Purposeful Communication Through PlexTrac with Dan DeCloss
Hacker Valley Studio18 Elo 2022

Purposeful Communication Through PlexTrac with Dan DeCloss

We’re joined by sponsor and guest Dan DeCloss, CEO and Founder of PlexTrac, on the podcast today to talk about communication and collaboration between the red and blue side of cybersecurity and why security success depends on those two sides working together. On their mission to build stronger, more productive, and well-rounded security teams, PlexTrac provides incredible and insightful metric and messaging tools that change the game for the cybersecurity industry.

Timecoded Guide:

[05:36] Understanding PlexTrac’s history and mission for cybersecurity teams

[09:58] Lack of empathy and understanding in red team and blue team communication

[18:48] Breaking through the resentment and confusion within a team

[24:45] Envisioning the future of PlexTrac’s community impact

[27:52] Caring about your cybersecurity mission beyond yourself

Sponsors:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone

PlexTrac is pleased to offer an exclusive Red Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!

What is the function of PlexTrac that would help you the most as a pen tester?

With prior hands-on experience on the red side, Dan found his journey to creating PlexTrac to be full of moments where he wanted to fix the same problems he encountered over and over with reporting and communicating. One of these problems was solved easily with the addition of a video feature, a simple function that has existed since PlexTrac first began but is instrumental and is a huge time-saver for visual learners.

“As a pen tester, I hated finding that I had 20-odd screenshots if it's a pretty complex exploit. I think the adage for us is like, if a picture's worth 1,000 words, then a video is worth 1,000 pictures, right?”

What do you think are some of the gaps in skills that organizations face when hiring these professionals to perform offensive operations?

Communication is key— not just in life, but in this episode. While we’ve discussed skills gaps previously in cybersecurity, Dan is quick to point out that a consistent gap he sees in all areas of cybersecurity is effective communication. PlexTrac keeps this struggle to communicate in mind and creates easy, simple pathways and functions that encourage communication and facilitate collaborative problem solving.

“If there's one area that I really emphasize with anybody that I'm mentoring or have hired in the past is, as a security person, whether you're red or blue, you really do need to be a good communicator and be able to communicate risk effectively within the right context.”

What would you want to say to those folks that don't see eye-to-eye from the red or the blue side?

We’re fighting the same fight, no matter if we’re on the red side or the blue side of cybersecurity. Dan’s message for our warring red and blue teams throughout the industry is to understand the importance of your mission and to not let relationships between red and blue feel clouded with misunderstanding or resentment. No one’s job is harder than anyone else’s, and each role on offensive and defensive plays a part in our collective victory.

“I'm gonna just be point blank about it…Are you trying to just prove a point about your knowledge and your skills? Or, are you actually trying to make the world a safer place?”

What would you want to say to all those folks out there [in cybersecurity]?

As PlexTrac aims to make a huge impact on our community, Dan and his team acknowledge a need for a unified, focused, and collaborative cybersecurity industry, with hard workers on both the red and blue sides. With PlexTrac’s assistance in making reports, measurable results, and communication that much easier, our team at Hacker Valley is thankful to be a part of PlexTrac’s amazing network and can’t wait to share more tools like this with all of you.

“I think keep fighting the good fight, for both sides, and recognizing that your mission is vital to the safety and security of your organization and the world at large, right? We are all in this battle together.”

