7MS #326: Interview with Ryan Manship and Dave Dobrotka
7 Minute Security6 Syys 2018

7MS #326: Interview with Ryan Manship and Dave Dobrotka

Today's episode is brought to you by my friends at Dashlane, a fantastic password manager for you, your family and your business! Head to www.dashlane.com/7ms and use the code 7MS for 10% off a year of Dashlane Premium!

Today I'm super pumped to be joined by Ryan Manship of RedTeam Security and Dave Dobrotka of United HealthGroup. Both these guys lead red teams for a living and had a lot of great insight to share as it relates to:

  • The definition of "red teaming" and where it overlaps, if at all, with pentesting
  • Successfully running red team campaigns
  • Defending against a red team campaign
  • How to climb unclimbable walls
  • Is antivirus any good at stopping attackers?
  • The importance of 2FA and training your end-users
  • How to fool the "This email originated outside your organization" email banners
  • How to break into red teaming as a career
  • How to successfully break into a casino (or not)

Other links and things mentioned in today's show:

  • RedTeam Security's awesome YouTube video on breaking into the US power grid

  • If you're a red teamer and in the Twin Cities area (or willing to drive a bit), you definitely want to sign up for ArcticCon coming up on October 23-24 at the Optum World Headquarters. Head to the link and sign up - if there are seats left!

Once you listen to today's episode, please let me know if you'd like Ryan and Dave to come back for another interview. We were thinking it would be a blast to talk about the details of planning a red team engagement!

Jaksot(710)

7MS #686: Our New Pentest Training Course is Almost Ready

7MS #686: Our New Pentest Training Course is Almost Ready

Oh man, I'm so excited I can hardly sleep. Our new three-day (4 hours per day) training is getting closer to general release. I talk about the good/bad/ugly of putting together an attack-sensitive lab...

1 Elo 202523min

7MS #685: The Time My Neighbor Almost Got Scammed Out of $13K

7MS #685: The Time My Neighbor Almost Got Scammed Out of $13K

Today's kind of a "story time with your friend Brian" episode: a tale of how my neighbor almost got scammed out of $13k. The story has a lot of red flags we can all keep in mind to keep ourselves (as...

25 Heinä 202522min

7MS #684: Pwning Ninja Hacker Academy

7MS #684: Pwning Ninja Hacker Academy

Hey friends, today we start pwning Ninja Hacker Academy – cool CTF-style lab that has you start with no cred and try to conquer domain admin on two domains!

18 Heinä 202522min

7MS #683: What I'm Working on This Week - Part 4

7MS #683: What I'm Working on This Week - Part 4

This week I'm working on a mixed bag of fun security and marketing things: A pentest I'm stuck on My latest lab CTF obsession: Ninja Hacker Academy A cool "about 7MinSec" marketing video that was rec...

12 Heinä 202530min

7MS #682: Securing Your Family During and After a Disaster – Part 7

7MS #682: Securing Your Family During and After a Disaster – Part 7

Today's episode is a downer! We talk about things you might want to have buttoned up for when you are eventually not alive anymore: Living will Buried vs. cremated? Funeral plans Funeral PHOTOS? I a...

4 Heinä 202530min

7MS #681: Pentesting GOAD – Part 3

7MS #681: Pentesting GOAD – Part 3

Today Joe "The Machine" Skeen and I pwn the third and final realm in the world of GOAD (Game of Active Directory): essos.local! The way we go about it is to do a WinRM connection to our previously-pw...

27 Kesä 202518min

7MS #680: Tips for a Better Purple Team Experience

7MS #680: Tips for a Better Purple Team Experience

Today I share some tips on creating a better purple team experience for your customers, including: Setting up communication channels and cadence Giving a heads-up on highs/criticals during testing (n...

20 Kesä 202526min

7MS #679: Tales of Pentest Pwnage – Part 73

7MS #679: Tales of Pentest Pwnage – Part 73

In today's tale of pentest pwnage I talk about a cool ADCS ESC3 attack – which I also did live on this week's Tuesday TOOLSday. I also talk about Exegol's licensing plans (and how it might break your...

13 Kesä 202530min

Suosittua kategoriassa Politiikka ja uutiset

aikalisa
rss-ootsa-kuullut-tasta
tervo-halme
ootsa-kuullut-tasta-2
politiikan-puskaradio
viisupodi
rss-podme-livebox
otetaan-yhdet
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
rss-asiastudio
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
rss-tekkipodi
io-techin-tekniikkapodcast
linda-maria
the-ulkopolitist
rss-polikulaari-humanisti-vastaa-ja-muut-ts-podcastit
rss-kaikki-uusiksi
rss-hyvaa-huomenta-bryssel
rss-merja-mahkan-rahat