POPULARITY
How thinking like a hacker can lead to better cybersecurity ROI and avoid the dreaded "hope" strategy.Regardless of what you might hear from some, ransomware in the industrial sector is at an all-time high in terms of frequency and cost. Zero day and day one vulnerabilities are being discovered at a historic level and patching continues to be a challenge.Asset visualization and endpoint security have become more daunting thanks to technology-driven expansions of the industrial attack surface. And then there's AI, SBOMs and botnets all waiting to wreak havoc on the ICS.All of these factors, along with the growing complexity of the hacker community, means that industrial cybersecurity is no longer just about white and black hats. In fact, some would argue that perhaps the most important player in the cybersecurity arena now wears red.Joining us to discuss his approach to "red teams on steroids" is Guy Bejerano, CEO of SafeBreach, a leading provider of Breach and Attack Simulation tools and services. Listen as we discuss:What it means to think like a hacker, but defend like a CISO.Developing security with a focus on running a business.Connecting the dots between the technical aspects of an attack and the impact of it on the business.Improving cybersecurity ROI by demonstrating the value of closing "gaps."Focusing on known attacks, as opposed to the "ghost" vulnerabilities.The growth of collaboration between IT and OT.Why manufacturing is still susceptible to legacy attacks.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.
In this episode Michael, Sarah, Gladys, and Mark talk with guest Roberto Rodriguez about attack simulation, Cloud Katana, and AI.We also discuss Azure Security news about Azure SQL DB, Azure Key Vault, Cosmos DB, Trusted Launch VMs, Azure Artifacts, Zero Trust, Windows and TLS and Entra ID.
"This final chapter of the book is no simple closer! "Turn Up the Volume by Expanding SOC Functionality" covers testing that your SOC is functioning as intended through activities such as Threat Hunting, Red and Purple Teaming, Adversary Emulation, Breach and Attack Simulation, tabletop exercises and more. There's even a discussion of cyber deception types and tactics, and how it can be used to further frustrate attackers. Join John, Kathryn, Ingrid, and Carson in this final chapter episode for some not to be missed tips! This special season of the Blueprint Podcast is taking a deep dive into MITRE's 11 Strategies of a World-Class Cyber Security Operations Center. Each episode John will break down a chapter of the book with the book's authors Kathryn Knerler, Ingrid Parker, and Carson Zimmerman.Support for the Blueprint podcast comes from the SANS Institute.If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.Check out the details at sansurl.com/450 Hope to see you in class!
Companies, enterprises, entrepreneurs, and individuals face security threats every day, and Tony UcedaVelez has spent over 25 years understanding and dealing with those threats. During this time, he realized that the cybersecurity industry desperately needed a makeover. He created the company, VerSprite, to fill a void in security consulting where most firms continued to sell their services using fear-factor techniques (“You don't want your organization to face an 8-digit hack, do you..”) instead of value-added services.Join Tony and Jim as they discuss the methodology and practices that have brought VerSprite to the forefront of cybersecurity and risk management. They'll talk about managing risk with intention, scaling a cybersecurity services business, and a spiritual approach to leadership with compassion and accountability.3 Key Takeaways:- Don't Let Fear Control You: Sometimes our fear allows us to validate business decisions that turn out to be bad for the company in the long run. - Be tactical and intentional, don't let a knee-jerk reaction be your response when something goes wrong. - Secure Your Business with Intention: Understand the risk appetite of your company and the threat landscape of your industry. Set up security where the risk is most relevant. You don't need all the bells and whistles that many companies try to scare you into wasting money on. - Bring in the Experts: As entrepreneurs, we have to not only hone our own skills and strengths but know when to delegate tasks to other experts. Bringing on the right people and giving them the right tasks will make or break your business. ResourcesTony's LinkedInVerSprite WebsiteAbout Tony UcedaVélez is the co-creator of the Process for Attack Simulation & Threat Analysis and the CEO of VerSprite. Tony has over 25 years of IT/InfoSec work experience across a vast range of industries. He is also the OWASP leader for Atlanta, GA.If you love what you are getting out of our show please SUBSCRIBE.For more information on how we dig into the dirt check out our other episodes here: https://www.orchid.black/podcastAll contents of this show are rights of Orchid Black©️ and are not to be used unless authorized by written consent.
We have talked a lot about security. One of the biggest challenge is not knowing where the next attack is going to come from, and the list of vulnerabilities changes every day. Today we are going to talk with a company that is looking to help you understand what your attack surface looks like.Hey everybody, this is Chris Brandt here with Sandesh Patel, welcome to another FUTR podcast.If you don't know what your vulnerabilities are, it is very hard to protect your environment. It is also impossible to understand what your priorities should be. Pentera offers an agentless, autonomous and continuous validation of your environment, to give you the best picture of your attack surface. Pentera overlaps several of the Gartner categories, from Breach and Attack Simulation to Attack Surface Management, but it is something a little different. So today, we have with us Petera's Director of Sales Engineering, Jay Mar-Tang, to tell us all about it.Welcome JayClick Here to SubscribeFUTR.tv focuses on startups, innovation, culture and the business of emerging tech with weekly podcasts featuring Chris Brandt and Sandesh Patel talking with Industry leaders and deep thinkers.Occasionally we share links to products we use. As an Amazon Associate we earn from qualifying purchases on Amazon.
