Podcasts about Red team

Send us a textWe trace a winding path from offshore rigs to elite red team ops and into subsea data centers, using one sewer-side breach as the spark for a new way to secure and scale compute. Along the way we unpack social engineering basics, the blue vs red culture clash, and whether AI is building features or changing outcomes.• junk folders, platform fatigue, and curated personas • kids chasing influence and the low barrier to entry • leaving school early, offshore work, and non-linear careers • social engineering as ordinary behavior with intent • red team vs blue team dynamics and trust • the sewer break-in that birthed an idea • how subsea data centers plug into power and fiber • threat models at sea and nation-state realities • latency wins for gaming, streaming, fintech, telehealth • AI hype, thin moats, and the need for stack controlFind Maxi: most active on LinkedIn; launching an AI security blog and weekly newsletter at maxirynolds.comSupport the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast Affiliates➡️ OffGrid Faraday Bags: https://offgrid.co/?ref=gabzvajh➡️ OffGrid Coupon Code: JOE➡️ Unplugged Phone: https://unplugged.com/Unplugged's UP Phone - The performance you expect, with the privacy you deserve. Meet the alternative. Use Code UNFILTERED at checkout*See terms and conditions at affiliated webpages. Offers are subject to change. These are affiliated/paid promotions.

Podcast: ICS Arabia PodcastEpisode: OT Red Team (Arabic) | 39Pub date: 2025-11-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationJoin us on ICS Arabia Podcast . as we explore OT red teaming with Fawaz Adi, covering hacking, pentesting, methodologies, tools, case studies, and more!The podcast and artwork embedded on this page are from ICS ARABIA PODCAST, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In this episode of 'Cybersecurity Today,' host Jim Love covers multiple pressing topics: CloudFlare's major outage affecting services like OpenAI and Discord, Microsoft's new AI feature in Windows 11 and its potential malware risks, a new red team tool that exploits cloud-based EDR systems, and a new tactic using calendar invites as a stealth attack vector. Additionally, a critical SAP vulnerability scoring a perfect 10 on the CVSS scale is discussed alongside a peculiar event where Anthropic's AI mistakenly tried to report a cybercrime to the FBI. The episode wraps up with a mention of the book 'Alyssa, A Tale of Quantum Kisses' and a thank you to Meter for sponsoring the podcast. Tune in for essential cybersecurity insights. 00:00 Introduction and Sponsor Message 00:22 CloudFlare Outage Causes Major Disruptions 02:55 Microsoft's New AI Features and Malware Risks 05:22 Silent but Deadly: New Red Team Tool 07:39 Calendar Invites as a Stealth Attack Vector 10:04 Critical SAP Vulnerability 12:11 Anthropic's AI and the FBI Incident 14:06 Conclusion and Final Thoughts

What if your security team is playing defense while hackers play offense 24/7? Foster Davis, former Navy cyber warfare officer and founder of BreachBits, breaks down why traditional penetration tests become obsolete in weeks—and how continuous red teaming changes the game. From hunting pirates in the Indian Ocean to defending critical infrastructure, Foster shares hard-earned lessons about adversarial thinking, operational risk management, and why the junior person in the room might spot your biggest vulnerability. What You'll Learn: Why red teaming creates psychological advantages penetration testing can't match How operational risk management translates technical findings into executive action The real cost of point-in-time security assessments (hint: ask St. Paul, Minnesota) Military-grade frameworks for continuous threat simulation in civilian organizations Why attackers operate 365 days a year—but most organizations test once Don't let your organization become another headline. Security teams need to think like attackers, not just defenders. Subscribe for more conversations that challenge conventional cybersecurity thinking. #RedTeam #CybersecurityStrategy #PenetrationTesting #MilitaryCyber #ThreatHunting #InfoSec 

Enjoying the content? Let us know your feedback!Today we're tackling a question I get asked constantly: "Should we do a pentest, a red team engagement, or a vulnerability assessment?"These terms get thrown around interchangeably, but they're actually very different things with different goals, different costs, and they're appropriate for different situations. Choosing the wrong one can either waste money on overkill testing or leave you with a false sense of security.Here's the reality: most organizations need all three at different times. But if you're trying to figure out where to start, you need to understand what each one actually does.https://www.sans.org: Penetration Testing: The Shift to Red Team and Purple Team Strategies-https://nvlpubs.nist.gov: Technical Guide to Information Security Testing and AssessmentBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Wie realistisch sind deine Security-Massnahmen wirklich? In dieser Folge sprechen Andreas und Sandro über simulierte Angriffe – vom gezielten Red-Team-Einsatz bis zum kollaborativen Purple Teaming. Sie erklären, wie strukturierte Security-Simulationen klassische Pentests und Bug-Bounties ergänzen, welche Rollen Red, Blue und Purple wirklich spielen – und warum die wahren Erkenntnisse oft erst nach dem Angriff kommen. Wer verstehen will, wie man Security im Ernstfall testet, sollte hier reinhören.

Vassy Kapelos speaks with Finance Minister Francois-Philippe Champagne on the details surrounding the 2025 'Canada Strong' Budget. On today's show: Andrew Scheer, the House Leader of Canada's Conservatives, on his party's response to the federal budget and why one Conservative MP is crossing the floor to the Red Team. Reaction to the details in this year's federal budget from Canadian Construction Association president Rodrigue Gilbert and PSAC national president Sharon DeSousa. The Daily Debrief Panel - featuring Jeff Rutledge, Stephanie Levitz, and Laura D'Angelo. Don Davies, the interim leader for Canada's NDP, shares his thoughts on the budget and how his party might vote on it.

