Hacker Valley Studio

Caitlin Sarian, known on TikTok as Cybersecurity Girl, comes to Hacker Valley to talk about the endless possibilities for cybersecurity on social media. Walking through her journey of becoming cyber’s biggest TikTok star, Caitlin covers every aspect of internet fame and online presence, including facing criticism, gaining and losing viewers, and trying to make an impact on women in STEM. Alongside her work on social media, Caitlin also walks through the development of her new online cybersecurity course.   Timecoded Guide: [00:00] Introducing Caitlin & her work on TikTok with Cybersecurity Girl [06:45] Building a cyber platform on TikTok & dealing with imposter syndrome [11:21] Keeping women in STEM, instead of just getting women into STEM fields [15:56] Dismissing the idea of the diversity hire in tech & cyber [24:43] Working with Girls Who Code & building her own low-cost cyber school   Sponsor Links: Thank you to our sponsors Axonius and Uptycs for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley   Uptycs, analytics for the modern attack surface, observability for the modern defender. Check out Uptycs by visiting them at uptycs.com   How do you feel about going viral, or not going viral, on TikTok?  Although social media, especially TikTok, relies on an algorithm to push content to different viewers, Caitlin admits that viral content creation is more about luck than about methods. Since becoming involved in TikTok as a cybersecurity influencer, Caitlin has developed tricks of her own to elevate her content and interact with her audience, including going live on the app. However, she still explains that going viral is still random, with lower quality quick content sometimes hitting a larger audience than her higher value creations.  “Videos that you spend the least time on get the most views and the videos that you spend the most time on, get the least views. I've stopped looking at the views and just started trying to produce content that either makes people smile, or adds value to people's lives.”   What is that value that you're getting from making cybersecurity content for TikTok?  While creating podcasts at Hacker Valley allows for Chris and Ron to give back to their community and meet incredible cybersecurity content creators, a similar idea guides Caitlin’s work on TikTok. Considering that content creation can sometimes feel thankless and frustrating, Caitlin motivates herself by focusing on the people she helps. Through making cybersecurity more accessible online, she hopes to inspire other women to get involved and stay involved in cyber, tech, and STEM fields. “It adds value to my life, knowing that I'm not just going day-by day-doing my job and that's it. I like bringing awareness and being that light for people that need it, especially in the tech world. I think for me, this is what I'm hoping for, I'm hoping to get more women in STEM.”   Can you tell us a little bit about your online cybersecurity school?  Caitlin isn’t only working on her cybersecurity platform on TikTok, she’s also expanding into online education with her course, Become a Cyber Analyst. Focusing on cybersecurity accessibility and affordable education, Caitlin’s course is a six-month boot camp that teaches students the ropes of the cyber industry. The best part? Students don’t pay until they’re employed in cyber, and Caitlin’s course guarantees a job within 3 months of graduation. “I partnered up with a school called Master School, and it's basically a six-month boot camp. And then, after the boot camp, we have HR specialists that help students get a job after. You don't have to pay for it until you get a job, and it's a lump sum.”   What is your perspective on the struggles women face breaking into cybersecurity and staying in tech careers? As a woman in cybersecurity, Caitlin has witnessed alarming levels of sexism in the industry and has seen fellow women experience tech burnout. With her content on TikTok and her new cybersecurity school, Caitlin hopes to solve the problem of not just inviting women into the cyber industry, but retaining female employees in cyber as well. Through supportive content creation and her own influence, she hopes other woman see that the possibilities in their careers are endless. “I think the issue that I always used to deal with is a lot of men think I got the job from just being a woman. That also goes to my imposter syndrome, because I'm like, ‘Maybe I did just get this job because I'm a woman and they want to work with me. Maybe I'm a diversity hire.’” --------------- Links: Keep up with our guest Caitlin/Cybersecurity Girl on TikTok and Instagram Learn more about Caitlin’s incredible Masterschool course, Become a Cyber Analyst Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

