Simply Defensive

Ready to level up your defensive cybersecurity skills? In this episode of Simply Defensive, Josh Mason and Wade Wells sit down with Dan Regalado and Belem — the founders of Hack Defender Academy — to explore how they’re using CTF-style challenges, real malware cases, and gamification to prepare the next generation of defenders.💡 We cover:Why gamified, CTF-style learning works better than traditional trainingHow Hack Defender Academy helps beginners grow into skilled malware analystsThe role of AI in threat research — friend, foe, or both?The importance of staying hungry and keeping your edge as a blue teamer🚨 Special Gift for Our Listeners: Hack Defender Academy is giving away one free certification pass! Details in the episode.🔗 Links from the episodeHack Defender Academy 🌐 Website: academy.hack-defender.com ▶️ YouTube: Hack Defender Official 📱 TikTok: @HackDefOfficial 📸 Instagram: @HackDefOfficial 🐦 X (Twitter): @HackDefOfficial 💼 LinkedIn: Hack Defender 📘 Facebook: Hack DefenderConnect with our guests🔹 Dan Regalado – LinkedIn 🔹 Belem – LinkedInSimply Defensive Podcast🎧 Spotify: Simply Defensive 🎧 Apple: Simply DefensiveSponsor 💼 Thanks to ThreatLocker for supporting this episode.👍 If you enjoyed this conversation, hit Like, Subscribe, and ring the 🔔 so you don’t miss our weekly episodes! Drop a comment with the biggest challenge you’ve faced as a blue teamer — we’d love to hear your story.=========================Sponsored by ThreatLocker - Free 30-day trial of ThreatLockerhttps://www.threatlocker.com/simplydefensive=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

In Season 4, Episode 4 of Simply Defensive, hosts Josh Mason and Wade Wells sit down with Rob Allen, Chief Product Officer at ThreatLocker, to dive deep into the world of Zero Trust security, proactive cybersecurity strategies, and ransomware prevention.Rob shares expert insights on:Proactive vs. Reactive cybersecurity — why a balanced security stack mattersHow Zero Trust infrastructure can stop cyber attacks before they startThreatLocker’s "Deny by Default" approach to endpoint and application controlThe importance of application definitions for effective securityWhy AI is not the silver bullet for cybersecurity defenseCommon security myths and misconceptions that put organizations at riskWhether you’re a SOC analyst, detection engineer, IT manager, or anyone interested in protecting against ransomware, this episode offers practical, real-world strategies for building a stronger cyber defense posture.Timestamps: 00:00 – Introduction and Host Greetings 00:23 – Guest Introduction: Rob Allen from ThreatLocker 00:44 – Rob Allen's Role and Responsibilities 02:30 – Proactive vs. Reactive Cybersecurity Approaches 03:54 – Challenges in Cybersecurity Detection 05:24 – ThreatLocker’s Deny by Default Approach 09:48 – The Importance of Application Definitions 16:52 – Security Myths and Misconceptions 18:53 – AI in Cybersecurity: Hype vs. Reality 23:32 – Travel Plans and Closing Remarks🔗 Connect with Rob Allen & ThreatLocker Website: https://www.threatlocker.com/ LinkedIn: https://www.linkedin.com/company/threatlocker/=========================Sponsored by ThreatLocker - Free 30-day trial of ThreatLockerhttps://www.threatlocker.com/simplydefensive=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

What if GitHub sucks for security detections—and AI is finally good enough to replace it?Join Josh Mason and Wade Wells as they sit down with Aaron Mog, the outspoken founder of Detections.ai, to unpack why detection engineering is broken—and how his new platform signed up 4,000+ users in just two weeks.Aaron doesn’t hold back. From ranting about GitHub’s failures to sharing how AI is now actually useful for real-world detections, this episode goes deep into:Why most teams still build detections in silos (and waste time doing it)What makes detections fail—and what 80% of orgs get wrongHow Detections.ai uses prompt engineering and log analysis to generate battle-ready alertsWhy vendors will never cover all your detection needs (and that’s okay)Whether you're a threat hunter, detection engineer, or just AI-curious, this episode will challenge your assumptions and give you practical ideas to level up your SOC.Connect with Aaron on LinkedIn: https://www.linkedin.com/in/aaronmoghttps://detections.ai/ Code “SimplyCyber”👉 Subscribe for more real talk on cyber defense. 🎧 Listen in and get ahead of the curve.Chapters:00:00 Introduction and Guest Welcome00:31 Aaron Mog and Detections.ai Overview01:58 Community-Driven Detection Engineering04:24 AI Integration and Product Evolution06:20 Challenges in Detection Engineering08:11 AI's Role in Detection Engineering15:51 Vendor Limitations and Custom Solutions16:54 Microsoft's Limitations in Cybersecurity17:23 The Evolution of Threat Hunting18:07 Collaborative Approach to Cybersecurity20:07 Crowdsourcing and AI in Detection Engineering20:57 Challenges and Innovations in AI for Security21:37 AI's Role in Detection and Response23:25 Elastic's Blog and Detection Engineering24:29 AI in Summarizing and Enhancing Security Reports28:14 Community and Commercial Aspects of AI in Security32:18 Conclusion and Community Engagement=========================Sponsored by ThreatLocker - Free 30-day trial of ThreatLockerhttps://www.threatlocker.com/simplydefensive=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

