Everyday Cyber

Alex Reid

Everyday Cyber is your weekly guide to mastering cybersecurity — from real-world threats to real career growth. Hosted by cybersecurity analyst Alex Reid, this podcast delivers clear, actionable insights for anyone looking to stay safe online and break into the cyber industry. Whether you're a beginner exploring the field, prepping for certifications like Security+, SC-200, or aiming to land your first SOC analyst role — Everyday Cyber has your back. Each episode covers: Breaking down phishing attacks, ransomware, and real-world threats Blue team strategies and

Episodes

  1. 16 JUL

    Episode 9: Blue Team Field Manual Breakdown - Incident Response & System Hardening Toolkit | Everyday Cyber

    Join us for Episode 9 of Everyday Cyber as we dive deep into the Blue Team Field Manual by Alan White and Ben Clark - the ultimate practical guide for cybersecurity defenders. Discover essential command-line tools and techniques for Windows and Linux environments, structured around the NIST Cybersecurity Framework. Learn hands-on approaches to system hardening, network monitoring, malware analysis, and incident response. From vulnerability scanning with NMAP and Nessus to configuring firewalls and AppLocker policies, we cover the complete defensive toolkit. Whether you're a SOC analyst, system administrator, or cybersecurity professional, this episode provides actionable commands and methodologies for protecting, detecting, responding to, and recovering from cyber threats. Master the art of defensive cybersecurity operations with real-world commands you can use immediately. Blue team field manualCybersecurity defense commandsIncident response toolkitSystem hardening techniquesNetwork security monitoringWindows Linux security commandsSOC analyst guideDefensive cybersecurity operationsNIST cybersecurity framework implementationPractical incident response

    22 min

  2. 15 JUL

    Episode 9: The Complete Guide to Data Privacy Laws - From GDPR to PIPL Explained | Everyday Cyber

    Join us for Episode 9 of Everyday Cyber as we decode the complex world of data privacy and protection laws. From GDPR and CCPA to China's PIPL and Canada's PIPEDA, we break down what these regulations mean for businesses and individuals. Learn about Privacy by Design principles, data subject rights, cross-border data transfers, and how to build a robust privacy program. Whether you're a business owner, privacy professional, or simply want to understand your digital rights, this episode provides practical insights into navigating today's privacy landscape. Discover the evolution of privacy laws, key compliance requirements, and real-world case studies that shaped modern data protection. Data PrivacyGDPRCCPAPrivacy LawsData ProtectionCybersecurityPrivacy by DesignData Subject Rights

    1h 2m

  3. 14 JUL

    Network Security Monitoring Explained (Part 1): NSM, Security Onion & Real-World Detection | Ep. 8

    🚨 Episode 8 – Part 1 of 2 | Everyday Cyber PodcastIn this first part of a two-part deep dive, host Alex Reid breaks down the essentials of Network Security Monitoring (NSM) — how it works, why it matters, and the open-source tools that power real-time detection and response. From understanding the Intrusion Kill Chain to deploying tools like Security Onion, Zeek, and Suricata, this episode helps you build foundational knowledge in modern network defense. 🔍 In this episode (Part 1): What is NSM and how it differs from continuous monitoring Why prevention fails — and how NSM fills the gap Data types in NSM: full content, session, alerts, and metadata Challenges with proxies, NAT, and the X-Forwarded-For header Overview of open-source NSM tools (Security Onion, Bro/Zeek, Suricata, Sguil) 🧠 This episode is ideal for SOC analysts, blue teamers, cybersecurity students, and anyone learning how defenders really detect threats. 🎧 Part 2 coming next week. network security monitoring NSM podcast security onion tutorial zeek bro network analysis suricata ids sguil security onion intrusion kill chain explained network visibility tools incident response podcast full packet capture analysis network forensics tools x-forwarded-for proxy logs nsm data types explained cybersecurity detection stack virus total analysis networkminer pcap analysis client-side compromise server-side compromise ioc detection process blue team workflows everyday cyber podcast