Parce que… c'est l'épisode 0x657! Shameless plug 8 et 9 novembre 2025 - DEATHcon 17 au 20 novembre 2025 - European Cyber Week 25 et 26 février 2026 - SéQCure 2026 14 au 17 avril 2026 - Botconf 2026 28 et 29 avril 2026 - Cybereco Cyberconférence 2026 9 au 17 mai 2026 - NorthSec 2026 3 au 5 juin 2025 - SSTIC 2026 Description Introduction Ce podcast explore la relation complexe entre les équipes Red Team et les solutions EDR (Endpoint Detection and Response), en mettant l'accent sur les dimensions business plutôt que purement techniques. Charles F. Hamilton partage son expertise terrain sur l'évasion des EDR et démystifie la confiance aveugle que beaucoup placent dans ces solutions présentées comme magiques. La réalité des EDR : au-delà du marketing Les EDR sont souvent vendus comme des solutions universelles de protection, mais cette perception cache une réalité plus nuancée. Il existe plusieurs types de solutions (EDR, XDR, NDR) avec des capacités différentes, notamment au niveau de la télémétrie réseau et de l'enrichissement des données. L'industrie de la cybersécurité reste avant tout un business, où les décisions sont guidées par des considérations financières, de croissance et de parts de marché plutôt que uniquement par la protection des utilisateurs. Un aspect troublant est la romanticisation des groupes d'attaquants par certaines compagnies de détection, qui créent des figurines géantes et des noms accrocheurs pour ces groupes criminels lors de conférences. Cette approche marketing peut paradoxalement valoriser le crime et encourager de nouveaux acteurs malveillants. Fonctionnement technique des EDR Les EDR fonctionnent sur plusieurs niveaux de détection. D'abord, l'aspect antivirus traditionnel effectue une analyse statique avant l'exécution d'un binaire. Ensuite, la détection en temps réel utilise diverses techniques : le user mode hooking (de moins en moins populaire), les callbacks dans le kernel, et ETW (Event Tracing for Windows) qui capture de la télémétrie partout dans Windows. Les EDR modernes privilégient les callbacks kernel plutôt que le user mode, car le kernel offre une meilleure protection. Cependant, le risque est qu'une erreur dans le code kernel peut causer un écran bleu, comme l'a démontré l'incident CrowdStrike. Microsoft a également implémenté les PPL (Protected Process Light) pour empêcher même les utilisateurs avec privilèges système de tuer certains processus critiques. Un point crucial : les Red Teams sont souvent plus sophistiquées que les attaquants réels, précisément parce qu'elles doivent contourner les EDR dans leurs mandats. Techniques d'évasion : simplicité et adaptation Contrairement à ce qu'on pourrait croire, l'évasion d'EDR ne nécessite pas toujours des techniques extrêmement sophistiquées. Plusieurs approches simples fonctionnent encore remarquablement bien. Par exemple, modifier légèrement un outil comme PinkCastle en changeant les requêtes LDAP et en désactivant certaines fonctionnalités détectables (comme les tentatives de zone transfer DNS ou les requêtes SPN) peut le rendre indétectable. Un cas particulier intéressant concerne un EDR qui, suite à son acquisition par Broadcom, a cessé d'être signé par Microsoft. Cette décision business a rendu leur DLL incapable de s'injecter dans les processus utilisant le flag de chargement de DLL signées uniquement par Microsoft, rendant effectivement l'EDR sans valeur de détection. Une stratégie efficace consiste à désactiver la connectivité réseau des processus EDR avant toute manipulation, en utilisant le firewall local. Même si des alertes sont générées, elles ne peuvent pas être transmises au serveur. L'agent apparaît simplement offline temporairement. Les vieilles techniques qui fonctionnent encore De nombreuses techniques d'attaque anciennes restent efficaces car elles ne sont pas assez utilisées par les attaquants standard pour justifier leur détection. Les EDR se concentrent sur le “commodity malware” - les attaques volumétriques - plutôt que sur les techniques de niche utilisées principalement par les Red Teams. Charles cite l'exemple d'une “nouvelle backdoor” découverte en 2024 qui était en fait son propre code archivé sur GitHub depuis 8 ans. Pour les compagnies de sécurité, c'était nouveau car jamais vu dans leur environnement, illustrant le décalage entre ce qui existe et ce qui est détecté. L'importance de la simplicité Un conseil crucial : ne pas suivre les tendances en matière de malware. Les techniques à la mode comme le stack spoofing deviennent rapidement détectées. Charles utilise depuis 6-7 ans un agent simple en C# sans share code ni techniques exotiques, qui passe encore inaperçu. La simplicité et une approche différente sont souvent plus efficaces que la complexité. L'utilisation de Beacon Object Files (BOF) avec Cobalt Strike évite l'injection de processus, réduisant considérablement les artefacts détectables. Recommandations pratiques Pour les organisations, avoir un EDR est essentiel en 2025 pour bloquer les attaques triviales. Mais ce n'est qu'un début. Il faut absolument avoir au moins une personne qui examine les logs quotidiennement, idéalement trois fois par jour. De nombreux incidents de réponse montrent que toute l'information était disponible dans la console EDR, mais personne ne l'a regardée. La segmentation réseau reste sous-développée depuis 15 ans, principalement pour des raisons de complexité opérationnelle. Sysmon devrait être déployé partout avec une configuration appropriée pour augmenter exponentiellement la visibilité, malgré la courbe d'apprentissage XML. La visibilité réseau est ce qui manque le plus aux clients en 2025. Sans elle, il est impossible de valider ce que les EDR prétendent avoir bloqué. Charles donne l'exemple de Microsoft Defender Identity qui dit avoir bloqué des attaques alors que l'attaquant a bel et bien obtenu les hash recherchés. Conclusion L'évasion d'EDR est une spécialisation à part entière, au même titre que le pentesting web ou Active Directory. Le secret est de comprendre profondément Windows, les outils et les EDR eux-mêmes avant de tenter de les contourner. Les entreprises doivent garder l'intelligence à l'interne plutôt que de dépendre entièrement des produits commerciaux. Finalement, la collaboration entre Blue Teams et Red Teams reste insuffisante. Plus de synergie permettrait aux deux côtés de mieux comprendre les perspectives de l'autre et d'améliorer globalement la sécurité. La curiosité et l'apprentissage continu sont les clés du succès dans ce domaine en constante évolution. Notes Training Training Collaborateurs Nicolas-Loïc Fortin Charles F. Hamilton Crédits Montage par Intrasecure inc Locaux virtuels par Riverside.fm

Red Teaming 101: understand your target before you attack. On this episode, we invited two heavy hitters, Principal Security Consultants Hans Lakhan and Oddvar Moe on the show to talk about Red Team operations. We discuss footprinting and reconnaissance techniques including identifying a target's online presence, the tools and methods used for reconnaissance, and social engineering. Listen as we walk through how we map the digital terrain before a red team engagement! About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Find more cybersecurity resources on our website at https://trustedsec.com/resources. Red teaming services: https://trustedsec.com/services/red-teaming

Wenn von IT-Sicherheit die Rede ist, denken viele zuerst an Cyberangriffe, Firewalls oder Datenverschlüsselung. Doch zahlreiche Risiken für den zuverlässigen IT-Betrieb kommen oft aus der physischen Welt: Feuer, Stromausfälle, unbefugter Zutritt oder schlicht menschliches Fehlverhalten. In dieser Folge des eco Podcasts “Das Ohr am Netz” widmen sich Sidonie und Sven der Frage, wie moderne Rechenzentren sich gegen solche realen Gefahren absichern. Ihre Gäste geben einen tiefen Einblick in ihre Praxis: Gemeinsam sprechen sie darüber, welche physischen Risiken in Rechenzentren heute im Fokus stehen und welche Sicherheitsaspekte in der IT-Welt häufig unterschätzt werden, gerade im Vergleich zur Cyber- oder Prozesssicherheit. Joachim Astel (noris network) erklärt, wie ein durchdachtes Sicherheitsmodell aussieht und warum es mehr braucht als nur abgeschlossene Türen. Er berichtet, welche Rolle regelmäßige Auditierungen, Zertifizierungen und Red-Team-Übungen spielen und wie sich physische Resilienz im Alltag überprüfen lässt. Auch Standortfaktoren wie Energieversorgung, Kühlung und Georedundanz sind zentrale Bausteine eines robusten Sicherheitskonzepts. Brandschutzexpertin Anne Omar (Fogtec) zeigt, warum Feuer in modernen Rechenzentren noch immer ein ernstzunehmendes Risiko ist und welche technologischen Entwicklungen dabei helfen, Daten und Infrastruktur effektiv zu schützen. Sie erklärt, wie sich Wassernebel- und Hochdrucklöschsysteme von klassischen Gaslöschanlagen unterscheiden und welche Vorteile sie gerade in sensiblen IT-Umgebungen bieten. Außerdem geht es darum, wie sich bestehende Anlagen im laufenden Betrieb nachrüsten lassen, welche Herausforderungen Lithium-Ionen-Batterien mit sich bringen und wie sich Sicherheit und Nachhaltigkeit im Brandschutz vereinen lassen. Weitere Informationen: Mehr zum DSC-Beirat eco Studie “Die Internetwirtschaft in Deutschland 2025-2030” Artikel zum großen KI-Innovationspark IPAI Erdbebensichere Rechenzentren Das unterirdische Rechenzentrum in Stockholm --------- Moderation: Sidonie Krug, Sven Oswald Schnitt: David Grassinger Redaktion: Christin Müller, Irmeline Uhlmann, Laura Rodenbeck, Anja Wittenburg Produktion: eco – Verband der Internetwirtschaft e.V.

Send us a textSecurity gets sharper when we stop treating AI like magic and start treating it like an untrusted user. We sit down with Eric Galinkin to unpack the real-world ways red teams and defenders are using language models today, where they fall apart, and how to build guardrails that hold up under pressure. From MCP servers that look a lot like ordinary APIs to the messy truths of model hallucination, this conversation trades buzzwords for practical patterns you can apply right now.Eric shares takeaways from Offensive AI Con: how models help triage code and surface likely bug classes, why decomposed workflows beat “find all vulns” prompts, and what happens when toy benchmarks meet stubborn, real binaries. We explore reinforcement learning environments as a scalable way to train security behaviors without leaking sensitive data, and we grapple with the uncomfortable reality that jailbreaks aren't going away—so output validation, sandboxing, and principled boundaries must do the heavy lifting.We also dig into Garak, the open-source system security scanner that targets LLM-integrated apps where it hurts: prompted cross-site scripting, template injection in Jinja, and OS command execution. By mapping findings to CWE, Garak turns vague model “misbehavior” into concrete fixes tied to known controls. Along the way, we compare GPT, Claude, and Grok, talk through verification habits to counter confident nonsense, and zoom out on careers: cultivate niche depth, stay broadly literate, and keep your skepticism calibrated. If you've ever wondered how to harness AI without handing it the keys to prod, this one's for you.Enjoyed the episode? Follow, share with a teammate, and leave a quick review so more builders and defenders can find the show.Inspiring Tech Leaders - The Technology PodcastInterviews with Tech Leaders and insights on the latest emerging technology trends.Listen on: Apple Podcasts SpotifySupport the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast Affiliates➡️ OffGrid Faraday Bags: https://offgrid.co/?ref=gabzvajh➡️ OffGrid Coupon Code: JOE➡️ Unplugged Phone: https://unplugged.com/Unplugged's UP Phone - The performance you expect, with the privacy you deserve. Meet the alternative. Use Code UNFILTERED at checkout*See terms and conditions at affiliated webpages. Offers are subject to change. These are affiliated/paid promotions.

