Special Featured Episode! Purple Teams & Threat Informed Defenses with Ben Opel
Hacker Valley Studio29 Syys 2022

Special Featured Episode! Purple Teams & Threat Informed Defenses with Ben Opel

Ben Opel, Senior Director of Professional Services at Attack IQ and former Marine, joins Chris and Ron to talk about the essentials of purple teaming. Combining the essentials of the red team and the blue team, a purple team offers cybersecurity companies a unique opportunity to create a threat informed security process. Using his time in the Marines and his experience at Attack IQ, Ben walks through purple team philosophy, breach and attack simulations, and shifting from a reactive to a proactive mindset.

Timecoded Guide:

[00:00] Past experiences with cybersecurity in the Marine Corp

[04:28] Exposure to purple teaming in defensive cyber ops

[10:26] Implementing breach and attack simulations in defense strategy

[14:38] Threat informed defense and the aftermath of breach simulations

[23:36] Communicating and approaching risk-related decisions

Sponsor Links:

Thank you to our sponsor AttackIQ for bringing this episode to life!

AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

How did you first get exposed to purple teaming and what are some of the tenants that you hold today?

Ben’s experience in cybersecurity and his journey into purple teaming occurred during his time with the Marine Corps, performing defensive cyber ops. Originally, Ben didn’t even know the term purple team existed when he first encountered it, but his team was already approaching their work that way. Ben explains a core tenant of purple teaming is getting people in the same room and showing them the value their work brings to one another.

“We started building our teams around this multifunctional purple concept of having threat hunters, threat intelligence, red cell, support and mitigation, and forensic cell all in one. All of these capabilities in one team, where they could work synergistically.”

What are the shortcomings and advantages of the purple team philosophy?

Like any philosophy, Ben explains that the hardest part of incorporating a purple team mindset is including it in everything your team does. To aid in this shortcoming, Ben keeps one question in mind: “What can someone do for me, and what can I do for them?” When involved in a purple team, everyone is putting their heads together. Ben explains there’s much less confusion between offensive and defensive professionals in that purple collaborative setting.

“Pure red team ops can be super fun, but you leave every job not sure they're going to actually make something with what you did. I've worked with blue teams who are like, ‘Hey, this was a great report, red, but we made some fixes, but we don't know if these are good.’”

How do we get more people into being proactive and adopting the purple team perspective?

A large majority of cybersecurity teams and processes involve reacting to potential threats and incidents. In contrast, purple teaming and threat informed defense strategies emphasize a more proactive mindset. Ben explains that working with a capability like Attack IQ helps teams build confidence in what they can prepare for and prevent. Building confidence in infrastructure and resilience in your team helps a proactive mindset thrive.

“It’s about giving folks the ability to parse out and understand what's important to them, and to boil that down into, ‘Okay, now, what does that mean when hands on keyboard?’ Making that available, making that easily digestible. It's an education problem in this realm.”

What would be your first piece of advice for the person about to embark on discovering or explaining breaches and attacks in relation to their organization?

Ben explains that explaining breaches and helping others in your organization understand attack risks starts with showing. He explains that revealing how easily these things can happen and in what situation certain events could be particularly harmful opens the eyes of members of your team to what their threats look like. Instead of catering to doom and gloom, analyze your cyber threat risk with practicality and literal examples.

“If I had to say that I had a specialty forced upon me by the Marine Corps, it was that. It was going over to peers and telling them that this is something that's good, bringing my red team in and letting them poke around, letting my blue team plug in to their network from some strange IP that they've never seen before.”

---------------

Links:

Keep up with our guest Ben Opel on LinkedIn

Learn more about Attack IQ on LinkedIn and the Attack IQ website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Jaksot(406)

Recon Like An Adversary: Uncovering Modern Techniques in Attack Surface Management with Jason Haddix

Recon Like An Adversary: Uncovering Modern Techniques in Attack Surface Management with Jason Haddix

Ever wondered how the best defenders become unstoppable? They think like the attackers. In this episode with Jason Haddix, we reveal the strategies hackers don’t want you to know about and show you how to use them to your advantage. Jason, CEO of Arcanum Information Security and Field CISO at Flare, helps us step into the mind of a hacker. With stories and insights that will change how you think about cybersecurity, he talks about the tactics that can turn any security program into a fortress. From exploiting the overlooked to using AI for unbeatable defense, this conversation will revolutionize your approach to cybersecurity.   00:00 Introduction 01:29 Jason Haddix, CEO at Arcanum and Field CISO for Flare 04:48 Origins of Arcanum 07:04 Recon in Cybersecurity 12:22 Recon Discoveries 27:41 Flare's Role in Credential Management 33:47 Tooling for Small Businesses 35:47 Using AI for Cybersecurity 41:23 Flare Platform Deep Dive 43:20 Conclusion   Links: Connect with our guest, Jason Haddix: https://www.linkedin.com/in/jhaddix/ Check out Flare here: https://try.flare.io/hacker-valley-media/ Check out Arcanum here: https://www.arcanum-sec.com/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

