Keeping It Open Source with Metasploit’s HD Moore
Hacker Valley Studio15 Syys 2022

Keeping It Open Source with Metasploit’s HD Moore

This season of Hacker Valley Red wraps up with another interview of an incredible offensive cybersecurity legend. Known first and foremost for his work founding Metasploit and his recent work co-founding Rumble, HD Moore joins the show this week to hear about his journey from spiteful hacker to successful founder. HD walks through the history of Metasploit, the motivation behind their coding decisions, his opinions on open source software, and the excitement of exploration and discovery.

Timecoded Guide:

[04:57] Catching up with HD’s career from his hacking exploits in the ‘90s through his founding of Metasploit to his recent activities with Rumble

[11:41] Getting personal with the feelings and takeaways from a project as successful and impactful on the cyber industry as Metasploit

[18:52] Explaining HD’s personal philosophies around accessible education and the risk of sharing vulnerable information publicly

[25:39] Diving deep into the technical stories of HD’s path of discovery and exploration during his time at Metasploit

[31:14] Giving advice for future founders and hackers looking to make a legendary impact on the cybersecurity community

Sponsor Links:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone

PlexTrac is pleased to offer an exclusive Red Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!

What were some of the trials, tribulations, and successes of Metasploit?

Although Metasploit has had a lasting impact on the cyber world, HD Moore is not afraid to admit that part of Metasploit existed out of spite for critics, employers, and gatekeepers in the cybersecurity industry. In terms of trials and tribulations, HD saw a great deal of criticism come from his peers and from professionals ahead of him in the industry, often displaying rudeness towards the quality of the exploits and Metasploit’s audience of young hackers. Later, HD says that a surprising and amusing side effect of his success with the project was watching employers and peers go from criticizing to lifting up his work with Metasploit and attributing success of many hacking professionals to its creation.

“When we started the Metasploit project, we really wanted to open up to everybody. We wanted to make sure that, even if you barely knew how to program, you can still contribute something to Metasploit. So, we did our best to make it really easy for folks to get in touch with us, to submit code.”

Where does your philosophy land today on giving information freely?

HD has heard the same opinions many professionals that teach and give information freely have heard: “You’re making it easier for people to use this information the wrong way.” Instead of considering the worst possible outcomes of making hacking accessible, HD chooses to acknowledge the importance of accessible education and publicly provided information. According to HD, if someone is creating and teaching content to the next generation of red teamers, that content is theirs to use. Whether they’re a physical pen tester teaching lock picking or a hacker disclosing a vulnerability, what they choose to share with others has to be based on personal moral code and what others do with that information is up to them.

“It comes down to: You do the work, you own the result. If you're teaching people how to do stuff, great, they can do what they want. You can decide to do that, you can decide not to do that, but it's your decision to spend your time training people or not training them.”

Is it possible to be a CEO, or a co-founder, and stay technical?

The downside of success in the cybersecurity industry is often stereotyped as losing the opportunity to be a hands-on hacker. However, for HD, his success has allowed him to do the exact opposite and instead prioritize his time to be technical. HD believes strongly in the ability to make this happen through proper delegation of duties, incorporating new leaders and managers in your company or project, and acknowledging when you may need the help to bring what you’re working on to the next level. HD is proud of his success with Metasploit and Rumble, and is happy that he was able to hand off certain duties to other professionals that he knew would do better if they had a chance in the founder’s shoes.

“Don't let the growth of your company change what you enjoy about your work. That's really the big thing there, and there's lots of ways you can get there. You can hire folks to help out, you can promote your co-founder to CEO. You can bring on program managers or project managers to help with all the day to day stuff."

What advice do you have for people looking to follow a similar cyber career path?

Content is the name of the game, especially when you’re looking to get more eyes on what you do. HD is the first to admit that putting himself out there in a blog post, on a podcast, or at a stage show is not always a walk in the park, taking him out of his comfort zone and often away from the tech that he spends his time on. However, publicly displaying himself and his work has brought attention to Rumble and Metasploit, and HD knows he would not have achieved this level of success without putting his content out into the world, hearing feedback from his peers, and even receiving his fair share of criticism from industry professionals.

“Not all of it is the most fun thing to do all the time, but it is crucially important, not just for growing yourself and getting out there and getting feedback from your peers, but for learning because you learn so much from the feedback you get from that effort.”

-----------

Links:

Stay in touch with HD Moore on LinkedIn, Twitter, and his website.

Learn more about Rumble, Inc on LinkedIn and the Rumble website.

