Podcasts about senior security analyst

In this episode of Reimagining Cyber, Tyler Moffitt, Senior Security Analyst at OpenText Cybersecurity, delves inro the complex issue of insider threats. He concentrates on the two main types of insider threats: malicious insiders who knowingly abuse their access, and unintentional insiders who fall prey to phishing and other social engineering attacks. The conversation is highlighted by recent high-profile cases such as the Coinbase breach, where a third-party contractor was bribed, and the Scattered Spider group's attack on UK retailers like Marks and Spencer and Co-op. The episode explores the real-world financial impacts of these breaches and offers detailed strategies for defending against insider threats, emphasizing the importance of layered security, strict access controls, and thorough training. Listen to learn more about the evolving landscape of insider threats and how to protect your organization.Links mentioned in this episode:https://community.opentext.com/cybersecFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

In this episode of Reimagining Cyber,  Tyler Moffitt, Senior Security Analyst at OpenText Cybersecurity,  explores the evolution of fast flux — a once obscure spamming tactic that has now become a serious national security concern. Learn how this evasive DNS technique enables ransomware groups and nation-state actors to stay resilient, hide their infrastructure, and extend the life of their attacks.Tyler breaks down how fast flux works, why it's seeing renewed attention from the NSA and CISA, and what security teams can do to detect and defend against it. From DNS filtering and anomaly detection to the role of ransomware affiliates and cybercriminal business models, this episode delivers deep insights into one of today's most pressing cybersecurity threats.Key topics:Fast flux: what it is and why it matters nowHow it's being used to protect ransomware infrastructure and leak sitesDetection strategies and red flags for defendersThe bigger picture: national security, affiliate models, and the cybercrime economyPractical steps enterprises can take to prepare and protectDon't miss this eye-opening discussion. Be sure to check out Tyler's blog for a deeper dive.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

Ryan, a senior security analyst, stresses the importance of strategic planning and risk management in cybersecurity. He pointed out that many teams are bogged down by daily alerts, leaving little time for proactive measures. Ryan advocated for the use of managed detection and response services to focus on long-term strategies and highlighted the need for a balance between strong defense and offense. He also discussed the potential of AI and machine learning in managing and analyzing large amounts of data. In a more lighthearted moment, Ryan shared his fond childhood memories with the TRS-80 and Apple II and confirmed that he still enjoys playing retro games.   Connect with Ryan: https://www.linkedin.com/in/ryan-gregory-9bb03236/ Visit Coalition: https://www.coalitioninc.com/   Visit ShortArms website: https://www.shortarmsolutions.com/    You can follow us at: Linked In: https://www.linkedin.com/company/shortarmsolutions  YouTube: https://www.youtube.com/@shortarmsolutions   Twitter/X: https://twitter.com/ShortArmSAS

Ryan, a senior security analyst, stresses the importance of strategic planning and risk management in cybersecurity. He pointed out that many teams are bogged down by daily alerts, leaving little time for proactive measures. Ryan advocated for the use of managed detection and response services to focus on long-term strategies and highlighted the need for a balance between strong defense and offense. He also discussed the potential of AI and machine learning in managing and analyzing large amounts of data. In a more lighthearted moment, Ryan shared his fond childhood memories with the TRS-80 and Apple II and confirmed that he still enjoys playing retro games.   Connect with Ryan: https://www.linkedin.com/in/ryan-gregory-9bb03236/ Visit Coalition: https://www.coalitioninc.com/   Visit ShortArms website: https://www.shortarmsolutions.com/    You can follow us at: Linked In: https://www.linkedin.com/company/shortarmsolutions  YouTube: https://www.youtube.com/@shortarmsolutions   Twitter/X: https://twitter.com/ShortArmSAS

