Phillip Wylie Show

Marina Ciavatta: From Journalism to Physical Pen Testing & Social Engineering

Listen Later

Summary

In this episode of the Phillip Wylie Show, Marina Ciavatta shares her unique journey into the world of physical pen testing and social engineering. From her origins in journalism to her current role as a red teamer, Marina discusses the challenges and experiences she has faced in the field. She shares thrilling stories of her pen tests, including moments of fear and unexpected encounters, while also emphasizing the importance of training and awareness in cybersecurity. Marina provides insights for those looking to enter the field, highlighting the blend of creativity and strategy required for successful penetration testing.


Takeaways

• Marina's journey began with event organizing and content production in cybersecurity.

• Physical pen testing requires a deep understanding of security protocols and ethical considerations.

• Experience in event management can enhance skills in physical pen testing.

• Being caught during a pen test can provide valuable insights into security effectiveness.

• Security guards play a crucial role in preventing unauthorized access.

• Creative approaches, such as using costumes, can aid in infiltration during pen tests.

• Combining social engineering with physical pen testing can yield better results.

• Training and awareness are essential for both red and blue teams in cybersecurity.

• Practicing social engineering ethically can help develop skills without causing harm.

• Marina emphasizes the importance of leaving positive feedback in security reports.


Sound Bites

• "I had to crawl a lot on the floor."

• "Being caught is part of the job."

• "I tend to collect my costumes as I go."


Chapters

00:00 Introduction to Marina's Journey

06:53 Breaking into Cybersecurity: Tips for Newcomers

13:20 Getting Caught: Lessons from the Field

29:55 Combining Social Engineering with Physical Pen Testing

34:37 Training and Ethical Considerations in Social Engineering


Resources


https://www.linkedin.com/in/mciavatta/

https://x.com/MarinaCiavatta

https://linktr.ee/marinaciavatta


Phillip's New Free Penetration Testing Methodology Training on Just Hacking Training

https://www.justhacking.com/uc/uc-penetration-testing-methodology/

...more
View all episodesView all episodes
Download on the App Store
Phillip Wylie ShowBy Phillip Wylie
  • 4.9
  • 4.9
  • 4.9
  • 4.9
  • 4.9

4.9

18 ratings

More shows like Phillip Wylie Show

View all
The Social-Engineer Podcast by Social-Engineer, LLC

The Social-Engineer Podcast

150 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

372 Listeners

Risky Business by Risky Business Media

Risky Business

372 Listeners

Down the Security Rabbithole Podcast (DtSR) by Rafal (Wh1t3Rabbit) Los

Down the Security Rabbithole Podcast (DtSR)

99 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

652 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,025 Listeners

Click Here by Recorded Future News

Click Here

419 Listeners

Cleared Hot - Powered By BRCC by Andy Stumpf

Cleared Hot - Powered By BRCC

11,010 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,086 Listeners

Talkin' Bout [Infosec] News by Black Hills Information Security

Talkin' Bout [Infosec] News

94 Listeners

All-In with Chamath, Jason, Sacks & Friedberg by All-In Podcast, LLC

All-In with Chamath, Jason, Sacks & Friedberg

10,201 Listeners

The Jack Carr Channel by Jack Carr

The Jack Carr Channel

2,875 Listeners

Risky Bulletin by Risky Business Media

Risky Bulletin

45 Listeners

Simply Defensive by Simply Cyber Media Group

Simply Defensive

2 Listeners

Simply Offensive by Suzu Labs

Simply Offensive

3 Listeners