From Black Hat to Bug Bounties [Pt. 1] with Tommy DeVoss

AI is neither friend nor foe, it’s both. The way we choose to use it determines whether it helps or harms. In this solo episode, Ron Eddings shares lessons from his first job at a grocery store, his early days in cybersecurity, and today’s AI-driven landscape. From productivity hacks like meeting transcription, to creative tools like content-aware editing, to the dark side of phishing and deepfakes, Ron shows why human judgment remains the ultimate defense. This is a passionate reminder that the real power isn’t in the tools, it’s in us. Impactful Moments 00:00 - Introduction 01:15 - AI is the tool, not the toolbox 03:00 - A grocery store scam that taught a life lesson 06:00 - The irreplaceable role of human judgment 07:30 - First cybersecurity job at Booz Allen Hamilton 09:00 - How AI boosts productivity with meeting transcription 12:00 - Creative shortcuts with AI in image and video editing 15:00 - Vibe coding and generative red teaming 17:30 - AI-powered phishing and scam emails 18:50 - Testing a deepfake voice on Ron’s mom 21:30 - Why curiosity and skepticism beat AI deception 22:30 - Final challenge: don’t serve AI—make AI serve you Links: Connect with our Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

28 Elo 202522min

AI might analyze your logs in seconds, but only the community can put you in the room that changes your career. In this solo episode, Ron Eddings discusses the powerful balance between human connection and artificial intelligence in shaping the future of cybersecurity and beyond. From the sacrifices that sparked his career to the mentors who opened doors, Ron shares personal stories that show why community will always be your ultimate competitive edge, even as AI advances into the SOC. He also runs live AI experiments on ransomware response and log analysis, revealing what AI can (and can’t) do for practitioners right now.   Impactful Moments: 00:00 - Introduction 02:00 - Why community is your first advantage 03:30 - The sacrifice that launched Ron’s career 04:40 - Meeting mentor Marcus Carey 06:00 - Early opportunities in cybersecurity 07:00 - The power of hacker spaces 09:00 - How mentors open hidden doors 10:00 - RSA and Black Hat as career accelerators 13:00 - The most underrated LinkedIn feature 15:00 - The HVS mastermind community 16:00 - Reality check on GPT-5 18:00 - AI builds an IR playbook 20:00 - Critical do’s and don’ts in incident response 23:00 - Why hallucinations matter in cybersecurity AI 25:00 - AI makes sense of raw logs 28:00 - Can AI replace tier one analysts? 30:00 - Where AI still falls short 31:00 - Final challenge: Strengthen your community     Links: Connect with our Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/ Register for our livestream with Gerry Auger: https://www.linkedin.com/events/7359290642633539586/ Check out the links to the OpenAI ChatGPT threads here: Incident Analysis Summary: https://chatgpt.com/share/689fa61f-3498-8006-9989-ff8221f97b01 Ransomware Incident Playbook: https://chatgpt.com/share/689fa63f-86ec-8006-8355-642d4d38808e Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

21 Elo 202532min

When AI agents move faster than security teams, the game changes, and the risks multiply. Ron welcomes back Marco “Mystic Marc” Figueroa, Program Manager at Mozilla’s 0DIN Program, to continue the conversation and update on 2025’s most pressing AI and cybersecurity shifts. From the explosive rise of AI agents and OpenAI’s rumored browser to the hidden dangers of MCP implementations and prompt injection exploits like the Gemini attack, Marco shares insights that security pros can’t afford to miss. Impactful Moments 00:00 - Introduction 02:00 - Why 2025 is the year of the agent 05:45 - MCP’s rapid adoption and security risks 10:00 - The Gemini prompt injection vulnerability 15:00 - How attackers hide malicious AI prompts 18:00 - High success rates in non-technical teams 22:00 - Rise of voice-based AI scams 25:00 - Using jailbreaks to bend AI to your needs 30:00 - Predictions on OpenAI’s upcoming browser 33:00 - The profit battle between OpenAI and Microsoft 35:00 - Windsurf’s rollercoaster of acquisitions Links: Connect with our guest Marco on LinkedIn: https://www.linkedin.com/in/marco-figueroa-re/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

14 Elo 202541min

The riskiest move in cybersecurity? Playing it too safe. In this solo episode, Ron Eddings redefines the way we think about technical debt, risk, and missed opportunities, in security and in life. Ron reframes the debt vs. risk paradigm through the lens of the SharePoint breach, personal milestones, and co-founding Hacker Valley. With sharp insights, personal stories, and a call to action for every listener, he shows how curiosity and calculated risk are the true drivers of innovation. Impactful Moments 00:00 - Introduction 01:10 - Why debt vs. risk matters now 02:20 - What the SharePoint breach taught us 04:15 - Risk avoidance creates deeper debt 05:10 - Clear definitions: risk vs. debt 06:30 - Hidden costs of deferring decisions 08:15 - Leaving $200k salary to build Hacker Valley 10:00 - Long-term founder debt explained 11:08 - When comfort becomes dangerous 12:00 - Curiosity as a leadership skill 13:10 - What you’re not seeing yet 14:30 - Final thought: reflect and reassess Links: Connect with our Ron on LinkedIn: ​​https://www.linkedin.com/in/ronaldeddings/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

