Share Phillip Wylie Show
Share to email
Share to Facebook
Share to X
By Phillip Wylie
5
1313 ratings
The podcast currently has 110 episodes available.
Takeaways
·
·
·
·
·
·
·
·
·
·
Sound Bites
·
·
·
Chapters
00:00 Introduction to Horizon 3 and Snehal Antani
03:26 Leadership and Company Culture at Horizon 3
06:30 Snehal's Hacker Origin Story
10:37 Transition from Corporate America to JSOC
13:45 Building Horizon 3's Culture and Team
16:28 The Unique Approach of Horizon 3
20:24 The Evolution of Pen Testing
24:34 The Role of Humans in Pen Testing
28:41 The Shift in Cybersecurity Mindset
32:31 Certifications and Bootcamps in Cybersecurity
36:26 The Future of Cybersecurity and Co-Pilots
40:21 The Importance of Data in Cybersecurity
44:22 The Impact of Autonomous Pen Testing
48:22 Conclusion and Future Outlook
58:33 Phillip Wylie Show Outro Video.mp4
Resources
https://www.linkedin.com/in/snehalantani/
https://x.com/snehalantani
https://www.horizon3.ai/
https://www.linkedin.com/company/horizon3ai/
Summary
In this episode of the Phillip Wylie Show, host Phillip Wylie speaks with Christophe Foulon, a cybersecurity expert and podcaster, about his journey into the cybersecurity field, the importance of self-discovery for aspiring professionals, and the evolving landscape of hiring practices in the industry. They discuss the significance of certifications, the need for internal talent development, and the value of community involvement in cybersecurity education. Christophe shares practical advice for job seekers, emphasizing the importance of networking and curiosity in building a successful career in cybersecurity.
Takeaways
Christophe's journey into cybersecurity began at a young age.
Self-discovery is crucial for those entering the cybersecurity field.
Certifications are often necessary, especially for government roles.
Hiring practices are evolving, with less emphasis on traditional degrees.
Internal training and development can help fill cybersecurity roles.
Apprenticeships can provide valuable hands-on experience.
Community involvement is essential for building a skilled workforce.
Networking is key to finding job opportunities in cybersecurity.
Curiosity and continuous learning are vital for success in cybersecurity.
Understanding the job market and roles can prevent burnout.
Sound Bites
"I was just hooked."
"It all starts on the foundation of self-discovery."
"You need to be eternally curious."
Chapters
00:00 Introduction and Background
06:46 Recommendations for Breaking Into Cybersecurity
10:54 The Role of Certifications in Cybersecurity
16:08 Creating Career Paths and Apprenticeships in Cybersecurity
25:02 The Value of Networking and Building Relationships in Job Hunting
29:40 Staying Informed: Researching Industry Trends in Cybersecurity
32:14 Closing Remarks
32:39 Phillip Wylie Show Outro Video.mp4
Resources
https://www.linkedin.com/in/christophefoulon/
https://x.com/chris_foulon
Summary
In this episode, Len Noe, the world's first augmented
Takeaways
Sound Bites
Chapters
00:00 Introduction and Guest Introduction
03:36 Unconventional Paths into Cybersecurity
10:28 Implantable Technology and the Future of Augmented
18:41 Redefining Medical Ethics: Risks and Benefits of Body
25:44 Hacked Human: Insights from the World's First
37:26 Phillip Wylie Show Outro Video.mp4
Resources
https://x.com/hacker_213
https://www.linkedin.com/in/len-noe/
Human Hacked: My Life and Lessons as the World's First
https://www.wiley.com/en-mx/Human+Hacked%3A+My+Life+and+Lessons+as+the+World's+First+Augmented+Ethical+Hacker-p-9781394269167
Summary
HOU.SEC.CON is a cybersecurity conference in Texas that aims
Takeaways
HOU.SEC.CON is a cybersecurity conference in Texas that
The conference was started in 2010 by Michael Farnum and Sam
They initially ran the conference under the auspices of the
HOU.SEC.CON has grown over the years, attracting attendees
The conference aims to provide an affordable and accessible
HOU.SEC.CON has added two additional conferences, OT.SEC.CON
The organizers also host monthly user group meetings and
Sound Bites
"HOU.SEC.CON is a cybersecurity conference in
"The conference was started in 2010 by Michael Farnum
"They initially ran the conference under the auspices
"We were close to 1400 last year."
