Simply Defensive

Simply Cyber Media Group
  • 5.0(2개의 평가)
  • 과학 기술
  • 매주 업데이트

Join us for Simply Defensive, a podcast dedicated to exploring the world of defensive cybersecurity through the lens of real-world experts. In each episode, we'll interview leading professionals from the cybersecurity industry, delving into their experiences, challenges, and innovative solutions. Whether you're a seasoned cybersecurity veteran or just starting to learn about the field, Simply Defensive offers valuable insights and practical advice to help you stay ahead of the curve. Tune in as we discuss the latest threats, emerging technologies, and best practices for protecting your organization from cyberattacks. ========================= Connect with your hosts: Josh Mason: https://www.linkedin.com/in/joshuacmason Wade Wells: https://www.linkedin.com/in/wadingthrulogs ========================= Simply Cyber empowers people who want a rewarding cybersecurity career 💪 ========================= ========================= All the ways to connect with Simply Cyber https://SimplyCyber.io/Socials =========================

  1. 2025. 12. 01.

    From Pre-Law to FLARE: How Josh Stroschein Became Google's Malware Analyst

    In this episode of Simply Defensive, Josh Mason and Wade Wells sit down with Josh Stroschein — aka The Cyber Yeti — a former professor turned reverse engineer now working on one of the largest malware analysis teams in the world. Josh shares his unconventional path through .NET development, credit card processing security, and academia before landing at Google. He opens up about teaching reverse engineering while learning it himself, building educational CTFs, and the realities of making it as a full-time reverse engineer in an industry where those roles are rare. What you'll hear: 🔹 From pre-law to pilot training to PhD in cybersecurity 🔹 How teaching RE forced him to truly master it 🔹 Life inside Google's FLARE team (via Chronicle → Mandiant) 🔹 Flareon CTF — the RE challenge that's run for 12 years 🔹 A wild Black Hat NOC story involving an infected Mac and Atomic Stealer 🔹 Using AI to build malware samples for training labs 🔹 Why going low-level is the best advice for blue teamers Chapters: 00:00 Introduction and Welcome 00:50 Josh's Connection to Dr. Gerald Auger 02:00 The Non-Traditional Path: Pre-Law, Pilot Training & .NET Dev 05:00 Getting Into Security at a Credit Card Processor 07:00 Teaching Reverse Engineering at Dakota State 10:00 Flareon CTF and Educational CTF Design 14:00 Is Reverse Engineering Offensive or Defensive? 17:00 How Rare Are Full-Time RE Roles? 21:00 The Path to Google: Chronicle, Mandiant & FLARE 25:00 Learning Through Teaching and YouTube Content 28:00 Black Hat NOC Story: Catching Atomic Stealer Live 33:00 Using AI to Create Malware Training Samples 37:00 Building a Defang Tool (and .NET Nightmares) 40:00 Advice for Blue Teamers: Go Low-Level 🎧 Find Josh Stroschein: → Website: https://www.thecyberyeti.com → YouTube: The Cyber Yeti → Podcast: The Cyber Yeti Podcast 👥 Connect with the Hosts:→ Josh Mason: https://www.linkedin.com/in/joshuacmason/→ Wade Wells: https://www.linkedin.com/in/wadingthrulogs/→ Swimlane: https://www.linkedin.com/company/swimlane 🎙️ Listen on Your Favorite Platform:→ Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4→ Apple Podcasts: https://podcasts.apple.com/us/podcast/simply-defensive/id1773806182→ Full Playlist: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4 👍 If you enjoyed this episode, don't forget to like, subscribe, and share with your fellow defenders. Every week, Josh Mason and Wade Wells bring you practical, no-fluff conversations with cybersecurity professionals who are doing the work. =========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

    40분

  2. 2025. 11. 24.

    Building Zero Trust Tools: Inside ThreatLocker with Product Manager Yuriy Tsibere