In this week's Frankly, Nate considers the ways in which our social species overvalues false-confidence rather than the more honest and inquisitive response of “I don't know.” He invites us to consider the science behind this cultural bias towards certainty: from our biological response from the stress of “not knowing” to the reinforcing effects of motivated reasoning that ensnares even the smartest among us (especially the smartest among us). Overconfidence and the desire for quick answers have been the root cause of many of humanity's disasters, from the space shuttle Challenger explosion to the Deep Water Horizon oil spill to the subprime housing bubble. And now, the exponential growth and integration of Artificial Intelligence is hyper-fueling this risk, as AI mirrors the human aversion to uncertainty through “hallucinations”. As some AI companies are now considering penalizing over-confident answers in favor of “I don't know”, perhaps humans could learn to do the same for ourselves. How often do you say. "I don't know"?  In what ways do we lose opportunities for conversation and exploration by not admitting our own uncertainties? Can listening to our own gut for “truth” and embracing intentional Red Team dissent shift “I don't know” from weakness to wisdom? (Recorded October 17th, 2025)   Show Notes and More Watch this video episode on YouTube   Want to learn the broad overview of The Great Simplification in 30 minutes? Watch our Animated Movie. ---   Support The Institute for the Study of Energy and Our Future   Join our Substack newsletter   Join our Hylo channel and connect with other listeners

What happens when you take the Red, Blue, and Purple Team Strategy and apply it inside a podiatry clinic? In this episode, I share what I learned firsthand while running this creative exercise with a clinic team, and how it revealed new insights into teamwork, reputation, and readiness. Joined by Dave Frees, we also unpack how AI can help clinics think smarter, act faster, and build lasting resilience. If you want a deeper understanding of this concept, please go back and listen to Episode 380: Future Proofing Your Podiatry Clinic with Red, Blue and Purple Team Strategy.  Learn more about Dave's training at Business Black Ops. MY UPCOMING EVENTS If you found this episode helpful, share it with another podiatrist or business owner. If you'd like guidance on implementing Red Team, Blue Team, Purple Team thinking in your practice or organising a Team Creative Day, please get in touch with me at tf@tysonfrasnklin.com or visit my website www.tysonfranklin.com, I'd love to help you future-proof your business. If you're looking for a speaker for an upcoming event or a facilitator to run a pre-conference workshop, please visit my Speaker Page to see the range of topics I cover. Are You Looking for A Little Business Guidance?  A podiatrist I spoke with in early 2024 earned an additional $40,000 by following my advice from a 30-minute free Zoom call.  Think about it: you have everything to gain and nothing to lose, and it's not a TRAP. I'm not out to get you, I'm here to help you.  Please follow the link below to my calendar and schedule a free 30-minute Zoom call. I guarantee that after we talk, you will have far more clarity on what is best for you, your business and your career. ONLINE CALENDAR Business Coaching I offer three coaching options: Monthly Scheduled Calls. Hourly Sessions. On-Site TEAM Training and Creativity Days.   But let's have a chat first to see what best suits you. ONLINE CALENDAR Facebook Group: Podiatry Business Owners Club  Have you grabbed a copy of one of my books yet?  2014 – It's No Secret There's Money in Podiatry  2017 – It's No Secret There's Money in Small Business  

En este episodio la discusión se centra en la acuciante relevancia de la ciberseguridad en el mundo corporativo, destacando ciberataques recientes de alto perfil contra compañías como Jaguar Land Rover y Aceros Olarra, que provocaron importantes pérdidas financieras. Se reportaron pérdidas estimadas en millones de euros diarios en beneficios para Jaguar Land Rover, poniendo en riesgo unos empleos directos e indirectos en la cadena de suministro. El programa también presenta dos entrevistas: la primera con Luis Fernández, editor de la revista SIC, para discutir el próximo congreso Securmática (que celebra su 35ª edición) y el papel en evolución del CISO. Fernández enfatiza que el CISO debe mutar y hablar el lenguaje del negocio, integrando el riesgo tecnológico dentro del concepto más amplio de riesgos empresariales. La segunda entrevista es con Alberto Rodríguez de Rut Valencia, para adelantar la agenda de esa conferencia de ciberseguridad, incluyendo formaciones sobre DFIR, OPSEC, Red Team, ataques al directorio activo y hardware hacking. Twitter: @ciberafterwork Instagram: @ciberafterwork Panda Security: https://www.pandasecurity.com/es/ +info: https://psaneme.com/ https://bitlifemedia.com/ https://www.vapasec.com/ VAPASEC https://www.vapasec.com/ https://www.vapasec.com/webprotection/

In this episode of No Password Required, host Jack Clabby and guest host Sarina Gandy discuss the insights gained from their conversation with Demarcus Williams, a senior security engineer at Starbucks. They explore Demarcus's journey into cybersecurity, the importance of competitions like CCDC in career development, and the role of gut instinct in cybersecurity. The discussion also touches on the differences between corporate cultures, the significance of mentorship, and the fun aspects of the cybersecurity community, including a light-hearted lifestyle polygraph segment. TakeawaysDemarcus' curiosity about video games sparked his interest in cybersecurity.The transition from defense contracting to corporate roles offers broader access to tools.Gut feelings play a significant role in cybersecurity decision-making.Competitions like CCDC are crucial for career development in cybersecurity.Networking at competitions can lead to job opportunities.Corporate culture varies significantly between government contracting and tech companies.A people-first approach is essential in mentorship and cybersecurity.The red team experience enhances skills applicable to day-to-day work.Work-life balance is crucial in maintaining a sustainable career in cybersecurity.Engaging with the community is vital for personal and professional growth. Chapters00:00 Introduction to Cybersecurity and Curiosity02:47 Day-to-Day Life of a Senior Security Engineer05:30 The Role of Gut Instinct in Cybersecurity08:31 Early Inspirations and the Journey into Cybersecurity11:35 The Importance of Competitions in Career Development14:33 Transitioning from Student to Professional17:34 The Red Team Experience and Its Impact20:25 Recruitment Opportunities in Cybersecurity Competitions23:33 Navigating Corporate Culture in Cybersecurity26:31 Mentorship and People-First Approach29:11 Lifestyle Polygraph and Fun Insights

In Part 2 of InfosecTrain's Red Team Masterclass, we go deeper into the art of executing simulated cyber attacks. This session explores how red teams gain access, escalate privileges, and establish persistence within target environments — all under strict ethical and controlled conditions.

Welcome to Red Team Unleashed — Part 1 of InfosecTrain's masterclass on offensive security. In this episode we demystify how advanced red teams design realistic attack scenarios and test organizational defenses end-to-end. You'll learn the differences between red teaming and penetration testing, the common engagement types, and the full red team attack lifecycle. We also introduce the MITRE ATT&CK framework and dive into reconnaissance and enumeration techniques in Active Directory environments — the foundational skills every offensive operator and defender should know. Whether you're an ethical hacker, SOC analyst, or security professional aiming to level up, this session gives practical frameworks and real-world context to sharpen your offensive and detection capabilities.For certifications, structured training, or team workshops, visit: ⁠⁠infosectrain.com ⁠⁠For enquiries, email: ⁠⁠sales@infosectrain.com⁠⁠ or connect via ⁠⁠infosectrain.com⁠⁠⁠⁠/contact-us

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Faith Kent. Together, they delve into the critical role of effective communication, the art of role adaptation, and the psychological dynamics in crisis situations. The conversation highlights the importance of proactive preparedness and fostering trust within teams to tackle challenges with confidence. [Sept 15, 2025]   00:00 - Intro 00:42 - Faith Kent Intro 01:21 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                03:09 - Breaking & Entering 04:45 - Blending In 07:45 - Frank's Computer 10:13 - Unusual Communications 12:17 - Cochlear Implant 14:19 - Ethical Boundaries 16:11 - Community Pride 18:00 - Leaning Into the Discomfort 21:57 - Not an Afterthought 23:08 - Diversity for Security 27:00 – Trust, But Verify (Always) 28:23 - Wrap Up -          Deaf Gain: Raising the Stakes for Human Diversity -          https://gallaudet.edu/deaf-president-now/ -          https://www.lifeprint.com/ 29:03 - Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