"Let's top out at 300. Let's top out at 500. Let's do
"We would have to take up multiple floors if we were
Chapters
00:00 Introduction to HOU.SEC.CON and its mission
06:15 The origins of HOU.SEC.CON and its role in the Houston
18:33 Differentiating HOU.SEC.CON from other conferences:
24:15 The growth and recognition of HOU.SEC.CON
26:35 Expanding HOU.SEC.CON
30:51 A More Accessible Alternative
35:46 Building a Strong Cybersecurity Community
Resources
http://houstonseccon.org/
https://www.linkedin.com/company/houseccon/
https://x.com/HouSecCon
https://www.linkedin.com/in/mfarnum/
https://x.com/m1a1vet
https://www.linkedin.com/in/svanryder/
https://x.com/SamVR
About the Guest:
Jeswin Mathai is the Chief Architect at SquareX. He leads the team responsible for designing and implementing the Infrastructure. Prior to joining SquareX, He was working as the chief architect at INE. He has published his work at DEFCON China, RootCon, Blackhat Arsenal, and Demo Labs (DEFCON). He has also been a co-trainer in-classroom training conducted at Black Hat Asia, HITB, RootCon, and OWASP NZ Day. He has a Bachelor's degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals and conducted awareness workshops for government institutions. His area of interest includes Cloud Security, Container Security, and Web Application Security.
Episode Summary:
In this captivating episode of 'The Philip Wylie Show', host Philip Wylie is joined once again by offensive security aficionado Jeswin Mathai. This talk orbits around the expansive realm of professional hacking, highlighting the persistent curiosity and zealous passion these experts have for overcoming challenges in their line of work. With Jeswin on board, listeners can anticipate an in-depth exploration of Squarex's new and riveting features aimed at staving off online vulnerabilities.
The episode delves into the intricate world of in-browser malicious file detection, a pressing issue in today's digital-heavy climate. Jeswin Mathai meticulously walks listeners through the challenges surrounding the detection of malicious files, expanding upon why conventional antivirus solutions struggle and how attackers exploit naïveté during delivery. Furthermore, he presents a live demonstration of Squarex's monumental browser integration, showcasing its real-time detection capabilities and remediation options, elevating Gmail's native security measures to impressive new heights.
Key Takeaways:
Squarex is revolutionizing online security: The discussion reveals how the product can enhance Gmail security by detecting and alerting users to potential threats before they materialize.
In-browser file analysis: Squarex performs comprehensive checks directly within your browser, maintaining user privacy while offering robust protection against malicious files.
Malicious macros are a key threat vector: Jeswin explains how attackers utilize document macros, often undetected by traditional antivirus software, to compromise user systems.
Real-time alerts and remediation: Squarex provides instantaneous analysis of file attachments, distinguishing malicious intent and providing safer alternatives for download.
Enhanced user-friendly protection: The product is designed for ease of use, offering an intuitive safety net for both tech-savvy individuals and those less accustomed to cybersecurity measures.
Notable Quotes:
"The moment you open it, it's almost instantaneous. And not only is it telling you contains macros, tells you the details."
"This is a macro free version created right there in your browser, in case if you're concerned that something can go wrong."
"Email is like the primary source right now of delivery of malicious payload."
"So we have received the mail. So now as you can notice, this is a macro enabled file, but Gmail didn't say anything."
"It's a full blown file system packaged in just one single file, and how crazy it can be to detect malicious macros."
Resources:
Get your free Chrome plugin: http://sqrx.io/pw_x
https://www.linkedin.com/company/getsquarex/
https://twitter.com/getsquarex
https://www.instagram.com/getsquarex/
Summary
In this episode, Joe Brinkley, also known as the blind hacker, joins Phillip Wylie to discuss his hacker origin story and offer advice for breaking into offensive security and pen testing. They also explore the commoditization of pen testing, the evolution of the industry, and the challenges of testing complex environments. Joe shares his insights on the different generations of hackers and the role of automation and AI in pen testing. He also talks about his work with the Mentor Village and offers resources for those interested in starting their own cybersecurity brand or company.
