along the way

20:35 Superpowers

23:00 Emotional intelligence

25:40 Having a good relationship with others

28:43 Chani’s advice to others

31:08 Connecting with Chani

Links:

LinkedIn: https://www.linkedin.com/in/chani-simms

Twitter: https://twitter.com/ChaniSimms

Website: www.metadefencelabs.com

TedX Talk: https://www.ted.com/talks/chani_simms_stop_chasing_the_magic_security_box

Learn more about Hacker Valley Studio.

Learn more about our sponsor AttackIQ and enroll in The AttackIQ Academy!

Road to the Webby's: An Underdog Story

Sun, 02 May 2021 12:35:31 -0500

Vote here: https://www.hackervalley.com/vote

It might seem impossible... but we need an incredible amount of votes to have a shot to win this People's Choice Webby.

Who would have thought that two black cybersecurity professional with home studios, would have a shot against these huge media companies.

But this prize is more than the trophy or the title.

We are representing cybersecurity.

We are representing the independent creators.

We are representing the underrepresented.

The audacious part... We believe we will win this thing.

30 seconds of your time can put us in the history books.

Episode 134 - Knowing Your Worth in Technology and Cybersecurity with Jimmy Sanders

Tue, 27 Apr 2021 04:00:00 -0500

In the studio today is Jimmy Sanders, a mentor, technician and all-around leader. Jimmy is the head of information security at Netflix DVD where he secures data and systems from cyber threat while building resilient compliance programs across technology, financial services, and healthcare organizations.

Jimmy is here to talk about what we are worth in technology and cyber security. He is always full of advice and knowledge and is always promoting positive change in our community.

To start this podcast, Jimmy shares a little about his background and how he came to the role he is in now for Netflix. Along with his career background, he shares all the organizations he is involved with.

Jimmy talks briefly about what happened to him that encouraged him to go 120% and then some in this career choice. He didn’t find his passion in technology until 12 years after graduating college. You will hear how the possibility of never walking again affected his work ethic.

Allan and Jimmy talk at length about those 12-years where Jimmy was stumbling, bouncing from college to college, to flunking out of college. It took those years for him to discover how the absence of passion can truly feel.

The show closes discussing knowing how to recognize opportunities and taking them. In addition, they talk about how important it is to know your worth, recognize your value and that everything in life or work is negotiable. You will only be better than your job description if you make it that way.

Key Takeaways:

0:00 Intro

1:27 Episode begins

2:28 Jimmy Sanders introduced

2:40 Jimmy shares his background

4:20 Jimmy shares how he made his way into cyber security

6:28 What happened to Jimmy that got him going headstrong into cyber security

8:57 For 12-years, Jimmy stumbled through life – what did he learn and do?

10:40 Journey into his career choice and how it skyrocketed

13:00 How does Jimmy stay fresh and on top of advancements

14:54 Jimmy shares his “superpower”

17:55 Making the most of opportunities and getting into that mindset

20:15 Jimmy shares how to know your worth and understand your value

23:35 Negotiations when looking for a job

25:10 Jimmy’s hopes and objectives for the Technology Collaborative Summit which Cyber Ranch is hosting

27:26 Advice to those questioning their value in their cyber security job

28:55 Thank you and how to keep in touch

Links:

Jimmy Sanders on LinkedIn

Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Vote for Hacker Valley Studio to win a Webby!

Vote for Hacker Valley to Win a Webby Award!

Mon, 26 Apr 2021 05:20:48 -0500

In this special announcement, we talk about the Webby's, the incredible honor it is, and the stiff competition we are up against.

Vote and help make our dream become reality here: https://hackervalley.com/vote

Episode 132 - Giving Back Through Technology with Gabriela Ariza

Wed, 21 Apr 2021 07:21:07 -0500

In this episode, we welcome Gabriela Ariza, a cybersecurity practitioner, influence, and wealth builder. We talk about her incredible story and how she got into social media influencing. Gabi started her IT journey in web development and then decided to transition to cybersecurity. She now works in protecting and analyzing government infrastructure for state and county governments across the United States. In addition, Gabi has founded a non-profit called HaITian Common Space.

0:00 - Intro

1:04 - In this episode

2:03 - Gabi introduced

5:42 - The story of where Gabi felt the magic for cybersecurity

7:07 – Special segment on CNBC

9:10 – Mindset of earning and saving

12:28 – Influence of parents

14:54 – The launch of Gabi’s nonprofit

15:50 – Superpowers

17:34 – Goals

22:23 – What’s next

23:17 – The impact

24:39 – Thank you

24:52 – Connecting with Gabi

Instagram: fab_millennial Website: gabrielaariza.com Nonprofit: haitiancommonspace.org Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter. Follow hosts Ron Eddings and Chris Cochran on Twitter. Learn more about our sponsor ByteChek. Vote for Hacker Valley Studio to win a Webby!

Episode 131 - Making the Most of Time Off with Sarah Groen

Thu, 15 Apr 2021 04:00:00 -0500

In this featured episode of Hacker Valley Studio podcast, Ron and Chris are joined by Sarah Groen, founder and CEO of Bell & Bly Travel, a luxury travel advisory firm. Bell & Bly Travel helps executives, entrepreneurs, and their families take a holistic view of their vacation planning, allowing them to save time, enjoy amazing experiences they can't plan on their own, and make lasting memories with loved ones. Sarah is a contributing columnist for the CEOWORLD magazine and is the host for the Luxury Travel insider podcast.

In most of our episodes, we talk about work, the grind, and getting better every single day. In this episode, we talk about something a little different; talking about taking time for yourself and maximizing vacations and time off, time with family, friends, and time for experiences.

Sarah is no stranger to experiences; she has traveled the world and is an expert at planning vacations. We brought her into the studio to talk about getting the most out of our time off.

Her background is varied; she has an extremely random resume. She is from South Texas and lives in Houston. She started in the financial world but wanted to get off the corporate rat race track because she didn’t enjoy what she was doing. She went back to business school, not knowing what she wanted to do, but focused on entrepreneurship.

After school, Sarah went back to Houston and did many things, such as investing in an energy software startup and being an accelerator that she co-founded. She worked at Uber - launching and running UberEats in Houston and Phoenix. Finally, Sarah realized that if she was going to put that much time and effort into a business, she wanted it to be her own and build her own equity. So, she started looking into companies to invest in and buy. She finally began to focus on her passion for travel.

She describes herself as crazy about travel and shares how many countries she has visited and continents - and it’s a lot! She is always thinking about where she is going next. It all started due to her early experience where at 15 she went to Germany for an entire summer. She loves planning travel for families who have kids at that age which is an impetus to loving travel. This love led her to use all her free time for travel.

Sarah loves all her travel experiences for so many reasons. Trips fulfill you in many different ways. Her ability to share what she loves led to her acceptance at Stanford. Travel reminds her that she is so small in the world. There are so many other ways to think and live, that when she travels, she is reminded of that.

As the episode progresses, Sarah describes how travel benefits the mind and health. There is a lot of research that shows how vacations and travel is good for you. People need it! One example is neuroplasticity. If something brand new happens, you will remember it more. This keeps your brain more agile and to be more creative. Travel puts you in a different environment and helps create new neuropathways.

It is a fact that Americans are skipping tons of vacation days; there are millions of vacation days left on the table. As that number goes up, all sorts of things are happening such as anxiety, mental health issues and other things that are symptoms of working too hard.

In order to plan travel for groups, they bring people in and ask multiple questions to get to the bottom of what’s most important about this vacation and why. What helps them relax. This helps discover what is needed most by the travelers. Making the most of the vacations is different for every person. Some want to do everything, and some don’t want to do much at all.

The needs are different for everybody! Luxury travel means something different, however. She hesitates to put the word “luxury” in marketing, etc. Generations want different things and luxury means true customization. People don’t want to feel like a number anymore. She is catering toward personalized and customized things.

What does customized mean? How does it get specific? What do people look at? Sarah can do and plan things that are “ungoogleable.” There are so many experiences that can be customized based on interests and passions. These are “behind the scenes” and not amongst the packed tours that one encounters when on typical vacations.

Sarah shares how networking is important in the role as a luxury travel planner. She specializes in clients’ needs and wants, and they plan the world. That can only happen through fantastic networks and partnerships. They have worked with them and keep up with them on a regular basis. They have vetted partners in every corner of the world, and are kept up-to-date and help curate these specific itineraries and ideas. Doesn’t matter if it is art or basketball, they make it happen due to their network.

How people spend their money is personal, but don’t save it for a day you are never going to spend it. If there is something you want to do, make a plan to make it happen. Lay out what you want to achieve in your travel bucket list, and make a plan. Pencil the experiences in that you want to have!

Travel has changed alot since Covid-19. Don’t let it scare you off when you are planning travel. Hotels and airlines and tour operators have adjusted to safety protocols. Safety is different for all people and their wants in regard to the degree of risk they are willing to take. Booking and cancellation policies have flexed greatly. Those dream trips can be planned almost risk-free right now.

When it comes to food, it is trending to having more local cuisine experiences. For instance, going to the market, following a local expert, going to different places and trying different things. It is food combined with stories and history that is the trend.

Sarah is planning our “Think Week”, and we were excited to hear what she had in store for us. She has our interests and general information based on the forms sent to us. The next step is a call to hear what changes from the form and speaking in person. This gives a true vision of what might make sense and then talk about options and possibilities.

Impactful Moments

0:00 - Welcome back to the Hacker Valley Studio

1:26 - This episode features Sarah Groen

2:25 - Where they met Sarah

2:44 - Sarah’s background is extremely varied

3:19 - Where the entrepreneurship started

3:57 - Decided to start focusing on her passion - travel

4:14 - Why travel? What does it mean to her?

5:19 - Most memorable travel experience?

7:40 - How good travel is for you

10:35 - How people get the most out of time off?

13:04 - What does luxury travel mean for clients?

17:57 - How important is networking in this type of role?

20:23 - What would you say to our listeners who want to dip their toes in luxury travel?

22:08 - How travel has changed due to Covid-19.

25:36 - How food fits into travel

27:58 - What’s in store for our “Think Week”

29:29 - Best ways to stay in or get in touch with Sarah

Links:

Learn more about BelleAndBlyTravel

Luxury Travel Insider Podcast on all platforms

@Sarahgoesglobal on Instagram

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 130 - Fighting for Others with Anne Marie Zettlemoyer

Wed, 07 Apr 2021 04:04:00 -0500

Anne Marie Zettlemoyer is Vice President of Security Engineering and Divisional Security Officer at MasterCard. She’s a mentor to many cybersecurity practitioners and a visiting fellow at the National Security Institute at George Mason University

As far back as elementary school, making sure everyone was treated properly and respected was important for Anne. In college, despite not knowing the first thing about cycling Anne’s determination to do the right thing led her to participate in a 600-mile charity ride to raise money for research towards a vaccine against HIV.

Anne Marie started in Business and holds an MBA in Organizational Behavior and Corporate Strategy, she started on the business side and worked under many titles like Analyst, Controller, Auditor, and Strategist. About 12 or 13 years ago she fell in love with Security because it speaks to her mission of protecting and defending others.

Ron shares about how mentors have helped him learn cybersecurity and asks Anne Marie about when she’s helped others climb the security mountain. Anne Marie recalls being the only woman presenter at a Cybersecurity conference and receiving a certain lack of respect until she demonstrated exactly how much expertise and experience she had. She spoke to some other women in attendance and encouraged them to apply themselves in the same field assuring them that they could also succeed, two years later one of the people she encouraged had become Senior Security Engineer.

Chris asks about what it means to her to be able to show up with others now and whether she had someone like that for her own journey. Anne Marie shares about having to fight for everything herself. She expands that talent, grit, and many things are distributed throughout humanity but opportunity isn’t equally distributed. Anne Marie believes that those with the capability to find those who simply need an opportunity and lift them up have a certain responsibility to do so. That they can lift up those who will also lift up others. Ron asks Anne Marie about what it takes to make a great leader and supporter today. Anne Marie speaks a bit about leading from quiet influence and measures success more by effectiveness. The conversation shifts to how trust is needed when working to communicate risk and security decisions depending on who you’re working with as not everyone will share the same perspectives and backgrounds. Chris asks Anne Marie for a piece of advice for someone who may need someone to show up and protect them and she urges us to try new things, learn new things, expand our own possibilities. Anne Marie speaks about how showing up and trying to reach out can be enough to open new doors.

1:01 — Welcome back to the Hacker Valley Studio our guest this episode is Anne Marie Zettlemoyer.

2:43 — Anne’s amazing fluency in business and how she fell in love with security.

4:37 — The call Anne feels to respect others and make sure they’re respected.

6:48 — The causes to fight for even without complete preparation for the journey ahead.

8:58 — The extremes of a ride to do the right thing, and a helping hand to get you up a mountain.

11:30 — How you can never know the power of showing up for yourself.

13:30 — The power of showing up for others and being the only woman there.

15:34 — Two years after being the only woman cybersecurity presenter at a conference

19:04 — Anne shares about having to fight for everything herself.

20:30 — The responsibility for those that have the heart to find and uplift others.

22:00 — The conversation moves to topics about networking and great leadership.

24:00 — Why having a sense of humility is necessary for a leader and building a network.

25:30 — Learning to not re-invent the wheel.

27:20 — Creating a rounded perspective to build comprehensive solutions.

28:50 — Why you need trust from the folks you’re trying to protect.

31:00 — Advice for someone listening that needs someone to protect or stand up for them.

32:45 — Trying new things one step at a time can be enough.

Links

You can find Anne Marie Zettlemoyer on her Linkedin or her Twitter

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor AttackIQ and enroll in The AttackIQ Academy!

Episode 129 - Seeing the Value in Everything with Saam Motamedi

Thu, 01 Apr 2021 04:00:00 -0500

Saam Motamedi is a General Partner at Greylock, a Silicon Valley venture capital firm. Saam has always found joy in finding individuals with the ideas and perspectives needed to become leaders and seeing them grow. As a student, Saam built student led organizations and nurtured the talent in his peers so they could grow as leaders. Saam started his professional journey on the product side of the industry working for a startup company, BladeIQ. The organization was an early adopter of machine learning and made innovations in the Customer Relationship Management solution market. The company was later acquired by Salesforce and their technology was integrated into the Salesforce CRM solutions.

Saam shares that he enjoys helping entrepreneurs go from technical insight to an initial product. His superpower is leveraging his insight into how products and software solutions fit into the larger economic ecosystem. Saam also has success with helping companies continue to develop their products while bring new offerings using planned strategy. Ron asks Saam how he sorts through companies that are focused on artificial intelligence or machine learning in order to find great opportunities and people. Saam elaborates that he is focused less on the theoretical applications of these tools and more on how they are used to solve problems for customers. Saam provides perspective on the value of end user input in improving the quality of machine learning itself.

Chris asks Saam about advice about product market fit and how to ensure the company has the right timing. Saam shares that timing varies across customer segments. It is important to not only understand what customers want but be able to see what customers should want or what they’re going to want. The conversation touches upon how COVID-19 has shifted the venture capital landscape. Saam tells us that the amount of interesting ideas and products has actually increased, and that entrepreneurs need to understand what their own story is and how it is even more relevant today than perhaps two years ago. Ron asks Saam about the most exciting technology to him today. Saam remains enthusiastic about machine learning technology helping better decisions being made as well as automation helping free up time and more of the workforce to focus on higher valued tasks. Saam lets us know that it’s never too early to talk to Greylock and that some of the most impactful investments have been based on an idea and an understanding of the market the entrepreneur was aiming to disrupt.

0:00 — Intro

01:21 — Welcome Back to Hacker Valley today in the Studio, Saam Motamedi.

04:30 — Saam’s superpowers: understanding products, markets and people.

06:30 — Saam’s experience with the product innovation side

08:13 — Network building and finding talent

10:28 — Seeing the entrepreneur in people even before they see it in themselves

12:37 — Investing in solutions to important problems and not the technology they’re using.

14:17 — Creating a learning engine that actually learns over time

15:55 — Advice on having the right team and the right idea at the right time.

18:37 — Timing requires predicting what customers are going to want

20:09 — How the pandemic has shifted the entrepreneurial and VC landscapes

23:05 — Customer interactions and brand ambassadors shifting to digital channels

25:00 — Crawl before you walk before you run: how to grow a company

27:04 — Getting the right attention, standing out in a digital sales landscape

29:00 — Showing off your product and continuing to grow without high touch interactions

31:34 — Saam shares how security is more relevant than ever

33:10 — If you’ve got an idea and imagination it’s never too early to start talking to Greylock.

35:32 — Understanding your own story to build your own company.

If you want to stay up to date with what’s going on with Saam you can follow him on twitter Saam Motamedi (@saammotamedi) or find him on linkedin Saam Motamedi - General Partner - Greylock Partners. Check out Greylock Partners to find out more about this venture capital firm and read their blog to learn more about what they’re doing.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 128 - A Masterclass on Being Yourself with Ashish Rajan

Wed, 24 Mar 2021 05:46:58 -0500

Ashish Rajan is a Cloud Security leader, podcaster, investor and fashion expert. He’s the Melbourne chapter leader of the OWASP Foundation and the Head of Security & Compliance. Ashish makes full use of his expertise and shares his knowledge as founder of a Cloud Security academy as well as in his weekly Coffee with Ashish which streams on Twitch, linkedin and YouTube.

Ashish shares that while doing his weekly cloud security livestreams from the streets of Melbourne he became a recognizable person. Dressing with the intention of presenting something different to people Ashish began changing the way people look at him as a cybersecurity person. Ron asks Ashish about people understanding his value and how that can be conveyed through being confident with self image and comfortable in your own skin. Ashish speaks about the difference that presenting a new image of a security expert makes in his own career, that sometimes folks in the industry don’t necessarily communicate enough with people who don’t already have that knowledge base and so there can be a gap.

The conversation moves to how Ashish’s interests overlap and have grown throughout his cybersecurity practice and professional growth, he began meeting people more into sales over coffee in order to make more connections with other forward thinking professionals. Ashish’s mindset is that goals have to evolve especially when you’re able to meet them ahead of schedule, he applies this successfully to his Coffee with Ashish weekly show. Chris asks Ashish about his innovative mindset and a time he’s had to overcome an obstacle. His journey overcoming that is inspiring, after being let go from a job Ashish still believed there was reason to invest in the ideas and company. From there he began putting his time and energy into the cloud security academy and cloud security podcast using the motivation gained after that setback put in front of him as motivation to teach others how to fish in the cyber ocean. Ron and Chris talk with Ashish about legacy and Ashish shares that planting seeds will be the legacy he hopes for. Ashish hopes that making significant impact on other people’s lives in a positive way will become his. Ashish shares that finding mentors aligned with the goals that you have, starting on your goals will pay dividends.

Impactful Moments

0:00 — Intro

2:05 — Welcome to Hacker Valley Studio with Ashish.

4:15 — Origin story of a Tinkerer and mastering the cheat codes.

6:10 — Trying new things and trying to innovate them creatively.

7:45 — Unintentionally stumbling into the fashion world.

9:00 — Transforming into an extroverted Security person.

10:33 — Diversifying Cybersecurity with fashion and putting yourself out there.

12:40 — Being comfortable in your own skin after putting yourself out there.

13:33 — Following in the footsteps of your parents.

16:00 — Discovering more than just security and learning how to sell.

18:00 — The organic origins of Coffee with Ashish.

20:00 — Overcoming obstacles and teaching others to fish.

22:10 — Making the right investments in helping other people.

24:10 — Ashish leveling up constantly and what’s next.

26:20 — Ashish’s advice for stepping into your own personal strength.

28:00 — The very online future and making your own media hub.

Links:

Connect with Ashish on LinkedIn and check out his podcast Coffee with Ashish.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

If your experience with compliance has sucked, check out our friends at ByteChek and see what they can do for you.

Episode 127 - Finding Comfort in Being Uncomfortable with Paul Rivera

Wed, 17 Mar 2021 04:00:00 -0500

Paul Rivera is the president and CEO of Def Logix, he built his own company from the ground up. Paul was born in the Bronx, NYC and grew up in both Queens, New York and Dallas/Fort Worth area of Texas.

The two areas he grew up in couldn’t be more different and he faced a lot of social anxiety. In middle and high school Paul felt there was a difference between the things he worried about and the concerns of his peers. Young Paul would rather figure out how to improve himself than impress others with something more material. Eventually at the age of fifteen Paul quit school and instead began going to the library. There he spent time reading on his own. He went from reading science fiction to learning about the physics, chemistry and math behind it.

In his twenties Paul moved back to New York for college and was working while attending school. Following in his hero Mr. Spock’s footsteps he took classes in: Logic, Philosophy and Computer Science. Paul fell in love with programming after building his own calculator application by using coding. Programming was a way to use computers to build things from his own imagination and engaging his creative side. He got his Computer Science degree in his mid twenties.

Paul speaks about the difference between New York City and the Dallas Fort Worth Area and some of the interpersonal differences moving to a less diverse area and not fitting in. Ron asks Paul what the missing puzzle piece that led him on the education path he chose. The conversation between Paul, Ron and Chris touches on different ways of learning and thinking. Paul shares about the school of hard knocks and researching, he shares about having to research excessively can lead to potential missed opportunities.

Chris asks about a challenge he faced building Def Logix. Paul talks about finding his way as a significant contract closed out, dealing with employees being discontent and having to conceptualize Def-Logix 2.0. Our hosts Ron and Chris speak about the burnout that can happen when tasks aren’t aligned with purpose. Paul shares that he enjoys creating solutions more than other tasks that are typically aligned with being at the top of a company. Paul had to learn to delegate more in order to grow the company. Towards the end of our conversation Paul shares some of his experiences with public speaking, something he was very uncomfortable with at first. It was necessary for him to get out of his comfort zone in order to keep growing.