In this episode of Reimagining Cyber, host Rob Aragao is joined by Tyler Moffitt, Senior Security Analyst at OpenText, to dive into key findings from the 2024 Threat Hunters Perspective report. Tyler, a veteran in malware analysis, shares insights on the latest adversary tactics, cybercrime trends, and the methodology behind their research. They discuss the complex interplay of nation-state actors like Russia and China, who are leveraging cybercrime gangs to bolster their offensive campaigns, and explore the alarming regularity of DDoS attacks on critical infrastructure in response to geopolitical events.The conversation also covers intriguing case studies, including real-time attacks on Western railway networks after public support for Ukraine, coordinated cyber disruptions during election cycles, and incidents where threat actors demonstrated insider intelligence on military shipments. Tyler offers predictions for the future, warning of an intensifying cyber arms race and the growing impact of generative AI on social engineering, deepfakes, and misinformation.The episode wraps up with practical advice for improving cybersecurity hygiene, emphasizing the importance of patch management, multi-factor authentication, and understanding supply chain vulnerabilities. A compelling listen for anyone interested in staying informed and prepared in the evolving cybersecurity landscape.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com

In this episode, Oluwakayode and Confidence MacHarry discuss the rising cost of insecurity. Tune in for an insightful conversation on the growing impact of security challenges and their economic consequences.

On this episode Greg chats with Dominique Carney, a multi disciplined technologists who went from studying and obtaining a degree in Anthropology to earning her Masters in Human Computer Interaction.Greg talks to Dominique about her tech journey which includes being a Database Administrator, to a Senior Security Analyst to a UX Researcher. Dominique also discusses becoming a subject matter expert in AI and Security.

Military kids will experience on average 6-9 school transitions from kindergarten to high school graduation. They live a unique lifestyle filled with many adventures. Listen as Cory, a military child all grown up, shares his story and the impact growing up in a military community has had on his life.  This podcast is made possible by generous funding from the Mildenhall Spouses' Association. To learn more, visit https://www.mildenhallspousesassociation.com/.  Audio mixing by Concentus Media, Inc., Temple, Texas.    Show Notes:  Bio:  Cory Petko is a 24-year-old Senior Security Analyst with a dedication to keeping systems safe and promoting security awareness. As the son of a retired Navy Senior Chief, he deeply understands the unique challenges of a military child and has a strong appreciation for our service members. He currently works at a defense contractor, working to protect their systems and digital assets, and plays a vital part in supporting the company's mission to supply critical equipment to our men and women in uniform. 

In episode 62 of Cybersecurity Where You Are, co-host Sean Atkinson sits down with Chris Elgee, Senior Security Analyst at Counter Hack; and Erik Pursley, Technical Engineer at Counter Hack. Together, they discuss the "spidey sense" that goes into being a penetration tester. They reflect on key skills and certifications that help to make a successful pentester, review some of the methodologies that go into pentesting, and consider how specialization might be inevitable in an evolving technology landscape. They conclude by offering advice to organizations that are looking to engage in a pentest.ResourcesFollow Chris and Erik on LinkedInCounter HackA CISO's Best Friend: The PentesterEpisode 59: Probing the Modern Role of the PentestEpisode 49: Artificial Intelligence and CybersecurityEpisode 55: Live at RSA Conference 2023If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

Guest: Matt Brown, Senior Security Analyst at ISE [@ISEsecurity]On LinkedIn | https://www.linkedin.com/in/mattbrwn/________________________________Hosts:Ben SchmerlerOn ITSPmagazine  

Guest: Matt Brown, Senior Security Analyst at ISE [@ISEsecurity]On LinkedIn | https://www.linkedin.com/in/mattbrwn/________________________________Hosts:Ben SchmerlerOn ITSPmagazine  

In this episode, we discuss Cyber Risks in the Remote-Work World with Tyler Moffitt of OpenText Security. We ask him if remote work is making this risky cyber behavior worse and look at the recent Uber breach to learn what organizations should do to ensure employees are prepared these days.PanelistsTyler Moffitt, Senior Security Analyst

Doug talks to Cody a Senior Security Analyst at a Tech Company, by day! He is having success in the health niche! Cody's Twitter Formatr IO Lindy Health Please Support the Sponsors for the Doug.Show. Odys: Get $100 (USD or EUR) added to your account as a welcome bonus if you are accepted! Also, check out: Mile High Fi Mile High Fi Store Contact me. Ask Questions! Send me an email here: feedback@doug.show Leave a voicemail: (406) 813-0613