How does a Navy fire control tech who once wrangled a six-barrel death robot become the head of security operations at Jack in the Box? In this episode of Simply Defensive, we sit down with Chris Julio — SOC Manager, veteran, and self-proclaimed lover of both metrics and munchie meals.Chris shares his journey from Windows NT and dot-matrix printers to modern InfoSec leadership, explains what he actually looks for when hiring blue teamers (hint: it's not your certs), and drops tactical insights on building a metrics program that actually matters to the business.We also talk about:The chaos theory of SOC alertsThe power of curiosity in detection workBuilding a team culture that beats burnoutWhy your legal team doesn’t care about phishing — and how to change thatOh, and there's a fast-food burger debate. No spoilers, but lines are drawn.Whether you're just getting started in security or leading your own team, this episode’s got something for you.Connect with Chris on LinkedIn:🔗 https://www.linkedin.com/in/christopherjulio/Chapters:00:00 Introduction and Guest Welcome00:43 Chris Julio's Navy Background04:27 Transition to Cybersecurity06:42 Hiring and Team Building Insights21:36 Balancing Work and Family Life25:53 Engaging with the InfoSec Community27:09 Final Thoughts and Advice for Blue Teamers28:16 Closing Remarks and Sponsor Acknowledgment=========================Sponsored by ThreatLocker - Free 30-day trial of ThreatLocker https://www.threatlocker.com/simplydefensive=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

SOC analysts, detection engineers, and pentesters—you’re not imagining it: software supply chain security is a dumpster fire 🔥. In this episode of Simply Defensive, we sit down with Kyle Kelly, engineering manager at GitHub and author of Crime Hacks, to unpack the chaos.We cover:- Why malicious packages are sneaking past defenders- The truth about SBOMs (and what most orgs are doing wrong)- How to spot typo-squatting and backdoored build scripts- What defenders can do—even if you're not building the code- Why “just NPM install” is more dangerous than you thinkFrom transitive dependencies to the hidden power of private package repositories, this episode is packed with practical insights, hilarious stories, and advice every blue teamer needs.Episode Links:🔗 Kyle’s blog: https://crimehacks.com 👨‍💻 Kyle on LinkedIn: https://www.linkedin.com/in/kyle-m-kelly 📰 Crime Hacks on LinkedIn: https://www.linkedin.com/company/crimehacks=========================Sponsored by ThreatLocker - Free 30-day trial of ThreatLocker https://www.threatlocker.com/simplydefensive=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

In the final episode of Season 3 on Simply Defensive, hosts Josh Mason and Wade Wells welcome John Liliston, the Product Director at ThreatLocker.John shares his journey into cybersecurity, his role at ThreatLocker, and his thoughts on the evolution of security solutions. He discusses ThreatLocker's approach to zero trust, the impact of AI on cybersecurity, and the unique integration of application control and threat detection in their offerings.The episode also covers John's experiences and insights from recent conferences like RSA and potential future advancements in the industry. Tune in for an in-depth discussion on defensive cybersecurity and innovative product design.Connect with John on LinkedIn: https://www.linkedin.com/in/john-lilliston-4725217b/00:00 Introduction to Simply Defensive00:31 Meet John Liliston: Threat Locker's Product Director02:35 John's Journey into Cybersecurity03:45 Transitioning to Product Design04:52 Balancing Roles at Threat Locker06:10 Emerging Threats and Product Development17:47 The Future of Security Solutions24:56 Concluding Thoughts and Upcoming Events=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

Join hosts Josh and Wade as they sit down with Charles (Chuck) Sapp, a seasoned cybersecurity expert and security awareness specialist. In this episode, Chuck shares his unique journey from serving in the Marine Corps to becoming an influencer in the cybersecurity community.Gain insights into his military background, his passion for educating others about cybersecurity, and engaging stories from his experiences. Chuck also previews his upcoming talk for BSides Tampa 2025, offering valuable advice on tailoring security training for diverse audiences.Don't miss this opportunity to tap into his innovative approach to cybersecurity awareness!Connect with Chuck on LinkedIn: https://www.linkedin.com/in/chucksapp/Check out the article discussed: https://www.staysafeonline.org/articles/ai-fools-stay-sharp00:00 Introduction and Guest Welcome01:18 Chuck's Background and Military Experience03:54 Transition to Cybersecurity06:29 Hackspace Con Story10:35 Upcoming Talk and Security Awareness15:15 Challenges in Security Awareness20:38 Storytelling in Cybersecurity21:56 Real-Life Examples of Scams23:30 Phishing Tests and Awareness31:03 Creative Security Solutions32:03 Leveraging Security Behavior Databases35:23 Meeting Industry Leaders37:53 Final Thoughts and Recommendations=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