13 Sep 202229min

We’re joined again by the hacker’s hacker, Tommy DeVoss, aka dawgyg. Bug bounty hunter and reformed black hat, Tommy dives back into a great conversation with us about his journey in hacking and his advice to future red team offensive hackers. We cover everything we couldn’t get to from part 1 of our interview, including his struggles with burnout, his past hacking foreign countries on a bold quest to stop terrorism, and his future in Twitch streaming to teach you how to be a better bug bounty hunter. Timecoded Guide: [02:57] Fixating on hacking because of the endless possibilities and iterations to learn [09:54] Giving advice to the next generation of hackers [17:17] Contacting Tommy and keeping up with him on Twitter [21:43] Planning a Twitch course to teach hackers about bug bounties using real bugs and real-world examples  [24:57] Hacking in the early 2000s and understanding the freedom Tommy has to talk about any and all illegal hacking he’s done now that he’s gone to prison   Sponsor Links: Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life! Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone PlexTrac is pleased to offer an exclusivecRed Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!   Do you ever struggle with burnout when it comes to hacking? Hacking has maintained Tommy’s interest longer than anything else because of the constant changes in technology and the ever-evolving issues in the online world. However, just because hacking is his passion, doesn’t mean that burnout or frustration never happens. Currently, Tommy is taking more of a break with hacking, letting his current day job and his passion for gaming have a front seat. However, he’s still firmly in the industry, passionately developing learning opportunities for future hackers and answering questions from cyber professionals of all backgrounds. “I do get burned out sometimes…When it comes to bug bounty hunting, I try and make it so it averages out to where I make at least $1,000 an hour for my effort. It doesn't always work. Sometimes I'm more, sometimes I'm less, but I try and get it so it averages out to about that.”   What hacking advice would you give the younger version of yourself? Although his black hat ways resulted in prison time for Tommy, he doesn’t regret his past and instead seeks to teach others the lessons he’s learned. When we asked Tommy for advice for new hackers, he was clear that success is a longer journey than people assume it is. Tommy’s success was not a fluke, it took years of hands-on learning and patience with failures in order to develop his bug bounty skills. Nothing is actually automatic or easy with hacking, especially as the technology continues to change and evolve. Tommy wants hackers to take every opportunity to try out their skills, even if it's a complete failure. “Don't expect success overnight. Also, don't let failure discourage you. When it comes to hacking, you're going to fail significantly more than you're going to succeed. And the people that are successful in bug bounties are the ones that don't let those failures discourage them.”   What do you think about the “media obsessed” stereotype many people have about black hat hackers? Wrapping up today, Tommy tells us that he’d be happy to be back in the Hacker Valley Studio again some time. Although the stereotype of a black hat hacker wanting attention from the media is disproven, Tommy believes that he definitely has craved that media attention for a large majority of his hacking career. Starting in the early 2000s, after 9/11, Tommy had one of his first brushes with fame in an interview with CNN about hacking Middle Eastern companies. Although his hacking and his politics have changed since then, Tommy enjoys having in-depth conversations about hacking and explaining the intricacies of what he does. “We loved the attention back then, and I still love the attention now, it's nice. The good thing about now is, because I already got in trouble for everything that I've done, I've done my prison time, I don't have anything that I did illegally on the computer anymore that I can't talk about, because I've already paid my debt to society.”   What are the best ways for people to keep up with what you’re doing? Considering Tommy’s success, it’s understandable that a lot of cyber professionals and amateurs have tons of questions for him. When it comes to getting in contact with Tommy, he recommends tweeting him on Twitter publicly so that he can not only answer your question, but help others with the exact same questions. Education is key, and Tommy is so dedicated to teaching other hackers that he’s currently developing a recurring Twitch stream centered around helping others learn about bug bounty hunting. “I don't know how successful we're going to be in finding the bugs, but I think it'll be fun to teach people [on Twitch] and do it that way, so that they can actually spend some time learning it. The best way to actually learn this stuff is to actually try and do the hacking.” ----------- Links: Stay in touch with Thomas DeVoss on LinkedIn and Twitter. Check out the Bug Bounty Hunter website. Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter. Follow Ron Eddings on Twitter and LinkedIn Catch up with Chris Cochran on Twitter and LinkedIn Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord

