Keeping It Open Source with Metasploit’s HD Moore
Hacker Valley Studio15 Syys 2022

Keeping It Open Source with Metasploit’s HD Moore

This season of Hacker Valley Red wraps up with another interview of an incredible offensive cybersecurity legend. Known first and foremost for his work founding Metasploit and his recent work co-founding Rumble, HD Moore joins the show this week to hear about his journey from spiteful hacker to successful founder. HD walks through the history of Metasploit, the motivation behind their coding decisions, his opinions on open source software, and the excitement of exploration and discovery.

Timecoded Guide:

[04:57] Catching up with HD’s career from his hacking exploits in the ‘90s through his founding of Metasploit to his recent activities with Rumble

[11:41] Getting personal with the feelings and takeaways from a project as successful and impactful on the cyber industry as Metasploit

[18:52] Explaining HD’s personal philosophies around accessible education and the risk of sharing vulnerable information publicly

[25:39] Diving deep into the technical stories of HD’s path of discovery and exploration during his time at Metasploit

[31:14] Giving advice for future founders and hackers looking to make a legendary impact on the cybersecurity community

Sponsor Links:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone

PlexTrac is pleased to offer an exclusive Red Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!

What were some of the trials, tribulations, and successes of Metasploit?

Although Metasploit has had a lasting impact on the cyber world, HD Moore is not afraid to admit that part of Metasploit existed out of spite for critics, employers, and gatekeepers in the cybersecurity industry. In terms of trials and tribulations, HD saw a great deal of criticism come from his peers and from professionals ahead of him in the industry, often displaying rudeness towards the quality of the exploits and Metasploit’s audience of young hackers. Later, HD says that a surprising and amusing side effect of his success with the project was watching employers and peers go from criticizing to lifting up his work with Metasploit and attributing success of many hacking professionals to its creation.

“When we started the Metasploit project, we really wanted to open up to everybody. We wanted to make sure that, even if you barely knew how to program, you can still contribute something to Metasploit. So, we did our best to make it really easy for folks to get in touch with us, to submit code.”

Where does your philosophy land today on giving information freely?

HD has heard the same opinions many professionals that teach and give information freely have heard: “You’re making it easier for people to use this information the wrong way.” Instead of considering the worst possible outcomes of making hacking accessible, HD chooses to acknowledge the importance of accessible education and publicly provided information. According to HD, if someone is creating and teaching content to the next generation of red teamers, that content is theirs to use. Whether they’re a physical pen tester teaching lock picking or a hacker disclosing a vulnerability, what they choose to share with others has to be based on personal moral code and what others do with that information is up to them.

“It comes down to: You do the work, you own the result. If you're teaching people how to do stuff, great, they can do what they want. You can decide to do that, you can decide not to do that, but it's your decision to spend your time training people or not training them.”

Is it possible to be a CEO, or a co-founder, and stay technical?

The downside of success in the cybersecurity industry is often stereotyped as losing the opportunity to be a hands-on hacker. However, for HD, his success has allowed him to do the exact opposite and instead prioritize his time to be technical. HD believes strongly in the ability to make this happen through proper delegation of duties, incorporating new leaders and managers in your company or project, and acknowledging when you may need the help to bring what you’re working on to the next level. HD is proud of his success with Metasploit and Rumble, and is happy that he was able to hand off certain duties to other professionals that he knew would do better if they had a chance in the founder’s shoes.

“Don't let the growth of your company change what you enjoy about your work. That's really the big thing there, and there's lots of ways you can get there. You can hire folks to help out, you can promote your co-founder to CEO. You can bring on program managers or project managers to help with all the day to day stuff."

What advice do you have for people looking to follow a similar cyber career path?

Content is the name of the game, especially when you’re looking to get more eyes on what you do. HD is the first to admit that putting himself out there in a blog post, on a podcast, or at a stage show is not always a walk in the park, taking him out of his comfort zone and often away from the tech that he spends his time on. However, publicly displaying himself and his work has brought attention to Rumble and Metasploit, and HD knows he would not have achieved this level of success without putting his content out into the world, hearing feedback from his peers, and even receiving his fair share of criticism from industry professionals.

“Not all of it is the most fun thing to do all the time, but it is crucially important, not just for growing yourself and getting out there and getting feedback from your peers, but for learning because you learn so much from the feedback you get from that effort.”

-----------

Links:

Stay in touch with HD Moore on LinkedIn, Twitter, and his website.

