Simply Defensive

How does a Navy fire control tech who once wrangled a six-barrel death robot become the head of security operations at Jack in the Box? In this episode of Simply Defensive, we sit down with Chris Julio — SOC Manager, veteran, and self-proclaimed lover of both metrics and munchie meals.Chris shares his journey from Windows NT and dot-matrix printers to modern InfoSec leadership, explains what he actually looks for when hiring blue teamers (hint: it's not your certs), and drops tactical insights on building a metrics program that actually matters to the business.We also talk about:The chaos theory of SOC alertsThe power of curiosity in detection workBuilding a team culture that beats burnoutWhy your legal team doesn’t care about phishing — and how to change thatOh, and there's a fast-food burger debate. No spoilers, but lines are drawn.Whether you're just getting started in security or leading your own team, this episode’s got something for you.Connect with Chris on LinkedIn:🔗 https://www.linkedin.com/in/christopherjulio/Chapters:00:00 Introduction and Guest Welcome00:43 Chris Julio's Navy Background04:27 Transition to Cybersecurity06:42 Hiring and Team Building Insights21:36 Balancing Work and Family Life25:53 Engaging with the InfoSec Community27:09 Final Thoughts and Advice for Blue Teamers28:16 Closing Remarks and Sponsor Acknowledgment=========================Sponsored by ThreatLocker - Free 30-day trial of ThreatLocker https://www.threatlocker.com/simplydefensive=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

SOC analysts, detection engineers, and pentesters—you’re not imagining it: software supply chain security is a dumpster fire 🔥. In this episode of Simply Defensive, we sit down with Kyle Kelly, engineering manager at GitHub and author of Crime Hacks, to unpack the chaos.We cover:- Why malicious packages are sneaking past defenders- The truth about SBOMs (and what most orgs are doing wrong)- How to spot typo-squatting and backdoored build scripts- What defenders can do—even if you're not building the code- Why “just NPM install” is more dangerous than you thinkFrom transitive dependencies to the hidden power of private package repositories, this episode is packed with practical insights, hilarious stories, and advice every blue teamer needs.Episode Links:🔗 Kyle’s blog: https://crimehacks.com 👨‍💻 Kyle on LinkedIn: https://www.linkedin.com/in/kyle-m-kelly 📰 Crime Hacks on LinkedIn: https://www.linkedin.com/company/crimehacks=========================Sponsored by ThreatLocker - Free 30-day trial of ThreatLocker https://www.threatlocker.com/simplydefensive=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

In the final episode of Season 3 on Simply Defensive, hosts Josh Mason and Wade Wells welcome John Liliston, the Product Director at ThreatLocker.John shares his journey into cybersecurity, his role at ThreatLocker, and his thoughts on the evolution of security solutions. He discusses ThreatLocker's approach to zero trust, the impact of AI on cybersecurity, and the unique integration of application control and threat detection in their offerings.The episode also covers John's experiences and insights from recent conferences like RSA and potential future advancements in the industry. Tune in for an in-depth discussion on defensive cybersecurity and innovative product design.Connect with John on LinkedIn: https://www.linkedin.com/in/john-lilliston-4725217b/00:00 Introduction to Simply Defensive00:31 Meet John Liliston: Threat Locker's Product Director02:35 John's Journey into Cybersecurity03:45 Transitioning to Product Design04:52 Balancing Roles at Threat Locker06:10 Emerging Threats and Product Development17:47 The Future of Security Solutions24:56 Concluding Thoughts and Upcoming Events=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

Join hosts Josh and Wade as they sit down with Charles (Chuck) Sapp, a seasoned cybersecurity expert and security awareness specialist. In this episode, Chuck shares his unique journey from serving in the Marine Corps to becoming an influencer in the cybersecurity community.Gain insights into his military background, his passion for educating others about cybersecurity, and engaging stories from his experiences. Chuck also previews his upcoming talk for BSides Tampa 2025, offering valuable advice on tailoring security training for diverse audiences.Don't miss this opportunity to tap into his innovative approach to cybersecurity awareness!Connect with Chuck on LinkedIn: https://www.linkedin.com/in/chucksapp/Check out the article discussed: https://www.staysafeonline.org/articles/ai-fools-stay-sharp00:00 Introduction and Guest Welcome01:18 Chuck's Background and Military Experience03:54 Transition to Cybersecurity06:29 Hackspace Con Story10:35 Upcoming Talk and Security Awareness15:15 Challenges in Security Awareness20:38 Storytelling in Cybersecurity21:56 Real-Life Examples of Scams23:30 Phishing Tests and Awareness31:03 Creative Security Solutions32:03 Leveraging Security Behavior Databases35:23 Meeting Industry Leaders37:53 Final Thoughts and Recommendations=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