8 Sep 202234min

Mari Reisberg, therapist, performer, creativity coach, and host of the Sustaining Creativity podcast, brings her many talents to Hacker Valley to help adults unlock their creativity and engage with their inner child. Tackling topics from artistic ruts to technical frameworks, Mari walks through the essentials of reconnecting with creativity and curiosity. Instead of limiting thoughts to the path of least resistance, Mari challenges her clients to get comfortable with the uncomfortable in creativity.   Timecoded Guide: [00:00] Sustaining creativity & coaching others on becoming curious [06:35] Defining creativity with new ideas & fresh innovations  [10:07] Climbing out of a creative rut & expanding your comfort zone [18:47] Unlocking different levels of creativity in everyday life [23:59] Tapping into creativity and unlocking childhood memories   Sponsor Links: Thank you to our sponsors Axonius and Uptycs for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution: uptycs.com.    What is creativity, in your opinion? There isn’t one way to define creativity, Mari explains, but instead a myriad of ways. Each person has their own individual relationship with the concept of creativity, but Mari considers creativity to be tied to the processes of coming up with new ideas and innovating on those ideas. Seeing life through a creative lens means that Mari isn’t afraid to try and fail, because everything she does expands her comfort zone and tests her curiosity.  “Creativity is one of those words where, if you asked 100 people, you’d get 100 different answers. For me, my definition of creativity really is around thinking of novel, new ideas. And then, the second piece of the creative process is that innovation process.”   What advice would you have for someone who is trying to find their way through a creative rut?  The human brain will always choose the path of least resistance. People like to feel safe and comfortable with everything they do, but Mari understands that creativity can only be practiced at the edge of someone’s comfort zone. With one foot in her comfort zone and one foot out of it, Mari has been able to escape her own creative ruts and make active decisions to try the everyday activities in her life with a different perspective.  “If my desire is to create something new, something different, and I'm continuing to do the same things and expecting a new result, it's not going to happen. How could you try something different every day?”    Are there different types of creativity, similar to there being different types of intelligence?  In Mari’s experience, there are two forms of creativity: big C creativity and little c creativity. While little c creativity is an everyday reality, big C creativity is much more performative, curious, and expressive. When someone says they aren’t creative, what they’re thinking of is this second form of creativity. The fact is that anyone can become big C creative, but it requires actively exploring and expanding the skills of creativity.  “The big C creativity is what everyone assumes is creativity; performing arts, creative arts, I'm doing something that I'm sharing with the world. The small c creativity is that every day creativity. It’s something new, something different.”   When it comes to wanting to build our creative muscles, what are some techniques or frameworks that we should be considering? Creativity is a practice, not a one-and-done deal. Mari explains that building creative muscles comes from repetition of creativity, such as trying something new everyday, challenging ourselves to think of something from an opposite point of view, and even daydreaming. Explore what would happen if something, even one small detail of an event, was different, and never limit yourself to the idea that you’re “just not creative.” “There’re opportunities to flex that creativity, but it's about continuing to do it. You can’t do it once and expect a miracle. You keep coming back to it, keep practicing, keep having new ways of trying something.”  --------------- Links: Keep up with Mari Reisberg at SustainingCreativity.com Check out Mari’s podcast, the Sustaining Creativity podcast Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

