Purple Squad Security

I love purple teams.  Purple teaming is something that I was hoping to share with more people and more organizations!  It's part of the reason I named this podcast after them.  So why don't I think that a purple teamer exists?  It's an interesting stance, but it's one that makes sense.  Joining me this week is Haydn "Doctor Purple" Johnson to discuss all things purple. Some links of interest: Red Teamers Can Learn Secrets by Purple Teaming Purple Teaming: Red & Blue Living Together, Mass Hysteria Red Team v. Blue Team? They Are In Fact One – The Purple Team Top 4 Tips for Purple Team Exercises Purple Teaming - Lessons Learned & Ruxcon Slides BSidesTO 2015 - Haydn Johnson & Laura Rafferty - Purple View Hackfest 2016 - Chris Nickerson : Adversarial Simulation: Why your defenders are the Fighter Pilots Haydn's Slideshares @haydnjohnson Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you all again next time. Find out more at http://purplesquadsec.com

Not all penetration testing is done in a virtual setting or even through a phone call.  Sometimes you need to get down and dirty and actually interact with people.  In this very special episode I sit down and speak with the great Jek Hyde about physical penetration testing and everything that it entitles.  It's a fascinating talk for sure, and one you don't want to miss. Some links of interest: Jek's Motherboard Article IntelTechniques.com Open Source Intelligence Techniques (Book) Google Hacking Database (Google Dorks) redteamtools.com @HydeNS33k Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you all again next time. Find out more at http://purplesquadsec.com

Have you heard the term, managing up? It's and old expression used when you need to make sure that your boss has his or her expectations met so that you can focus on your own job.  Information security is really no different, and in a lot of ways it's also more important to get right.  We are an industry of social introverts and generally prefer the warm embrace of an IRC screen, Twitter feed or Slack channel for our communications.  It's taken me many years to get comfortable with speaking with other humans, but more than that I have learned there is a certain technique when speaking with executes - a special breed so to speak - about security.  Tracy Maleeff, the InfoSecSherpa, joins me to help guide us all on proper techniques to communicate with senior leadership. Some links of interest: InfoSecSherpa's Nuzzle Newsletter Information Needs Chart How To Effectively Communicate with Different Brain Types Be Brief, Be Bold, Be Gone @InfoSecSherpa Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you all again next time. Find out more at http://purplesquadsec.com

Take a pinch of blue, a dash of red, plus some good old fashioned investigative intuition and you get Threat Hunting!  Well, not exactly but it's a start!  This week Will Harmon from Trustwave's Spider Labs comes on the show to explain what Threat Hunting is, why it's important and how people can get started into this exciting infosec field! Some links of interest: Trustwave Global Security Report - 2017 threathunting.org threathunting.net SANS Reading Room for Threat Hunting eLearningSecurity - Threat Hunting Professional cybrary.it - Introduction To Cyber Threat Intelligence Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you all again next time. Find out more at http://purplesquadsec.com

The Cloud Security Alliance (CSA) has long been known to be the source of cloud security discussions.  From the CCSK to the partnership with ISC(2) to bring us the CCSP, they are definitely a group to pay attention to.  This week I focus on their "Treacherous Twelve", a list of 12 security concerns for any organization moving to the cloud. Some links of interest: CCM - https://cloudsecurityalliance.org/download/cloud-controls-matrix-v3-0-1/ CSA Top Threats To Cloud Computing Plus: Industry Insights - https://cloudsecurityalliance.org/download/top-threats-cloud-computing-plus-industry-insights/ Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you all again next time. Find out more at http://purplesquadsec.com

This week Joe Gray, host of the Advanced Persistent Security podcast, that friend you didn't recognize but added to Facebook anyway, and security researcher joins me to talk about OSINT.  This is a packed episode full of security goodness and definitely not one you want to miss! Some links of interest: Advanced Persistent Security - https://advancedpersistentsecurity.net/ @c_3pjoe Through The Hacking Glass @hackingglass @rainmain_a Peerlyst OSINT Tools Recon-NG OSINT Framework Maltego Hunch.ly Other Sites Indeed.com haveibeenpwned.com Innocent Lives Foundation Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you all again next time. Find out more at http://purplesquadsec.com

The first of a series, I sit down with Bryan and Brian of Brakeing Down Security fame to have a fun take on a classic tabletop scenario with a D&D feel.  Please hold the hate, I haven't played D&D in many years and I know it's not "classic", but it's fun and lighthearted.  We go through a few different scenarios with you all in the hopes you find it enjoyable, entertaining, and educational. If you enjoyed this episode, please let me know!  I'd like to make this a recurring theme every 12-15 episodes with different podcasters if there's enough interest.  Special shout out to @badthingsdaily on Twitter for helping provide the scenarios! Some links of interest: Brakeing Down Security - http://www.brakeingsecurity.com/ @brakesec @bryanbrake @boettcherpwned @infosystir Tabletop Scenarios - @badthingsdaily Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you all again next time. Find out more at http://purplesquadsec.com

I feel truly touched to be included in this year's tradition of the podcast of podcasters, hosted by Bryan Brake of Brakeing Down Security.  This is the audio that you will hear from the various other podcasts that were on the episode with me.  I was a bit star-struck, but it was a great time all around.  Enjoy! Podcasts and Podcasters represented on the show: Brakeing Down Security @brakesec @bryanbrake @InfoSystir Advanced Persistent Security @advpersistsec @C_3PJoe Rally Security @RallySecurity @Dakacki twitch.tv/rallysecurity youtube.com/rallysecurity Iron Sysadmin @IronSysadmin @gangrif Tracy Maleeff @InfoSecSherpa Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you all again next time. Find out more at http://purplesquadsec.com

In the completion of our look at the OWASP Top 10 for 2017, this episode will cover the final 5 items on the list, from A6 (Security Misconfiguration) through A10 (Insufficient Logging & Monitoring). Some links of interest: OWASP Top 10 - https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf OWASP XSS Filter Evasion Cheat Sheet - https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet OWASP XSS Prevention Cheat Sheet - https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet OWASP DOM-based XSS Prevention Cheat Sheet - https://www.owasp.org/index.php/DOM_based_XSS_Prevention_Cheat_Sheet Bypass WAF with DOM-based XSS - https://www.sunnyhoi.com/using-dom-based-xss-bypass-waf/ Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you all again next time. Find out more at http://purplesquadsec.com

The Open Web Application Security Project (OWASP) group has created a Top 10 web applications vulnerability list since 2003.  Normally the list gets updated every 3 years or so, with the previous release being 2013.  Now with the 2017 list being finalized, I felt it was appropriate for us to go through it and look at it from a red and blue team perspective. This episode will cover the first 5 items on the list, from A1 (Injection) through to A5 (Broken Access Control). Some links of interest: OWASP Top 10 - https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf SQLMap - http://sqlmap.org/ Burp Suite - https://portswigger.net/burp OWASP Zed Attack Proxy (ZAP) - https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you all again next time. Find out more at http://purplesquadsec.com