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter and LinkedIn

Catch up with Chris Cochran on Twitter and LinkedIn

Continue the conversation by joining our Discord

Jaksot(406)

Privacy by Design: The Future of Homomorphic Encryption & Secure Data Analytics

Privacy by Design: The Future of Homomorphic Encryption & Secure Data Analytics

In this episode, Chris and Ron interview Derek Wood from Duality Technologies, a leading privacy technology company to discuss the concept of homomorphic encryption and its significance in data security, privacy, and governance. Homomorphic encryption enables users to perform computations on encrypted data without exposing it, revolutionizing the way data is used and analyzed. In this episode, the group discusses the challenges in the current data landscape, the importance of security and privacy, and the potential impact of duality's solutions in various industries such as finance and healthcare. Check out Duality’s webinar, Why Data, Privacy, & Security Leaders are Key to Growth & Innovation Impactful Moments: 00:00 - Introduction 01:09 - What is homomorphic encryption? 04:03 - Misconceptions of security and privacy 06:25 - What is Duality’s mission? 10:04 - Does Google Drive use homomorphic encryption? 13:08 - What homomorphic encryption enables 22:08 - Innovations that Duality is working on 24:37 - Secure data analytics and Homomorphic encryption 31:41 - Impact of AI and LLMs on security and privacy Links: Stay in touch with Derek Wood on LinkedIn: https://www.linkedin.com/in/drwood/ Learn more about Duality Technologies: https://dualitytech.com/  Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

11 Heinä 202336min

The Future of AI In Cybersecurity

The Future of AI In Cybersecurity

In this episode, Ron and Chris explore the vast potential of AI in cybersecurity, including its ability to develop cybersecurity solutions, provide recommendations and predictions for cyber practitioners, and even assist attackers in identifying vulnerabilities and creating exploits. Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Impactful Moments: 00:00 - Introduction 00:56 - The future of AI in cybersecurity 02:24 - Addressing the elephant in the room 03:15 - Amplifying your productivity  05:13 - AI & vulnerability management 09:00 - Remediating vulnerabilities with AI 11:41 - Join our community!  12:32 - Coding, building, & developing 18:13 - Final thoughts

27 Kesä 202319min

Vulnerability Hunting & AI with Brian Contos

Vulnerability Hunting & AI with Brian Contos

In this episode, hosts Ron and Chris are joined by Brian Contos, Chief Strategy Officer at Sevco to discuss his “movie-like” career trajectory and the rise of artificial intelligence (AI) in cybersecurity. With two IPOs and eight acquisitions under his career belt, Brian expresses his passion for startups and how getting out of his comfort zone transformed his business knowledge. The group also dives into the rise of artificial intelligence and how it will revolutionize the cybersecurity landscape. Stay in touch with Brian Contos: https://www.linkedin.com/in/briancontos/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleys... Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Impactful Moments: 00:00 - Intro 01:09 - Introducing Brian Contos 04:03 - Brian’s passion for startups 06:13 - Emerging tech & AI 07:50 - The intersection of AI & cybersecurity  09:50 - The future impacts of AI 10:58 - How will AI enhance cybersecurity? 15:02 - Data assessment vs data integration 17:46 - Join our community! 18:48 - Getting out of your comfort zone 21:21 - Small touches lead to big finishes

20 Kesä 202324min

Balancing Work & Parenting In Cybersecurity

Balancing Work & Parenting In Cybersecurity

In this episode, Ron and Chris discuss the challenges of balancing cybersecurity and parenting. Chris, a father of three, shares his experience of being a parent while also working in cybersecurity. They talk about the sacrifices that come with being a parent and how to prioritize family while still maintaining a career in cybersecurity. They also discuss the importance of having a plan but being flexible enough to adapt to unexpected situations.  Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Impactful Moments: 02:39 - Balancing cybersecurity and parenting 04:27- Maternity/paternity leave in cyber 08:33 - Skills in parenting for cybersecurity 10:36 - Career sacrifices 14:05 Parenting with a support system 17:31- Being more than a parent

13 Kesä 202320min

What Is Security Architecture?

What Is Security Architecture?

