Shows
Two Sixteen: A Link to the Past Randomizer PodcastSynackOriginally published: OCTOBER 3RD, 2022EPISODE SUMMARYTwo-Sixteen podcast Season 2 Episode 12 with SynackEPISODE NOTESSynack joins the Two-Sixteen podcast to talk about his ALTTPR origins, becoming a mod in the ALTTPR Discord, and his rise as a bot overlord. He chats about his love of rollercoasters, the history of all of his Discord bots including Sahabot creation, and the reality of burnout. Follow Synack on Twitch Follow fearagent on TwitchJoin the 216 Discord!2025-01-061h 08
WE'RE IN!Mike Witt on NASA’s cybersecurity mission in spaceMike Witt, NASA's Senior Agency Information Security Officer and Chief Information Security Officer for Cybersecurity and Privacy, has a long history of public service. In addition to serving 10 years in the U.S. Army, Mike was the director of the United States Computer Emergency Readiness Team (US-CERT) at the Department of Homeland Security and a key cybersecurity official at the IRS. Now, he’s leading NASA’s efforts to secure spaceflight centers nationwide and their missions to the final frontier.Tune in to the latest episode of WE’RE IN! to hear more about how NASA balances its ou...2024-12-1327 minWE'RE IN!Lt. Gen. Lori Reynolds on the evolution of cyber warfareLieutenant General Lori Reynolds' (Ret., USMC) career journey from a Naval Academy graduate to a key figure in cybersecurity and information warfare illustrates the progression of military communications and cyber operations. Initially commissioned as a Marine Corps communications officer in 1986, Lori’s career took her from managing traditional radio communications to leading the Marine Corps Cyberspace Command. Tune in to hear how she played an important part in integrating cyber operations into the Marine Corps' combined arms approach and later spearheaded efforts to create a comprehensive information warfighting function.Listen to learn more about: Ho...2024-11-2133 minWE'RE IN!Melissa Vice on the value of vulnerability disclosure programsThe Department of Defense Cyber Crime Center (DC3) operates a Vulnerability Disclosure Program (VDP) that handles critical cybersecurity issues reported by the public, including using an actual red phone for urgent matters. In the latest episode of WE’RE IN!, Melissa Vice, director of DC3’s VDP, describes how they respond to cyberthreats and collaborate with other groups within the center, such as the Operation Enablement Directorate and cyber forensics laboratory. Tune in to hear how the program, which began in 2016 following a successful bug bounty event, has processed over 53,000 reports, 56% of which were actionable, and resulted in ne...2024-11-0735 minWE'RE IN!The AI Episode: Experts Share Security Insights on LLMs and GenAIHear from this season’s guests for their thoughts and predictions on AI and cybersecurity. We took sound bites from a range of WE’RE IN! interviewees, whose opinions on AI vary from thinking it’s overblown to being cautiously curious. Tune into this episode to better understand AI’s seismic effects on the infosec industry.
2024-10-2315 minWE'RE IN!Bill Dunnion on the push for transparency in security breachesBill Dunnion, chief information security officer at global telecommunications company Mitel, is well-versed in the critical nature of telecom infrastructure and the devices that support it. He’s also keenly aware of how his role as CISO is under increasing scrutiny from regulators around the world and in Canada, where Mitel is based. In this episode of WE’RE IN!, Bill expresses skepticism about AI, preferring the term "machine learning" for most current applications, but he acknowledges its potential benefits, such as improving threat detection.Listen to hear more about: How Bill's diverse background in tel...2024-10-0229 minWE'RE IN!Jennifer Villarreal on how she upped her hacking gameJen, a former military professional turned hacker, shares her journey into cybersecurity and her experiences with the Synack Red Team in the latest episode of WE’RE IN! She transitioned from fixing security issues to actively seeking vulnerabilities, inspired by her brother and motivated by her experiences at the storied hacker conference, DEF CON. Jen emphasizes the importance of skill development and preparation for women entering the male-dominated cybersecurity field, and discusses her preferred hacking tools and techniques.In this episode of WE’RE IN!, Jennifer gives her take on AI in penetration testing, suggesting it should be u...2024-09-1930 minWE'RE IN!Sara Mosley on best practices for Zero TrustSara Mosley, technical director for the Bureau of Diplomatic Security's Cybersecurity and Technology Services, works with the U.S. State Department to help identify threats and potential compromises. In her role, she advocates for a Zero Trust approach that focuses on protecting critical data rather than trying to secure everything equally. She recommends balancing security measures with mission needs to prevent users from circumventing security protocols.In this episode of WE’RE IN!, Sara underlines the importance of collaboration between IT and security teams to adequately protect data and address relevant threats in anticipation of the September de...2024-08-2129 minWE'RE IN!Michael Daniel on untangling cybersecurity’s complexity problemCybersecurity has a complexity problem. A tangled web of technical, psychological, economic and geopolitical factors enable and motivate malicious actors. Michael Daniel, CEO and president of the Cyber Threat Alliance, is helping public and private organizations decode these complex motivations with information sharing, including the Ransomware Task Force. In this episode of WE’RE IN!, Michael elaborates on his "immune system" approach for the internet, a strategy where threats are quickly identified and neutralized. But this requires robust – and highly trusted – information sharing between groups. Listen to hear more about:The threat assessment for the 2024...2024-07-3135 minWE'RE IN!Anand Prakash on cloud security startups and next-gen hackingAnand Prakash on cloud security startups and next-gen hacking Anand Prakash, founder of startup PingSafe, shares his insights on building a successful cybersecurity business and his experience as a top bug bounty hunter. He emphasizes the importance of fast execution, accountability and learning from mistakes when growing the company acquired by SentinelOne, where he’s now a senior director of product management. In the latest episode of WE’RE IN!, Anand touches on India's prominence in global tech – particularly in security research and bug bounty programs – and he shares his personal journey into cybersecurity, which began with...2024-07-1728 min
Phillip Wylie ShowMcKenna Dallmeyer: From Veterinarian Aspirations to PentesterAbout the Guest:
McKenna Dallmeyer is a technical account manager at Horizon3.ai, specializing in offensive security and penetration testing. Starting her academic journey in biomedical science and political science, she eventually pursued cybersecurity, driven by a combination of personal interests and family influence. McKenna has experience working with the NSA as a developer intern and later full-time in a development program. She holds several certifications in penetration testing and network security and is also part of the Synack Red Team, conducting side work through her LLC.