Learn more about Rumble, Inc on LinkedIn and the Rumble website.

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter and LinkedIn

Catch up with Chris Cochran on Twitter and LinkedIn

Continue the conversation by joining our Discord

Jaksot(406)

AI Is the Tool Not the Toolbox

AI Is the Tool Not the Toolbox

Embrace the AI Revolution in Cybersecurity! Ron Eddings explores the dynamic world of AI, from cybersecurity automation to anomaly detection. Learn how AI is being used by practitioners and creators to stay one step ahead of the adversary and the competition   Impactful Moments 0:00 - Intro 1:35 - Origin into cybersecurity and automation 6:12 - What is Artificial Intelligence? 8:23 - Using AI to Classify Phishing Emails 11:32 - Descript and Claude2 to Summarize Content 17:54 - ChatGPT Advanced Data Analysis 21:41 - Top 4 AI Red Team Attacks 26:09 - Cybersecurity AI Disrupters 27:50 - Cybersecurity Creative Mastermind   Links: Connect with Ron Eddings: https://www.linkedin.com/in/ronaldeddings/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

12 Syys 202328min

Security Teams Can’t Do It All with Rob Wood - REWIND

Security Teams Can’t Do It All with Rob Wood - REWIND

For this week's episode, we brought back a fan favorite Security Teams Can't Do It All. This episode features guest Rob Wood, CISO at CMS, who discusses the challenges of data silos in the workplace and the importance of supportive leadership.   Links: Connect with our guest Rob Wood on LinkedIn Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

5 Syys 202330min

The Art of Creating Cybersecurity Content With Jason Rebholz

The Art of Creating Cybersecurity Content With Jason Rebholz

In this episode, host Ron is joined by the CISO at Corvus Insurance, Jason Rebholz, to talk about the life of being a cybersecurity content creator. From his drive to create cyber content for technical and non-technical audiences to the sometimes harsh realities of content creation, Jason opens up about the importance of having passion and well-balanced goals. Impactful Moments 00:00 - Welcome 01:12 - Introducing guest, Jason Rebholz 02:05 - Jason’s cybersecurity background 04:37 - Everybody loves a former CISO 06:16 - Creating digestable content for all 09:07 - The nuances of MFA 11:16 - Goal setting 14:06 - The harsh reality of content creation 18:56 - Bullets before canon balls 28:53 - Join our mastermind! 29:57 - Balance is key 31:25 - Mastering effective communication 33:29 - Advice for aspiring content creators   Links: Connect with our guest Jason https://www.linkedin.com/in/jrebholz/ Check out Jason’s YouTube channel https://www.youtube.com/@teachmecyber Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

29 Elo 202335min

Humility In Product Management with Eric Avigdor

Humility In Product Management with Eric Avigdor

In this episode, hosts Ron and Chris are joined by special guest Eric Avigdor, VP of Product Management at Votiro. With humility as the focal point, Eric details his journey as a Product Manager — sharing his unique approach to leadership and customer engagement, as well as the art of asking the right questions. Discover how Votiro is spearheading content security innovation, and don't miss Eric's advice for budding Product Managers eager to make their mark in the industry. Impactful Moments: 00:00 - Welcome 01:10 - Introducing guest, Eric Avigdor 02:27 - Cybersecurity is like an orchestra 03:20 - Product Management vs Engineering 04:40 - Misconceptions of Product Management 07:09 - Understanding the product 08:18 - The realities of the job 10:51 - Tying the whole story together 13:32 - Why Votiro? 16:52 - Leading the way in innovation 19:05 - A word about our sponsor 21:24 - A use-case storytime 23:17 - Integrating where content resides 25:06 - Security + collaboration is the goal 27:50 - Advice for aspiring Product Managers Links: Connect with Eric Avigdor: https://www.linkedin.com/in/eric-avigdor-0b561118/  Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

22 Elo 202329min

Leadership In Cybersecurity with Marty Overman

Leadership In Cybersecurity with Marty Overman

Host Chris Cochran is joined by Marty Overman, Senior VP at Imperva, to discuss the importance of self-awareness and transparency in cybersecurity leadership. The two emphasize the need for leaders to recognize their strengths and weaknesses and understand and empathize with the needs and experiences of those they lead. Impactful Moments 00:00 - Welcome 00:52 - Introducing guest, Marty Overman 01:26 - What makes a great sales leader? 04:50 - The power of asking questions 07:27 - Building strong team cultures 11:58 - Creating opportunities for collaboration 14:28 - Setting goals and expectations 17:24 - Creating team identity together 24:15 - Identifying areas for improvement 28:09 - Psychological safety in leadership 30:12 - Creating a safe space 34:52 - Adults and the inner child 37:26 - Empathy and understanding Links: Connect with Marty Overman: https://www.linkedin.com/in/martyoverman/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