10 Syys 202446min

I Failed Over 300 Times Trying To Get Into Security ft. Joe South

I Failed Over 300 Times Trying To Get Into Security ft. Joe South

Joe South is a testament to resilience, unconventional decisions, and finding success in unexpected places. If you’ve ever felt stuck in a rut or on the verge of giving up, Joe’s experience might be the jolt you need to keep pushing forward. Joe, Principal Security Engineer and host of the “Security Unfiltered” podcast, shares his journey into cybersecurity and battling depression after being rejected more than 300 times when applying for security roles. Joe shares advice on breaking into cybersecurity, dealing with rejection, the importance of mentorship, and staying persistent.   00:00 Introduction 01:00 Joe South, Principal Security Engineer and Host of the Security Unfiltered podcast 02:34 Early Career Struggles and Breakthrough 03:59 The Turning Point: From Help Desk to Cybersecurity 06:44 Rejection and Finding Success 11:17 Advice for Aspiring Cybersecurity Professionals 16:19 The Importance of Continuous Learning in Cybersecurity 18:10 Join the Hacker Valley Creative Mastermind! 19:10 Securing AI Models: Challenges and Strategies 20:10 The Importance of Communication in Security 21:22 Experience and Career Advancement 21:52 Rethinking Success: The Value of Being Number Two 23:57 Pressure and Rewards of Being a CISO 26:16 The Benefits of Podcasting and Content Creation 32:28 Balancing Personal and Public Information 35:27 Overcoming Adversity and Putting Yourself Out There 38:01 Final Thoughts and Advice for Aspiring Content Creators Links: Connect with our guest, Joe South: https://www.linkedin.com/in/joseph-south/ Check out the Security Unfiltered podcast here: https://securityunfiltered.com   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

3 Syys 202440min

Cybersecurity Challenges: AI, Burnout, and Insider Threats with Kayla Williams

Cybersecurity Challenges: AI, Burnout, and Insider Threats with Kayla Williams

At Black Hat 2024, we sat down with Kayla Williams, Chief Information Security Officer at Devo, to discuss her career journey, the role of AI in cybersecurity, and the pervasive issue of burnout among SOC analysts. Through her research with Wakefield Research, Kayla and her team discovered that 83% of IT professionals are burnt out due to stress, lack of sleep, and anxiety. IT and Security burnout leads to breaches. For the past 4 years, Devo has been hosting SOC Analyst Appreciation Day, a virtual event where they shower SOC analysts with the love, appreciation and recognition that they deserve.   Impactful Moments: 00:00 - Introduction 01:25 - Kayla Williams, Chief Information Security Officer at Devo 01:38 - How Kayla Became a CISO 03:06 - Challenges and Rewards 04:23 - Burnout in Cybersecurity 04:31 - 83% of IT professionals are Burnt Out 09:38 - How AI Fits into the SOC 09:59 - Key Use Cases for AI in Cybersecurity 15:07 - Insider Threat and Employees Stealing Company Data 18:14 - Non-Traditional Paths into Cybersecurity 21:00 - Future of Cybersecurity and AI 22:31 - Advice for Aspiring CISOs   Links: Connect with our guest, Kayla Williams: https://www.linkedin.com/in/kaylamwilliams1/ Check out Devo: https://www.devo.com/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

27 Elo 202424min

Offensive Security: Unlocking Hidden ROI with Seemant Sehgal

Offensive Security: Unlocking Hidden ROI with Seemant Sehgal

In this episode, Ron sits down at Black Hat with guest Seemant Sehgal, Founder & CEO of BreachLock, to learn more about how offensive security, such as red teaming and pen testing, fits into the cyber ecosystem. Seemant highlights how his background as a practitioner has helped him better understand the pain points that customers feel and assist them in making the most of their budget. Impactful Moments: 00:00 - Welcome 00:50 - Introducing Guest, Seemant Sehgal 02:47 - Penetration Testing vs Red Teaming 05:22 - What A Hacker Wants 06:17 - From our Sponsor, BreachLock 07:35 - There’s Always A ‘Low Hanging Fruit’ 08:49 - Trusted Partners 10:49 - Closing Doors On Hackers 13:08 - Advice to Entrepreneurs: Knowing Your ‘Why’   Links: Connect with our guest, Seemant Sehgal: https://www.linkedin.com/in/s-sehgal/ Check out BreachLock: https://www.breachlock.com/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