Episode Summary:
In...2024-07-0231 min
Millennium Live | A Leadership & Discovery Podcast🎙️ Episode 275 | Cybersecurity Landscape at the Midpoint of 2024On this episode of the Millennium Live podcast, we’re navigating the Cybersecurity Landscape of 2024 so far, with our esteemed guest, and frequent keynote speaker Wade Lance, Field CISO at Synack. Drawing from his expertise, Wade discusses the impact of AI solutions on security budgets and processes, shedding light on how these technological advancements are reshaping the cybersecurity paradigm. He also addresses the evolution of leadership and board-level cyber communication, highlighting the importance of effective collaboration in navigating today's cybersecurity challenges. Wade shares Synack's perspective on upcoming trends in the security testing arena provides valuable foresight into the future of c...2024-06-2825 minWE'RE IN!Ads Dawson on developing the OWASP Top 10 for Large Language ModelsAds Dawson, release lead and founding member for the Open Web Application Security Project (OWASP) Top 10 for Large Language Model Applications project, has no shortage of opinions on securing generative artificial intelligence (GenAI) and LLMs. With rapid adoption across the tech industry, GenAI and LLMs are dominating the conversation in the infosec community. But Ads says the security approach is similar to other attack vectors like APIs. First, you need to understand the context of AI-related vulnerabilities and how an attacker might approach hacking a particular AI model. In the latest episode of WE’RE IN!, Ads tal...2024-06-2636 minWE'RE IN!Kevin Tambascio on balancing security with availability of services in healthcareIntegrating security into the product development lifecycle is a tall order for any industry. It’s particularly challenging for healthcare, with its wide range of critical needs from HVAC systems to medical devices. Kevin Tambascio, director of cybersecurity data and application protection at Cleveland Clinic, juggles the need for constant vigilance and staying updated on fast-moving threats to hospitals.In the latest episode of WE’RE IN!, Kevin discusses the importance of compliance and risk assessment, noting that while compliance with rules like HIPAA is crucial, it's equally important to pressure test controls against real-world threats. Ransomware targ...2024-06-0632 minWE'RE IN!Tennisha Martin on bridging the cyber talent gap through diversityCybersecurity organizations tend to have unrealistic hiring expectations, according to Tennisha Martin, founder and executive director of the training-focused nonprofit BlackGirlsHack. That can make it hard for would-be candidates to stand out and contribute to solving urgent cybersecurity challenges.In the latest episode of WE’RE IN!, Tennisha unpacks the important work of The BlackGirlsHack Foundation, which provides training resources and cybersecurity education to underserved communities. That includes giving Black children avenues to complete cybersecurity certifications and snag their first jobs in the industry. “Part of the reason why I started BlackGirlsHack was because I was a...2024-05-1531 minWE'RE IN!Mara Winn on protecting America’s critical infrastructure from cyberthreatsA first-of-its-kind 2016 cyberattack on Ukraine’s power grid was a wake-up call for countries around the world to shore up protection of vulnerable energy resources. Mara Winn, Deputy Director for Preparedness, Policy, and Risk Analysis at the Department of Energy's Office of Cybersecurity, Energy Security, and Emergency Response (CESER), is in charge of acting on just that. From securing electric vehicles to safeguarding electric substations, Mara and her team help to ensure the resilience of the energy sector against cyber, physical and climate-based disruptions.Mara takes a holistic approach to risk management, considering both physical and cyber th...2024-05-0135 minWE'RE IN!Amy Chang on squaring cyber policy with real-world threatsAmy Chang, a resident senior fellow for Cybersecurity and Emerging Threats at the R Street Institute, has many tough problems to consider, from election security to adversarial AI attacks to the geopolitical implications of cyberwarfare. In a world rife with hot takes, she pursues a balanced approach to answering these weighty issues—nothing is an assumed outcome. In this episode of WE’RE IN!, Amy provides insights into the potential cybersecurity policies of both the Trump and Biden administrations after the next presidential election, and how AI has the potential for more than just super-powered hacking. In a rec...2024-04-1733 minWE'RE IN!Mark Kuhr on AI pentesting and the Synack Red TeamDr. Mark Kuhr, a former National Security Agency employee, faced a host of challenges when he co-founded Synack with CEO Jay Kaplan in 2013. As CTO for the security testing company, Mark has led Synack through dramatic growth while working to shift the mindset of some cybersecurity practitioners. For instance, the Synack platform, featuring access to security researchers around the globe, initially faced skepticism—a group of essentially strangers pentesting enterprise networks? Not the most convincing argument for CISOs. But through a trust-but-verify approach, Synack’s take on security testing has risen to prominence in the industry. In this...2024-03-2736 min
The Boring AppSec PodcastS1E03 - Bug BountiesWelcome to the Boring AppSec Podcast! In Episode 3, we discuss all things bug bounties. The researcher side as well as the program owner's side. Enter at your own will as we have a lot of hot takes.
References:
We will try and add information about all the references we make here. Please enter rabbit holes at will :)
Bug Bounty Platforms
Bugcrowd - https://www.bugcrowd.com/
HackerOne - https://www.hackerone.com/
Intigrity - https://www.intigriti.com/
Synack - https://www.synack.com/
2. Vulnerability Disclosure Process - https://www.cisa.go...2024-03-181h 11WE'RE IN!Anthony Newman on cyberthreats to higher educationIn this episode of WE’RE IN!, Anthony Newman, executive director at Research and Education Networks Information Sharing and Analysis Center (REN-ISAC), highlights the need for protecting research infrastructure in higher education, dealing with credential dumps and monitoring the dark web for potential threats. He also discusses the challenges faced in higher education, such as securing a diverse range of resources, navigating risks posed by a litany of third-party vendors and recovering quickly from breaches. Anthony also digs into the impact of AI in the cybersecurity landscape, emphasizing the need for trust and the potential benefits of aut...2024-03-1340 minWE'RE IN!Dennis Fisher on the future of cybersecurity journalismDennis Fisher, editor-in-chief at Decipher, reflects on his journalism career covering cybersecurity for more than two decades in the latest episode of the WE’RE IN! cybersecurity podcast. He began in 2000, covering email before transitioning to security. Soon his focus shifted to vulnerability reporting, including blockbuster bugs in Windows and Internet Explorer. This led to Microsoft's trustworthy computing memo and significant changes in the software industry. Dennis also discusses the challenges of cybersecurity journalism and the importance of democratizing information. Listen to hear more about:The overlap between cybercrime and traditional organized crime and the i...2024-02-2831 minWE'RE IN!Jason Loomis on finding the humanity in cybersecurityJason Loomis, Chief Information Security Officer at Freshworks, emphasizes the human side of cybersecurity and the importance of effective leadership. New CISOs should make an effort to understand not just existing security controls, but also the team dynamics at any new organization they’re helping to protect. The human element all too often goes unnoticed, according to Jason. In this WE’RE IN! episode, Jason discusses the need for strong communication skills and the ability to engage every employee in cybersecurity practices. Listen to hear more about:Why basic security controls and understanding context are cr...2024-02-1432 minWE'RE IN!Sarah Armstrong-Smith on understanding the attacker mindsetSeason 3 Episode 3 Sarah Armstrong-Smith on understanding the attacker mindsetSarah Armstrong-Smith, Chief Security Advisor at Microsoft and a cyber security author, discusses her role in improving cyber postures and staying ahead of threats. She explains how Microsoft uses machine learning in their threat intelligence and what's next with the onset of generative AI. She also highlights the importance of understanding the risks and consequences of AI technology, as well as the need for CISOs to embrace new technologies while ensuring accountability. In this WE’RE IN! episode, Sarah emphasizes the significance of diversity in t...2024-01-3145 minWE'RE IN!Andreas Wuchner on Cyber Resiliency in Financial ServicesThe financial services industry is among the most sought-after targets for cyberattacks. When malicious actors steal data, it’s often just a means to a cash-rich (or bitcoin) end. Andreas Wuchner, advisor to many security startups and a formative contributor to Switzerland's National Financial Services Information Sharing and Analysis Center, has a thought or two on how to build cyber resiliency in critical banking institutions.In the latest episode of WE’RE IN!, Andreas challenges some status quo ideas in the industry, like: Is there really a cybersecurity talent gap? And he gets real about how AI can...2024-01-1734 minWE'RE IN!Ryan Kazanciyan on Securing the AI futureSecuring a startup valued in the billions of dollars is no small feat. According to Ryan Kazanciyan, CISO at Wiz, it’s all about process. His previous experience with companies like Mandiant and Meta rounded out his security background. Using his experience from large enterprises, Ryan takes a considered approach to securing a startup.The cloud security company has an existing ethos of security first, so Ryan and his team are equipped to tackle old and new security challenges alike, from run-of-the-mill phishing attacks to sophisticated AI-enabled threats.----------Listen to learn more ab...2024-01-0326 minWE'RE IN!Season 3 TrailerReady to hear from top cybersecurity newsmakers, executives and storytellers? Eager for advice on how to launch a successful cyber career? Curious about hacking threats that seem to grow more menacing by the day? Get ready for Season 3 of WE'RE IN!Hosted by Synack's Head of Communications and longtime cybersecurity journalist Blake Thompson Heuer (Sobczak), WE'RE IN! takes you inside the brightest minds in cybersecurity for unique insights and colorful stories from the front lines of our digital transformation. Don't miss the latest season of this breakout podcast, sponsored by Synack!
