Phillip Wylie Show | Cybersecurity & Pentesting Podcast

Phillip Wylie

The Phillip Wylie Show is a premier cybersecurity podcast and media source for offensive security professionals. Hosted by Phillip Wylie, globally recognized ethical hacking expert, keynote speaker, and co-author of The Pentester Blueprint, the show features elite red team operators, penetration testers, and security leaders sharing real-world tradecraft, advanced tactics, career strategy, and insights on AI-driven cyber threats.

  1. Ridge Security in the Real World: An Offensive Security Practitioner's Perspective

    15h ago

    Ridge Security in the Real World: An Offensive Security Practitioner's Perspective

    ## How AI-Powered Penetration Testing Is Transforming Security Validation with Andy Simpson**Sponsored by Ridge Security**In this sponsored episode of The Phillip Wylie Show, Phillip Wylie welcomes Andy Simpson, founder of Cipher Security, for an in-depth discussion about the future of penetration testing, continuous security validation, API security, and the growing role of AI in offensive security.What makes this conversation unique is that Andy is not a Ridge Security employee. As a cybersecurity consultant and penetration testing practitioner, he evaluated multiple automated security testing platforms before selecting Ridge Security to help scale and enhance his team's testing capabilities.Drawing on decades of experience in IT, infrastructure, executive leadership, and offensive security, Andy shares his journey from working at IBM to building a successful offensive security consultancy serving organizations throughout Australia and New Zealand.The conversation explores the challenges facing modern security teams, including expanding attack surfaces, API security risks, infostealer-driven attacks, limited security resources, and the need to continuously validate security controls. Andy also demonstrates how automation and AI-driven testing are changing the way organizations identify and validate risk.## Topics Covered* Andy Simpson's cybersecurity origin story* From IBM engineer to offensive security consultant* The evolution of penetration testing* Common shortcomings in traditional API assessments* Continuous Threat Exposure Management (CTEM)* Vulnerability validation versus vulnerability identification* Automated penetration testing at scale* Attack surface management## Key Takeaways* Annual penetration testing is often insufficient for today's threat landscape.* Organizations need continuous validation of their attack surface and security controls.* API security remains one of the most overlooked areas of cybersecurity.* Security teams must focus on validating risk rather than simply identifying vulnerabilities.* Automation helps security teams scale without sacrificing visibility.* Generative AI is enabling deeper testing of business logic and application workflows.* Human expertise remains critical, but AI-powered testing is becoming an important force multiplier.* Attackers are increasingly leveraging stolen credentials and authenticated access paths, making continuous testing more important than ever.Connect with Andy Simpson:Andy's LinkedIn: https://www.linkedin.com/in/andy-simpson-nz/Cipher Security website: https://ciphersecurity.co.nz/## Episode SponsorThis episode is sponsored by Ridge Security.Connect with Ridge Security:Ridge Security website: https://ridgesecurity.aiGet a free RidgeBot Demo: https://ridgesecurity.ai/demo-request/ Ridge Security LinkedIn: https://www.linkedin.com/company/ridge-security/posts/?feedView=allRidge Security provides automated penetration testing and security validation solutions that help organizations continuously identify, validate, and prioritize security risks across networks, web applications, APIs, and cloud environments. During this episode, Andy shares his firsthand experience using Ridge Security's platform as part of his offensive security practice. ## Connect with Andy SimpsonConnect with Andy on LinkedIn to learn more about offensive security, API testing, threat exposure management, and the future of AI-powered security testing.## Listen, Subscribe, and ShareEnjoyed the episode? Subscribe to The Phillip Wylie Show, leave a review, and share this episode with your network to help others learn about the future of penetration testing and security validation.#ThePhillipWylieShow #Cybersecurity #PenTesting #OffensiveSecurity #APISecurity #AI #ArtificialIntelligence #CTEM #ThreatExposureManagement #RidgeSecurity #SecurityTesting #EthicalHacking #CyberDefense #InfoSec #CyberRisk

    59 min
  2. From Hacker to Medical Device Pentester: Sean Satterlee on Securing Life-Critical Technology

    6d ago

    From Hacker to Medical Device Pentester: Sean Satterlee on Securing Life-Critical Technology

