35 episodes

The one and only official podcast from Offensive Security, Inc. -- creators of the Kali OS, the OSCP certification, and the world's leading cybersecurity training

The Official Offensive Security Podcast Offensive Security, Inc.

    • Education
    • 4.6 • 20 Ratings

The one and only official podcast from Offensive Security, Inc. -- creators of the Kali OS, the OSCP certification, and the world's leading cybersecurity training

    #35: Cybersecurity Awareness with Christopher Forte

    #35: Cybersecurity Awareness with Christopher Forte

    In this week’s episode, host TJ Null welcomes Christopher Forte, an infrastructure engineer at Offensive Security. Forte has red-teamed the city of Los Angeles, spoken at Defcon, and hosted training events for multiple intelligence agencies. The episode begins with Christopher sharing resources he used to get his start in the infosec field.  He then comments on why he believes information security is an important topic to care about in our technology-driven lives. Next, the most important security awareness topic, according to Forte, is discussed and he shares some recommendations for improving your information security–whether personally or professionally. Lastly, Chris shares what interests him about mentoring in the community and why it’s crucial for others in the infosec community to share their knowledge. Enjoy!

    • 29 min
    #34: How to Succeed in InfoSec with Jim O’Gorman and Dave Kennedy

    #34: How to Succeed in InfoSec with Jim O’Gorman and Dave Kennedy

    Host TJ Null returns this week with an episode featuring two special guests: Jim O’Gorman and Dave Kennedy! Jim O’Gorman is the Chief Content and Strategy Officer for OffSec and has been in the information security world for more than a decade. Dave Kennedy, CEO and Founder of TrustedSec, has presented at conferences such as Defcon and Blackhat. Together, Jim and Dave wrote Metasploit: The Penetration Tester's Guide and collaborated on ideas for the Mr. Robot TV Show. They begin the episode by sharing what got them into the information security field and how they met for the first time. Then, they disclose which resources they used to learn more about pentesting. Dave shares how attending events like DefCon and BlackHat gave him indispensable knowledge when he was laying the foundation for his career. Jim and Dave lastly share tips they have for students when they’re stuck on a challenge, as well as what they enoy doing outside of the infosec world. Enjoy!

    • 1 hr 18 min
    #33: FalconSpy Dives into His Day Job, Internal Penetration Testing

    #33: FalconSpy Dives into His Day Job, Internal Penetration Testing

    In this week's episode, host Jeremy (harbinger) Miller chats with FalconSpy, an Offensive Security Engineer at Oracle and Community Ambassador here at OffSec. FalconSpy covers topics such as how he got into penetration testing, what pentesting is, application/code reviews, red teaming, and more. He also dives into internal vs external pentesting by discussing who the client is, perimeter access levels, and the mindset of each. While sharing his experience throughout his pentesting journey, he also gives tips on what every pentester should know. Enjoy!

    • 31 min
    #32: Election Integrity & Critical Infrastructure with Lester Godsey

    #32: Election Integrity & Critical Infrastructure with Lester Godsey

    In this week’s special episode, Dr. Heather Monthie sits down with Lester Godsey, CISO of Maricopa County, Arizona. Lester begins by explaining how he got into the cybersecurity field and shares a fun fact about himself. He then shares his role as a CISO, how security supports different departments, and the biggest risks he sees in critical infrastructure security. The integrity of the 2020 US Presidential Election is discussed along with Godsey’s take on the threats he saw in Maricopa County and lessons learned. Moreover, he highlights the spread of misinformation on social media as well as advice he has for CISOs looking to hire cybersecurity professionals and how to best attract them to roles. Enjoy!

    • 41 min
    #31: How the OSCP Certification Supports Career Growth

    #31: How the OSCP Certification Supports Career Growth

    In this episode, host TJ Null sits down with DarkStar7471 aka Dark, our recent community moderator for the OffSec Community. Dark is currently a lead pentester at State Farm Insurance and has produced content for TryHackMe. He starts by sharing his journey before working for OffSec as well as what piqued his interest in the information security field. Then, Dark highlights why he decided to obtain his OSCP and how the knowledge he gained from the course benefits him in his career trajectory. He also shares some exciting projects he works on relevant to pentesting. Lastly, Dark shares advice he has for anyone working to become a pentester and hobbies he enjoys outside of infosec. Enjoy the episode!

    • 27 min
    #30: How to Hire the Best Cybersecurity Talent with FalconSpy

    #30: How to Hire the Best Cybersecurity Talent with FalconSpy

    In this week’s episode, host Dr. Heather Monthie chats with FalconSpy, an Offensive Security Engineer at Oracle and Community Ambassador here at OffSec. FalconSpy covers topics such as how he got into cybersecurity, what attracted him to the field, and the biggest lesson he’s learned in his career so far. Sharing his experience throughout his OSCP journey, he shares tips for anyone looking to pass the exam who are trying to balance other responsibilities. Then, he offers advice for cybersecurity managers on how to locate the best talent. FalconSpy explains how to make these positions more attractive to cybersecurity professionals. Lastly, he shares a current project he’s working on that he’s excited about as well as what he envisions as the ‘next big thing’ in cybersecurity. Enjoy!

    • 33 min

Customer Reviews

4.6 out of 5
20 Ratings

20 Ratings

Dizz1s4u ,

This was what I needed to hear!

I have been studying for the OSCP for about 4 years now and have failed the exam 3 times. I’m scheduled to take the exam in May and was really encouraged by the information they provided. To hear some of the people that I respect the most in this field actually struggled like me is so helpful. I’m looking forward to the next episode already!

nico patel ,

Misleading title (wasted time)

The title of episode 30 was misleading. The question of “how to hire the best cybersecurity talent” was barely talked about and never even asked or answered directly. It’s misleading

stylesbbfit ,

Informative and helpful for prep

Really loved hearing directly from the source while also getting an engaging podcast episode. I’ll be using some of these tips to prepare for the exam.

You Might Also Like

Johannes B. Ullrich
Cybereason
CyberWire, Inc.
The Record by Recorded Future
ITWC
Michael Bazzell