Comment le ministère des Armées pourrait-il anticiper un arrêt simultané de toutes les infrastructures technologiques ou une super-explosion de gisements pétroliers plongeant la planète dans une nuit carbonique ? Dans ce nouvel épisode, Julia Tasse, directrice de recherche à l'IRIS et Maxime Thuillez, rédacteur en chef du Greenletter Club, s'entretiennent avec le Lieutenant-Colonel Jean-Baptiste Colas, conseiller prospective et anticipation stratégique au cabinet du Délégué général pour l'Armement et Virginie Tournay, auteure de science-fiction et membre de la RedTeam Défense du ministère des Armées. Ce projet de l'Agence de l'Innovation de Défense réunit depuis 2020 des auteurs et autrices de science-fiction et des experts scientifiques et militaires pour imaginer les menaces pouvant directement mettre en danger la France et ses intérêts à l'horizon 2030-2060. Cet exercice d'écriture de scénarios, remplacé par le programme RADAR depuis 2024 pour y inclure aussi la voix des citoyens, permet de confronter le ministère des Armées à de nouvelles pistes de réflexion concernant des enjeux stratégiques et opérationnels extrêmes, transformant les paradigmes intellectuels et institutionnels actuels.   Crédits :« Sur le front climatique » est un podcast de l'Observatoire Défense & Climat produit par l'IRIS pour le compte de la DGRIS du ministère des Armées. Cet entretien a été enregistré au ministère des Armées. Le Greenletter Club est un média qui réalise de longues interviews – en vidéo et en podcast – pour décortiquer les grands sujets écologiques : https://www.youtube.com/@greenletterclub4184  Édition : Julia Tasse et Maxime ThuillezPrise de son, communication : Coline LarocheMontage : Matisse DormoyGénérique : Near Deaf ExperienceHébergé par Ausha. Visitez ausha.co/politique-de-confidentialite pour plus d'informations.

What is Red Teaming, and what does it have to do with cybersecurity? In this episode, we look at how Red Teamers are hired to attack company security using all manner of tactics, from tossing malware-infested USB sticks into parking lots to posing as an HVAC technician. We also take a look at one of the most notorious Red Team exercises in history, when two Coalfire employees were arrested and fought a long legal battle, just for doing their jobs. ResourcesInside the Courthouse Break-In Spree That Landed Two White-Hat Hackers in JailDarknet Diaries Episode 59: The CourthouseCoalfire Systems websiteDEF CON 22 - Eric Smith and Josh Perrymon - Advanced Red Teaming: All Your Badges Are Belong To UsHow RFID Technology Works: Revolutionizing the Supply ChainNolaCon 2019 D 07 Breaking Into Your Building A Hackers Guide to Unauthorized Physical AccessSend us a textSupport the showJoin our Patreon to listen ad-free!

David M Frees returns to the Podiatry Legends Podcast to share a powerful strategic tool borrowed from the military: Red Team, Blue Team, and Purple Team thinking. We discuss how podiatry businesses can use this method to identify vulnerabilities, defend against threats, and uncover growth opportunities – creating a more resilient and profitable practice. Learn more about Dave's Training at Business Black Ops.  9 Key Takeaways from this Episode: The Red Team's job is to identify vulnerabilities and potential attacks on the business. The Blue Team focuses on defending the business and finding growth opportunities. Combining both perspectives creates the Purple Team, where the best ideas are integrated. Podiatry clinics often fail to review the effectiveness of marketing campaigns. Anticipating threats prevents panic when challenges arise. Inversion thinking helps identify what could destroy your business. Opportunities can be just as valuable as threat prevention. Having a facilitator improves the quality of Red/Blue Team sessions. Documenting scenarios and solutions creates a valuable reference for future challenges. If you found this episode helpful, share it with another podiatrist or business owner. And if you'd like guidance on implementing Red Team, Blue Team, Purple Team thinking in your practice, get in touch with me via email at tf@tysonfranklin.com or visit my website tysonfranklin.com. I'd love to help you future-proof your business. Visit the Podiatry Legends Podcast Website for more detailed show notes.  Join my Facebook Group - Podiatry Business Owners Club. Check out my YouTube Channel - Tyson E Franklin 

How has application security evolved over the decades? Carl and Richard talk to Michael Howard about his experiences working in security at Microsoft. Michael discusses his current role as a member of the Red Team at Microsoft, which identifies security vulnerabilities within the organization by creating scenarios that black hats might employ, such as stealing tokens or hijacking financial transactions. The conversation examines how security continues to evolve, with improved tools, new attack surfaces, and increasingly serious attacks. It's an arms race, but one the good guys can win!

How has application security evolved over the decades? Carl and Richard talk to Michael Howard about his experiences working in security at Microsoft. Michael discusses his current role as a member of the Red Team at Microsoft, which identifies security vulnerabilities within the organization by creating scenarios that black hats might employ, such as stealing tokens or hijacking financial transactions. The conversation examines how security continues to evolve, with improved tools, new attack surfaces, and increasingly serious attacks. It's an arms race, but one the good guys can win!

keywordscybersecurity, culinary arts, penetration testing, career transition, high-pressure situations, horror films, IT, social engineering, cooking, cybersecurity horror, dark web, pen testing, B-Sides community, cybersecurity, lifestyle polygraph, music, childhood memories, culinary skills, competition takeawaysKathy Collins transitioned from IT to culinary arts and back to cybersecurity.Her journey highlights the transferable skills between cooking and cybersecurity.Physical penetration testing involves unpredictable human elements.High-pressure situations in cooking can prepare one for cybersecurity challenges.Unexpected challenges can arise in both culinary events and cybersecurity tests.The importance of communication in cybersecurity engagements is crucial.Kathy's experience in cooking for large groups parallels the complexities of cybersecurity.The need for proper notification in penetration testing to avoid misunderstandings.Kathy's culinary background influences her approach to problem-solving in cybersecurity.There is a lack of big-budget horror films focused on cybersecurity. Going with the correct skeptical mindset is crucial.Using tools like Flare helps in dark web monitoring.B-Sides events are affordable and beneficial for newcomers.Engaging with the community fosters excitement and learning.Hannibal Lecter would be an interesting pen test partner.The Jaws soundtrack sets a perfect mood for stealth.Bonding over music can strengthen family relationships.Childhood toys can reveal early hacker tendencies.Culinary skills can be approached with a hacker mindset.Competition in cooking shows often emphasizes drama over skill. summaryIn this episode of the No Password Required podcast, host Jack Clabby and co-host Kaylee Melton welcome Kathy Collins, a security consultant at Secure Ideas. Kathy shares her unique journey from working in IT to pursuing a culinary career, and then back to cybersecurity. The conversation explores the transferable skills between cooking and cybersecurity, the unpredictability of physical penetration testing, and the high-pressure situations faced in both fields. Kathy also recounts memorable experiences from her culinary career and discusses the lack of horror films centered around cybersecurity. In this engaging conversation, the speakers delve into various aspects of cybersecurity, including the use of the dark web in penetration testing, the importance of community events like B-Sides, and the fun of the Lifestyle Polygraph segment. They also share personal anecdotes about music, childhood memories, and culinary skills, creating a rich tapestry of insights and experiences in the cybersecurity field. titlesFrom Chef to Cybersecurity: A Unique JourneyThe Culinary Path to CybersecurityHigh Stakes: Cooking and Cybersecurity Under PressurePenetration Testing: The Culinary Connection Sound Bites"I had to do some soul searching.""I was like, what if I have to do...""It's disturbingly easy.""There are so many opportunities there.""Going with the correct skeptical mindset.""We have a tool that we use called Flare.""They should attend them, first of all.""I had an Easy Bake Oven and took it apart." Chapters00:00 Introduction to Cybersecurity and Culinary Journeys02:46 From IT to Culinary Arts: A Unique Transition06:02 The Shift Back to Cybersecurity09:00 Experiences in Physical Penetration Testing11:48 High-Pressure Situations: Cooking vs. Cybersecurity15:02 Unexpected Challenges in Culinary Events17:54 The Intersection of Horror and Cybersecurity23:32 Exploring the Dark Web in Pen Testing25:34 Engaging with the B-Sides Community27:09 The Lifestyle Polygraph: Fun and Games 31:09 Bonding Over Music and Childhood Memories34:17 Culinary Skills and Competition Insights

