Dave is a partner at BlackThorne Consulting, where he  leads engagements against strategic assets in many industries across the globe. Dave is also a veteran of the U.S. Navy, where he spent 10 years in the intelligence and special programs communities.

Jeffrey Man is a respected information security expert, advisor, evangelist, and co-host of the security podcast Security Weekly. He has over 35 years of experience in all aspects of computer, network, and information security. Jeffrey has held various information security roles within the DoD as well as private-sector enterprises, is a former PCI QSA, and was part of the first penetration testing “red team” at the NSA. 

Twitter: @MrJeffMan Website: securityweekly.com/hosts 

This is a special Labor Day Quick Release celebrating the anniversary of Derbycon.


Rural Tech Fund: https://ruraltechfund.org/

Dave Kennedy has worked on cyberwarfare for the U.S. Marine Corps (USMC) and on forensics for theintelligence community, including two tours in Iraq. He has also served as the chief security officer (CSO) for a Fortune 1000 company with offices in more than 77 countries.  Then one day, he left that job and started his own.  He is the founder of TWO companies, TrustedSec and Binary Defense.  If you are an NBA fan, you might even see a logo from time to time.  He is also the founder of Derbycon, author of  UNICORN, and the Social Engineering Toolkit, has testified before congress several times, has been on TV nearly a hundred times, and is absolutely terrified bye clowns

Angela Marafino is an Evolve Security Academy alumna, a Microsoft project manager, and the co-host of the "Hacker Book Club". 

With no prior background in IT or computer science, Angela did not take the traditional route to obtain a career in cybersecurity. However, the desire for a more challenging career led her to enroll in a cybersecurity bootcamp, which gave her the skills and mindset necessary to become a cybersecurity professional. She is CompTIA Security+ and Network+ certified and holds two bachelor’s degrees, one in fine arts and another in pre-law. Angela is also the organizer of her local Women of Security (WoSec) chapter. 

Link to Hacker Book Club:  https://www.goodreads.com/group/show/1076604-the-hacker-book-club

Note: This is a special episode with @KeirstenBrager, the closing keynote speaker for this weekend's Diana Initiative virtual conference. 

Keirsten Brager is a Sr. Security Consultant/NERC-CIP SME in critical infrastructure and was recently named one of Dark Reading’s top women in security quietly changing the game. She is also the author Secure The InfoSec Bag: Six Figure Career Guide for Women in Security. She produced this resource to help women strategically plan their careers, diversify their incomes, and fire bad bosses. Keirsten holds a M.S. in Cybersecurity and several industry certifications, including GICSP & CISSP.  In her free time, she loves sharing career advice, studying Black history, and convincing women not to quit the industry.

Diana Initiative Schedule:  https://www.dianainitiative.org/schedule/
Diana Initiative Tickets: https://www.eventbrite.com/e/the-diana-initiative-2020-tickets-112263061840


Topic/ Chapter List:

00:00:03 Introduction

00:02:14 Meet Keirsten

00:02:30 "Excited and Terrified"

00:04:47 Origin Story

00:07:13 Do we have a cybersecurity skills shortage?

00:08:47 Biggest myth in the industry

00:11:06 People, Process, Technology

00:12:50 Advice to those who are new

00:18:40 Cautiously Optimistic on Progress

00:20:32 Give back to the community FIRST

00:23:03 Example: Last June Job Change and Linked In

00:26:10 Uplift and be uplifted

00:26:36 The Diana Initiative     http://dianainitiative.org

00:28:22 About Keirsten's keynote: SDLC

00:29:00 using SMART goals

00:31:36 What are "SMART" goals?

00:37:00 Career moves

00:39:01 "Circle of Excellence"

00:41:25 Money, money, money

00:42:20 Negotiating benefits and salary

00:44:48 Advice to a younger Keirsten

00:49:20 Signing off, wrapping up

Tanya Janca, also known as SheHacksPurple, is the author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and weekly podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion and kindness, which shines through in her countless initiatives.

Founder: We Hack Purple (Academy, Community and Podcast), WoSEC International (Women of Security), OWASP DevSlop, OWASP Victoria, #CyberMentoringMonday.  Chapter List: 


00:00:20 Opening

00:00:47 About @SheHacksPurple

00:01:55 Tanya is here!

00:02:21 Red Team, Blue Team, Purple Team

00:04:20 Purple Trait: Empathy

00:05:02 Purple Trait: Advocacy

00:06:50 Young Coding

00:08:04 Childhood and parents

00:08:37 "The Shirt Story"

00:09:12 Discovering that Code should be secure

00:11:20 Educating Students

00:12:15 "Cross Site Scripting" meaning

00:13:52 Introducing WeHackPurple.com

00:16:52 "DevSecOps" Definition

00:19:02 Public Speaking

00:19:54 Meet WOSEC

00:22:45 Big Shoutout to Chloé Messdaghi

00:24:22 Cyber Mentoring Monday

00:26:15 Mentee Responsibilities

00:28:25 Everyone needs a mentor

00:29:56 Salary negotiations

00:32:40 Less Traveling is good.

00:34:30 Management vs. Leadership

00:37:10 Diversity and Inclusion

00:37:40 Shout out to Jane Franklin and Tara Wheeler

00:42:22 Cookies!!!