Takeaways
Sound Bites
Resources
https://www.linkedin.com/in/brinkleyjoseph/
https://x.com/TheBlindHacker
https://x.com/deadpixelsec
https://deadpixelsec.com/
Chapters
00:00 Introduction and Background
06:24 Advice for Breaking into Offensive Security
10:39 The Commoditization of Pentesting
15:53 The Impact of Compliance and Cyber Insurance
22:03 Challenges Faced by Practitioners in Limited Time Windows
25:33 The Evolution of Hackers and Accessibility of Education and Tools
30:36 The Role of Automation, Orchestration, and AI in Modern Pentesting
36:23 Building Cybersecurity Brands and the Mentor Village
41:14 Conclusion
41:52 Phillip Wylie Show Outro Video.mp4
Summary
In this live episode of The Phillip Wylie Show, cybersecurity experts Ira Winkler and Ryan Cloutier discuss their hacker origin stories and the evolution of hacking over the years. They emphasize the importance of basic cyber hygiene and the need to systematize the fundamentals of cybersecurity. They also discuss the risks and benefits of AI, highlighting the potential for manipulation and the need for safe adoption. The conversation touches on the role of policies and procedures, the alignment of cybersecurity with business objectives, and the impact of technology on human experiences.
Takeaways
Quotes
Resources
https://www.linkedin.com/in/irawinkler/
https://www.linkedin.com/in/ryan-cloutier/
https://cruisecon.com/
Chapters
00:00 Introduction and Hacker Origin Stories
05:39 The Evolution of Hacking and Basic Cyber Hygiene
08:03 Threat Landscape and Shifting Attack Profiles
10:18 The Impact of Social Media and Bring Your Own Device
18:05 Systematizing the Basics and Enforcing Policies
23:35 Aligning Cybersecurity with the Business and Employee Experience
26:01 AI: Readiness and Safe Adoption
32:13 Understanding AI as Math and the Potential Risks
34:48 Personal Intimate Information and the Weaponization of AI
Summary
David Schloss shares his hacker origin story, starting with his military background and how he ended up in the field of cybersecurity. He talks about his time in the Joint Special Operations Command (JSOC) and the unique missions he was involved in. He also discusses his transition to the private sector and his current role as a Hive Leader at Covert Swarm. The skills he acquired in JSOC have been highly transferable and valuable in his offensive security career. In this conversation, Dahvid Schloss discusses his experience at Seer, a practice prison camp that taught him transferable skills like lock picking and prison escape. He also talks about the challenges of transitioning from using malware and exploits to using his brain in the civilian world. Dahvid emphasizes the importance of finding your passion within offensive security and recommends exploring different areas to figure out what you enjoy. He also highlights the significance of building a personal brand in the cybersecurity field and encourages professionals to be more public about their skills and expertise.
Takeaways
Quotes
"I got through this course, I graduated, and I got to do the fun job of being a special operations communicator."
"Seer was amazing. So Seer is like practice prison camp, right? Which sounds why would that be amazing to cyber? And the reason is, is because they teach you some transferable skills, like how to pick locks and how to escape from prisons."
"Having access to really good malware, really good exploits was not at all. It sounds like it would be really helpful, but it was a hard transfer for me, especially because I'm so used to being able to go dot slash execute. And now I'm on a box and now I have to go, Oh, I have to use my brain."
"Offensive security is massive. It's like, there is no way you can be a master of all. Like there is only one and that's John Hammond so far. That's all I've seen. He's, know, he's got, he's got the chops, but we can't all be him. Right. So, um, really like my biggest recommendation."
Resources
https://www.linkedin.com/in/dahvidschloss/
https://x.com/DahvidSchloss
Chapters
00:00 Introduction and Background
02:36 Military to Cybersecurity Transition
08:41 Learning Cybersecurity Skills
17:34 JSOC and Fighting High-Value Targets
26:34 Transferable Skills and Challenges in Offensive Security
29:55 Exploring Different Areas in Offensive Security
39:04 The Importance of Building a Personal Brand
46:41 Opportunities for Growth in Smaller Cybersecurity Startups
49:49 Taking the Time to Find Your Path in Cybersecurity
Summary
In this episode of the Phillip Wylie Show, Phillip is joined by Eric Teichmiller, a technical account manager at Horizon 3. Eric shares his background in cybersecurity and his journey from IT to risk and compliance to offensive security. He explains his role as a technical account manager and how his defensive background helps him understand and support customers. Eric also discusses the benefits of certifications, offers advice for getting into cybersecurity, and shares his study tips and strategies for avoiding burnout.