Impactful Moments During the Show

00:00 — Intro

01:35 — Welcome back to the Hacker Valley Studio and welcome to Paul Rivera.

03:05 — Learning the science behind the sci-fi.

04:25 — Why Paul quit school at 15 and his path back to education.

06:00 — Calculators and falling in love with programming.

07:40 — Thinking differently about clothing.

09:05 — Thinking outside the box with logic AND intuition instead of logic OR intuition.

10:31 — Paul’s key way of learning.

12:20 — Paul on building his own company and challenges faced.

14:20 — What would change if he closed shop and started again?

16:30 — The harebrained ideas, creating solutions and finding joy.

18:30 — Growth and getting out of your comfort zone

Links

You can find Paul Rivera on LinkedIn

Check out Def-Logix a cybersecurity company that does research and development, software development and secure networks.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Check out ByteChek they can help you establish your security program, automate your readiness assessment, and complete your SOC 2 audit faster.

Episode 126 - The Grit of Being World Champion Part 2 with Lee Kemp

Fri, 12 Mar 2021 12:25:01 -0600

In this episode we continue our conversation with Lee Kemp, a three time World Champion in Wrestling (1978, 1979 and 1982 all in the 74 kg weight class) and held the record for being the youngest World Champion. In addition to being a champion wrestler, Lee is a father, a wrestling coach, a public speaker, and an author. He learned many of the skill sets needed to navigate his life on the mat. A child of the 60’s, he was adopted at the age of 5, before adoption learned how to find his own contentment in the situation he was in. From a young age Lee learned how to focus on what’s important and tackle whatever he needed to get done.

Our conversation with Lee Kemp resumes with Chris asking Lee a question about representation. Lee shares that there were other Black wrestlers that were successful before him and while Dan Gable was a direct inspiration he saw additional championship inspiration in Black wrestlers. Lee found representation and inspiration to one day own his own business working for Tom Burrell of Burrow Communications. He shares tremendous insight about race relations in the USA being further complicated by suppression of stories, like that of the mathematicians from Hidden Figures.

When Lee’s family left Cleveland in 1968 they moved to Chardon, Ohio; this was almost an entirely White community. Growing up there Lee saw his family being accepted into this community and learned that mutual respect was possible. We ask Lee about what someone who wants to be a champion needs. Lee explains that putting your focus on someone else that is successful can help and that finding inspiration is a truly important thing. Listening is important, if someone like Lee tells you the steps that you need to take to truly become a champion it’s important to take the advice as a whole.

Being the best isn’t the only measure of achievement, for Lee going for something with all your heart is meaningful. After winning World Championships and global competitions two years running Lee was on track mentally and physically to become an Olympic champion, but in March of 1980 President Jimmy Carter announced that the USA would not be participating at the Olympics. Lee explains how that opportunity being taken away impacts him even now. 40 years later the 2020 Summer Games have been delayed and Lee speaks a bit about that showing how the grit to be world champion endures.

Impactful Moments During The Episode

00:00 — Intro

01:00 — Welcome back to Part 2 our conversation with Lee Kemp.

01:33 — Looking at what types of representation mattered to Lee.

03:49 — Representation making a difference on a professional level.

05:50 — Lee speaks about Tom Burrell, advertising and race.

06:59 — Seeing your own value and everyone seeing each other’s humanity.

07:53 — We’re all the same race.

08:39 — The examples that parents set.

10:10 — Leaving Cleveland and moving to Chardon in 1968.

12:09 — The respect Lee’s father received from his community.

13:24 — Lee speaks about the importance of listening and empathy.

15:22 — Putting yourself in the right environment to be a champion.

17:07 — Taking advice and finding motivations.

18:31 — Going for something with all your heart.

19:50 — A story of “Things not happening.”

21:04 — Resiliency and the Tokyo Olympics, lessons learned.

22:25 — Thanks to Lee Kemp and for listening to Part 2 of the Grit of Being World Champion

Links:

Learn more about Lee Kemp and pick up his book Winning Gold.

Watch the great documentary Watch Wrestled Away: The Lee Kemp Story | Prime Video.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 125 - The Grit of Being World Champion with Lee Kemp

Tue, 09 Mar 2021 08:42:20 -0600

Our special guest this episode is Lee Kemp, a three time World Champion in Wrestling (1978, 1979 and 1982 all in the 74 kg weight class) and held the record for being the youngest World Champion. In addition to being a champion wrestler, Lee is a father, a wrestling coach, a public speaker, and an author. He learned many of the skill sets needed to navigate his life on the mat. A child of the 60’s, he was adopted at the age of 5, before adoption learned how to find his own contentment in the situation he was in. From a young age Lee learned how to focus on what’s important and tackle whatever he needed to get done.

Lee’s childhood with his adoptive family involved a lot of hard work. His family moved from the city to a rural neighborhood and he worked on a farm. There was a certain strictness his father held, if farm work needed to get done it had to get done. Over the summers of Lee’s youth, he learned about finding contentment in hard work and became comfortable being uncomfortable. Lee started wrestling in high school in the 9th grade and made the varsity team in the 10th grade, his first season in varsity he won as many matches as he lost. The summer between the 10th and the 11th grade year was the turning point for young Lee. He attended a Wrestling Camp that the wrestler Dan Gable was at right before the Olympic games of 1972, what he learned from Dan Gable at that camp became the catalyst for Lee becoming a different wrestler and different person. Lee gained a new mindset from that wrestling camp with Dan Gable. Coach Lee went on to win the state championship as a junior in high school, defeating the defending state champion.

As the episode progresses, Ron and Chris ask Lee about his philosophies on consistency. Lee describes that at each point in his journey to be a champion wrestler he took every opportunity to learn more about his game and his opponents. While Lee was in wrestling camp with Dan Gable, he was the only willing volunteer that would allow Dan to try out wrestling moves on him. Lee knew that if he could understand how one of the greatest wrestlers performed offensively and defensively he could at a minimum learn something new and potentially incorporate it into his style. Lee’s determination has always been contagious and a positive influence to his community. An example that Lee shares is the story of his wrestling teammate Pat Christenson. Before defeating Dan Gable, Wisconsin had a drought of national champions in wrestling. Pat Christenson shared with Lee after defeating Gable he realized he could aspire to become a world champion also.

Impactful Moments During The Episode

01:30 - Welcome back to the Hacker Valley Studio.

01:56 - Introducing the three time world champion Lee Kemp.

03:04 - A child of the sixties and learning how to give back.

04:18 - Understanding where you come from and learning to be content.

07:01 - Characteristics of grit.

08:43 - Overcoming the biggest roadblock to success.

11:08 - Finding a worthwhile goal as a high school wrestler and learning from the best.

12:26 - The inflection point towards success for wrestler Lee Kemp

14:24 - The fateful wrestling camp experience of 1972.

16:25 - Watching your camp coach from the summer with Olympic Gold.

17:28 - Lee Kemp finds the opportunity to wrestle against his former wrestling camp Coach, the gold medal winner Dan Gable.

19:05 - How Lee stayed focused on wrestling Gable despite detractors and distractions.

21:20 - Finding a different mindset, finding a different Lee Kemp.

22:51 - Taking little steps of confidence towards goals.

24:11 - Lee Kemp being in the moment wrestling in the last 30 seconds against Gable.

25:53 - From being in the moment to being part of the moment.

27:30 - The reaction to breaking expectations

29:00 - A rivalry that couldn’t be played out in competition, an unofficial match between Kemp and Gable

31:00 - Moving mountains

32:57 - Inspiring future wrestling champions at University of Wisconsin

34:30 - Having a mindset and attitude for making things possible

36:30 - Thank you for listening to Part 1 of Lee Kemp on Hacker Valley.

Links:

Learn more about Lee Kemp and pick up his book Wrestled Away.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 124 - The Learning Leader with Allan Alford

Tue, 02 Mar 2021 08:13:41 -0600

Introducing the Cyber Ranch Podcast and Allan Alford!

Allan Alford is currently the Chief Technology Officer/Chief Information Security Officer at TrustMAPP. Allan Alford is a member of the Hacker Valley family and has launched a new show called the Cyber Ranch Podcast. Allan has been a CISO at a number of different companies and has a wealth of knowledge in Cybersecurity. Has about 20 years of Cybersecurity and has a background in product security.

Allan is a tinkerer and a second generation information security practitioner. His father was a systems operator/administrator who specialized in Systems Security, his father brought their first IBM PC into the house while Allan was in middle school. Since that moment, Allan has always been interested in technology and had a group of friends who had the brand new tools of the time like the TI-99, TRS-80, IBM PC and Apple IIe. He and his friends were porting and writing games, hacking and war dialing. Allan’s mother was a school teacher and had house rules about television time, and so with an hour of TV a week Allan’s primary form of entertainment was reading.

In high school Allan took a creative writing class where he found a passion for storytelling and reading novels. Before entering college Allan was confident in his technology skills and decided that studying Humanities would make a greater impact for him. While studying, Allan learned that there were many parallels between the study of humanities and technology. There was a vocabulary, grammar, and structure by which things operated that had a consistent set of rules. Allan learned that the correct application of grammar and vocabulary helped all things work properly.

As the episode progresses, Allan shares while reading books, articles or other word based sources there’s a sort of internal voice that is within his mind that reads the words ‘out loud,’ however once he’s immersed in the book or text that the subvocalization fades and there’s a much more immediate type of onboarding of the information, the non-conscious reading voice. Chris shares that he describes this as the flow of learning. Allan also speaks of lucking into a prime slot on the KTCU college radio station and how he found his groove djing by deconstructing threads of music. He would put together his set by starting with a popular song and tracing it back from influence and inspirations.

Allan also shares his thoughts on the importance of networking - And not all networking starting points being equal. With his success now he tries to create bridges and conversations through his network that promote the exchange of ideas and further conversations for people, Allan is hoping to do the same with his podcast - The Cyber Ranch. Professionally he’s embarking on a new journey as the Chief Technology Officer at TrustMapp and is currently learning how to be a great producer of Security technologies.

Impactful Moments During the Show

0:00 - Welcome back to the Hacker Valley Studio!

01:30 - Welcome back to the Hacker Valley studio and welcome to the Cyber Ranch podcast

02:30 - Allan’s Professional Adventuring Card

03:00 - Allan’s tinkering background and a second generation info security professional

04:30 - Writing and porting video games as a youth, growing up as a STEM kid

05:35 - Creative writing opening the world to storytelling

06:50 - Going to college already knowing about Computer Science

08:40 - Practices and techniques for learning rapidly and staying sharp

10:30 - Understanding the fields of vocabulary and grammar

11:56 - Conscious reading voice, non-conscious reading voice and flow

14:14 - From reading to producing work that people could consume

16:00 - DJ Deconstruction, how Allan put together a primetime radio set on KTCU

17:00 - Networking without inherited connections

19:20 - How networking works for Allan now

22:20 - Networking misunderstood, the traps of the output side

24:00 - Allan’s 70/30 rule for career advancement

25:30 - CISO and CTO parallels

27:30 - What motivated Allan to start his own cyber security podcast

29:30 - For someone entering the Cybersecurity world from a non-technical background

Links

Connect with Allan on LinkedIn Allan Alford - CISO & CTO - TrustMAPP

Check out The Cyber Ranch Podcast!

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor AttackIQ and enroll in The AttackIQ Academy!

Episode 123 - Adventures in Venture Capital with Lindsay Lee

Thu, 25 Feb 2021 15:43:39 -0600

Lindsay Lee is the founder and managing member of Authentic Ventures. Authentic Ventures is an early stage VC firm based in Oakland CA. Lindsay has worked many years in the investment industries as well as venture capital and ran a direct investment fund. Authentic ventures is a new kind of firm focused primarily on women and under-represented minority founders. Authentic Ventures is focused on building its own network of women founders of more diverse backgrounds and entrepreneurs who really want to see success translate into more opportunities for their communities.

Coming from modest beginnings and raised by immigrant parents from the West Indies, his parents really solidified the importance of education. Lindsay has worked in investment banking as an analyst alongside graduates of Ivy League schools, there he learned about his own determination to excel even in tough working conditions while learning as much as possible. After graduating from graduate school Lindsay started an ill-fated technology start up in 1999; funding was hard to find in the early naughts (00’s) especially for Black founders.

After pivoting to working in asset management companies Lindsay joined a family office where he built and managed a portfolio. He reached a turning point there where he was able to look at public and private investments and assess the landscape. Lindsay decided he wanted to differentiate himself and focus efforts on really approaching investment in his own way, to invest in “early stage companies,” as opposed to series A or series B companies. A peer at another firm told him that it was going to be double the effort and twice the financing to get it off the ground. Lindsay’s drive and the network he was a part of propelled him through the challenges.

The conversation touches upon the “rules of the game” for galvanizing new ideas and bringing new products and companies into the market. He speaks about the roles that entrepreneurs, lawyers and investors have in capital markets. Lindsay found his calling as an investor was one where he was a coach, rather than an entrepreneur who is trying to score goals all the time. Lindsay describes how his focus was on cultivating relationships and community in order to grow an interconnected network that would allow for long lasting impact in the landscape while also bringing success to his firm.

He shares that the one thing he’s had to get right is finding A+ people to work with. In his approach as an investor he is trying to set the table for women of color and reserve, or build, a seat at the table that allows for success to be shared. Lindsay believes this focus will lead to more opportunities for more diverse teams. For folks interested in becoming an investor or entrepreneur Lindsay speaks about the importance of team building and utilizing the connections they already have as capital. He also urges people to not ignore the skills they’ve gained by applying themselves and that those skills plus knowledge of the space they’re focused on can create something that’s meaningful.

Impactful Moments During Podcast

00:00 - Welcome back to the Hacker Valley Studio, introducing Lindsay Lee of Authentic Ventures, a VC firm that invests in seed and early stage companies.

02:30 - Building a more diverse inclusive VC network and culture.

04:30 - What the exploration of VC was like for Lindsay and what were some of the motivations for moving in this way in that sphere.

06:45 - Why it’s important for diversity that a firm like Authentic Ventures exists in Silicon Valley and the tech community.

07:20 - How VC firms can help create more wealth across communities of color and gender.

09:30 - The journey to VC and what exploring that world looked like for Lindsay.

10:00 - Entrepreneurship as a sport: who are players, rule-makers and play callers.

11:45 - Taking the long view on cultivating good investments and finding the right people.

12:20 - Starting his own thing in VC, differentiating himself and dealing with uncertainty

14:27 - What immersion in VC is like, navigating changing landscapes

15:15 - If you’re looking for a challenge, investing is a good field; things not going to plan.

15:45 - Why you need to find A+ people.

17:20 - Staying humble and grounded in VC

18:14 - What creates success in entrepreneurial endeavors

19:30 - Why Authentic Ventures has a culture of good energy

20:45 - Studying and data in VC, compounding experience and knowledge, the value of having a community

22:40 - Trying to find ideas and company with momentum

23:20 - No free lunch in investing? What does a margin of error mean in this VC world.

24:45 - Why VC firms learn about the founders, how to scrutinize the methodology

26:00 - If you’re an entrepreneur why you should get to know a VC fund outside of funding events.

27:00 - Being an early believer in trailblazers

28:00 - Authentic Ventures tries to win together, with the right people

29:25 - Lindsay talks about not starting out on First or Second Base and making an impact that helps his community.

30:35 - Having something to prove as an analyst at investment banks

31:45 - The best lesson to learn as an investor, understanding the people, connecting with people that share your values.

33:30 - Why there’s no substitute for excellence or hard work.

37:23 - Staying power and determination: “Get your money right.”

38:30 - Staying in touch with Lindsay Lee and Authentic Ventures

Stay connected with Lindsay Lee by checking out Authentic Ventures

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

We Are Here Finale: Rep. Yvette Clarke

Tue, 23 Feb 2021 04:00:00 -0600

Hacker Valley Studio presents: We Are Here - an audio journey and series exploring black excellence in technology and cybersecurity. In part three of this series, Ron and Chris interview Congresswoman Yvette Clarke, serving as the U.S. Representative for New York's 9th congressional district since 2013.

Congresswoman Clarke’s parents immigrated to Brooklyn, New York in the 1950s from Jamaica. Being born from immigrant parents and witnessing the transformation of the country during the civil rights movement helped shape her worldview. Congresswoman Clarke mentions that the nurture from her family and community sparked her interest in public service at an early age. Congresswoman Clarke recalls being a child and looking up to her pediatrician, Dr. Thompson. Congresswoman Clarke could see herself being like Dr. Thompson and that led her to pursue her interests in STEM in grade school and college. When Congresswoman Clarke went away to college she made a commitment to come back to Brooklyn and use her education to help others

As the episode progresses, Congresswoman Clarke mentions her parents were engaged in the community out of necessity. They wanted to be able to navigate the United States and create community for her and her brother. Congresswoman Clarke’s mother started her community outreach at Parent Teacher Association meetings and was encouraged to run for political office after some time. In fact, Congresswoman Clarke became the first and only child to succeed a parent in political office.

Congresswoman Clarke describes community as essential and building communities is done through education. Digital transformation has enabled all generations to collaborate on common causes that they previously wouldn’t have had the opportunity to. An example that Congresswoman Clarke provides is narrowing the education gap for children of color. Through technology, parents have been working with government agencies and private organizations to provide more resources to schools in need.

Impactful Moments:

0:00 - Hacker Valley Studio presents We Are Here Pt 3

0:52 - Congresswoman Yvette Clarke on Hacker Valley Studio!

1:56 - Early life and how Congresswoman Clarke made it into office

3:38 - What inspired Congresswoman Clarke to help others

7:21 - Surprises while in office and servicing the public

13:35 - Congresswoman Clarke’s story of perseverance

16:36 - The importance of community and how to influence yours

24:40 - Education and mentorship

27:51 - Using technology to course correct and amplify your voice

31:59 - Sage wisdom for embarking on your personal journey

Follow Congresswoman Yvette Clarke on LinkedIn, Instagram, and Twitter

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Episode 121 - What Is Your IP Address with Chris Parker

Sat, 20 Feb 2021 04:09:00 -0600

In this episode of Hacker Valley Studio podcast, Ron and Chris are joined by Chris Parker, creator of WhatIsMyIPAddress. His website now reaches six million monthly visitors and began as a necessity to solve a technical problem, which you can probably guess, determine his IP Address.

WhatIsMyIPAddress predates Google and was often found through the search engine AltaVista. For years, the site was simple, straightforward and didn’t have any graphics or markup (HTML). At some point, Chris stumbled upon a Content Management System (CMS) called Geek Log but quickly learned with the amount of traffic that it was best for him to manually code each page on his website. For quite some time Chris maintained the website, answered questions from users about IP Addresses, and created more content without receiving any monetary compensation. The advent of Google AdSense led Chris to realize that he could make a profit for hosting his website.

Chris’s website is in the top 3,000 websites on the Internet and was managed out of his home office for over 8 years. As you can imagine, he received traffic from users across the world and was even the target of some cybersecurity attacks. However, keeping the functionality on his website simple, the biggest threat Chris faced was Denial of Service (DoS). After moving his website from his home to a CDN provider that blocks malicious traffic and bots, Chris saw a 90% reduction in web traffic to his website. This led Chris down the path of creating content about security and configuration.

With such a large audience, Chris decided to start the Easy Pray podcast and help listeners learn how to avoid becoming easy targets for scammers and fraudsters online and in the real world. Chris recalls a story of a fraud group that scammed victims by telling the victim that they’ve won the lottery in their country but are unable to withdraw the winnings because of citizenship. This scam is not uncommon and has caused hopeful individuals to lose thousands and sometimes their entire life savings. Chris has set out on a mission to inform others of these scams and create awareness about online safety.

Impactful Moments

0:00 - Welcome back to the Hacker Valley Studio

1:44 - Introducing Chris Parker, Creator of WhatIsMyIPAddress

5:11 - Was the naming of the website intentional or was it incidental?

6:04 - Adapting and digital transformation

7:29 - Malicious traffic and cyber attacks

10:39 - Creating a more safe Internet with the Easy Pray podcast

12:43 - Unfortunate spam and scamming stories

15:18 - More about Chris’s goal to provide education to his listeners

18:40 - Learnings and takeaways to avoid being scammed

24:02 - Tools that Chris is using to grow and scale his business

26:51 - How to stay up to date with Chris Parker

Links:

Learn more about Chris Parker and visit his website and podcast.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 120 - Bishops, Black Belts, and Business with Jeff Cook

Tue, 16 Feb 2021 16:09:30 -0600

In this featured episode of Hacker Valley Studio podcast, Ron and Chris are joined by Jeff Cook, Co-Founder, and CFO of ByteChek. Jeff has over 10 years of experience in both accounting and auditing and has set out a mission to “make compliance suck less”

Jeff began his career at accounting firm, Arthur Andersen. In 2002, the firm surrendered it’s license to practice as a CPA which forced Jeff to consider working at other firms. This surprise turned out to be a blessing as it made him transition from New York to Washington DC. After his transition, Jeff worked in public accounting and auditing for 12 years and began starting IT auditing practices and SOC practices at large accounting firms.

While working at a cybersecurity firm, Jeff met his co-founder AJ Yawn. The two worked on numerous SOC engagements together - which gave them the confidence to scale their ideas and efforts to make compliance suck less. Despite 2020 being the beginning of a global pandemic, the two decided to persevere and form their company ByteChek.