----------

Links:

Spend some time with our guest, Dan DeCloss, on LinkedIn, and the PlexTrac website

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter and LinkedIn

Catch up with Chris Cochran on Twitter and LinkedIn

Jaksot(406)

The AI Shift You Can’t Ignore with Marco Figueroa

The AI Shift You Can’t Ignore with Marco Figueroa

AI isn’t just evolving—it’s sprinting, and cybersecurity needs to keep up.  Ron Eddings is joined again by cybersecurity leader Marco Figueroa, Program Manager for Gen AI at the ODIN Bug Bounty Program, who called it in January: 2025 is the year of AI agents, and the early signs are already here. From Grok 3’s speed advantage to AI-powered red teaming for $25K, this is the reality check security leaders need. No more six-month security projects—it’s all about speed, automation, and staying ahead.     Impactful Moments: 00:00 - Introduction 01:45 - Breaking down Palantir’s stock drop 07:15 - Why Grok 3 is a game-changer 10:24 - The real difference between GPT-4 and Grok 17:25 - AI-powered red teaming for $25K? 22:00 - The death of six-month security projects 26:24 - OpenAI’s Operator: The future or a gimmick? 34:22 - How AI is eliminating busywork 36:55 - Next month’s prediction: Agents building agents Links: Connect with our guest, Marco Figueroa: https://www.linkedin.com/in/marco-figueroa-re/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

28 Helmi 202537min

Superhuman Productivity and AI Mastery with Pedram Amini

Superhuman Productivity and AI Mastery with Pedram Amini

What if you could have a conversation with yourself—years into the future? Or leave behind an AI-powered avatar that understands your thoughts, philosophies, and even your voice? In this episode, we explore the mind-blowing potential of AI and its impact on cybersecurity, productivity, and even legacy. Pedram Amini, Chief Scientist at OPSWAT, joins Ron Eddings to discuss his journey from bootstrapped startups to AI-driven innovation. Together they cover topics like the role of AI in cybersecurity, the rise of fake identities in hiring, the ethics of AI-generated content, and why mastering AI tools is no longer optional—it's essential. Pedram shares his workflow for superhuman productivity, his thoughts on deepfakes, and how AI is reshaping how we work and communicate. Impactful Moments: 00:00 - Introduction 02:00 - Meet Pedram Amini, cyber innovator 03:07 - The $17M North Korea insider threat case 06:00 - Fake job candidates and AI hiring scams 09:28 - Deepfakes and AI-driven deception 14:00 - Future of AI-powered personal assistants 20:49 - The reality of bootstrapping vs. VC funding 26:00 - AI in cybersecurity: risk or revolution? 31:00 - “AI isn’t taking your job—someone using AI is” 35:00 - The ultimate AI-powered legacy project   Links: Connect with our guest, Pedram Amini: https://www.linkedin.com/in/pedramamini/ Check out the entire article about the $17M North Korea insider threat case here: https://www.theregister.com/2025/02/12/arizona_woman_laptop_farm_guilty/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

21 Helmi 202536min

Cybersecurity Meets AI: The Good, The Bad & The Janky

Cybersecurity Meets AI: The Good, The Bad & The Janky

There’s no doubt that AI is changing the game in cybersecurity, but not always in the ways we expect. In this episode, Ron Eddings shares his firsthand experience with AI-powered tools that make him a cyber superhero—when they work. From automating security tasks to turbocharging programming workflows, AI is proving its value, but also revealing its limits. Through live walkthroughs and real-world examples, he showcases how AI automates security tasks, accelerates programming, and enhances research—while also showing why some cybersecurity actions should stay human-led.   Impactful Moments: 00:00 - Introduction 02:00 - The good and bad of AI in security 04:00 - Google’s AI weapons controversy 06:30 - Deepfake scams and AI-powered phishing 09:00 - How AI helps (and fails) at programming 12:00 - Automating security research with AI 18:00 - AI-generated meeting notes & productivity hacks 21:00 - What AI should NEVER do 23:00 - The future of AI in cybersecurity   Links: Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

