Cyber Work

Explore the hidden corners of the internet and the stolen identities that live there with today's guest, Amyn Gilani, Vice President of Product at 4iQ. He talks about his path from red teaming to cyber attribution intelligence, where bad guys hide on the internet, and what it's like to be “on a mission to unmask cybercriminals.”– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAmyn Gilani is the Vice President of Product at 4iQ, a Los Altos-based adversary intelligence company. Previously, he was a Chief Technologist at Booz Allen Hamilton where he provided expertise to federal and commercial clients focusing on incident response, red teaming, threat hunting and cybersecurity operations engineering. Prior to joining Booz Allen, Amyn was a Vice President in Information Security at Goldman Sachs where he led red team operations and emulated sophisticated attacks against securities trading platforms and payment systems. He began his career serving in the United States Air Force as an intelligence analyst and was on detail at the National Security Agency and United States Cyber Command.About InfosecAt Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Put on your white hat and learn how to hack for the good guys! Ethical hackers use the same techniques used by cybercriminals to assess an organization’s vulnerabilities and help keep them safe. Join Keatron Evans, Infosec instructor and Managing Partner at KM Cyber Security, in this audio rebroadcast of a popular webinar. You'll learn about getting started in ethical hacking, in-demand ethical hacking skills, popular ethical hacking training and certifications, common ethical hacking jobs and career paths, and more.– View the webinar recording of this episode on YouTube: https://www.youtube.com/watch?v=n3tl43QpnXM– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastKeatron Evans is regularly engaged in training, consulting, penetration testing and incident response for government, Fortune 50 and small business. In addition to being the lead author of the best selling book, Chained Exploits: Advanced Hacking Attacks from Start to Finish, you will see Keatron on major news outlets such as CNN, Fox News and others on a regular basis as a featured analyst concerning cybersecurity events and issues. For years, Keatron has worked regularly as both an employee and consultant for several intelligence community organizations on breaches and offensive cybersecurity and attack development. Keatron also provides world class training for the top training organizations in the industry, including Infosec Flex live boot camps and the Infosec Skills on-demand skill development platform.About InfosecAt Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Is what you're watching real, fake or a combination of both? Machine learning and artificial intelligence make it easier than ever to blur those lines, and cybercriminals are already exploiting the technology. Today's guest is Infosec Skills author Emmanuel Tsukerman, who literally wrote the book on machine learning for cybersecurity. He discusses the deep learning applications of cybercrime, how machine learning technologies are being used by security professionals, and ways you can leverage these new skills to help boost your cybersecurity career.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastDr. Tsukerman graduated from Stanford University and UC Berkeley. He began his cybersecurity career in a small startup as a cybersecurity data scientist, where he developed a machine-learning-based anti-ransomware solution that won the Top 10 Ransomware Products award by PC Magazine. In addition, Dr. Tsukerman designed a machine-learning malware detection system for Palo Alto Network's firewall service, securing over 30,000 enterprise customers in real time. He is the author of the “Machine Learning for Cybersecurity Cookbook” and the popular Infosec learning paths “Cybersecurity Data Science” and “Machine Learning for Red Team Hackers.”About InfosecAt Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Dive back into the world of Red Team operations with today's guest, John Cartrett of the SpiderLabs team at Trustwave. He leads clandestine-style operations in simulated attacks on organizations to help them find their least expected and most dangerous vulnerability points and tighten them up. Despite being a newly hot practice that a lot of people are just getting into, John has been red teaming for five years, with another thirteen years before that of IT experience and other forms of offensive testing. Listeners are always asking how to get started in red teaming and what they need to know to get on that ladder, so we'll be talking about career strategies and skill sets — but I also want to know whether anything has changed or will now change in the light of the current global COVID-19 pandemic.  With red team staffs currently scattered and isolating at home and the economy suffering, will this change the nature of red teaming now or in the years to come?– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastJohn is a Principal Consultant and the Red Team lead for the SpiderLabs team at Trustwave. His responsibilities mainly include managing all red team services in the Americas from start to finish, as well as being a subject matter expert on red team services globally. He has eighteen years of information technology experience and ten years of offensive testing experience with the last five years focused on clandestine-style Red Teaming. He has directed and executed close to one hundred full-scope red team operations for organizations of all sizes and geographic locations. He has obtained many certifications from organizations such as Microsoft,Cisco, GIAC and Offensive Security, as well as attended thousands of hours of skills-based training.About InfosecAt Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Digital forensics is an interesting field, but one that also can be a bit murky. It's handled in different ways in the private sector, military scenarios or government applications. (Spoiler: If you perform investigations on extremists and terror groups, be prepared to watch some fairly disgusting videos.) Learn all about military digital forensics and incident response from today's guest, Daniel Young, managing partner and co-founder of QuoLab Technologies. He discusses what it's like working on huge multi-person operations in the DoD and Air Force, as well as the importance of comprehensive threat information sharing, both internally and externally.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastWith nearly 15 years of experience in digital forensics and incident response, Dan Young helps drive the overall direction of his new company, QuoLab Technologies, a developer of a collaborative and threat driven Security Operations Platform (SOP). Prior to QuoLab, Dan was involved with the U.S. Department of Defense and United States Air Force in several digital forensics analyst positions. Dan is very passionate about bridging the gap between technological efficiency and human ingenuity, and firmly believes that our best way forward as an industry is to focus on collaboration and data sharing at all levels.About InfosecAt Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Regulation never rolls backwards. Once passed and enforced, it is only a matter of time before every state in the U.S. adopts new regulations like the California Consumer Privacy Act (CCPA). Join Scott Madsen, CEO at Cingo Solutions, and Jeff Dennis, Head of Privacy and Data Security at Newmeyer Dillion, for expert advice to help you stay compliant in 2020 and beyond.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastLearn how cybersecurity professionals can deal with the changing compliance landscape, including what organizations are affected by CCPA and equivalent laws, why IT and security pros need regulatory compliance expertise, and how to build privacy and compliance into your overall cybersecurity strategy.About InfosecAt Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Organizations may be hesitant to share attack vectors, data breaches and other cybersecurity information, but that siloed approach is holding cybersecurity back, says Cody Cornell, co-founder and CEO of Swimlane. On today's episode, Cody discusses the open sharing of security information, how it can transform cybersecurity from a source of consternation into an opportunity and ways to get your company to buy into this new way of thinking.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastCody is responsible for the strategic direction of Swimlane and the development of its security automation and orchestration solution. His passion for open exchange of security information and deep vendor integration drives him to pursue opportunities to maximize the value his customers receive from their investments in security operations. In 2011, Cody co-founded Phoenix Data Security Inc., a cybersecurity professional services organization known for their ability to blend strategy and engineering with an organization’s business requirements. After beginning his career in the U.S. Coast Guard, Cody spent 15 years in IT and security, including roles with the U.S. Defense Information Systems Agency, Department of Homeland Security, American Express and IBM Global Business Services.About InfosecAt Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