2023-12-1402 min
Retail & Hospitality ISAC PodcastDiscussion with Summit Title Sponsor, Synack, & Natura &Co’s CISOIn this episode of the Retail & Hospitality ISAC podcast, host Luke Vander Linden is joined by Blake Sobczak, Synack’s head of communications and README’s editor-in-chief, to discuss the latest news impacting the cybersecurity world. Keep an eye out for Synack at the upcoming RH-ISAC Cyber Intelligence Summit. Then, Luke sits down with Natura &Co’s CISO, Jonathan Lloyd White, to expand upon his background, current role, and Natura &Co’s founding principles.Thank you to Fortinet for their sponsorship of the Retail & Hospitality ISAC podcast.2023-08-0952 minRetail & Hospitality ISAC PodcastDiscussion with Summit Title Sponsor, Synack, & Natura &Co’s CISOIn this episode of the Retail & Hospitality ISAC podcast, host Luke Vander Linden is joined by Blake Sobczak, Synack’s head of communications and README’s editor-in-chief, to discuss the latest news impacting the cybersecurity world. Keep an eye out for Synack at the upcoming RH-ISAC Cyber Intelligence Summit. Then, Luke sits down with Natura &Co’s CISO, Jonathan Lloyd White, to expand upon his background, current role, and Natura &Co’s founding principles.Thank you to Fortinet for their sponsorship of the Retail & Hospitality ISAC podcast.2023-08-0952 minWE'RE IN!Lauren Zabierek on “Sharing the Mic” to Foster Cyber InnovationThe next generation of cybersecurity leaders have a vision for the future of cybersecurity. Facing advanced nation-state threats, the breakneck speed of tech innovation and a deluge of zero days, Lauren Zabierek is moving the dial on workforce diversity to tackle these challenges. Lauren, senior policy advisor for Cybersecurity and Infrastructure Security Agency and co-founder of #ShareTheMicInCyber, is also helping organizations “shift left” by integrating security principles into the innovation process. Don’t miss the latest episode of WE’RE IN! to hear Lauren’s insights into why cybersecurity job descriptions are broken and how talking to everyday peop...2023-08-0831 minWE'RE IN!Jeremiah Roe Unpacks the “Puzzle” of PentestingPentesting is in Jeremiah Roe’s DNA. He has worked for a traditional pentesting consultancy, conducted clever physical penetration tests over the years (as documented in his episode on the Darknet Diaries podcast), and he now finds himself at the cutting edge of security testing as field CISO for North America at Synack.Jeremiah is a fan of escape rooms and brings his creativity and strategic thinking to some of the cybersecurity industry’s toughest challenges. Don’t miss the latest episode of WE’RE IN! to hear Jeremiah weigh in on topics such as:...2023-07-1340 minWE'RE IN!Demystifying OT Cybersecurity with Danielle JablanskiThe operational technology (OT) computer networks that support life as we know it are increasingly coming under threat. But despite the proliferation of malware aimed at critical infrastructure, Danielle Jablanski isn’t running for the hills. As an OT cybersecurity strategist for Nozomi Networks, Danielle helps critical infrastructure organizations understand and prioritize digital risks, whether they stem from a lack of visibility into industrial environments or a sophisticated cyberattack from a foreign nation-state. Don’t miss the latest episode of WE’RE IN! to hear Danielle’s insights into industrial control systems (ICS) risk management, including the recently...2023-06-2940 minWE'RE IN!API Security Decoded with Corey Ball, Senior Manager of Penetration Testing, Moss Adams and Chief Hacking Officer, APIsec UniversityApplication programming interfaces (APIs) are taking over the internet. APIs now make up 83% of internet traffic because they help applications communicate with each other via API calls. And they’re a critical threat vector for companies. Corey Ball, author of “Hacking APIs,” saw the API takeover happening and realized there was a gap in security training and tactics. He founded APIsec University, which offers online courses to help level up the infosec community’s API security testing skills. APIs are essentially direct links to a company’s database, a valuable target for a malicious actor, and their flaws can b...2023-05-2534 minWE'RE IN!Emma Stewart on the Future of the Electric Grid, Cyber Mutual Assistance and “Crying Wolf” on Energy ThreatsPower and energy security strategist Emma Stewart is always on the lookout for what’s next in the U.S. electric grid, whether that be an influx of renewable energy or cyberattacks by malicious hackers. Her engineering background helps her understand how things work so she can break them to build them again, but stronger. Emma has announced she’s joining Idaho National Laboratory as Chief Power Grid Scientist and Research Strategist in the lab’s National and Homeland Security Directorate, putting her on the forefront of efforts to keep Americans’ electricity networks resilient in the face of cyberthreats. Emma...2023-05-1134 minWE'RE IN!Kelly Moan on Zero-Trust Strategies, Safeguarding NYC and the Need for Representation in CybersecurityAs Chief Information Security Officer for NYC, Kelly Moan is on the front lines protecting New Yorkers from the latest cyberthreats. She juggles everything from implementing zero-trust security models to helping state agencies fend off sophisticated hacking attempts. Don’t miss the latest episode of WE’RE IN! in which Kelly opens up about her professional history and shares tips for anyone interested in supporting their own communities through pursuing a career in cybersecurity. Her office has worked to foster the next generation of cyber talent through efforts like the New York City Cyber Academy program. “The...2023-04-2534 min
Decoding DigitalDecoding Cybersecurity: Jay Kaplan on How to Protect Your Business from CyberattacksFirst and foremost, Jay Kaplan is a technical security expert. He has served in many high-profile cybersecurity roles—including at the Department of Defense and the National Security Agency. Jay was also selected as Forbes 30 Under 30 in Enterprise Technology. After seeing a gap in the cybersecurity space, Jay started his own cybersecurity company in 2013, ultimately co-founding Synack. Synack is an organization that strives to unite technology and human intelligence to revolutionize the cybersecurity world. With this approach, Synack has developed a premier security testing platform that protects federal agencies, DoD classified assets, and a growing list of Gl...2023-04-2029 minWE'RE IN!Space Rogue on L0pht Heavy Industries, 90s Infosec Lessons and “Gray Hat” HackingHacker Cris Thomas – better known by his old bulletin board system handle Space Rogue – has witnessed the infosec community grow from a hodgepodge network of hacking collectives to a multibillion dollar industry. Space Rogue was a member of the L0pht Heavy Industries hacker group that made its name poking holes in premier products from burgeoning tech giants like Microsoft and Oracle. Now Global Lead of Policy and Special Initiatives at IBM, he is also author of a new memoir recounting his experiences from the “magical hacker scene” of the 1990s, Space Rogue: How the Hackers Known As L0pht...2023-04-2038 minWE'RE IN!Morgan Adamski on Cybersecurity Collaboration, Nation-State Threats and Transparency at NSAMorgan Adamski wants to talk to you about cyberthreats. As chief of the National Security Agency’s Cybersecurity Collaboration Center, she’s responsible for bringing highly sensitive threat information out from behind the walls of Fort Meade and onto the desks of defense industry leaders who can use it. In the latest episode of WE’RE IN!, Morgan shares how she helped build the CCC into a vital public-private conduit for cyber intelligence, rewriting existing NSA operating models along the way.“We knew that it was important to be able to have this type of direct en...2023-04-0633 min