    What happens when hacking moves beyond computers and into devices that can keep people alive?In this episode of The Phillip Wylie Show, Phillip Wylie welcomes Sean Satterlee to discuss the rapidly growing field of medical device security. Sean explains how security researchers evaluate connected healthcare technology, the skills needed to transition into hardware hacking, and why traditional pentesting knowledge is still incredibly valuable in the world of embedded systems.From Wireshark and wireless protocols to JTAG, UART, and hardware analysis, this conversation provides a practical roadmap for cybersecurity professionals interested in expanding their offensive security skillset.========================= Connect with Sean Satterlee:LinkedIn: https://www.linkedin.com/in/seansatterlee/========================= Connect with your host, Phillip Wylie: LinkedIn: https://linkedin.com/in/phillipwylieX: https://x.com/PhillipWylieInstagram: https://www.instagram.com/phillipwylie

    31 min
  3. From Mischief to Mastery: Christian Gonzalez's Cybersecurity Journey

    Jun 9

    From Mischief to Mastery: Christian Gonzalez's Cybersecurity Journey

    In this episode of The Phillip Wylie Show, Phillip sits down with longtime friend, former student, and offensive security professional Christian Gonzalez. Christian shares his journey from curious teenager and network engineer to penetration tester, mobile application security specialist, and AI security researcher. The conversation explores career growth, certifications, AI security, and how aspiring pentesters can stay relevant in an increasingly competitive cybersecurity landscape. ========================= Connect with Christian Gonzalez:LinkedIn: https://www.linkedin.com/in/christian-g-672104160/Educational AI Pentesting Lab: https://www.aipwn.me/========================= Connect with your host, Phillip Wylie: LinkedIn: https://linkedin.com/in/phillipwylieX: https://x.com/PhillipWylieInstagram: https://www.instagram.com/phillipwylie

    24 min
  4. Creating Content That Matters: Cybersecurity, Authenticity, and Building Your Brand with Eva Benn

    Jun 2

    Creating Content That Matters: Cybersecurity, Authenticity, and Building Your Brand with Eva Benn

    In this episode of The Phillip Wylie Show, Phillip Wylie welcomes back cybersecurity leader, content creator, and self-described "Cybersecurity Bestie," Eva Benn. Eva shares her journey from growing up in rural Bulgaria with no access to technology to becoming a cybersecurity leader, red team professional, and influential content creator. The conversation explores how cybersecurity professionals can leverage content creation to educate others, grow their careers, and make a meaningful impact on the community.Rather than focusing on followers or personal branding, Eva discusses why successful content creation starts with helping others. She offers practical advice for aspiring creators, explains how she built her Security Mondays series, shares lessons learned from producing cybersecurity content, and discusses the importance of authenticity in an AI-driven world.========================= Connect with Eva Benn:LinkedIn: https://www.linkedin.com/in/evabenn/YouTube: https://www.youtube.com/@evabennofficialInstagram: https://www.instagram.com/evabennofficial/========================= Connect with your host, Phillip Wylie: LinkedIn: https://linkedin.com/in/phillipwylieX: https://x.com/PhillipWylieInstagram: https://www.instagram.com/phillipwylie

    32 min
  5. Jeremiah Grossman: The Future of Vulnerability Management

    May 26

    Jeremiah Grossman: The Future of Vulnerability Management

    In this episode of The Phillip Wylie Show, Phillip Wylie sits down with legendary application security pioneer and entrepreneur Jeremiah Grossman to discuss the evolution of web security, vulnerability management, cyber insurance, AI-driven software development, and the future of offensive security.Jeremiah shares his hacker origin story, from hacking his ISP as a teenager to discovering vulnerabilities in Yahoo Mail during the early days of the web. That experience eventually led him to Yahoo and later to founding WhiteHat Security, one of the first SaaS-based web application security companies.The conversation dives deep into how application security evolved from manual testing and early vulnerability scanners into scalable AppSec programs, as well as why modern vulnerability management is still fundamentally broken. Jeremiah explains why only a tiny percentage of CVEs ever lead to real financial loss and how his latest company is approaching vulnerability prioritization differently. ========================= Connect with Jeremiah Grossman: LinkedIn: https://www.linkedin.com/in/grossmanjeremiah Website: https://www.jeremiahgrossman.com Root Evidence: https://www.rootevidence.com ========================= Connect with your host, Phillip Wylie: https://linkedin.com/in/phillipwylieX https://x.com/PhillipWylieInstagram https://www.instagram.com/phillipwylie Chapters 00:00 Introduction to Content Creation Journey 02:15 Eva's Hacker Origin Story 05:03 Career Advice for Aspiring Cybersecurity Professionals 06:19 The Importance of Skills Over Certifications 07:44 Motivation Behind Content Creation 10:00 Navigating Misinformation in Cybersecurity Education 12:57 The Role of AI in Content Creation 13:41 Mindset Shifts for New Content Creators 16:38 Types of Content and Finding Your Niche 18:20 The Importance of Experience in Content Creation 20:41 Balancing Structure and Authenticity in Content 24:44 Equipment Recommendations for Beginners 28:18 Final Thoughts on Content Creation 31:44 Phillip Wylie Show Outro