Having all your data held hostage is no fun at all - trust me, I've been there! 2Secure Corp (646 560-5083) can make sure you don't end up in that mess! Check it out at https://www.2secure.biz
Special Thanks to our podcast sponsor, Cymulate. On this episode, Dave Klein stops by to discuss the 3 Digital Challenges that organizations face: Cyber threats evolve on a daily basis and this constant threat to our environment appears to be only accelerating The level of vulnerabilities today is 30x what it was 10 years ago. We have more IT infrastructure, complexity, and developers in our current environment. In the pursuit of digital innovation, we are changing our IT infrastructure by the hour. For Example: Infrastructure as Code capabilities (Chef, Puppet, Terraform, etc.) allow developers to deploy faster and create more opportunities for misconfigured code at scale. Breach and Attack Simulation tooling address these 3 digital challenges by focusing on Breach Attack Simulation, Vulnerability Prioritization, & Threat Exposure Management. This combined approach allows a cyber organization to ensure its security is fully optimized and its risk exposure is minimized. Key benefits of adopting Breach and Attack Simulation software include: Managing organizational cyber-risk end to end Rationalizing security spend Prioritizing mitigations based on validated risks Protecting against the latest threats in near real-time Preventing environmental drift Welcome back listeners and thank you for continuing your education in CISO Tradecraft. Today we are excited to share with you a great episode focused on Breach and Attack Simulation software. To begin we will provide a solid background on Breach and Attack Simulation then we are going to bring on our special guest Dave Klein who will give us the pro tips that help CISOs maximize the value from Breach and Attack Simulation Software. Starting from the beginning. What is Breach and Attack Simulation software and why is this needed? At the end of the day most companies are not on an island. They need to connect to clients, partners, and vendors. They need the ability for employees to visit websites. They need to host public facing websites to sell products and services. Each of these activities result in creating organizational assets such as IT equipment that has internet connectivity. Now internet connectivity isn't a bad thing. Remember internet connectivity allows companies to generate income which allows the organization to exist. This income goes to funding expenses like the cyber organization so that is a good thing. If bad actors with the intent and capability to cause your company harm can find your company's internet connected assets which have vulnerabilities, then you have a risk to your organization. So enter vulnerability assessment and penetration testing tools that companies can buy to identify and address this risk. Now sometimes you will hear the terms Cyber Asset Attack Surface Management or (CAASM). It's also commonly referred to as continuous threat exposure management. Essentially these two categories of tools are the latest evolution of vulnerability management tooling that have the additional benefit of ingesting data from multiple sources. Essentially they are designed to address key questions such as: How do we get an inventory of what we have? How do we know our vulnerabilities? and How do we know which vulnerabilities might be exploited by threat actors? Now if you want to take this line of questioning one step further, then you should consider adopting Breach and Attack Simulation software. Note Breach and Attack Simulation software overlaps with many of the CAASM capabilities, but it does something unique. Breach and Attack Simulation software allows you to pose as bad actors on your network and perform red team exercises. Essentially you learn how bad actors can bypass your cyber tooling and safeguards. This means you go from knowing where you are vulnerable to actually seeing how well your incident response activities perform. Example if I can take a normal user's laptop and spawn a Powershell Script or run a tool like MimiKatz to gain Domain Admin level privileges, then I want to know if the Cyber Security Incident Response team was alerted to that activity. I also want to know if the Incident Response team blocked or disabled this account in a timely manner. According to the 2022 Microsoft Digital Defense Report the median time it takes for an attacker to access your private data if you fall victim to a phishing email is 1 hour 12 minutes. The report also stated that the median time for an attacker to begin moving laterally within your corporate network once a device is compromised is 1 hour 42 minutes. Remember the difference to responding to these attacks in minutes vs hours can be the difference between how much files get encrypted when ransomware actors get into your environment. Another thing that CISOs need to ensure is that vulnerabilities get fixed. How do you test that? You have to replay the attack. You can think of fire drills as the comparison. If an organization only did one fire drill every 24 months, then chances are the company's time to exit the building isn't going to decrease all that much. It's likely to stay the same. Now if an organization does 8-12 fire drills over the course of 24 months, then you would generally see a good decrease in departure times as people get familiar with knowing how to leave the building in a timely fashion. The good thing on Breach and Attack Simulation tools is they have the ability to replay numerous attacks with the click of a button. This can save your penetration testing team hours over manual exploitation activities which would have to be repeated to confirm successful patches and mitigations. If we look at Breach and Attack Simulation software the tools have typically come in two flavors. One is an agent based approach. Example. A company might install an attack agent on a laptop inside the corporate environment that runs Data Loss Protection software. The attack agent might look at how much data it can exfiltrate which is not stopped by the DLP tool. The attack agent could also run similar attacks with how much malware the Antivirus detects, how much sensitive email it send outside the company despite there being an email protection solution. These attack agents can also be placed on servers to determine how effective web applications firewalls are at stopping attacks. Essentially having an attack agent on the internal side of a trusted network and one on the outside allows an organization to evaluate the effectiveness of various cyber tools. Now there's a few concerns with this type of approach. One, companies don't want to add more agents across their network because it steals critical system resources and makes things slower. Two, the time it takes to install and test agents means the value you can get out of these tools is delayed because cyber needs approvals from the desktop team, the network team, the firewall team, etc. before these solutions can be deployed. Three, by having an agent you don't always truly simulate what an attacker would do since you don't have to live off the land and gain permissions the attacker did. Your agent may not be know to antivirus or EDR tools, but using windows libraries to gain access does. Now let's compare this with an agentless approach. This approach is quite popular since labs where agents are run don't always look like a production environment. Example they lack the amount of traffic, don't possess the same amount of production data, or contain last month's versions of software. Here attacker software may start with the premise what happens if someone from the Accounting Team opens an Excel document containing a malicious macro. Let's see how we can automate an attack after that initial compromise step occurs. Then let's walk through every attack identified by the Mitre Attack Framework and see what gets caught and what doesn't. The tooling can then look at the technical safeguards in the organization that should have been applied and provide recommendations on how to increase their effectiveness. This might be something simple like adding a Windows Group Policy to stop an attack. Also breach and attack simulation tools can provide alerting recommendations to the SIEM that help identify when an endpoint attack occurred. Example: Instead of knowing that bad actors can run an attack, the Breach and Attack Simulation software actually gives you the Splunk Signature that your SOC team can leverage. That's a great add to minimize the amount of time to improve your alerting capabilities. Now when the breach and attack simulation software replays attacks each month, cyber leadership can look at how fast the Incident Response team detected and remediated the attack. It might be as simple as we stopped this attack before it could happen by applying the new Windows Group Policy or it took the team 4 hours to determine XYZ account had been taken over. These metrics allow you to know how well your Response plans work. So you get the value of a penetration test with the automation & scaling of vulnerability management tools. What's even more impressive is how these tools are evolving to meet the larger mission of cyber organizations. Example: Most Financial and Health Care organizations have to demonstrate evidence that IT controls are working effectively. Generally this is a manual process done in the Governance Risk and Compliance (GRC) team within a cyber organization. GRC teams have to ask developers to provide evidence to various IT controls such as are you monitoring and alerting to privilege activity. Now imagine if you had an automated tool that showed evidence that monitoring tools are installed on 99% of endpoints and these tools actually stopped various MITRE attacks immediately. That evidence would minimize the data call which takes time from the developer teams.