Ink8r (in·cu·ba·tor) PodcastEpisode #24 - Unifying Security Technology and Human Intelligence with SynackDisrupting traditional security testing approaches is where Synack specializes. They have long recognized that to thwart attacks in modern adversarial campaigns requires a maximal combined talent of human and AI-powered intelligence. Through the gamification and use of crowdsourced expertise across verifiable exercises, Synack leverages its Synack Red Team (SRT), a global network of ethical hackers, to identify and address vulnerabilities across an ever-evolving attack surface. This crowdsourced team of highly skilled and heavily vetted ethical hackers represents one of Synack's key differentiators. Traditional security assessments and audits provide point-in-time insights into an enterprise's security posture whi...2023-03-0829 minWE'RE IN!Nicole Perlroth on Spyware, “Mutually Assured Digital Destruction” and Educating BoardroomsIn Nicole Perlroth’s blockbuster 2021 book, “This Is How They Tell Me the World Ends,” the former New York Times journalist conveys cybersecurity experts’ mounting anxiety about increasingly dangerous digital threats. From spyware to ransomware, the black market for cyber tools that skirt the law is lucrative and often poorly understood. Nicole points to catastrophic cyberattacks like NotPetya, a 2017 ransomware look-alike that attempted to obliterate Ukraine’s critical infrastructure before causing billions of dollars in damages worldwide. But even with geopolitical tensions now at a fever pitch, Nicole, now a cybersecurity advisor and investor, explains why “mutually assured digit...2023-02-2340 minWE'RE IN!Hudney Piquant on Pentesting, Staying Ahead of Adversaries and a Cyber “Sixth Sense”Hudney Piquant kicked off his cybersecurity career working for a startup out of a garage in Michigan. He has since uncovered critical vulnerabilities as a Synack Red Team member, joined Synack full time as a solutions architect and been honored with a Most Inspiring Up And Comer award by CyberScoop last fall. Tune into the latest episode of WE’RE IN! to hear Hudney share his insights into getting started with the Synack Red Team, the importance of mentorship in the cybersecurity community and his “sixth sense” that helps him to find creative workarounds for tough security challen...2023-02-0241 minWE'RE IN!Selena Larson on Cyber Intelligence, "Evil" Threat Actors and TOAD AttacksIn the latest episode of WE’RE IN!, Selena Larson shares insights into malicious hackers and scammers she’s tracking as senior threat intelligence analyst for Proofpoint. Business email compromise, ransomware, sextortion, multi-factor authentication bypass techniques – dealing with the onslaught of modern cyberthreats “is very much like playing whack-a-mole,” she said. By unpacking attackers’ motivations and psychological profiles, defenders can train themselves and their teams to avoid falling into common traps. -------More reasons you should listen: * Hear Selena discuss what makes threat intelligence actionable, versus extra noise for a SOC* Find out about...2023-01-1941 minWE'RE IN!Craig Newmark on Cyber Philanthropy, Internet Pioneers and a “Cyber Civil Defense”Philanthropist Craig Newmark is most famous for founding the classifieds site Craigslist nearly 30 years ago. But he’s recently earned praise in the cybersecurity community for pledging $50 million in early 2022 to support a cyber civil defense initiative through his namesake philanthropy. On the latest episode of WE’RE IN!, hear Craig describe what he means by cyber civil defense and listen to his candid thoughts on everything from quantum computing to the dangers of state-sponsored disinformation campaigns. He also shares insights into the philanthropic strategy driving many of his contributions to the field of cybersecurity and continuing educa...2023-01-0534 minWE'RE IN!Andy Greenberg on “Tracers in the Dark,” Bitcoin What-ifs and IRS HeroesJournalist Andy Greenberg is no stranger to the murky world of cryptocurrency. The senior writer for WIRED and longtime cybersecurity journalist was one of the last reporters to interact with pseudonymous Bitcoin founder Satoshi Nakamoto before they evidently ceased communications. In his new book, “Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency,” Andy follows the gripping story of IRS special agent Tigran Gambaryan as he follows the money to zero in on some of the most mysterious and monstrous criminals in the cyber underground. -------Don’t miss the inau...2022-12-1537 minWE'RE IN!Season 2 TrailerReady to hear from top cybersecurity newsmakers, executives and storytellers? Eager for advice on how to launch a successful cyber career? Curious about hacking threats that seem to grow more menacing by the day? Get ready for Season 2 of WE'RE IN! Co-hosted by Synack security operations engineer Bella DeShantz-Cook and longtime cybersecurity journalist Blake Sobczak, WE'RE IN! takes you inside the brightest minds in cybersecurity for unique insights and colorful stories from the front lines of our digital transformation. Don't miss the latest season of this breakout podcast, sponsored by Synack!
2022-12-0802 minWE'RE IN!Tanya Janca on Cyber Mentorship, “Shifting Left” and Punk RockApplication security maven Tanya Janca – AKA SheHacksPurple – is an accomplished author, pentester and onetime music festival organizer. But she’s perhaps best known as the founder of We Hack Purple, a community of security professionals dedicated to sharing useful cyber information including coding trainings and coursework. (Dynamic application security testing Bright Security acquired We Hack Purple earlier this year, bringing its own approach to the “shift left” dilemma of moving cybersecurity earlier in the software development cycle.)Tanya has spent much of her career in cybersecurity and IT empowering others to strengthen their own skills. With We Hack Purpl...2022-11-2338 minWE'RE IN!Melanie Teplinsky on the Value of Cybersecurity Policy, a Zero Trust Model for Small Businesses and her Start at the NSAMelanie Teplinsky fell in love with cryptography at an early age, which led her to landing her first job at the National Security Agency at 16. From there, she found her niche in cybersecurity at the intersection of technology and the law. As a senior fellow at American University in the Law Tech, Law, and Security Program, Melanie helps craft cybersecurity policies that scale and attempt to solve big, societal problems. First, she has to understand how cybersecurity technology and models, such as zero trust, are implemented at companies and organizations of all sizes. Then, she applies those p...2022-11-1743 minWE'RE IN!Zinet Kemal on Starting Over, Infosec for Kids and the Importance of MentorshipZinet Kemal is an infosec powerhouse. After emigrating from Ethiopia to Minnesota with her husband, she started her life over. She left behind her community and career as a lawyer and dived into the world of information security. She has since become a children’s book author and works as a cloud security engineer for Best Buy, while raising her four kids and completing her master’s degree in cybersecurity from Georgia Tech University. In the latest episode of WE’RE IN!, Zinet shares how she published two children’s books during the pandemic, “Proud in Her...2022-11-0341 minWE'RE IN!Sean Zadig on the “Paranoids,” Ethical Hacking and Crafting a Security CultureSean Zadig has plenty to be paranoid about. The internet is a frightening place, and Yahoo’s Paranoids–the name for the company’s infosec team–have their work cut out for them protecting Yahoo’s more than one billion global users.As vice president, chief information security officer and “Chief Paranoid” for Yahoo, Sean is charged with keeping sensitive company data safe from an onslaught of cyberthreats, working collaboratively across all Yahoo’s media and technology brands.In the latest WE’RE IN! episode, Sean speaks to the need for balance in security messaging and shares how he...2022-09-3040 minWE'RE IN!Jack Rhysider on Podcasting, Plot Twists and Infosec BurnoutFour years ago, Jack Rhysider quit his job as a security engineer to move full time into the storytelling business. His podcast, Darknet Diaries, now boasts tens of millions of total downloads and has explored cybersecurity topics from Stuxnet to the collapse of cryptocurrency exchange Mt. Gox.Building Darknet Diaries into a successful show was no cakewalk. In the latest episode of WE’RE IN!, Jack shares his experience putting on a great podcast, from ideation and guest selection all the way to monetization and fielding calls from Hollywood producers.“Don’t think about how big of...2022-08-1951 minWE'RE IN!Tracy Maleeff on Diversifying the Cyber Workforce, OSINT Skills and “Librarian Face”Tracy Maleeff led a successful career transition into the tech and cybersecurity world nearly seven years ago. Now a security researcher with the Krebs Stamos Group, the former librarian still uses her hard-won open source intelligence skills to sort through a deluge of cybersecurity information for clients and for subscribers of her free InfoSecSherpa news roundups.In the latest WE’RE IN! episode, she speaks to the importance of having diverse perspectives at the table when it comes to cybersecurity and warns of a disconnect between tech hiring managers and HR departments.