Patrick Craven, the director of (ISC)²'s Center for Cyber Safety and Education, teaches kids how to be safe on the internet, and he does so with the persuasive power of Garfield! On today's episode, Patrick discusses the goals of the center, including how they received exclusive use from Jim Davis to use his characters to teach internet safety to kids, teens, parents and the elderly. He also shares tips for staying safe online and how to help friends, family and loved ones stay safe from bad actors on the internet.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast Patrick Craven has over 30 years of experience working within the non-profit industry and has held various C-Level executive leadership roles across the country at notable charitable organizations such as Big Brothers Big Sisters, Vietnam Veterans Memorial Fund and the Boy Scouts of America. As Director for the Center for Cyber Safety and Education, he is responsible for all business operations, supporting the Board of Trustees, service delivery, providing leadership to employees and volunteers, managing multiple income streams, overseeing marketing and business development functions, new program development and liaising with external agencies. Patrick has been successful across the country developing innovative and award-winning marketing, advertising, sales, management and fundraising programs. He has a bachelor's in communication from Xavier University (Cincinnati, OH). Patrick is also a member of the ECPI University, Lake Mary Campus’ Program Advisory Board, Cyber and Network Security.About InfosecAt Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

Explore the world of military cybersecurity careers, capture-the-flag (CTF) competitions and offensive security with Ken Jenkins, CTO of By Light’s Cyberspace Operations Vertical. Ken discusses the various jobs he held in the military, conducting computer forensics investigations and some of the best run CTFs being held today.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastKen Jenkins currently serves at the Chief Technology Officer of By Light’s Cyberspace Operations Vertical and leads the organization’s EmberSec team. He brings more than 24 years of Information Technology and Cybersecurity expertise to his work in red teaming, penetration testing, threat hunting, threat emulation, incident response and systems engineering. Ken is also a decorated combat veteran and retired soldier. His active duty responsibilities covered operations and defense of DoD networks and battle command systems. Ken regularly completes in Capture the Flag competitions and is a technical mentor to the Cyber Patriot Program. He earned his bachelor's in Technical Management from DeVry university and holds over 30 commercial certifications, including CISSP, OSCP and many more.About InfosecAt Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

Learn all about fuzzing and application security with repeat guest Dr. Jared DeMott, CEO and founder of VDA labs. The last time he appeared (October 2018), the focus was on Internet-of-Things (IoT) security, but Jared is also the author of Fuzzing for Software Security Testing and Quality Assurance. In this episode we go deeper into continuous integration and deployment (CI/CD), fuzzing, dynamic analysis security testing and other AppSec tools, as well as practical tips and suggestions for entering the field.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastDr. Jared DeMott is the Founder & CEO of VDA Labs, a full-scope cybersecurity company. DeMott previously served as a vulnerability analyst with the NSA. He holds a PhD from Michigan State University. He regularly speaks on cyber matters at conferences like RSA, DerbyCon, BlackHat, ToorCon, GrrCon, HITB and others. He was a finalist in Microsoft’s BlueHat prize contest, which helped make Microsoft customers more secure. Dr. DeMott has been on three winning Defcon capture-the-flag teams, and has been an invited lecturer at prestigious institutions such as the U.S. Military Academy. Jared is a Pluralsight author, and is often interviewed by media to weigh in on cyber matters.About InfosecAt Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.