Welcome to another episode of Simply Defensive! In this installment, hosts Josh Mason and Wade Wells are joined by cybersecurity expert James Bierly.James shares his unique journey from a submarine sonar technician in the Navy to founding his own security firm, Secure Point Solutions, which specializes in helping small businesses tackle cybersecurity threats. They discuss the vital steps and strategies for implementing robust security measures in small companies, the importance of patch management, and how to protect sensitive information.Additionally, James delves into his experiences as a foster parent, offering insights into the foster care system and the impactful ways you can contribute. Stay tuned for valuable tips on safeguarding your business and heartwarming stories from the world of foster care.Episode Links:Connect with James on LI: https://www.linkedin.com/in/jbierly/Secure Point Solutions: https://www.secureps.net/NFPA: https://nfpaonline.org/00:00 Introduction and Guest Welcome00:22 James Bierly's Journey from Submarines to Cybersecurity02:54 Transition to IT and Cybersecurity07:28 Challenges and Rewards of Small Business Cybersecurity12:29 Starting a Cybersecurity Business20:11 Key Security Practices for Small Businesses22:42 Challenges in School Cybersecurity25:29 Starting a Cybersecurity Consulting Business26:14 Engaging with Local Businesses28:42 Building a Network Through Referrals32:54 Becoming a Foster Parent43:48 Advice for Blue Teamers=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

Join hosts Josh Mason and Wade Wells as they sit down with David French for an insightful episode of Simply Defensive.Discover David's journey from coding CCTV systems to becoming a staff security engineer at Google Cloud. Explore their discussion on detection as code, automation, detection testing, and relevant tools like Dorothy and Atomic Red Team.Learn why coding skills are crucial for modern cybersecurity professionals, and get tips on leveraging AI in the field.Whether you're a beginner or an experienced blue teamer, this episode is packed with valuable insights and actionable advice.LinkedIn - https://www.linkedin.com/in/davidfrench001/Google Cloud Security community - https://www.googlecloudcommunity.com/gc/Google-Cloud-Security/ct-p/googlecloud-securityMedium - https://medium.com/@threatpunterGitHub - https://github.com/threat-punter00:00 Introduction and Casual Banter00:21 Guest Introduction: David French01:11 David's Background and Career Journey02:40 Detection Engineering and Origin Stories04:18 Current Role and Responsibilities05:05 Getting into Cybersecurity08:30 Detection as Code: Concepts and Practices12:34 Testing Detections: Challenges and Strategies16:51 Tools and Techniques for Detection Testing19:25 Open Source Tools and Community Contributions23:23 AI in Detection Engineering26:32 Exploring AI Tools for Coding and Presentations27:50 Deep Research and Its Impact28:52 Journey into Public Speaking40:00 Community Engagement and Networking40:29 Upcoming Conference and Final Thoughts43:45 The Importance of Coding for Security Professionals=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

Josh Mason and Wade Wells bring us an exciting episode of Simply Defensive, featuring special guest Eddie Miro. Eddie shares his journey in cybersecurity, offering insights into his experiences at DEFCON, the creation of Octopus Game, and his mission to make cybersecurity more inclusive.Join us as we delve into the benefits of Capture the Flag (CTF) competitions and how they can help new entrants feel comfortable and connected in the cybersecurity community. Learn about the importance of diversity in cybersecurity, tips for getting started with CTFs, different types of CTFs, and how networking can make a significant impact on your career.Don't miss out on this engaging conversation packed with practical advice and inspiration for both beginners and seasoned cybersecurity professionals.Episode Links: https://www.linkedin.com/in/theedmiroshow/https://nationalcyberleague.org/https://cyberskyline.com/https://linktr.ee/octopusgame00:00 Welcome and Introductions00:32 Reconnecting with Old Friends01:27 Octopus Game at DEFCON02:58 The Importance of Diversity in Cybersecurity06:48 Challenges of Blue Team CTFs10:10 National Cyber League and CTF Benefits15:16 Networking and Job Hunting in Cybersecurity18:05 Reflecting on Career Transitions18:29 Jimmy's Journey and Networking20:03 The Value of CTFs21:29 Getting Started with CTFs25:28 Different Styles of CTFs28:21 The Role of Programming in Cybersecurity30:49 Using AI in Cybersecurity32:55 Final Thoughts and Advice=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group