As the episode progresses, Jeff describes his partnership with AJ as dynamic and fluid. Jeff brings to the table a deep understanding of accounting and auditing challenges and solutions. Jeff admires AJ’s ability to be a leader and rally the troops to ensure everyone is moving in the right direction. Besides complimenting each other’s strengths and weaknesses, Jeff and AJ are also great friends and check-in together to help each other grow personally outside of work.

Jeff describes his superpower as his ability to work under pressure. When there’s deadlines and a surplus of work, Jeff leans on his experience as an accountant. While working as an accountant, each year in January through April (tax season) Jeff had to practice his discipline of working under pressure with clear deadlines from his clients and the government. Additionally, Jeff has spent years practicing martial arts, and describes it as a great technique to use to clear his mind in all situations.

Impactful Moments

0:00 - Welcome back to the Hacker Valley Studio

1:41 - This episode features Jeff Cook, Co-Founder, and CFO of ByteChek

2:26 - Jeff’s background and start in accounting and auditing

5:08 - Thriving in business as a founder during a global pandemic

8:31 - Jeff’s superpower and where it began

11:16 - How to overcome your kryptonite and core emotional challenge

13:58 - How martial arts has helped Jeff as a practitioner

17:48 - Parallels between cybersecurity, chess, and martial arts

21:21 - Getting comfortable with discomfort

28:14 - Wisdom from Jeff for leveling up as a entrepreneur and practitioner

Links:

Learn more about Jeff Cook and connect with him on LinkedIn.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

We Are Here Part 2: A Cyber Masterminds Discussion

Wed, 10 Feb 2021 04:00:00 -0600

Hacker Valley Studio presents: We Are Here - an audio journey and series exploring black excellence in cybersecurity. In part two of this series, Ron and Chris host a mastermind conversation with Tia Hopkins, Charles Nwatu, AJ Yawn, and Kelvin Coleman. In this special conversation, we discuss ExIST, a framework to promote excellence in the pursuit of human endeavors like hobbies, careers, and finding purpose.

Explore

As humans, we’re always on the brink of discovery. Watching a documentary, witnessing someone perform a piece of art or a eureka moment might be all that it takes to pull you in a new direction to explore a new topic. Learning something new can be like stepping into a new world that you’ve never experienced. This leap can be exciting, scary, or even uneventful but always leads to discovery.

Tia Hopkins began exploring technology since she can remember. One of her first memories of her interest in technology was when she noticed her mom stopped buying her toys because she would take them apart to understand how they worked. Tia took a giant leap into the new world of technology when she took apart her family and realized that she had to put it back together before her mom found out. Tia has explored many facets of technology from working with Internet Service Providers, IT teams, and Managed Detection and Response teams.

Immerse

After deciding which world to ExIST in, the next step to understanding and mastery is immersion. This is surrounding yourself in a new topic or idea and learning what it means to succeed in that arena. In sports, this might be watching a professional game and learning more about the rules. In cybersecurity, immersion may be reading blogs on the topic or watching YouTube videos that explain a focus area. While immersing yourself in this world you’ll identify the mindset needed to remain there and grow.

Charles Nwatu’s advice on immersion is to not be afraid to fail - It's the only way you succeed. Not giving yourself the opportunity to take the shot is even worse than failure itself. Learn how to consume content in any way that works best for you - read, listen, watch everything you possibly can. Identify ways that help you articulate what you’ve learned to others.

Study

After learning the rules and where the boundaries exist in the new world, the next step is to study. Using tools, knowledge, examples and mentors to improve your capabilities. If you’re learning about a topic with subtopics, you may need to re-immerse yourself in areas that you’re weak on. In this phase of the framework, you're using your new capabilities to rapidly learn and improve.

AJ Yawn provides the advice of staying focused and ignoring the results. To Focus AJ often implements the 90-90-1 rule. And it's taking 90 days spending the first 90 minutes of your day, focusing on ONE thing. Whenever AJ is trying out a new endeavour he ignores the results for the first 90 days, even if there’s no visible improvements. When picking up anything new the focus should be on the attempt rather than the outcome.

Translate / Transform

Translation is expressing the sense of wisdom into language. During this part of the ExIST framework, you’re using the collection of experience and wisdom to create, innovate, or teach. Taking your developed ability and bettering the lives of others.

Kelvin Coleman has always been an advocate of teaching others and promoting the people in the cybersecurity industry. Kelvin can recall researching and reciting state capitals that he’d take to his meetings to build a rapport with city and state government stakeholders. While the name of a state capital or mascot may not seem critical, it helped his customers understand that he does the research and cares about doing what is best for everyone.

Impactful Moments

0:00 - We Are Here a series exploring black excellence in cybersecurity

1:13 - Kelvin Coleman, the strategic mastermind

1:50 - Tia Hopkins, the technical juggernaut

2:25 - Charles Nwatu, the wise warrior

3:00 - AJ Yawn, the empathetic CEO

4:28 - ExIST, a framework to promote excellence

5:40 - Explore

22:14 - Immerse

56:09 - Study

1:10:10 - Translate/Transform

1:20:12 - Sage wisdom from our mastermind group

1:25:20 - How to keep in touch with our amazing guests

Stay In Touch Kelvin Coleman on LinkedIn

Connect with Tia Hopkins on LinkedIn and Empow(her) Cybersecurity

Follow Charles Nwatu on LinkedIn

Stay connected with AJ Yawn on LinkedIn

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Get your start in cybersecurity with SANS through their Diversity Cyber Academy!
Applications are now open, and SANS is looking for the best and brightest to diversify the field! The
SANS ICMCP Diversity Cyber Academy is available for current college students, college graduates, and
career changers who are not already working in cybersecurity.
Those interested can go to sans.org/dca or if you’d like to learn more about what SANS is doing on the
Diversity and Inclusion front please visit https://www.sans.org/about/diversity

We Are Here Part 1: Patrice Washington

Mon, 08 Feb 2021 10:03:05 -0600

Hacker Valley Studio presents: We Are Here - an audio journey and series exploring black excellence in cybersecurity. in part one of this series, Ron and Chris interview Patrice Washington, one of the world's most popular podcasters and authors. This episode in the series is a story of ascension.

As we begin the episode Patrice mentions although she has a background in education, she’s here because of the hard work she put in during uncertain times and stepping into the unknown.

In 2009, Patrice was in her mid 20s and graduated from the University of Southern California with a business degree emphasizing entrepreneurial studies. During her senior year she started a real estate and mortgage brokerage and grew it to a seven figure business by 25. Everything changed for Patrice after becoming a mother and experiencing the housing crisis shortly after experiencing so much success. Between ages 25 to 28 years old, she went from seven figure business owner to being on the bathroom floor, bawling and snotting and crying scraping up change in couch cushions.

Patrice describes that “doing all the things”, “checking all the boxes”, or “being the one” is not the path to professional or financial success. From following her faith and reading scripture she was reminded, “What good is money in the hands of a fool if they have no desire to seek wisdom?”

Patrice had a lot of knowledge, information, education but I didn't have wisdom. Which is how to apply knowledge, when to apply education, and with whom to apply education. Since March, 2009 Patrice has been on a mission to go everywhere she can and teach others that the journey is not just about chasing money, it’s about seeking wisdom.

What helped turn around Patrice’s life was an unlikely encounter with blogging mothers at Starbucks that gave her the idea of sharing her story through blogs. She was instantly reminded of her first grade teacher. Patrice recalled Ms. Boynton saying, “Miss Cunningham, you know something, you have a responsibility. To share with your friends is not enough. You have to share what you know to everyone, so that everybody moves forward”. That’s what Patrice started to do with the blog, she began commitment to share everything that she has learned.

When Patrice began writing and speaking she began embracing her gifts. At the start of her career she was writing, speaking and educating others with real estate but later realized that her gift was in sharing information and teaching others in a broader way. Patrice began asking herself, “How can I feel the same joy I felt to help others get to the aha moment when buying a home but without the real estate transaction?”. She searched for answers and found examples but none done by a black woman. Though this was discouraging, there was enough supporting information to let her know that if she stepped into the unknown she’d define her own success.

Redefining your wealth and life is done through being intentional. It starts by doing what you adore and not being too tied with how much it pays. Setting intentions through your day, calendar, and time is a great place to start to begin understanding what you enjoy and what you can make into a career. Your career is not the only aspect of your life that generates wealth, your well-being is the vessel that guides you to wealth. Redefining your wealth and life means that you’re putting your health as a top priority.

Impactful Moments:

0:00 - Intro

0:52 - Patrice Washington on Hacker Valley Studio!

1:55 - Patrice’s background and dedication to hard work

6:04 - Going from seven figure business to zero and redefining wealth

9:47 - Identifying and applying purpose

15:08 - Dissolving the need for validation from others

20:32 - What others can do to disassociate their purpose from money

26:36 - Investing in your health NOW, not when you’re sick

31:15 - Advice for embarking on the journey of redefining wealth

Pre-order Redefine Wealth for Yourself: How to Stop Chasing Money and Finally Live Your Life's Purpose

Connect with Patrice Washington on LinkedIn and Twitter

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Episode 117 - Technically Unstoppable with Tia Hopkins

Mon, 01 Feb 2021 12:20:24 -0600

In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by Tia Hopkins, Founder of Empow(H)er Cybersecurity with the focus of empowering mentoring, educating, and providing opportunities for women of color. Tia is also VP, Global Solutions Engineering at eSentire.

The episode begins by Tia describing her early interests in technology. She began exploring her interest by taking apart her family computer - After her mom found out that she disassembled the computer, she quickly learned that she had to reassemble it before there were consequences. Early in Tia’s career she worked at phone companies installing DSL, IT operations, and managing technology focused teams. Tia has always been a doer and problem solver which led to resistance when first being called to become a leader. She was initially concerned that if she wasn’t hands-on with technical issues that she wouldn’t be as effective as a leader. However, she discovered that as a leader she can leverage her experience to have a broader impact through her team.

As the episode progresses, the cast chat about “Happy Accidents”. Tia had the opportunity to get involved with the Social Movement project by a coincidental conversation with a stranger at a cybersecurity conference many years ago. The premise of the project is 4 days to change the world. Tia’s challenge during the project was to solve racism issues by bringing brilliant minds together. Tia mentions that the challenge is a tall order but great minds in the world can solve any problem.

During COVID-19, a lot has changed for Hacker Valley Studio - Ron and Chris used to record in the same studio but now record separately due to the lockdown. Despite this difference in production, HVS has been able to scale and grow by dividing and conquering tasks. Tia can relate to this sentiment because without COVID-19 she likely would have not started Empow(H)er Cybersecurity. In addition to starting her foundation, Tia has also started a PhD program. When asked her about her superpower, Tia describes her ability to get things done. As a former athlete, Tia has a growth mindset and is determined to accomplish her goals.

Meaningful moments in the podcast:

0:00 - Intro

1:51 - Tia Hopkins on Hacker Valley Studio Podcast

2:39 - Tia’s background and start in technology

4:24 - Tia’s perspective on being a leader

7:17 - Induction in the American Football Hall of Fame

9:01 - Social Movement Season 2

14:30 - Developing and working on your craft

16:50 - What has changed since COVID-19

19:00 - Tia’s Superpower

24:13 - Personal resiliency techniques

28:47 - How to stay in touch with Tia Hopkins

Links:

Connect with Tia Hopkins on LinkedIn.

Follow Empow(H)er Cybersecurity on Twitter and LinkedIn

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor AttackIQ.

Episode 116 - Start-Up Secure with Chris Castaldo

Tue, 26 Jan 2021 10:00:08 -0600

In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by Chris Castaldo, Chief Information Security Officer at Crossbeam and author of Start-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit. Throughout his career, Chris noticed that the same cybersecurity related problems surface but there are many different ways to solve them.

Chris has always been passionate about startups and has plans to one day start his own company. While going through lists of top 10 books for startups and entrepreneurs he didn’t find any that mentioned how to do cybersecurity at a startup. This a significant gap for startups, not baking in cybersecurity early results in expensive rework 4-10 years after the startup is founded. This led to Chris writing Startup Secure - his goal was to create a guide and methodology for startup founders to avoid the expensive mistake of not baking cybersecurity into the startup in the beginning.

As the episode progresses, Chris highlights the difference in challenges for startups that are B2B (Business-to-Business) vs B2C (Business-to-Consumer). Cybersecurity startups must weigh the risks of building a product and building a secure company. It’s easier to implement all of the security controls offered by a solution when the startup is 20 employees or less because there is less impact on users and business functions. When cybersecurity startups are selling to organizations with cybersecurity teams, the startup is asked tough questions. For example:

What is your vendor review process?
Is your startup leveraging cloud security controls?
What is your privacy policy?

As a cybersecurity professional, Chris emphases the importance of networking with other professionals. There is an increase in virtual conferences and adoption of LinkedIn. Asking questions to the leaders in the field and providing mentorship to others both provide a significant impact while cultivating your career. Chris also highlights the importance of following up on conversations to build relationships and securing opportunities.

When transitioning from engineer to CISO, Chris found that being intentional and purposeful with his time was impactful in his transition. He developed these skills by reading books about stoicism. He found that focusing on “the right thing to do” was tough because of constant distractions but being purposeful was the solution to distraction. Instead of focusing on all the things that were on his plate he would break down his goals into smaller chunks and give them his undivided attention for a specific amount of time.

Moments During This Podcast:

0:00 - Intro

1:57 - Chris Castaldo on Hacker Valley Studio Podcast

2:47 - Chris’ start in cybersecurity as a red team member

3:50 - Why did Chris write his book Startup Secure

6:58 - Challenges of implementing cybersecurity at a startup

9:56 - What excites Chris about cybersecurity

13:35 - How do you immerse yourself in learning about cybersecurity?

17:33 - Surprises when transitioning from engineer to CISO

22:43 - Core tenants of solving hard problems

25:53 - Protecting the crown jewels at an organization during a breach

33:38 - Advice on sharing knowledge with the world

Links:

Pre-order Start-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit

Learn more about Chris Castaldo and connect with him on LinkedIn.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 115 - Podcast Takeover with Carole Theriault

Wed, 20 Jan 2021 08:54:18 -0600

The tables have turned on Ron and Chris this episode and they are interviewed by guest host, Carole Theriault! Besides being a two-time guest on the Hacker Valley Studio Podcast, Carole is producer and host of the Smashing Security Podcast and Sticky Pickles podcast. Carole put together 7 serious questions and 7 funny questions to interview Ron and Chris.

Question #1 - How did you get into podcasting?

Ron - describes his entry into podcasting as a surprise. Ron had set up a studio at his home in San Jose, California with the intention to create YouTube videos. When Chris relocated to the area, he suggested that the two get on the microphones and have a conversation to see where it goes - Where the two began speaking about Cybersecurity Alchemy.

Chris - Before moving to Silicon Valley, Chris experimented with content creation on Instagram and worked with professionals to document his weight loss journey. This experiment went well but left Chris hoping to make a greater impact through content creation.

Question #2 - What are the most surprising lessons you learned from podcasting

Carole begins by describing her most surprising lesson is the sheer amount of work.

Chris was surprised about all of the aspects that go into a quality production. For example, mastering the sound of the podcast.

Ron describes the most surprising lesson being the work that goes into show notes and the conversion of full-length topics into bite sized nuggets.

Question #3 - What trait do you like most in your podcast partner

Ron - Chris’ accountability and availability. We meet together daily during the week to discuss goals, challenges, and collaboration opportunities. When help is needed, Chris is consistently there to help.

Chris - Ron’s calm, understated competitiveness nature. The competitive nature pushes both of us to get better everyday.

Question #4 - What do you worry most about when creating an episode of Hacker Valley Studio?

Chris - Capturing great quality audio. During post-production, we can fix nearly everything like “ahs”, “ums”, awkward pauses but not poor quality audio. Carole can relate to this technical difficulty as she has experienced difficulties with hearing feedback from internal microphones on her podcasts

Ron - HVS has had over a hundred episodes and around 10% of the guests have never been on a podcast. When recording with the 10% that have not been on a podcast before Ron’s main goal and concern is to ensure that the guest is comfortable. Creating an environment where guests can share their story and as.king great questions creates raving fans of our content through our listeners and guests

Question #5 - Who does more of the work on the podcast?

Ron - Chris is the GOAT for the HVS podcast. In the very beginning, Ron said that he did most of the work. In the beginning Ron was editing the video and audio for the podcast but at some point, Chris became curious about the audio editing process and fell in love with the process and built a strong foundation for rapidly increasing the quality of Hacker Valley Studio content.

Follow up to Question #5 - Chris do you appreciate about Ron’s contribution to the podcast?

Chris - Our chemistry. Episode one shows our chemistry because even though we did not have any experience podcasting, we still had a great conversational flow. It didn’t take anytime for us to build this chemistry up because Ron is able to read expressions and see where I’m going with questions and answers. Ron has always been able to pick up where I left off and bring up topics that I may forget.

Question #6 - Which episode of HVS sticks out most in your mind and why?

Chris - Episode 40 with Daniel Meade. This episode started out with us speaking with Daniel about AppSec but had many turns where we got to experience Daniel’s authentic humor and moments of growth throughout his life. This episode helped shape the future of Hacker Valley Studio.

Ron - Episode 104 with Robin Black. This episode has very little connection with technology and cybersecurity but focuses on the auxiliary skills that make practitioners at any craft great. Robin is fascinated with his work and crossing the chasm to gain expertise from similar or related fields.

Question #7 - What does success mean for Hacker Valley Studio?

Ron - Having fun during the process. Chris and I are extremely successful at this point because we’ve been enjoying creating the process everyday. We are lucky enough to speak to experts, work with vocal coaches, and learn how to make quality productions each week.

Chris - The impact on the listener. We’ve received emails and messages on social media from listeners that have thanked us for helping them get into cybersecurity and promoted within their field. We’ve been able to create our own journey and be part of others journeys.

Moments During the Podcast

0:00 - Intro

1:22 - Carole Theriault takes over Hacker Valley Studio!

2:50 - How Chris and Ron got into podcasting

5:06 - Would you rather be 8 foot tall or have eight feet?

5:55 - What are the most surprising lessons you learned from podcasting?

8:13 - If you were on a desert island, what luxury item would you bring?

9:10 - What trait do you like most in your podcast partner?

11:17 - What's your favorite thing to do outside of work and family responsibilities?

14:07 - What do you worry most about when creating an episode of Hacker Valley Studio?

18:55 - What is one thing any friend or family member could do to make you laugh or smile?

20:28 - Who does more of the work on Hacker Valley Studio podcast?

24:50 - Who would play you in a movie?

27:30 - Which episode of HVS sticks out most in your mind and why?

37:16 - How would you define success for Hacker Valley Studio?

Links:

Our guest host Carole Theriault

Carole’s podcast - Smashing Security and Sticky Pickles

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 114 - The Good, Bad, and Ugly of Threat Intelligence with Patrick Coughlin

Tue, 12 Jan 2021 10:04:50 -0600

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview Patrick Coughlin, Co-Founder and CEO of TruSTAR. Patrick began his career as a security analyst in Washington D.C. and the middle east. By working with government contractors, multinational corporations, and counter-terrorism units, Patrick learned that the biggest challenge that security analysts have is retrieving the needed information from disparate data sources. This discovery led Patrick to founding TruStar. Patrick’s focus is to help organizations automate the collection and curation of threat intelligence data.

Patrick’s analytical prowess originated from working at Booz Allen Hamilton where he learned a fundamental skill that all cybersecurity analysts should have - how to put together a slide deck. This skill helped Patrick articulate the importance of threat intelligence to leaders in the government and private sector.

As the episode progresses, Patrick details the differences between threat intelligence requirements for national security and enterprise. For enterprise threat intelligence programs, the goal is to accelerate automation of detection and rarely attribution. Patrick also mentions automation is only as effective as the data is cleaned, normalized, and prioritized.

What about the good, bad, and ugly of threat intelligence? Patrick describes that an organization can thrive by leveraging internal intelligence. This can be overlooked when organizations are fixated on buying threat data feeds and subscribing to ISAC feeds. Most enterprise organizations have a detection and response stack that is constantly providing information about threats relevant to their organization - which serves as great threat intelligence data.

Chris and Ron ask Patrick about the science vs art aspects of cybersecurity and threat intelligence. Patrick describes that there is room for both art and science in threat intelligence. While new concepts are being discovered, there is art in finding the needle in the haystack. However, at some point, intuition can be described into steps that a machine can repeat. For example, after years of analytical practice an analyst can describe how and why they are tagging threat intelligence related data in such a way that can be repeated by other analysts or automation.

This episode covers an abundance of tactics and techniques for threat intelligence analysts. Patrick describes the best place to begin automating threat intelligence is detection. An analyst can ask the question, “How do I get sources of known bad indicators into my detection stack so that I could drive high fidelity detections?”. As false positives decrease, your mean time to detection (MTTD) and resolution (MTTR) decrease which makes your threat intelligence and security operation team members more effective.

0:00 - Intro

1:53 - This episode features Patrick Coughlin, Co-Founder and CEO of TruSTAR

2:30 - Patrick’s background and start as a security analyst

5:19 - How to automate threat intelligence while reducing analyst fatigue

7:05 - How Patrick cultivated his analyst prowess

8:43 - Articulating threat intelligence to government and enterprise organizations

11:09 - Can a threat intelligence program be automated?