    24 min

  4. 12 JUL

    Digital Forensics & Anti-Forensics Explained: NTFS Artifacts, ADS, File Carving & Timestomping | Ep. 7

    🧠 Episode 7 – Everyday Cyber PodcastIn this episode, host Alex Reid explores the battlefield between digital forensics and anti-forensics — revealing how investigators extract hidden truths from NTFS volumes, and how attackers attempt to cover their tracks. From Alternate Data Streams (ADS) and Volume Shadow Copies, to timestomping and file wiping, this episode dives into the structures and techniques that define modern forensic investigations — and the countermeasures used to evade them. 🔍 What You'll Learn in This Episode: Key forensic artifacts in NTFS: $MFT, $I30, $LogFile, $UsnJrnl How Alternate Data Streams (ADS) are used to hide data Timestomping, file wiping, and registry key deletion as anti-forensics Tools like MFTECmd, Bulk Extractor, PhotoRec, and vss_carver.py How forensic analysts perform file carving, super timelines, and triage collection The role of Zone.Identifier ADS, VSS, and SDelete in investigations Techniques attackers use to stay hidden in plain sight — and how to find them Whether you're learning digital forensics or defending against sophisticated attackers, this episode gives you a detailed breakdown of how investigations work at the file system level. digital forensics anti-forensics alternate data streams NTFS forensics volume shadow copy forensics file carving timestomping detection mftecmd tutorial file wiping photoRec recovery zone.identifier ADS NTFS metadata ADS malware hiding super timeline forensics triage collection bulk extractor forensic registry key wiping forensic tools podcast NTFS MFT analysis digital forensic investigation everyday cyber podcast

    25 min

  5. 11 JUL

    Malware Hunting at Scale: Timelines, YARA Rules & the Tools Pros Use | Ep. 6

    🧠 Episode 6 – Everyday Cyber PodcastIn this episode, Alex Reid explores how cybersecurity analysts use timeline analysis to investigate intrusions, uncover malware, and detect threats at scale. This hands-on walkthrough reveals how modern blue teams reconstruct attacks across hundreds of endpoints using tools like log2timeline, YARA, capa, and more. You’ll learn the full process from enterprise threat hunting to deep-dive forensic timeline building — including malware detection, IOC stacking, and how to pivot around suspicious activity. 🔍 Key topics covered: The 3-phase model: Threat Hunting → Triage → Deep-Dive Forensics Occurrence stacking, outlier detection, and IOC hunting Detecting malware using tools like Sigcheck, maldump, and capa Writing YARA rules and matching malware capabilities to MITRE ATT&CK Filesystem timelines vs. super timelines — when to use each Using log2timeline, Plaso, Timeline Explorer, and Timesketch How to scale timeline analysis across multiple compromised systems Practical insights for analysts, DFIR teams, and blue teamers timeline analysis threat hunting malware detection YARA rules log2timeline plaso forensic tool capa malware analysis digital forensics podcast DFIR workflow ioc hunting sigcheck malware scan timeline explorer timesketch tutorial fileless malware detection endpoint forensics blue team tactics incident response timeline cybersecurity tools forensic timeline building everyday cyber podcast

    51 min

  6. 10 JUL

    Memory Forensics in Incident Response & Threat Hunting | Detecting Malware, Rootkits & Fileless Attacks | Ep. 6

