Special Featured Episode! Purple Teams & Threat Informed Defenses with Ben Opel
Hacker Valley Studio29 Syys 2022

Special Featured Episode! Purple Teams & Threat Informed Defenses with Ben Opel

Ben Opel, Senior Director of Professional Services at Attack IQ and former Marine, joins Chris and Ron to talk about the essentials of purple teaming. Combining the essentials of the red team and the blue team, a purple team offers cybersecurity companies a unique opportunity to create a threat informed security process. Using his time in the Marines and his experience at Attack IQ, Ben walks through purple team philosophy, breach and attack simulations, and shifting from a reactive to a proactive mindset.

Timecoded Guide:

[00:00] Past experiences with cybersecurity in the Marine Corp

[04:28] Exposure to purple teaming in defensive cyber ops

[10:26] Implementing breach and attack simulations in defense strategy

[14:38] Threat informed defense and the aftermath of breach simulations

[23:36] Communicating and approaching risk-related decisions

Sponsor Links:

Thank you to our sponsor AttackIQ for bringing this episode to life!

AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

How did you first get exposed to purple teaming and what are some of the tenants that you hold today?

Ben’s experience in cybersecurity and his journey into purple teaming occurred during his time with the Marine Corps, performing defensive cyber ops. Originally, Ben didn’t even know the term purple team existed when he first encountered it, but his team was already approaching their work that way. Ben explains a core tenant of purple teaming is getting people in the same room and showing them the value their work brings to one another.

“We started building our teams around this multifunctional purple concept of having threat hunters, threat intelligence, red cell, support and mitigation, and forensic cell all in one. All of these capabilities in one team, where they could work synergistically.”

What are the shortcomings and advantages of the purple team philosophy?

Like any philosophy, Ben explains that the hardest part of incorporating a purple team mindset is including it in everything your team does. To aid in this shortcoming, Ben keeps one question in mind: “What can someone do for me, and what can I do for them?” When involved in a purple team, everyone is putting their heads together. Ben explains there’s much less confusion between offensive and defensive professionals in that purple collaborative setting.

“Pure red team ops can be super fun, but you leave every job not sure they're going to actually make something with what you did. I've worked with blue teams who are like, ‘Hey, this was a great report, red, but we made some fixes, but we don't know if these are good.’”

How do we get more people into being proactive and adopting the purple team perspective?

A large majority of cybersecurity teams and processes involve reacting to potential threats and incidents. In contrast, purple teaming and threat informed defense strategies emphasize a more proactive mindset. Ben explains that working with a capability like Attack IQ helps teams build confidence in what they can prepare for and prevent. Building confidence in infrastructure and resilience in your team helps a proactive mindset thrive.

“It’s about giving folks the ability to parse out and understand what's important to them, and to boil that down into, ‘Okay, now, what does that mean when hands on keyboard?’ Making that available, making that easily digestible. It's an education problem in this realm.”

What would be your first piece of advice for the person about to embark on discovering or explaining breaches and attacks in relation to their organization?

Ben explains that explaining breaches and helping others in your organization understand attack risks starts with showing. He explains that revealing how easily these things can happen and in what situation certain events could be particularly harmful opens the eyes of members of your team to what their threats look like. Instead of catering to doom and gloom, analyze your cyber threat risk with practicality and literal examples.

“If I had to say that I had a specialty forced upon me by the Marine Corps, it was that. It was going over to peers and telling them that this is something that's good, bringing my red team in and letting them poke around, letting my blue team plug in to their network from some strange IP that they've never seen before.”

---------------

Links:

Keep up with our guest Ben Opel on LinkedIn

Learn more about Attack IQ on LinkedIn and the Attack IQ website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Jaksot(406)

Building Opportunities for Women and Minorities in Cybersecurity with Connie Matthews

Building Opportunities for Women and Minorities in Cybersecurity with Connie Matthews

How do you create waves of change in an industry? Connie Matthews, Founder and CEO of ReynCon, speaks with Ron about the power of resilience, mentorship, and taking that first bold step in cybersecurity. In this powerful episode, Connie shares her path as a pioneering woman in cybersecurity. Discussing diversity, mentorship, and her nonprofit EmpoW-ER, Connie’s shared lessons and insights on resilience and community give listeners a blueprint for making a meaningful impact in their careers.   Impactful Moments: 00:00 – Introduction 04:27 – Mentorship impact: Building future leaders 10:14 – Embracing diversity and servant leadership 18:03 – Founding EmpoW-ER: Supporting women in cyber 24:13 – Navigating stereotypes and staying resilient 30:00 – Recognizing and celebrating young talent 36:45 – Building an inclusive cybersecurity community   Links: Connect with our guest, Connie Matthews: https://www.linkedin.com/in/conniematthews/ Learn more about EmpoW-ER: https://www.empower-infosec.org/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