13 Helmi 202522min

A Human-Centric Approach to Cybersecurity with Edna Conway

A Human-Centric Approach to Cybersecurity with Edna Conway

What if cybersecurity was more than just tech—what if it was about the people it serves? In this episode, Edna Conway, Founder and CEO of EMC Advisors, shares her incredible journey from law to cybersecurity and explores the human element often overlooked in technology.  Recorded live at InfoSec Nashville 2024, Edna discusses the intersection of innovation and tradition, the critical role of accuracy in AI, and her vision for cybersecurity's future. From anomaly detection to the wisdom of creating "enclaves," her insights remind us that tech is here to serve people, not the other way around.   Impactful Moments: 00:00 – Introduction 01:22 – Keynote insights: Innovation meets tradition 02:39 – From prosecutor to cybersecurity leader 07:00 – Human-first approach to AI and security 11:40 – LLMs in cybersecurity: opportunities and accuracy 16:34 – Balancing risk with AI use in business 23:06 – Bringing diverse talent into cybersecurity 32:30 – Advice on leadership and collaboration   Links: Connect with our guest, Edna Conway: https://www.linkedin.com/in/ednaconway/ Learn more about ISSA Middle TN here: https://issamidtn.org/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

4 Helmi 202535min

Rise of the Machines: Why Your Attack Surface Has More Holes Than You Think ft Pandian Gnanaprakasam

Rise of the Machines: Why Your Attack Surface Has More Holes Than You Think ft Pandian Gnanaprakasam

Did you know nearly half of your enterprise devices are agentless—leaving your attack surface wide open? In this episode, Ron is joined by Pandian Gnanaprakasam, Co-Founder and Chief Product Officer at Ordr, to discuss the critical risks posed by agentless devices and how orchestration can strengthen your defenses. Pandian shares key findings from Ordr’s 2024 "Rise of the Machines" report, highlighting the risks of overlooked agentless devices. He covers the rapid growth of these devices, strategies to manage vulnerabilities, and how automation can strengthen your defenses.   Impactful Moments: 00:00 - Introduction 04:15 - Why agentless devices dominate the next decade 06:30 - Insights from Ordr's “Rise of the Machines” report 08:50 - Hidden risks: 42% of devices are agentless 11:15 - Solving the "Swiss cheese" problem of security gaps 14:30 - Prioritizing vulnerabilities with business context 18:10 - Orchestration vs. automation: The harmony difference 22:00 - Why visibility is the foundation of security 27:30 - Ordr’s unique approach to securing the attack surface Links: Connect with our guest, Pandian Gnanaprakasam: https://www.linkedin.com/in/gpandian/ Check out Ordr’s Rise of the Machines report here: https://ordr.net/resources/rise-of-the-machines-report-2024 Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

28 Tammi 202538min

How a Game Turned a Watchmaker into a Cybersecurity Pro with Simeon Kakpovi

How a Game Turned a Watchmaker into a Cybersecurity Pro with Simeon Kakpovi

What if cybersecurity training could be as engaging as your favorite game? In this episode, Simeon Kakpovi, founder of the KC7 Foundation, shares how his gamified approach is changing lives and reshaping the cybersecurity pipeline by making cybersecurity education accessible.  From his journey as a threat hunter to building a free online game that teaches real-world blue team skills, Simeon joins Ron to show how creativity and inclusion can unlock potential in unexpected places. Plus, listen to the remarkable story about how a watchmaker with no cyber background landed a dream job at Microsoft—all thanks to KC7.   Impactful Moments 00:00 - Introduction 01:11 - The evolution of cybersecurity 03:03 - Cybersecurity Mergers & Acquisitions 05:38 - Meet our guest: Simeon Kakpovi of KC7 Foundation 06:00 - KC7 wins “Team of the Year” at the SANS DMAs 8:43 - Founding the KC7 Foundation 10:00 - Lessons from Lockheed Martin’s Cyber Analyst Challenge 11:46 - How KC7 gamifies real-world cybersecurity 14:52 - Bringing KC7 to high school and middle school students 16:52 - Expanding access to cybersecurity careers 25:09 - A watchmaker’s journey to Microsoft 34:00 - How to get started with KC7     Links Connect with our guest, Simeon Kakpovi on LinkedIn: https://www.linkedin.com/in/kakpovi/ Check out the Cybersecurity M&A Roundup Article here: https://www.securityweek.com/cybersecurity-ma-roundup-37-deals-announced-in-december-2024/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