Doug talks to Cody a Senior Security Analyst at a Tech Company, by day! He is having success in the health niche! Cody's Twitter Formatr IO Lindy Health Please Support the Sponsors for the Doug.Show. Odys: Get $100 (USD or EUR) added to your account as a welcome bonus if you are accepted! Also, check out: Mile High Fi Mile High Fi Store Contact me. Ask Questions! Send me an email here: feedback@doug.show Leave a voicemail: (406) 813-0613

Ron explores some weird and confusing public bathroom signs.... Guest: Tyler Moffitt is Webroot's Senior Security Analyst

This episode invites hardware experts to discuss hardware CWEs and the 2021 CWE Most Important Hardware Weaknesses. We discuss how this list will help the community, their favorite entries and surprising items on the list, and stories around hardware weaknesses. Guests include:  Jason Fung, Director of Offensive Security Research and Academic Research Engagement at Intel Jason Oberg, Cofounder and Chief Technology Officer at Tortuga Logic Paul Wortman, Cybersecurity Research Scientist at Wells Fargo Jasper von Woudenberg, CTO of Riscure North America and author of the Hardware Hacking Handbook  Nicole Fern, Senior Security Analyst at Riscure  References from this episode: The 2021 CWE Most Important Hardware Weaknesses: https://cwe.mitre.org/scoring/lists/2021_CWE_MIHW.html 

SOC analysts are often overworked and under-appreciated — but that needs to change! How and where do the SOC and the SOC analyst make positive impacts on the business? That's exactly what we explore in this new episode.In this special panel held live during the first-ever SOC Analyst Appreciation Day, we get to speak with Kathy Wang, the CISO at Very Good Security and former SOC Analyst, Amina Aggarwal, a Senior Security Analyst at Workday, and Bennett Hendrix III, a Tier 1 SOC Analyst at CyberClan. During our conversation, we look at the past, present, and future of the SOC analyst role.ITSPmagazine is proud to partner with Devo to recognize the efforts put in by the practitioners working away in the trenches and on the front lines of cybersecurity. Join us to help us recognize them and their efforts.About the SOC Analyst Appreciation DayJoin us for five hours of live-streamed content — with sessions ranging from what skills are needed to move up in the SOC, to desk decompression from a yoga instructor, to a panel discussion about a day in the life of a SOC, to a "Lunch & Laugh" where a stand-up comedian will provide some much-needed de-stressing entertainment. There's a ton to celebrate — let's do this!Learn more about SOC Analyst Appreciation Day and watch the video of this panel: https://itspm.ag/devoq0zz______________________________GuestsKathy WangOn Linkedin | https://www.linkedin.com/in/kathywang/On Twitter | https://twitter.com/wangkathy and https://twitter.com/WiCySorgAmina AggarwalOn Linkedin | https://www.linkedin.com/in/aminaagg/On Twitter | https://twitter.com/amina_aggarwalBennett Hendrix IIIOn Linkedin | https://www.linkedin.com/in/bennetthendrixiii/On Twitter | https://twitter.com/OneCyversity______________________________To see and hear more conversations about and from this event as we explore the personal, technical, operational, and innovative aspects of this role:

Today, The Two Mikes spoke with Michael Waller, who is the Vice President and the Senior Security Analyst at the Center for Security Studies in Washington, DC. Our talk covered a broad range of topics including Biden's well-orchestrated debacle in Afghanistan, an event that demonstrated that neither the U.S. government -- under either party -- nor U.S. military flag officers have much knowledge about the world or the history that brought the world to its present predicaments. Sponsors:- Our Gold Guy - Talk to IRA about whether investing in gold is right for you. Let them know Two Mikes sent you at http://ourgoldguy.com - My Pillow - Support a true Patriot in Mike Lindell by ordering pillows and sheets. Promo Code TWOMIKES http://mypillow.com - Freedom Phone - Break away from Big Tech and order a Freedom Phone. Promo Code COLONELMIKE https://freedomphone.com/?ref=toomikes- Freedom First Coffee - Drink the coffee of Patriots. Use code TWOMIKES for 10% off at http://freedomfirstcoffee.com - Freedom First Apparel - Look as patriotic as you feel. Use code TWOMIKES for 10% off at http://freedomfirstshop.com