6 Sep 202229min

We’re joined by million-dollar hacker and bug bounty hunter, Thomas DeVoss, this week as we continue our season-long discussion of offensive cybersecurity legends. A legend in the making with a success story in bug bounty hunting that has to be heard to be believed, Tommy is an incredibly successful blach hat hacker-turned-bug bounty hunter, representing how misunderstood the hacking community can be and how positively impactful bug bounties can be. Who hacks the hackers? Look no further than Tommy DeVoss. Timecoded Guide: [02:59] Becoming interested in hacking for the first time  [08:26] Encountering unfriendly visits with the government and the FBI after his hacking skills progressed  [14:20] Seeking his first computer job after prison and leveraging his hacking skills [25:21] Discussing with Yahoo the possibility of working with them due to his successful bug boundaries [30:56] Giving honest advice to hackers looking to break into the bug bounty scene  Sponsor Links: Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life! Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone PlexTrac is pleased to offer an exclusive Red Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today! When did you get into hacking for the first time? At an early age, Thomas found his passion for hacking in an IRC chat room. Mentored by a man named Lewis and encouraged by fellow friends in the hacking world, popping shells and breaking into US systems using foreign IP addresses. Although Tommy became incredible at his craft from a young age, his early habits became serious black hat issues that ended up getting him in trouble with the US government. Just like the hacker in a big Hollywood blockbuster, the government caught up with Tommy and he faced 2 years in prison in his first sentence. “Instead of coming back to him and saying, "Hey, I'm done," I came back and I was actually asking him questions like, "Can you explain this?” And he saw that I was like, actually interested in this and I wasn't one of the people that was just expecting it to be handed to me and everything like that.”   After spending time in prison, were there barriers to getting involved in hacking again? After being in and out of prison a couple times, Tommy found the worst part of coming home to be his ban from touching any sort of device with internet access. Despite it being a part of his probation, his passion for tech continued to bring him back to computers and gaming. After his final stint in prison after being falsely suspected of returning to his black hat ways, the FBI lifted Tommy’s indefinite ban on computer usage and immediately renewed his passion for working in tech. “They had banned me indefinitely from touching a computer. So, when I came home on probation the first time, they upheld that and I still wasn't allowed to touch computers as part of my probation. For the first month or so, I didn't get on a computer when I came home from prison, but then it didn't take long before I got bored.”   How did your cyber career pivot to bug bounty hunting? With prison behind him and his ban on computers lifted, Tommy got a job working for a family friend in Richmond, Virginia for a modest salary of $30,000. Although this amount felt like a lot at the time, he quickly realized that there was money to be made in bug bounties. His first few experiments in attempting bug bounty programs had him earning $20,000 or $30,000 for hours of work, a huge increase from the salary he was currently making. Encountering success after success, Thomas quit his job in 2017 to become a full-time bug bounty hunter. “The first bug bounty program that jumped out at me was Yahoo. I had started hacking Yahoo in the mid 90s, I knew their systems in the 90s and early 2000s better than a lot of their system admins and stuff. And I figured, if there's any company that I should start out with, it should be them.”   What success have you seen since becoming a bug bounty hunter, especially with major corporations like Yahoo? Thomas has become a huge earner in the cybersecurity community, and has continued to see incredible results from his hacking and bug bounty projects. Most notably, after numerous high earning days, making up to $130K at once, with companies like Yahoo, he’s even been offered positions working with corporations he’s bug bountied for. However, Tommy is quick to point out that his success was definitely not overnight, and warns fellow hackers of getting too confident in their bug bounty abilities without the proper skill sets or amount of experience under their belts. “I think at this point, I've had days where I've made six-digit income in that single day, at least six or seven times. And it's almost always been from Yahoo.” ----------- Links:  Stay in touch with Thomas DeVoss on LinkedIn and Twitter. Check out the Bug Bounty Hunter website. Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter. Follow Ron Eddings on Twitter and LinkedIn Catch up with Chris Cochran on Twitter and LinkedIn Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord

1 Sep 202235min

Kyle Elliott, the Founder and Career Coach behind CaffeinatedKyle.com, joins the pod on his quest to transform boring job searches into something fabulous. Kyle specializes in helping job seekers, especially those in technology and cybersecurity, find jobs they love and express the value they bring to potential employers. Need to know the secret to acing your next tech job interview? Look no further than Caffeinated Kyle.   Timecoded Guide: [00:00] Finding your own definition of fabulous [06:06] Standing out in a tech job interview [12:19] Dealing with and learning from job rejection [16:41] Targeting your dream tech job & telling your career story [21:33] Breaking into technology the easy way and the hard way   Sponsor Links: Thank you to our sponsors Axonius and Uptycs for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution: uptycs.com.    From your perspective, what makes someone fabulous? Being “fabulous” can sound grandiose to most tech practitioners, but Kyle believes that everyone has the potential to be fabulous, especially when they’re forging their career path. There’s a lot of competition amongst large tech companies to find the employees that close skill gaps and stand out from the massive group of hungry job seekers. To be fabulous, one has to know how to stand out and what sets them apart.  “When I think of fabulousness, I think: What sets you apart from other people? I work with job seekers, so I think: What sets you apart from other job seekers or other applicants?”    When you look at standing out in a job interview, what are some of the key components that go into that? Many job seekers that Kyle works with have the skills, meet the position requirements, show up for the interview, and still struggle with getting a job in tech. While this can happen for a variety of reasons, Kyle explains that a simple mistake job hunters are making is regurgitating their resume without backing up their experience. A strong story about the experiences you had and the value you delivered makes you memorable and explains what you can provide. “When you're doing this, you want to think in the mind of a hiring manager. How have you added value to the organization? What sets you apart? I didn't just code, I didn't just have cross functional collaboration, here's the value to the organization and what sets me apart.”   How do you coach someone through being able to tell their story in an interview? Career storytelling skills separate a potential employee from a pack of qualified applicants. However, a lot of technical people aren’t known for their storytelling skills or knack for creativity. Instead, Kyle recommends his clients in tech and cyber practice their storytelling through a more familiar world of spreadsheets. Each spreadsheet helps job seekers break down the value they bring with their skills, so they can tell a story that connects their past experiences to their future position. “A lot of the people I work with in tech, they're amazing at their job, but they're just not used to practicing storytelling…It feels awkward. It feels different. It feels weird, because that's not something they’re used to.”   From your experience, what have been the easiest and hardest fields in technology to break into? In Kyle’s opinion, there isn’t one field of the tech industry that’s easier or harder to break into. Instead, breaking into the tech industry relies more on professional experiences, background, and skillset. If the leap to tech feels like too many transitions at once, Kyle recommends slowing down to one transition at a time and building each experience off of one another. Instead of hiding that this may be a new path for you, embrace your past when job searching and explain why a potential employer should hire someone transitioning into the tech world. “Everyone's like, ‘Kyle, how do I get a job in tech?’ I would start with your background, and I think that's gonna determine what's easiest or hardest for the person. What I always recommend is, try to make the least amount of transitions possible.”  --------------- Links: Keep up with Kyle Elliott on LinkedIn and the Caffeinated Kyle website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

30 Aug 202225min

John Hammond, Senior Security Researcher at Huntress Labs and self-described cybersecurity education enthusiast, joins us as we continue our discussion of red team legends. With a focus on content creation this week, John discusses his success with his YouTube channel, his passion for showcasing authentic and accessible educational materials online, and his advice for creating content safely and spreading awareness with not only a red team or blue team mindset, but with a purple team perspective. Timecode Guide: [01:37] Understanding the impact of content creators in the cybersecurity community, especially when it comes to YouTube educational content [06:58] Becoming a successful YouTube creator through consistently posting hacking content and ignoring the stereotype of “overnight success” [13:28] Combining his role as a cybersecurity educator with his security research at Huntress to explore exploits and have real life experience with what he teaches [16:47] Focusing on the blue side of the house as someone with red team experience, and understanding how to use a tool like PlexTrac to create a collaborative purple team [21:13] Being mindful of the impact he has through sharing this knowledge and understanding the risk of cybersecurity educational materials falling into “the wrong hands” Sponsor Links: Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley PlexTrac is pleased to offer an exclusive Red Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!   What is your origin story for wanting to educate other hackers? Like many of us, John started his journey Googling how to become a hacker. As he gained more knowledge about the specific skills involved in hacking, John never left the internet behind, always seeking out videos and articles explaining new and emerging content. Inspired by those who created that content in the first place, he started his own YouTube channel, simply titled John Hammond, as has spent years cultivating a consistent hacker audience. “Along the way, creating content and helping educate others through YouTube is really my main stage platform and has been just a passion project, a labor of love, and something fun along the way.”   What feelings do you get looking back on the YouTube content you’ve created so far? John prioritizes clarity, transparency, and honesty in what he does, and he’s not afraid to show some humbleness, too. Overall, John is thankful for his YouTube success and the impact it had on the cybersecurity community. No matter what he’s showing in his videos, he prefers to keep things honest, to show where he’s made mistakes, and to accept criticism and advice from other hackers and offensive cybersecurity professionals that see his work. “I'm showcasing just my computer screen, maybe you get a little face cam and a circle on the bottom right, but it's like you're looking over my shoulder. You're seeing me showcase something raw, live, genuine, and authentic…It’s not all sexy, there’s a lot of failure in hacking.”   Have you ever considered focusing on the blue team or the defensive side of cybersecurity? The majority of John's YouTube content and the work he does in his role at Huntress Labs heavily involves the red team and offensive side of cyber. However, John is a huge advocate for the blue team and the red team collaborating and communicating better. Through making more concepts in cybersecurity accessible through educational content like John’s own videos, he hopes we can continue to bridge the gap and achieve that perfectly mixed purple team. “We're all playing in concert. As one team sharpens their skills in the red team pen test, then it's up to the blue team to figure that out. What did they do? How can we better detect it? How can we stop and mitigate that security threat?”   What advice do you have for red team content creators that want to share content and spread awareness safely? With the impact that he’s had and the content he’s put out onto the internet, John is no stranger to seeing the negative side of cybersecurity knowledge being more accessible than ever before.   Still, he wants to make sure content creators understand the value of transparency and honesty in what they do. Instead of fearing what could be, cultivate a community around making this level of knowledge and security available to everyone. “Share, be transparent, be forthcoming. I know there are a lot of conversations about gatekeeping in cybersecurity, but there shouldn't be that. I understand there's grit and determination and hard work to do all the things that you're doing, but be friendly and be transparent and honest.” ---------- Links: Check out our guest, John Hammond, on YouTube and LinkedIn. Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter. Follow Ron Eddings on Twitter and LinkedIn. Catch up with Chris Cochran on Twitter and LinkedIn. Continue the conversation by joining our Discord.

