What are memory forensics?

In this investigative episode of the Exploring Information Security podcast, Kyle Andrus joins me to discuss memory forensics.

Kyle (@chaoticflaws) is someone I've started to get to know this year. He's an organizer of Converge and BSides Detroit. He's also an organizer for MiSec. Talking with him I noticed a strong interest in memory forensics. This allowed us to geek out a bit on the topic considering I have experience with performing memory forensics as part of incident response. It was one of the more interesting things I've done in security.

In this episode we discuss:

  • How Kyle got into memory forensics
  • What tools are available to perform memory forensics
  • Why memory forensics are useful to an organization
  • What skills are needed for memory forensics

What does Chris Maddalena, Kyle Andrus, and Daniel Ebbutt think about security at DEFCON?

In this crazy edition of the Exploring Information Security podcast, I am joined by Chris Maddalena, Kyle Andrus, and Daniel Ebbutt for another conference podcast special. This time it's DEFCON 25.

Chris (@cmaddalena), Kyle (@chaoticflaws), and Daniel (@notdanielebbutt) join me at DEFCON to discuss various topics ranging from conferences like DEFCON, Blackhat, and BSides Las Vegas to bird feeders. We read a couple passages from the POC||GTFO bible available from no start press.

In this episode we discuss:

  • The death of LineCon
  • Blackhat swag
  • BSides Las Vegas
  • Converge and BSides Detroit
  • Saying yes and knowing when to say no
  • Report writing
  • Macros
  • Bird feeders

What is BSides Bordeaux

In this exquisite episode of the Exploring Information Security podcast, Allan Liska and Tim Gallo join me to discuss a brand new BSides in Bordeaux.

Both Allan (@uuallan) and Tim (@TimJGallo) are in the Unite States. This makes starting a BSides in France challenging and intriguing. Both organizers love wine and saw an opportunity to put France on the BSides map. BSides Bordeaux (@BsidesBDX) is October 21, 2017, in Bordeaux France. The venue is Mama Shelter (which has a wicked video). Tickets are limited so be sure to grab one soon.

In this episode we discuss:

  • What inspired them to start BSides Bordeaux
  • The challenges of organizing a BSides on another continent
  • What makes the conference unique
  • What are some of the things to do in Bordeaux

How to prepare for the OSCP - Part 2

In this studious edition of the Exploring Information Security podcast, Offensive Security Certified Professional (OSCP) Chris Maddalena joins me to discuss how to prepare for the OSCP certification.

Chris (@cmaddalena) returns to talk about how he got his OSCP. He didn't get it on his first attempt. He did learn from his first attempt, though, and passed the exam on his second attempt. He was willing to come on the podcast to describe his experience and provide tips for others looking to acquire the certification. The exam is not easy. It's a 24-hour exam that includes writing a report as well as performing a penetration test. Preparation for the exam is very important.

In this episode we discuss:

  • How Chris' second attempt went
  • How to study for the OSCP
  • What the hardest part of the exam was for Chris
  • How the pointing system works

More resources (h/t @KrvRob):

How to prepare for the OSCP - Part 1

In this studious edition of the Exploring Information Security podcast, Offensive Security Certified Professional (OSCP) Chris Maddalena joins me to discuss how to prepare for the OSCP certification.

Chris (@cmaddalena) returns to talk about how he got his OSCP. He didn't get it on his first attempt. He did learn from his first attempt, though, and passed the exam on his second attempt. He was willing to come on the podcast to describe his experience and provide tips for others looking to acquire the certification. The exam is not easy. It's a 24-hour exam that includes writing a report as well as performing a penetration test. Preparation for the exam is very important.

In this episode we discuss:

  • What is the OSCP and OSCE
  • Why someone should pursue the OSCP
  • What is the test like
  • How Chris' first attempt went

More resources (h/t @KrvRob):

What are the steps to secure application development?

In this getting started episode of the Exploring Information Security podcast, Jim Manico joins me to discuss the steps (or rather phases) to secure application development.

