The Cyber Threat Perspective

In this episode, we discuss soft skills and mental health for security professionals.Soft Skillsself-awarenessGumption (initiative & resourcefulness)Autodidactic (self-educate)EmpathyPatienceDeterminationCommunication - This is one to hit heavilyWritten & Spokenread the roomCreativity (BS-ing)Attention to detailCuriosityMental Healthdo you truly enjoy/love what you do?work-life balancechange the definition of "success"give yourself a break/don't be so hard on yourselfschedule time to yourself for escapismfind a hobbydon't force inspiration because you can'twhen you're feeling inspired capitalize on itstand on the shoulders of giants24-hour examsBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

In this episode, we discuss password spraying, a favorite technique among attackers who are trying to compromise organizations. Spencer and Tyler discuss external and internal password spraying, why it is so effective, how password spraying works, and what to look out for on your network.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

In this episode, Spencer is joined by Daniel Perkins, a Senior Information Security Officer at SecurIT360 to discuss the intricacies of vulnerability management, the important prerequisites to vulnerability management, and best practices, and provide actionable strategies to level up your vulnerability management program.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

In this episode, Zach Sims (Information Security Officer at SecurIT360) provides valuable insights into offensive security services from the perspective of a security leader. This episode explores the significance of these services in today's digital landscape. Listeners gain a concise understanding of the CISO's role, the alignment of offensive security goals with cybersecurity strategy, and the challenges faced in implementation. The discussion also delves into how CISOs balance the need for offensive and defensive security assessments, offering a compact yet informative overview of key aspects of the world of information security.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

This is part two of Future Trends in Pentesting.  Spencer and Darrius, members of SecurIT360's offensive security team discuss up and coming techniques, tools and tactics that they see on the horizon for 2024 and beyond.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

In this episode Brad and Darrius discuss future trends in penetration testing. We plan for this to be a multi-part series and in this part listen to Brad and Darrius delve into why keeping pace with current and future trends is important, evolving threats, the cloud and much more!Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

In this episode of "The Cyber Threat Perspective," Tyler and Brad, members of SecurIT360's offensive security team, take us through the evolution of various penetration testing TTPs. Specifically, using the external penetration test process as an example and analyzing other processes and why/how they changed.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

In this episode, Spencer and Tyler go "behind the hack" and discuss what life is like behind the keyboard of an external pentest. They discuss various parts of an external penetration test such as planning and preparation, execution, and post-exploitation as well as common challenges throughout the way.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

This week we are replaying one of our earliest episodes. In this episode, Brad and Spencer discuss the THREE primary ways we gain initial access on penetration tests and how to stop us! The moral of this story is that these are attack vectors we see adversaries using day in and day out to compromise organizations. We hope this episode helps you track down and close those gaps in your own environments.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

In this episode, Spencer and Darrius discuss a common divide found among companies between the Security Team and the development teams. These are two teams that are ultimately trying to benefit the company, and by working together both are able to succeed.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com