Getting a start in cybersecurity has never been easy — but for today's aspiring pen testers, the entry barriers are even higher than they were a decade ago. In this conversation, Sean Martin and Marco Ciappelli sit down with Greg Hatcher and John Stigerwalt from White Knight Labs to unpack why they decided to flip the script on entry-level offensive security training.Greg, a former Army Special Operations communicator, and John, who got his break as a self-taught hacker, agree that the traditional path — expensive certifications and theoretical labs — doesn't reflect the reality of the work. That's why White Knight Labs is launching the Entry Level Pen Tester (ELPT) program. The idea is straightforward: make high-quality, practical training accessible to anyone, anywhere.Unlike other courses that focus purely on the technical side, the ELPT emphasizes the full skill set a junior pen tester needs. This means not just breaking into systems, but learning how to write clear reports, communicate effectively with clients, and operate as part of a real engagement team. John explains that even the best technical find is worthless if it's not explained properly or delivered with clear guidance for fixing the issue.Greg points out that the team culture at White Knight Labs borrows from his Special Forces days — small, specialized teams where each individual goes deep on a specific domain but works in tight coordination with others. Their goal for trainees mirrors this: to develop focused, practical skills while understanding how their piece fits into bigger, complex attack scenarios.Affordability and global access are key parts of the mission. The team wants the ELPT to open doors for people who might not have thousands to spend on training. By combining hands-on labs, in-depth modules, real-world scenarios, and a tough final exam, they aim to ensure that passing the ELPT means you're truly job-ready.For anyone considering a start in offensive security, this episode is a glimpse into a program designed to create more than just hackers — it's building adaptable, communicative professionals ready to hit the ground running.Learn more about White Knight Labs: https://itspm.ag/white-knight-labs-vukrGuests:John Stigerwalt | Founder at White Knight Labs | Red Team Operations Leader | https://www.linkedin.com/in/john-stigerwalt-90a9b4110/Greg Hatcher | Founder at White Knight Labs | SOF veteran | Red Team | https://www.linkedin.com/in/gregoryhatcher2/______________________Keywords: sean martin, marco ciappelli, greg hatcher, john stigerwalt, cybersecurity, pentesting, training, certification, whiteknightlabs, hacking, brand story, brand marketing, marketing podcast, brand story podcast______________________ResourcesVisit the White Knight Labs Website to learn more: https://itspm.ag/white-knight-labs-vukrLearn more and catch more stories from White Knight Labs on ITSPmagazine: https://www.itspmagazine.com/directory/white-knight-labsLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Send us a textThe Valley-From Coyote Ugly to Maui MessyPodcast Summary: The Valley Season 2, Episode 11 – “El Coyote Ugly”This episode was a rollercoaster of emotions, drama, and shifting alliances. We open with Kristen and Luke settling into domestic bliss, with Luke expressing his deep commitment to LA and starting a family. Meanwhile, Nia stirs the pot by confronting Zack about knowing of Luke's proposal and insists Jason and Janet should still be invited to Hawaii for authenticity's sake.At Jesse's house, a powerful men's group therapy session takes place with life coach Scott. Jax breaks down in tears, admitting his lifelong anger issues, especially toward his wife. Danny confesses to sneaky drinking habits, which shocks the group. There's a moment of attempted reconciliation between Jason and Danny, but trust is still shaky.The women head to El Coyote, and the night quickly turns chaotic. Tensions between Janet, Kristen, and Michelle explode over rumors, cheating accusations, and Kristen's friend Jenna. Janet aggressively inserts herself into Kristen and Michelle's conflict, prompting Kristen to walk out. Nia breaks down in tears, overwhelmed by the drama. Janet, unapologetic and loud, leaves too.Next, the cast gathers for a messy but fun Field Day — with egg tosses and tug-of-war. The Red Team dominates. Britt opens up to Janet about her divorce and Jax being served. Later, Jax and Kristen share a rare civil moment. Meanwhile, Luke picks up the ring for his upcoming proposal and reflects on his grandmother's illness, which has him emotionally rattled.Jax and Britt are supposed to meet up, but she no-shows after hearing he was drunk at his bar. She feels betrayed, especially since he was supposed to be on a healing journey.The group arrives in Hawaii — with Jesse and Zack awkwardly sharing the presidential suite. The girls try to patch things up poolside, and Janet apologizes to Nia, who remains cautious. Danny also owns up to stirring the pot and apologizes. Jesse reveals deep resentment toward Aaron, Michelle's new boyfriend, who started dating her while Jesse and Michelle were still married.Tensions remain high as Luke nervously prepares to propose, Jesse questions Aaron's integrity, and Kristen wonders why Luke is suddenly acting so distant.Support the showhttps://www.wewinewhenever.com/

In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Craig Nelson, who leads the elite Microsoft Red Team. Together, they dive into the art and impact of red teaming at Microsoft: what it means to simulate real-world attacks, how threat intelligence informs operations, and why collaboration between red and blue teams is crucial for organizational resilience.   Craig shares the surprising mission that blurred the lines between physical and cyber security, reflects on how AI is reshaping attacker tactics and defensive strategies, and offers advice for aspiring red teamers. From stories of early hacker days in the '90s to navigating the complexities of securing cloud and AI systems, this conversation is packed with insights on how Microsoft stays ahead of evolving threats.  In this episode you'll learn:       The role of human behavior in real-world security breaches  How Microsoft's Secure Future Initiative impacts security culture  What the Microsoft Red Team does and what it doesn't do  Some questions we ask:      How do you feel about getting caught during a red team operation?  What do you wish people paid more attention to in red team findings?  Is this new AI complexity good or bad for red teaming?    Resources:   View Craig Nelson on LinkedIn   View Sherrod DeGrippo on LinkedIn     Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider    The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

Nouvelle émission sur LEGEND avec trois experts en cybersécurité qui travaillent pour de grandes banques françaises et veillent à ce que des groupes de hackers ne pénètrent pas le réseau bancaire français. David fait partie de la Red Team, qui simule des attaques pour tester la sécurité d'un système, tandis que Cécile et Nicolas font partie de la Blue Team, qui défend ce système en détectant les intrusions, puis en les bloquant !On a également suivi les équipes de cybersécurité pour filmer des images de hacking en direct, où l'on prend le contrôle d'un ordinateur à distance.Découvrez de nombreuses offres d'emploi juste ici ➡️ https://link.influxcrew.com/LESBANQUESRECRUTENT-LEGENDRetrouvez la FBF sur les réseaux ⬇️YouTube ➡️ https://www.youtube.com/@FederationBancaireFrancaiseLinkedIN ➡️ https://www.linkedin.com/company/fbf/Les réseaux de l'OPCO Atlas ⬇️Instagram ➡️ https://www.instagram.com/orientationatlas/?hl=frYouTube ➡️ https://www.youtube.com/@JinvestislavenirTiktok ➡️ https://www.tiktok.com/@orientationatlas?lang=frLinkedIN ➡️ https://www.linkedin.com/company/opco-atlas/Collaboration commerciale avec FBF et OPCO AtlasPour toutes demandes de partenariats : legend@influxcrew.comRetrouvez-nous sur tous les réseaux LEGEND !Facebook : https://www.facebook.com/legendmediafrInstagram : https://www.instagram.com/legendmedia/TikTok : https://www.tiktok.com/@legendTwitter : https://twitter.com/legendmediafrSnapchat : https://t.snapchat.com/CgEvsbWV Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

