Join us for an enthralling journey into the heart of cybersecurity operations with “Tales from the Trenches,” an exclusive podcast presented by Brad Causey, Vice President of Offensive Security at SecurIT360. Dive deep into the high-stakes world of offensive security as Brad shares his firsthand experiences from a career spent on the front lines of digital defense.Engage with real-life stories illustrating offensive cybersecurity's intense challenges and triumphant victories. Brad's narrative will transport you to the core of high-pressure operations, where strategic decisions can impact the security posture of entire organizations. Learn from a seasoned expert who has navigated complex cyber threats; he will shed light on sophisticated tactics, techniques, and procedures that define modern offensive security strategies. Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

In our "DNS Security" podcast, we delve into DNS's critical role in how the internet works, exploring its vulnerabilities and attacks like DNS spoofing, cache poisoning, and DDoS. We discuss DNSSEC and its components, including public and private keys, and examine practical solutions such as DNS and content filtering. The episode also highlights the advantages of cloud-based DNS services, like those offered by Cloudflare.Finally, we share best practices and resources for securing DNS infrastructure, addressing challenges like scalability and false positives. Join us for a concise yet comprehensive exploration of DNS security's complexities and solutions.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

In this episode, we dive into the world of Windows and Active Directory and we explore strategies and best practices to secure these systems. This episode will provide you with actionable advice for securing your organization against cyber attacks. We discuss topics such as least privilege, tiered admin model, CIS benchmarks, and much more.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

In today's rapidly evolving cybersecurity landscape, where organizations of all verticals and industries are more and more being targeted, organizations must adopt a proactive approach to securing their systems and data. Penetration testing is an essential component of identifying vulnerabilities and weaknesses. However, many organizations fail to extract maximum value from their penetration tests, treating them as isolated events rather than continuous learning opportunities.This session aims to shed light on the concept of "Assume Breach" and explore how organizations can extract the most value from their penetration tests. By embracing the assumption that systems and users at some point will become compromised, organizations can develop a comprehensive security strategy that goes beyond a checklist approach.The session will feature real-world case studies and practical examples to illustrate successful Assume Breach penetration tests. Attendees will gain insights into developing a robust security strategy, optimizing resources, and aligning penetration tests with broader organizational goals.Whether you are a security professional, an IT admin, an MSP, or a business leader, this session will provide valuable insights to enhance your understanding of penetration testing as a continuous improvement process and empower you to strengthen your customer's security posture.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

In this episode, we discuss soft skills and mental health for security professionals.Soft Skillsself-awarenessGumption (initiative & resourcefulness)Autodidactic (self-educate)EmpathyPatienceDeterminationCommunication - This is one to hit heavilyWritten & Spokenread the roomCreativity (BS-ing)Attention to detailCuriosityMental Healthdo you truly enjoy/love what you do?work-life balancechange the definition of "success"give yourself a break/don't be so hard on yourselfschedule time to yourself for escapismfind a hobbydon't force inspiration because you can'twhen you're feeling inspired capitalize on itstand on the shoulders of giants24-hour examsBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

In this episode, we discuss password spraying, a favorite technique among attackers who are trying to compromise organizations. Spencer and Tyler discuss external and internal password spraying, why it is so effective, how password spraying works, and what to look out for on your network.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

In this episode, Spencer is joined by Daniel Perkins, a Senior Information Security Officer at SecurIT360 to discuss the intricacies of vulnerability management, the important prerequisites to vulnerability management, and best practices, and provide actionable strategies to level up your vulnerability management program.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

In this episode, Zach Sims (Information Security Officer at SecurIT360) provides valuable insights into offensive security services from the perspective of a security leader. This episode explores the significance of these services in today's digital landscape. Listeners gain a concise understanding of the CISO's role, the alignment of offensive security goals with cybersecurity strategy, and the challenges faced in implementation. The discussion also delves into how CISOs balance the need for offensive and defensive security assessments, offering a compact yet informative overview of key aspects of the world of information security.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

This is part two of Future Trends in Pentesting.  Spencer and Darrius, members of SecurIT360's offensive security team discuss up and coming techniques, tools and tactics that they see on the horizon for 2024 and beyond.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

In this episode Brad and Darrius discuss future trends in penetration testing. We plan for this to be a multi-part series and in this part listen to Brad and Darrius delve into why keeping pace with current and future trends is important, evolving threats, the cloud and much more!Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com