    🧠 In Episode 6 of the Everyday Cyber Podcast, host Alex Reid explores the powerful role of memory forensics in both incident response and threat hunting. This episode breaks down the techniques and tools used to uncover hidden malware, detect rootkits, and investigate in-memory attack activity across compromised systems. Whether you're working with live RAM captures or analyzing memory dumps post-incident, understanding these methods is essential for uncovering advanced adversaries and fileless threats. 🔍 What You’ll Learn in This Episode: Core memory forensics concepts for incident responders Using tools like Volatility, Velociraptor, and Memory Baseliner Identifying code injection, process hollowing, DLL injection, and reflective loading Detecting BYOVD attacks, rootkits (DKOM, SSDT, IDT hooks), and thread hijacking Investigating suspicious memory regions, handles, VAD trees, and PE headers Working with hiberfil.sys, pagefile.sys, .vmem, and .vmsn files Understanding fileless malware and “living off the land” techniques Using memory to trace attacker tools like Cobalt Strike, Emotet, and Poison Ivy Crafting detection rules using YARA, and parsing strings with bstrings If you're in digital forensics, blue teaming, or threat detection, this episode gives you actionable knowledge for using memory artifacts to expose what attackers try hardest to hide. memory forensics incident response podcast threat hunting cybersecurity podcast code injection detection volatility memory analysis process hollowing dll injection BYOVD malware rootkit analysis fileless malware detection DFIR podcast malware investigation advanced threat hunting Velociraptor forensic tool memory dump analysis endpoint forensics cobalt strike detection memory artifacts analysis digital forensics podcast

    27 min

  7. 9 JUL

    Windows Forensics & Intrusion Detection: Detecting Threats with Logs, PowerShell & Sysmon | Ep. 5

    🔍 In this episode of the Everyday Cyber Podcast, host Alex Reid takes you deep into the world of Windows forensics and intrusion detection — revealing how defenders can track advanced attacks using native event logs, system artifacts, and modern blue team tools. You’ll learn how to detect lateral movement, uncover PowerShell abuse, and investigate attacker activity using Prefetch, AppCompatCache, Amcache.hve, and Event ID correlation. We also cover how Sysmon dramatically improves visibility for detecting real-world threats. 🔐 Topics covered in this episode: Prefetch, AppCompatCache, and Amcache forensic analysis Tracking attacker movement with Event IDs 4648, 4688, and 7045 How to detect PsExec, WMI, and PowerShell Remoting PowerShell logging: Script Block Logging, Downgrade Attacks, and Defense Why Sysmon is a game-changer for endpoint intrusion detection Real-world examples of "living off the land" attacks and how to catch them Using event log artifacts to build a timeline of attacker behavior Whether you're a SOC analyst, threat hunter, or just starting your cybersecurity career, this episode helps you level up your understanding of endpoint detection and response using only what’s built into the operating system. Windows forensics Intrusion detection Cybersecurity podcast SOC analyst tools Threat detection Event log analysis PowerShell logging Sysmon for security Lateral movement detection Amcache analysis AppCompatCache Prefetch forensic evidence PsExec detection WMI attack investigation EDR strategies Windows endpoint visibility Security operations center Detecting attacker behavior Digital forensics podcast Cybersecurity incident response

    33 min

  8. 8 JUL

    Advanced Incident Response & Threat Hunting | Cyber Kill Chain, MITRE ATT&CK & Real-World Defense | Ep. 4

    🚨 Welcome to Episode 4 of the Everyday Cyber Podcast, where we break down the critical strategies behind advanced incident response and proactive threat hunting — skills every modern security team needs to stay ahead of today’s fast-moving adversaries. In this episode, host Alex Reid walks you through real-world detection and response tactics used by security operations teams to reduce attacker dwell time, detect lateral movement, and disrupt advanced threats before they succeed. 🔐 What You’ll Learn in This Episode: The evolving threat landscape and the growing speed of intrusions The full 6-step incident response process and how to do it right Why premature eradication is dangerous — and what to do instead How to leverage containment and intelligence development in real time Building a repeatable loop of scoping, analyzing, and expanding IOCs Key principles of the Cyber Kill Chain® and MITRE ATT&CK™ How to use TTPs, behavioral indicators, and campaign reconstruction Atomic, computed, and behavioral IOCs — and how to use them effectively Lessons from real-world response failures and successes This episode is packed with field-proven frameworks and tactical strategies that help defenders identify threats, contain them smartly, and strengthen long-term cyber resilience. 🎧 Listen to all episodes:https://open.spotify.com/show/1g19uYLancJsweZODur80H 🔁 New episodes weekly on: Incident response workflows Threat hunting techniques Cyber threat intelligence MITRE ATT&CK strategies SOC tools and blue team ops Entry-level cybersecurity career tips