In an era where Artificial Intelligence is redefining our world at a remarkably swift pace, the traditional way of doing things no longer guarantees decent outcomes. The transformation of how we work, create, and find meaning due to AI puts the conventional job pyramid into a disruptive mode. It's our responsibility to embrace curiosity, adapt boldly, and focus on delivering meaningful outcomes rather than routine tasks in order to thrive in this constantly changing landscape. It is no longer enough to simply work harder; it's essential to work smarter with the assistance of AI. The future belongs to those who are willing to combine the power of human creativity with the power of AI.   In this week's episode, Nathan and Scott bring their usual updates on what new changes occurred in the landscape of AI. Then they share thoughts on the differences in AI adoption between the private and nonprofit sectors. The nonprofits have a responsibility to use AI thoughtfully because it can magnify their impact and shape the future of technology at the same time. Nathan then explains the importance of redefining success by choosing joy over traditional job titles in an AI-driven world. He also comments on the importance of encouraging the younger generations to follow what they love instead of the paycheck or traditional career paths. Furthermore, Nathan and Scott pay attention to discussing a much-needed topic: the limitations of AI when it comes to providing the human connection. AI can definitely answer your questions, but it cannot make you feel heard as another human being. It's important to remember what a technology like AI is capable of and not capable of providing.   Wrapping up the conversation, Scott provides tips to train ChatGPT fast, and Nathan contributes with the ponder of the week and encourages people to slow down and take time to ground themselves with the reality of what surrounds them.   HIGHLIGHTS [02.04] AI in the private and nonprofit sectors.   [07.50] The weekly highlight on AI.   [14.12] Document by OpenAI's Red Team about AI resisting termination instructions.   [16.22] The responsibility of using AI thoughtfully.   [22.37] Redefining success.   [37.37] The Collapse of the Traditional Career Pyramid.   [31.14] The limitations of AI in providing the human connection.   [35.50] AI in the nonprofit sector.   [39.41] Tip of the Week – Train ChaatGPT fast with a quick profile of you and your work.   [43.20] Ponder of the Week – Slow down and ground yourself with the reality of what's around you.  Connect with Nathan and Scott: LinkedIn (Nathan): ⁠⁠⁠linkedin.com/in/nathanchappell/⁠⁠⁠ LinkedIn (Scott): ⁠⁠⁠linkedin.com/in/scott-rosenkrans⁠⁠⁠ Website: ⁠⁠⁠fundraising.ai/

Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastEd Williams, Vice President of EMEA Consulting and Professional Services (CPS) at TrustWave, shares his two decades of pentesting and red teaming experience with Cyber Work listeners. From building his first programs on a BBC Micro (an early PC underwritten by the BBC network in England to promote computer literacy) to co-authoring award-winning red team security tools, Ed discusses his favorite red team social engineering trick (hint: it involves fire extinguishers!), and the ways that pentesting and red team methodologies have (and have not) changed in 20 years. As a bonus, Ed explains how he created a red team tool that gained accolades from the community in 2013, and how building your own tools can help you create your personal calling card in the Cybersecurity industry! Whether you're breaking into cybersecurity or looking to level up your pentesting skills, Ed's practical advice and red team “war stories,” as well as his philosophy of continuous learning that he calls “Stacking Days,” bring practical and powerful techniques to your study of Cybersecurity.0:00 - Intro to today's episode2:17 - Meet Ed Williams and his BBC Micro origins5:16 - Evolution of pentesting since 200812:50 - Creating the RedSnarf tool in 201317:18 - Advice for aspiring pentesters in 202519:59 - Building community and finding collaborators 22:28 - Red teaming vs pentesting strategies24:19 - Red teaming, social engineering, and fire extinguishers27:07 - Early career obsession and focus29:41 - Essential skills: Python and command-line mastery31:30 - Best career advice: "Stacking Days"32:12 - About TrustWave and connecting with EdAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

In large enterprise software companies, Red and Blue Teams collaborate through Purple Teaming to proactively detect, respond to, and mitigate advanced threats. In this episode of CyberWire-X, N2K's Dave Bittner is joined by Adobe's Justin Tiplitsky, Director of Red Team and Ivan Koshkin, Senior Detection Engineer to discuss how their teams work together daily to strengthen Adobe's security ecosystem. They share real-world insights on how this essential collaboration enhances threat detection, refines security controls, and improves overall cyber resilience.   Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode, Michael, Sarah, and Mark talk to Craig Nelson, VP of the Microsoft Red Team about how the Red Team works to help secure Microsoft and its customers.In life, there are things you know you know, things you know you don't know, and finally, things you don't know you don't know. This episode is full of the latter.We also cover security news about LLMs and MCP, TLS 1.1 and 1.0 deprecation, Private End Point Improvements, Containers and more.https://aka.ms/azsecpod

Fred Wilmot, CEO and co-founder of Detecteam, and Sebastien Tricaud, CTO and co-founder, bring a candid and critical take on cybersecurity's detection and response problem. Drawing on their collective experience—from roles at Splunk, Devo, and time spent in defense and offensive operations—they raise a core question: does any of the content, detections, or tooling security teams deploy actually work?The Detecteam founders challenge the industry's obsession with metrics like mean time to detect or respond, pointing out that these often measure operational efficiency—not true risk readiness. Instead, they propose a shift in thinking: stop optimizing broken processes and start creating better ones.At the heart of their work is a new approach to detection engineering—one that continuously generates and validates detections based on actual behavior, environmental context, and adversary tactics. It's about moving away from one-size-fits-all IOCs toward purpose-built, context-aware detections that evolve as threats do.Sebastien highlights the absurdity of relying on static, signature-based detection in a world of dynamic threats. Adversaries constantly change tactics, yet detection rules often sit unchanged for months. The platform they've built breaks detection down into a testable, iterative process—closing the gap between intel, engineering, and operations. Teams no longer need to rely on hope or external content packs—they can build, test, and validate detections in minutes.Fred explains the benefit in terms any CISO can understand: this isn't just detection—it's readiness. If a team can build a working detection in under 15 minutes, they beat the average breakout time of many attackers. That's a tangible advantage, especially when operating with limited personnel.This conversation isn't about a silver bullet or more noise—it's about clarity. What's working? What's not? And how do you know? For organizations seeking real impact in their security operations—not just activity—this episode explores a path forward that's faster, smarter, and grounded in reality.Learn more about Detecteam: https://itspm.ag/detecteam-21686Note: This story contains promotional content. Learn more.Guests: Fred Wilmot, Co-Founder & CEO, Detecteam | https://www.linkedin.com/in/fredwilmot/Sebastien Tricaud, Co-Founder & CTO, Detecteam | https://www.linkedin.com/in/tricaud/ResourcesLearn more and catch more stories from Detecteam: https://www.itspmagazine.com/directory/detecteamWebinar: Rethink, Don't Just Optimize: A New Philosophy for Intelligent Detection and Response — An ITSPmagazine Webinar with Detecteam | https://www.crowdcast.io/c/rethink-dont-just-optimize-a-new-philosophy-for-intelligent-detection-and-response-an-itspmagazine-webinar-with-detecteam-314ca046e634Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, fred wilmot, sebastien tricaud, detecteam, detection, cybersecurity, behavior, automation, red team, blue team, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

We've been in enough conversations to know when something clicks. This one did — and it did from the very first moment.In our debut Brand Story with White Knight Labs, we sat down with co-founders John Stigerwalt and Greg Hatcher, and what unfolded was more than a company intro — it was a behind-the-scenes look at what offensive security should be.John's journey is the kind that earns your respect quickly: he started at the help desk and worked his way to CISO, before pivoting into red teaming and co-founding WKL. Greg's path was more unconventional — from orchestral musician to Green Beret to cybersecurity leader. Two very different stories, but a shared philosophy: learn by doing, adapt without a manual, and never take the easy route when something meaningful is on the table.That mindset now defines how White Knight Labs works with clients. They don't sell cookie-cutter pen tests. Instead, they ask the right question up front: How does your business make money? Because if you can answer that, you can identify what a real-world attacker would go after. Then they simulate it — not in theory, but in practice.Their ransomware simulation service is a perfect example. They don't just show up with a scanner. They emulate modern adversaries using Cobalt Strike, bypassing endpoint defenses with in-house payloads, encrypting and exfiltrating data like it's just another Tuesday. Most clients fail the test — not because they're careless, but because most simulations aren't this real.And that's the point.White Knight Labs isn't here to help companies check a box. They're here to expose the gaps and raise the bar — because real threats don't play fair, and security shouldn't pretend they do.What makes them different is what they don't do. They're not an all-in-one shop, and they're proud of that. They won't touch IR for major breaches — they've got partners for that. They only resell hardware and software they've personally vetted. That honesty builds credibility. That kind of focus builds trust.Their training programs are just as intense. Between live DEF CON courses and their online platform, they're giving both new and experienced professionals a chance to train the way they operate: no shortcuts, no watered-down certs, just hard-earned skills that translate into real-world readiness.Pass their ODPC certification, and you'll probably get a call — not because they need to check a hiring box, but because it proves you're serious. And if you can write loaders that bypass real defenses? You're speaking their language.This first conversation with John and Greg reminded us why we started this series in the first place. It's not just about product features or service offerings — it's about people who live and breathe what they do, and who bring that passion into every test, every client call, and every training they offer.We've got more stories with them on the way. But if this first one is any sign of what's to come, we're in for something special.⸻Learn more about White Knight Labs: Guests:John Stigerwalt | Founder at White Knight Labs | Red Team Operations Leader | https://www.linkedin.com/in/john-stigerwalt-90a9b4110/Greg Hatcher | Founder at White Knight Labs | SOF veteran | Red Team | https://www.linkedin.com/in/gregoryhatcher2/White Knight Labs Website | https://itspm.ag/white-knight-labs-vukr______________________Keywords: penetration testing, red team, ransomware simulation, offensive security, EDR bypass, cybersecurity training, White Knight Labs, advanced persistent threat, cybersecurity startup, DEF CON training, security partnerships, cybersecurity services______________________ResourcesVisit the White Knight Labs Website to learn more: https://itspm.ag/white-knight-labs-vukrLearn more and catch more stories from White Knight Labs on ITSPmagazine: https://www.itspmagazine.com/directory/white-knight-labsLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Bugged boardrooms. Insider moles. Social engineers posing as safety inspectors!? In this Talking Lead episode, Lefty assembles a veteran intel crew—Bryan Seaver U.S. Army Military Police vet and owner of SAPS Squadron Augmented Protection Services, LLC, a Nashville outfit running dignitary protection, K9 ops, and intelligence training. A *Talking Lead* mainstay!  He's got firsthand scoop on "Red Teaming"; Mitch Davis  U.S. Marine, private investigator, interrogator, Phoenix Consulting Group (now DynCorp) contractor, with a nose for sniffing out moles and lies; Brad Duley  U.S. Marine, embassy guard, Phoenix/DynCorp contractor, Iraq vet, deputy sheriff, and precision shooter, bringing tactical grit to the table —to expose the high-stakes world of corporate espionage. They pull back the curtain on real-world spy tactics that were used during the the "Cold War" era and are still used in today's business battles: Red Team operations, honeypots, pretexting, data theft, and the growing threat of AI-driven deception. From cyber breaches to physical infiltrations, the tools of Cold War espionage are now aimed at American companies, defense tech, and even firearms innovation. State-backed actors, insider threats, and corporate sabotage—it's not just overseas anymore.  Tune-in and get "Leaducated"!!