2020 was an unprecedented year in terms of cybercrime. In this episode, Tyler Moffitt, Senior Security Analyst at Webroot, an OpenText company, sits down with host Joe Panettieri to explore Webroot's BrightCloud Threat Report. Their conversation covers the report's major findings and what steps businesses can take to build durable resistance.

There has been a worrying rise in ransomware activity. Recent attacks on organizations like the Houston Rockets and the emergence of Babuk ransomware have caused major concern. Tyler Moffitt, Senior Security Analyst at Webroot, an OpenText company, returns to the podcast to address these developments and how companies can protect themselves through multi-level security planning.

Erv is a Senior Security Analyst for AT&T originally from Richmond, Va. Erv attended the illustrious North Carolina A&T. He recently has had a lot of life changes and super open about his faith and spiritual journey. In this episode we address things like: What was the college selection process like coming from an inter-city environment? Major transitions in his life. How did your faith develop in your recent years? Erv's IG: @e_mcbrideiv Support him and his platform "Acts of sERVice" on his IG page Support the podcast here: https://anchor.fm/jonathan-barrett4/support Website link: https://anchor.fm/jonathan-barrett4 Personal IG: @jbthemasses Show IG: @_forthemassespodcast --- Send in a voice message: https://anchor.fm/jonathan-barrett4/message --- Send in a voice message: https://podcasters.spotify.com/pod/show/forthemasses/message Support this podcast: https://podcasters.spotify.com/pod/show/forthemasses/support