6 Marras 202441min

Rethinking Cybersecurity Hiring with Naomi Buckwalter

Rethinking Cybersecurity Hiring with Naomi Buckwalter

Is cybersecurity gatekeeping holding back the industry? Naomi Buckwalter, Senior Director of Product Security at Contrast Security and Founder of the Cybersecurity Gatebreakers Foundation, argues that fresh talent and open doors are crucial for industry growth. In this episode, Naomi challenges why industry hiring norms fall short, shares candid stories of her own missteps, and explains why humility and learning are just as important as technical skills in cybersecurity.   Impactful Moments: 00:00 – Introduction 03:15 – Building a genuine presence on LinkedIn 07:40 – Founding the Cybersecurity Gatebreakers Foundation 12:00 – Why hiring juniors is a win for cybersecurity 17:58 – Relationship building in cybersecurity 25:27 – Lessons from layoffs and overcoming failure 35:45 – Setting goals and attracting opportunities Links: Connect with our guest, Naomi Buckwalter: https://www.linkedin.com/in/naomi-buckwalter/ Learn more about the Cybersecurity Gatebreakers Foundation: https://www.cybersecuritygatebreakers.org/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

29 Loka 202443min

AI, Deepfakes, and Human Risk in Cybersecurity with Perry Carpenter

AI, Deepfakes, and Human Risk in Cybersecurity with Perry Carpenter

In a world filled with AI-generated deceptions, how do we discern what’s real? Ron sits down with Perry Carpenter, author of FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions, to discuss the risks and the potential of synthetic media and human risk management. Whether you’re worried about deepfakes or curious about AI’s role in creativity, this episode has something for everyone. Impactful Moments: 00:00 – Intro 00:49 – Synthetic voices surprise in mastermind 01:42 – Perry’s new book FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions 03:42 – Psychology's role in cybersecurity 06:07 – Human risk management explained 09:14 – Deepfakes in fraud and scams 15:13 – Demo of deepfake voices 20:22 – Using cakes to explain large language models  27:00 – AI helps overcome creative blocks 32:00 – Managing AI hallucinations and risks Connect with our guest, Perry Carpenter: https://www.linkedin.com/in/perrycarpenter Purchase a copy of Perry’s book FAIK here: https://www.amazon.com/FAIK-Practical-Disinformation-AI-Generated-Deceptions/dp/1394299885 Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

22 Loka 202433min

How to Become a True Security Leader with Nathan Case

How to Become a True Security Leader with Nathan Case

How does one become a true security leader? According to Nathan Case, it’s not about titles—it’s about impact.  In this episode, Nathan Case, VP of Cloud Security at Clarity, shares his journey through security leadership, including stories from his time at AWS and his approach to building mission-driven teams. Nathan discusses balancing family with leadership, the future of AI in cybersecurity, and what it takes to become a real leader in the security space. He also reflects on the importance of being chosen as a leader, rather than striving for the title.   Impactful Moments: 00:00 – Introduction 02:31 – Journey from AWS to Clarity 04:00 – Cyber Dominance 05:55 – Leading Through M&A 07:00 – Redefining the CISO Role 11:00 – Shared Security Responsibility 15:15 – Balancing Mission and Family 20:00 – AI in Security 28:30 – Leadership in Incident Response 32:00 – Woodworking and Perfectionism 35:00 – Leaders Are Chosen Links: Connect with our guest, Nathan Case: https://www.linkedin.com/in/nathancase/ Check out Nathan and Ross Haleliuk's blog on Security Incident Response here: https://ventureinsecurity.net/p/a-different-take-on-security-incident Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

15 Loka 202436min

AI and the Future of Cyber Defense with John Hubbard

AI and the Future of Cyber Defense with John Hubbard

How can AI shape the future of cybersecurity defense? In this episode, we dive into SOC operations, AI integration, and the latest in threat detection with John Hubbard, Cyber Defense Curriculum Lead at SANS. John discusses the expansive landscape of cybersecurity defense, while sharing insights on AI's role in threat detection and the cutting-edge tools that are pushing the boundaries of cybersecurity. From automation to detecting anomalies in network traffic, this episode will bring you up to speed on the latest trends and challenges facing cyber defense teams. Impactful Moments: 00:00 – Introduction 01:00 – Meet John Hubbard: Cyber Defense Curriculum Lead at SANS 02:30 – Overview of the SANS Cyber Defense Curriculum 03:30 – The Role of AI in Cybersecurity 05:30 – How AI is Shaping Threat Detection in SOCs 09:00 – Automation and AI: Practical Use Cases 15:00 – AI in Network Traffic Analysis 19:00 – The Future of SOC Operations with AI   Links: Connect with our guest, John Hubbard: https://www.linkedin.com/in/johnlhubbard/ Check out the SANS Cybersecurity Courses & Certifications: https://www.sans.org/cyber-security-courses/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