16 Elo 202415min

Black Hat 2024 Conference Pre-Game

Black Hat 2024 Conference Pre-Game

In this episode, Ron and Jen welcome you to Vegas and discuss a little background on Black Hat and DEF CON and how to make the most of your time professionally. Impactful Moments: 00:00 - Welcome 00:56 - Hello From Vegas! 01:41 - Conference Anxiety 03:43 - Origins of Black Hat 06:17 - Which Conference? 08:18 - Conference Strategy 11:47+ - You Can Only Pick One…   Links: Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

9 Elo 202413min

The Present and Future of AI in Cyber

The Present and Future of AI in Cyber

In this episode, Hosts Ron Eddings and Jen Langdon discuss questions about AI in Cyber. From the current state to where AI could be going, to resources to help you engage and up-level, there’s a little bit of everything for everyone in this episode.   Impactful Moments: 00:00 - Welcome 00:46 - Introduction 02:29 - Engineering AI 06:54 - Was it Made By AI? 09:07 - Join Our Mastermind 10:15 - AI in the Future 13:26 - AI in 2044 17:56 - AI & Resources 19:40 - AI Resources! 20:55 - One Step Better…   Links: Check out some resources shared during this episode: https://www.futuretools.io/   https://theresanaiforthat.com/ https://www.google.com/books/edition/On_Intelligence/Qg2dmntfxmQC?hl=en&gbpv=0 https://www.youtube.com/channel/UCbfYPyITQ-7l4upoX8nvctg   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

30 Heinä 202423min

Leaving an Impression: Strategies for Captivating a Massive Audience

Leaving an Impression: Strategies for Captivating a Massive Audience

In this episode, hosts Ron Eddings and Jen Langdon discuss the power of storytelling through various media. Whether your goal is to create video content, deliver keynotes on stage, or be creative through other digital mediums, there will be something for everyone! Impactful Moments: 00:00 - Welcome 01:05 - Introductions 04:55 - Storytelling in Story Circle 09:23 - Crossing Across the Story Circle 12:15 - Join Our Mastermind! 12:57 - Is ‘Speaking’ Your Thing? 19:33 - Audience Considerations 22:24 - Speaking vs Writing 25:24 - Video/Digital Media 28:30 - Making it Captivating 32:03 - Last Reminders…   Links: Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

23 Heinä 202432min

How Can I Best Proactively Secure My SaaS?

How Can I Best Proactively Secure My SaaS?

In this episode, Ron Eddings will explore the massive adaptation of SaaS applications and ways to tame the beast. Our guest Yoni Shohet, Co-Founder & CEO at Valence Security, will help provide insight into the capabilities of a SaaS Security Posture Management (SSPM) platform and best practices for implementing a SaaS security solution. Impactful Moments: 00:00 - Welcome 01:59 - Introducing guest, Yoni Shohet 03:25 - Founding A SaaS Security Company 06:30 - What is SSPM? 08:27 - From our Sponsor, Valence 09:30 - Before Clicking ‘Allow’ 11:54 - Users Want Their LLMs! 14:37 - Common Missteps 19:08 - Can You Manage SaaS w/o Technology? 24:15 - SaaS Breaches & MFA & APIs 32:42 - One Step Better…   Links: Connect with our guest, Yoni Shohet: https://www.linkedin.com/in/yonishohet/ Check out Valence Security: https://www.valencesecurity.com Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

17 Heinä 202434min

Suosittua kategoriassa Koulutus

rss-murhan-anatomia
psykopodiaa-podcast
voi-hyvin-meditaatiot-2
rss-duodecim-lehti
aloita-meditaatio
jari-sarasvuo-podcast
rss-psykalab
psykologia
rss-vapaudu-voimaasi
adhd-podi
rss-narsisti
rss-niinku-asia-on
ihminen-tavattavissa-tommy-hellsten-instituutti
rss-liian-kuuma-peruna
aamukahvilla
kesken
rss-monarch-talk-with-alexandra-alexis
rss-koira-haudattuna
rss-anteeks-etukateen
tohtorin-vuoro