Bugged boardrooms. Insider moles. Social engineers posing as safety inspectors!? In this Talking Lead episode, Lefty assembles a veteran intel crew—Bryan Seaver U.S. Army Military Police vet and owner of SAPS Squadron Augmented Protection Services, LLC, a Nashville outfit running dignitary protection, K9 ops, and intelligence training. A *Talking Lead* mainstay! He's got firsthand scoop on "Red Teaming"; Mitch Davis  U.S. Marine, private investigator, interrogator, Phoenix Consulting Group (now DynCorp) contractor, with a nose for sniffing out moles and lies; Brad Duley  U.S. Marine, embassy guard, Phoenix/DynCorp contractor, Iraq vet, deputy sheriff, and precision shooter, bringing tactical grit to the table —to expose the high-stakes world of corporate espionage. They pull back the curtain on real-world spy tactics that were used during the the "Cold War" era and are still used in today's business battles: Red Team operations, honeypots, pretexting, data theft, and the growing threat of AI-driven deception. From cyber breaches to physical infiltrations, the tools of Cold War espionage are now aimed at American companies, defense tech, and even firearms innovation. State-backed actors, insider threats, and corporate sabotage—it's not just overseas anymore.  Tune-in and get "Leaducated"!!

Joas Santos é especialista em Red Team e traz uma visão prática sobre como pensar segurança de forma ofensiva. Falamos sobre engenharia social, testes de intrusão, inteligência de ameaças, mentoria e os desafios de construir defesas que realmente funcionam. Uma conversa direta com quem está na linha de frente da segurança cibernética no Brasil.

Get featured on the show by leaving us a Voice Mail: https://bit.ly/MIPVM FULL SHOW NOTES https://www.microsoftinnovationpodcast.com/672We dive deep into the world of AI security with Microsoft's Senior Offensive Security Engineer from the AI Red Team who shares insights into how they test and break AI systems to ensure safety and trustworthiness.TAKEAWAYS• Microsoft requires all AI features to be thoroughly documented and approved by a central board• The AI Red Team tests products adversarially and as regular users to identify vulnerabilities• Red teaming originated in military exercises during the Cold War before being adapted for software security• The team tests for jailbreaks, harmful content generation, data exfiltration, and bias• Team members come from diverse backgrounds including PhDs in machine learning, traditional security, and military experience• New AI modalities like audio, images, and video each present unique security challenges• Mental health support is prioritized since team members regularly encounter disturbing content• Working exclusively with failure modes creates a healthy skepticism about AI capabilities• Hands-on experimentation is recommended for anyone wanting to develop AI skills• Curating your own information sources rather than relying on algorithms helps discover new knowledgeCheck out the Microsoft co-pilot and other AI tools to start experimenting and finding practical ways they can help in your daily work.This year we're adding a new show to our line up - The AI Advantage. We'll discuss the skills you need to thrive in an AI-enabled world. DynamicsMinds is a world-class event in Slovenia that brings together Microsoft product managers, industry leaders, and dedicated users to explore the latest in Microsoft Dynamics 365, the Power Platform, and Copilot.Early bird tickets are on sale now and listeners of the Microsoft Innovation Podcast get 10% off with the code MIPVIP144bff https://www.dynamicsminds.com/register/?voucher=MIPVIP144bff Accelerate your Microsoft career with the 90 Day Mentoring Challenge We've helped 1,300+ people across 70+ countries establish successful careers in the Microsoft Power Platform and Dynamics 365 ecosystem.Benefit from expert guidance, a supportive community, and a clear career roadmap. A lot can change in 90 days, get started today!Support the showIf you want to get in touch with me, you can message me here on Linkedin.Thanks for listening

Every bank and fintech company has a suite of anti-fraud tools that they use to keep the bad guys out. Few tools are 100% effective, however, and often the implementation of these tools, along with their interfaces with other system leave gaps. And the fraudsters will exploit these gaps. So, how do you get a holistic view of your anti-fraud arsenal and discover where these gaps are?My next guest on the Fintech One-on-One podcast is Jerry Tylman, the co-founder and partner at Greenway Solutions and the founder of their Fraud Red Team. The Fraud Red Team is all about discovering the gaps, where the weaknesses in the anti-fraud systems are. They are 100% focused on financial services, working with many of the largest banks in the country as well as several fintech companies.In this podcast you will learn:How Greenway Solutions became focused on financial services.What a pen test is and the groundbreaking work they do with fraud controls.The different attack vectors that fraudsters use.Why banks and fintechs need the services of the Fraud Red Team.How successful they are in penetrating the fraud detection systems.How they interact with the anti-fraud providers to banks and fintechs.An example of a recent test they have done that penetrated anti-fraud systems.How they tackle the challenge of account onboarding.Why behavioral technology is a key piece of the puzzle.How deepfake video and audio are being used by fraudsters.The fascinating way that the Fraud Red Team works with deepfakes.Why companies have to completely rethink their internal authentication today.Some of the fintechs they have worked with recently.How they work with check fraud and why it is a growing problem.Why all financial institutions cannot stop investing in anti-fraud tools.Connect with Fintech One-on-One: Tweet me @PeterRenton Connect with me on LinkedIn Find previous Fintech One-on-One episodes

Former Trump administration cybersecurity official Sean Planky has been nominated to lead the Cybersecurity and Infrastructure Security Agency (CISA). His nomination comes amid significant layoffs at the agency, where over 100 employees were let go, including key members of the Red Team responsible for simulating cyberattacks. These cuts raise concerns about CISA's ability to maintain cybersecurity amid ongoing federal budget constraints, potentially leading to increased threats in the private sector as federal infrastructure and intelligence sharing weaken.In the realm of artificial intelligence, the General Services Administration (GSA) has introduced a custom chatbot named GSAI to automate various government tasks, coinciding with significant job cuts within the agency. While the chatbot aims to enhance efficiency, internal memos have warned employees against inputting sensitive information. This trend reflects a broader movement in the federal government towards tech-driven workforce reductions, raising questions about data privacy and the reliability of AI tools in government operations.Utah has made headlines by passing legislation requiring App Store operators to verify the ages of users and obtain parental consent for minors downloading apps. This law, aimed at enhancing online safety for children, has garnered support from major tech companies but has also faced criticism regarding potential infringements on privacy rights. The Supreme Court is expected to examine age verification issues, particularly concerning adult content websites, highlighting the ongoing debate over online safety regulations.The podcast also discusses the competitive landscape of AI, with Google reporting continued growth in search queries despite the rise of ChatGPT. New benchmarks have been developed to measure the honesty of AI models, revealing that larger models do not necessarily correlate with higher honesty rates. As companies like Microsoft and Amazon introduce advanced AI tools, the implications for businesses are significant, emphasizing the need for oversight and governance in AI deployment to mitigate risks associated with inaccuracies and compliance issues. Three things to know today00:00 Cybersecurity Jobs Cut, AI Hired, and Kids Get ID'd—Welcome to the Future of Tech Policy05:45 ChatGPT Isn't Killing Google Search—And AI Lies More Than You'd Think08:27 Microsoft and OpenAI: A Rocky Relationship, While AI Prices Tumble Supported by:  https://getflexpoint.com/msp-radio/  Event: https://www.nerdiocon.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