Welcome to another episode of Simply Defensive! In this installment, hosts Josh Mason and Wade Wells are joined by cybersecurity expert James Bierly.James shares his unique journey from a submarine sonar technician in the Navy to founding his own security firm, Secure Point Solutions, which specializes in helping small businesses tackle cybersecurity threats. They discuss the vital steps and strategies for implementing robust security measures in small companies, the importance of patch management, and how to protect sensitive information.Additionally, James delves into his experiences as a foster parent, offering insights into the foster care system and the impactful ways you can contribute. Stay tuned for valuable tips on safeguarding your business and heartwarming stories from the world of foster care.Episode Links:Connect with James on LI: https://www.linkedin.com/in/jbierly/Secure Point Solutions: https://www.secureps.net/NFPA: https://nfpaonline.org/00:00 Introduction and Guest Welcome00:22 James Bierly's Journey from Submarines to Cybersecurity02:54 Transition to IT and Cybersecurity07:28 Challenges and Rewards of Small Business Cybersecurity12:29 Starting a Cybersecurity Business20:11 Key Security Practices for Small Businesses22:42 Challenges in School Cybersecurity25:29 Starting a Cybersecurity Consulting Business26:14 Engaging with Local Businesses28:42 Building a Network Through Referrals32:54 Becoming a Foster Parent43:48 Advice for Blue Teamers=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

Join hosts Josh Mason and Wade Wells as they sit down with David French for an insightful episode of Simply Defensive.Discover David's journey from coding CCTV systems to becoming a staff security engineer at Google Cloud. Explore their discussion on detection as code, automation, detection testing, and relevant tools like Dorothy and Atomic Red Team.Learn why coding skills are crucial for modern cybersecurity professionals, and get tips on leveraging AI in the field.Whether you're a beginner or an experienced blue teamer, this episode is packed with valuable insights and actionable advice.LinkedIn - https://www.linkedin.com/in/davidfrench001/Google Cloud Security community - https://www.googlecloudcommunity.com/gc/Google-Cloud-Security/ct-p/googlecloud-securityMedium - https://medium.com/@threatpunterGitHub - https://github.com/threat-punter00:00 Introduction and Casual Banter00:21 Guest Introduction: David French01:11 David's Background and Career Journey02:40 Detection Engineering and Origin Stories04:18 Current Role and Responsibilities05:05 Getting into Cybersecurity08:30 Detection as Code: Concepts and Practices12:34 Testing Detections: Challenges and Strategies16:51 Tools and Techniques for Detection Testing19:25 Open Source Tools and Community Contributions23:23 AI in Detection Engineering26:32 Exploring AI Tools for Coding and Presentations27:50 Deep Research and Its Impact28:52 Journey into Public Speaking40:00 Community Engagement and Networking40:29 Upcoming Conference and Final Thoughts43:45 The Importance of Coding for Security Professionals=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

Josh Mason and Wade Wells bring us an exciting episode of Simply Defensive, featuring special guest Eddie Miro. Eddie shares his journey in cybersecurity, offering insights into his experiences at DEFCON, the creation of Octopus Game, and his mission to make cybersecurity more inclusive.Join us as we delve into the benefits of Capture the Flag (CTF) competitions and how they can help new entrants feel comfortable and connected in the cybersecurity community. Learn about the importance of diversity in cybersecurity, tips for getting started with CTFs, different types of CTFs, and how networking can make a significant impact on your career.Don't miss out on this engaging conversation packed with practical advice and inspiration for both beginners and seasoned cybersecurity professionals.Episode Links: https://www.linkedin.com/in/theedmiroshow/https://nationalcyberleague.org/https://cyberskyline.com/https://linktr.ee/octopusgame00:00 Welcome and Introductions00:32 Reconnecting with Old Friends01:27 Octopus Game at DEFCON02:58 The Importance of Diversity in Cybersecurity06:48 Challenges of Blue Team CTFs10:10 National Cyber League and CTF Benefits15:16 Networking and Job Hunting in Cybersecurity18:05 Reflecting on Career Transitions18:29 Jimmy's Journey and Networking20:03 The Value of CTFs21:29 Getting Started with CTFs25:28 Different Styles of CTFs28:21 The Role of Programming in Cybersecurity30:49 Using AI in Cybersecurity32:55 Final Thoughts and Advice=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