Jim (@manicode) is an active member in the application security field. He's been a board member for OWASP. He's a regular speaker at OWASP conferences and he provides appsec training nine months out of the year. I recently had the opportunity to tune into a webinar put on my Jim discussing the steps to secure application development. He's got a wealth of knowledge and provides actionable advice for anyone wanting to move in that direction.

In this episode we discuss

  • How Jim got started in appsec
  • Why secure application development is important
  • What the steps are to get started
  • Who should be implementing application security

Why is passion an infosec requirement?

In this strong episode of the Exploring Information Security podcast, Chris Sanders CEO of Applied Network Defense and founder of the Rural Technology Fund joins me to question why passion is an infosec requirement.

Chris (@chrissanders88) recently put up a blog post titled, The Cult of Passion. In this post he discusses the concept of passion being a requirement in information security. This is something I've railed against in the path. Like Chris I think it sets the bar higher for those trying to get in. They feel like they have to spend 18 hours of their day doing infosec related things. That is in fact not the case and there are plenty of successful people in infosec that don't eat, sleep, and breath infosec.

In this episode we discuss:

  • What is passion?
  • What is some of the psychology around passion?
  • Why passion isn't a reliable measure for hiring managers.
  • What should people be focusing on instead of passion?

How to join the infosec community - part 2

In this inclusive episode of the Exploring Information Security podcast, Micah Hoffman, a certified SANS instructor, joins me to discuss how to join the infosec community.

Micah (@WebBreacher) gave a talk at BSides DC last year on joining the infosec community. For Micah it took him a while to get involved. He jumped right into the deep end by going to DEFCON. Several years later he decided to get more involved in the community and quickly discovered several of the benefits from doing that. I had a similar experience, attending DEFCON in the early 2000s. I wouldn't attend another security conference until 10 years later.

There are a lot of benefits to getting involved in the infosec community. You get to contribute and make the community a little better. You get to meet some awesome people. You will have more job opportunities open up. Community engagement shows initiative and allows you to meet people looking to fill roles.

In this episode we discuss:

  • How to meet people

  • What are some of things to watch out for in the community

  • Other resources available for getting invovled

More resources:

How to join the infosec community - part 1

In this inclusive episode of the Exploring Information Security podcast, Micah Hoffman, a certified SANS instructor, joins me to discuss how to join the infosec community.

Micah (@WebBreacher) gave a talk at BSides DC last year on joining the infosec community. For Micah it took him a while to get involved. He jumped right into the deep end by going to DEFCON. Several years later he decided to get more involved in the community and quickly discovered several of the benefits from doing that. I had a similar experience, attending DEFCON in the early 2000s. I wouldn't attend another security conference until 10 years later.

There are a lot of benefits to getting involved in the infosec community. You get to contribute and make the community a little better. You get to meet some awesome people. You will have more job opportunities open up. Community engagement shows initiative and allows you to meet people looking to fill roles.

In this episode we discuss:

  • How Micah got into the community

  • What is the infosec community?

  • Why it's important to get involved

  • Where can someone get involved?

More resources:

What does Jayson E. Street, Dave Chronister, Johnny Xmas, April Wright, and Ben Brown think about security?

In this epic episode of the Exploring Information Security podcast Jayson E. Street (@jaysonstreet), Dave Chronister (@bagomojo), Johnny Xmas (@J0hnnyXm4s), April Wright (@aprilwright), Ben Brown (@ajnachakra), and surprise guests Adrian Crenshaw (@irongeek_adc) and Kevin Johnson (@secureideas)all join me to discuss various security related topics.

ShowMeCon is one of my favorite security conferences. The organizers are awesome and take care of their speakers like no other conference. The venue is fantastic. The content is mind blowing. I can't say enough good things about the even that Dave and Renee Chronister put on every year in St. Louis, Missouri. They know how to put on a conference.

Regular listeners of the podcast will note that I recorded an episode with Dave on ShowMeCon several weeks ago. After that recording he asked if I was interested in doing a recording at the conference. I said yes and thus the birth of this epic episode. This format is experimental. First, it is marked as explicit, because there is swearing. Second, It's over 90 minutes long. I didn't think breaking it up into four or five pieces would serve the recording well. Send me your feedback good or bad on this episode, because I'd like to do more of these. I would really like to hear it for this episode.