“Companies keep hunting for...2022-07-2945 minWE'RE IN!Beau Woods on Medical Device Security, Hacker Culture and Cyber PsychologyBeau Woods knows firsthand how every moment counts when it comes to medical cybersecurity. He launched his career in a hospital, where it wasn’t always possible for doctors to punch in complex passwords or spare a second thought for cybersecurity. Beau went on to found I Am the Cavalry, a group of cyber ambassadors dedicated to improving the security of devices ranging from pacemakers to connected door locks.In his current role as senior advisor for the Cybersecurity and Infrastructure Security Agency, Beau helps fill gaps in U.S. cyber defenses by boosting organizations that may no...2022-07-2140 minWE'RE IN!Robert M. Lee on Hacking Industrial Systems, Pay Transparency and OystersDragos CEO and founder Robert M. Lee has been talking about cybersecurity risks to critical infrastructure long before threats to utility operators and water plants were making headlines. In this episode of WE'RE IN!, he discusses the ongoing dangers to the grid from nation-state hackers and ransomware gangs, but also the progress the U.S. is making to better secure its most vulnerable assets. And there's also a great conversation about pay transparency that anyone working in infosec will want to hear. A few more reasons to listen:*It's a candid and sobering inter...2022-06-031h 02
Darknet DiariesHot SwapsThis is the story of Joseph Harris (https://twitter.com/akad0c). When he was a young teen he got involved with stealing video game accounts and selling them for money. This set him on a course where he flew higher and higher until he got burned.Joseph sometimes demonstrates vulnerabilities he finds on his YouTube channel https://www.youtube.com/channel/UCdcuF5Zx6BiYmwnS-CiRAng.Listen to episode 112 “Dirty Coms” to hear more about what goes on in the communities Joseph was involed with.Spon...2022-05-311h 26WE'RE IN!Jim Manico on Secure Coding, OWASP and Being a Decent HumanJim Manico is full of opinions. The founder of Manicode Security has advice on how to use the OWASP Top 10, on secure coding and especially on the OWASP Application Security Verification Standard (ASVS). He has advice for people starting out in security and all around thoughts on what it means to be a decent person. Jim is definitely one of those! He's also an educator, author, investor and entrepreneur. There are so many reasons to listen to this episode. Here are just a few: * Hear from one of the leading educators focused on helping developers code securely. 2022-05-0449 minWE'RE IN!Alex Holden on Russia's Cyber Arsenal, Conti Leaks and Infiltrating Ransomware GangsAlex Holden has a knack for tracking Russian cyber criminals. The Ukrainian-born cybersecurity expert understands what it takes to infiltrate ransomware outfits, learn their secrets and help organizations protect themselves against their tactics. Beyond that, his firm is responsible for detecting some of the biggest breaches in recent history. In this episode, Alex talks about his approach to tracking the world's most notorious criminal hackers, the current cyber threat in Eastern Europe and his own journey from Kyiv to the American midwest. Why should listen:* Get the inside story of how the Conti ransomware gang a...2022-04-2146 minWE'RE IN!Hacking for Ukraine, Supply Chain Risk and Cyber MoonshotsThere's a flood of cybersecurity news as a result of the Ukraine War as well as Washington's recent efforts to compel organizations to report cyberattacks to federal officials. In this episode, Trey Herr and Emma Schroeder of the Atlantic Council’s Cyber Statecraft Initiative break it all down. They explore the consequences of an escalating digital battlefield in Europe, whether a hack could bring NATO into the war and strategies for creating more consensus within the tangled and complicated realm of cyber policy. Why you should listen:* Understand what's at stake as cyber warr...2022-04-0148 minWE'RE IN!Gabriella Coleman on Anonymous, Hacker History and the Evolution of InfosecGabriella Coleman, a Harvard University anthropology professor, describes how she immersed herself in hacker culture and eventually became embedded in the shadowy and mercurial world of Anonymous, the hacktivist collective she chronicled in her 2015 book, "Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous." This is such a fascinating episode that explores the often misunderstood history of hacking and how many in this community went from outside agitators to mainstream security researchers.-------Why you should listen:* Get a better understanding of the history of Anonymous and the role it played in shaping on...2022-03-0851 min
VMware Cloud Economics PodcastVMware Cloud Economics Podcast: Google Cloud VMware Engine, Synack and Crowd Sourced Security, Ep. 010In today’s show we talk to Synack, a trusted Crowdsourced Security Platform, and how they use Google Cloud VMware Engine. Our guests today are Friend of the Show, Ken Drachnik from Google, to tell us about Google Cloud VMware Engine, as well as Mark Kuhr, the CTO and Co-Founder of Synack. We discuss how Synack has used the Google Cloud service to build a distributed, crowd-sources security platform for penetration testing and digital vulnerability analysis. Mark shares how and why they decided to go with Google Cloud VMware Engine, how their deployment went, and roughly how large it was. Fo...2022-02-1713 minWE'RE IN!Micah Hoffman Breaks Down OSINT, the Dark Web and Beer AppsIn this episode, Micah Hoffman talks about his career in Open Source Intelligence (OSINT) and the value it has for investigations, cybersecurity and understanding how information is weaponized. He also gets into strategies for safeguarding personal privacy in the face of increasing digital surveillance. This episode will have you thinking twice about what you post on social media!Why you should listen:* Hear from one of the leading Open Source Intelligence researchers working today.* Learn about the value of OSINT for offensive and defensive cybersecurity.* Get a better understanding of all the privacy ri...2022-02-0856 minWE'RE IN!Nicolas Chaillan takes on the Pentagon, China and TikTokNicolas Chaillan, former Air Force Chief Software Officer, resigned from the DoD over frustrations with what he called a lack of innovation, collaboration and agility. He gets into those issues and talks about how the U.S. can invest more in technology to compete with China in artificial intelligence and cybersecurity. ---------Why you should listen:* Nicolas offers a candid and controversial view of the military's approach to the growing technological threat from China.* He outlines his view for a Pentagon that is more agile, collaborative and competitive. * Hear from a...2022-01-1942 minWE'RE IN!Phillip Wylie on Bear Wrestling, Pentesting and Understanding the AdversaryIn this episode, Phillip Wylie talks about his journey from pro wrestling to pentesting and what motivated him to start teaching, mentoring and giving back to the infosec community. It's an inspirational story for veterans in the field and newbies alike. Phillip not only talks about his work helping others get started in ethical hacking, but the value of truly understanding the mind of the adversary. -------Why you should listen:* Phllip's story is both educational and inspirational -- worthwhile for anyone interested or involved in cybersecurity. * Learn something from one of...2021-12-2340 minWE'RE IN!Kim Zetter on Election Security, Stuxnet and SubstackKim Zetter is a former staff writer at WIRED and author of the seminal cybersecurity book “Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon.” Her work has appeared in The New York Times, POLITICO, The Washington Post and regularly in her Substack newsletter, “Zero Day.” In this episode, Kim talks about her approach to reporting, what sparked her Stuxnet investigation and how the discovery of that malware fundamentally altered our global cybersecurity conversation.Why you should listen:* Hear from one of the most influential and knowledgeable journalists writing about