In Episode 84 of TheCyber5, we are joined by members of the CrossCountry Consulting team: Brian Chamberlain, Offensive R&D Lead, Eric Eames, Associate Director, and Gary Barnabo, Director, Cyber and Privacy. Here are five topics we discuss in this episode: Adversary Emulation vs. Simulation and Use of Threat Intelligence Replaying attacks from adversaries is considered adversary emulation. The pros of emulation are you can react and defend against threat intelligence and the actual techniques during a penetration test. The cons are that many times these are yesterday's threats. Simulation is the art of coming up with new attack vectors with nuanced penetration testers. The pros are that these attacks give blue teams new ways to think ahead and adapt their defenses before threat actors do. The cons are that these attacks aren't yet in the wild and the probability of such attacks are not known. Values of Threat Intelligence with Red Teams Indicators of Compromise (IOCs) are immediately relevant with something that is actionable even though the value of IOCs is overcome by events (OBE) in hours. Threat intelligence IOCs are not relevant to heuristics of sophisticated adversaries and that is what sophisticated adversary simulation and threat intelligence combined attempts to overcome. For example, if an enterprise can defend against Malicious HTML Applications (HTAs), that protects them against any sort of adversary using that vector. Another example would be to have a simulated ransomware event, based on threat intel, that drops in several places and simulates everything that six different ransomware families would do (up until encryption). Tools Are Not Enough Enterprises struggle to defend if a security product does not catch an actor in the environment nor how to react in a way that forensically preserves the attacker's initial access vector. Training incident response and conducting external threat hunting are critical elements to defend and react when an attacker creates a new way to penetrate an environment. Satisfying a Chief Financial Officer's Appetite for Security In today's information technology environments, CFOs need to be conversant in cyber security, not experts. Some considerations should be: A considerable accountability on security tooling needs to be considered by CFOs because there is an overconsumption of tooling that simply does not make an impact. Further, corporate development, merger and acquisition strategy, and payments to vendors, are critical business aspects a CFO should be concerned to protect. A CFO should be empowered to initiate a penetration test unbeknownst to the security team. Adversary simulations are often highly political as a result but this kind of dialogue is beneficial for understanding incident response preparation and threat intelligence of how to defend against certain threat actors. If a company is in growth mode and over $1B in annual revenue, and if IT cannot integrate acquisitions quick enough, more should be spent on security. If a company is in profitability mode, streamlining security is probably more important. If companies are under $1B in annual revenue, spending on security is always challenging and managed services and consulting come more into play. Benchmarks Can Be Challenging Many companies want benchmarks on how they stack up to industry peers. Every company is different and no two environments are the same so stacking up against industries like third party risk “scores” is challenging and not advisable.
Taiwan officials said Chinese aircraft and warships rehearsed an attack on the island on Saturday, part of Beijing's retaliation for a visit there by U.S. House of Representatives Speaker Nancy Pelosi that has also included a halt in talks with the United States on issues including defence and climate change. --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/tsbrenterprises/message Support this podcast: https://anchor.fm/tsbrenterprises/support
Control System Cyber Security Association International: (CS)²AI
Derek Harp is happy to welcome Pascal Ackerman as his guest for today's podcast! Pascal is a security professional, focused on industrial control systems and he's currently the Sr Security Consultant for Operational Technology - Threat & Attack Simulation at GuidePoint Security. He has a Master's of Science degree in Electrical Engineering (MSEE/CE). He has had 18 years of experience in industrial Ethernet design and support, information and network security, risk assessments, pen-testing, forensics, and threat hunting, WAN/LAN/Internet and Wireless Technologies, Windows Environments, Unix, Linux, IIS, and Apache. He specialized in the architecture, engineering, and securing of plant-wide Ethernet networks using Purdue-model design strategies, IDS/IPS sensors, network monitoring, Security Information, and Event Management (SIEM) solutions, next-gen firewalls, MS domain services, WSUS servers, MS SQL server clusters, etc. Pascal was born and raised in the Netherlands. Right after leaving high school, he was put behind a POC by a company that sent him out across the world installing prototype machinery for filling machines. He is an engineer, programmer, gamer, hacker, traveler, tinkerer, pen-tester, and father. In this episode of the (CS)²AI Podcast, he shares his superhero backstory and discusses his certifications, his education, and his career path. He also offers advice for those who would like to get into the field of cybersecurity and people thinking about writing a book. If you are considering a career in cybersecurity or if you are an engineer and want to specialize in cyber security, you will gain a lot from this podcast! Stay tuned for more! Show highlights: After leaving college, Pascal stayed with the company where he did his internship. The company got him to set up a software simulation to test their POC programs and later put him on their commissioning team. (6:51) Pascal talks about what he did while working as a controls engineer. (8:08) How Pascal got invited to move to the US to continue with his work. (9:50) Pascal explains how many doors opened for him after presenting his first report in 2005. (12:27) Pascal talks about how security measures first intersected with his work in 2008-2009. (14:07) Pascal pinpoints the moment when he decided to change his career path. (16:00) Pascal offers advice for traditional engineers who want to improve what they do and join the cyber security workforce. (17:35) A Network Plus certification will help controls engineers understand the fundamentals of networking. (18:19) Pascal explains why he got hired as a commercial engineer in Network and Security at Rockwell. (21:16) Pascal talks about his book, Industrial Cybersecurity. (23:39) The book Hacking Exposed by Clint Bodungen inspired Pascal to write his first book. (27:50) How Threat GEN became a company based around a game Pascal developed. (29:10) Pascal offers advice on where people in IT who want to know more about safety, reliability, resiliency, and POCs can start. (32:36) The most successful companies have a combined IT and OT team with knowledgeable people on both sides. (36:43) Why do you need to figure out what you like the most and focus on that technology? (37:58) Architecture will be the next big step for monitoring everything. (45:06) Pascal discusses the process of writing his books and offers advice for those who would like to write a book. (45:49) Links: https://www.cs2ai.org/ ((CS)²AI) https://www.linkedin.com/in/pascal-ackerman-036a867b/ (Pascal Ackerman on LinkedIn) https://www.amazon.com/Industrial-Cybersecurity-Efficiently-cybersecurity-environment/dp/1800202091 (Industrial Cybersecurity by Pascal Ackerman) Books mentioned: https://www.amazon.com/Hacking-Exposed-Industrial-Control-Systems/dp/1259589714 (Hacking Exposed by Clint Bodungen) Mentioned in this episode: Our Sponsors: We'd like to thank our sponsors for their faithful...
Episode 173 of the Unsecurity Podcast is now live! This week, Brad and Evan are joined by Eric Hanson, FRSecure's Offensive Services Manager to discuss the differences between attack simulation services like penetration testing and red teaming, and who they're for.
