Simply Defensive

In this episode of Simply Defensive, hosts Josh Mason and Wade Wells welcome the highly esteemed Leslie Carhart from Dragos.We step into the world of industrial cybersecurity, discussing the critical nature of securing vital infrastructure like power plants, water treatment facilities, and manufacturing setups. Leslie shares insights on the unique challenges faced in this sector, including handling old systems, different procedural mindsets, and low-level industrial devices.The episode also covers Leslie's intriguing career journey, filled with diverse technical roles, and her advice on entering and thriving in cybersecurity. Moreover, Leslie offers valuable guidance on mentorship and maintaining a work-life balance for cybersecurity professionals.https://www.linkedin.com/in/lcarhart/https://pancakescon.com/https://www.sans.org/profiles/lesley-carhart/https://bsky.app/profile/hacks4pancakes.com00:00 Introduction and Guest Welcome01:02 Leslie Carhartt's Role at Dragos02:06 Challenges in Industrial Cybersecurity06:39 Leslie's Career Journey09:01 Advice for Aspiring OT Cybersecurity Professionals13:24 Incident Response in OT Environments16:50 Mapping Processes in OT Security18:06 Reflecting on Early Career Lessons18:31 Navigating Social Media Criticism19:55 Cyber Warfare and Air Force Insights22:04 Challenges in OT Security24:02 Mentoring in Cybersecurity24:43 Advice for Aspiring Cybersecurity Professionals25:51 Realities of Pen Testing and Incident Response29:32 Effective Mentorship Strategies32:50 Final Thoughts and Contact Information=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker =========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

From Navy Red Team to Blue Team: David Perez's Cybersecurity JourneyIn this episode of Simply Defensive, hosts Josh Mason and Wade What’s Up interview David Perez, a Navy veteran who transitioned from red teaming to blue teaming in cybersecurity. David shares insights into his career path, his experience with the Navy’s Skillbridge program, and the challenges he faced moving from a structured military environment to the more fluid civilian sector.David also discusses the importance of thinking like an attacker for effective defense, his thoughts on training and detection engineering, and offers valuable advice for those looking to break into the cybersecurity field. Join the conversation to learn about David’s journey, his day-to-day responsibilities, and how he stays sharp in the ever-evolving world of cybersecurity. Don’t forget to like, subscribe, and share!00:00 Introduction and Guest Introduction00:19 David Perez's Cybersecurity Journey00:54 Transition from Military to Civilian Cybersecurity01:48 Skill Bridge Experience03:07 First SOC Job and Responsibilities03:51 Becoming a Detection Engineer04:41 Challenges and Freedom in Cybersecurity Roles08:28 Detection Engineering Insights11:06 Risk-Based Alerting13:14 Detection Rule Management16:38 Detection Building Process18:24 Automated Threat Hunting19:40 Challenges in Detection Engineering20:15 Resources and Learning for Detection Engineering21:46 Teaching and Learning in Cybersecurity22:46 The Importance of Experience in Detection Engineering28:31 Balancing Work and Personal Life31:46 Advice for Aspiring Blue Teamers34:12 Conclusion and Contact Information=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

Hayden Covington, a security professional at Black Hills Information Security, shares his expertise in SOC operations and metrics. He discusses the importance of meaningful performance indicators and transparent communication with clients. Hayden also introduces his new online course on SOC foundations, drawing on practical examples with Elastic and Jira. He navigates the challenges of public speaking and shares personal stories from his journey in cybersecurity. Additionally, he emphasizes the value of personal documentation and productivity tips for tech professionals.

In this episode of Simply Defensive, hosts Josh Mason and Wade Wells talk with Simeon, an Intel Analyst at Microsoft. Listen as they explore his journey from aspiring doctor to cybersecurity expert, discussing his innovative contributions like the creation of KC7 Cyber, a tool that democratizes access to cybersecurity training.Learn about Simeon's early influences, challenges, and the importance of critical thinking, analytical reasoning, and communication in cybersecurity. He also shares his passion for breaking down biases and encouraging diversity in the tech world while offering practical advice for both new and seasoned blue teamers. Discover how KC7 is shaping the future of cyber defense training and get inspired by Simeon's dedication to making cybersecurity accessible to all.Connect with Simeon: https://www.linkedin.com/in/kakpovi/Check out KC7: https://kc7cyber.com/00:00 Introduction and Guest Welcome00:36 Simeon's Background and Career Journey01:26 Getting Started in Cybersecurity02:17 The Cyber Analyst Challenge Experience04:03 Industry vs Academic Cybersecurity07:08 Diversity in Cybersecurity07:54 Emerging Coders Club at Howard08:21 Breaking Technical and Non-Technical Labels13:17 The Birth of KC7 Cyber17:19 Using AI to Scale Cybersecurity Training18:28 Behind the Scenes of a Complex Engine20:01 Teaching Critical Thinking and Analytical Reasoning20:50 The Importance of Transferable Skills21:13 Using KQL for Fast Data Access22:57 Investigative Process and Anticipating Questions24:19 Technical Interviews and Investigative Skills26:39 Training New Analysts in Full Scope Investigations32:57 KC7: A Tool for Accelerated Learning36:37 Final Thoughts and Recommendations=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