In this episode we discuss:

  • Certificates
  • Hiring
  • Interviewing
  • Where to get started
  • Soft skills
  • ShowMeCon and other conferences
  • Community and giving back
  • Imposter syndrome
  • Irongeeks impact on those in attendance

What is malware analysis - part 2

In this analyzed episode of the Exploring Information Security podcast, Daniel Ebbutt joins me to discuss malware analysis.

Daniel (@notdanielebbutt) is a malware analyst at a fortune 500 company. I recently caught up with Daniel at Converge and BSides Detroit. We had a great conversation about malware analysis. Talking about the topic with him you can tell he is very passionate and excited about the subject. Which is why I decided to have him on the podcast for a little chat.

In this episode we discuss:

  • What types of anti-malware Daniel has seen
  • How to perform malware analysis
  • What skills are useful for malware analysis
  • What resources are available

More resources:

What is malware analysis - part 1

In this analyzed episode of the Exploring Information Security podcast, Daniel Ebbutt joins me to discuss malware analysis.

Daniel (@notdanielebbutt) is a malware analyst at a fortune 500 company. I recently caught up with Daniel at Converge and BSides Detroit. We had a great conversation about malware analysis. Talking about the topic with him you can tell he is very passionate and excited about the subject. Which is why I decided to have him on the podcast for a little chat.

In this episode we discuss:

  • What is malware analysis
  • How to get malware
  • How to handle malware
  • What the different classes of malware are

More resources:

Why social skills are important - part 3

In this final part of a three-part series of the Exploring Information Security podcast, Johnny Xmas joins me to discuss why social skills are important.

Johnny (@J0hnnyXm4s) has presented talks and performed training on the topic of social skills at various conferences. He told me it's the topic he gets the most feedback on from people in attendance. I was first introduced to one of Johnny's talks at BSides Nashville 2015. He was presenting on networking with people at conferences. Which I immediately identified with. I was there shooting pictures, because it was an easy way to meet people at conferences.

Social skills are important in organizations, because it allows us to build better relationships with people to improve security. It's a topic that Johnny can talk about for hours (as evident by this three-part series).

In this episode we discuss:

  • Why it's important to never eat alone
  • How to improve your social skills
  • How to start a conversation
  • Why it's important to practice

More resources:

Why social skills are important - part 2

In this second part to a three-part series of the Exploring Information Security podcast, Johnny Xmas joins me to discuss why social skills are important.

Johnny (@J0hnnyXm4s) has presented talks and performed training on the topic of social skills at various conferences. He told me it's the topic he gets the most feedback on from people in attendance. I was first introduced to one of Johnny's talks at BSides Nashville 2015. He was presenting on networking with people at conferences. Which I immediately identified with. I was there shooting pictures, because it was an easy way to meet people at conferences.

Social skills are important in organizations, because it allows us to build better relationships with people to improve security. It's a topic that Johnny can talk about for hours (as evident by this three-part series).

In this episode we discuss:

  • Why it's important to never eat alone
  • How to improve your social skills
  • How to start a conversation
  • Why it's important to practice

More resources:

Why social skills are important - part 1

In this start to a three-part series of the Exploring Information Security podcast, Johnny Xmas joins me to discuss why social skills are important.

Johnny (@J0hnnyXm4s) has presented talks and performed training on the topic of social skills at various conferences. He told me it's the topic he gets the most feedback on from people in attendance. I was first introduced to one of Johnny's talks at BSides Nashville 2015. He was presenting on networking with people at conferences. Which I immediately identified with. I was there shooting pictures, because it was an easy way to meet people at conferences.

Social skills are important in organizations, because it allows us to build better relationships with people to improve security. It's a topic that Johnny can talk about for hours (as evident by this three-part series).