7 Elo 202516min

The world’s youngest continent is also its most untapped resource. Confidence Staveley, Founder of CyberSafe, makes a powerful case for why Africa’s youth are the answer to global cybersecurity and AI innovation… if we’re bold enough to invest. In this episode, Ron welcomes back cybersecurity leader and advocate Confidence Staveley for a discussion on purpose-driven innovation, talent development, and AI-powered awareness tools. Confidence shares updates on her nonprofit work, her bold new ventures including AI Cyber Magazine, and how she's helping shape Africa into a tech talent hub. With global budget cuts hitting nonprofits and marginalized communities, Confidence shares how Africa’s innovators, who are often excluded from the table, are building their own tables, making their impact impossible to ignore, and shaping cybersecurity’s future on their terms.   Impactful Moments 00:00 - Introduction 02:00 - Her Difference Makers Award speech 04:00 - Partnering with SANS for bigger impact 06:01 - Global DEI backlash and ripple effects 10:00 - Why Africa is the future of tech 13:01 - Innovation with limited resources 17:10 - AI Cyber Magazine and its mission 19:00 - Building AI-powered awareness tools 21:00 - The African adage on self-renewal 22:10 - How sharing knowledge builds trust   Links Connect with our guest, Confidence Staveley: https://www.linkedin.com/in/confidencestaveley/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

31 Heinä 202523min

Is compliance just a checkbox, or the backbone of real security? Returning to the show with decades of hard-earned insight, Jeff Man makes the case that compliance, especially PCI-DSS, isn't just a formality; it's foundational to modern security. As one of the original architects of the NSA Red Team and a 20-year PCI veteran, Jeff explains how this often-misunderstood framework has shaped everything from pen testing to vendor accountability. Ron and Jeff unpack the six core goals of PCI, how red teams and SaaS builders are directly affected, and why many security teams resist compliance efforts, despite relying on them to get essential buy-in and funding.   Impactful Moments: 00:00 – Introduction 01:00 – Does compliance equal security? 02:09 – Jeff returns with PCI firepower 03:15 – Defining security vs. compliance 05:33 – “Show me what you’re doing” 06:45 – Six goals at PCI’s core 10:45 – Security is watching, not reacting 13:30 – Companies secure because they have to 15:00 – PCI gave red teams their jobs 16:30 – Stripe and Square absorb PCI burden 19:30 – PCI 4.0 causes confusion 21:00 – Vendors aren’t your trusted advisors 22:30 – “Hate me, but I’ll help” Links: Connect with our guest, Jeff Man: https://www.linkedin.com/in/jeffreyeman/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

24 Heinä 202524min

What separates a great CISO from a great one? In this powerhouse conversation, Ron invites friend and cybersecurity leader Gary Hayslip, CISO at SoftBank Investment Advisers, back on the mic to discuss what it takes to lead in today’s high-stakes digital world. Gary shares battle-tested insights on accountability, the evolving expectations of the CISO role, and how AI is reshaping leadership without replacing it. Gary shares stories ranging from military mishaps to enterprise-scale transformation, and makes the case for visibility, trust, and embracing change. His perspective brings clarity to the fundamental responsibilities of a CISO and the mindset required to lead with impact. Impactful Moments 00:00 – Introduction 02:00 – Defining the modern CISO as a business leader 05:45 – Why CISOs should never delegate accountability 07:30 – The danger of staying invisible 10:45 – The $40K UPS explosion mistake 15:00 – How leaders build trust in new teams 19:10 – Visibility is not micromanagement 24:30 – Staying humble while leading big 30:00 – Building “Rocky the Raccoon” internal GPT 34:30 – Hiring for AI fluency in security teams Links: Connect with our guest, Gary Hayslip: https://www.linkedin.com/in/ghayslip/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

17 Heinä 202537min

Want to stand out as a leader? According to our guest Mel Reyes, you need to dress like you mean it and speak like you’ve got nothing to prove. In this episode, Mel shares how he built billion-dollar portfolios, coached executive teams, and still shows up in a white hoodie when that feels right. With Ron, he unpacks how executive presence becomes a strategic weapon for breaking resistance, commanding attention, and making your message unforgettable. You’ll learn why generic resumes fail, how to master executive storytelling with the SPAR method, and what dropping the ego really looks like in your next leadership role.   Impactful Moments: 00:00 – Introduction 03:00 – Breaking the rules of executive delivery 07:00 – Why confidence starts in your closet 11:30 – Respecting identity in professional spaces 12:30 – Advice for breaking into cybersecurity 17:00 – Reinvention at the mid-senior level 21:00 – The SPAR framework for storytelling 30:00 – Drop the ego, find your passion   Links: Connect with our guest, Mel Reyes: https://www.linkedin.com/in/melreyes/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

10 Heinä 202532min