InfoSec WOTD is a daily dose of Cybersecurity Terms, Acronyms and Concepts. This PASTA is for a different kind of appetite, the one associated with threats aka #Riskappetite.PASTA is a threat modelling methodology to identify threats in a very systematic way. It stands for Process for Attack Simulation and Threat Analysis , a 7 step risk centric method to identify threats.#INFOSECWOTD
A few weeks before baby CISO made his grand entrance, I hosted a live podcast with my good Friend Kevin Gowen, CISO at Synovus and Andrew Barnett, Chief Strategy Officer at Cymulate joined me to discuss how Tech and Security meet and how as partners we need to solve the latest challenges and technology evolutions to the new security challenges. Bio: Andrew Barnett A Cyber Security leader with over 15 years of experience, Andrew has built a career combining business, technical, and sales acumen. As chief strategy officer, he leads Cymulate's go-to-market partnerships, technology alliances and product strategy. Previously, Andrew was a Senior Manager in Deloitte's Cyber Risk Services Practice, leading IT Risk and Security management consulting services for Fortune 500 clients and building Deloitte's Breach and Attack Simulation solutions. Prior roles include serving as VP of Business Development at Verodin (now Mandiant Security), and Senior Director of Portfolio Programs at Optiv where he served as a technical advisor for M&A activities and co-developed security strategies for The Blackstone Group and its investment portfolio. Andrew began his career building networks for companies like McKesson and News Corp and holds his BS in Electrical Engineering from Southern Methodist University. CISO Talk is supported by these great partners please make sure to check them out: Cymulate: For companies that want to assure their security against the evolving threat landscape. Cymulate SaaS-based Continuous Security Validation automates security risk assessments end-to-end, enabling them to challenge, assess and optimize their cyber-security posture simply and continuously. Because security professionals need to know and control their dynamic environment. KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen Here: https://linktr.ee/CISOtalk The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
This episode brings you some great conversation on the week's cyber news. We report on the cyberattack against Accenture, holding them for ransom. New Phishing tactics are seen using morse-code to bypass security controls and the infamous ALPHABAY is back baby. With a new look and new rules which raise an eyebrow.... The topic of the week looks into Attack Simulation and how you can use tools like Atomic RedTeam, CALDERA, and the Attack Range tool to test and verify your security control configuration against the modern attacks of today. As we mentioned in the Podcast, what do you think the 5th stage of ransomware might be? Let us know on info@hackableyou.com and we will read some out next time round! Thanks for listening and supporting us so far! Share with a friend or colleague. Ed, Alex and Will. HackableYou Atomic Red Team: https://github.com/redcanaryco/atomic-red-team MITRE Caldera: https://github.com/mitre/caldera Attack Rage (Splunk): https://github.com/splunk/attack_range
In the final stages of attack, attackers exfiltrate your critical data for profit. While many of the ways are known, there are other ways that they often use to elude us. Come listen to Avihai Ben-Youssef, CTO and Co-Founder of Cymulate, as he discusses some of these techniques and shows how Breach and Attack Simulation can be used to discover if these methods work in your environment so you can better close the gaps. To learn more about our sponsor, Cymulate, visit https://cymulate.com/
Sponsor by SEC Playground แบบสอบถามเพื่อปรับปรุง Chill Chill Security Channel: https://forms.gle/e5K396JAox2rZFp19 Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support
Sponsor by SEC Playground แบบสอบถามเพื่อปรับปรุง Chill Chill Security Channel: https://forms.gle/e5K396JAox2rZFp19 Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support
Sponsor by SEC Playground แบบสอบถามเพื่อปรับปรุง Chill Chill Security Channel: https://forms.gle/e5K396JAox2rZFp19 Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support
Purple Team exercise are critical to the success of every enterprise. They can often be arduous to plan and implement and often difficult to repeat. Please join David Kellerman, Technical Account Manager at Cymulate, as he shows how BAS (Breach & Attack Simulation) solutions make Purple Team exercises more comprehensive, actionable, and most importantly repeatable. To learn more about our sponsor, Cymulate, visit https://cymulate.com/
Attackers upon breaching enterprises “land and expand” moving laterally to achieve their criminal missions. Come listen to Avihai Ben-Youssef, CTO and Co-Founder of Cymulate, as he discusses how Breach and Attack Simulation can be used to tighten your enterprise and prevent an initial breach or at the minimum prevent it from becoming a larger one. To learn more about our sponsor, Cymulate, visit https://cymulate.com/
Today we talk with Marlys Rodgers, who has been in cyber for over 20 years. She currently is CISO for CSAA Insurance Group and is running security for the company as well as running governance risk and compliance for technology. She shares that it feels like she is constantly balancing assessing with preventing. Allan brings up breach and attack simulation (BAS), and when it is most appropriate to implement in the context of the maturity of a security program. Marlys feels BAS is most effective when some, or most, of the intended controls are in place so you can focus on areas you need to strengthen. For her company, she was glad they did it earlier rather than later. They had a pretty good lead time to get systems to integrate. The way you use BAS, especially along with threat intelligence, is really important. If you don't have a purple team, or a red and blue team how does one start or how do you reorganize? Hear how Marlys did just that. Tag-teaming works best! How has BAS helped in conversations with the audit team as well as the GRC team? More data gets shared with Audit and they become strong allies. Everyone is happy when fed real-world, real-time information. BAS is truly changing mindsets, and will ultimately alter prioritization and enhancing and inter-team communications as well. To wrap up the show, Marlys shares what about her job keeps her getting up in the morning and what she is looking forward to in cyber. Key Takeaways 0:21 Welcome Marlys 1:13 Short comical discussion on how one should pronounce BAS 1:29 Marlys shares her background and day job 3:35 When BAS comes into the picture 5:00 The trick 6:05 Allan asks Marlys how she stays up with it 8:52 Marlys explains why more time should be spent on extending capabilities 9:38 Suggestions are shared to roll out BAS 12:21 Importance of human elements 13:45 If you don't have teams, what happens? 16:18 How BAS affects conversations with teams 20:00 Importance of transparency 21:27 Changing people, process and technology with BAS 25:00 Marlys shares the reason she is motivated to stay in cyber 26:01 Marlys shares when she is looking forward to in cyber Links: Learn more about Marlys on LinkedIn Follow Allan Alford on LinkedIn and Twitter Learn more about Hacker Valley Studio and The Cyber Ranch Podcast Sponsored by our good friends at AttackIQ
Ransomware has become extremely devastating to companies of all sizes. Come listen to Avihai Ben-Youssef, CTO and Co-Founder of Cymulate, as he discusses how Breach and Attack Simulation can be used to shore up defenses and educate and prepare defenders to defeat ransomware. To learn more about our sponsor, Cymulate, visit https://cymulate.com/
Every business vertical seeks digital innovation as a primary competitive differentiator. The financial sector by far takes the lead. With accelerated and dynamic growth being spawned by cloud adoption and DevOps automation comes risk. In this episode of Light Up Your Security, Dave Klein, Director of Cyber Evangelism at Cymulate, discusses how Continuous Security Validation through Breach and Attack Simulation solutions can reduce this risk easily. To learn more about our sponsor, Cymulate, visit https://cymulate.com/