15 Elo 202338min

SaaS Opportunities & Consequences of Using AI

SaaS Opportunities & Consequences of Using AI

In this episode, host Ron is joined by Jamie Blasco, co-founder and CTO at Nudge Security, to discuss the opportunities of SaaS as well as the security implications of AI. Jamie also considers the importance of striking a balance between productivity and security when employees adopt new tools. Lastly, he emphasizes his philosophy of treating employees as part of the solution and creating a culture where they feel valued and included in the company's security efforts. Impactful Moments: 00:00 - Welcome 01:35 - Introducing guest, Jamie Blasco 02:25 - How does SaaS fit into AI today? 03:52 - Areas of opportunity for AI & SaaS 05:17 - A walk down Jamie’s memory lane 09:56 - Finding the shadow IT 15:08 - What are the risks? 18:26 - A word from our sponsor! 20:40 - 3rd party risk & data usage 24:33 - Types of AI Nudge is utilizing 26:38 - The premise behind Nudge 30:50 - Employees as part of the solution 33:13 - SaaS — critical but risky 36:43 - Jamie’s final words of advice Links: Connect with Jamie Blasco: https://www.linkedin.com/in/jaimeblasco/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

1 Elo 202338min

Mastering The Art Of Storytelling In Cybersecurity

Mastering The Art Of Storytelling In Cybersecurity

How do you effectively persuade team members and stakeholders to take action, convey the importance of new projects, or request additional resources? Communicating technical security information often leads to disconnection or worse, falls on deaf ears. During this hour-long livestream, hosts Ron and Chris tackle how you can turn the tables by leveraging the primal power of storytelling, enhancing attention and engagement. Impactful Moments: 00:00 - Introduction 04:39 - Storytelling & conveying information  07:39 - How do I tell better stories? 14:25 - The Story Circle & The Hero's Journey 22:11 - Understanding your audience 24:41 - Simplifying cybersecurity  30:20 - The impact of storytelling 36:01 - Mastering storytelling in cybersecurity  Links: Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

25 Heinä 202338min

Hacking, Innovation, & the Formation of the First NSA Red Team with Jeff Man

Hacking, Innovation, & the Formation of the First NSA Red Team with Jeff Man

In this episode, Chris and Ron Eddings are joined by Jeff Man, a legend in cybersecurity. The conversation begins with Jeff sharing his experiences as a member of the first NSA red team and his involvement in groundbreaking projects. He discusses his early days working with computers at the National Security Agency (NSA) in the 1980s and his role in developing a software-based encryption system. Jeff also points to the significance of the first publicly available web browser and the impact it had on the internet and cybersecurity. Later in the episode, Jeff talks about his transition from the NSA to the private sector and his focus on Payment Card Industry Data Security Standard (PCI DSS) compliance. He explains the importance of PCI and how it provides a framework for organizations to protect sensitive data and maintain secure networks. Impactful Moments 0:00 - Intro 01:15 - Welcome Jeff Man 01:51 - Jeff’s introduction to computing and cybersecurity 09:25 - Creation of the first NSA Red Team 15:20 - Leaving NSA and Focusing on PCI 19:41 - Advice for Those Starting in Cybersecurity 21:53 - Staying up to date with Jeff Man Links: Stay in touch with Jeff Man on LinkedIn: https://www.linkedin.com/in/jeffreyeman/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

18 Heinä 202322min

Suosittua kategoriassa Koulutus

rss-murhan-anatomia
psykopodiaa-podcast
voi-hyvin-meditaatiot-2
rss-duodecim-lehti
aloita-meditaatio
jari-sarasvuo-podcast
rss-psykalab
psykologia
rss-vapaudu-voimaasi
adhd-podi
rss-narsisti
rss-niinku-asia-on
ihminen-tavattavissa-tommy-hellsten-instituutti
rss-liian-kuuma-peruna
aamukahvilla
kesken
rss-monarch-talk-with-alexandra-alexis
rss-koira-haudattuna
rss-anteeks-etukateen
tohtorin-vuoro