17:21 - Patrick’s experience of “good” and “bad” threat intelligence programs

20:31 - Logic vs Intuition in threat intelligence

27:04 - Artificial Intelligence and Machine Learning to make threat intelligence decisions

28:42 - Where to start when automating threat intelligence

30:02 - How to stay in touch with Patrick Coughlin

Links:

Connect with Patrick Coughlin on LinkedIn

Link to Patrick’s company TruSTAR

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Take our FREE course for building threat intelligence programs by visiting www.hackervalley.com/easy

Episode 113 - Astonishing Stories with Neil Bearden

Wed, 06 Jan 2021 08:49:20 -0600

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview Neil Bearden, storytelling expert and founder of The Story School and Plot Wolf Ltd. Neil originally started his career by teaching statistics and behavioral economics but had an astonishing introduction to storytelling by a stranger in San Francisco.

The episode begins by Neil sharing that he began his career in academia by completing a PhD in psychology which led to him teaching statistics, behavioral economics and behavioral decision-making. At some point, Neil found that he had a passion for storytelling and started the first MBA course at our INSEAD university on storytelling called storytelling workshop. Teaching storytelling at university helped Neil discover that the storytelling market is the entire world! Which ultimately led to his recognition and founding companies that help individuals tell their greatest stories.

While completing his postdoctoral studies at Duke University in 2005, Neil attended a neuroscience conference in San Francisco where he decided to go for a walk and ran into a stranger that asked him, “Would you like to hear some poetry young man?”. After Neil agreed, the man said:

“They’re latent semantics embedded deep down inside these rambles; these aren't the ravings of a madman alone, the dark with candles.

These are my notes, the underground they were sent to me from the year 2012

Dusky as he said to a beat these lyrics, they were pinned in a prison cell

Caught up with a knife, sent to the compression of vacuum tubes that articulate expressions

Are readily answered with a question.

A rhythm that's progressing

It keeps the head nodding like you agreeing with the lesson

Your freedom, It's called the question - Free will. That's obsolescent.

It's a myth from long ago. It's no longer relevant to the present.

So you must obey then all your thoughts young man, you must replace them with this prism. You’re plugged into the system. You too are now in prison.

In the matrix of your mind known as walls, ancient wisdom in a system of symbols, encrypted and deeply hidden

In the depths of your unconscious as if it were forbidden from outside awareness, by the id who does its bidding”

The man introduced himself as Osiris, a poet. For several hours, Neil and Osiris shared life experiences together while Osiris recited poems at his own accord throughout the night. After departing, Neil never had the opportunity to meet Osiris again but did attempt to track him down years later with no luck.

After the introduction to Osiris, Neil made a commitment that he’d begin writing poetry and cultivate the courage to share his stories publicly. Neil learned that he could halt beer bottles from clinking, discussions happening, and have listeners lean in while telling a great story. This compelled Neil to pivot from teaching statistics at university to teaching storytelling. After teaching storytelling for many years, Neil realized that he wanted to make a bigger impact and become an entrepreneur and teach storytelling to anyone who needs it.

Today, Neil helps companies and individuals add spice to their stories by extracting the details of a story that helps listeners internalize and visualize the nutrient rich details of a story. Neil is often humbled by the fact that he was able to pivot to a psychology PhD to storyteller organically and is able to help so many through having conversations.

As the podcast progresses, Neil highlights the difference between a story and a “crappy little speech”. While telling a story, the presenter needs to invoke a visual experience for the audience and provide a mental movie. Providing description of looks, taste, and feel helps build a mental model for the audience when being told a story. Everyone has experiences and knowledge that is story worthy.

0:00 - Intro

2:52 - This episode features Neil Bearden, founder of The Story School and Plot Wolf Ltd

3:57 - Neil’s introduction to storytelling by Osiris, the poet.

12:20 - The search for Osiris after 2005

15:09 - How Neil helps companies and individuals with storytelling
18:03 - Difference between a story and a crappy little speech

23:51 - Shaking the dust off of a story and making it great

26:00 - Using previous experience from statistics to tell stories

36:36 - Advice for beginning to tell your story

41:00 - How to stay in touch with Neil Bearden

Links:

Connect with Neil Bearden on LinkedIn

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 112 - Cybersecurity and Ambient Computing with Dr. James Stanger

Thu, 17 Dec 2020 04:00:00 -0600

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview the brilliant Dr. James Stanger, Chief Technology Evangelist at CompTIA and scuba diving aficionado. The episode is a kind of journey through time - touching on the past, present, and future of cybersecurity.

As the conversation begins, James looks to the past, sharing about himself and his background. He studied English Literature, worked as a technical editor and then writer, worked in education, and finally made his way to a position with CompTIA. All along, James demonstrated his propensity for combining aspects of his knowledge and experience, a propensity revealed most recently by the way in which his work for CompTIA merges education and cybersecurity. James’ background has an incredible evolution to it, and has set him up to be a well-rounded and knowledgeable addition to the cybersecurity field.

And his knowledge comes in handy, as much of James’s work involves answering client questions. James shares with Ron and Chris about current trends of questions he’s facing, as well as how he encourages agility in the face of emerging technology. Further, he explains the term, “ambient computing” and its tie to emerging tech, concluding that we are entering a hyper- or post-information age in which data is collected at an incredible rate. Data is in the air, captured, and processed, with massive stores of information about individuals available. This fact raises questions about how to ethically manage the data, and how to make sure it is used well. These questions, in turn, lead to considerations of business compliance, ramifications, and the like. As the conversation winds down, James shares areas of opportunity he sees in approaching cybersecurity from a business perspective, and explores ways in which he’d like to see the future of cybersecurity take shape - including an uptick in IT hiring, a stronger focus on implications, and more!

0:00 - Intro

1:41 - This episode features Dr. James Stanger, who begins by sharing about his background.

5:25 - What kinds of questions are companies and individuals asking these days?

8:04 - How is Dr. Stanger advising companies to pursue agility in light of emerging tech?

11:19 - What is ambient computing?

13:43 - The conversation turns to ethics, understanding of ramifications, and business compliance.

17:02 - What areas of opportunity does James see in approaching cybersecurity from a business perspective?

21:01 - James shares about what he wants the future of cybersecurity to look like.

Links:

Follow James Stanger on Twitter

Connect with James on LinkedIn

Learn more about CompTIA

Follow CompTIA on Youtube

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about ByteChek

Want to take the Introduction to EASY Framework Course with Ron and Chris? Take it for FREE here: www.hackervalley.com/easy

Episode 111 - Getting Back to Happy with Suzanne Falter

Mon, 14 Dec 2020 13:38:32 -0600

In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by Suzanne Falter, an author, motivational speaker, and podcaster who helps busy women find happiness through self care. In 2012, she ended her relationship, shut down her business, and her 22 year old daughter, Teal unexpectedly died. In the year that followed, she says she did nothing but take exceptional care of herself. Living in a friend’s guest room, she learned to slow down and practice self care.

Years later, Suzanne met the young woman who received Teal’s organs, and her mother, Debbie. Now, Debbie and Suzanne host the Back to Happy podcast together. Suzanne explains their instant chemistry, and how meeting them allowed pieces of life to fall together. These days in addition to the podcast, Suzanne has continued slowing down her life, working as an author and podcaster. She shares that she’s done this through choosing to slow down and practice meditation. She recommends taking a break from screens and starting to do small moments of life without them. It can be difficult, she says to start mindfulness from a healthy mental state, for those with depression or other mental health concerns, she says your first priority is to get help. Help can come in many forms, and it’s okay to reach out and ask for it.

To keep your alignment in check, and be able to sit in stillness, Suzanne says you have to have strong boundaries. This means recognizing what is encroaching on you. Once you’ve identified it and set that boundary, you can sit and do nothing which takes your brain into default mode. Default mode is where creativity and problem solving happens. In the midst of the pandemic, this can be difficult. Suzanne recommends small tasks that keep your hands busy, but allow your brain to relax as a start. She says avoid telling yourself what you “should” do, and think about what the next right thing to do is instead - one step at a time.

As the episode ends, Suzanne gives her advice to listeners for how to get back to happy.

0:00 - Intro

1:42 - Listeners are introduced to Suzanne and the episode ahead.

3:15 - Suzanne shares her background.

5:58 - How do you get back to happy after something tragic happens?

11:43 - Suzanne gives advice for how to slow down.

14:08 - Mindfulness practices.

21:53 - Suzanne explains the default mode.

24:42 - How can folks get back to happy in a pandemic?

32:41 - Suzanne’s advice to listeners.

Links:

Learn more about Suzanne Falter and connect with her on Twitter

Learn more about Suzanne’s books.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor Bytecheck.

Episode 110 - Becoming Material Security with Ryan Noon and Abhishek Agrawal

Thu, 10 Dec 2020 04:00:00 -0600

In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by co-founders of Material Security, Ryan Noon and Abhishek Agrawal. They co-founded Material Security in 2017, today Ryan serves as the CEO, and Abhishek the CTO. Abishek has a background in engineering, infrastructure and analytics and his MBA from Harvard. Ryan’s background is in engineering and data analysis, and holds multiple computer science and security degrees from Stanford. Before they moved on to creating their own company, they worked together at DropBox.

While they both have a strong engineering background, they are developing a security product. Ryan explains that coding and engineering is why he’s able to work in cyber security, all his years of engineering helped him make a reliable and effective product. Abhishek agrees that both their different backgrounds have carried over into the security industry and says the lessons he learned in productivity and engineering have been incredibly useful. Despite these diverse backgrounds, Ryan says going into security was an easy decision. “Go to where the problems are,” he says. Around the time of the founding of Material Security, there were a lot of problems with email. Abhishek agrees, and says he’s always been interested in email and how it’s being destroyed by threats.

When hackers access your email, what are they looking for? Abhishek explains that they may be downloading all of its contents, or resetting passwords to services like Twitter or Instagram. Material Security works to ask those questions and stop the effectiveness of a breach in email security. This shifts the focus from all the ways someone may hack you, to the implications of that hack. Ryan likens it to a burglary, explaining that their security is less about all the doors and windows - ways to get into your home - but rather what someone may want once they’re inside.

There is a lot of hand wringing in startup land, Ryan says, but there is no one right way to do it. The startup can burn you out, and what made Material Security’s leadership work was the reliance on each other, both he and Abhishek and their third co-founder, Chris Park. For them, this was the magic answer, having a third person gives them a tie breaker and someone who could cut through the noise with clarity. Abhishek agrees, joking that they compliment each other by Ryan giving long detailed answers, and Abhishek can summarize his thoughts. In all seriousness, this balance of responsibility and strengths requires a level of trust and lack of ego but makes the team work smoothly. Having unique skill sets is important, but Abhishek explains overlap is important as well because you can speak the same language and push each other for the best solutions.

When you come from similar backgrounds, no one is the authority and ideas get pressure tested. One of the challenges is using this overlap of skills for good - not letting it paralyze you. Another challenge they faced is knowing where to question and press industry standards, versus where to accept and excel at current practices. When thinking over their challenges and journey they offer some advice to new founders. Ryan stresses, “stop trying to get into things.” People can fall into the trap of trying to get into college, programs, and industries, and end up giving up some of their productivity and creativity to others. He also encourages people to know their partners and communicate with them about everything. Abhishek says people should divorce the idea of leaving their job from starting a company. Instead you should decide if you’re ready to leave your current job and then if you want to go to a new company or start your own.

0:00 - Intro

1:40 - Listeners are introduced to co-founders of Material Security and the episode ahead.

3:05 - Ryan and Abhishek introduce themselves.

5:38 - How do engineering and cyber security intersect?

8:39 - Why did Ryan and Abhishek decide to go into security?

14:28 - Ryan and Abhishek explain what hackers do when they’ve gotten into email.

18:08 - How do Ryan and Abhishek navigate their relationship?

24:19 - Ron asks Ryan and Abhishek about the challenges of the founder’s journey.

26:45 - What piece of advice do they have for new founders?

Links:

Learn more about Material Security.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 109 - Honest Security with Jason Meller

Tue, 08 Dec 2020 04:08:00 -0600

In this episode of Hacker Valley Studio podcast, Ron and Chris are joined by Jason Meller, Founder, and CEO of Kolide. Jason has over 10 years of experience in managing and leading security organizations. Jason’s interest in technology and cybersecurity began in the 1990s when he began programming in Visual Basic and building AOL Instant Messenger bots. Building offensive tools accelerated Jason’s interest in defending networks and helped him learn how much honesty plays part in building security solutions.

Jason mentions that the security monitoring software at most organizations have the same functionality as spyware or surveillance tools. In addition, these tools are designed to scrutinize all the actions that occur on a device. COVID-19 has increased the rate of organizations going through a digital transformation; as a result, users at an organization are not in a cubicle but at their home. This could mean that security teams have an extremely elevated level of access to devices without transparency as to what is being monitored to protect an organization. This is why Honest Security was created - to create a transparent relationship between security teams and end-users.

Jason has collaborated with Jesse Kriss from Netflix who is actively working towards incorporating user-focused security. Jason describes that organizations should build a culture based on trusting users, treating them like adults, giving them the tools that they need to do their job, and not treating them as suspects from day one. Instead, organizations and security teams should seek teachable moments by giving recommendations and educating users.

Throughout the episode, Jason describes situations that involve users and security team members maneuvering around security tooling obstacles to get their job done. Since working at home, traditional tools have created friction in the user experience. For instance, not having the ability to use USB ports on work devices, disabling corporate VPN to watch a YouTube video, and having to create a ticket to install software to help them with their job. When this friction is created, users will resort to using their personal devices for work activities and miss the opportunity to benefit from security. In some cases, there are “evil” applications found on a device created by a user - but often bad applications installed by users are Chrome extensions or helper utilities that are sending browsing history to a marketing firm.

In the Honest Security manifesto, there’s a section on empathetic intelligence, Jason describes this concept as thinking of the daily life users, thinking of what challenges are users attempting to solve in their workflow, and what part of that workflow could pose a risk to the organization. An example of this would be a security team member trying to empathize with someone who is a developer- and thinking of their daily workflow. When empathizing the security team may realize that the developer is attempting to fix issues on a production application. While fixing the production application, the developer may try to bring a copy of the application database to their local device. Creating a local copy of the database could pose a security risk the copy of the database is not deleted in a reasonable time or the user has their device auto-backup folders to their corporate or personal cloud storage solution (ie. Google Drive). Creating education for avoiding this mistake is a prime example of empathic intelligence when practicing Honest Security.

As the episode progresses, Jason goes into depth and explains more tenants of Honest Security - The goal is not to give unlimited power to the user or security team but to enable everyone to be in the position to make the right decisions and give appropriate recommendations. When consequences are articulated, users can understand that when maneuvering around security tools can pose a risk to their device and organization. Ie) disconnecting from the corporate VPN. When coaching and education are put as a priority when practicing security, James describes it as empowering the user to be successful and more transparent.

0:00 - Intro

2:28 - This episode features Jason Meller, Founder, and CEO of Kolide!

2:54 - Jason shares his background and his path into cybersecurity.

4:07 - What is Honest Security?

5:22 - Jason’s examples of dishonest security

8:08 - Collaboration with Netflix and User-Focused Security

16:00 - Jason describes Empathetic Security

19:17 - Tenants of Honest Security

35:32 - Wrap Up and Resources for Honest Security

Links:

Learn more about Jason Meller and connect with him on LinkedIn.

Learn more about Honest Security and read the manifesto.

Learn more about Jason’s company Kolide

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 108 - Behind the Mic with Carole Theriault

Wed, 02 Dec 2020 16:50:54 -0600

In this episode of the Hacker Valley Studio podcast, Ron and Chris host a special episode featuring one of their favorite guests. Carole Theriault is the co-host of both the Smashing Security podcast and the Sticky Pickles podcast, and she is also the founder and director of her own company, Tick Tock Social. Carole joins Ron and Chris to talk about her passion for being behind the mic, the impact of COVID-19 on the 2020 holiday season, and more!

As the interview gets underway, Ron and Chris ask Carole about her background and what she’s up to now. At this point, Carole says, she’s in “podcast land.” She works in tech and IT security, as well, and in her work with Tick Tock Social, she aims to help people simplify their messaging and make it palatable for the representatives of companies they’re propositioning. Turning to her podcasts, Carole shares about her co-host for Smashing Security, Graham Cluley, her friend (or frenemy, perhaps?) with whom she also previously worked for Sophos. To conclude her brief personal introduction, Carole notes that she also fills some of her time with hobbies, such as yoga, baking bread, and painting.

Moving forward in the conversation, Ron and Chris are first curious about how Carole got into podcasting in the first place. She explains that a business trip for Sophos involved her listening to This American Life and falling in love with the podcast medium. After she stopped working for Sophos, she started her own projects, and she was eventually able to convince Graham to host a podcast with her.

And it is this podcast that once included Chris as a guest! So, Chris asks, how did he do? The question kick starts a conversation about quality podcast and radio production, which involves voice quality, radio technique, and more. Fortunately, Carole finds that Chris (like Ron) has a great radio voice, and (unlike Graham) she also finds him to have a good laugh. While it can be challenging to find guests with strong radio presence, one benefit of 2020 is that people have had lots of opportunity in lockdown to work on the relevant skills!

Another area in which potential guests often struggle is that of communicating and making themselves the “star,” so to speak. Carole skillfully takes pressure off of guests and highlights them herself, and she is able to do so because she is not running her show for a boss or a company, but for herself and in order to have fun. Her work is designed to be light!

The lightness is born out of experience, though, as Carole is able to choose content for the show because of a well-developed instinct. She developed her instinct, in part, through her work at Sophos. Looking back, Carole details her transition away from Sophos. Over her 15 years there, the company grew and changed, Carole took on too much, and she found she needed to leave. She and Graham decided on the same day to leave Sophos, not knowing where their friendship was yet to lead!

Carole’s journey has certainly been one of stepping into her personal power, and her philosophy in all her endeavors is to be herself. While missing personal contact, she has navigated the pandemic well in her professional life. More personally, she, Ron, and Chris look ahead to the upcoming holidays, which will certainly be usual! They also share a benefit of the pandemic: people having more free time to join podcasts as guests. In fact, Carole is excited to feature Tim Harford of the BBC’s More or Less podcast soon (and, hopefully in 2021, Ron!).

As the conversation winds toward a close, Carole explains her approach to finding guests, which focuses on finding “win-win” scenarios. She likens the departure of co-host Anna (from Sticky Pickles) to a breakup, asks about Ron and Chris’s friendship, and offers advice both to a new podcaster and listeners looking to ensure their cybersecurity this holiday season!

0:00 - Intro

1:40 - This special episode features Carole Theriault!

2:44 - Turning to Carole, the hosts ask her to share her background and what she’s up to now.

5:00 - How did Carole get into podcasting in the first place?

6:50 - Chris asks, “How did I do?”

10:03 - What are some techniques to highlight a guest and make him/her the star?

12:10 - Carole and her hosts get into content selection.

15:13 - Carole tells the story of her decision to leave Sophos.

19:00 - This journey has been an experience of stepping into her own power.

21:01 - She is herself in her work; COVID-19 has not hindered this (though she misses people!)

23:26 - The group talks holiday preparations.

27:49 - Next, they talk future podcast guests and how to choose guests.

30:07 - How long have Ron and Chris known each other?

32:32 - What’s Carole’s advice for new podcasters and for holiday cybersecurity?

Links:

Learn more about Carole Theriault and connect with her on Twitter.

Learn more about the Smashing Security podcast and connect on Twitter.

Learn more about the Sticky Pickles podcast and connect on Twitter.

Learn more about Tick Tock Social.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Introducing the Marqeta Leads Podcast

Mon, 30 Nov 2020 18:16:17 -0600

Hello HVS family! We are beyond proud to introduce a new leadership focused show for you listening pleasure. This account is still the home of the HVS episode you know and love but to subscribe to this show be sure to visit the link below!

https://link.chtbl.com/marqetaleadslaunch

In this inaugural episode, Ron and Chris sit down with Marqeta CEO, Jason Gardner, to discuss his journey through leadership and explain the tools he has used over his successful entrepreneurial career.

0:00 - Intro

1:00 - 3:00 — Learn about Jason’s first business venture and starting business in tech. Jason speaks about mindsets for entrepreneurship.

5:30 — Jason speaks about the importance of leading from values and finding his own style of communication.

7:30 — Learn where Jason’s leadership comes from and how it lent itself to a more steady vision.

10:00-12:00 — Communication is key, Jason speaks about his superpower and why he views leadership as a type of service.

13:00-15:00 — Jason shares about the weight of responsibility that a leader must become accustomed to. He shares how he navigated a very difficult time in Marqeta’s development as a company and platform.

16:00-20:00 — How Jason adjusted to physically distanced work and the gifts and challenges it has presented.

20:00 — Jason speaks a bit about leadership culture and why is it important to Marqeta’s values.

22:00 — Some advice from Jason on how to be a leader. If you want to keep up with what’s going on with Marqeta and Jason, follow Marqeta on social media!

Thanks for listening please do check out our social media for the latest.

Marqeta's Twitter Marqeta's Linkedin

Episode 106 - Stacking the Deck of Success with AJ Yawn

Tue, 24 Nov 2020 07:04:17 -0600

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview AJ Yawn in an episode that is a mix between a master class and a founder’s journey. AJ is the founder and CEO of ByteCheck, with a personal and company goal to “make compliance suck less.” He is a cloud security expert, and brings to the conversation a wealth of wisdom on cybersecurity, leadership, and personal growth. The episode focuses on topics surrounding a major event in the past week for AJ and ByteChek, addressing AJ’s background, the work surrounding ByteCheck’s genesis, AJ’s thoughts on compliance, and more!