    In this episode of Simply Defensive, hosts Josh Mason and Wade Wells welcome Yuriy Tsibere, Product Manager at ThreatLocker, for a behind-the-scenes look at how security products actually get built. Yuriy's path to cybersecurity started in Ukraine, where he worked in telecom during sophisticated APT campaigns that lasted over a year. Now at ThreatLocker, he shapes the tools defenders use daily—from allow listing to compliance automation. Episode Highlights: What product managers actually do at security companiesAPT attack patterns: social engineering meets technical exploitationHow allow listing, ring fencing, and network control protect endpointsDefense Against Configuration (DAC): automating FedRAMP, HIPAA, and NIST complianceWhy misconfigurations remain one of the biggest security gapsBalancing strict security with real-world usabilityYuriy's top advice for defenders: Educate your personnelKey Takeaway: Most breaches still come from employees clicking without paying attention. Security products matter, but user education accounts for the largest share of issues. Yuriy also emphasizes that when compliance drift happens—when systems become uncompliant—it should trigger an investigation into what changed and why. Resources Mentioned: ThreatLocker Zero Trust Endpoint ProtectionDefense Against Configuration (DAC) for compliance monitoringZero Trust World ConferencePerfect for blue teamers, SOC analysts, security engineers, and anyone interested in how security products evolve from concept to deployment. Connect with Yuriy Tsibere (Guest) on LinkedIn: https://www.linkedin.com/in/yuriy-tsibere/ 🔗 Links & Resources: → ThreatLocker Free Trial: https://www.threatlocker.com/simplydefensive → Zero Trust World Conference: https://www.intlcybersec.org/zerotrustworldmain 👥 Connect with the Hosts:→ Josh Mason: https://www.linkedin.com/in/joshuacmason/→ Wade Wells: https://www.linkedin.com/in/wadingthrulogs/→ Swimlane: https://www.linkedin.com/company/swimlane 🎙️ Listen on Your Favorite Platform:→ Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4→ Apple Podcasts: https://podcasts.apple.com/us/podcast/simply-defensive/id1773806182→ Full Playlist: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4 👍 If you enjoyed this episode, don't forget to like, subscribe, and share with your fellow defenders. Every week, Josh Mason and Wade Wells bring you practical, no-fluff conversations with cybersecurity professionals who are doing the work. 💡 Brought to you by ThreatLocker – Secure your business with zero trust application control. https://www.threatlocker.com/simplydefensive =========================Sponsored by @ThreatLocker - Free 30-day trial visit:https://www.threatlocker.com/simplydefensive=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

    36분

  3. 2025. 11. 17.

    Cyber Insurance Explained: What Blue Teams Need to Know Before an Incident

    From teaching AP art history to brokering cyber insurance deals. 🎓➡️🛡️ In this episode of Simply Defensive, Josh Mason and Wade Wells sit down with Andy Runyan from Yukon to break down everything blue teamers need to know about cyber insurance — before an incident happens. Andy shares his unconventional journey from fourth-generation educator and baseball coach to becoming a cyber insurance specialist, and explains why understanding your policy is just as important as your incident response plan. What you'll hear:🔹 How cyber insurance actually works (and what it doesn't cover)🔹 Why having an incident response retainer matters — before you need it🔹 The role of cyber insurance in incident response and recovery🔹 Third-party contract requirements and state mandates on the rise🔹 Common mistakes companies make when filing claims🔹 FTC Safeguard Rules and what they mean for businesses🔹 How to prepare your organization for cyber insurance requirements🔹 What lowers premiums (and what should, but doesn't) Why This Matters for Blue Teamers:If you're in a SOC or handling incident response, you will interact with cyber insurance at some point. Understanding how policies work, what triggers coverage, and how to prepare can make the difference between a smooth recovery and a catastrophic financial loss. This episode gives you the insider knowledge to help your organization be ready. ⏱️ Timestamps:00:00 Introduction and Welcome00:15 Andy's Unique Background: From Teacher to Cyber Insurance03:00 Getting Into Cyber Insurance in 201904:00 The Wild West of Cyber Insurance During COVID06:00 When Companies Actually Buy Cyber Insurance08:00 What Blue Teamers Need to Know About Insurance10:00 The Problem with Incident Response Retainers12:00 How Insurance Companies Handle IR vs. What You Need15:00 Multi-Factor Authentication and Premium Discounts18:00 Why Having an IR Plan Doesn't Lower Your Premium (But Should)21:00 Third-Party Contract Requirements on the Rise24:00 State Mandates: What's Coming Next?27:00 FTC Safeguard Rules and Compliance Reality30:00 Where to Learn More About Yukon 🔗 Connect with Andy Runyan:→ Yukon Website: https://www.ukon.com→ LinkedIn: https://www.linkedin.com/in/andy-runyan→ Email: andy.runyan@ukon.com 👥 Connect with the Hosts:→ Josh Mason: https://www.linkedin.com/in/joshuacmason/→ Wade Wells: https://www.linkedin.com/in/wadingthrulogs/→ Swimlane: https://www.linkedin.com/company/swimlane 🎙️ Listen on Your Favorite Platform:→ Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4→ Apple Podcasts: https://podcasts.apple.com/us/podcast/simply-defensive/id1773806182→ Full Playlist: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4 👍 If you enjoyed this episode, don't forget to like, subscribe, and share with your fellow defenders. Every week, Josh Mason and Wade Wells bring you practical, no-fluff conversations with cybersecurity professionals who are doing the work. =========================Sponsored by @ThreatLocker - Free 30-day trial visit:https://www.threatlocker.com/simplydefensive=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

    33분

  4. 2025. 11. 10.