8 Loka 202434min

How Adversaries Are Living Off The Dark Web with Jason Haddix

How Adversaries Are Living Off The Dark Web with Jason Haddix

Have you ever lost something important, only to find out someone moved it without telling you? The same thing happens with our personal and business data. But what if you could see what the adversary sees?  In this episode, Jason Haddix, Field CISO at Flare, shares his experiences in red teaming, accessing dark web credentials, and protecting against malicious actors. Whether you're curious about data exposure or how threat actors operate, this conversation offers insights into the constant changes in cybersecurity.   Impactful Moments: 00:00 - Introduction 01:11 - The Basics of the Dark Web and How Criminals Operate 07:16 - Flare's Role in Cybersecurity 11:14 - Common Security Mistakes 20:04 - Pen Testing with Flare 21:33 - Exploiting Exposed Credentials 22:19 - Reconnaissance Tools and Techniques 24:38 - Email Security Concerns 28:43 - The Power of Stealer Logs 38:21 - Dark Web Tactics and AI 39:33 - Advice for Cybersecurity Leaders 42:04 - Exploring Flare’s Platform for Threat Intelligence 44:26 - Conclusion and Final Thoughts Links: Connect with our guest, Jason Haddix: https://www.linkedin.com/in/jhaddix/ Check out Flare here: https://try.flare.io/hacker-valley-media/ Check out Arcanum here: https://www.arcanum-sec.com/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

1 Loka 202444min

AT&T Dynamic Defense: Security Before It Reaches Your Company's Doorstep with Senthil Ramakrishnan

AT&T Dynamic Defense: Security Before It Reaches Your Company's Doorstep with Senthil Ramakrishnan

In this episode, Ron Eddings and Jen Langdon speak with Senthil Ramakrishnan, Assistant Vice President of Cybersecurity Product at AT&T Business. Senthil shares information about how a new product, AT&T Dynamic Defense™, helps protect customers by providing threat detection and mitigation at the network edge. They’ll discuss how it can address evolving cybersecurity threats, including real-world examples like the Log4j vulnerability, and how its simplicity allows for a zero-touch experience.   Impactful Moments: 00:00 - Welcome 01:01 - Introducing guest, Senthil Ramakrishnan 04:01 - Security at the Network Edge 05:57 - Fitting in With Businesses 08:00 - “Can You Just Block It For Us?” 10:05 - Stopping Log4j 11:18 - Default Enabled Policy 15:57 - How Involved is the Customer? 16:40 - Simplifying Security for Customers   Links: Connect with our guest Senthil Ramakrishnan: https://www.linkedin.com/in/senthil-ramakrishnan-66406b30/ Check out AT&T Dynamic Defense™: https://www.business.att.com/products/att-dynamic-defense.html Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams

24 Syys 202418min

Soft Skills in Technical Sales to Connect and Sell More with Evgeniy Kharam

Soft Skills in Technical Sales to Connect and Sell More with Evgeniy Kharam

Technical skills open doors, but are soft skills sealing the deal? In this episode, Evgeniy Kharam reveals how communication and connection lead to success in technical sales.    From vulnerability to voice control, Evgeniy shares how to connect with clients and sell more effectively in tech.   Evgeniy Kharam has authored “Architecting Success: The Art of Soft Skills and Technical Sales”, to teach the art of soft skills, and the importance of building connections through vulnerability.   Impactful Moments: 00:00 - Introduction 01:08 - Meet Evgeniy Kharam  02:21 - Ski & Snowboard Cybersecurity Conference 06:22 - Impact of Events and Community Building 10:19 - ‘Architecting Success’ 10:36 - Sales Engineers’ Evolving Role 25:58 - POCs and Soft Skills 28:01 - Your Voice: A Key Soft Skill 31:28 - Connect with Evgeniy   Links: Connect with our guest, Evgeniy Kharam: https://www.linkedin.com/in/ekharam/ Check out Evgeniy’s Book, “Architecting Success: The Art of Soft Skills in Technical Sales: Connect to Sell More“ here: https://a.co/d/0xJSyew Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

17 Syys 202431min

Suosittua kategoriassa Koulutus

rss-murhan-anatomia
psykopodiaa-podcast
voi-hyvin-meditaatiot-2
rss-duodecim-lehti
aloita-meditaatio
jari-sarasvuo-podcast
rss-psykalab
psykologia
rss-vapaudu-voimaasi
adhd-podi
rss-narsisti
rss-niinku-asia-on
ihminen-tavattavissa-tommy-hellsten-instituutti
rss-liian-kuuma-peruna
aamukahvilla
kesken
rss-monarch-talk-with-alexandra-alexis
rss-koira-haudattuna
rss-anteeks-etukateen
tohtorin-vuoro