The interview begins with a look at AJ’s background. AJ grew up a military brat, and eventually found himself in the Army for a time. While he did not place much consideration on technology before he entered the Army, it was during his Army career that AJ developed an interest in cybersecurity. He became passionate about cybersecurity and the cloud, and he went all in! After he left the service, he began a job in cybersecurity consulting, and he’s been in the field ever since.

This episode is recorded at another momentous shift in AJ’s career, though, and Ron and Chris invite him to share about the past week, focusing on highs and lows. AJ shares about how he and his friend Jeff just launched ByteChek days ago, choosing as their launch date the significant holiday of Veterans Day! This choice was a way to honor AJ’s family members who served before him, and Ron and Chris also thank AJ for his own service to his country.

In light of this exciting time, AJ explains what the early days of the company have been like and considers some influences that have shaped him. In this stage of his company, AJ has capitalized on LinkedIn. He had previously not been accustomed to using the site or to the more general task of business promotion, but he’s found that networking on LinkedIn is a great way to grow a new business. He also explores ways in which his background in sports and as a middle child among nine siblings have shaped him as a cybersecurity worker and entrepreneur. Such factors of his youth helped him to foster a growth mindset and competitive nature, and also taught him to stand in his power.

Next, AJ talks about the thinking behind the tagline, “make compliance suck less,” which is honest, humorous, and relevant to the problem that drove AJ to start the company. As he navigates issues of business, compliance, and the like, AJ demonstrates remarkable capacities for focus. Ron and Chris wonder how he manages to focus on a single subject and to stay intentional for months or even years at a time, and AJ answers that he focuses on the process. In order to do so, he relies on the 90-91 model (which calls for the first 90 minutes of his day to be centered on a certain thing), as well as an array of goals.

AJ is also deeply committed to an active pursuit of personal growth. One of the clearest demonstrations of this commitment came in the years leading up to the launch of ByteChek. AJ saw the need for such a company years ago and had it in mind to start his own company, knowing that he needed to take a chance to make the impact he wanted to make. However, he also knew that he was not yet ready to start a business, so he created a masterclass for himself to prepare. Since, in first forming the company, he needed to place special focus on learning the business and marketing side of things, his successful navigation of LinkedIn is just one testament to the effectiveness of his intentional training.

Even in the midst of the fear surrounding the COVID-19 pandemic (and many problems for businesses), AJ was confident in betting on himself and launching ByteChek. And he’s confident in the future of the company, as well. He invests himself in making compliance exciting for clients, and among his projections for the future of compliance, he even includes plans for a ByteChek Academy! As the conversation reaches a close, AJ provides listeners with a final nugget of wisdom pertaining to the two most prominent themes of the conversation: betting on oneself and stepping into one’s personal power.

1:35 - This episode features AJ Yawn!

2:53 - AJ and his hosts turn to background info and what AJ is doing today.

4:35 - This past week has been huge for AJ because of his company launch!

6:33 - Did AJ’s interest in cybersecurity start while he was in the Army?

8:49 - The group speaks of AJ’s family background, including the fact that he is one of nine kids!

10:00 - Has being in the middle of a big family and playing sports shaped AJ?

12:52 - AJ and his hosts consider ByteChek’s tagline.

15:21 - How does AJ focus so well?

17:18 - Why did he launch the company now, even in the midst of COVID-19?

21:21 - AJ created a masterclass for himself.

25:38 - How does AJ make compliance exciting?

29:39- AJ is asked about the future of compliance.

33:45 - What’s one nugget of wisdom AJ can offer concerning two main themes of the episode?

Links:

Connect with AJ on LinkedIn.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about ByteChek, and mention Hacker Valley Studio to receive a limited time offer!

Episode 105 - Striving for Impact with David Tsao

Wed, 18 Nov 2020 04:00:00 -0600

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview longtime friend David Tsao. David is a security advisor who leads security engineering at Marqeta, and he is an ever-innovating wealth of knowledge. Ron and Chris ask David about his background, philosophy of leadership, and more!

David took a nontraditional route into the security field, as he had a background in chemistry and pharma before breaking into the security community. Ron and Chris ask David to explain various aspects of his experience, including decisions regarding when to buy or build things, how vendors may find problems to tackle, and his own founder’s journey as a team builder. David’s story of team-building opens the door to conversation about his role as a leader in the field, and he tells Ron and Chris about his expectations about leadership and how they matched reality, strategies for assuring opportunity for team impact and giving individual employees opportunities, and what he looks for in his work of hiring employees.

Another major topic of conversation is David’s philosophy concerning the social commentary of the day. More specifically, Ron and Chris wonder how he thinks about issues surrounding both diversity and inclusion and wealth and income gaps. David explains his thoughts and desire to partner with others in work for change, and also shares the story of a past experience tasting social change and feeling like he made a difference. Finally, David offers advice to listeners eager to make an impact on their own community, as well as listeners looking with a broad vision and wanting to bring change to the world.

1:34 - This episode features David Tsao and starts with a look at his background.

3:48 - David handles questions of building vs. buying and operating as a vendor.

9:54 - The conversation turns to David’s founder’s journey.

13:26 - David is asked about his first step into leadership, including expectations and reality.

15:05 -David gets into some team strategies and ways to best serve individual employees.

20:48 - What does David look for in hiring people new to the security field?

23:59 - Ron and Chris want to know David’s philosophy on social commentary going on now.

28:14 - They ask David to share a story about seeing and contributing to social change.

30:47 - Where should people who want to make a community impact start?

33:37 - What’s one piece of advice to listeners wanting to bring change in the world?

Links:

Connect with David on LinkedIn.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about ByteChek, and mention Hacker Valley Studio to receive a limited time offer!

Episode 104 - Analyzing the Enemy with Robin Black

Wed, 11 Nov 2020 04:00:00 -0600

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris provide a very special episode as they interview Robin Black. Robin is a martial arts practitioner and commentator, and he is arguably the best martial arts analyst in the world. He believes secrets to the universe lie in the sacred moments of combat - and that couldn’t be any more true in cyber security. So what does cyber security have to do with martial arts and analysis? Ron and Chris invite listeners into the conversation to find out!

As the conversation begins, Robin shares about his background, emphasizing the fact that he has the privilege of doing what he loves. Robin’s work involves taking events and crafting a story in real time; the task is in many ways similar to that of cyber security, but as a general rule, it requires more speed. And so, Ron and Chris wonder, what is Robin’s mindset as an analyst? Robin explains how he developed his interest and skill as an analyst, slowly building skill, sharpening his ability with language, and consciously deciding to go back to the roots of martial arts in his analysis rather than approaching the work as a television announcer typically would. He is an art curator of violence, so to speak, and is committed to “nutrient rich” commentary.

Moving forward in the conversation, Ron and Chris wonder about what advice Robin would offer to the “little guy.” Using the example of Brazilian Jiu Jitsu, Robin explains the value of knowing more, having more knowledge, being able to change, and being confident. Such strengths help the apparent underdog in both fighting and cyber security. Much like they considered unhackability with previous guests, Ron and Chris also raise the notion of an unbeatable fighter, and Robin details the reasons why such a fighter is a myth. Listeners will learn about such things as the cracks and flaws in fighting (which are located in the root of fighting - within belief systems), the workings and danger of muscle memory, how Robin dissects fighters, and how Robin thinks about cyber security!

1:45 - This special episode features Robin Black!

3:19 - The conversation first turns to Robin’s background and what he’s doing today.

5:31 - What is Robin’s mindset as an analyst?

11:21 - Ron and Chris wonder what advice Robin would give to the “little guy.”

14:02 - Is there such a thing as an unbeatable fighter?

17:17 - The episode turns to the flaws and cracks within fighting.

20:54 - What is the component of muscle memory, and what role does it play?

24:31 - Ron and Chris want to know how Robin dissects fighters.

33:24 - Does Robin have any questions about cyber security?

Links:

Follow Robin on Twitter, Instagram.

Follow Bellator MMA on Youtube.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about ByteChek, and mention Hacker Valley Studio to receive a limited time offer!

Episode 103 - Social Influence and Voting in Cyber with Kiersten Todd

Mon, 02 Nov 2020 16:57:59 -0600

In this episode, our guest is Kiersten Todd, a cybersecurity innovator for small and medium sized businesses. Kiersten is also behind creating the legislation for Department of Homeland security. There are very few subjects that Kiersten doesn't have experience on in cybersecurity. She's also the managing director of the cyber readiness Institute. Chris and Ron had a great time speaking to Kiersten and she comes with a wealth of knowledge.

The Cyber Readiness Institute

Kiersten's LinkedIn

Email: ktodt@cyberreadinessinstitute.org

Take our Free AttackIQ course and earn your badge here: www.hackervalley.com/easy

Get your free audiobook from Audible.com

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Episode 102 - Tale of Three C's Craig, Corey, and Cyvatar

Wed, 28 Oct 2020 17:06:18 -0500

In this one-of-a-kind episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview two amazing founders who are disrupting the industry and bringing in unique perspectives. They are Corey White and Craig Goodwin, the founders of Cyvatar, a cybersecurity-as-a-service startup. The conversation centers on the business itself, Corey and Craig’s journey as founders, and more!

The conversation starts with Craig and Corey sharing a bit about their respective backgrounds. Craig has been a CISO for about 20 years, having moved into that line of work after spending the previous years working for the government of the UK and in security services. Corey has been in his current industry for about 25 years, and he details his work with companies such as Foundstone and Cylance that eventually led him to his present work. Craig and Corey share an entrepreneurial spirit that they’ve each had since childhood, but they have complementary backgrounds that help them to work well together, with Corey approaching the company from an industry perspective, and Craig from a CISO perspective.

Corey and Craig talk with their hosts about Cyvatar. They share about their first seed round, the gaining of their first customers, and their aim to be cyber avatars for their customers - putting customer needs first and taking a background role to make the customers look good. Further, Corey and Craig discuss the way they navigate dynamics of team synergy and collaboration when they live on different sides of the world, address their decision to include services with their startup, explain their slogan and the terminology they’ve developed, and finally share lessons they’ve learned from their journey.

0:56 - This is a one-of-a-kind episode!

2:05 - The conversation turns to Corey and Craig’s respective backgrounds.

5:18 - What is the background of the company?

8:45 - The focus shifts to Craig and Corey’s complementary skills.

13:19 - How did Corey and Craig realize they had an entrepreneurial spirit?

17:06 - A team needs synergy and collaboration.

20:40 - Corey and Craig decided to include services with their startup.

24:57 - The two founders introduced new technology.

27:21 - Corey and Craig are asked about lessons they’ve learned.

Get your free audiobook from Audible.com

Learn more about Hacker Valley Studio

Connect with Cyvatar on LinkedIn.

Follow Cyvatar on Twitter.

Connect with Corey White on LinkedIn.

Follow Corey White on Twitter.

Connect with Craig Goodwin on LinkedIn.

Follow Craig Goodwin on Twitter.

Email Corey at corey@cyvatar.ai

Email Craig at craig@cyvatar.ai

Learn about Cyvatar’s recent seed round and press release.

Episode 101 - US CyberWeek With Congresswoman Yvette Clarke and Laura Robbins

Thu, 22 Oct 2020 22:42:44 -0500

The Daniel Initiative was kind enough to involve us in a special event for CyberWeek. We produced a live podcast session called "Our Space". Ron and Chris, from the award-winning podcast Hacker Valley Studio, interviewed Congresswoman Yvette Clarke (NY-9th) and Laura Cathcart Robbins from "The Only One in the Room Podcast".

Both interviews focused on representation, people of color in technology leadership, and occupying our place in society.

Congresswoman Yvette Clarke's Social

https://www.instagram.com/repyvetteclarke/
https://twitter.com/VoteYvette
https://www.linkedin.com/in/yvette-clarke-9b3aa810/

Laura Robbins' Social

https://theonlyonepod.com/
https://www.instagram.com/lauracathcartrobbins/
https://twitter.com/lauracrobbins?lang=en
https://twitter.com/TheOnlyOnePodc1

Get your free audiobook from Audible.com

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Episode 100 - A Very Special Episode

Wed, 21 Oct 2020 13:19:04 -0500

In this special 100th episode we dip into the Hacker Valley Studio vault to bring you never before heard content from some brilliant experts in their field. We will be releasing these episodes in their entirety on our Patreon page down below.

Get your free audiobook from Audible.com

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Episode 99 - Securityweek's 2020 CISO Forum: HVS Style

Mon, 12 Oct 2020 15:54:31 -0500

In this special live recording of the Hacker Valley Studio podcast, Chris and Ron are joined by Fredrick 'Flee' Lee, chief security officer at Gusto and an inspirational cybersecurity leader who is focused on making security "lovable" across the organization.

Securityweek’s CISO Forum is designed for senior level security leaders to discuss, share and learn innovative information security and risk management strategies. The forum addresses issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

The Hacker Valley Studio podcast explores the human element of cybersecurity programs and the inspirational stories and knowledge to elevate culture and quality of security programs.

Learn more about Securityweek’s CISO Forum

Follow Flee on Twitter

Get your free audiobook from Audible.com

Hacker Valley Red Finale - Marco Figueroa

Tue, 06 Oct 2020 15:02:05 -0500

This episode of the Hacker Valley Studio podcast concludes the Hacker Valley Red series. In this finale, Ron and Chris interview their friend - and formerly their shared roommate - Marco Figueroa. Marco is a security researcher and cybersecurity speaker, and he is also a bug bounty enthusiast. He and the hosts constant improvement, bug bounty, and more, while also looking back at the conversations thus far in the season.

At the start of the conversation, Marco shares about his background and what he’s doing now. He runs through the past 7-8 years of his career, ultimately arriving at his current transition to Sentinel. Ron and Chris jump in to thank him for his contributions to their podcast, and to share with listeners about their friendship with Marco. Moving forward, Marco talks about how he first got into the security community, and eventually found a niche in reverse-engineering malware. He also involved himself in the bug bounty community, and in his various spheres of life, he is committed to building relationships and staying relevant. Marco explains his system of scheduling calls, his practice of (and future plans for) content creation, and love of learning and feedback.

Throughout the conversation, Ron and Chris lead the conversation to cover a wide variety of topics. They ask about the possibility of an unhackable device (which Marco denies), the mindset of a hacker, Marco’s philosophy in protection work, and the question of whether or not coding experience is needed for hacking. The group looks back to former conversation about the hacker mindset (with Ted), about community (with Alex), and about social engineering (with Rachel). In view of the whole season, the group considers two main takeaways: the value of mentorship and the need to put oneself out there and take a first shot. Marco shares a lot from his own experience, and makes sure listeners know to press on and trust the process.

-The episode features Marco Figueroa, and listeners are introduced to the content ahead.

-What is Marco’s background, and what is he doing now?

-Is there such a thing as an unhackable device?

-The group talks about Marco’s philosophy in his protection work, the place of social engineering, and the value of building relationships.

-What is the hacker mindset, and do you need coding experience to be a good hacker?

-If interested in the red side of the field, what should someone do first?

-Marco shares about what he sees on the horizon.

-The group considers two major season takeaways: the value of mentorship and the need to put yourself out there and take the first shot.

-Where is Marco planning to take his contact creation from here?

Links:

Connect with Marco Figueroa on Twitter

Connect with Marco on LinkedIn

Follow Marco’s Livestream

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about the season sponsor, RiskIQ

Hacker Valley Red Episode 7 - Maurice Ashley

Tue, 06 Oct 2020 15:00:39 -0500

This episode of Hacker Valley Studio podcast’s Hacker Valley Red Series features guest Maurice Ashley, a chess grandmaster and author of Chess for Success. Maurice is a chess guru and has been playing it ever since his high school years. He is currently involved in commentating for chess events, teaching chess, and training national chess champions. In this episode, Maurice and the hosts talk about Maurice’s chess journey along with some parallels between chess and cyber security.

The hosts, Ron and Chris, start off the interview by pointing out one parallel between chess and cybersecurity: the art of training. Maurice responds by sharing about the rigorous training of chess, and of the different strategies and techniques that must be learned. He also takes some time to explain his own journey with training in chess and how it progressed through the years. In high school, he started playing with his brother, and then moved to playing in more formal settings with more challenging opponents. This eventually led to earning the title of chess grandmaster. Being the first black male to receive the Chess Grandmaster title, Maurice speaks on how this accomplishment inspired others to reach for their goals.

Circling back to the parallels between chess and cyber security, Maurice touches on the importance of practicing for performance. This means knowing your opponent, studying their strategies, and using their energy against them. Chris and Ron highlight how this parallels with cyber security in knowing how to approach the opponent. They then ask Maurice about his thoughts on an unbeatable chess player and how it relates to an unhackable system. Maurice responds by explaining that in the game if chess with its millions of possible outcomes, having an unbeatable player is impossible. Additionally, He emphasizes how this truth relates to cyber security. Rather than focusing on being unbeatable, Maurice encourages focus to be spent on readiness which is acquired through practice. In cyber security, Chris and Ron explain how readiness means having the ability to respond automatically to situations. They ask Maurice about blitz and bullet chess and how it relates to this kind of practice. According to Maurice, blitz and bullet chess rely heavily on instinct and experience.

The conversation ends as the hosts ask Maurice to share some tips for people interested in learning chess. Maurice encourages people interested in chess to download his new app, Learn Chess with Maurice Ashley, where he provides lessons on chess. He closes by encouraging others to reach for the greatness inside them. According to Maurice, greatness is defined as having the right mindset, doing the hard work, making the sacrifices, and learning through the process. This is the greatness that will be reflected in the end goal.

2:49 - Maurice introduces himself

6:46 - Maurice’s journey of becoming a grandmaster

9:20 - The impact of Exposure

11:07 - Maurice tells of the significance of being the first black male to earn the title of Chess Grandmaster.

15:00 - Maurice tells of the influence of his family in earning the title of Chess Grandmaster.

17:58 - Maurice speaks on practicing for performance and how it relates to cyber security.

22:00 -The parallels between an unbeatable chess player and an unhackable system

25:18 - Maurice explains blitz and bullet chess and how it relates to cyber security.

33:25 - Maurice gives some tips on how to get started playing chess.

37:04 - Maurice gives advice on how to reach greatness.

Links:

To learn more about Maurice Ashley, visit https://mauriceashley.com

Follow Maurice Ashley on Twitter and Instagram

Learn more about Maurice Ashley’s book Chess for Success and his app Learn Chess with Maurice Ashley

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about the season sponsor, RiskIQ

Hacker Valley Red Episode 6 - Lisa Jiggetts

Tue, 06 Oct 2020 14:46:24 -0500

On this episode of Hacker Valley Studio, hosts Ron and Chris speak with Lisa Jiggetts, founder of Women’s Society of Cyberjutsu. Their conversation covers Lisa’s background, her current work and her involvement as a penetration tester.

Lisa says she’s always been a techie who loved gadgets, breaking things and trying to understand how they fit together. She knew she wanted to work with computers, but wasn’t sure what that meant, exactly. Out of high school she joined the military working in IT, but knew she wanted to be a hacker. Eventually, she made her way to pentesting apps and systems in the cloud. Lisa loves the game aspect of pentesting and the red team. She says she enjoys the challenge of trying to get into the box and “level up,” trying more and more ways in before reaching out for help.

In between jobs a few years ago, Lisa began dreaming of a hands on training group for women like herself. It began as a meet-up group, which grew into the Women’s Society of Cyberjutsu, (WSC). She wanted hands-on workshops and an opportunity for networking and building a network of mentors and mentees. The first workshops and members were women in IT and even outside of tech, who were looking for a change and challenge in their career. Now the organization is in a state of growth with chapters across the country. To anyone interested, she says WSC gives the opportunity for hands-on training and a network of support.

As the episode ends, Lisa shares her advice to anyone interested in the red team or the world of cyber security in general. Her number one piece of advice is networking, because that’s the way she’s found a lot of her work in the past. She also encourages listeners, regardless of where they’re starting, to get their skills up any way they can. The field is always changing, Lisa says, so the initiative to work and show up is invaluable.

2:12 - The episode and guest are introduced.

3:50 - Lisa gives an overview of her background.

10:00 - Lisa explains her breaker mentality.

15:57 - What made Lisa commit to pentesting and the red team?

20:34 - Lisa discusses the founding of the Women’s Society of Cyberjutsu.

29:44 - Lisa’s advice for listeners interested in the red team and cyber security.

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about WSC

Follow Lisa Jiggetts on Twitter

Learn more about the season sponsor, RiskIQ

Hacker Valley Red Episode 5 - Ted Harrington

Tue, 06 Oct 2020 14:44:10 -0500

In this episode of the Hacker Valley Studio podcast’s Hacker Valley Red series, this time featuring guest Ted Harrington. Ted is an Executive Partner at ISE Security, an author, and a professional speaker. Hosts Ron and Chris speak with Ted about the concept of unhackability, his experience in the security field, an interesting story of an attack in real time, and more!

To start off the interview, Ted shares about his background. He currently works for a consulting firm that focuses on ethical hacking and aims to help companies solve their security problems, and his interest in the work of hacking goes back to a car-hacking experience in which he and his colleagues were inspired by a claim of unhackability and disproved the claim. Ted clarifies that there is effectively no such thing as an unhackable device or application, but that his work centers on closing attack vectors and making security systems stronger. In fact, he wants his legacy in the field to center on making things better. He shares about his own energy and motivation, and also explains the mindset of a hacker, which involves creativity and a certain way of thinking about and solving problems.