    Building Forensics Tools That Last | Brian Carrier (Autopsy, Sleuth Kit)

    Josh Mason and Wade Wells sit down with Brian Carrier, the creator of Sleuth Kit and Autopsy, two of the most widely used digital forensics tools in the world. They dig into how Brian got his start in the early days of computer forensics, how open source shaped his career, and what he’s building now with Cyber Triage. From stories about government funding and tool rewrites to the evolving balance between open source and commercial software, this episode is packed with insight for blue teamers, DFIR pros, and anyone who cares about investigation tooling that actually works. Watch to hear: The 25-year evolution of Sleuth Kit & AutopsyHow Cyber Triage simplifies investigations for SOCsThe tradeoffs between open source and commercial toolsWhat Brian sees next in AI-driven forensics ⏱️ Timestamps: 00:00 Introduction and Guest Introduction 00:15 Brian Carrier's Journey with Sleuth Kit and Autopsy 02:06 Evolution and Funding of Autopsy 06:52 Open Source vs. Commercial Software 10:16 Future Roadmap and Innovations 14:16 Autopsy and Cyber Triage for Blue Teamers 16:24 Challenges in EDR and SOC Analysis 16:41 Investigative Process and Clues 17:18 Handling Noisy Data in EDR 17:49 Importance of Tracing Malware 18:28 Deploying Additional Collectors 19:25 Feedback from the Community 21:21 Cyber Insurance and Incident Response 23:34 Automation in Forensics 28:41 Advice for Blue Teamers 30:12 Conclusion and Final Thoughts Links: 🎧 Listen on Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4 🍎 Listen on Apple Podcasts: https://podcasts.apple.com/us/podcast/simply-defensive/id1668519478 💻 Learn more about Sleuth Kit: https://sleuthkit.org/ 🔍 Try Autopsy: https://www.autopsy.com/ 🧠 Explore Cyber Triage: https://www.cybertriage.com/ Connect with Brain: 👤 Brian Carrier on LinkedIn: https://www.linkedin.com/in/brian-carrier-169243/ 🏢 Sleuth Kit / Basis Technology on LinkedIn: https://www.linkedin.com/company/basis-technology/ 💼 Cyber Triage on LinkedIn: https://www.linkedin.com/company/cyber-triage/ Don't forget to like, subscribe, and hit the bell icon for more blue team content! 🔗 Follow the hosts:Josh Mason: https://www.linkedin.com/in/joshuacmason/Wade Wells: https://www.linkedin.com/in/wadingthrulogs/💡 Brought to you by ThreatLocker – Secure your business with zero trust application control. https://www.threatlocker.com/simplydefensive 🎙️ More Simply Defensive- Full playlist: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4- Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4- Apple Podcasts: https://podcasts.apple.com/il/podcast/simply-defensive/id1773806182 👍 If you enjoyed this episode, don’t forget to like, subscribe, and share with your fellow defenders. Every week, Josh Mason and Wade Wells bring you practical, no-fluff conversations with cybersecurity leaders. =========================Sponsored by @ThreatLocker - Free 30-day trial visit:https://www.threatlocker.com/simplydefensive=========================All the ways to connect with Simply Cyber https://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

    32분

  5. 2025. 11. 03.

