Phillip Wylie Show Phillip Wylie

About the Guests:

Norman Menz and Nick Ascoli are seasoned cybersecurity professionals and entrepreneurs with experience dating back to the early days of the industry. Norman Menz is the CEO of Flare and his career spans system configuration, offensive security, vulnerability prioritization, and third-party risk assessment. He founded and led companies like Prevalent and Delve, which focused on vendor risk assessment and vulnerability prioritization, respectively. Nick Ascoli, the founder of Fortrace, started his journey with a background in Linux distros and programming. He pursued Security and Risk Analysis (SRA) at Penn State University, with a passion for red team operations and an emphasis on external exposure and data. Professionally, Nick has engaged in detection engineering and has been deeply involved in attack surface management.

Episode Summary:

In an engaging dialogue between cybersecurity leaders, Nick Ascoli and Norman Menz share their insights into the ever-evolving landscape of cybersecurity. The episode delves into the need for better understanding external threats and leveraging adversarial-focused techniques to stay ahead of cyber risks. The conversation around reconnaissance, red teaming, and attack surface management is intertwined with personal career anecdotes, illustrating a shift towards more proactive and data-centric approaches to cybersecurity.
The transcript reveals a shared origin story for both guests' companies, originating from the desire to provide an "adversarially focused view" of external footprints in cybersecurity. In an age where conventional risk quantification isn't enough, operations at an enterprise's security level require innovative solutions. The merging of Fortress and Flair is discussed as a groundbreaking step towards unifying valuable data and expertise to enhance the industry's approach to threat exposure management, pen testing, and understanding the full scope of external exposures.

Key Takeaways:

The utilization of cybersecurity tools for reconnaissance is key for red teamers and for organizations aiming to understand what's exposed.
A fundamental aspect for both Fortrace and Flare was the emphasis on data that is "operationally relevant to the sock - to actual operational level security ops."
There's a trend in cybersecurity to educate users on the difference between a vulnerability assessment and a pen test, and when each is appropriate given the maturity of an organization's security posture.
The guests emphasized the need for a "universal search" for external exposure that simplifies finding exposed data across the clear and dark web, useful for red teamers and risk managers alike.
The acquisition of Fortrace by Flare marks the first in the Continuous Threat Exposure Management (CTEM) space, aiming to centralize and streamline the approach to understanding external exposure.

Notable Quotes:

"As red teamers sort of desperate for a more adversarially focused view of your external footprint."
"There was a lot of education of just the difference between a vulnerability assessment and a pen test."
"We were educated for a while, and then the exposure started to grow, where everyone started to realize there's a lot of different flavors of exposure."
"…How do I take the intuition of a red teamer and enable it for anyone who's using a platform in a very simple manner?"

Resources:

Flare Website: https://flare.io/
Special Promotion: A self-service trial provided by Flare: https://try.flare.io/pw/
Flare LinkedIn: https://www.linkedin.com/company/flare-io/
Norman Menz's LinkedIn: https://www.linkedin.com/in/norman-menz-92829014/
Nick Ascoli's LinkedIn: https://www.linkedin.com/in/nick-ascoli-28a78b93/

About the Guest:

Tyler Day is a seasoned professional in the cybersecurity field, whose journey into penetration testing (pen testing) has been one of substantial growth and commitment. With a rich background that involves disassembling computers and game consoles from a young age, Tyler's passion for understanding the intricacies of technology has been evident. His transition from being intrigued by shows like 'Mr. Robot' to becoming a proficient pen tester showcases his dedication to the craft. Tyler's trajectory includes a period of rigorous self-teaching aided by formal education and a series of professional opportunities that forged his path in the cybersecurity industry.

Episode Summary:

In this captivating episode, Phillip Wylie engages in a deep dive with Tyler Day, unraveling the complexities and challenges of a career in penetration testing. This conversation is a treasure trove of insights for both novices and seasoned professionals in cybersecurity.
Tyler Day shares his hacker origin story, reflecting on the initial allure of cybersecurity as depicted in pop culture and his subsequent realization of the discipline's intricate nature. The discussion meanders through the real-world applications of pen testing, the perseverance required to excel, and the continuous learning imperative in the field. The conversation also touches on the mental fortitude necessary to confront competition and imposter syndrome, offering empathy and strategies to aspiring professionals in the rapidly evolving cybersecurity landscape.