cybe...2021-12-1035 minWE'RE IN!Defense Digital Service Acting Director Katie Olson on drones, DEF CON and Hacking the PentagonDefense Digital Service Acting Director Katie Olson heads up a team of about 80 technologists working on some of the toughest challenges facing the U.S. Department of Defense. Since Katie started leading the team, often called the Pentagon’s “SWAT team of nerds," it has increasingly focused on the threat from drones, cybersecurity risks in space and the consequences of climate change. In this episode, Katie talks about this cutting-edge work, how DDS helped the Pentagon reduce the impact of COVID-19 and what big issues her team will tackle next. -------Why you should listen:...2021-11-1936 minWE'RE IN!CryptoHarlem Founder Matt Mitchell on Hacking for HumanityEarlier this year, the Electronic Frontier Foundation named Matt Mitchell, founder of CryptoHarlem, one of its 2021 Pioneer Award winners for his groundbreaking work to protect Black communities from surveillance. In this episode, Matt talks about what led him to apply his hacking skills to social justice causes and how that led to his role today as a Technology Fellow for the BUILD program at the Ford Foundation. Matt also discusses what Twitch can do to safeguard creators and the steps anyone can take to better protect themselves online. --------Why you should listen:* H...2021-11-1250 minWE'RE IN!Lifelong Hacker Alyssa Miller Breaks Down Cybersecurity BarriersAlyssa Miller, Business Information Security Officer at S&P Global Ratings and author of the forthcoming book, “Cyber Defenders' Career Guide, is one of the most provocative, unfiltered and interesting voices in the cybersecurity community. She’s essential reading on infosec Twitter and a regular draw at conferences around the world. In this episode, she dives into all sorts of issues in the cybersecurity community, from incoherent job postings to a lack of diversity—she covers it all. Tune in to find out how you can best address these problems and also learn how to reach out of your comfor...2021-10-1539 minWE'RE IN!Google Cloud Evangelist Stephanie Wong on “Blameless” Security CultureIn this episode, Stephanie Wong, head of Google Cloud Developer Engagement, explores Google’s security culture, why it conducts “blameless” postmortems after security testing and how it’s working to dispel lingering misconceptions about the cloud. She also talks about her journey in Silicon Valley and how her experiences winning pageants such as Miss Asian North America 2020 helped her become one of today’s most visible technology content gurus. Why you should listen:* Learn how to build an effective cybersecurity culture within your organization.* Get the inside scoop on the security precautions...2021-09-2943 minWE'RE IN!Cory Doctorow and the Infosec ApocalypseCory Doctorow, activist, journalist, and author who wrote the influential Little Brother cyberpunk series, gets into some big issues like surveillance capitalism and his work with the Electronic Frontier Foundation. He doesn’t hold anything back.--------Why you should listen:* Hear from one of the smartest and most engaged technologists today on how technology can be used both for malicious purposes or for good.* Consider how bias can be built into code and have real-world implications. * Listen to Cory’s view on tech monopolies and his proposals for rever...2021-09-2237 minWE'RE IN!Nationalize Cloudflare? Berkeley Researcher Nick Merrill on Making it a Public UtilityIn this episode, Nick Merrill, a research fellow at the UC Berkeley Center for Long-Term Cybersecurity, makes a cybersecurity case for nationalizing major CDNs such as Cloudflare, issues some pretty stark warnings about the dangers of machine learning, and digs into why stereotypical images of hackers in hoodies doesn’t help anyone. His viewpoints are sobering if not controversial and worth listening to for anyone who cares about the future of the global internet. ---------Why you should listen:* Get a fresh perspective on some of the biggest risks to the global web: unc...2021-09-1030 minWE'RE IN!Hacking the Novel: A Journey From Tech Support to Published Author with Ryan Rutan, Senior Director of Community at SynackRyan Rutan has worked in tech support, as a computer repairman, application developer, software engineer, entrepreneur, and head of community…and most recently, fiction writer. Listen to this episode to hear what inspired Fork This Life, a novel that follows the life of a teenager growing up with the early internet of the 90s who eventually gets into hacking, and how it relates to today’s cybersecurity challenges.--------Why You Should Listen:Hear about Ryan’s approach to hacking the fiction writing process.* Get the inside story of how working in tec...2021-08-2524 min
ShadowTalk: Powered by ReliaQuestWeekly: Prometheus, Ransomware Updates, and Microsoft Morse CodeShadowTalk hosts Adam, Chris, and Kim bring you the latest in threat intelligence. This week they cover:- Malicious use of TDS and the newly reported Prometheus TDS- Ransomware updates: Synack release decryption key and Vice Society targets PrintNightmare- The Microsoft phishing campaign that utilized morse code as an encryption mechanism Get this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-august-20***Resources from this week’s podcast***The Phight Against Phishing: https://www.digitalshadows.com/blog-and-research/the-phight-against-phishing/Leveraging Digital Shadows Premium Services: https://www.digitalshadows.com/blog-and-research/leveraging-digital-shadows-premium-services/ Prometheus TDS: https://blog.group-ib.com/prometheus-tdsSync Ransomware Releases Decr...2021-08-2034 min
David Bombal#309: David Bombal: Hacking LinkedIn| Extreme OwnershipYou are responsible for your LinkedIn profile. What are you contributing? Share your unique contribution. Take responsibility and change your life.
Menu:
Take ownership: 0:00
Everyone has a contribution to make: 0:34
Best time to get into cyber: 1:05
Tips for experience on LinkedIn: 2:03
Bryon Adams example: 2:36
What have you contributed to the company? 2:57
Neal's Truth Bomb! 4:28
Write in your voice: 5:38
Chase Golden example: 6:11
What is a Ground Support Techican: 6:41
Neal's example: 7:12
Content...2021-08-1621 min
David Bombal#309: Hacking LinkedIn| Extreme OwnershipYou are responsible for your LinkedIn profile. What are you contributing? Share your unique contribution. Take responsibility and change your life.
Menu:
Take ownership: 0:00
Everyone has a contribution to make: 0:34
Best time to get into cyber: 1:05
Tips for experience on LinkedIn: 2:03
Bryon Adams example: 2:36
What have you contributed to the company? 2:57
Neal's Truth Bomb! 4:28
Write in your voice: 5:38
Chase Golden example: 6:11
What is a Ground Support Techican: 6:41
Neal's example: 7:12
Content Production: 8:20
Blog posts / articles: 8:45
What did you do that will help my business? 9:47
Picking on Chase: 10:38
Leadership examples: 11:32
Extreme Ownership example: 12:30
Chase got leadership experience? 13:43
My business is under attack! 15:22
...2021-08-1621 minWE'RE IN!Why Identity Matters in National Security with Lauren Buitta, CEO, Girl SecurityIn this episode, Girl Security CEO Lauren Bean Buitta discusses the importance of supporting, encouraging, and training girls for careers in cybersecurity. She gets into why it's so critical to create — and protect — pathways for young women in order to build a more diverse industry, and why that really matters when it comes to making tough national security decisions that affect the entire population. She also describes her journey into security, and what led her to start Girl Security in the first place. ----------Why You Should Listen:* To better understand the value of ge...2021-08-1338 min
David Bombal#308: David Bombal: Hacking LinkedIn To Get A JOBLinkedIn is so important. Use it wisely so you can get ahead in your career.
Menu:
Hack LinkedIn: 0:00
Bryon Adams: 2:49
David disagrees with Neal: 4:00
Neal replies to David: 5:58
Three second rule and tagline: 7:22
Chase Golden: 9:39
Advice for military veterans: 12:30
Is Chase's picture good? 14:10
How to get experience: 15:10
Neal's answer about getting real world experience: 16:00
Don't use the word aspiring: 17:30
Bryon Adams About Page: 18:45
Neal's bio / about page: 19:45
2021-08-1127 min
David Bombal#308: Hacking LinkedIn To Get A JOBLinkedIn is so important. Use it wisely so you can get ahead in your career.