This week, In the first segment, we welcome Damon Small, Technical Director of Security Consulting at NCC Group, for an interview covering the Florida Water Treatment Facility Hack, and the Convergence of OT & IT! Next up, Artisom Holub, Senior Security Analyst and Austin McBride, Data Scientist, from Cisco Umbrella join to talk about some Chart Topping Threats and How Attacks will rage in 2021! In the Enterprise Security News: XM Cyber Announces Integration with Palo Alto Network's Cortex XSOAR, API Security Lessons Learned, Cycode Raises $20 Million, HelpSystems Acquires Beyond Security, Accurics Terrascan integrates with the Argo Project, Cequence Security API Sentinel 2.0, Seclore Security24 protects sensitive data, Who’s Really Behind the Colonial Pipeline Cyberattack?, Forcepoint acquires Cyberinc, Sophos launches industry’s only XDR solution for endpoint, server, firewall and email security?, and more!   Show Notes: https://securityweekly.com/esw227 Visit https://securityweekly.com/ciscoumbrella to learn more about them!   Segment Resources: https://newsroom.nccgroup.com/news/insight-florida-citys-water-supply-attack-420952 https://www.cnn.com/2021/02/13/us/florida-hack-remote-access/index.html   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, In the first segment, we welcome Damon Small, Technical Director of Security Consulting at NCC Group, for an interview covering the Florida Water Treatment Facility Hack, and the Convergence of OT & IT! Next up, Artisom Holub, Senior Security Analyst and Austin McBride, Data Scientist, from Cisco Umbrella join to talk about some Chart Topping Threats and How Attacks will rage in 2021! In the Enterprise Security News: XM Cyber Announces Integration with Palo Alto Network's Cortex XSOAR, API Security Lessons Learned, Cycode Raises $20 Million, HelpSystems Acquires Beyond Security, Accurics Terrascan integrates with the Argo Project, Cequence Security API Sentinel 2.0, Seclore Security24 protects sensitive data, Who’s Really Behind the Colonial Pipeline Cyberattack?, Forcepoint acquires Cyberinc, Sophos launches industry’s only XDR solution for endpoint, server, firewall and email security?, and more!   Show Notes: https://securityweekly.com/esw227 Visit https://securityweekly.com/ciscoumbrella to learn more about them!   Segment Resources: https://newsroom.nccgroup.com/news/insight-florida-citys-water-supply-attack-420952 https://www.cnn.com/2021/02/13/us/florida-hack-remote-access/index.html   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Corey Nachreiner, CTO at network security company WatchGuard Technologies, and Marc Laliberte, a senior security analyst at WatchGuard join me on the Tech Talks Daily Podcast. Corey and Marc discuss the state of the security market and share their security predictions, including prominent attacks and infosec trends that the WatchGuard Threat Lab research team believes will emerge this year. I learn more about the tidal wave of automated spear-phishing campaigns, how hackers are infesting home networks with worms, and how attackers are swarming VPNs and RDPs as the remote workforce grows. We also discuss the key steps organizations can take to improve their security posture. About Corey Nachreiner Corey Nachreiner is the CTO of WatchGuard Technologies. A front-line cybersecurity expert for nearly two decades, Corey regularly contributes to security publications and speaks internationally at leading industry trade shows like RSA. He has written thousands of security alerts and educational articles and is the primary contributor to the Secplicity Community, which provides daily videos and content on the latest security threats, news and best practices. A Certified Information Systems Security Professional (CISSP), Corey enjoys "modding" any technical gizmo he can get his hands on and considers himself a hacker in the old sense of the word. About Marc Laliberte Marc Laliberte is a Senior Security Analyst at WatchGuard Technologies. Specializing in networking security protocols and Internet of Things technologies, Marc’s day-to-day responsibilities include researching and reporting on the latest information security threats and trends. He has discovered, analyzed, responsibly disclosed and reported on numerous security vulnerabilities in a variety of Internet of Things devices since joining the WatchGuard team in 2012. With speaking appearances at industry events including RSA and regular contributions to online IT, technology and security publications, Marc is a thought leader who provides insightful security guidance to all levels of IT personnel. About WatchGuard WatchGuard Technologies, Inc. is a global leader in network security, endpoint security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by more than 18,000 security resellers and service providers to protect more than 250,000 customers. WatchGuard’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for midmarket businesses and distributed enterprises. The company is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America.

Jim Madsen, Senior Security Analyst (and former college cheerleader) talks about the confidence needed to start a new job or activity, and how we should learn to accept ourselves as good enough ... for now. --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app Support this podcast: https://anchor.fm/john-barrett6/support

Guest Richard Morrell, Senior Security Analyst & Security Editor, and Founder of SmoothWall joins Guy Martin to discuss Standards and open source needing to work together to build better security postures & infrastructures.

Aladdin is a Senior Security Analyst at Sony. He put together a 10 year plan and accomplished everything on his list within 7. Within those 7 years he managed to double his income TWICE and applied a few key concepts from the books he was reading to reach the next level in his life.

In the second episode of the UNSECURITY Podcast's Women in Security series, Evan and Brad chat with Lori Blair. Lori is a Senior Security Analyst with FRSecure and has done fantastic work over a 35-year career in IT and security. Together, the three discuss her path and some of her thoughts on the industry. Give it a listen and let us know what you think at unsecurity@protonmail.com.

This week, we welcome Eric Brown, Senior Security Analyst at LogRhythm, to talk about the Outlook on Phishing in 2020! In our second segment, we welcome back Micah Hoffman, Principal Investigator at Spotlight Infosec, to discuss OSINT in Cyber! In the Security News, HackerOne breach lets outside hacker read customers private bug reports, Two malicious Python libraries caught stealing SSH and GPG keys, Smash-and-grab car thieves use Bluetooth to target cars containing tech gadgets, and If You Bought a Smart TV on Black Friday, the FBI Has a Warning for You!   Show Notes: https://wiki.securityweekly.com/PSWEpisode629 To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Eric Brown, Senior Security Analyst at LogRhythm, to talk about the Outlook on Phishing in 2020! In our second segment, we welcome back Micah Hoffman, Principal Investigator at Spotlight Infosec, to discuss OSINT in Cyber! In the Security News, HackerOne breach lets outside hacker read customers private bug reports, Two malicious Python libraries caught stealing SSH and GPG keys, Smash-and-grab car thieves use Bluetooth to target cars containing tech gadgets, and If You Bought a Smart TV on Black Friday, the FBI Has a Warning for You!   Show Notes: https://wiki.securityweekly.com/PSWEpisode629 To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Sellers of malware on Dark Web forums often use No Distribute malware scanning tools to help verify the effectiveness of their wares, while preventing legitimate virus scanning tools from adding the malware to their database. Daniel Hatheway is a Senior Security Analyst at Recorded Future, and he takes us through their recently published research, Uncover Unseen Malware Samples with No Distribute Scanners.   