Key Takeaways:

Penetration testing requires a significant commitment to continuous learning both during and outside of work hours.
Entry into the cybersecurity field can be both competitive and intimidating, yet it holds a wealth of opportunity for personal and professional growth.
It is common for cybersecurity professionals to struggle with confidence and feelings of imposter syndrome but overcoming these challenges is crucial for career advancement.
Innovation, adaptability, and persistence are essential traits for anyone embarking on or progressing within a cybersecurity career.
Seeking mentorship, being open to asking questions, and putting oneself in challenging situations are key to developing expertise in cyber pen testing.

Notable Quotes:

"Pen testing is the only pillar within the cyber field that requires you to do as much work as you do in work outside of work."
"Be yourself in your own corner. If nobody's gonna help and support you, you don't need them."
"Can I research and they know how to study? That skill, I think, is developed through just life."
"Just keeping up with the Joneses on that, and it's like, am I required to be the jack of all but master of none?"
"Do you have the time, you know, and this for the cyber field in general. Is this something that you can commit time to?"

Resources:

https://www.linkedin.com/in/tyler-day-4a831a12b/

About the Guest:

Vivek Ramachandran is the founder of SquareX and a veteran in the cybersecurity industry with over 20 years of experience in building security products and finding vulnerabilities in security systems. His entrepreneurial experience spans over a decade, during which he has built wireless monitoring solutions, pentesting gadgets, and cloud-powered lab environments. Before SquareX, he founded Pentester Academy, a cloud-based cybersecurity training startup that was successfully acquired. Vivek also discovered the infamous Caffe Latte Attack and has authored multiple books and research papers on offensive cybersecurity techniques. He has spoken at top conferences like DEFCON and BlackHat over the years.
Episode Summary:
In this Be Fearless episode, hosted by Phillip Wylie and sponsored by Square X, the conversation delves into the intricate world of cybersecurity with the spotlight on browser-based threats and the need for innovative solutions. Vivek Ramachandran, a pioneer in cybersecurity training and the mastermind behind Square X, joins the discourse to share insights from his extensive experience in the domain.
The episode unravels the complexities of securing web browsing in an enterprise landscape predominantly ruled by browser usage. Vivek critiques the current reliance on secure web gateways (SWGs) and emphasizes the limitations they present in the face of agile and sophisticated attacks. The dialogue shifts to a discussion on the superiority of browser-native solutions, advocating for their adoption over outdated cloud-based proxies, and underscoring their fundamental advantage of being application context and user interaction aware.
Key takeaways from the episode include the importance of understanding the threat landscape shaped by browser-centric workflows, recognizing the shortcomings of existing secure web gateways, and appreciating the merits of browser-native security solutions that offer rich data and immediate mitigation capabilities.

Key Takeaways:

* Browser-native security solutions provide more comprehensive protection compared to traditional secure web gateways, which lack application context and user interaction awareness.
* Browser-native security solutions built into the browser can offer better visibility and immediate mitigation against threats.
* The enterprise browser market, featuring companies like Island and Talon, focuses on a niche problem and might not be comprehensive in addressing secure browsing needs.
* The adoption of new security technology in enterprises sometimes faces friction due to reliance on analyst reports and the market's resistance to change.

Notable Quotes:

* "The browser has become the most important application used in the enterprise today." - Vivek Ramachandran
* "The next generation of attacks are starting to live and die inside the browser." - Vivek Ramachandran
* "Enterprise browsers solve a very small problem…but don't actually do anything substantial beyond that." - Vivek Ramachandran
* "I'm hoping [Square X] can disrupt this… industry for the better." - Vivek Ramachandran
* "2025 is actually going to be like a holy war… taking… disruptive [solutions]… and seeing how we can have the industry adopt this." - Vivek Ramachandran

Resources:

Get your free SquareX Chrome plugin: ⁠⁠http://sqrx.io/pw_x⁠⁠
⁠⁠https://www.linkedin.com/company/getsquarex/⁠⁠
⁠⁠https://twitter.com/getsquarex⁠
⁠⁠https://www.instagram.com/getsquarex/sible.