Menu:
Hack LinkedIn: 0:00
Bryon Adams: 2:49
David disagrees with Neal: 4:00
Neal replies to David: 5:58
Three second rule and tagline: 7:22
Chase Golden: 9:39
Advice for military veterans: 12:30
Is Chase's picture good? 14:10
How to get experience: 15:10
Neal's answer about getting real world experience: 16:00
Don't use the word aspiring: 17:30
Bryon Adams About Page: 18:45
Neal's bio / about page: 19:45
Chase Golden About Page: 21:17
Don't do this: 22:35
Don't downplay your skills: 22:58
Imposter Syndrome: 23:57
This is the right place to boast: 24:17
Two opposite people: 24:51
You need to convince someone: 25:39
Crazy stat: 25:52
================
Connect with me:
================
...2021-08-1127 minWE'RE IN!From Digital Delinquent to Government Hacker with Author, Entrepreneur, and Cybersecurity Influencer Alissa KnightIn this episode, author, hacker, entrepreneur, and content creator Alissa Knight reveals her journey from “bullied computer nerd” to federal cybersecurity contractor to famed car hacker. She gets real about the risk of APIs, offers up some must-hear advice for anyone getting into cybersecurity, and delivers candid views about the infosec industry as a whole. -------Why you should listen:* Get inside the head of one of the most provocative and interesting cybersecurity influencers today.* Hear about her work with federal agencies to help secure the future of transportation.* Learn...2021-07-3048 minWE'RE IN!There is No ‘Take Down the Whole US Grid’ with Sarah Freeman and Andy BochmanWhy you should listen:Hackers are targeting critical infrastructure and there’s an urgent need for smarter cybersecurity defenses to protect Operational Technology. The best practices to defend against attacks on utilities.Why there is no such thing as “taking down the whole US grid.”Five Key Quotes: “How can you secure what you don’t even know you have? If you don’t even know what you have down to some level of detail...you’re not going to be in a good position to defend it.” - Andy Bochman “The most senior person with the word cyber in their...2021-07-1442 minWE'RE IN!TrailerNews about cyberattacks and data breaches is relentless and overwhelming. We're drowning in stories about ransomware and the latest digital threats. But we don't hear enough about the people fighting on the frontlines of information security, the researchers making us more secure and the pioneers doing the hard work to fix today’s cybersecurity crisis. We launched WE’RE IN! to tell those stories. You'll hear directly from hackers, security pioneers and technologists working in the trenches of cybersecurity. They’ll share their strategies, tactics and solutions for today's tough problems. We'll also go inside the cybersecurity communit...2021-07-1201 min
Go Mode: A Link to the Past Randomizer PodcastCommunity Tech w/ Synack + Advent CalenDoor, v31.0.7 & OWG MT Groupstimp. Daaanty. Hurfydurfy. ...Synack?! That's right! ALTTPR "Superadmin" Synack joins the GMP Crew for the entire episode this time! In Episode 62, these four discuss the new Advent CalenDoor Festive, the League, the new v31.0.7 hotfix, and the standard GMP Community Update fare consisting of the Overworld Glitches Mentor Tournament and some Bi-weekly Seed talk. And despite being down a Hurf at the end, they finish strong with lots of sub-submitted questions for Synack. FEATURE: The boys offer up the stage to Synack to discuss Community Tech, including SahahrahBot, Mystery Seed generation, and other ways that technical integrations make ALTTPR so...2020-12-092h 07
You Should Know This1: The Future of Crowdsourced Security with SynackEver wondered just how vulnerable you are to a cyber-attack? This week on You Should Know This, I sit down with Jay Kaplan, the co-founder and CEO of Synack, a cybersecurity company. Bringing a unique twist to an established industry is a big ask, but that is exactly what Synack is doing with their crowdsourced solutions to ongoing digital security attacks. We discuss what it’s like working for the NSA, what it means to be an ‘ethical hacker,’ how the cybersecurity industry has been impacted by COVID-19 and more. For more details on the episode as well as resour...2020-09-1527 min
Inside Outside InnovationEp. 199 - Jeremy Blalock, Adalo's CEO on Innovating with No-Code Mobile App ToolsOn this week's episode, we sit down with Jeremy Blaylock, CEO and co-founder of Adalo. Adalo is the no-code tool that allows you to build functioning mobile apps. On our discussion, we talk about the whole no-code movement, what it takes to build a startup in St. Louis, and some of the trends that he's seeing in the world of mobile software development.Inside Outside Innovation is the podcast that brings you the best and the brightest in the world of startups and innovation. I'm your host, Brian Ardinger, founder of InsideOutside.IO, a provider of research...2020-05-1214 min
CISO TalkEp. 72 - Bert Brantley, COO at Georgia Dept of Economic DevelopmentBert Brantley, Chief Operating Officer, Ga Dept of Economic Development joined host, James Azar on the podcast during #RSA2020 to discuss the exciting happenings in Georgia's business community from a cyber perspective and why Georgia invests in RSA #CISOtalkThank you to today’s sponsors: Unbound: https://bit.ly/get-unbound-newSynack: https://bit.ly/get-synackSynopsys: https://bit.ly/synopsys-fixed Subscribe at jamesazar.substack.com2020-03-2835 min
CISO TalkEp. 71 - Michael Makstman, CISO at City and County of San FranciscoMichael Makstman, CISO for City and County of San Francisco joined host, James Azar on the podcast during #RSA2020 to discuss the city's SMB cyber community, covid-19 preparation and so much more. #CISOtalkThank you to today’s sponsors: Unbound: https://bit.ly/get-unbound-newSynack: https://bit.ly/get-synackSynopsys: https://bit.ly/synopsys-fixed Subscribe at jamesazar.substack.com2020-03-2150 min
CISO TalkEp. 70 - Mark Walmsley, CISO at Freshfields Bruckhaus DeringerMark Walmsley, CISO at Freshfields Bruckhaus Deringer joined host, James Azar on the podcast during #RSA2020 to discuss the latest debate of Crowdsourced vs. Traditional Pen Testing, his career path and why he flew to RSA. #CISOtalkThank you to today’s sponsors: Unbound: https://bit.ly/get-unbound-newSynack: https://bit.ly/get-synackSynopsys: https://bit.ly/synopsys-fixed Subscribe at jamesazar.substack.com2020-03-1428 min
CISO TalkEp. 69 - Justin Berman, Head of Security at DropboxJustin Berman, Head Of Security at Dropbox invited us to the "2pac room" at Dropbox's HQ during our visit to RSA to discuss a new approach to Cyber awareness, how he approaches his first 100 days as a CISO and a lot moreThank you to today’s sponsors: Unbound: https://bit.ly/get-unbound-newSynack: https://bit.ly/get-synackSynopsys: https://bit.ly/synopsys-fixed Subscribe at jamesazar.substack.com2020-03-0740 min
Ampliz PodcastAmpliz Buddy Podcast with Synack technologies: Guest -Mitchell Grimes /Host-Ashwath Athreya(Ampliz)Guest -Mitchell Grimes
Host-Ashwath Athreya (Ampliz)
Synack is a security company revolutionizing how enterprises view cybersecurity: through a hacker’s eyes. Synack’s privately managed hacker-powered security solution arms clients with hundreds of the world's most skilled, highly vetted ethical hackers who provide a truly adversarial perspective to clients’ IT environments.
Ampliz SalesBuddy is a B2B Sales Intelligence platform to meet your Lead generation needs. We help you understand and identify your prospects with enriched data-driven insights in seconds.
Ampliz Buddy is a podcast focused on Sales, Digital Market...2019-11-2141 min
Enterprise Security Weekly (Video)Imperva, Cofense, & VMware - ESW #151In the news, we discuss 5 tips on how testers can collaborate with software developers, Imperva discloses a data breach affecting some firewall users, VMware unveils security enhancements in Virtual Cloud Network Offering, and how Veristor and Synack partner to apply Ethical Hackers and AI Technology! Full Show Notes: https://wiki.securityweekly.com/ES_Episode151 Visit https://www.securityweekly.com/esw for all the latest episodes!2019-08-2935 min
CISO Series PodcastWe're the Ellen of Cybersecurity PodcastsCISO/Security Vendor Relationship Podcast and Series is available at CISOSeries.com. We're comparing ourselves to media you already know in hopes you'll better understand our product and listen to our show. It's our first self-produced live recording of the CISO/Security Vendor Relationship Podcast from San Francisco and it came out awesome. This show, like all the previous ones is hosted by me, David Spark (@dspark), founder of Spark Media Solutions and Mike Johnson, CISO of Lyft. Our guest for this live show is Andy Steingruebl (@asteingruebl), CSO of Pinterest. Check out all the...2019-01-2845 minCISO Series PodcastGet Out! The Data Leak Is Coming from the InsideCISO/Security Vendor Relationship Podcast and Series is available at CISOSeries.com. Be afraid. Be very afraid of the latest episode of the CISO/Security Vendor Relationship Podcast where it's possible that 90 percent of your security breaches are coming from within your own company. This show, like all the previous ones is hosted by me, David Spark (@dspark), founder of Spark Media Solutions and Mike Johnson, CISO of Lyft. Our guest this week is Leon Ravenna, CISO, KAR Auction Services. Synack provides crowdsourced security testing that provides more than older style penetra...2019-01-1527 min
Founder Real TalkHow to Thwart Terrorist Attacks and Help Save Countless Lives, with Jay Kaplan, CEO and Co-Founder of SynackJay started his career at the NSA and brought his love of uncovering cyber vulnerabilities to the private sector through Synack. In this interview, Jay gives his perspective on how to find product-market fit in cyber security, how early customers shape the product, and how to balance the sales and leadership responsibilities of being a CEO.Jay Kaplan is the CEO and Co-Founder of Synack, the hacker-powered security platform for the enterprise. Prior to founding Synack, Jay served in a number of cyber-related positions at the Department of Defense and NSA, as a member of the DoD’s...2018-10-0233 min
Founder Real TalkHow to Thwart Terrorist Attacks and Help Save Countless Lives, with Jay Kaplan, CEO and Co-Founder of SynackJay started his career at the NSA and brought his love of uncovering cyber vulnerabilities to the private sector through Synack. In this interview, Jay gives his perspective on how to find product-market fit in cyber security, how early customers shape the product, and how to balance the sales and leadership responsibilities of being a CEO.