In this episode, Chief Revenue Officer of Cymulate, Brian Stone discusses his 20+ years of senior sales and sales leadership, building and scaling mid-stage growth SaaS companies, and the steps managers need to take to build and develop great sales teams. KEY TAKEAWAYS FROM THIS EPISODE: Not having the right experience doesn't necessarily mean you won't be able to make it. In sales, it's important to get yourself out there. If you want to earn more money, you have to be willing to work hard for it. If you don't try something new, you won't know what skills or achievements are waiting for you on the other side. It's important to have a real human connection with your clients, so that - if the worst happens - you will have their back. Perseverance and passion are the most important things you need to find in a potential hire. As a manager, you are part psychiatrist, part counselor, part friend, and part co-worker. You have to be able to switch between being a disciplinarian and an accountability partner. Be authentic. TODAY'S GUEST Brian Stone is a world-leading global head of sales. He has a track record of scaling Cybersecurity companies from $10 million to over $150 million, having led sales for companies including PhishMe (Cofense), Risklens and is the current Chief Revenue Officer of Cymulate, a leading Breach and Attack Simulation vendor. Brian learned the value of hard work back when he worked on a lobster boat in Maine, waking up at 4:30 am to pull lobsters out of the ocean then selling them in the local market. His work ethic continued to serve him well as he transitioned into sales, where he built a successful career in senior sales and leadership positions with global software vendors such as PhishMe and Oracle, and several early-stage tech ventures, resulting in two acquisitions and an IPO. For more information, or to get in touch with Brian, check out: https://twitter.com/bstone215 https://twitter.com/Cymulateltd https://www.linkedin.com/in/bstone215/ YOUR HOST Simon Lader is the host of The Conference Room, Co-Founder of global executive search firm Salisi Human Capital, and online coaching firm Salisi Academy. Since 1997, Simon has helped Senior Executives achieve Life Transformation through finding their ideal job and consulted with leading enterprise software and cybersecurity vendors to build highly effective teams. Get to know more about Simon here: Podcast Website: https://theconferenceroompodcast.com Website: https://simonlader.com/ Twitter: https://twitter.com/simonlader LinkedIn: https://www.linkedin.com/in/headhuntersimonlader Facebook: https://www.facebook.com/simonlader Spotify: https://open.spotify.com/show/3dd0obQSM8cYRV0HCxiuF0xiuF0
These Soap Box editions of the show are wholly sponsored. If that’s not your thing and you’re looking for the weekly news edition of the show, just scroll one show back in your feed. This soap box edition is brought to you by AttackIQ. They make a Breach and Attack Simulation platform that’s designed to test the effectiveness of your security controls by simulating bad things in your environment. Carl Wright and Jonathan Reiber are joining us in this edition of the show. These days he’s AttackIQ’s senior director of cybersecurity and strategy but he previously served as a former Chief Strategy Officer for Cyber Policy in the Office of the Secretary of Defense. They joined the show to talk through their work in mapping NIST 800-53 to the MITRE ATT&CK framework. Enjoy! Show notes Center for Threat-Informed Defense releases security control mappings to ATT&CK - MITRE Engenuity Here comes the bride: New map matches threat intel to cyberdefenses - CyberScoop MITRE Engenuity to strengthen critical infrastructure - AttackIQ
Noticias de Ciberseguridad Especial: BAS - Breach & Attack Simulation Entrevista: Elena García, CISO de Indra Concurso de Trendmicro Con: Dani Vaquero, Sergio Lillo, Manu Cantonero y Patricia Mármol Dirige: Carlos Lillo
Brakesec Podcast is now on Pandora! Find us here: https://pandora.app.link/p9AvwdTpT3 Book club Book club is starting up again with Hands-On AWS penetration testing with Kali Linux from Gilbert and Caudill. You read and get together to discuss or demo every Monday. Get the book, start reading and meet us for the kick off Monday the 24 at 10pm eastern. The book club meets virtually on zoom, and organizes on slack..get invited like this.” Book: https://smile.amazon.com/Hands-Penetration-Testing-Kali-Linux/dp/1789136725 NolaCon Training: https://nolacon.com/training/2020/security-detect-and-defense-ttx Roberto Rodriguez Bio @Cyb3rWard0g on Twitter Threat Intel vs. Threat Hunting = what’s the difference? What datasets are you using? Did you start with any particular dataset, or created your own? Technique development - what skills are needed? C2 setup Detection mechanisms Honeypots How can people get involved? Blacksmith - create ‘mordor’ environment to push scripts to setup honeypot/nets https://Threathunterplaybook.com https://github.com/hunters-forge/ThreatHunter-Playbook https://threathunterplaybook.com/notebooks/windows/08_lateral_movement/lateral_movement/WIN-190815181010.html https://medium.com/threat-hunters-forge/threat-hunter-playbook-mordor-datasets-binderhub-open-infrastructure-for-open-8c8aee3d8b4 https://medium.com/threat-hunters-forge/writing-an-interactive-book-over-the-threat-hunter-playbook-with-the-help-of-the-jupyter-book-3ff37a3123c7 https://www.exploit-db.com/exploits/47995 - Sudo buffer overflow Mordor: The Mordor project provides pre-recorded security events generated by simulated adversarial techniques in the form of JavaScript Object Notation (JSON) files for easy consumption. YAML Example: https://github.com/hunters-forge/ThreatHunter-Playbook/blob/master/playbooks/WIN-190810201010.yaml Notebook Example: https://threathunterplaybook.com/notebooks/windows/08_lateral_movement/lateral_movement/WIN-190810201010.html Jupyter notebook - Definition: https://jupyter-notebook-beginner-guide.readthedocs.io/en/latest/what_is_jupyter.html Lateral Movement - WMI - IMAGE Below SIGMA? What is a Notebook? Think of a notebook as a document that you can access via a web interface that allows you to save input (i.e live code) and output (i.e code execution results / evaluated code output) of interactive sessions as well as important notes needed to explain the methodology and steps taken to perform specific tasks (i.e data analysis). https://medium.com/threat-hunters-forge/threat-hunter-playbook-mordor-datasets-binderhub-open-infrastructure-for-open-8c8aee3d8b4 Have a goal for expanding to other parts of ATT&CK? Threat Hunter Playbook - Goals Expedite the development of techniques an hypothesis for hunting campaigns. Help Threat Hunters understand patterns of behavior observed during post-exploitation. Reduce the number of false positives while hunting by providing more context around suspicious events. Share real-time analytics validation examples through cloud computing environments for free. Distribute Threat Hunting concepts and processes around the world for free. Map pre-recorded datasets to adversarial techniques. Accelerate infosec learning through open source resources. Sub-techniques: https://medium.com/mitre-attack/attack-sub-techniques-preview-b79ff0ba669a Slack Channel: https://launchpass.com/threathunting Twitter; https://twitter.com/mattifestation https://twitter.com/tifkin_ https://twitter.com/choldgraf https://twitter.com/Cyb3rPandaH on Brakeing Down Security Podcast on #Pandora- https://www.pandora.com/podcast/brakeing-down-security-podcast/PC:27866 Marcus Carey https://twitter.com/marcusjcarey Prolific Author, Defender, Enterprise Architect at ReliaQuest https://twitter.com/egyp7 https://www.darkreading.com/vulnerabilities---threats/reliaquest-acquires-threatcare/d/d-id/1335950 “GreyMatter integrates security data from security incident and event manager (SIEM), endpoint detection and response (EDR), firewalls, threat intelligence feeds, and other security tools, and includes analysis functions and automation. Threatcare's technology — which will become a new feature on the platform — simulates how a specific