    Balancing Education and Real-World Cybersecurity with a SOC Analyst Student

    In this episode of Simply Defensive, host Josh Mason and co-host discuss their experiences and challenges in cybersecurity, along with guest Victoria, a student and SOC analyst at UNLV. The conversation covers the complexities of building a Security Operations Center (SOC) and compares academic learning with real-world applications. Victoria shares insights from her studies and practical work, including developing a SOC program at UNLV and addressing common cybersecurity misconceptions. The episode highlights the importance of communication, real-world projects, continuous learning, and the balance between technical and business aspects of cybersecurity. 00:00 Introduction and Host Banter00:20 Guest Introduction: Victoria01:03 Building a SOC: Challenges and Experiences01:29 Education vs. Real-World Experience02:29 SOC Class and Practical Training03:49 Group Projects and Communication07:14 Real-Life Incident Stories10:33 Getting into Cybersecurity: Victoria's Journey12:54 Business Side of Cybersecurity16:17 The Cost of MFA and Free Alternatives16:31 Lock Picking and Security Value17:30 Teaching Cybersecurity Concepts18:44 Consulting Experience for Students19:15 Client Feedback and Confidential Reports19:52 Challenges in Cybersecurity Projects20:27 Transitioning into the SOC22:34 Federal and State Regulations26:16 Advice for Blue Teamers28:06 Conclusion and Farewell Don't forget to like, subscribe, and hit the bell icon for more blue team content! 🔗 Follow the hosts:Josh Mason: https://www.linkedin.com/in/joshuacmason/Wade Wells: https://www.linkedin.com/in/wadingthrulogs/💡 Brought to you by ThreatLocker – Secure your business with zero trust application control. https://www.threatlocker.com/simplydefensive 🎙️ More Simply Defensive- Full playlist: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4- Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4- Apple Podcasts: https://podcasts.apple.com/il/podcast/simply-defensive/id1773806182 👍 If you enjoyed this episode, don’t forget to like, subscribe, and share with your fellow defenders. Every week, Josh Mason and Wade Wells bring you practical, no-fluff conversations with cybersecurity leaders. =========================Sponsored by @ThreatLocker - Free 30-day trial visit:https://www.threatlocker.com/simplydefensive=========================All the ways to connect with Simply Cyber  https://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

    32분

  6. 2025. 10. 20.

    From Help Desk to SOC: How KevTech Broke Into Cybersecurity Without Certs

    What happens when you go from fixing executives’ laptops at Goldman Sachs to defending against cyber threats in a SOC? In this episode of Simply Defensive, hosts Josh Mason and Wade Wells sit down with Kevin Apolinario — better known as KevTech — to unpack his journey from IT support to cybersecurity analyst, all without a single certification. Kev gets real about what it’s actually like to land your first SOC role: the flood of alerts, the burnout, learning Excel the hard way, and relying on ChatGPT to survive scripting. He also shares how TryHackMe, Hack The Box, and constant hands-on practice built the foundation for his success. If you’ve ever wondered what breaking into cybersecurity really looks like, this conversation pulls back the curtain — no fluff, no spin, just honest talk from the trenches. Chapters:00:00 Introduction and Welcome00:29 Guest Introduction: Kev Apolinario00:51 Transition to SOC Analyst Role01:53 Challenges and Learning in Cybersecurity06:43 Handling Alerts and Fatigue10:26 Importance of Teamwork and Asking for Help19:56 Executive Support Experience27:02 Advice for Aspiring Blue Teamers Follow Kevin on YouTube: https://youtube.com/@kevtechitsupportConnect with Kevin on LinkedIn: https://www.linkedin.com/in/itprofessionalkevinapolinario Don't forget to like, subscribe, and hit the bell icon for more blue team content! 🔗 Follow the hosts:Josh Mason: https://www.linkedin.com/in/joshuacmason/Wade Wells: https://www.linkedin.com/in/wadingthrulogs/💡 Brought to you by ThreatLocker – Secure your business with zero trust application control. 🎙️ More Simply Defensive- Full playlist: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4- Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4- Apple Podcasts: https://podcasts.apple.com/il/podcast/simply-defensive/id1773806182 👍 If you enjoyed this episode, don’t forget to like, subscribe, and share with your fellow defenders. Every week, Josh Mason and Wade Wells bring you practical, no-fluff conversations with cybersecurity leaders. =========================Sponsored by @ThreatLocker - Free 30-day trial visit:https://www.threatlocker.com/simplydefensive=========================All the ways to connect with Simply Cyber  https://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

    30분

  7. 2025. 10. 13.

    Detection Engineering Tutorial: Cloud Security, Kubernetes Logging & SOC Career Path