Jay Kaplan is the CEO and Co-Founder of Synack, the hacker-powered security platform for the enterprise. Prior to founding Synack, Jay served in a number of cyber-related positions at the Department of Defense and NSA, as a member of the DoD’s...2018-10-0233 min
PCMag - Fast Forward with Dan CostaJay KaplanIn this episode, Dan talks to Jay Kaplan, founder & CEO of Synack, about cybersecurity, the hacker mentality, and exactly how vulnerable our connected world is today. Dan Costa - Host Weston Almond - Producer/Director Kirsten Cluthe - Producer Pete Haas - Social Media Manager Paul Maljak - Stills Photographer Jamie Lendino - Original Music In PCMag's Fast Forward video series, editor-in-chief Dan Costa talks to industry leaders about ground-breaking technology that will shape our future. Check out...2017-09-2627 min
Entrepreneurial Thought Leaders Video SeriesJay Kaplan (Synack) - Crowdsourcing CybersecurityEntrepreneur Jay Kaplan, co-founder and CEO of Synack, describes how the idea of creating a cybersecurity service for enterprise businesses by crowdsourcing hackers went from sounding like a long shot to launching as a venture capital-backed startup. Kaplan, previously a senior analyst at the National Security Administration, talks about the virtues of government work and the nuances of “white hat” hacking.2016-12-0741 min
Entrepreneurial Thought Leaders (ETL)Jay Kaplan (Synack) - Crowdsourcing CybersecurityEntrepreneur Jay Kaplan, co-founder and CEO of Synack, describes how the idea of creating a cybersecurity service for enterprise businesses by crowdsourcing hackers went from sounding like a long shot to launching as a venture capital-backed startup. Kaplan, previously a senior analyst at the National Security Administration, talks about the virtues of government work and the nuances of “white hat” hacking.2016-12-0742 min![DEF CON 24 [Video and Slides] Speeches from the Hacker Convention](http://www.defcon.org/images/defcon-24/dc-24-itunes-logo-video.png){kind=logo}
DEF CON 24 [Video and Slides] Speeches from the Hacker ConventionPatrick Wardle - I've got 99 Problems, but Little Snitch ain't oneMaterials:
https://media.defcon.org/DEF CON 24/DEF CON 24 presentations/DEFCON-24-Patrick-Wardle-99-Problems-Little-Snitch-UPDATED.pdf
I've got 99 Problems, but Little Snitch ain't one
Patrick Wardle Director of Research, Synack
Security products should make our computers more secure, not less. Little Snitch is the de facto personal firewall for OS X that aims to secure a Mac by blocking unauthorized network traffic. Unfortunately bypassing this firewall's network monitoring mechanisms is trivial...and worse yet, the firewall's kernel core was found to contain an exploitable ring-0 heap-overflow. #fail Though briefly touching on generic firewall bypass techniques...2016-10-0100 min![DEF CON 24 [Audio] Speeches from the Hacker Convention](http://www.defcon.org/images/defcon-24/dc-24-itunes-logo-Audio.png){kind=logo}
DEF CON 24 [Audio] Speeches from the Hacker ConventionPatrick Wardle - I've got 99 Problems, but Little Snitch ain't oneMaterials:
https://media.defcon.org/DEF CON 24/DEF CON 24 presentations/DEFCON-24-Patrick-Wardle-99-Problems-Little-Snitch-UPDATED.pdf
I've got 99 Problems, but Little Snitch ain't one
Patrick Wardle Director of Research, Synack
Security products should make our computers more secure, not less. Little Snitch is the de facto personal firewall for OS X that aims to secure a Mac by blocking unauthorized network traffic. Unfortunately bypassing this firewall's network monitoring mechanisms is trivial...and worse yet, the firewall's kernel core was found to contain an exploitable ring-0 heap-overflow. #fail Though briefly touching on generic firewall bypass techniques...2016-10-0100 min![DEF CON 23 [Audio] Speeches from the Hacker Convention](http://www.defcon.org/images/defcon-23/dc-23-itunes-logo-Audio.jpg){kind=logo}
DEF CON 23 [Audio] Speeches from the Hacker ConventionPatrick Wardle - Stick That In Your root Pipe and Smoke ItMaterials Available here:https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Patrick-Wardle-Stick-that-in-your-(Root)Pipe-and-Smoke-it-UPDATED.pdf
Stick That In Your (root)Pipe & Smoke It
Patrick Wardle Director of R&D, Synack
You may ask; "why would Apple add an XPC service that can create setuid files anywhere on the system - and then blindly allow any local user to leverage this service?" Honestly, I have no idea!
The undocumented 'writeconfig' XPC service was recently uncovered by Emil Kvarnhammar, who determined its lax controls could be abused to escalate one's privileges to...2015-10-2200 minDEF CON 23 [Audio] Speeches from the Hacker ConventionPatrick Wardle - 'DLL Hijacking' on OS X? #@%& Yeah!Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Patrick-Wardle-DLL-Hijacking-on-OSX-UPDATED.pdf
'DLL Hijacking' on OS X? #@%& Yeah!
Patrick Wardle, Director of R&D, Synack
Remember DLL hijacking on Windows? Well, turns out that OS X is fundamentally vulnerable to a similar attack (independent of the user's environment).
By abusing various 'features' and undocumented aspects of OS X's dynamic loader, this talk will reveal how attackers need only to plant specially-crafted dynamic libraries to have their malicious code automatically loaded into vulnerable applications. Through this attack, adversaries can perform a...2015-10-2200 minDEF CON 23 [Audio] Speeches from the Hacker ConventionColby Moore - Spread Spectrum Satcom Hacking - Attacking The GlobalStar Simplex Data ServiceMaterials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Colby-Moore-Spread-Spectrum-Satcom-Hacking.pdf
Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex Data Service
Colby Moore Manager of Special Activities, Synack
Recently there have been several highly publicized talks about satellite hacking. However, most only touch on the theoretical rather than demonstrate actual vulnerabilities and real world attack scenarios. This talk will demystify some of the technologies behind satellite communications and do what no one has done before - take the audience step-by-step from reverse engineering to exploitation of the GlobalStar simplex satcom protocol...2015-10-1600 min![DEF CON 22 [Materials] Speeches from the Hacker Convention.](https://www.defcon.org/images/defcon-22/dc-22-itunes-logo-materials.jpg){kind=logo}
DEF CON 22 [Materials] Speeches from the Hacker Convention.Patrick Wardle and Colby Moore - Optical Surgery; Implanting a DropCamSlides Here; https://defcon.org/images/defcon-22/dc-22-presentations/Moore-Wardle/DEFCON-22-Colby-Moore-Patrick-Wardle-Synack-DropCam-Updated.pdf
Optical Surgery; Implanting a DropCam
Patrick Wardle DIRECTOR OF RESEARCH, SYNACK
Colby Moore SECURITY RESEARCH ENGINEER, SYNACK
Video Monitoring solutions such as DropCam aim to provide remote monitoring, protection and security. But what if they could be maliciously subverted? This presentation details a reverse-engineering effort that resulted in the full compromise of a DropCam. Specifically, given physical access and some creative hardware and software hacks, any malicious software may be persistently installed upon the device.
Implanting a wireless video...2014-12-1408 min