    55 min

  9. 7 JUL

    Mastering Alert Triage, Email Threats, and Sigma Rules | Everyday Cyber Podcast Ep. 3

    🚨 Welcome to Episode 2 of the Everyday Cyber Podcast with your host Alex Reid – where we go deep into real-world defensive security practices and the essential skills needed in a modern Security Operations Center (SOC). In this episode, we break down efficient alert triage, the science of email-based threat detection, and how structured analytics like Sigma rules, deny lists, allow lists, and new term rules can dramatically improve your ability to detect and respond to cyber threats. 🔍 What you'll learn in this episode: How data enrichment increases alert fidelity The role of "features" in building security analytics Alert tuning using the Pareto Principle (80/20 rule) Deny lists vs. allow lists — strengths and weaknesses First-contact rules (New Term Rules) and how they work Overview of Sigma and how it helps standardize SIEM analytics Anatomy of a Sigma rule: metadata, log source, detection, condition How to improve SOC morale and reduce burnout Network layer disruption strategies: Layer 3, 4, and 7 blocking Why a home lab is your secret weapon for mastering company-scale monitoring Whether you’re a SOC analyst, blue teamer, or aspiring cybersecurity pro, this episode gives you advanced yet accessible insights to level up your detection engineering, automation mindset, and operational efficiency.

    36 min
  10. Efficient Alert Triage & Email Threats: Mastering Cyber Defense Tactics

    6 JUL

    Efficient Alert Triage & Email Threats: Mastering Cyber Defense Tactics

    In this episode of the Everyday Cyber cybersecurity podcast, host Alex Reid explores one of the most critical skills in modern security operations: alert triage and email threat analysis. You'll learn how structured analytical techniques like Hypothesis Generation, Link Analysis, and Analysis of Competing Hypotheses (ACH) can help you cut through alert fatigue, sharpen your decision-making, and avoid cognitive biases during complex investigations. We also break down OPSEC best practices — essential when gathering threat intel or investigating targeted attacks — so you don’t inadvertently tip off adversaries. Then we dive into the core of email security, including: How SPF, DKIM, DMARC, and ARC really work How attackers spoof emails and bypass protections Real-world examples of Business Email Compromise (BEC), malicious attachments, and phishing links Proven email threat detection strategies every Blue Teamer should know If you're pursuing a career in cybersecurity or already working in a SOC, this episode will elevate your alert triage skills and email analysis confidence.

    33 min

  11. 6 JUL

    Inside the SOC: Foundations of Blue Team Operations

    Welcome to the first episode of Everyday Cyber! In this foundational deep dive, host Alex Reid walks you through the core mission, structure, and daily reality of a modern Security Operations Center (SOC). You'll learn how security teams are organized, what tools they use, and how they handle vast amounts of data to detect and respond to cyber threats. We’ll break down: The mission and mindset of a Blue Team SOC structure and key functions Data sources: logs, network traffic, and endpoints Fundamentals of DNS and HTTP analysis How Windows and Linux systems log activity How analysts identify malware, suspicious files, and triage alerts The role of continuous improvement, enrichment, and automation in modern SOCs Whether you're just starting your cybersecurity journey or brushing up your skills, this episode gives you a clear, structured look into the frontline of cyber defense.

    46 min
  • 11 Episodes

About

Everyday Cyber is your weekly guide to mastering cybersecurity — from real-world threats to real career growth. Hosted by cybersecurity analyst Alex Reid, this podcast delivers clear, actionable insights for anyone looking to stay safe online and break into the cyber industry. Whether you're a beginner exploring the field, prepping for certifications like Security+, SC-200, or aiming to land your first SOC analyst role — Everyday Cyber has your back. Each episode covers: Breaking down phishing attacks, ransomware, and real-world threats Blue team strategies and

Information

  • Creator
    Alex Reid
  • Years Active
    2K
  • Episodes
    11
  • Rating
    Clean
  • Copyright
    © Alex Reid
  • Show Website
    Everyday Cyber