25 Aug 202228min

Claire Gallagher, Designer and Solopreneur Strategist, comes to Hacker Valley to break down branding, visibility, and choosing solopreneurship over business ownership. Combining the terms solo and entrepreneur, solopreneurs are a different breed of business owner, and Claire has made it her mission to help them not make the same business mistakes she once made. Claire walks through the essentials of how her business caters to individuals looking to go it alone and how to make an impact while staying small.  Timecoded Guide: [00:00] Introducing the concept of solopreneurship [04:32] Shifting to business strategy to better serve a client base [09:19] Deciding alone as a solo entrepreneur [16:40] Pricing your work and validating your professional value [24:46] Making peace with looking silly as a business owner   Sponsor Links: Thank you to our sponsors Axonius and Uptycs for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley   With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution: uptycs.com.    Why did you choose to go down a path of catering to solopreneurs, versus working with enterprises or small and medium businesses? Claire has dabbled in building teams and working in larger businesses in the past, but her calling has always brought her back to a company of one. For solopreneurs, Claire explains, it’s not that they cannot afford hiring employees or scaling their business. Instead, a solopreneur’s focus is on the balance between work and life, along with the power and experience to make their own decisions about their business.  “I'm a loud introvert. I could talk all day, but essentially, I'm kind of introverted in secret. Generally, I like to work alone, to get into a creative flow, to not have anybody to answer to. This company of one, this solopreneurship, it suits my energy and my temperament.”   What are some of the pros and cons of going it alone as a solopreneur and keeping your business small?  There are pros and cons in business, no matter the size. Claire’s strongest pro for becoming a solo entrepreneur has been her ability to pivot without impacting anyone but herself. Pivoting towards strategy was a hard decision, but it was so much easier to make on her own. Unfortunately, making decisions on one’s own can also be a con of solopreneurship. Claire has seen clients have a lack of accountability in sticking with their decisions when they don’t have anyone working with them. “That's a pro, I was able to pivot without having to hire people, sack people, and really invest heavily in changing everything. That's a real plus, I could just pivot like that and it was a decision that I made, and I was responsible for it.”    At what point would you recommend a solopreneur, or content creator, to reach out to someone like you so they could shine in this digital world? Although solo entrepreneurs thrive in business on their own, it’s important to never go it alone. Claire advises that early stage solopreneurs consider the community around them and build their business with a healthy curiosity in books, online resources, and virtual communities of fellow entrepreneurs. As they progress through their business, Claire also recommends connecting with a coach or strategist, like herself, to go further faster and avoid careless mistakes. “Solopreneurs think, ‘I'm smart, I can figure this out.’ Yes, you can, but to go further faster, I think you need to work with a mentor or a coach or strategist. You're always going to get further faster by finding somebody who understands what you're trying to achieve.”   What are some of the tenants that you teach people about coming across as authentically as possible? Branding is a vital element of content creation and business ownership. However, the current world craves branding that comes across as authentic. Claire explains that authenticity comes from a willingness to make mistakes and put yourself out there, even if it feels or looks silly the first time. If a solopreneur is honestly trying to deliver value, that will show through any first-time awkwardness or silliness and still feel authentic to potential clients. “Starting before you feel ready is really the only way that you can start because you can't know everything until you've tried some stuff. Showing up and making mistakes and maybe seeming a little bit foolish at the start, take it. That's what's gonna happen.” --------------- Links: Keep up with Claire Gallagher on LinkedIn and at ClaireCreative.com Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