Sellers of malware on Dark Web forums often use No Distribute malware scanning tools to help verify the effectiveness of their wares, while preventing legitimate virus scanning tools from adding the malware to their database. Daniel Hatheway is a Senior Security Analyst at Recorded Future, and he takes us through their recently published research, Uncover Unseen Malware Samples with No Distribute Scanners.    The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative. Thanks to our sponsor Enveil, closing the last gap in data security.

In today’s show, I talk with Jacqueline Sutherland who works for The Chertoff Group. Jacqueline is a Senior Security Analyst who has extensive knowledge in counterterrorism. Jacqueline’s career couldn’t be more different than mine and it was incredibly insightful to learn about her experiences studying abroad and a day in her life is like. In today’s episode, you'll find out: How her family reacted when she decided to study abroad in Istanbul in 2012. What it was like going to school amidst protesters who were getting tear gassed and water bombed, and having to crawl through a window just to get to an exam. What the counter culture shock was like after getting back to the States. The first thing she does when she gets up in the morning that changed her life. Her thoughts on the huge DDOS attack that happened earlier in 2017. Where to start when you're figuring out what to do when a huge cyber attack happens. What it's like working for the government on counterterrorism efforts vs. working for private companies. How she stays organized in the midst of having a schedule that can change within minutes. Why employing a younger generation is so important to the counterterrorism industry. How she established credibility with older generations / with new clients when she was just starting out. Advice for anyone who wants to get into the counterterrorism industry. How she got her first BBC news interview How she turns her brain off at night after a long day working in a chaotic environment. Her thoughts on the current state of affairs and what she thinks the US should be doing to fight against terrorism right now in 2017. Full show notes at: brittneyllynn.com/002   Links mentioned: Make Your Bed: Little Things That Can Change Your Life...And Maybe the World   Real Clear World   Real Clear Defense   Jacqueline's LinkedIn profile   Articles Jacqueline has written: Could ISIS’s next caliphate be in cyberspace?   Beyond the Caliphate   The Next 9/11: What's the Next Impossible Terror Threat?   Will ISIS Rebuild in Afghanistan?   Like the show? There are several ways you can help! Subscribe on iTunes, Stitcher, or Google Play Leave an honest review on iTunes. The ratings and reviews help for two reasons: 1) Most importantly, I get to know you, the listener, and what content you enjoy the most. 2) The more reviews the podcast has, the better chance it has at getting in front of new listeners. Follow on Facebook, Twitter, or Instagram Join the Facebook group to interact with guests and other listeners Join the Day in the Life newsletter

Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Panel-Comedy-Inception-Amanda-Berlin-Blue-Team-Hell.pdf DEF CON Comedy Inception: How many levels deep can we go? Larry Pesce Senior Security Analyst, InGuardians Chris Sistrunk Mandiant/FireEye Will "illwill" Genovese Chris Blow Rook Security Dan Tentler Carbon Dynamics Amanda Berlin Hurricane Labs This year at DEF CON a former FAIL PANEL panelist attempts to keep the spirit alive by playing moderator. Less poetry, more roasting. A new cast of characters, more lulz, and no rules. Nothing is sacred, not the industry, not the audience, not even each other. Our cast of characters will bring you all sorts of technical fail, ROFLCOPTER to back it up. No waffles, but we have other tricks up our sleeve to punish, er, um, show love to our audience, all while raising money of the EFF and HFC. The FAIL PANEL may be dead, but the “giving” goes on. Larry Pesce is a Senior Security Analyst with InGuardians. His recent experience includes providing penetration assessment, architecture review, hardware security assessment, wireless/radio analysis, and policy and procedure development for a wide range of industries including those in the financial, retail, and healthcare verticals. Larry is an accomplished speaker, having presented numerous times at industry conferences as well as the co-host of the long running multi-award winning Security Podcast, Paul's Security Weekly. and is a certified instructor with the SANS Institute. Larry is a graduate of Roger Williams University. In his spare time he likes to tinker with all things electronic and wireless. Larry is an amateur radio operator holding his Extra class license and is regularly involved in emergency communications activities. In 1972 a crack commando unit was sent to prison by a military court for a crime they didn't commit. These men promptly escaped from a maximum security stockade.... making the decision to leave Amanda behind. Ms. Berlin is now rumored to have illegitimate children by Saudi Oil barons hidden all over the world in at least 27 countries but this can neither be confirmed nor denied. Amanda Berlin is a Network Security Engineer at Hurricane Labs. She is most well known for being a breaker of hearts, knees, and SJW's. Bringing "Jack of All Trades" back to being sexy, she has worked her fingers to the bone securing ISPs, Healthcare facilities, Artificial Insemination factories, and brothels. Amanda managed the internal phishing campaign at a medium size healthcare facility to promote user education about phishing and hacking through an awards based reporting program. She is a lead organizer for CircleCityCon, volunteers at many other conferences, and enjoys writing and teaching others. Twitter: @InfoSystir Chris Blow is a Senior Technical Advisor with Rook Security. His most recent experience includes: penetration testing, social engineering, red team exercises, policy and procedure guidance focused on HIPAA and PCI DSS, developing security awareness programs, performing HIPAA assessments and serving as a Qualified Security Assessor for the Payment Card Industry. @b10w In reality, his primary duties are to be told by various clients that “security is hard” and to just “accept the risk.” He’s also well-versed in being told to keep vulnerable assets and people “out of scope.” Chris is a graduate of Purdue University in West Lafayette, IN. Besides trying to keep up with all-things-InfoSec, Chris enjoys playing guitar, singing, and DJing. Twitter: @b10w illwill is a rogue blackhat as fuck subcontractor for top secret global governments. He spends his off time enjoying bubble baths, recovering from a debilitating injury as infosystir's former bean fluffer and hand carves realistic thrones made from discarded dildos found dumpster diving behind a porn store in Los Angeles. Dan Tentler likes to break things. He's also an expert on failure. Ask him about it. But ask with scotch. Twitter: @viss @chrissistrunk