In this episode of Simply Defensive, hosts Josh Mason and Wade Wells are joined by SOC analyst Jessica Bishop. Jessica shares her unconventional journey into cybersecurity, transitioning from military police to a corporate role and eventually into a SOC analyst position at an MSSP.She discusses her job's dynamic and engaging aspects, the importance of teamwork and communication within cybersecurity, and her intriguing hobby of paranormal investigation. Tune in to hear about effective cybersecurity practices, the challenges of working in a SOC, and the crossover between investigative tactics in cybersecurity and paranormal research.Follow Jess on LinkedIn: https://www.linkedin.com/in/jessica-bishop-%F0%9F%A7%AD-262729b4/00:00 Introduction and Guest Welcome00:38 Jessica's Journey into Cybersecurity04:02 Networking and Mentorship05:00 Education and Career Path09:24 Challenges and Rewards in SOC Work13:58 Paranormal Investigations16:05 Haunted House Stories17:35 The Importance of Skepticism in Investigations18:38 Relating Skepticism to Cybersecurity19:00 The Dropbox Incident20:18 Inflating Metrics in SOC21:04 Challenges of Working in a SOC24:21 The Importance of Communication in Security29:41 Empathy in Security Work30:22 Final Thoughts and Recommendations=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

Join hosts Josh Mason and Wade Wells in this episode of Simply Defensive as they welcome cybersecurity meme-maker and SOC analyst, Dan Reardon, also known as The HaircutFish.Discover Dan's unconventional journey into cybersecurity, from creating influential memes about prominent figures like Jon Hammond and John Strand to writing insightful blogs on Medium. Dan shares his experiences at Wild West Hacking Fest, overcoming personal challenges, and the importance of networking within the cybersecurity community.Learn about the reality of working as a SOC analyst, the tools of the trade such as Vim, VS Code, and Wireshark, and the rewarding nature of thwarting cyber attacks. This episode emphasizes the power of community, the significance of balancing work with family life, and the benefits of giving back through knowledge sharing.Don't miss these valuable insights, and expect more exciting discussions in future episodes!Connect with our guest, Dan Reardon, on LinkedIn: https://www.linkedin.com/in/danrearden00:00 Welcome to Simply Defensive00:10 Meet Dan Reardon aka Haircutfish00:51 Dan's Journey into Cybersecurity01:14 The Art of Meme Making02:15 Connecting Through Memes06:20 Dan's Blogging Adventures11:50 Learning and Adapting in Cybersecurity14:21 Dan's Hacker Origin Story17:07 Getting Started with TryHackMe and Blue Teaming17:48 First Security Job Experience18:19 Expectations vs Reality in SOC Roles20:30 Favorite Tools and Utilities25:16 The Importance of Community in Cybersecurity33:08 Final Thoughts and Recommendations for Blue Teamers=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Sponsored by ThreatLocker @ThreatLockerAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker. Learn more at https://simplycyber.io/threatlocker=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

In this episode of Simply Defensive, hosts Josh Mason and Wade Wells sit down with Melanie Thomas, Vice President of Cyber Security at BridgePoint Technologies. Melanie shares insights from her role, her experience in cybersecurity, and her path from tech support to VP. She discusses her adjunct professorship at the University of San Diego, her community service, and the importance of networking. The conversation covers the significance of education in cybersecurity, Melanie's approach to balancing technical and strategic roles, and valuable advice for new entrants in the field, including teamwork and maintaining humility.=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

In this episode of Simply Defensive, hosts Josh Mason and Wade Wells welcome Ken, also known as MonkeyDragon, a member of Defcon 858 in San Diego and co-founder of Hard Hat Brigade. Ken introduces himself and discusses his role in cybersecurity, focusing primarily on incident response, threat detection, and threat hunting. The conversation transitions to the topic of 'war driving,' a practice of searching for wireless networks, which Ken is passionate about. He shares insights into the tools used, such as Kismet, and the community-driven project, Wiggle. Ken also talks about his journey into cybersecurity, the origins, and the activities of the Hard Hat Brigade, and offers advice for new blue teamers: ask questions without fear. The episode highlights Ken's involvement in various security events and his emphasis on community and kindness in the cybersecurity field.=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪==================================================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================

Ashley Knowles, a seasoned penetration tester with over 10 years at Black Hills InfoSec, sheds light on the synergy between red and blue teams in cybersecurity. She emphasizes the importance of realistic threat emulation for effective security testing. The discussion dives into challenges faced in Security Operations Centers, highlighting the need for transparency and collaborative problem-solving. Ashley also explores innovative tools like Microsoft DevTunnels and offers insights on balancing professional growth with personal obligations. Don't miss her tips on continuous learning!

Blake Reagan on Incident Response, Career Evolution, and the Importance of Soft SkillsIn this week's episode of Simply Defensive, host Josh Mason and co-host Wade Wells welcome incident response expert Blake Reagan. The discussion delves into Blake's journey from the building trades to cybersecurity, a field he entered after the 2008 economic downturn. Blake shares his experiences in digital forensics, emphasizing the importance of soft skills like public speaking and effective communication in cybersecurity roles. The trio also discusses the merits of tools like the Autopsy Digital Forensics platform, the utility of Toastmasters for public speaking, and time management strategies, making this episode a comprehensive look at the tech and human sides of cybersecurity.=========================Connect with your hosts:Josh Mason: https://www.linkedin.com/in/joshuacmasonWade Wells: https://www.linkedin.com/in/wadingthrulogs=========================Simply Cyber empowers people who want a rewarding cybersecurity career 💪==================================================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================