Ted has learned a great deal in his years in the hacking field, and Ron and Chris are eager to draw lessons out for listeners. Ted explains misconceptions about the red side of security before providing an extended example of hacking in real time: an example of cryptocurrency wallets that involved Ted and his team happening upon a real thief at work. Ted explains that people should not have a laissez-faire attitude about security, and that they should foster a right mindset and right partnerships. He clarifies that he sees many breakers start as builders, explains the utility of thinking from the perspective of a buyer, and offers advice for listeners looking to enter the field. This advice centers on mindset and hands-on activity; there are lots of opportunities to get involved with DEF CON, talks, contests, and even internships (including some at Ted’s company).

1:50 - The episode features Ted Harrington; listeners are introduced to him and the episode ahead.

3:05 - The conversation begins with Ted’s background.

7:21 - The group considers the term “unhackable,” closing attack vectors, and breakers starting as builders.

14:02 - “Think like a hacker.”

20:02 - Ted explains some lessons from real-life work, focusing on a cryptocurrency wallet example.

25:13 - What should people learn and do?

30:38 - Where do Ted’s energy and motivation come from, and what is the most interesting part of his work?

34:32 - Ted offers advice and shares what he hopes his legacy in the field will be.

Links:

Connect with Ted on LinkedIn or email him at ted@ise.io

Learn about Ted’s book, Hackable

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about the season sponsor, RiskIQ

Hacker Valley Red Episode 4 - Alissa Knight

Tue, 06 Oct 2020 14:42:22 -0500

On this episode of Hacker Valley Studio, hosts Ron and Chris speak with Alissa Knight, author of the book Hacking Connected Cars and self described “recovering hacker.” Their conversation covers content creation, API’s and hacking cars.

Alissa grew up in Seattle, Washington where there was a big art scene. She began building her own computers and running her own boards at an early age. She says a lot of people don’t know that she started out in the BBS scene back in the 90’s. At seventeen she hacked into a government network and was arrested. Eventually, the charges were dropped on a technicality and she went on to work for the US Intelligence Community in cyber warfare.

Alissa’s first start-up was a web design company where she ran a Lennox webserver around the time the teardrop attack in Lennox servers. The people she rented office space from were teardropping her web hosting server. She picked up a book on cyber security, and got introduced into the world of cyber security through necessity. She had a passion for finding vulnerabilities, and understanding things that were difficult to understand, which is what brought her to embedded systems. The rest she says is history.

As the episode ends, Alissa talks about her YouTube Channel, KnighTV. She says she’s always been an artist, and always wanted to do things at 200%. Her following is relatively new, at the beginning of 2019 she only had 4 followers on Twitter and now she’s passed the threshold to be part of the YouTube Partner Program. She wanted a cinematic experience for the viewer to stand out and not be just another video for the viewer. For anyone interested in getting started in being a breaker, she’s posted a couple videos on the topic, and explains there are many resources at their disposal. She says this line of work takes grit, and in her opinion a passion for reading.

2:08 - The episode and guest are introduced.

3:19 - Alissa gives an overview of her background.

6:29 - How Alissa’s career began.

10:16 - Do you have to program to hack?

14:26 - What led Alissa to hacking cars?

24:55 - Alissa explains what people get wrong about the red team.

29:25 - Alissa answers the question, “is there an unhackable device?”

36:54 - How KnightTV came into being.

41:08 - Alissa gives her advice on where to start getting into cyber security

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Follow Alissa Knight on Twitter

Subscribe to Alissa’s YouTube Channel

Learn more about the season sponsor, RiskIQ

Hacker Valley Red Episode 3 - Alex Rice

Tue, 06 Oct 2020 14:40:20 -0500

This episode of the Hacker Valley Studio podcast continues the Hacker Valley Red series by featuring Alex Rice. Alex is the CTO and co-founder of HackerOne, and he joins hosts Ron and Chris for a conversation about such topics as the beginnings of the researcher community, bug bounty, and the term “hacker.”

Alex first shares about his background leading up to what he’s doing today. He worked as a developer, and then about 20 years ago, he moved into the security field. Part of his career trajectory was motivated by his frustration over a lack of feedback loops, and he explains both how HackerOne came to be and some details about bug bounty. Ron and Chris are particularly interested in why HackerOne has the term “hacker” in it, even though the term can carry with it negative connotations (however inaccurate they may be). Alex clarifies that he and his colleagues do not want to beat around the bush, but want to be part of the work of dismantling false stereotypes about hacking.

Moving forward in the conversation, Alex covers a variety of topics related to his work. He addresses changes in hackers’ experiences with cease and desist orders, the bug bounty community, and the gamification of security and hacking. He shares about different motivations of security researchers, teenagers making a lot of income through bug bounty, hacking outliers and their personas, impacts of COVID-19, and writing reports. Ron and Chris ask Alex about whether or not unhackability is possible (spoiler: it’s not!), as well as about the closest thing to unhackable that can be achieved. Alex explains what he’s looking toward in the future, talks about his love of outdoor work, and finally offers encouragement to the person in bug bounty looking to keep progressing in the field.

1:34 - Listeners are introduced to Alex Rice and the conversation to come.

2:41 - What is Alex’s background, and what is he doing today?

7:45 - Alex explains why the term “hacker” is included in his company’s name.

10:45 - The group considers cease and desist orders, bug bounty community, and gamification of security and hacking.

18:11 - Alex addresses the reality of teenagers making millions through bug bounty, as well as the personas of hacking outliers.

22:43 - Alex talks bug bounty, COVID-19, and writing reports.

25:41 - Is unhackability possible? If not, what’s the closest we can get to it?

30:02 - The conversation concludes with Alex’s thoughts on the future, hobbies, and encouragement to people in bug bounty looking to continue in the field.

Links:

Connect with Alex Rice on Twitter

Connect with the Bug Bounty Community at hackerone.com/hacktivity

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about the season sponsor, RiskIQ

Hacker Valley Red Episode 2 - Rachel Tobac

Tue, 06 Oct 2020 14:38:58 -0500

On this episode of Hacker Valley Studio, hosts Ron and Chris speak with Rachel Tobac, CEO of SocialProof Security and Chair of the Women in Security and Privacy Board. Their conversation covers everything from neuroscience to spearfishing and human’s place in cyber security.

Rachel is a human hacker, also known as a social engineer, and she begins the episode by explaining her background in social engineering and experience in the non profit space. She credits her success in the field to her background in neuroscience and behavioral psychology as well as training in improv. Her husband works in cyber security and encouraged her into the space even though she was nervous at first because she didn’t know how to code.

Rachel explains that she still does not know how to code, her most important skills in social engineering are the ability to persuade and improv. When working with companies, Rachel helps client facing employees to help confirm people are who they say they are. She sits down with them to go through processes that help her close the loopholes that allow hackers to mine information. Humans are the first line of defense, so they have to have their guard up. From there, keeping the organization up to date on the latest trends in cyber security and how hackers find their way in is key to getting the correct tools to prevent hacks.

As the episode ends, Rachel shares her next steps are working with hospitals to prevent ransomware and phishing attacks. She’s also turning her attention toward the election and educating people on what the 2020 Presidential election will look like and the time it may take to announce the winner. While she does not currently think elections can be done entirely from home, she considers it a goal for the future.

1:59 - Rachel Tobac and today’s episode of Hacker Valley Red is introduced.

8:50 - What are the skills needed to become a social engineer?

10:51 - Rachel leads Ron and Chris through an improv exercise.

13:59 - Rachel shares where she thinks technology is headed.

20:20 - Rachel shares the scariest part of social engineering hacks.

25:29 - Rachel’s key takeaways.

34:11 - Rachel is looking toward 2020 election security.

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Follow Rachel Tobac on Twitter

Learn more about the season sponsor, RiskIQ

Hacker Valley Red Episode 1

Tue, 06 Oct 2020 14:36:48 -0500

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris introduce the podcast’s new series: Hacker Valley Red. After the previous season highlighted the defensive side of cyber security, this season will focus on the other side of the coin - the offensive side. Ron and Chris spend this initial episode talking about their experience with the offensive side of cyber security, what listeners can look forward to hearing in the episodes ahead, and what sorts of questions experts will field throughout the season.

As the conversation gets underway, Ron and Chris introduce the season, which will cover such topics as the background and personas of red teamers, information about red teaming technology, misconceptions from the blue side, and what red teaming really looks like. The hosts then share their own backgrounds in red teaming. While they both had some prior experience with red teaming, they learned a lot through hosting the episodes in the season. As they introduce the series ahead, Ron and Chris touch on the social side of red teaming, analogies by which red teaming can be explained, Ron’s exploitation video, the value and use of red teaming within organizations, the shared community of red and blue teaming, purple team engagement, the concept of unhackability, and more.

In the episodes ahead, Ron and Chris will ask guests what other aspects of life and technology help them with red teaming, and there are particular topics from the episodes that they are most excited to consider with listeners. These topics include the issue between blue and red teams, the concept of a hacker, the idea of unhackability, and different perspectives of paths into the field of red teaming and to mastery within it. Ron and Chris conclude their introductory conversation with two lessons they hope listeners will take from the season: the lesson that creation is a process and that the best red teamers learn to love the process, and the lesson that both red and blue team members are on the same team.

0:48 - The podcast is now moving to the other side of the coin: the offensive side of cyber security.

2:48 - Ron and Chris share their respective backgrounds in red teaming.

7:25 - What other aspects of life and technology help guests with red teaming?

10:50 - Chris asks about Ron’s exploitation video.

12:52 - The hosts address the iterative improvement of an organization’s security posture.

18:14 - Ron and Chris talk about purple team engagement.

21:12 - Is unhackability real or possible?

24:53 - Hacking can have to deal with a human, rather than a device or application.

26:34 - What key takeaways do the hosts want listeners to take from the season?

28:10 - What do Ron and Chris want listeners to learn?

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about the season sponsor, RiskIQ

Hacker Valley Blue Season Finale

Tue, 01 Sep 2020 04:13:41 -0500

In this episode of the Hacker Valley Studio podcast’s Hacker Valley Blue series, Ron and Chris wrap up the season with a recap of its past episodes and major takeaways, as well as a look at what’s to come for them personally and for the podcast.

Looking back on the season, Ron and Chris consider the importance of communication in the field of threat intelligence, specifically thinking of insights from their talk with D’Arcy and lessons in poetry and delivery from Valentina. They cover the surprise of Jack’s willingness to share personal thoughts, review their discussions of bias (specifically highlighting talks with Jon and Susan), and recount things learned about the concept of unhackability. Listeners will hear about the inevitability of mistakes in threat intelligence work, the “easy button” framework, the season theme of sharpening oneself outside of work, and the dynamic of a threat intelligence team.

The episode then turns toward Ron and Chris, themselves. Ron first puts Chris in the hot seat and asks what the future of threat intelligence is for him. Chris explains that, while he thinks his days as an individual contributor for threat intelligence are over, he is still doing some quiet, yet-to-be revealed work, and is turning much of his attention to giving back to the field. Ron, in explaining his own work, talks about bouncing between tasks, building tools for others, distilling information into simple messages, and continuing to navigate issues of automation. Finally, Ron and Chris thank people involved with the season and address what the future holds for the Hacker Valley Studio podcast. Listeners hear the exciting announcement of the next season: Hacker Valley Red!

0:47 - Ron and Chris talk about the importance of communication in the field of threat intelligence.

2:56 - What was one surprise in this season?

3:52 - The hosts review their conversations about bias.

6:55 - The episode turns to the “easy button” framework and the need for personal sharpening outside of work.

16:15 - Ron and Chris consider the inevitability of analysts missing things and the building of a team.

20:22 - What is the future of threat intelligence for Chris and Ron?

27:50 - The hosts review their insights about the possibility of an unhackable device or app.

29:43 - What is next for the Hacker Valley Studio podcast?

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about RiskIQ

Hacker Valley Blue Episode 7 - D'Arcy Webb

Tue, 01 Sep 2020 04:13:29 -0500

Ron and Chris host their vocal coach, D’Arcy Webb, for this episode of the Hacker Valley Studio podcast’s Hacker Valley Blue series. Since threat intelligence is a communications-based function, Ron and Chris look to “The Speech Diva” for insight. She has experience as an actress, was a coach for TEDxCambridge, and loves teaching people how to access the power of language to touch people’s hearts and change their minds.

As the conversation begins, D’Arcy explains her background to listeners. She explains how an acting incident early in her career turned her attention to the topic of vocals, and clarifies that she has spent the last 25 years teaching and exploring this aspect of performance. D’Arcy is passionate about treating the voice as the instrument that it is, and she works with students such as Chris and Ron to help them discover the musical and magical components to language and improve their own speaking practice. The way we speak, she insists, impacts people, and so it is well worth pursuing excellence in this area.

The conversation also highlights various details pertaining to vocal training. D’Arcy lists some of her favorite speakers and the reasons why she loves them (going out of her way to point listeners to NPR’s Fresh Air and its host, Terry Gross) She also speaks to the nature of vowels and consonants, the usefulness of pauses and variety in speech, how listeners can grow through coaching and - even today - through working on their breathing, the place of filler words in language, and the ideal of comfort with one’s own technique. Listeners will hear about Pablo Nerudo, onomatopoeia, vibrations, and so much more!

1:29 - Listeners are introduced to D’Arcy.

4:35 - The group considers Ron and Chris’s progress in speech.

6:08 - D’Arcy believes that magic and music are inherent in language.

8:48 - Who are D’Arcy’s favorite speakers, and what is the value of pauses?

12:03 - People wanting to grow need to learn the fundamentals.

17:05 - D’Arcy addresses filler words.

19:31 - The group thinks about comfortable technique, Pablo Neruda, onomatopoeia, and more.

27:52 - D’Arcy speaks to the power of speech and the importance of proper breathing.

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about D’Arcy Webb

Connect with D’Arcy on Facebook

Email D’Arcy at darcy@darcywebb.com

Learn more about our sponsor RiskIQ

Hacker Valley Blue Episode 6 - Brandon Dixon

Tue, 01 Sep 2020 04:13:13 -0500

This episode of the Hacker Valley Studio podcast’s Hacker Valley Blue series is a bit unique. It features Brandon Dixon, the VP of Strategy at RiskIQ, a major sponsor of the podcast. Brandon co-founded Passive Total in 2014, and it was later purchased by RiskIQ. He is the quintessential guest, invested in fitness, philosophy, tech, and leadership. He is an expert in both the practice and business of threat intelligence, and he shares with Ron and Chris about himself, his work, and the field.

Much of the conversation focuses on Brandon and his work background. Brandon explains his journey into the threat intelligence field, from his early interest, through jobs in tech and academia, and to work in espionage research. Eventually, he and friend Steve McGinty saw a need and tried to solve it; their efforts took shape in the company they co-founded, Passive Total. Brandon explains to listeners the process by which he and Steve created Passive Total, as well as the way in which they arrived at the deal to sell Passive Total to RiskIQ. Brandon was heavily involved in the integration of Passive Total into RiskIQ, before eventually settling into a specific role within RiskIQ that capitalizes his love of the business side of the field. He aims to work in light of his personal philosophy on life and success, which he also details.

The conversation touches on many practically relevant details of the threat intelligence field, as well. Brandon addresses the changes in the field and motivation he draws from these changes, bias and intelligence collection, and lessons that have arisen through his specific experiences. Other topics covered include intelligence leads and the future of threat intelligence, unhackability, the place of circumstances in life and business, and how intelligence leaders can improve their programs. As Brandon anticipates that threat intelligence will only become a more pervasive field, listeners will doubtless benefit from his own insights, as well as his recommendations of such resources as Malcolm Gladwell’s Outliers and RiskIQ workshops.

0:26 - The conversation begins with an introduction to this unique episode, its guest, and his background.

2:43 - The group considers the changing business of threat intelligence and what drives Brandon.

8:24 - The next topics are bias and intelligence collection, as well as what surprises Brandon.

13:00 - Brandon shares the story of Passive Total and its integration into RiskIQ, also addressing the business side of the field and lessons learned through his experience.

24:04 - Brandon addresses intelligence leads and the question of unhackability.

34:44 - What is Brandon’s philosophy on life and success?

39:37 - Brandon explains what threat intelligence leaders need to do to improve their programs.

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Follow Brandon on Twitter

Learn more about our sponsor RiskIQ

Follow RiskIQ on Twitter

Connect with RiskIQ on YouTube

Hacker Valley Blue Episode 5 - Susan Peediyakkal

Tue, 01 Sep 2020 04:13:00 -0500

This episode of the Hacker Valley Studio podcast is the fifth installment in this first season of the Hacker Valley Blue series, and features guest Susan Peediyakkal, an expert in building threat intelligence programs. Susan is a cyber threat intelligence consultant, the founder of BSides Sacramento, and a member of the advisory boards for several cybersecurity companies. She joins hosts Ron and Chris to speak to her background, the future of threat intelligence, and much more.

Susan first details her background, running through the highlights of her approximately 16 years in cybersecurity, which have focused mostly on threat intelligence. Susan began her career in the air force, and is still a reservist. She worked with radar, and eventually decided to cross-train and branch into IT. The following years saw her in a number of roles with various organizations, and move decisively into the threat intelligence field. Eventually, Susa noticed that her career trajectory was moving her toward building threat intelligence programs for government entities. She built programs for such varied clients as the government of Abu Dhabi, USPS, US courts, and industry leaders. She recently paused her work to pursue further education, but has since returned to work as a threat intelligence practitioner..

As the conversation continues, Ron and Chris ask Susan to share insights on several topics. The group considers the importance of community and a human element within the threat intelligence field, ways Susan has faced misconceptions when starting threat intelligence programs, the concept of unhackability, and what stakeholders outside the field get wrong about it. Returning to a topic that has been forefront on Ron and Chris’s minds recently, Susan also shares about bias in her line of work and how threat intelligence analysts go wrong in dealing with it. Moving into more personal topics, the group discusses Susan’s podcast-worthy voice, clarity, and articulation. Susan explains how experts in threat intelligence can cultivate a new wave of speakers, and the conversation ends with a look at what the future holds for both Susan and the field of threat intelligence.

1:40 - Listeners are introduced to the episode and today’s guest, Susan Peediyakkal; Susan then shares her background.

5:41 - The group considers the importance of community, misconceptions Susan has noticed about her field, and the artistry and human element of threat intelligence.

16:02 - What kind of bias is Susan running into, and where do analysts go wrong with regard to bias?

21:38 - Susan addresses the term “unhackable.”

24:35 - Susan and her hosts turn to matters of podcasting, voice, and speaking.

31:40 - What do people outside the field get wrong about it?

33:48 - What’s the future look like for Susan, her field, and the workforce?

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Follow Susan on Twitter

Connect with Susan on LinkedIn

Learn more about the episode sponsor, RiskIQ

Hacker Valley Blue Episode 4 - Jon DiMaggio

Tue, 01 Sep 2020 04:12:48 -0500

This episode of the Hacker Valley Studio podcast features Jon DiMaggio, a Senior Threat Intelligence Analyst at Symantec. Jon is a researcher and longtime bad guy chaser, and Ron and Chris fill this installment of Hacker Valley Blue with Jon’s thoughts on ransomware, threat research, attribution, and more!

Jon introduces himself to listeners who may not yet know much about him, explaining that he started his career as an engineer and that his work for the government in the early 2000s forced him to focus a lot on defending against nation-state attacks. He developed into an expert in the field, and transitioned about 13-14 years ago into his current line of work. He now teaches alongside his work as an analyst, and he moved from a government position to Symantec in 2014. Jon’s specialty is still nation-state, but he has also ventured into enterprise ransomware. He shares about these areas of specialization with Ron and Chris, detailing what a nation-state is and how to combat it within the context of threat intelligence, and addressing the economics of ransomware.

As the conversation continues, Ron and Chris raise a variety of other topics for Jon to address. Jon considers the threat of a future major worm attack, and provides listeners with insight on how to become established in his line of work. There are a lot of available resources that people can use to develop their own skills and increase their visibility. However, becoming a government hacker, and so having an offensive rather than a defensive role, is much more challenging. Moving toward the conclusion of the conversation, Jon offers tips on navigating attribution and bias (such as being sure to have evidence before making public claims!), explains how he mentally organizes and recalls information, and speaks to the nature of strong communication.

1:41 - Listeners are introduced to Jon DiMaggio and the episode before Jon explains his background..

5:04 - The first major topic Jon shares about is that of nation-states, specifically speaking to the work of combating nation-state attackers.

12:57 - The conversation turns to the economics of ransomware.

18:39 - What are Jon’s thoughts on the possibility of another major worm attack?

20:26 - Jon is asked about how people can enter his field or that of hacking.

24:54 - How should listeners approach attribution and bias, and how has Jon navigated bias in his own life?

31:31 - The group considers Jon’s mental organization, his recall of information, and the topic of communication.

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Access the recent work and research on Symantec’s threat intelligence feed

Learn more about the episode sponsor, RiskIQ

Hacker Valley Blue Episode 3 - Valentina Palacín

Tue, 01 Sep 2020 04:12:30 -0500

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris welcome Valentina Palacín for the third episode in the Hacker Valley Blue series. Valentina is a threat hunter who used to work as a translator, and she is currently a senior cyber threat intelligence analyst. She joins Ron and Chris to talk about her background in languages, poetry and the impact of words, and much more.

As the conversation gets underway, Valentina explains her background to listeners. She studied translation before starting her career in that field, but transitioned to information technology about two years ago. In her free time, she researches threat hunting in her home country of Argentina. It was challenging for Valentina to change her career path, since she had no background in computer science, but she took multiple steps - working in web development, learning to do programming, taking courses, and more - ultimately becoming a threat intel analyst and speaker. Though the journey was difficult, Valentina feels she was born to work in her current field, and has found her past experience, including knowledge of over 7 languages, to be helpful in her work.