23 Aug 202230min

We’re joined by sponsor and guest Dan DeCloss, CEO and Founder of PlexTrac, on the podcast today to talk about communication and collaboration between the red and blue side of cybersecurity and why security success depends on those two sides working together. On their mission to build stronger, more productive, and well-rounded security teams, PlexTrac provides incredible and insightful metric and messaging tools that change the game for the cybersecurity industry. Timecoded Guide: [05:36] Understanding PlexTrac’s history and mission for cybersecurity teams [09:58] Lack of empathy and understanding in red team and blue team communication [18:48] Breaking through the resentment and confusion within a team [24:45] Envisioning the future of PlexTrac’s community impact [27:52] Caring about your cybersecurity mission beyond yourself Sponsors: Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life! Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone PlexTrac is pleased to offer an exclusive Red Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today! What is the function of PlexTrac that would help you the most as a pen tester? With prior hands-on experience on the red side, Dan found his journey to creating PlexTrac to be full of moments where he wanted to fix the same problems he encountered over and over with reporting and communicating. One of these problems was solved easily with the addition of a video feature, a simple function that has existed since PlexTrac first began but is instrumental and is a huge time-saver for visual learners. “As a pen tester, I hated finding that I had 20-odd screenshots if it's a pretty complex exploit. I think the adage for us is like, if a picture's worth 1,000 words, then a video is worth 1,000 pictures, right?” What do you think are some of the gaps in skills that organizations face when hiring these professionals to perform offensive operations? Communication is key— not just in life, but in this episode. While we’ve discussed skills gaps previously in cybersecurity, Dan is quick to point out that a consistent gap he sees in all areas of cybersecurity is effective communication. PlexTrac keeps this struggle to communicate in mind and creates easy, simple pathways and functions that encourage communication and facilitate collaborative problem solving. “If there's one area that I really emphasize with anybody that I'm mentoring or have hired in the past is, as a security person, whether you're red or blue, you really do need to be a good communicator and be able to communicate risk effectively within the right context.”   What would you want to say to those folks that don't see eye-to-eye from the red or the blue side?   We’re fighting the same fight, no matter if we’re on the red side or the blue side of cybersecurity. Dan’s message for our warring red and blue teams throughout the industry is to understand the importance of your mission and to not let relationships between red and blue feel clouded with misunderstanding or resentment. No one’s job is harder than anyone else’s, and each role on offensive and defensive plays a part in our collective victory. “I'm gonna just be point blank about it…Are you trying to just prove a point about your knowledge and your skills? Or, are you actually trying to make the world a safer place?”   What would you want to say to all those folks out there [in cybersecurity]? As PlexTrac aims to make a huge impact on our community, Dan and his team acknowledge a need for a unified, focused, and collaborative cybersecurity industry, with hard workers on both the red and blue sides. With PlexTrac’s assistance in making reports, measurable results, and communication that much easier, our team at Hacker Valley is thankful to be a part of PlexTrac’s amazing network and can’t wait to share more tools like this with all of you. “I think keep fighting the good fight, for both sides, and recognizing that your mission is vital to the safety and security of your organization and the world at large, right? We are all in this battle together.” ---------- Links:   Spend some time with our guest, Dan DeCloss, on LinkedIn, and the PlexTrac website Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter. Follow Ron Eddings on Twitter and LinkedIn Catch up with Chris Cochran on Twitter and LinkedIn

18 Aug 202235min