threat or attack could target an organization's network in order to determine whether its security tools and settings are or are not actually working to thwart the threats.” Security model - everyone’s is diff How do you work with your threat model? A proper threat model Attack Simulation - How is this different from doing a typical Incident Response tabletop? Threat modeling systems? How is this different than a pentest? Is this automated red teaming? How effective can automated testing be? Is this like some kind of constant scanning system? How does this work with threat intel feeds? Can it simulate ransomware, or any attacks? Hedgehog principles A lot of things crappily, and nothing good Mr. Boettcher: “Why suck at everything…” Atomic Red Team - https://github.com/redcanaryco/atomic-red-team ATT&CK Matrix - https://attack.mitre.org/matrices/enterprise/ Tribe of Hackers https://smile.amazon.com/Tribe-Hackers-Cybersecurity-Advice-World/dp/1793464189 - Red Book The Tribe of Hackers team is back with a new guide packed with insights from dozens of the world’s leading Red Team security specialists. With their deep knowledge of system vulnerabilities and innovative solutions for correcting security flaws, Red Team hackers are in high demand. Tribe of Hackers Red Team: Tribal Knowledge from the Best in Offensive Cybersecurity takes the valuable lessons and popular interview format from the original Tribe of Hackers and dives deeper into the world of Red Team security with expert perspectives on issues like penetration testing and ethical hacking. This unique guide includes inspiring interviews from influential security specialists, including David Kennedy, Rob Fuller, Jayson E. Street, and Georgia Weidman, who share their real-world learnings on everything from Red Team tools and tactics to careers and communication, presentation strategies, legal concerns, and more Learn what it takes to secure a Red Team job and to stand out from other candidates Discover how to hone your hacking skills while staying on the right side of the law Get tips for collaborating on documentation and reporting Explore ways to garner support from leadership on your security proposals Identify the most important control to prevent compromising your network Uncover the latest tools for Red Team offensive security https://smile.amazon.com/Tribe-Hackers-Cybersecurity-Advice-World/dp/1119643376 - Yellow Book Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World is your guide to joining the ranks of hundreds of thousands of cybersecurity professionals around the world. Whether you’re just joining the industry, climbing the corporate ladder, or considering consulting, Tribe of Hackers offers the practical know-how, industry perspectives, and technical insight you need to succeed in the rapidly growing information security market. This unique guide includes inspiring interviews from 70 security experts, including Lesley Carhart, Ming Chow, Bruce Potter, Robert M. Lee, and Jayson E. Street. Get the scoop on the biggest cybersecurity myths and misconceptions about security Learn what qualities and credentials you need to advance in the cybersecurity field Uncover which life hacks are worth your while Understand how social media and the Internet of Things has changed cybersecurity Discover what it takes to make the move from the corporate world to your own cybersecurity venture Find your favorite hackers online and continue the conversation https://smile.amazon.com/Tribe-Hackers-Security-Leaders-Cybersecurity/dp/1119643775 - Green Book (Next out!) Information security is becoming more important and more valuable all the time. Security breaches can be costly, even shutting businesses and governments down, so security leadership is a high-stakes game. Leading teams of hackers is not always easy, but the future of your organization may depend on it. In this book, the world’s top security experts answer the questions that Chief Information Security Officers and other security leaders are asking, including: What’s the most important decision you’ve made or action you’ve taken to enable a business risk? How do you lead your team to execute and get results? Do you have a workforce philosophy or unique approach to talent acquisition? Have you created a cohesive strategy for your information security program or business unit? https://smile.amazon.com/Tribe-Hackers-Blue-Team-Cybersecurity/dp/1119643414 - Blue Book (OUT SOON!) Tribe of Hackers Blue Team goes beyond the bestselling, original Tribe of Hackers book and delves into detail on defensive and preventative techniques. Learn how to grapple with the issues that hands-on security experts and security managers are sure to build into their blue team exercises. Discover what it takes to get started building blue team skills Learn how you can defend against physical and technical penetration testing Understand the techniques that advanced red teamers use against high-value targets Identify the most important tools to master as a blue teamer Explore ways to harden systems against red team attacks Stand out from the competition as you work to advance your cybersecurity career Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #Pandora: https://pandora.app.link/p9AvwdTpT3 #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel: http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site: https://brakesec.com/bdswebsite #iHeartRadio App: https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec
Brakeing Down Security Podcast on #Pandora- https://www.pandora.com/podcast/brakeing-down-security-podcast/PC:27866 Marcus Carey https://twitter.com/marcusjcarey Prolific Author, Defender, Enterprise Architect at ReliaQuest https://twitter.com/egyp7 https://www.darkreading.com/vulnerabilities---threats/reliaquest-acquires-threatcare/d/d-id/1335950 “GreyMatter integrates security data from security incident and event manager (SIEM), endpoint detection and response (EDR), firewalls, threat intelligence feeds, and other security tools, and includes analysis functions and automation. Threatcare's technology — which will become a new feature on the platform — simulates how a specific threat or attack could target an organization's network in order to determine whether its security tools and settings are or are not actually working to thwart the threats.” Security model - everyone’s is diff How do you work with your threat model? A proper threat model Attack Simulation - How is this different from doing a typical Incident Response tabletop? Threat modeling systems? How is this different than a pentest? Is this automated red teaming? How effective can automated testing be? Is this like some kind of constant scanning system? How does this work with threat intel feeds? Can it simulate ransomware, or any attacks? Hedgehog principles A lot of things crappily, and nothing good Mr. Boettcher: “Why suck at everything…” Atomic Red Team - https://github.com/redcanaryco/atomic-red-team ATT&CK Matrix - https://attack.mitre.org/matrices/enterprise/ Tribe of Hackers https://smile.amazon.com/Tribe-Hackers-Cybersecurity-Advice-World/dp/1793464189 - Red Book The Tribe of Hackers team is back with a new guide packed with insights from dozens of the world’s leading Red Team security specialists. With their deep knowledge of system vulnerabilities and innovative solutions for correcting security flaws, Red Team hackers are in high demand. Tribe of Hackers Red Team: Tribal Knowledge from the Best in Offensive Cybersecurity takes the valuable lessons and popular interview format from the original Tribe of Hackers and dives deeper into the world of Red Team security with expert perspectives on issues like penetration testing and ethical hacking. This unique guide includes inspiring interviews from influential security specialists, including David Kennedy, Rob Fuller, Jayson E. Street, and Georgia Weidman, who share their real-world learnings on everything from Red Team tools and tactics to careers and communication, presentation strategies, legal concerns, and more Learn what it takes to secure a Red Team job and to stand out from other candidates Discover how to hone your hacking skills while staying on the right side of the law Get tips for collaborating on