Takeaways
Sound Bites
"I'm really enjoying cybersecurity as a whole."
"I kind of have that customer perspective."
"Everything that they were geeking out on not only works, but it works well."
Chapters
00:00 Introduction and Background
03:29 The Role of a Technical Account Manager
06:36 Transitioning from Defensive to Offensive Security
08:41 The Fascination with Autonomous Pen Testing
12:14 The Value of Certifications and Continuous Learning
14:13 Advice for Job Seekers in Cybersecurity
15:55 Navigating Job Descriptions and Requirements
20:12 Avoiding Burnout in Cybersecurity
24:07 Goals and Future Plans at Horizon 3
25:59 Final Thoughts and Conclusion
Resources
https://www.linkedin.com/in/eric-teichmiller-82296295/
https://x.com/ericteichmiller
About the Guest:
Jeff Man is a seasoned professional in the cybersecurity industry, with a rich history in penetration testing and security. He began his career at the National Security Agency (NSA) and has since become renowned for his expertise and contributions to the field. Jeff is also a co-host on Paul Security Weekly and frequently shares his insights at notable security conferences. His vast experience and deep understanding of the industry's evolution make him a respected figure in cybersecurity.
Episode Summary:
In this captivating episode of the Phillip Wylie Show, host Phillip Wylie welcomes cybersecurity veteran Jeff Man. Known for his storied career starting at the NSA, Jeff dives into his unique hacker origin story and the evolution of penetration testing. This episode is packed with insights, anecdotes, and practical advice for anyone interested in the cybersecurity landscape.
Jeff Man shares his early experiences working at NSA, highlighting key moments such as his involvement in creating the first software-based cryptosystem. He delves into the early days of penetration testing, describing how methodologies and technologies have transformed over the years. Jeff also discusses the importance of understanding penetration testing's true objectives and offers guidance on how organizations can maximize the value of these tests. His reflections on the cybersecurity community, vendor relationships, and the need for precise terminology provide valuable perspectives for practitioners and enthusiasts alike.
Key Takeaways:
• Jeff's Striking Background: Learn about Jeff Man's remarkable career trajectory, from his start at the NSA to his present role as a cybersecurity expert and podcaster.
• Evolution of Pen Testing: Understand the shifts in penetration testing methods, technologies, and industry perceptions over the past three decades.
• Maximizing Pen Test Effectiveness: Discover practical advice on how organizations can make the most out of their penetration testing efforts by setting clear objectives and collaborating with trusted advisors.
• Cybersecurity Insights: Jeff emphasizes the importance of understanding and correctly using industry terminology and the value of a comprehensive security program.
• Community and Learning: Hear Jeff's thoughts on the cybersecurity community, including his participation in conferences and his ongoing mission to educate and mentor upcoming professionals.
Notable Quotes:
• "I've always tried to ascribe to that. You might lose something in the near term by saying, well, what we have really isn't the best thing for you right now."
• "Pen testers are the unsung heroes of the industry, often with relatively boring stories, but they are crucial to the security landscape."
• "Very rarely do I see a pen test report that's actually, we tried to break in, or we tried to gain access, or we tried to gain unannounced access."
• "I've always been a consultant. I've always been sort of in this trusted advisor role."
• "And I have clients that I've been working with now for 15, 20, 25 years. Not all the time, but when they need something, they're like, hey, let me give Jeff a call and see what he has to say."
Resources:
Jeff Man LinkedIn: https://www.linkedin.com/in/jeffreyeman/
Jeff Man X(formerly Twitter): https://x.com/MrJeffMan
Jeff Man on Paul Security Weekly: https://www.scmagazine.com/security-weekly
The podcast currently has 110 episodes available.
1,916 Listeners
352 Listeners
608 Listeners
3,079 Listeners
151 Listeners
981 Listeners
131 Listeners
299 Listeners
367 Listeners
910 Listeners
7,609 Listeners
134 Listeners
297 Listeners
84 Listeners
7,204 Listeners