In this episode of Hacker Valley Studio, Ron and Chris take a deep dive into all things Security Architecture and the essential skills you need to thrive in your role. Ron shares insights from his personal journey into security architecture as well as his expert advice on how to break in and stand out in the field. Links: Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Impactful Moments: 01:22 - What is Security Architecture? 03:04 - Day in the life of a security architect 04:01 - Different types of security architects 06:01 - Ron’s journey into security architecture 07:49 - What skills do you need? 08:40 - Join our community! 09:21 - Ron’s best practices 10:24 - Finding the right solutions 11:36 - What is the salary potential? 12:59 - How to stand out 13:52 - Advice for those breaking into the field

6 Kesä 202315min

Technical Dojos: Cultivating Skills and Navigating Change in Cybersecurity

Technical Dojos: Cultivating Skills and Navigating Change in Cybersecurity

In this cybersecurity podcast episode, Chris Cochran and Ron Eddings discuss the concept of 'dojos' as environments for growth and learning, drawing on experiences from their own career paths in cybersecurity. The 'dojo' metaphor is applied to various life experiences, with an emphasis on cybersecurity communities and events. Chris describes his journey to the west coast where he lived in a hacker house, a form of dojo where he, along with his roommates, focused on cybersecurity, technology, personal growth, and development. This life-changing experience spurred the creation of their podcast. Links: Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Impactful Moments: 0:00 - Intro 00:55 - What is a dojo? 02:25 - Technical/cybersecurity dojos 05:17 - Getting started 07:21 - What should you look for in a dojo community? 09:06 - How to level up and give back 10:14 - Join our community! 11:36 - When is it time to move on? 12:50 - Learning hurts - embrace it! 13:59 - What’s your next dojo?

30 Touko 202315min

Attack Surface Management: The Grit Needed for True Cyber Resilience with Nabil Hannan

Attack Surface Management: The Grit Needed for True Cyber Resilience with Nabil Hannan

Join hosts Ron and Chris as they dive into the world of Attack Surface Management (ASM) in this episode recorded live at RSAC 2023. Special guest Nabil Hannan, a seasoned industry expert and Field CISO at NetSPI, shares his wealth of knowledge and expertise in this critical field. Together, they explore the evolving landscape of ASM, highlighting NetSPI's unique approach compared to other solution providers and shedding light on the state of ASM to empower listeners to enhance their security posture. NetSPI has a team of skilled pen-testers that can help you find those critical vulnerabilities and become your partner in creating the right remediation game plan for you. Check them out at https://www.netspi.com/HVM Links: Connect with Nabil Hannan on LinkedIn: https://www.linkedin.com/in/nhannan/ Connect with us on LinkedIn: https://www.linkedin.com/company/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Impactful Moments: 01:08 - Introducing Nabil Hannan 01:25 - Relationship-building through play 04:39 - The power of authenticity 05:39 - What is a Field CISO? 07:02 - The rise of attack surface management 09:17 - What makes NetSPI different? 11:26 - A word from our sponsor 12:17 - Attack surface management for SMBs 15:15 - ASM solutions & false positives 17:16 - An ASM case study 21:15 - Red teaming influence on ASM 24:12 - Where do I get started with ASM?

23 Touko 202325min

A Tale of Two Risks: Third-Party and SaaS Security

A Tale of Two Risks: Third-Party and SaaS Security

In this episode, hosts Ron and Chris are joined by Paul Valente, CEO and co-founder of VISO Trust, and Bryan Wong, Sr. Security Analyst at Headspace, as they dive into the world of third-party risk in cybersecurity. With conversations ranging from the current state of third-party risk to identifying trustworthy vendors such as VISO Trust, they'll provide insights into how organizations manage partnerships in a scalable and secure way. Say goodbye to frustration and hello to peace of mind with VISO TRUST! Visit https://visotrust.com/hackervalley/ to learn how to transform your third-party risk management program. Links: Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Impactful Moments: 01:03 - Introducing Paul Valente & Bryan Wong 01:54 - The current state of third-party risk 02:46 - VISTO Trust — trust through transparency 04:43 - Headspace’s approach to 3rd party providers 05:23 - Managing risk successfully 07:44 - There’s a better way! 09:04 - Risk assessment & procurement 11:37 - VISO Trust & Headspace’s approach to AI 14:43 - A word from our sponsor 15:26 - The challenges of complete visibility 17:16 - Continuous, automated due diligence 18:52 - Identifying trustworthy vendors 21:34 - Doing more with less/cost-effectiveness 23:22 - Is 100% automation doable? 24:20 - You can have your cake and eat it too with third-parties

16 Touko 202325min

Suosittua kategoriassa Koulutus

rss-murhan-anatomia
voi-hyvin-meditaatiot-2
psykopodiaa-podcast
rss-duodecim-lehti
aloita-meditaatio
rss-niinku-asia-on
rss-vapaudu-voimaasi
adhd-podi
kesken
rss-psykalab
psykologia
rss-valo-minussa-2
rss-narsisti
jari-sarasvuo-podcast
rss-metropolia-ammattikorkeakoulu
rss-koira-haudattuna
rss-anteeks-etukateen
rss-arkea-ja-aurinkoa-podcast-espanjasta
rss-opecast
rss-tfa-8020-podcast