In this episode we discuss:

  • What are social skills
  • Why they're important
  • How it relates to social engineering
  • How to interact with someone in a conversation

More resources:

How to pick a lock

In this picky edition of the Exploring Information Security podcast, Adrian Crenshaw joins me to discuss lockpicking and how to pick a lock.

Adrian (@Irongeek_adc) contributes a lot to the infosec community. He's at a lot of different conferences around the country. When he attends dinners at those conferences you can usually see him carrying around a big chain of locks and a monster wallet of lock picks. I've learned to pick locks with Adrian at a few of these dinners and thought it would make a good topic for the podcast.

In this episode we discuss:

  • How to lock pick
  • What are Bogota picks
  • How video games are bad for lockpicking
  • What is lock bumping
  • What happens when you bring lock picks on a plane

Resources:

How to get a DerbyCon ticket

In this scavenger edition of the Exploring Information Security podcast, I provide tips on getting a ticket to DerbyCon.

DerbyCon tickets went on sale May 6, 2017. Two minutes before the official release time, tickets were already sold out. This led to some controversy surrounding the release of tickets five minutes before. This was something that the conference has done for years. Last year the conference sold out in hours. This year it became a problem. There is still plenty of time to secure a ticket. Here are some ways to do that (h/t @PyroTek3).

DerbyCon Twitter account: DerbyCon plans to release more tickets in smaller batches. Watch their Twitter account for more information.

Watch Twitter: Plans change. People will be selling tickets leading up to the conference. Expect an increase in people looking to sell their tickets the month before the conference. I would also recommend paying attention for when speaker notifications go out. Usually around early August.

Submit a talk: The year I began speaking, I got accepted to speak at DerbyCon. The conference prefers new talks and loves new speakers. If you have an idea go for it. You never know. 

Volunteer: It takes a lot of people to run a conference. Volunteers get a free ticket to the con. You will have to work the conference. Which also may result in making some new friends and connections.

Sponsor the conference: DerbyCon is still looking for sponsors. Included in the sponsor package are tickets to the con.

Contests: Keep a look out for contests involving tickets. For example the Brakeing Down Security podcast is putting on a CTF for DerbyCon tickets. 

What is hardware hacking?

In this bulb edition of the Exploring Information Security podcast, Price McDonald Director of Colafire Labs joins me to discuss hardware hacking.

Price (@pricemcdonald) recently gave a hardware hacking talk at BSides Indy. Which I had the pleasure to attend. I was fascinated by the content he provided for the talk and decided to have him on. Hardware hacking is not something we see too much, but it is out there. It's used in physical penetration tests and for other learning opportunities. Listening to Price you can tell he has a strong interest in the topic.

In this episode we discuss:

  • What is hardware hacking?
  • What hardware can be hacked?
  • Where hardware hacking applies?
  • How to get started in hardware hacking

Resources:

What is threat intelligence? - Part 2

In this smart episode of the Exploring Information Security podcast, Rob Gresham formerly of McAfee joins me to explain threat intelligence.

Rob (@rwgresham) previously served as a practice lead in McAfee's security operations. I had the opportunity to meet Rob in person. He is deeply involved in the many things information security related in South Carolina. Including the National Guard and Palmetto Cyber Defense Competition. Threat intelligence is a topic he thoroughly enjoys discussing. Which is why this topic will be a two parter.

In this episode we discuss:

  • What is threat intelligence
  • How threat intelligence is useful
  • What are the benefits of threat intelligence
  • What needs to be done before threat intelligence

Resources:

What is threat intelligence? - Part 1

In this smart episode of the Exploring Information Security podcast, Rob Gresham formerly of McAfee joins me to explain threat intelligence.

Rob (@rwgresham) previously served as a practice lead in McAfee's security operations. I had the opportunity to meet Rob in person. He is deeply involved in the many things information security related in South Carolina. Including the National Guard and Palmetto Cyber Defense Competition. Threat intelligence is a topic he thoroughly enjoys discussing. Which is why this topic will be a two parter.

In this episode we discuss:

  • What is threat intelligence
  • How threat intelligence is useful
  • What are the benefits of threat intelligence
  • What needs to be done before threat intelligence

Resources: