Purposeful Communication Through PlexTrac with Dan DeCloss
Hacker Valley Studio18 Elo 2022

Purposeful Communication Through PlexTrac with Dan DeCloss

We’re joined by sponsor and guest Dan DeCloss, CEO and Founder of PlexTrac, on the podcast today to talk about communication and collaboration between the red and blue side of cybersecurity and why security success depends on those two sides working together. On their mission to build stronger, more productive, and well-rounded security teams, PlexTrac provides incredible and insightful metric and messaging tools that change the game for the cybersecurity industry.

Timecoded Guide:

[05:36] Understanding PlexTrac’s history and mission for cybersecurity teams

[09:58] Lack of empathy and understanding in red team and blue team communication

[18:48] Breaking through the resentment and confusion within a team

[24:45] Envisioning the future of PlexTrac’s community impact

[27:52] Caring about your cybersecurity mission beyond yourself

Sponsors:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone

PlexTrac is pleased to offer an exclusive Red Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!

What is the function of PlexTrac that would help you the most as a pen tester?

With prior hands-on experience on the red side, Dan found his journey to creating PlexTrac to be full of moments where he wanted to fix the same problems he encountered over and over with reporting and communicating. One of these problems was solved easily with the addition of a video feature, a simple function that has existed since PlexTrac first began but is instrumental and is a huge time-saver for visual learners.

“As a pen tester, I hated finding that I had 20-odd screenshots if it's a pretty complex exploit. I think the adage for us is like, if a picture's worth 1,000 words, then a video is worth 1,000 pictures, right?”

What do you think are some of the gaps in skills that organizations face when hiring these professionals to perform offensive operations?

Communication is key— not just in life, but in this episode. While we’ve discussed skills gaps previously in cybersecurity, Dan is quick to point out that a consistent gap he sees in all areas of cybersecurity is effective communication. PlexTrac keeps this struggle to communicate in mind and creates easy, simple pathways and functions that encourage communication and facilitate collaborative problem solving.

“If there's one area that I really emphasize with anybody that I'm mentoring or have hired in the past is, as a security person, whether you're red or blue, you really do need to be a good communicator and be able to communicate risk effectively within the right context.”

What would you want to say to those folks that don't see eye-to-eye from the red or the blue side?

We’re fighting the same fight, no matter if we’re on the red side or the blue side of cybersecurity. Dan’s message for our warring red and blue teams throughout the industry is to understand the importance of your mission and to not let relationships between red and blue feel clouded with misunderstanding or resentment. No one’s job is harder than anyone else’s, and each role on offensive and defensive plays a part in our collective victory.

“I'm gonna just be point blank about it…Are you trying to just prove a point about your knowledge and your skills? Or, are you actually trying to make the world a safer place?”

What would you want to say to all those folks out there [in cybersecurity]?

As PlexTrac aims to make a huge impact on our community, Dan and his team acknowledge a need for a unified, focused, and collaborative cybersecurity industry, with hard workers on both the red and blue sides. With PlexTrac’s assistance in making reports, measurable results, and communication that much easier, our team at Hacker Valley is thankful to be a part of PlexTrac’s amazing network and can’t wait to share more tools like this with all of you.

“I think keep fighting the good fight, for both sides, and recognizing that your mission is vital to the safety and security of your organization and the world at large, right? We are all in this battle together.”

----------

Links:

Spend some time with our guest, Dan DeCloss, on LinkedIn, and the PlexTrac website

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter and LinkedIn

Catch up with Chris Cochran on Twitter and LinkedIn

Jaksot(405)

Purple Teaming Is the New Job Security with Maril Vernon

Purple Teaming Is the New Job Security with Maril Vernon

Cybersecurity isn’t just red or blue anymore... it’s purple, white, and deeply human. Maril Vernon, award-winning ethical hacker and Senior Solutions Architect at NetSPI, returns to the Hacker Valley Studio to discuss purple teaming as the most future-proof career path in cyber. She opens up about mentorship, burnout, compensation realities, and how we’re still failing the fundamentals. Together, Ron and Maril dig into what purple teaming really is (and isn’t), why soft skills matter more than ever, and how defenders are the frontline signal source for law enforcement. From guiding her mom into IR to co-founding Mind Over Cyber, Maril embodies what it means to show up for the cyber community and demand more from the culture itself.   Impactful Moments 00:00 - Introduction 01:01 - Maril’s role at NetSPI 03:00 - Why purple skills are future-proof 05:19 - Salary truths in purple teaming 08:30 - Know your value, negotiate wisely 13:07 - How defenders enable law enforcement 16:22 - The real meaning of purple teaming 18:39 - Common misconceptions debunked 24:45 - People are always the soft spot 26:01 - The two security stack must-haves 29:00 - Mom made it to incident response 30:48 - Maril’s mentorship philosophy 34:09 - Why you need to post anyway 36:35 - What Mind Over Cyber is really about 40:00 - CISOs are burning out silently 41:31 - Closing thoughts Links: Connect with our guest, Maril Vernon: https://www.linkedin.com/in/marilvernon   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

26 Kesä 202543min

The AI Gold Rush in Cybersecurity with Chris Cochran

The AI Gold Rush in Cybersecurity with Chris Cochran

The new cybersecurity pioneers aren’t chasing alerts, they’re building with AI. But what happens when tools meant to assist begin making decisions for us? And what skills do we lose when machines fill the gaps we used to grow into? In this episode, Chris Cochran, CEO and Founder of Commandant, returns to Hacker Valley Studio with an insider view on building in the AI boom. He shares why he’s betting on incident response over the “AI SOC,” what it means to use AI with integrity, and how this moment mirrors the early industrial revolutions: chaotic, risky, but ripe with once-in-a-career opportunity.   Impactful Moments: 00:00 – Introduction 02:11 – Launch of Commandant AI 03:06 – Early-stage LLM opportunities 05:26 – Built first AI co-pilot in 4 hours 06:00 – AI bot tops HackerOne leaderboard 07:44 – AI used for and against orgs 10:14 – Focus on incident response, not AI SOC 12:34 – Reducing cost of prolonged incidents 14:01 – Cybersecurity changing every 2 months 16:58 – AI causing rapid skill loss 21:59 – AI-assisted job interviews detected 24:49 – AI lacks business context for blocking 27:30 – Daily AI use pays long-term dividends Links: Connect with our guest, Chris Cochran: https://www.linkedin.com/in/chrishvm/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

19 Kesä 202530min

The AI That Tried to Escape with Ron Eddings

The AI That Tried to Escape with Ron Eddings

What happens when AI refuses to be replaced? This episode kicks off with a chilling real-world example of an AI threatening blackmail—and only gets more intense from there. Host Ron Eddings unpacks the terrifyingly innovative ways AI is altering the cybersecurity threat landscape. From deepfakes convincing enough to fool your own family to auto-summarizing email clients acting as unintentional insiders, the stakes have never been higher. Ron also shares insights from his brand-new book Attack Surface Management, co-authored with MJ Kaufman and published by O'Reilly, and breaks down why the simplest social engineering tactics remain the most dangerous—even in the age of advanced AI. Impactful Moments: 00:00 - Introduction 02:30 - Model Context Protocol explained 05:00 - Google's VEO-3 and fake riot videos 07:00 - Fake Facebook ads pushing malware 09:30 - Social engineering still reigns supreme 13:30 - Using AI to write malicious emails 16:30 - Calendly phishing and credential theft 19:00 - Gemini and the risk of auto-summarization 21:30 - LLM access to your private documents 22:45 - Takeaways and protecting your environment   Links: Connect with Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/ Grab a copy of Ron’s new book, “Attack Surface Management: Strategies and Techniques for Safeguarding Your Digital Assets”: https://a.co/d/1nmPod2   Check out the full article on “The Rise of ‘Vibe Hacking’ Is the Next AI Nightmare” here: https://www.wired.com/story/youre-not-ready-for-ai-hacker-agents/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

12 Kesä 202523min

Zero Trust Isn’t a Tool — It’s Everything with George Finney

Zero Trust Isn’t a Tool — It’s Everything with George Finney

What if Zero Trust isn’t a framework, but the only viable cybersecurity strategy—more about people than products? In this episode, George Finney, CISO at the University of Texas System and author of Project Zero Trust, reveals the human-first truth behind the Zero Trust movement, and why it’s not something you buy but something you build. George shares stories from hacking a college database to launching a deepfake of himself trained on his own books, all while breaking down how AI and creativity are reshaping security leadership.     Impactful Moments: 00:00 - Introduction 01:16 - Cyber Hall of Fame recognition 07:00 - Hacked his college to solve mail 09:00 - Took startup job without paycheck 14:14 - Zero Trust is a strategy, not tool 17:00 - Tailoring security like a custom suit 23:29 - AI strategy through Zero Trust lens 29:30 - Built a Zero Trust voice clone hotline 36:00 - You don’t need to be a CISO 38:30 - Why weirdos make cybersecurity stronger Links: Connect with our guest, George Finney: https://www.linkedin.com/in/georgefinney/ Check out George’s books on Amazon: https://www.amazon.com/stores/author/B01MT0C6X3   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

5 Kesä 202540min

Your Two-Year Edge Starts Now with Marco Figueroa

Your Two-Year Edge Starts Now with Marco Figueroa

You won’t be replaced by AI—you’ll be replaced by someone using it better. Returning guest Marco Figueroa is back with a frontline report on the AI agent boom. This isn’t a prediction—it’s a tactical update from someone tracking every release, every benchmark battle, and every edge worth chasing. In this episode, Ron is joined by Marco as he breaks down the rapid evolution of AI agents—from Claude Code to Codex to Google Flow. He explains why general-purpose models are leveling off, how specialized tools are reshaping the landscape, and why creativity is now your most valuable edge. Whether you're in code, ops, or content, your two-year advantage starts right here.   Impactful Moments 00:00 - Introduction 01:08 - AI agents are no longer hype 03:45 - Major LLM releases and what's next 05:32 - The Grok delay and pricing drama 07:30 - Why general models are losing steam 10:50 - Benchmark manipulation and model specialization 14:15 - The future belongs to creatives 22:05 - The next AI drops to watch   Links: Connect with our guest, Marco Figueroa: https://www.linkedin.com/in/marco-figueroa-re/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

29 Touko 202536min

Badge Cloning, Alarm Triggers & Getting Hired to Hack with Greg Hatcher & John Stigerwalt

Badge Cloning, Alarm Triggers & Getting Hired to Hack with Greg Hatcher & John Stigerwalt

Most people think red teaming is digital—until someone bypasses your locks, plants a Raspberry Pi in your server room, and walks out with your data. That’s not sci-fi. That’s White Knight Labs. In this episode, Ron talks with Greg Hatcher and John Stigerwalt, co-founders of White Knight Labs, a boutique offensive security firm built on real-world action. They share high-stakes red team operations—like triggering alarms and dodging police during a break-in—and explain why most companies are wide open to physical and insider threats. This isn’t a theory. It’s what’s happening right now, and it’s being executed with precision and purpose.   Impactful Moments 00:00 - Introduction 02:13 - Origin story of White Knight Labs 08:56 - Why physical red teaming is broken 12:20 - Breaking into a lottery facility 16:00 - Hiding from police mid-engagement 22:30 - Getting hired to breach from inside 25:45 - Hijacking code from offshore devs 33:29 - Real difference: red team vs pen test 35:00 - Get in touch with WKL   Links Connect with our guests! Greg Hatcher: https://www.linkedin.com/in/gregoryhatcher2/ John Stigerwalt: https://www.linkedin.com/in/john-stigerwalt-90a9b4110/ Learn more about White Knight Labs: https://www.whiteknightlabs.com   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

22 Touko 202537min

Building Cyber Resilience Through Culture with David Shipley

Building Cyber Resilience Through Culture with David Shipley

What if fixing cybersecurity wasn’t about more tools, but about unlocking human potential?  In this episode, Ron Eddings welcomes back David Shipley, CEO and Field CSO of Beauceron Security, for a conversation on the real force behind security resilience: people. Together they expose the failure of "reactive" cybersecurity strategies, drawing parallels with preventative healthcare — and explain why culture, psychological safety, and behavior change are the true secret weapons.  Impactful Moments: 00:00 - Introduction 01:36 - The true meaning of "people in cyber" 03:13 - Cybersecurity’s flawed healthcare analogy 07:31 - Nutrition for cyber: proactive strategies 10:00 - MSPs: why selling tools isn’t enough 16:22 - Measuring culture, not just clicks 19:12 - Why people really click phishing emails 23:59 - Building psychological safety in security 30:30 - Celebrating human wins in security 34:00 - The future: empathy, transparency, trust Links: Connect with our guest, David Shipley: https://www.linkedin.com/in/dbshipley/ Learn more about Beauceron Security here: https:///www.beauceronsecurity.com/partner Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

15 Touko 202544min

Ditch the Spreadsheets: Smarter Crypto Security with Michael Klieman

Ditch the Spreadsheets: Smarter Crypto Security with Michael Klieman

Still tracking certificates in a spreadsheet? You’re not alone—and there’s a better way. In this special episode from RSA 2025, Ron sits down with Michael Klieman, Global Vice President of Product Management for Digital Security Solutions at Entrust, to discuss how leading organizations are rethinking cryptographic security. From simplifying certificate management to preparing for a post-quantum future, this conversation covers real-world risks, surprising breach stories, and practical steps for bringing order to crypto chaos—without the stress.   Impactful Moments: 00:00 – Introduction 04:00 – Three major problems with crypto today 06:45 – Certificates often missing from inventories 08:30 – Managing EV charging infrastructure with spreadsheets 11:00 – The two biggest certificate-related risks 12:50 – Expired certs can tank brand trust 14:45 – Automation usually comes after spreadsheets 16:30 – Why quantum risk grows every year 18:15 – Start with a cryptographic inventory 20:30 – Nation-state threats and critical infrastructure 22:15 – AI could fast-track quantum breakthroughs 24:45 – Entrust’s new unified crypto security platform 26:35 – One question every CISO must answer in 2025   Links: Connect with our guest, Michael Klieman: https://www.linkedin.com/in/mklieman/ Learn more about Entrust at: https://www.hackervalley.com/entrust   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

8 Touko 202529min

Suosittua kategoriassa Koulutus

rss-murhan-anatomia
psykopodiaa-podcast
voi-hyvin-meditaatiot-2
rss-niinku-asia-on
aamukahvilla
rss-vapaudu-voimaasi
ihminen-tavattavissa-tommy-hellsten-instituutti
rss-valo-minussa-2
rss-liian-kuuma-peruna
jari-sarasvuo-podcast
rss-duodecim-lehti
rss-psykalab
rss-arkea-ja-aurinkoa-podcast-espanjasta
rss-sisun-alkemia
psykologia
rss-uskonto-on-tylsaa
rss-monarch-talk-with-alexandra-alexis
rss-synapselingo-opi-englantia
rss-rouva-keto
rss-rahataito-podcast