documentation and reporting Explore ways to garner support from leadership on your security proposals Identify the most important control to prevent compromising your network Uncover the latest tools for Red Team offensive security https://smile.amazon.com/Tribe-Hackers-Cybersecurity-Advice-World/dp/1119643376 - Yellow Book Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World is your guide to joining the ranks of hundreds of thousands of cybersecurity professionals around the world. Whether you’re just joining the industry, climbing the corporate ladder, or considering consulting, Tribe of Hackers offers the practical know-how, industry perspectives, and technical insight you need to succeed in the rapidly growing information security market. This unique guide includes inspiring interviews from 70 security experts, including Lesley Carhart, Ming Chow, Bruce Potter, Robert M. Lee, and Jayson E. Street. Get the scoop on the biggest cybersecurity myths and misconceptions about security Learn what qualities and credentials you need to advance in the cybersecurity field Uncover which life hacks are worth your while Understand how social media and the Internet of Things has changed cybersecurity Discover what it takes to make the move from the corporate world to your own cybersecurity venture Find your favorite hackers online and continue the conversation https://smile.amazon.com/Tribe-Hackers-Security-Leaders-Cybersecurity/dp/1119643775 - Green Book (Next out!) Information security is becoming more important and more valuable all the time. Security breaches can be costly, even shutting businesses and governments down, so security leadership is a high-stakes game. Leading teams of hackers is not always easy, but the future of your organization may depend on it. In this book, the world’s top security experts answer the questions that Chief Information Security Officers and other security leaders are asking, including: What’s the most important decision you’ve made or action you’ve taken to enable a business risk? How do you lead your team to execute and get results? Do you have a workforce philosophy or unique approach to talent acquisition? Have you created a cohesive strategy for your information security program or business unit? https://smile.amazon.com/Tribe-Hackers-Blue-Team-Cybersecurity/dp/1119643414 - Blue Book (OUT SOON!) Tribe of Hackers Blue Team goes beyond the bestselling, original Tribe of Hackers book and delves into detail on defensive and preventative techniques. Learn how to grapple with the issues that hands-on security experts and security managers are sure to build into their blue team exercises. Discover what it takes to get started building blue team skills Learn how you can defend against physical and technical penetration testing Understand the techniques that advanced red teamers use against high-value targets Identify the most important tools to master as a blue teamer Explore ways to harden systems against red team attacks Stand out from the competition as you work to advance your cybersecurity career Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel: http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site: https://brakesec.com/bdswebsite #iHeartRadio App: https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec
Marcus Carey https://twitter.com/marcusjcarey Prolific Author, Defender, Enterprise Architect at ReliaQuest https://twitter.com/egyp7 https://www.darkreading.com/vulnerabilities---threats/reliaquest-acquires-threatcare/d/d-id/1335950 “GreyMatter integrates security data from security incident and event manager (SIEM), endpoint detection and response (EDR), firewalls, threat intelligence feeds, and other security tools, and includes analysis functions and automation. Threatcare's technology — which will become a new feature on the platform — simulates how a specific threat or attack could target an organization's network in order to determine whether its security tools and settings are or are not actually working to thwart the threats.” Security model - everyone’s is diff How do you work with your threat model? A proper threat model Attack Simulation - How is this different from doing a typical Incident Response tabletop? Threat modeling systems? How is this different than a pentest? Is this automated red teaming? How effective can automated testing be? Is this like some kind of constant scanning system? How does this work with threat intel feeds? Can it simulate ransomware, or any attacks? Hedgehog principles A lot of things crappily, and nothing good Mr. Boettcher: “Why suck at everything…” Atomic Red Team - https://github.com/redcanaryco/atomic-red-team ATT&CK Matrix - https://attack.mitre.org/matrices/enterprise/ Tribe of Hackers https://smile.amazon.com/Tribe-Hackers-Cybersecurity-Advice-World/dp/1793464189 - Red Book The Tribe of Hackers team is back with a new guide packed with insights from dozens of the world’s leading Red Team security specialists. With their deep knowledge of system vulnerabilities and innovative solutions for correcting security flaws, Red Team hackers are in high demand. Tribe of Hackers Red Team: Tribal Knowledge from the Best in Offensive Cybersecurity takes the valuable lessons and popular interview format from the original Tribe of Hackers and dives deeper into the world of Red Team security with expert perspectives on issues like penetration testing and ethical hacking. This unique guide includes inspiring interviews from influential security specialists, including David Kennedy, Rob Fuller, Jayson E. Street, and Georgia Weidman, who share their real-world learnings on everything from Red Team tools and tactics to careers and communication, presentation strategies, legal concerns, and more Learn what it takes to secure a Red Team job and to stand out from other candidates Discover how to hone your hacking skills while staying on the right side of the law Get tips for collaborating on documentation and reporting Explore ways to garner support from leadership on your security proposals Identify the most important control to prevent compromising your network Uncover the latest tools for Red Team offensive security https://smile.amazon.com/Tribe-Hackers-Cybersecurity-Advice-World/dp/1119643376 - Yellow Book Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World is your guide to joining the ranks of hundreds of thousands of cybersecurity professionals around the world. Whether you’re just joining the industry, climbing the corporate ladder, or considering consulting, Tribe of Hackers offers the practical know-how, industry perspectives, and technical insight you need to succeed in the rapidly growing information security market. This unique guide includes inspiring interviews from 70 security experts, including Lesley Carhart, Ming Chow, Bruce Potter, Robert M. Lee, and Jayson E. Street. Get the scoop on the biggest cybersecurity myths and misconceptions about security Learn what qualities and credentials you need to advance in the cybersecurity field Uncover which life hacks are worth your while Understand how social media and the Internet of Things has changed cybersecurity Discover what it takes to make the move from the corporate world to your own cybersecurity venture Find your favorite hackers online and continue the conversation https://smile.amazon.com/Tribe-Hackers-Security-Leaders-Cybersecurity/dp/1119643775 - Green Book (Next out!) Information security is becoming more important and more valuable all the time. Security breaches can be costly, even shutting businesses and governments down, so security leadership is a high-stakes game. Leading teams of hackers is not always easy, but the future of your organization may depend on it. In this book, the world’s top security experts answer the questions that Chief Information Security Officers and other security leaders are asking, including: What’s the most important decision you’ve made or action you’ve taken to enable a business risk? How do you lead your team to execute and get results? Do you have a workforce philosophy or unique approach to talent acquisition? Have you created a cohesive strategy for your information security program or business unit? https://smile.amazon.com/Tribe-Hackers-Blue-Team-Cybersecurity/dp/1119643414 - Blue Book (OUT SOON!) Tribe of Hackers Blue Team goes beyond the bestselling, original Tribe of Hackers book and delves into detail on defensive and preventative techniques. Learn how to grapple with the issues that hands-on security experts and security managers are sure to build into their blue team exercises. Discover what it takes to get started building blue team skills Learn how you can defend against physical and technical penetration testing Understand the techniques that advanced red teamers use against high-value targets Identify the most important tools to master as a blue teamer Explore ways to harden systems against red team attacks Stand out from the competition as you work to advance your cybersecurity career Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel: http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site: https://brakesec.com/bdswebsite #iHeartRadio App: https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec
Eran Abramovitz is VP Sales Americas for Cymulate which is Breach & Attack Simulation, helping assess the security posture of organizations. https://cymulate.com LinkedIn ► https://linkedin.com/in/eran-abramovitz-9a9b4b1 ******* This interview is in partnership with COFES Institute, the world’s largest community fostering the convergence of advanced enabling engineering and design technologies. https://cofesinstitute.org ******* Simulation is rebirthing the public intellectual by hosting the greatest multidisciplinary minds of our time. Build the future. Architect the frameworks and resource flows to maximize human potential. http://simulationseries.com ******* SUBSCRIBE TO SIMULATION ► YOUTUBE: http://bit.ly/SimYoTu ITUNES: http://bit.ly/SimulationiTunes FACEBOOK: http://bit.ly/SimulationFB TWITTER: http://bit.ly/SimulationTwitter ******* SPOTIFY: http://bit.ly/SimuSeries SOUNDCLOUD: http://bit.ly/SimulationSC INSTAGRAM: http://bit.ly/SimulationIG LINKEDIN: http://bit.ly/SimulationLinkedIn PATREON: http://bit.ly/SimulationPatreon CRYPTO: http://bit.ly/SimCrypto ******* NUANCE-DRIVEN DISCOURSE ► http://bit.ly/SimulationTG WATCH ALLEN'S TEDx TALK ► http://bit.ly/AllenTEDx FOLLOW ALLEN ► INSTAGRAM: http://bit.ly/AllenIG TWITTER: http://bit.ly/AllenT ******* LIST OF THOUGHT-PROVOKING QUESTIONS ► http://simulationseries.com/the-list GET IN TOUCH ► simulationseries@gmail.com
Noticias semanales Especial BAS: Breach & Attack Simulation, con la intervención de Daniela Kominsky, Country Manager para Iberia de CYMULATE Entrevista a CISO: Mario Trotta de GENERAL DYNAMICS EUROPEAN LAND SYSTEMS Con: Miguel Alcolea, Javier Pastor, Rafael Tortajada, Estrella Ayudo Dirige: Carlos Lillo Una producción de CLICKRADIOTV
This week, we welcome Bryson Bort, the Founder and CEO of SCYTHE to talk about Attack Simulation! In the Technical Segment, Kory Findley will be presenting a tool he created entitled “pktrecon”, for internal network segment reconnaissance using broadcast and service discovery protocol traffic! In the Security News, why Hyatt Is launching a public bug bounty program, Amazon Key partners with myQ, web vulnerabilities up, IoT flaws down, enterprise iPhones will soon be able to use security dongles, how El Chapo's IT manager cracked his encrypted chats and brought him down, and more! Full Show Notes: https://wiki.securityweekly.com/Episode589 Visit https://www.securityweekly.com/psw for all the latest episodes! For more information about SCYTHE, visit: https://www.scythe.io/securityweekly Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Bryson is the Founder and CEO of SCYTHE and Founder of GRIMM. He comes on the show to talk about Attack Simulation. To learn more about SCYTHE.io, go to: https://www.scythe.io/securityweekly Full Show Notes: https://wiki.securityweekly.com/Episode589 Follow us on Twitter: https://www.twitter.com/securityweekly
Bryson is the Founder and CEO of SCYTHE and Founder of GRIMM. He comes on the show to talk about Attack Simulation. To learn more about SCYTHE.io, go to: https://www.scythe.io/securityweekly Full Show Notes: https://wiki.securityweekly.com/Episode589 Follow us on Twitter: https://www.twitter.com/securityweekly
This week, we welcome Bryson Bort, the Founder and CEO of SCYTHE to talk about Attack Simulation! In the Technical Segment, Kory Findley will be presenting a tool he created entitled “pktrecon”, for internal network segment reconnaissance using broadcast and service discovery protocol traffic! In the Security News, why Hyatt Is launching a public bug bounty program, Amazon Key partners with myQ, web vulnerabilities up, IoT flaws down, enterprise iPhones will soon be able to use security dongles, how El Chapo's IT manager cracked his encrypted chats and brought him down, and more! Full Show Notes: https://wiki.securityweekly.com/Episode589 Visit https://www.securityweekly.com/psw for all the latest episodes! For more information about SCYTHE, visit: https://www.scythe.io/securityweekly Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Paul and Matt discuss all of the vendors providing attack simulation solutions, including why you want (or need) this type of solution, the problem(s) they solve, and differentiators. This is an exciting space, so exciting that Paul and Matt sweat A LOT as this was recorded live from our pool cabana in Las Vegas! Visit http://securityweekly.com/esw for all the latest episodes!
Paul and Matt discuss all of the vendors providing attack simulation solutions, including why you want (or need) this type of solution, the problem(s) they solve, and differentiators. This is an exciting space, so exciting that Paul and Matt sweat A LOT as this was recorded live from our pool cabana in Las Vegas! Visit http://securityweekly.com/esw for all the latest episodes!
This week, Paul and John Strand interview Al Ghous, Senior Director of Cyber Security at GE Digital! In our second segment, Paul and Matt review the ICS security landscape, discussing the problems and potential solutions to secure critical infrastructure. In the final segment, Paul and Matt discuss all of the vendors providing attack simulation solutions, including why you want (or need) this type of solution, the problem(s) they solve, and differentiators. This is an exciting space, so exciting that Paul and Matt sweat A LOT as this was recorded live from our pool cabana in Las Vegas! Full Show Notes: https://wiki.securityweekly.com/ES_Episode102 Visit https://www.securityweekly.com/esw for all the latest episodes! Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter! →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul and John Strand interview Al Ghous, Senior Director of Cyber Security at GE Digital! In our second segment, Paul and Matt review the ICS security landscape, discussing the problems and potential solutions to secure critical infrastructure. In the final segment, Paul and Matt discuss all of the vendors providing attack simulation solutions, including why you want (or need) this type of solution, the problem(s) they solve, and differentiators. This is an exciting space, so exciting that Paul and Matt sweat A LOT as this was recorded live from our pool cabana in Las Vegas! Full Show Notes: https://wiki.securityweekly.com/ES_Episode102 Visit https://www.securityweekly.com/esw for all the latest episodes! Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter! →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly
In a previous podcast, we discussed purple-teaming as it compares to a conventional penetration test. Let’s now build on that approach, starting with the differences between attack simulation and conventional penetration tests. The methodology of attack simulation is the assumption that the network or a system will become compromised and the current controls will not prevent the infection. So, how does attack simulation differ from purple-teaming? With purple-teaming, everyone know what controls are being tested and when. The attack simulation is a bit different, asthe focus is the emulation of a specific attacker group and their methods of obtaining sensitive data. In this podcast, LBMC Information Security’s Bill Dean discusses attack simulation, or what some people label adversary simulation.