The one and only official podcast from OffSec, Inc. -- creators of the Kali OS, the OSCP certification, and the world's leading cybersecurity training
#37: Persistence in Information Security with Shad0wbits
The OffSec Podcast returns this week with special guest Kai (Shad0wbits), the founder and Chief Security Architect at Black Cipher Security. Host TJ Null begins by asking Kai about what piqued his interest in the Infosec field and what resources he used to get himself started. He shares what made him decide to start his own pentesting firm and gives advice for those looking to start their own business. He then describes his definition of red teaming, his favorite environment to access, and the worst thing he’s done in a test. Lastly, Kai explains why it’s important for people in the infosec community to share their knowledge with others as well as community projects he’s been working on. Enjoy the episode!
#36: Continuous Security Testing with Rob Ragan, Principal Researcher at Bishop Fox
Host FalconSpy returns this week joined by Rob Ragan, Principal Researcher at Bishop Fox! They begin by diving into tips for organizations beginning to build out their continuous security testing and why it’s so important. Regan also shares bugs he’s discovered deploying your tools to assist with continuous security testing. Next, he gives advice based on his own experience in the InfoSec field to those aspiring to break into the industry. Lastly, he discloses whether degrees or certifications are necessary for a career in InfoSec and how to become more specialized in continuous security testing and automation. Enjoy the episode!
Make sure to check out Bishop Fox:
#35: Cybersecurity Awareness with Christopher Forte
In this week’s episode, host TJ Null welcomes Christopher Forte, an infrastructure engineer at Offensive Security. Forte has red-teamed the city of Los Angeles, spoken at Defcon, and hosted training events for multiple intelligence agencies. The episode begins with Christopher sharing resources he used to get his start in the infosec field. He then comments on why he believes information security is an important topic to care about in our technology-driven lives. Next, the most important security awareness topic, according to Forte, is discussed and he shares some recommendations for improving your information security–whether personally or professionally. Lastly, Chris shares what interests him about mentoring in the community and why it’s crucial for others in the infosec community to share their knowledge. Enjoy!
#34: How to Succeed in InfoSec with Jim O’Gorman and Dave Kennedy
Host TJ Null returns this week with an episode featuring two special guests: Jim O’Gorman and Dave Kennedy! Jim O’Gorman is the Chief Content and Strategy Officer for OffSec and has been in the information security world for more than a decade. Dave Kennedy, CEO and Founder of TrustedSec, has presented at conferences such as Defcon and Blackhat. Together, Jim and Dave wrote Metasploit: The Penetration Tester's Guide and collaborated on ideas for the Mr. Robot TV Show. They begin the episode by sharing what got them into the information security field and how they met for the first time. Then, they disclose which resources they used to learn more about pentesting. Dave shares how attending events like DefCon and BlackHat gave him indispensable knowledge when he was laying the foundation for his career. Jim and Dave lastly share tips they have for students when they’re stuck on a challenge, as well as what they enoy doing outside of the infosec world. Enjoy!
#33: FalconSpy Dives into His Day Job, Internal Penetration Testing
In this week's episode, host Jeremy (harbinger) Miller chats with FalconSpy, an Offensive Security Engineer at Oracle and Community Ambassador here at OffSec. FalconSpy covers topics such as how he got into penetration testing, what pentesting is, application/code reviews, red teaming, and more. He also dives into internal vs external pentesting by discussing who the client is, perimeter access levels, and the mindset of each. While sharing his experience throughout his pentesting journey, he also gives tips on what every pentester should know. Enjoy!
#32: Election Integrity & Critical Infrastructure with Lester Godsey
In this week’s special episode, Dr. Heather Monthie sits down with Lester Godsey, CISO of Maricopa County, Arizona. Lester begins by explaining how he got into the cybersecurity field and shares a fun fact about himself. He then shares his role as a CISO, how security supports different departments, and the biggest risks he sees in critical infrastructure security. The integrity of the 2020 US Presidential Election is discussed along with Godsey’s take on the threats he saw in Maricopa County and lessons learned. Moreover, he highlights the spread of misinformation on social media as well as advice he has for CISOs looking to hire cybersecurity professionals and how to best attract them to roles. Enjoy!
This was what I needed to hear!
I have been studying for the OSCP for about 4 years now and have failed the exam 3 times. I’m scheduled to take the exam in May and was really encouraged by the information they provided. To hear some of the people that I respect the most in this field actually struggled like me is so helpful. I’m looking forward to the next episode already!
Misleading title (wasted time)
The title of episode 30 was misleading. The question of “how to hire the best cybersecurity talent” was barely talked about and never even asked or answered directly. It’s misleading
Informative and helpful for prep
Really loved hearing directly from the source while also getting an engaging podcast episode. I’ll be using some of these tips to prepare for the exam.