The episode also features Valentina’s insights into threat intelligence. She and her hosts discuss how knowledge of programming can aid a threat intel analyst, Valentina’s philosophy of MITRE, the relationship between intelligence and threat hunting, and how to keep up with changes in the field. They arrive at the conclusion that, while it is helpful to stay up to date on political and cyber news, analysts must realize that they cannot know everything, and people in general must realize that threat intelligence is not a catch-all. The group bridges the gap between personal and professional aspects of life by talking about the importance of hobbies outside of work; most notably, the group addresses poetry and its usefulness for threat intelligence. Finally, the conversation turns to Valentina’s work with BlueSpace Security.

1:38 - Listeners are introduced to Valentina, her background, and her challenging process to enter into the large intel community in Argentina .

5:24 - Did knowledge of language impact Valentina’s threat intelligence work?

7:55 - Valentina shares about her programming experience and details her journey into threat intel.

14:23 - What are Valentina’s thoughts about MITRE and the relation between intelligence and threat hunting?

18:06 - The group considers how to keep up with changes in the field, and acknowledges that threat intelligence will not catch everything.

22:48 - One thing that Valentina is passionate about pursuing is hobbies outside of work.

27:56 - Does poetry help with threat intelligence work?

32:53 - The conversation turns to Valentina’s community, focusing on BlueSpace Security.

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Connect with Valentina Palacín on Twitter

Connect with Valentina on LinkedIn

Learn more about the episode sponsor, RiskIQ

Hacker Valley Blue Episode 2 - Jack Rhysider

Tue, 01 Sep 2020 04:12:12 -0500

Fan-favorite Jack Rhysider of the Darknet Diaries podcast joins Hacker Valley Studio hosts Ron and
Chris for the second episode of Hacker Valley Blue! Jack joins the show again during an ideal season - one focused on threat intelligence - and this episode will focus on Jack’s past in the field of threat intelligence, as well as on a major issue faced daily by analysts in the field: that of managing bias.

As the conversation begins, the group focuses on threat intelligence and Jack’s work in the field. Jack has been pouring himself into his own podcast, leaning into the fact that threat intelligence is a form of knowing what has happened in the past by his sharing of stories. Jack explains what has surprised him recently in his work, how he maintains a sharp sense of focus, and what sort of continuity he sees between the news-sharing of his current role and a more formal practitioner role within the field of threat intelligence.
Jack’s podcast work necessitates practical skill in his field, and demands an ability to share complex concepts through simple expression.

The work also necessitates strong skills of managing bias, and it is to this topic that the group turns. Jack makes a practice of putting aside negative personal feelings about a person and looking for areas of agreement with the individual. This practice, along with his feedback loop and his efforts to listen to actual voices, help Jack to tell both sides of the stories he shares. In discussing the counteraction of bias, Jack touches on concepts of assumptions, bias toward self, empathy, and humanization. And as the conversation winds toward a close, listeners will hear about Jack’s use of audio books, balancing fact and listener interest, appealing to different audiences, and navigating questions of personal privacy.

1:40 - Listeners are introduced to Jack and the episode ahead.

4:13 - How is Jack currently thinking about storytelling?

8:40 - The group dives into some topics related to Jack’s work: his focus and need for practical skill.

12:37 - The conversation turns to the subject of bias.

28:28 - What is Jack doing for research today, and how does he navigate technical questions of storytelling?

36:35 - Finally, Jack and his hosts turn to considerations of personal privacy.

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about Jack Rhysider

Follow Jack on Twitter

Learn more about Darknet Diaries

Learn more about the episode sponsor, RiskIQ

Hacker Valley Blue Episode 1

Tue, 01 Sep 2020 04:11:50 -0500

Hosts Ron and Chris welcome you to today’s episode! This episode of Hacker Valley Studio is the start of a new season, Hacker Valley Blue, a series dedicated to threat intelligence, exclusively for listeners.

The episode begins with Ron and Chris sharing their backgrounds in threat intelligence and cybersecurity. Chris picked intelligence as his job field in the United States Marine Corps, and eventually went on to The National Security Agency and United States Cyber Command. He focused on the how, who, and what of all the cyber-attacks happening at the time. Chris then went on to create his own company, and do consulting work in threat intelligence for over a decade.

Ron has always had an interest in cybersecurity, and at 16 he found a mentor who took him under his wing in the trade. After a couple of years working in offensive attacks, he transitioned to a job building intelligence tools that dealt with threat data. While Chris focused more on the operational side of threat intelligence, Ron’s was more technical, and their experience converged well.

Throughout the rest of the episode, you will hear about what threat intelligence can do for businesses. Ron and Chris discuss how analysts can build rapport with the employees and stakeholders using their intelligence, and what questions companies should ask of analysts for the best results. They do this by walking listeners through Chris’ EASY framework.

1:07 - The new season of Hacker Valley Blue is introduced.

3:43 - Chris shares his background in intelligence.

6:15 - Ron shares his background in intelligence

11:43 - What can threat intelligence do for an organization?

17:50 - The EASY Framework

18:41 - Elicit Requirements

21:40 - Asses Collection Plan

26:03 - Strive for Impact

30:24 - Yield the Feedback

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about the episode sponsor, RiskIQ

Episode 82 - What is Old is New Again with Brian Romansky

Mon, 24 Aug 2020 06:00:00 -0500

Hosts Ron and Chris welcome you to today’s episode! This episode of Hacker Valley Studio features Brian Romansky, the Chief Innovation Officer at Owl Cyber Defense. You will hear about his ideas, inventions, and how hardware is helping us in cybersecurity today.

The episode begins with Brian sharing his background, and journey into the cybersecurity space. He always knew he wanted to do something with technology and thought he may go into robotics. The transition into the cyber world was a natural one when he was working on a team that was moving mechanical postage metering to happen electronically. These machines were often trying to be hacked, and the team also began working on e-commerce and shipping platforms. From then, he continued to work on cybersecurity, data, and cryptography.

Today, at Owl Cyber Defense Brian works on cross domain solutions for the US Department of Defense, and other government organizations, as well as commercial customers. It gets him up in the morning because it combines many of the electrical and cryptography space that interests him, with hardware. His hope for the future, is that there is a paradigm shift in cybersecurity, making it less of a cat and mouse game by using hardware enforced mechanisms.

He doesn’t have a lot of free time, but as the episode wraps up, you will also hear about what Brian is interested in, and working on outside of work.

:29 CIO of Owl Cyber Defense, Brian Romansky is introduced to the show.

4:33 Brian shares his journey from electrical engineering to cybersecurity.

6:25 Brian explains the work he does today.

14:16 Brian hypothosizes on the future of cybersecurity

16:58 Brian answers the question “Is there an unhackable system?”

19:55 Advice for organizations relying more on technology during work from home.

27:48 What does Brian do outside of work?

Links:

Learn more about Owl Cyber Defense

Learn more about Brian Romansky

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Episode 81 - Communicating in a Crisis with Christopher Budd

Tue, 18 Aug 2020 06:04:00 -0500

Security and Privacy Expert and author, Christopher Budd, is welcomed to the Hacker Valley Studio podcast! You will hear some great communication tips and how to handle people who fear worst case scenarios during a crisis. He explains how to showcase your authority and credibility during a tough situation. He talks about traits that make someone great at handling these situations, the importance of temperament, and improvisation.

In this episode, Christopher Budd shares his journey to becoming an expert in crisis communication. He spent ten years with the Microsoft Security Response Center. He has worked with other security and technology companies as a consultant and full-time employee. He says, “...and if I can sum up what it is I do best, I always say, I take awful news and make it just bad.” Christopher gives some examples of his communication approach. 1) He says he is upfront about news being bad news. He recommends getting credibility by leading with the truth. 2) He then explains reasons why it is a bad situation. 3) Finally, he explains reasons why the situation could be better than you think it might be.

He explains that you are not only dealing with the situation itself but also peoples’ fears and projections of the situation. Christopher talks about different personality types and how they handle crisis management. He explains the importance of temperament, the ability to compartmentalize, and thinking about action steps. As the episode draws to a close, Christopher shares some of his thoughts on the workplace today and some of the changes in the COVID environment. He elaborates on topics like privacy and communication. He highlights how technology has allowed us to function as well as it has in the past few months.

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Follow Christopher Budd on Twitter

Learn more about Christopher Budd

Check out christopherbudd.com

You can reach out to Christopher Budd at unimaginativelychristopher@christopherbudd.com

Learn more about the MSRC

Christopher Budd is published in Great Thinkers A-Z

Episode 80 - Leveraging MITRE ATT&CK with Chris Kennedy

Sun, 09 Aug 2020 07:00:00 -0500

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris speak with 25-year cybersecurity veteran Chris Kennedy. Chris is the Chief Information Security Officer and the VP of Customer Success for AttackIQ, and he and the hosts discuss various topics related to cybersecurity and Chris’s background, with special focus on the MITRE ATT&CK framework

The beginning of the episode centers on Chris Kennedy himself, as he provides background information on both himself and his company. Chris’s career took many turns preparing him for his current role, with a few especially remarkable highlights: he was one of the first cybersecurity officers in the Marine Corps, worked for the world’s largest hedge fund, and was basically one of the first CISO's in tech. As an executive, he saw how much he depended on the ecosystem of security tech, and he also saw how unreliable this technology was. This realization paved the way for his move to AttackIQ.

Links:

Learn more about Chris Kennedy and contact him at chris.kennedy@attackiq.com.

Learn more about AttackIQ.

Learn more about AttackIQ’s Academy.

Learn more about MITRE ATT&CK.

Learn more about MITRE ENGENUITY’s Center for Threat-Informed Defense.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Episode 79 - Finding our Genius with Laura Garnett

Mon, 03 Aug 2020 08:43:36 -0500

In this very special episode, we brought back fan favorite Laura Garnett a world-renowned performance strategist, to examine us to see what makes us special. We finds our purpose, our power, and our core emotional conflict in less than an hour! You really see a master at work in this one.

Laura's Website: https://www.lauragarnett.com/

Laura's LinkedIn: https://www.linkedin.com/in/lauragarnett/

Laura's Twitter: https://twitter.com/garnettl

Episode 78 - Explaining Humans with Dr. Camilla Pang

Mon, 27 Jul 2020 17:17:10 -0500

In this episode, we have the brilliant Dr. Camilla Pang author of the incredible book, "Explaining Humans." We dive into her life, neurodiversity, and her awesome book.

Dr. Pang's Instagram: https://www.instagram.com/millie_moonface/

Dr. Pang's Twitter: https://twitter.com/millzymai

Dr. Pang's Book: https://www.amazon.com/dp/0241409608/ref=cm_sw_r_tw_dp_x_ug1hFbATW52TV

Episode 77 - Meeting Life with Grace with Charles Nwatu

Sun, 19 Jul 2020 11:22:33 -0500

In this episode, we bring back fan favorite Charles Nwatu! His first episode was met with some much praise and we think you will love this one too. We discuss meeting people with grace even if they aren't so kind to us, being black men in tech and in society, and dive into some personal stories as well.

Charles's Twitter: https://twitter.com/charles_nwatu

Charles's LinkedIn: https://www.linkedin.com/in/cnwatu/

This episodes sponsor: https://canary.tools/

Episode 76 - A Security Leadership Master Class with Gary Hayslip

Mon, 13 Jul 2020 08:08:36 -0500

In this episode, we have the powerful Gary Hayslip in the studio to give us a master class on cybersecurity leadership. We talk about his leadership journey, the relationship between the CISO and the rest of the business, and disconnecting with LEGOs.

Gary's LinkedIn: https://www.linkedin.com/in/ghayslip/

CISO Desk Reference Guide: https://cisodrg.com/

Sponsor for this episode: https://canary.tools/

Episode 75 - Losing Graciously with Graham Cluley

Sun, 05 Jul 2020 10:38:01 -0500

In this episode, we have fan favorite Graham Cluley back on the mic! We comfort each other after our recent loss at the 2020 Blogger Awards, we talk about the crazy world of content creation, and Graham gives away his podcasting secret sauce.

Graham's LinkedIn: https://www.linkedin.com/in/grahamcluley/

Twitter:https://twitter.com/gcluley

Website: https://www.grahamcluley.com/

Graham's Podcast: https://www.smashingsecurity.com/

This episode's sponsor: https://canary.tools/

Episode 74 - Origins of Deception Technology with Haroon Meer

Sun, 28 Jun 2020 11:09:29 -0500

In this feature episode, we chat with the founder of Thinkst, Haroon Meer. We Talk about the origins of deception technology and how his technology is changing the way companies around the world are doing detection.

Thinkst Canary Website: https://canary.tools/

Thinkst Canary Love: https://canary.tools/love

Thinkst: Twitter: https://twitter.com/ThinkstCanary

Haroon's Twitter: https://twitter.com/haroonmeer

Episode 73 - Creating Community with Shannon Morse

Sat, 20 Jun 2020 16:10:53 -0500

In this episode, we have one of the originators of technical content creation, the amazing Shannon Morse. We talk a bit about her background, the communities she has been building for over a decade, and having a Code of Conduct for conferences.

Shannon's Twitter: https://twitter.com/Snubs

Shannon's Youtube: https://www.youtube.com/shannonmorse

Hak5:https://www.youtube.com/hak5

Episode 72 - Security in Color with Dominique West

Sun, 14 Jun 2020 15:22:22 -0500

In this episode we have the outstanding Dominique West. She is a podcaster (The Security in Color podcast), community builder, and cybersecurity powerhouse. We discuss her podcast, the ATL chapter of Women’s Society of Cyberjutsu (WSC), and her great advice on dealing with imposter syndrome.

Dominique's LinkedIn: https://www.linkedin.com/in/dominiquewest/

Dominique's Website and Podcast: https://www.securityincolor.com/

Dominique's Twitter and other social media: @domyboo

Episode 71 - Leading from the Front with Wilson Bautista Jr.

Mon, 08 Jun 2020 11:11:43 -0500

In this episode we have the outstanding author, podcaster, Marine, and professional pianist Wilson Bautista Jr. We discuss his latest book "Finding your Career in Cybersecurity" and his extraordinary path through life and leadership.

Wilson's LinkedIn: https://www.linkedin.com/in/bautistawilson

Wilson's Podcast:https://www.devseclead.com/

Episode 70 - Finding the Genius Within with Laura Garnett

Sun, 31 May 2020 14:30:05 -0500

In this episode we have the powerful Laura Garnett. She is a performance strategist and the author of the best-selling book "The Genius Habit." She has built her career on finding the genius in others and has an insightful take on passion versus purpose.

Laura's Website: http://www.lauragarnett.com/

Episode 69 - Paving a Path with Georgia Weidman

Thu, 28 May 2020 00:00:31 -0500

In this episode, we have the powerful Georgia Weidman. She is a serial entrepreneur, penetration tester, security researcher, speaker, and author with an incredible backstory.

Georgia's LinkedIn: https://www.linkedin.com/in/georgiaweidman/

Georgia's Youtube: https://www.youtube.com/channel/UCNKUSu4TPk979JzMeKDXiwQ/featured

Georgia's Company Website: https://www.shevirah.com/

Episode 68 - Behavioral Economics and Cybersecurity with Kelly Shortridge

Tue, 26 May 2020 11:17:22 -0500

In this episode of the Hacker Valley Studio podcast, we have the brilliant Kelly Shortridge sharing her thoughts on behavioral economics and cybersecurity. She also has a lesson or two for vendors in the cybersecurity space.

Kelly's Websites: https://kellyshortridge.com/ and https://swagitda.com/

Episode 67 - Doubling Down on Humans with Caroline Wong

Tue, 19 May 2020 14:36:37 -0500

In this episode we have author, speaker, podcaster, and expert Caroline Wong in the studio. We get to learn more about her and her fascination with people.

Caroline's LinkedIn: https://www.linkedin.com/in/carolinewmwong/

Caroline's Twitter: https://twitter.com/CarolineWMWong

Caroline's Podcast: https://twitter.com/humansofinfosec

Episode 66 - Serial Advocacy with Chloé Messdaghi

Sun, 17 May 2020 16:17:55 -0500

In this episode we have the powerful serial advocate, Chloé Messdaghi. We discuss hackers rights, women in security, several of her other passions.

Chloé's Twitter: https://twitter.com/ChloeMessdaghi

Chloé's LinkedIn: https://www.linkedin.com/in/messdaghi/

The Hacker's Rights Petition: https://www.change.org/p/organizations-support-ethical-hackers

Episode 65 - Chatting with John Kindervag the Godfather of Zero Trust

Wed, 13 May 2020 19:40:05 -0500

John Kindervag is a household name in cybersecurity and he is the creator of the Zero Trust networking model. John is a brilliant thought-leader and we think you will agree with us after this episode.

John's LinkedIn: https://www.linkedin.com/in/john-kindervag-40572b1/

John's Twitter: https://twitter.com/Kindervag

Episode 64 - Becoming a Networking Machine with Jordan Harbinger

Sun, 10 May 2020 11:48:30 -0500

We are extremely excited to bring you the master of networking himself, Jordan Harbinger. Jordan Harbinger is the mastermind behind the Jordan Harbinger Show that brings in over 6 million downloads per month! In this episode we discuss networking, learning tough subjects, the art of conversation and more.

Jordan's Website: https://www.jordanharbinger.com/

His 6 Minute Networking Course: https://www.jordanharbinger.com/courses/

His Twitter: @JordanHarbinger

His LinkedIn: https://www.linkedin.com/in/jordanharbinger/

Episode 63 - Head in the Clouds with Francesco Cipollone

Wed, 06 May 2020 08:17:37 -0500

In this episode we have the exciting Francesco Cipollone. We talk about his long history with cloud technologies and how he is sharing his knowledge with the community.

Frank's LinkedIn: https://www.linkedin.com/in/fracipo/

Frank's Twitter: @FrankSEC42

Frank's Website: https://www.nsc42.co.uk/

Episode 62 - Broadcasting Your Best with Dave Bittner

Sun, 03 May 2020 10:33:24 -0500

We are incredibly excited to host a titan of cybersecurity broadcasting, the one and only, Dave Bittner. He is the host of several podcasts including the popular Cyberwire podcast. We dive into Dave's story and his advice for those thinking about creating a podcast.

Dave's Twitter: @bittner

The Cyberwire: https://thecyberwire.com/

Episode 61 - Conferences and Careers Post-COVID with Kathleen Smith

Wed, 29 Apr 2020 14:00:00 -0500

In this episode Kathleen Smith provides her thoughts for conference hosts and job seekers in today's climate.

Kathleen's Twitter: @YesItsKathleen

Kathleen's LinkedIn: https://www.linkedin.com/in/kathleenesmith/

Her Job Boards:ClearedJobs.Net & CyberSecJobs.Com

Episode 60 - Clearing the Fog of Cyber War with Dr. Chase Cunningham

Mon, 27 Apr 2020 07:01:00 -0500

Dr. Chase Cunningham is the author of "Cyber Warfare – Truth, Tactics, and Strategies" and an expert in Zero Trust security. We talk about his book, all of the work and research that went into the book, and his personal story with the Zero Trust model.

Dr. Cunningham's Twitter: @CynjaChaseC

Dr. Cunningham's LinkedIn: https://www.linkedin.com/in/dr-chase-cunningham-54b26243/

Dr. Cunningham's Book: https://www.packtpub.com/security/cyber-warfare-truth-tactics-and-strategies

Episode 59 - Dawn of the Intelligence Executive with Mike Anderson

Wed, 22 Apr 2020 07:00:00 -0500

In this episode, we have the awesome Mike Anderson in the studio. He is the VP of Partnerships at Intel 471. We talk about threat intelligence and the future of intelligence leadership in the commercial sector.

Mike's LinkedIn: https://www.linkedin.com/in/michaelanderson2009/

The Intel 471 Website: https://intel471.com/

Episode 58 - Having Too Much Fun with Graham Cluley

Mon, 20 Apr 2020 02:50:00 -0500

This was an unbelievably fun podcast to record. If you are a fan of Graham Cluley, you will absolutely love this chat. We talk about his origin story, what it is like having an award-winning podcast, and a very cool story about chess. Enjoy!

Graham's LinkedIn: https://www.linkedin.com/in/grahamcluley/

Twitter:@gcluley

Website: https://www.grahamcluley.com/

Graham's Podcast: https://www.smashingsecurity.com/

Episode 57 - Underrepresented III

Sat, 18 Apr 2020 16:03:45 -0500

We are back with another episode of Underrepresented! This is our co-produced series with Marco and Sean from ITSP Magazine.

Our guests for this episode:

Ashley Tolbert, representing Women in Security and Privacy (WISP)
Kim Crawley, representing the neuro-diverse workforce

In this episode we cover a few types of diversity and the importance of tribes.

Episode 56 - Digging into Deepfakes with Alyssa Miller

Wed, 15 Apr 2020 07:00:00 -0500

In this conversation, we sit down with security veteran Alyssa Miller to talk about her recent deepfake research. We also discuss stoking the fire of curiosity to keep things fresh in cybersecurity.

Alyssa's Twitter: @AlyssaM_InfoSec

Alyssa's LinkedIn: https://www.linkedin.com/in/alyssam-infosec/

Alyssa's Website: https://alyssasec.com/

Episode 55 - A Tech Origin Story with Sam Crowther

Mon, 13 Apr 2020 07:02:00 -0500

If you love interesting origin stories, look no further than this episode with Sam Crowther. He is the founder and CEO of Kasada. We discuss his origin and the beginnings of his company.