Slides Here: https://defcon.org/images/defcon-22/dc-22-presentations/Mortman/DEFCON-22-Fail-Panel-Defcon-Comedy-Jam-VII.pdf DEF CON Comedy Jam Part VII, Is This The One With The Whales? David Mortman @MORTMAN Rich Mogull @RMOGULL Chris Hoff @BEAKER Dave Maynor @ERRATADAVE Larry Pesce @HAXORTHEMATRIX James Arlen @MYRCURIAL Rob Graham @ERRATAROB Alex Rothman Shostack @ARS_INFOSECTICA Weeeeeeeeee're baaaaaack. Bring out your FAIL. It's the most talked about panel at DEF CON! A standing room only event with a wait list at the door. Nothing is sacred, not the industry, not the audience, not even each other. Last year we raised over $2000 for the EFF and over $5000 over the last 5 years, let's see how much we can raise this year.... David Mortman is the Chief Security Architect and Distinguished Engineer at Dell Enstratius and is a Contributing Analyst at Securosis. Before enStratus, he ran operations and security for C3. Formerly the Chief Information Security Officer for Siebel Systems, Inc., Previously, Mr. Mortman was Manager of IT Security at Network Associates. Mr. Mortman has also been a regular panelist and speaker at RSA, Blackhat, DEF CON and BruCon as well. Mr.Mortman sits on a variety of advisoryboards including Qualys, Lookout and Virtuosi. He holds a BS in Chemistry from the University of Chicago. David writes for Securosis, Emergent Chaos and the New School blogs. James Arlen, CISA, is a senior consultant at Leviathan Security Group providing security consulting services to the utility, healthcare and financial verticals. He has been involved with implementing a practical level of information security in Fortune 500, TSE 100, and major public-sector corporations for over 20 years. James is also a contributing analyst with Securosis, faculty at IANS and a contributor to the Liquidmatrix Security Digest. Best described as: "Infosec geek, hacker, social activist, author, speaker, and parent." His areas of interest include organizational change, social engineering, blinky lights and shiny things. Larry is a Senior Security Analyst with InGuardians performing penetration testing, wireless assessments, and hardware hacking. He also diverts a significant portion of his attention co-hosting the Paul's Security Weekly podcast and likes to tinker with all things electronic and wireless, much to the disappointment of his family, friends, warranties, and his second Leatherman Multi-tool. Larry is an Extra Class Amateur Radio operator (KB1TNF) and enjoys developing hardware and real-world challenges for the Mid-Atlantic Collegiate Cyber Defense Challenge.

We needed a protocol that allowed us to tell a server that we are who we say we are, have it work across NAT, use TCP, UDP, or ICMP as the transport mechanism, act as an extra layer of security, and be secure itself. Oh, and do so with a single packet. Sound crazy? It's actually very useful. We've come up with a Single Packet Authorization (SPA). This is a protocol for a remote user to send in a request to a server which I cannot be replayed and which uniquely identifies the user. The proof-of-concept code alone is worthy of a presentation itself, but SPA is so much more. This is not port-knowcking (although SPA can easily replace port-knocking with something much more secure). MadHat leads the DC214, Dallas Defcon Group and is a member of NMRC. His paying gig is as the Manager of Vernier Threat Labs. Before working at Vernier, MadHat was one of the core security team members for Yahoo and leat the vulnerability assessment and day-to-day security monitoring for Yahoo world-wide. He has written several open source security tools and has contributed to an upcoming book on NMap being written by Fyodor. Simple Nomad is the founder of the Nomad Mobile Research Centre (NMRC), an international group pf hackers that explore technology. By day he works as a Senior Security Analyst for BindView Corporation. He has spent several years developing and testing various computer systems for security strengths. He has authored numerous papers, developed a number of tools for testing the security and insecurity of computer systems, a frequently-sought lecturer at security conferences, and has been quoted in print and television media outlets regarding computer security and privacy.

We needed a protocol that allowed us to tell a server that we are who we say we are, have it work across NAT, use TCP, UDP, or ICMP as the transport mechanism, act as an extra layer of security, and be secure itself. Oh, and do so with a single packet. Sound crazy? It's actually very useful. We've come up with a Single Packet Authorization (SPA). This is a protocol for a remote user to send in a request to a server which I cannot be replayed and which uniquely identifies the user. The proof-of-concept code alone is worthy of a presentation itself, but SPA is so much more. This is not port-knowcking (although SPA can easily replace port-knocking with something much more secure). MadHat leads the DC214, Dallas Defcon Group and is a member of NMRC. His paying gig is as the Manager of Vernier Threat Labs. Before working at Vernier, MadHat was one of the core security team members for Yahoo and leat the vulnerability assessment and day-to-day security monitoring for Yahoo world-wide. He has written several open source security tools and has contributed to an upcoming book on NMap being written by Fyodor. Simple Nomad is the founder of the Nomad Mobile Research Centre (NMRC), an international group pf hackers that explore technology. By day he works as a Senior Security Analyst for BindView Corporation. He has spent several years developing and testing various computer systems for security strengths. He has authored numerous papers, developed a number of tools for testing the security and insecurity of computer systems, a frequently-sought lecturer at security conferences, and has been quoted in print and television media outlets regarding computer security and privacy.