In this episode of Simply Defensive, hosts Josh Mason and Wade Wells welcome Mitch Cohen, privacy and OPSEC expert from flare.io.Mitch shares his journey to becoming a 'digital ghost' and offers valuable insights into operational security (OPSEC) and privacy practices. He discusses the importance of securing personal information, the risks associated with poor OPSEC, and provides actionable steps for improving digital privacy.Josh, Wade, and Mitch explore real-world examples, the ethical implications of privacy, and how to strike a balance between convenience and security.An excellent resource for cybersecurity professionals and anyone interested in protecting their digital footprint.Learn more in the flare.io Discord00:00 Introduction to Simply Defensive00:27 Meet Mitch Cohen: Privacy and OPSEC Expert01:29 The Importance of OPSEC04:13 Defining OPSEC and Its Relevance07:07 Real-World OPSEC Challenges08:23 Balancing Public Presence and Privacy12:44 Threat Models and OPSEC Strategies18:07 Practical OPSEC Tips and Personal Stories20:53 Rolling Back Your Public Profile21:48 Digital Spring Cleaning: Deleting Old Posts23:03 The Art of Misinformation: Poisoning the Well24:51 Changing Your Appearance for OPSEC27:38 Resources for Learning OPSEC31:23 The Importance of Privacy as a Human Right36:41 Convenience vs. Security: The Trade-offs40:01 Final Thoughts and Advice for Blue Teamers =========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

Navigating the Cybersecurity Landscape with Edna Johnson: From Developer to Threat HunterJoin hosts Josh Mason and Wade Wells as they welcome Edna Johnson, a vibrant and passionate cybersecurity engineer, to Simply Defensive. Edna shares her journey from initially wanting to be a developer to diving deep into the world of cybersecurity, attending and volunteering at major conferences such as Defcon and BSides.She discusses her role in various cybersecurity groups, her imposter syndrome battles, and the importance of volunteering and community engagement in this field. Listen in for valuable insights on threat hunting, content creation, and the significance of understanding basic processes in blue teaming. Don't miss this fantastic episode filled with real-world advice and behind-the-scenes stories from Edna's inspiring career!Connect with Edna:https://www.linkedin.com/in/ednajonsson/https://www.buzzsprout.com/1749189 https://deathcon.io/00:00 Introduction and Guest Welcome00:36 Edna Johnson's Background and Achievements01:53 Challenges and Successes in CTFs03:41 Journey into Cybersecurity05:12 Teaching Cybersecurity and Overcoming Imposter Syndrome08:52 Involvement with BSides and Networking During the Pandemic10:39 Current Projects and Content Development11:49 Exploring AI-Generated Honeypots14:06 Passion for Threat Hunting and Script Writing14:58 Involvement with Death Con17:01 Exploring the Unique Aspects of Death Con17:35 The Value of Networking and Friendships18:17 Extended Access to Labs and Workshops19:21 Organizing Death Con San Diego20:59 The Benefits of Volunteering in Cybersecurity24:40 Joining and Growing DEF CON Groups30:34 Final Thoughts and Advice for Blue Teamers=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

In this episode of Simply Defensive, hosts Josh Mason and Wade Wells are joined by special guest Fletus Poston III, a seasoned cyber defense expert with nearly 18 years of experience.Learn about the complexities of cyber defense in various industries, discussing the pros and cons of regulatory red tape, the impact of audits on cybersecurity, and the dynamics between internal and external red teams. Fletus shares valuable insights on mentorship, career advice for aspiring SOC analysts, and the importance of understanding different perspectives within the industry.Whether you're new to cybersecurity or a seasoned professional, this episode offers a deep dive into the real-world challenges and strategies in the field.Connect with Fletus on YouTube at ⁨@fletusposton⁩ and on LinkedIn.  00:00 Introduction and Guest Introduction00:55 Discussing Industry Regulations01:34 Challenges with Auditing04:46 Red Team vs Blue Team Dynamics08:34 Career Journey in Cybersecurity11:16 Building and Managing SOCs13:34 Internal vs External SOC Management17:05 Maintaining SOC Analyst Morale18:22 Testing and Tabletops18:36 Disaster Recovery Scenarios19:16 Level One Analysts and Guardrails19:38 Tierless SOCs and Escalation20:13 Choosing the Right SOC Environment21:26 Understanding Documentation and SOPs22:25 Advice for Aspiring SOC Analysts24:21 Work-Life Balance in SOC Roles29:32 Reverse Mentorship and Cross-Training31:01 Finding the Right Company Culture34:57 Conclusion and Final Thoughts=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group