    In this episode of Simply Defensive, we sit down with JB, a Senior Cybersecurity Engineer working in detection engineering. JB shares his journey from SOC analyst to detection engineer, diving deep into the challenges of cloud-native security, Kubernetes logging, and building a sustainable career in cybersecurity. What We Cover: What detection engineering actually means in 2025Working with dual-cloud environments (AWS + GCP)The challenges of Kubernetes logging and ephemeral containersSANS FOR508 (Digital Forensics and Threat Hunting) experienceHow to avoid burnout in InfoSecBuilding a SOC career: What do entry-level analysts really need to know?Work-life balance with kids and an ambitious security careerDefCon stories and the Octopus Games competitionResources & Links Mentioned: Live Overflow's Hextree.io learning platform: https://hextree.ioSANS FOR508 (GCFA): https://www.sans.org/cyber-security-courses/advanced-incident-response-threat-hunting-training/Marcus Hutchins (MalwareTech) on LinkedIn: https://www.linkedin.com/in/malwaretech/Graham Helton's Kubernetes security work: https://www.linkedin.com/in/grahamhelton3/Simply Defensive Podcast: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4Connect with JB: YouTube: @JBCulbertTwitter/X: @JBTweetsStuff Timestamps:  00:00 Introduction and Guest Welcome 00:50 JB's Day-to-Day Role in Cybersecurity 01:47 Past Experiences and Career Journey 02:27 Challenges in Detection Engineering 03:23 Kubernetes and Incident Investigation 03:51 SANS Classes and CTF Experiences 09:07 Remote vs In-Person Learning 11:21 Future Plans and Learning Platforms 14:13 Docker and Kubernetes in Labs 16:11 The Reality of Cybersecurity Skills 16:40 Defcon and Octopus Games 22:04 Balancing Cybersecurity and Personal Life 31:01 Advice for Aspiring Blue Teamers 32:57 Final Thoughts and Farewell Don't forget to like, subscribe, and hit the bell icon for more blue team content! 🔗 Follow the hosts:Josh Mason: https://www.linkedin.com/in/joshuacmason/Wade Wells: https://www.linkedin.com/in/wadingthrulogs/💡 Brought to you by ThreatLocker – Secure your business with zero trust application control. 🎙️ More Simply Defensive- Full playlist: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4- Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4- Apple Podcasts: https://podcasts.apple.com/il/podcast/simply-defensive/id1773806182 👍 If you enjoyed this episode, don’t forget to like, subscribe, and share with your fellow defenders. Every week, Josh Mason and Wade Wells bring you practical, no-fluff conversations with cybersecurity leaders. =========================Sponsored by @ThreatLocker - Free 30-day trial visit:https://www.threatlocker.com/simplydefensive=========================All the ways to connect with Simply Cyber  https://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group

    35분

  8. 2025. 10. 06.

    Hands-On Defense: Markus Schober on DFIR, Labs, and Building Better Blue Teamers

    In this episode of Simply Defensive, Josh Mason and Wade Wells sit down with Markus Schober, founder of Blue Cape Security, to talk all things digital forensics, incident response (DFIR), and why hands-on training beats theory every time. We dig into: 🔹 The hidden value of building your own cyber range 🔹 How IR pros train using real attacks (and why they need red team skills) 🔹 Eric Zimmerman's forensics tools and practical lab setups 🔹 Ransomware war stories from Fortune 100 response 🔹 The role (and limitations) of AI in forensics 🔹 How to break into DFIR as a practitioner — not just a paper tiger Whether you’re building detections, teaching DFIR, or just figuring out where to start, this one’s for you. 👇 Timestamps https://www.bluecapesecurity.com/& Resources 0:00 Intro & ThreatLocker sponsorship 2:00 Markus' journey from responder to trainer 5:00 What makes a good DFIR workshop? 7:00 Building a cyber range that doesn’t suck 10:00 Favorite open-source tools (hint: Zimmerman) 14:00 Consulting vs. in-house IR 19:00 APT10, ransomware, and real-world incidents 24:00 Can AI replace forensic analysts? 27:00 Where to find Markus' courses 29:00 Parting wisdom for aspiring defenders 📚 Check out Blue Cape Security:→ https://www.bluecapesecurity.com/ → Hands-on IR & Forensics Labs → Certification (coming soon!) 🔗 Follow the hosts: Josh Mason: https://www.linkedin.com/in/joshuacmason/ Wade Wells: https://www.linkedin.com/in/wadingthrulogs/ 💡 Brought to you by ThreatLocker – Secure your business with zero trust application control.

    31분
모두 보기(39개)

평가 및 리뷰

5
최고 5점
2개의 평가

소개

Join us for Simply Defensive, a podcast dedicated to exploring the world of defensive cybersecurity through the lens of real-world experts. In each episode, we'll interview leading professionals from the cybersecurity industry, delving into their experiences, challenges, and innovative solutions. Whether you're a seasoned cybersecurity veteran or just starting to learn about the field, Simply Defensive offers valuable insights and practical advice to help you stay ahead of the curve. Tune in as we discuss the latest threats, emerging technologies, and best practices for protecting your organization from cyberattacks. ========================= Connect with your hosts: Josh Mason: https://www.linkedin.com/in/joshuacmason Wade Wells: https://www.linkedin.com/in/wadingthrulogs ========================= Simply Cyber empowers people who want a rewarding cybersecurity career 💪 ========================= ========================= All the ways to connect with Simply Cyber https://SimplyCyber.io/Socials =========================

정보

  • 제작진
    Simply Cyber Media Group
  • 방송 연도
    2024년 - 2025년
  • 에피소드
    39
  • 등급
    전체 연령 사용가
  • 저작권
    © 2025 Simply Cyber Media Group