22 Tammi 202535min

Managing and Mitigating Cyber Risks For Your Assets with Jerich Beason and Wes Wright

Managing and Mitigating Cyber Risks For Your Assets with Jerich Beason and Wes Wright

What’s the key to mitigating unseen cyber risks? In this episode, Wes Wright, Chief Healthcare Officer at Ordr and Jerich Beason, CISO at WM uncover the complexities of attack surface management (ASM) and its impact on cybersecurity.  Together with Ron, they explain what constitutes an attack surface and introduce practical frameworks like See-Know-Secure, emphasizing the need for complete visibility and data-driven risk mitigation.  Impactful Moment: 00:00 - Introduction 03:00 - Defining attack surface management 06:13 - See-Know-Secure framework  09:05 - Analogies for explaining ASM to stakeholders 15:33 - Building an inventory for asset visibility 20:42 - Convincing leadership: Budget strategies 25:00 - Tools and methodologies for ASM 36:57 - Managed services vs. in-house approaches 43:00 - Starting your ASM journey   Links: Connect with our guests – Wes Wright: https://www.linkedin.com/in/4kidwes/ Jerich Beason: https://www.linkedin.com/in/jerich-beason/ Learn more about Ordr: https://ordr.net/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

14 Tammi 202544min

The Year of the Agent: AI, Bug Bounties, and Cybersecurity Insights with Marco Figueroa

The Year of the Agent: AI, Bug Bounties, and Cybersecurity Insights with Marco Figueroa

How will AI redefine cybersecurity in 2025? According to Marco Figueroa, Program Manager for Gen AI at the ODIN Bug Bounty Program, this year is set to be the "Year of the Agent," where AI systems and integrations take a central role.  In this special New Year bonus episode, Ron sits down with Marco to discuss the transformative role of AI in solving cybersecurity challenges. Marco breaks down AI jailbreak techniques, the impact of bug bounty programs on securing AI systems, and why 2025’s fast-evolving tech landscape demands creative thinking. Learn how tools like ChatGPT and Gemini 2.0 are reshaping the industry and why staying adaptable is essential.   Impactful Moments: 00:00 - Introduction 02:14 - Speed vs. safety: AI system challenges 05:30 - Why experience matters more than information 07:45 - Legal stakes for deepfakes and AI 18:36 - Marco’s creative journey in cybersecurity 28:00 - Jailbreaks: Risks and surprising AI findings 37:13 - 2025 predictions: The rise of agents 41:00 - Closing thoughts and the power of community Links: Connect with our guest, Marco Figueroa: https://www.linkedin.com/in/marco-figueroa-re/ Chuck Brooks' 2025 Cybersecurity Predictions article: https://www.forbes.com/sites/chuckbrooks/2024/12/24/cybersecurity-trends-and-priorities-to-watch-for-2025/ Focus Areas for the FaccT Conference News: https://facctconference.org/2025/focusareas “Unreasonable Hospitality” by Will Guidara Book Link: https://www.amazon.com/Unreasonable-Hospitality-Remarkable-Giving-People/dp/0593418573 Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

10 Tammi 202541min

Suosittua kategoriassa Koulutus

rss-murhan-anatomia
psykopodiaa-podcast
voi-hyvin-meditaatiot-2
rss-niinku-asia-on
jari-sarasvuo-podcast
psykologia
rss-duodecim-lehti
aloita-meditaatio
ihminen-tavattavissa-tommy-hellsten-instituutti
rss-psykalab
aamukahvilla
rss-liian-kuuma-peruna
rss-narsisti
rss-vapaudu-voimaasi
mielipaivakirja
rss-valo-minussa-2
rss-arkea-ja-aurinkoa-podcast-espanjasta
rss-rouva-keto
rss-anteeks-etukateen
filocast-filosofian-perusteet