    28 min
  6. Hacking Then and Now: Ed Skoudis on AI, Pen Testing, and the Future of Cybersecurity

    May 19

    Hacking Then and Now: Ed Skoudis on AI, Pen Testing, and the Future of Cybersecurity

    In this episode of The Phillip Wylie Show, Phillip Wylie sits down with legendary security expert Ed Skoudis to discuss his hacker origin story, the evolution of penetration testing, and how AI is transforming offensive security.Ed shares how he got started hacking on early home computers like the Commodore VIC-20 and Timex Sinclair 1000, his journey into professional penetration testing, and the early days of DEF CON and the cybersecurity industry. The conversation also dives deep into AI-assisted penetration testing, vulnerability discovery, the future of CTFs, certifications, home labs, and what aspiring hackers should focus on to succeed in today’s rapidly changing landscape.From classic hacking stories to cutting-edge AI research, this episode is packed with insights for anyone interested in ethical hacking, red teaming, and the future of cybersecurity.========================= Connect with Ed Skoudis:LinkedIn: https://www.linkedin.com/in/edskoudisWebsite: https://www.counterhack.com/SANS Holiday Hack Challenge: https://www.sans.org/cyber-ranges/holiday-hack-challenge========================= Connect with your host, Phillip Wylie: LinkedIn: https://linkedin.com/in/phillipwylieX: https://x.com/PhillipWylieInstagram: https://www.instagram.com/phillipwylie

    33 min
  7. Winn Schwartau: Hacker Culture, Cognitive Security, and the Human Element

    May 12

    Winn Schwartau: Hacker Culture, Cognitive Security, and the Human Element

    Computer security analyst and author Winn Schwartau joins Phillip Wylie for a deep conversation on hacker culture, cognitive security, information warfare, and the evolution of cybersecurity from the early days of computing to today’s AI-driven world.Winn shares stories from his early days bypassing locked telephone systems as a child, his transition from the live recording industry into cybersecurity in the 1980s, and how his engineering mindset shaped his approach to systems hacking. The conversation explores the rise of cloud computing, the increasing specialization required in cybersecurity, and why human behavior remains one of the industry’s biggest vulnerabilities.The episode also dives into Winn’s groundbreaking work around cognitive security, misinformation, disinformation, and “critical ignoring” — the idea that filtering out noise is becoming just as important as critical thinking in today’s information-overloaded society.Listeners will also hear Winn’s thoughts on hiring practices in cybersecurity, why failure is essential for growth, and how the industry still overlooks talented people who do not fit traditional hiring molds.========================= Connect with Winn Schwartau:LinkedIn: https://www.linkedin.com/in/winnschwartau Website: https://www.winnschwartau.com/========================= Connect with your host, Phillip Wylie: LinkedIn: https://linkedin.com/in/phillipwylieX: https://x.com/PhillipWylieInstagram: https://www.instagram.com/phillipwylie

    32 min
  8. Amar Sonik: Why Cybersecurity Fundamentals Still Matter

    May 5

    Amar Sonik: Why Cybersecurity Fundamentals Still Matter

    In this episode of The Phillip Wylie Show, Phillip sits down with Amar Sonik to talk about what really matters in cybersecurity.They dig into why fundamentals like networking and Linux still separate good security professionals from great ones, how conferences like B-Sides Singapore and CYBR.HAK.CON. help shape careers, and how AI is changing the way people learn hacking.Amar Sonik shares practical advice for anyone trying to break into cybersecurity, along with lessons from organizing security events and working in the field.If you’re trying to get started or level up your skills, this episode keeps it real.========================= Connect with Amar Sonik:LinkedIn: https://www.linkedin.com/in/amarjitsonik/========================= Connect with your host, Phillip Wylie: LinkedIn: https://linkedin.com/in/phillipwylieX: https://x.com/PhillipWylieInstagram: https://www.instagram.com/phillipwylie========================= Information about CYBR.HAK.CON. and tickets:https://cybrhakcon.com/

    27 min
See All (203)

Ratings & Reviews

4.9
out of 5
17 Ratings

About

The Phillip Wylie Show is a premier cybersecurity podcast and media source for offensive security professionals. Hosted by Phillip Wylie, globally recognized ethical hacking expert, keynote speaker, and co-author of The Pentester Blueprint, the show features elite red team operators, penetration testers, and security leaders sharing real-world tradecraft, advanced tactics, career strategy, and insights on AI-driven cyber threats.

Information

You Might Also Like