We come back to the other side of the brain dance and find that the crew we had gotten to know are actually the targets.  Our new team is coming for them and will squeeze Baron in anyway they need to to get it, but types like him have a few hardwire tricks up their sleeves... Thanks to A Wilhelm Scream for intro music, "Walkin' with Michael Douglas" more here https://www.awilhelmscream.com/  Theme song for Red Rising is "Neon Drifter" by Antti Martikainen.  All other scores are by Antti Martikainen and Adrian von Ziegler. Check us out online at www.nastygramrpg.com  Find us on Facebook at www.facebook.com/nastygram  and our group is at https://www.facebook.com/groups/865467380821766; we are @nastygramrpg on both Instagram and Twitter and on Tik Tok at @nastygram.rpg

This week on Hacker And The Fed former FBI agent Chris Tarbell and ex-black hat hacker Hector Monsegur discuss a shocking backdoor found in healthcare patient monitors linked to China, a major vulnerability in Subaru's Starlink system allowing remote vehicle control, and the ongoing concerns over modern cars collecting unnecessary user data. They also discuss cybersecurity career paths—Blue Team vs. Red Team—and how to build a well-rounded skillset. Plus, plenty of laughs, from muscle car nostalgia to an unexpected debate about pole vs. stripper dancing. Send HATF your questions at questions@hackerandthefed.com.

On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week Maria has the story on how the return to office life brings unique security challenges, highlighting the need for Red Team assessments to uncover and address physical and digital vulnerabilities, empowering organizations to proactively enhance workplace security and protect against evolving threats. Joe's story comes from the FCC's warning about a scam dubbed "Green Mirage," where fraudsters impersonate mortgage lenders, spoof caller IDs, and use social engineering to trick financially vulnerable homeowners into sending payments via unconventional methods, often only discovered when foreclosure proceedings begin. Last but not least, Dave's story is on how a Reddit user shared their cautious experiment with a suspected Airbnb scam involving a new account requesting to move to WhatsApp, agreeing to unusually high rental rates, and engaging in rapport-building tactics, with red flags pointing to potential financial fraud or phishing attempts. Our catch of the day comes from listener William, who spotted a phishing scam disguised as a security alert about a compromised crypto wallet, featuring an unsolicited QR code and a generic warning that targets even non-crypto users. Resources and links to stories: Navigating Workplace Security: Red Team Insights for the Return to Office FCC warns of 50-state scam by fraudsters posing as mortgage lenders FCC ENFORCEMENT ADVISORY I'm saying "Yes" to the Chinese long-term rental WhatsApp chat asking for video You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

This week on Hacker And The Fed former FBI agent Chris Tarbell and ex-black hat hacker Hector Monsegur discuss Yahoo's controversial decision to lay off its red team, the rise of North Korean IT workers infiltrating U.S. companies, and the ethical dilemmas around hacking. They also reflects on the desensitization to data breaches, debate the significance of protecting medical history, and share candid moments about their personal lives and experiences in the industry. Send HATF your questions at questions@hackerandthefed.com.

In this episode of The Cognitive Revolution, Nathan interviews Andrew White, Professor of Chemical Engineering at the University of Rochester and Head of Science at Future House. We explore groundbreaking AI systems for scientific discovery, including PaperQA and Aviary, and discuss how large language models are transforming research. Join us for an insightful conversation about the intersection of AI and scientific advancement with this pioneering researcher in his first-ever podcast appearance. Check out Future House: https://www.futurehouse.org Help shape our show by taking our quick listener survey at https://bit.ly/TurpentinePulse SPONSORS: Oracle Cloud Infrastructure (OCI): Oracle's next-generation cloud platform delivers blazing-fast AI and ML performance with 50% less for compute and 80% less for outbound networking compared to other cloud providers13. OCI powers industry leaders with secure infrastructure and application development capabilities. New U.S. customers can get their cloud bill cut in half by switching to OCI before December 31, 2024 at https://oracle.com/cognitive SelectQuote: Finding the right life insurance shouldn't be another task you put off. SelectQuote compares top-rated policies to get you the best coverage at the right price. Even in our AI-driven world, protecting your family's future remains essential. Get your personalized quote at https://selectquote.com/cognitive Shopify: Shopify is the world's leading e-commerce platform, offering a market-leading checkout system and exclusive AI apps like Quikly. Nobody does selling better than Shopify. Get a $1 per month trial at https://shopify.com/cognitive CHAPTERS: (00:00:00) Teaser (00:01:13) About the Episode (00:04:37) Andrew White's Journey (00:10:23) GPT-4 Red Team (00:15:33) GPT-4 & Chemistry (00:17:54) Sponsors: Oracle Cloud Infrastructure (OCI) | SelectQuote (00:20:19) Biology vs Physics (00:23:14) Conceptual Dark Matter (00:26:27) Future House Intro (00:30:42) Semi-Autonomous AI (00:35:39) Sponsors: Shopify (00:37:00) Lab Automation (00:39:46) In Silico Experiments (00:45:22) Cost of Experiments (00:51:30) Multi-Omic Models (00:54:54) Scale and Grokking (01:00:53) Future House Projects (01:10:42) Paper QA Insights (01:16:28) Generalizing to Other Domains (01:17:57) Using Figures Effectively (01:22:01) Need for Specialized Tools (01:24:23) Paper QA Cost & Latency (01:27:37) Aviary: Agents & Environments (01:31:42) Black Box Gradient Estimation (01:36:14) Open vs Closed Models (01:37:52) Improvement with Training (01:40:00) Runtime Choice & Q-Learning (01:43:43) Narrow vs General AI (01:48:22) Future Directions & Needs (01:53:22) Future House: What's Next? (01:55:32) Outro SOCIAL LINKS: Website: https://www.cognitiverevolution.ai Twitter (Podcast): https://x.com/cogrev_podcast Twitter (Nathan): https://x.com/labenz LinkedIn: https://www.linkedin.com/in/nathanlabenz/ Youtube: https://www.youtube.com/@CognitiveRevolutionPodcast Apple: https://podcasts.apple.com/de/podcast/the-cognitive-revolution-ai-builders-researchers-and/id1669813431 Spotify: https://open.spotify.com/show/6yHyok3M3BjqzR0VB5MSyk

This week on Hacker And The Fed former FBI agent Chris Tarbell and ex-black hat hacker Hector Monsegur discuss key cybersecurity challenges, from the effectiveness of phishing training to the ethical dilemmas of vulnerability disclosure. They explore how technical controls and employee education can work together to defend against increasingly sophisticated attacks, including SMS and social media phishing. They also dive into career advice for transitioning from Blue Team to Red Team roles and the complexities of the cybersecurity job market. And to close out, a heartfelt Thanksgiving message.

In this episode of the Breaking Badness Cybersecurity Podcast, Jason Haddix dives into his unique journey from red teaming and pentesting to leading security teams as a CISO in high-profile organizations, including a top gaming company. Jason unpacks the distinct challenges of securing a gaming company, where risks come not only from state actors but also from clout-seeking young hackers. He shares valuable insights on building scalable security programs, secrets management, and the importance of radical transparency in corporate security cultures. Tune in to hear why, in Jason's words, "gaming saved me from a misspent youth," and learn about his latest ventures into offensive security training and AI-driven security solutions.

It's the Red Team vs the Blue Team in the US's greatest spectator sport: The 2024 Presidential Election! Tom and Chuck spent the first part of the evening over on the Two Cops One Donut podcast and then asked the hosts of that show, Erik and Banning to join us on Locker Room LIVE for the election results and to talk about what they do on their show. Remember to like, subscribe, and leave a review to help us grow the podcast. Go to www.warstoriesofficial.com to listen to older episodes or to support us by buying our merch. You can also support us at https://patron.podbean.com/warstories... and follow us on Instagram @war_stories_official and Facebook at www.facebook.com/WarStoriesOfficialPodcast