About the Guest:
Ryan Pullen is a cybersecurity expert based in the UK who specializes in offensive cybersecurity pathways. With a unique entry into the field through a job found on Gumtree, Ryan has carved a formidable career that moved from defensive roles into offensive cybersecurity and later involved in adversarial simulations and penetration testing. He has extensive experience in incident response and has worked on notable projects, including those in collaboration with Stripe OLT, where he is now a board member. Ryan has been instrumental in the evolution of cybersecurity since the mid-2000s, bringing a wealth of knowledge, especially in SOC operations and Microsoft security practices.

Episode Summary:

In this enlightening episode of the Philip Wylie show, Ryan Pullen joins the podcast to share his extensive journey and insights in the cybersecurity world. Ryan delves into the progression of cybersecurity practices over the past decade and offers invaluable advice to those looking to start or advance in the industry. From discussing the importance of networking to the nuances of job hunting in the cyber sector, Ryan provides a rich overview of technical and career-developing strategies.
Ryan emphasizes how persistence and self-improvement play crucial roles in both penetrating the cybersecurity job market and excelling within the field. He illustrates this point through his own 'hacker origin story', showcasing the benefits of seizing the right opportunities and the importance of continuous learning and networking. Additionally, the conversation covers resources for aspiring SOC analysts and the value of understanding an offensive cybersecurity mindset even in defensive roles. The takeaway is clear – whether you're stepping into red teaming, SOC operations, or pen testing, embracing an inquisitive attitude and expanding your network are key.

Key Takeaways:

The pathway to a cybersecurity career is varied, and taking opportunities as they come can be pivotal in finding success.
Networking is vital in the cybersecurity industry, as personal connections often lead to job opportunities and growth.
Understanding challenges from an offensive cybersecurity mindset is beneficial for roles across the security spectrum.
For those looking to enter the field, platforms like TryHackMe, HackTheBox, and Let's Defend offer valuable hands-on experiences.
Becoming a public speaker in the cybersecurity realm can open up new opportunities and serve as an effective way to give back to the community.

Notable Quotes:

"Networking is key, especially for people trying to get their foot on the ladder."
"My journey starts with, well, I was playing with this and this was interesting to me and I didn't want to put it down."
"The more you do anything, the better you're going to get."
"For anyone looking to start, have a go at all of the online kind of labs and free tools."

Resources:

LinkedIn (https://www.linkedin.com/in/ryan-pullen/)
TryHackMe (https://tryhackme.com)
HackTheBox (https://www.hackthebox.eu)
Let's Defend (https://www.letsdefend.io/)
Kusto Detective Agency (https://detective.kusto.io/)

About the Guest:
Huxley Barbee is recognized in the cybersecurity field for his extensive experience in security automation and software engineering. With a professional trajectory spanning over decades, Huxley's path began in high school, where his interest in computers and passion for programming were piqued. Throughout his career, he has significantly contributed to various sectors by emphasizing the defensive aspects of cybersecurity, scaling from hands-on firewall configurations to leading consulting practices for major corporations. As an advocate for education and collaboration in the InfoSec community, Huxley is also the organizer of BSides New York City, a renowned cybersecurity conference.
Episode Summary:
In this impactful episode of the Philip Wylie show, cybersecurity expert Huxley Barbee delves into his journey within the cybersecurity landscape, starting from the halls of his high school to the cusp of modern security automation. Listeners will be drawn into an engaging narrative that interleaves personal anecdotes with professional wisdom, highlighting pivotal moments that shaped Huxley's career.
The conversation with Phillip Wylie covers a multitude of insights, from the importance of programming knowledge in cybersecurity to the evolution of security tools and practices. Huxley underscores the need for hands-on learning and emphasizes the significance of understanding system fundamentals regardless of automation advances. The dialogue evolves to address current trends and challenges in security, particularly focusing on the nuanced utilization of AI in cybersecurity practices.
Key Takeaways:

In-depth programming knowledge can significantly enhance a cybersecurity professional's ability to understand, reverse engineer, and secure applications.
Security automation should incorporate human-driven decision points to mitigate potential risks associated with complete automation.
The cybersecurity field is evolving with new challenges, including the integration of AI and the risk management associated with older technologies that have gained new exposure, like OT systems.
Building security tools requires adopting best practices from software engineering to ensure long-term maintainability and support.
AI in cybersecurity poses an array of unpredictable outcomes and thus should be approached cautiously with risk mitigation or acceptance strategies.

Notable Quotes:

"What's most interesting about that role was I was able to combine my software engineering background with my security background and bring it all together."
"You need to understand - you are a programmer, right? Yes, you're working in the security fields, you're part of the security domain, but you are a programmer."
"One of the principles that I learned from leading that consulting practice is the goal. Your goal as a security engineer, somebody that's doing automation should never be 100% automation."
"Every single developer has done this because I'm doing this in development. It's fine. I'm just trying to get to work. When we go into production, we'll go ahead and fix that later."
"AI has a very important role to play going forward. I would not run production environments on anything that uses AI dependencies right now."

Resources:

* https://www.linkedin.com/in/huxleybarbee/
* https://twitter.com/huxleybarbee
* Infosec Exchange (Mastodon instance): @Huxley at Infosec Exchange
* BSides New York City: BSides NYC

About the Guest:

Ricky Allen is a seasoned cybersecurity expert and a key player at CyberOne, where his expertise in cybersecurity strategy and innovation is instrumental. With a rich professional history dating back to the late 1990s, he has witnessed and contributed to the evolution of the cybersecurity industry, working with companies like EDS, PricewaterhouseCoopers, and founding member status at Critical Start. His trajectory from penetration testing to defensive cybersecurity strategies highlights his comprehensive understanding of the field. Currently, he spearheads efforts in consulting, advisory work, and AI development at CyberOne, leading the charge in tackling today's sophisticated cybersecurity challenges.
Episode Summary:
In this insightful episode, Phillip Wylie sits down with Ricky Allen, a prominent figure from CyberOne, to discuss the dynamic world of cybersecurity as we enter 2024. The conversation delves into the current challenges and advancements within the sector, exploring topics such as sales strategies, budgeting hurdles in cyber defenses, and the evolving landscape of risks and threat responses.
This discussion sheds light on the transition from offensive security approaches to more comprehensive defensive strategies. Ricky shares his extensive experience, from his early roots in IT and security to his current role in shaping cybersecurity frameworks and AI applications. The conversation also touches on the importance of continuous learning in the industry and provides career guidance for aspiring cybersecurity professionals.

Key Takeaways:

Cybersecurity remains a top concern with ransomware as a multi-billion dollar industry, making budget justification and protection efforts more critical than ever.
The path from red team tactics to blue team strategies is crucial for a rounded understanding of security and effective defense mechanisms.
Modern cybersecurity operations must consider and validate even low-level threats, as they can contribute to significant breaches when combined.
Continuous education and personal initiative in learning new technologies and methodologies are key to staying relevant in the cybersecurity field.
Governance and cautious implementation of AI are necessary to harness its potential securely within organizational frameworks.

Notable Quotes:

"We have to understand the attacker's mindset. Understand how I could use this to really explain what your situation was."
"It's sometimes impossible, is the defender's job. We're always keeping up. We're always looking for that next."
"I'm excited about the next generation coming in… but often they say, 'Well, where can I get a job?' And that's the hard part."
"We've solved this… but yet to fully apply [zero trust] the way they should be."
"I'm trying to look outwards and say, what are those biggest plans? What are we working on? What are the initiatives that most listeners actually will be doing this year?"

Resources:

https://www.linkedin.com/in/rickyaallen/
https://www.linkedin.com/company/cyberonesecurity/
http://www.cyberonesecurity.com/