Sam's Twitter: @InfoSecSam

Sam's LinkedIn: linkedin.com/in/samjcrowther

Kasada's Website: https://www.kasada.io/

Episode 54 - Hiring Leaders and Finding Talent with Alex Maestretti

Thu, 09 Apr 2020 08:00:00 -0500

In this episode we sit down to chat with Alex Maestretti, CISO of Remitly. In this conversation, we explore finding talent and the unique challenge of hiring managers. Chris also shares his unique relationship to Alex.

Alex's LinkedIn: linkedin.com/in/maestretti

Alex's Twitter Handle: @maestretti

Remitly's Website: https://www.remitly.com/us/en

Episode 53 - In the Depths of Deception with Jenny Radcliffe

Mon, 06 Apr 2020 16:39:42 -0500

Psychology is a major pillar of Social Engineering 🧠. In this episode, we brought in a true expert, Jenny Radcliffe - A burgular for hire, a professional con-artist, and an expert in Non-verbal communications. This episode had Chris and Ron on the edge of their seats. To learn more about Jenny Radcliffe:

@Jenny_Radcliffe

https://humanfactorsecurity.co.uk/

Episode 52 - From Librarian to OSINT with Tracy Maleeff

Wed, 01 Apr 2020 10:40:55 -0500

Open Source Intelligence (OSINT) is "data collected from publicly available sources to be used in an intelligence context". Performing OSINT is a critical aspect in triaging cybersecurity related events. In this exciting episode, Ron and Chris bring in an OSINT expert with the ultimate background for finding open source data. Tracy Maleeff aka InfoSecSherpa, is a seasoned expert in library science and security analysis. Be sure to listen in on this episode and gain insight for how library science applies to all aspects of life.

Episode 51 - A Threat Intelligence Journey with Doug Helton

Mon, 30 Mar 2020 14:26:44 -0500

Can Threat Intelligence Analysts do the same in the professional space as the Threat Intel Analysts depicted in movies? Yes, as long as you have the same level of skills and tools as the characters in the movie. Doug Helton joins this episode to share his experience in Cyber Threat Intelligence and acquiring skills required to be highly effective.

Episode 50 - 50th Episode and Beyond with Ron and Chris

Wed, 25 Mar 2020 02:01:00 -0500

🎊Happy 50th Episode! This episode couldn't have been possible without our amazing guests and listeners! Looking into the future, we are excited to share new content and resources that we've been working on.

HackerValley.Studio Website

Hacker Valley Studio Patreon

Episode 49 - What is Your Superpower with Yael Nagler

Mon, 23 Mar 2020 08:00:00 -0500

Everyone has a superpower and it's not uncommon to have more than one. In this episode, Chris and Ron discover and share what their super powers are with Yael Nagler. Yael is a security tinkerer and has an amazing ability of bringing together people in technology.

Underrepresented Episode 2

Thu, 19 Mar 2020 18:54:21 -0500

This is the second episode of the Hacker Valley Studio and ITSP Magazine co-production focused on underrepresented populations in technology.In this episode we highlight Nelson Abbott from NPower and Charles Nwatu from /Dev/Color.So many powerful statements in this one about organizations fighting for representation and awesome thoughts on being a role model

Episode 47 - The Role of a CISO with Lenny Zeltser

Wed, 18 Mar 2020 02:01:00 -0500

In this exciting episode, Lenny Zeltser - CISO @ Axonius joins the podcast. Lenny is someone we really enjoy speaking to and is an all around expert in malware, technical writing, and managing teams to success.

Episode 46 - Emotional Intelligence in Tech with Deidre Diamond

Mon, 16 Mar 2020 05:15:00 -0500

In many workplaces contributors, leaders, and founders can improve their emotional intelligence. Deidre Diamond, Founder and CEO @ CyberSN shares her experience cultivating a diverse team of recruiters and changing the future of how employers and candidates can both win when interviewing and hiring.

Episode 45 - The More Things Change with Katie Nickels

Wed, 11 Mar 2020 10:56:34 -0500

It's most exciting to shake things up and get experience from multiple perspectives. In this episode, we're joined by an individual that is constantly striving to make an impact in Cyber Threat Intelligence - Katie Nickels, Principal Intelligence Analyst @ Red Canary. Katie has made incredible contributions to MITRE ATTACK framework and also SANS contributor

Episode 44 - Breaching and Teaching with Deviant Ollam

Mon, 02 Mar 2020 07:02:26 -0600

New episode alert 🚨! In this episode, Ron and Chris are joined by Deviant Ollam - Author of Practical Lock Picking and Director of Education @ CORE Group. There's not many security controls that can keep Deviant and his team out during a security audit except for a gasoline moat. Tune in to hear the full story

Episode 43 - A Dark Episode with Jack Rhysider

Mon, 24 Feb 2020 02:01:00 -0600

Storytelling is essential for conveying any message. In this episode, we're joined by Jack Rhysider, Host of Darknet Diaries podcast and lifelong learner. Jack shares how he learned to deliver compelling stories about the dark side of the Internet.

Also, be sure to check our Jack's blog - TunnelsUp.com

Episode 42 - ICS Threat Intelligence with Rob M. Lee

Thu, 20 Feb 2020 11:25:01 -0600

industrial control system (ICS) is facing difficult cyber security challenges. For that reason, we brought in an expert to speak on the topic Robert M. Lee 🚨. Robert M. Lee is the founder and CEO at Dragos Inc. where he and his team develop solutions to tackle this challenge. Rob is also a distinguished leader in cybersecurity and SANS teacher.

Episode 41 - Leading Marines, Agents, And InfoSec with M.K. Palmore

Thu, 13 Feb 2020 10:32:01 -0600

In this special episode - M.K. Palmore, Field CSO @ Palo Alto Networks joins Chris and Ron to discuss Leadership. M.K. has spent his career leading US Marines, FBI Agents, and Information Security teams

Episode 40 - Lessons in Humility with Daniel Meade

Mon, 10 Feb 2020 18:56:47 -0600

As we progress through life, lessons are always in front of us. In this episode, Ron and Chris are joined by Daniel Meade - A Security Sales Leader and an individual who has learned easy and hard lessons along the way. Be sure to check out this episode and hear Daniel's fascinating story!

Episode 39 - Live Episode Superbowl Edition with Ron and Chris

Wed, 05 Feb 2020 07:00:00 -0600

On Superbowl Sunday Hacker Valley Studio had a live episode - a perfect time to share techniques for optimizing personal and professional performance.

Episode 38 - Social Engineering: The Human Hacker with Chris Hadnagy

Mon, 03 Feb 2020 06:00:00 -0600

Human error is the biggest cybersecurity threat. Social engineering and psychological attacks are often the most successful for attackers, penetration testers, and red teams. In this episode, Ron and Chris are joined by Chris Hadnagy an expert and leader in Social Engineering. Chris shares practical advice and wisdom how psychology plays part in social engineering and how to get started.

Episode 37 - Lifestyle Design: Priming for Success with Charlotte Smith

Fri, 31 Jan 2020 08:41:57 -0600

What is one thing you can do tomorrow to get on the right path and increase the quality of your work and life? Ask yourself ! In this episode, Chris and Ron are joined by Charlotte Smith - Lifestyle Design and Executive Coach. Charlotte shares insights and strategies on listening to yourself and assessing what works with YOU.

Episode 36 - Life and Purpose Mapping Hacks with Craig Filek

Thu, 30 Jan 2020 07:56:42 -0600

Life and purpose hacks with Craig Filek - One of our favorite episodes to record with a friend of the podcast. Craig Filek gives outstanding perspective on mapping purpose with your life.

Episode 35 - Not a Moment, But a Movement with Makinde Adeagbo

Wed, 29 Jan 2020 05:00:00 -0600

Inclusion and diversity are areas that we can all make an impact in. Makinde Adeagbo Founder @ /dev/color shares insightful wisdom for making an impact and bringing diversity to Technology

Episode 34 - Cybersecurity: New to Good to Great with Susan Peediyakkal

Wed, 29 Jan 2020 04:00:00 -0600

How do you go from good to great? The question is even more tough when you have limited experience in your focus area. In this episode, Susan Peediyakkal joins the podcast to share her background in Threat Intelligence and successful career pivots while strengthening her craft

Episode 33 - Demystifying the Zero Trust Model with Kathy Wang

Tue, 28 Jan 2020 05:00:00 -0600

What type of data is your organization processing and storing? How sensitive is your organization's data? In this Episode, Kathy Wang CISO @ FullStory shines light on Zero Trust and building successful security teams.

Episode 32 - Cyber Transformations and Migrations with Talha Tariq

Tue, 28 Jan 2020 04:00:00 -0600

Technology enables companies to constantly stay in touch and enable their customers. As opportunity grows, organizations evolve and focus on technology and data-driven results. Talha Tariq CSO of HashiCorp joins Chris and Ron to talk rapidly deploying and securing organizations while enabling employees.

Epsode 31 - The Future of Work and Your Purpose with Tim Salau

Mon, 27 Jan 2020 04:00:00 -0600

The year 2020 marked the beginning of a new decade. Each year we experience evolving roles and responsibilities in the workplace. In this episode, Tim Salau (Mr. Future of Work) joins Chris and Ron to discuss the future of work and applying purpose.

Episode 30 - Threat Hunting with Data Science - Roberto Rodriguez

Wed, 15 Jan 2020 08:31:36 -0600

Being an expert Threat Hunter is great, but how do you scale as fast as the adversary? Roberto Rodriguez (cyb3rward0g) joins the podcast and shares experience for breaking into cybersecurity and creating a community around scaling cybersecurity solutions.

Episode 29 - Road to The SANS CTI Summit with Rick Holland

Tue, 14 Jan 2020 17:06:09 -0600

Cyber Threat Intelligence is a topic that evolves as the adversary changes Tactics Techniques and Procedures. In this episode, Rick Holland join Chris and Ron to discuss his journey through CTI and the upcoming CTI Summit

We'd love to meet everyone at the SANS CTI Summit in Washington DC on January 20

Link: http://www.sans.org/u/XJ4

Discount Code: CTIPOD20

Episode 28 - Talking Tech: Speaking For SANS with Jennifer Santiago

Tue, 07 Jan 2020 12:14:41 -0600

While progressing through a career in Cybersecurity (Or Technology), there will be opportunities to present research at conferences and events. In this episode, Ron and Chris chat with Jennifer Santiago - Director of Content Development and Speaker Management at SANS Institute. Jennifer shares insight on selecting conference topics and how to make an impact while giving a presentation at SANS.

SANS CTI Summit is right around the corner and would love to meet. Sign up with the following link:http://www.sans.org/u/XJ4

Use the code "CTIPOD20" to get 20% off.

Episode 27 - Mark Metry Podcasting with Purpose

Fri, 13 Dec 2019 13:57:38 -0600

Upgrading the human is critical to cybersecurity and life. In this episode, host of Humans 2.0 - Mark Metry joins Ron and Chris to discuss the evolution of technology and purpose.

Episode 26 - Exploring the Financial Playbook with Kimberly Hodgdon

Wed, 11 Dec 2019 18:05:52 -0600

Information Security / Cybersecurity can be an extremely lucrative path. In this episode, Chris and Ron explore the financial playbook with Kimberly Hodgdon - Stock Plan Manager @ Netflix

Episode 25 - Underrepresented

Mon, 09 Dec 2019 18:56:41 -0600

In this webcast/podcast series simply called "Underrepresented"—a series recorded and produced in conjunction with our good friends, Sean Martin and Marco Ciappelli —we want to merge conversations and actions.

In this first episode, we get to speak with someone well outside of the InfoSec industry, Chris’ dad, Doug Cochran. Doug is joined by someone that does amazing things for the greater community and helping those less fortunate to get a voice and to be heard - co-founder of the ICMCP, Larry Whiteside Jr.

Episode 24 - Decoding LinkedIn with Brynne Tillman

Tue, 03 Dec 2019 14:21:06 -0600

Your most reputable source of marketing is YOU! With Today's tools like LinkedIn this becomes a realistic task and something that every professional should take advantage of. During this episode, Brynne Tillman gives invaluable insight for enhancing presence on LinkedIn.

Episode 23 - Operating in High Performance Environments with Markus De Shon

Tue, 19 Nov 2019 15:09:18 -0600

Ever met someone with a Nuclear Physics and Cybersecurity background? If not, meet Markus De Shon - Detection Engineering Lead @ Netflix. In this episode, Markus shares experience moving from one industry to another and operating in high performance environments

Episode 22 - Road To The DevGuild Conference with Ody Lupescu

Tue, 12 Nov 2019 16:25:31 -0600

In this episode, Ody Lupescu joins Chris and Ron to discus building Security Programs and Onboarding Third Party Vendors

Looking for more content and interaction from industry experts? Join Hacker Valley Studio at the DevGuild Conference Nov 14 with promo code hackervalley15

Episode 21 - Changing the AppSec Game with Tanya Janca

Tue, 22 Oct 2019 10:19:24 -0500

Notice something new? What better to way unveil the new podcast name Hacker Valley Studio with an amazing guest - Tanya Janca. Tanya has made a huge impact to Application Security and to many other infosec domains. I'd highly recommend staying in touch with Tanya and following her work.

Tanya Janca:

https://twitter.com/shehackspurple

https://dev.to/shehackspurple

https://medium.com/@shehackspurple

https://www.youtube.com/shehackspurple

https://www.twitch.tv/shehackspurple

https://www.linkedin.com/in/tanya-janca

Security Sidekick:

https://securitysidekick.dev

https://twitter.com/SecSidekick

https://www.youtube.com/channel/UC3KyuI83jt0l14q8xyffC2A

WoSEC (Women of Security)

https://twitter.com/WoSECtweets

#SecurityWin

https://twitter.com/shehackspurple/status/1183483366592503808

Episode 20 - Embracing the grind with Will Rankin

Thu, 03 Oct 2019 14:11:41 -0500

Episode 20 Is Here 🚨In this special episode Chris and Ron are joined by Security Imagineer Will Rankin. The group discusses personal strategies for embracing the grind and move towards the next level. SecDevOps.AI Would like to give a special thanks to Will for his appearance on this episode and all of his support promoting the platform.

Episode 19 - Dressed for Success in Cyber with Ashley Tolbert

Tue, 24 Sep 2019 11:29:53 -0500

In this episode Ashley Tolbert joins Chris and Ron to discuss fashion in Cybersecurity. Fashion tribes, Attire, and Style Preferences are all points to consider when making an impression.

Episode18 - Math for Security and Red Teaming with KMAP

Thu, 05 Sep 2019 06:00:00 -0500

From Security Architect to Principal Red Team Engineer, KMAP joins Chris and Ron to discuss his diverse background and how he plans to use Discrete Math and BloodHound to advanced the capabilities of red teams.

Episode 17 - Undercover in the Criminal Underground with Charity Wright

Wed, 28 Aug 2019 16:26:55 -0500

New Episode Alert 🚨In this episode, Chris and Ron are joined by Charity Wright - An exceptional Threat Intelligence Analyst focusing on criminal activity on the deep and dark web. Charity also shares insight on how she began her career in intelligence and infosec.

Episode16 - Reading, Seeding, and Leading with Jonathan Wood

Fri, 23 Aug 2019 19:29:38 -0500

In this powerful episode, Jonathan Wood joins Chris and Ron and shares insight on growth - personal, professional, and sales. Jonathan has a diverse background in cybersecurity startups and is currently leading his 4th startup, TruStar Technologies, to success.

Episode 15 - Thrill of the Hunt: Finding your Path

Wed, 21 Aug 2019 16:33:33 -0500

In this episode, Chris and Ron learn about the impressive background of Kris Harms. Kris has a decorated career and extensive experience in Intrusion Detection, Incident Response, and Threat Hunting. He's been an early member at both Mandiant and Cylance which resulted in successful acquisitions.

Episode 14 - Quality Time with ITSP: A Podcaster's Podcast

Tue, 20 Aug 2019 02:37:14 -0500

In this episode, Ron and Chris are joined by Sean Martin and Marco Ciappelli from ITSPMagazine.com. Both set of podcasters have ambitious goals to start unique conversations and bring more diversity to Cybersecurity. Tune in and hear about the vision of both SecDevOps.AI and ITSP Magazine.

Episode 13 - A Journey Through Venture Capitalism: Mentoring and Leading in Silicon Valley

Tue, 13 Aug 2019 22:03:00 -0500

Mentors and Leaders help shape our profession and our future. In this episode, Didi Dayton from Wing Venture Capital joins the podcast to discuss the importance of mentoring and leadership. Didi has scaled and shaped successful channel programs - She's now shaping and scaling to a greater magnitude in her new role as Partner at Wing VC.

Didi Dayton
https://www.linkedin.com/in/didi-dayton-8204501/

Episode 12 - Physical Red Teaming: No Lock Left Secured

Tue, 13 Aug 2019 03:28:36 -0500

Robert Pingor is the equalizer to Physical and Network Red Teaming. Chris has had the opportunity to moonlight his career with Robert and witness him obtain mastery at his craft. During this interview, Chris, Ron, and Robert share red team stories and resources for Red Team Alliance.

Episode 11 - Selling Cybersecurity: Doing Business in an Increasingly Connected World

Tue, 23 Jul 2019 17:41:04 -0500

Information Security vendors offer a wide variety of products and services that can enable success for organizations. Derek Eid joins us this episode to share wisdom in selling products and services. Derek is an expert communicator and leverages technical and non-technical conversations to capture necessities for existing and potential customers. Derek's most effective tool in his repertoire is his ability to listen. Tune in and learn how he uses this powerful tool to help enable his success.

Episode 10 - Breaking Barriers, Gatekeepers, and Glass Ceilings

Tue, 16 Jul 2019 12:03:42 -0500

Neelima Rustagi joins Chris and Ron in this episode to share her experiences creating valuable work to dissolve barriers, gatekeepers, and glass ceilings. While transitioning from Software Engineer to Cybersecurity Product Manager, Neelima provided value to her stakeholders, mentors and advocates to position herself as a key resource in the industry. Neelima celebrates a decorated background in startups and Fortune cybersecurity companies.

Episode 9 - The Intelligence Easy Button

Sun, 07 Jul 2019 13:41:29 -0500

In this Episode, Ron and Napoleon put Chris in the hot seat and reviewed his EASY framework for making an impact in threat intelligence. - Elicit Requirements - Assess Collection - Plan Strive for Impact - Yield to Feedback All four pillars are vital for ensuring success during each phase of providing threat intelligence as a service

Episode 8 - Serverless Threat Intel Bot

Sun, 07 Jul 2019 13:39:44 -0500

New Member Alert 🚨! Napoleon Bing joins forces with Chris and Ron and present a Serverless Threat Intel Bot. As organizations mature and scale their security infrastructure, it's vital that analysts, engineers, and other team members are able to query and enrich data on demand. Additionally, application features are being introduced at an increasing rate, creating the need for software defined infrastructure. In this project, we'll be exploring scaling automation efforts - with a focus on Threat Intelligence. This project can serve as a guide for when to leverage an interactive bot, creating API endpoints, serverless architecture, and applying actionable threat intelligence.

Episode 7 - Layer 8 - Vulnerability And Diversity

Sun, 07 Jul 2019 13:38:45 -0500

How important is being vulnerable in life and in your career? In Episode 7, our guest of honor - Charles Nwatu (https://www.linkedin.com/in/cnwatu/) joins Ron and Chris in starting the conversation about vulnerability and diversity. Charles Nwatu celebrates a decorated infosec career - and has built security teams at companies such as Twilio, Stitch Fix, and Netflix.

Episode 6 - MITRE ATT&CK™ Matrix Overview

Sun, 07 Jul 2019 13:37:23 -0500

In this episode, Chris Cochran and Ronald Eddings review the MITRE ATTACK Matrix and discuss related threat actors, TTPs, Threat Intelligence, and vendor evaluations.

Episode 5 - What legacy do you want to leave

Sun, 07 Jul 2019 13:35:07 -0500

In this episode, Chris presents a deep question to Ron during a live recording. What legacy do you want to leave? This can have many meanings for people. Do you want to leave a legacy with your family? Your career? Life in general? In this video, Ron and Chris also share future episode topics

Episode 4 - Layer 8 Fitness, Diet, Focus

Sat, 22 Jun 2019 14:46:16 -0500

In this Episode, Scott Behrens (https://twitter.com/helloarbit) join us to discuss optimizing diet, fitness, and focus for performance. These three pillars ensure exceptional performance on and off the court of cybersecurity.

Episode 3 - All Things Threat Intelligence

Sat, 22 Jun 2019 14:35:32 -0500

In this episode Ron and Chris do a function deep dive on threat intelligence. They discuss everything from training and processes to sharing across communities. As always leave a comment on what you want us to tackle next!

Episode 2 - Layer 8 Level Up Career, Life, and Self

Sat, 22 Jun 2019 13:59:05 -0500

In this video Ronald Eddings and Chris Cochran discuss Layer 8 - The Human Element. It's vital to onboard and promote productivity, positivity, and creativity to Security Practitioners. Ron and Chris share tips on patching and updating Layer 8 for continued success.

Episode 1 - Cybersecurity Alchemy

Wed, 19 Jun 2019 09:51:23 -0500

Alchemy - "A seemingly magical process of transformation, creation, or combination"

In this video, Chris Cochran and Ronald Eddings discuss how alchemy can be applied to Cybersecurity data to create, transform, and combine security incident data to actionable events. As security practitioners, we aim to purify, mature, and nearly perfect security workflows.

Link to blog: https://secdevops.ai