00:43:20 Advice to a younger Tanya

00:46:34 Tribe of Hackers: Security Leaders

00:49:00 Signing off, parting wisdom from Tanya

David Evenden is the founder of StandardUser Cyber Security, an educational security firm dedicated to bringing work to freelance hackers and bringing top-tier industry-standard information security certification training to the university classroom. 

David is an experienced offensive security operator with experience working in the U.S. intelligence community (IC). He learned Persian Farsi, worked at NSA Red Team, and was a member of an elite international team operating in conjunction with coalition forces to aid in the ongoing efforts in the Middle East.

Topics list:

00:00:03 Introduction

00:00:35 Meet @JediMammoth

00:01:36 Origin Story

00:06:10 Pensacola Cyber Training: Crash Course

00:08:50 NSA Red Team

00:11:20 Compartmentalization

00:13:00 Learning and Teaching

00:14:21 Making Decisions

00:14:59 Dwight Schrute (not a typo) Philosophy

00:16:02 Fatherhood and its impact

00:18:14 Challenges

00:19:52 Darknet Diaries: Episode 47 https://darknetdiaries.com/episode/47

00:22:12 Advice to a younger David

00:24:10 Blue Team Challenges

00:25:53 Mental Health Strategies

00:27:20 Social Media and Toxicity

00:29:05 Advice to Newbies

00:29:40 The Innocent Lives Foundation  https://www.innocentlivesfoundation.org/

00:32:18 Admiration

00:34:00 Diversity

00:36:01 Increasing Participation

00:37:02 Shoutout: Lesley Carhart @Hacks4Pancakes

00:37:13 Shoutout: Katie Nickels @ILikeTheCoins

00:38:58 Virtual Conferences

00:39:50 Advice to the Burnt Out

00:41:38 Wrap up, Thanks

sn0ww  is a social engineering professional. At DEF CON 22 she won a black badge for the Social Engineering Capture the Flag (SECTF). sn0ww was also on the winning team for SAINTCON'S Vault Physical Security challenge, which won the team a black badge. Over the last five years she has presented and taught trainings at multiple InfoSec conferences. sn0ww has performed a variety of Social Engineering assessments for clients ranging from start-ups, Fortune 100 companies, to government agencies as well as assisted consultancies build out their Social Engineering services.

Topics include:

00:00 Introduction

00:53 Professional Liar sn0ww

01:40 Origin Story: DEFCON

04:05 Social Engineering Capture the Flag

04:40 Chris Hadnagy @HumanHacker gives books and advice

07:20 Choosing Pretexts

08:50 Social Media and OSINT

10:55 Contest to Career!

12:10 Twitter incident discussion

13:00 Types of Insider threats

17:45 Human Beings are the weak link

18:30 Women and Social Engineering

20:50 Typical Engagement Description

26:46 COVID19 and Red Teaming

29:00 Red Team Community

30:25 Discussing BSides

35:00 Mental Health and COVID19

36:20 Advice to a younger sn0ww

36:58 "Darknet Diaries" episode 22

38:20 "Get out of Jail Free" card and social engineering

39:50 sn0ww gets caught

44:50 Personal advice for listeners

Twitter: @PhillipWylie

Phillip Wylie is a penetration tester with more than 21 years of experience in information technology and information security. He is an adjunct professor teaching ethical hacking and web app pentesting at Richland College in Dallas, Texas. Phillip is the founder and director of the Pwn School Project, an educational meetup group teaching pentesting and ethical hacking skills. He holds the following certifications: OSCP, GWAPT, and CISSP.

In this episode, we will discuss:

0:00 intro

0:30 about Phillip Wylie:

01:15 Origin Story  

3:03 What About Samson the Bear? About Professional Wrestling

4:29 CAD draftsman to Novell Engineer

5:45 Aer certifications important? 

6:36 Blueprint to PenTesting

8:07 Advice to pentesting students

8:55 Writing and Communication Skills

10:38 The PwnSchool Project

12:15 PwnSchool starts out discussing OffSec, but expands to many more topics

14:06 ITSP Podcast on Origins

15 :30 BADASS army @KatelynBowden

17:00 Non Consensual Image Abuse and BADASS Army

18:34 COVID19 and Conference Appearances- the good and bad

20:32 Phillip finds Tribeof Hackers

21:36 Mentorship and the awesomeness of @DHAhole

22:35 Giving back

23:50 Mental Health and helping others——

25:26 Everyone has something to share

27:34 What does “Hacker” mean

28:30 People Phillip admires

 29:45 DeWayne Johnson chit chat—

30:40 community

31:30 Advice to a younger Phillip Wylie

32:15 Phillip on twitter: @PhillipWylie Youtube:  PLWylie.  Personal website TheHackerMaker.com And PwnSchool.com

Emily Crose is a security researcher and professional with over 10 years of experience including a total of 7 between being an officer for the Central Intelligence Agency and the National Security Agency.

Time Stamps/ Topic List

00:00:00 Introduction to Episode 11, Emily Crose

00:01:17 History of Hacking

00:02:49 MELISSA.vir

00:05:50 Career Start at NSA

00:07:38 Hunt Methodology and OSINT

00:14:02 Comic Sans is evil and must be destroyed

00:16:05 Muckrock   http://Muckrock.com

00:18:20 Conspiracy Theories

00:26:41 Privacy Questions

00:31:49 Are we safer?

00:35:20 Optimistic Words from Emily, Wrap up