The one and only official podcast from Offensive Security, Inc. -- creators of the Kali OS, the OSCP certification, and the world's leading cybersecurity training
#29: How Hackers Think with Dr. Timothy Summers
In this week’s special episode, hosts Dr. Heather Monthie and Jeremy (harbinger) Miller sit down with Dr. Timothy Summers, PhD and Executive Director of Product Development at Arizona State University. Summers is an ethical hacker, professor, TED speaker, and a leading expert in cybersecurity strategy, blockchain technology, and how hackers think. To begin, he explains how he first got into cybersecurity when he got hacked himself. From this experience, he generated a curiosity about why and how it happened. He then shares his hobbies outside of cybersec and dives into his work on hacking cognitive psychology and the hacker mindset. Our guest highlights how organizations can learn from how hackers think to increase innovation within their own company and teach them how to protect themselves better. Summers also emphasizes how recruiters can screen potential hackers. Lastly, he shares other tech projects he’s been working on. Enjoy!
#28: ShadowKhan, Lead Pentester and OffSec Community Moderator
In this episode, host TJ Nulls sits down with ShadowKhan, a lead pentester and a community moderator in the OffSec Discord server. ShadowKhan tells his non-traditional story as to how he got into infosec. He also tells what resources he used to get started and gives some tips for anyone interested in getting into the security world. There’s one book in particular, that he highly recommends. ShadowKhan recently obtained his OSCE³ certification and describes his favorite aspect of those courses. On the offensive side of security, our guest tells us his favorite environment to access as well as two of his biggest mistakes when on an assessment. Finally, they wrap by talking about current community projects and blog posts ShadowKhan is working on, as well as what he’s doing outside of infosec. Enjoy the episode!
#27: YinYang in Infosec with Jeremy (harbinger) Miller
In this special episode, Jeremy (harbinger) Miller chats with Chris Glanden on the BarCode podcast. From BarCode’s show notes:
“The YinYang philosophy says that the universe is composed of competing and complementary forces governed by a cosmic duality, sets of two opposing and complementing principles or energies that can be observed in nature.
Similarly, the nature of offensive security requires a balance of proper mindset and technical expertise. To truly master this security discipline, you must learn to balance and draw from different sides of experiences in life, including the psychological aspect as well as the ones and zeros.
Jeremy (harbinger) Miller is an InfoSec professional primarily interested in how security skills are taught, learned, and applied by individuals and organizations. He is currently the Product Manager of Content Development at Offensive Security. We catch up at the bar to discuss his unorthodox path into Infosec, his background in teaching martial arts, the true meaning of OffSec’s mantra, ‘Try Harder,’ and the importance of counterbalancing of mind and technical skills.”
#26: Cybersecurity hiring with CISO, Mike Manrod
For this week’s episode, host Dr. Heather Monthie chats with Mike Manrod, CISO of Grand Canyon Education. As a cybersecurity leader, he shares his expertise on how he recruits, mentors, and guides aspiring cybersecurity professionals in their career paths. He first starts by sharing his mid-career switch into the cybersecurity world along with his interest in martial arts. Then, he discusses his experience as a CISO, plus the biggest challenge and most rewarding part of the role. He offers tips for security leaders and managers on how to hire top talent in the cybersecurity industry. Moreover, they chat about the best way to train an individual into a top cybersecurity professional, even if they don’t have the technical skills. Finally, Mike shares his thoughts on the state of cybersecurity education today and what he envisions for its future. Enjoy!
#25: Mentoring and OSCP Tips with Mike Waxman (Security Engineer, LinkedIn)
This week, hosts TJ Null and FalconSpy sit down with Mike Waxman, Security Engineer at LinkedIn. Mike was originally a TPM and is now a Security Engineer. He starts off by describing how he made the switch and shares some advice for those looking to change roles into security. And for those already in the field, he also gives tips on how to get that coveted promotion. Related to that, Mike discusses his mentoring experience and what kinds of knowledge he passes along to those new to the industry. Mike is currently working through his PEN-200 journey toward the OSCP and provides some key tips for those also pursuing the OSCP. He also shares a specific idea on how to best prepare for the exam. Finally, he shares some words of encouragement to those early in their career looking to make their mark. Enjoy!
#24: Kerberoasting & Security Consulting with Tim Medin (@timmedin)
On this week’s episode, host TJ Null is joined by Tim Medin. Tim is the creator of kerberoasting and the CEO of Red Siege Information Security. He begins by recounting how he joined the infosec field as well as some resources he used to get himself started. Next, he highlights his favorite tools that he enjoys using on an engagement. TJ and Tim also chat about the first moment Tim discovered kerberoasting and his research on new attack techniques. He gives advice to users who want to implement detection/protection against kerberoasting. Then, he details what it’s like to run his own consulting company, Red Siege, and shares tips for those looking to start their own. Tim also reveals the one thing he would like to see change in the infosec community. Lastly, he discusses his love for the Olympics and football and his interest in competing in triathlons. Enjoy the episode!
This was what I needed to hear!
I have been studying for the OSCP for about 4 years now and have failed the exam 3 times. I’m scheduled to take the exam in May and was really encouraged by the information they provided. To hear some of the people that I respect the most in this field actually struggled like me is so helpful. I’m looking forward to the next episode already!
Informative and helpful for prep
Really loved hearing directly from the source while also getting an engaging podcast episode. I’ll be using some of these tips to prepare for the exam.
Been waiting for OffSec to do a podcast — thank you!!
I had been hoping that OffSec would do their own official podcast, and they finally have — and it does not disappoint!