How Do Ransomware Gangs Work?

Summary:

In this episode of Exploring Information Security, we dive deep into the dark, complex world of ransomware gangs with returning guest Kyle Andrus. Drawing on leaked chat logs, real-world cases, and extensive incident response experience, Kyle helps us understand the internal operations, motivations, and evolution of these cybercriminal organizations.

We explore how ransomware gangs are structured like modern corporations—with developers, access brokers, negotiators, HR, and even customer support. Kyle also shares insights into how these gangs are adapting to legal pressure, sanctions, and the cybersecurity community’s defensive advancements.

Topics covered:

  • The organizational structure of ransomware gangs

  • Ransomware-as-a-Service (RaaS) models and profit sharing

  • Affiliate programs, access brokers, and laundering tactics

  • The impact of geopolitics on ransomware operations

  • Creative pressure tactics, including triple extortion and SEC complaints

  • The role of insider threats and chat log leaks (e.g., Conti)

  • Use of AI by defenders and attackers

  • The evolving response of law enforcement and regulation

Support the Podcast:

Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn][YouTube]

How do ransomware gangs work?
Kyle Andrus


Offensive Tools for Pentesters with Chris Traynor

Summary:

In this episode of Exploring Information Security, Tim chats with Chris Traynor of Black Hills Information Security (BHIS) and Ridgeback InfoSec. Chris is a seasoned penetration tester and educator who’s been developing hands-on training that’s grounded in real-world experience. He shares the origins of his “Offensive Tooling” classes, what makes a great pentest report, and how he balances teaching with travel, work, and family life.

Chris breaks down the tooling that matters, how he approaches infrastructure setup for operators, and why he emphasizes actionable reporting. He also talks about the importance of open-source tooling, customizing workflows, and automating the tedious parts of testing. Whether you're just getting into offensive security or are a veteran red teamer, this episode offers insights and practical takeaways.

Topics discussed:

  • The importance of hands-on offensive tooling training

  • How to write reports that are actually useful to dev and ops teams

  • Why pentesters need infrastructure knowledge

  • Open-source tools, custom scripts, and automation

  • The challenges and wins of presenting at BSides and beyond

  • Avoiding burnout while building community and sharing knowledge

Learn more about Chris’ upcoming training opportunities:

Social

Upcoming Events

 - Past ones...

ETHOS LAbs Links and Resources:

ETHOS LABS Website

Connect with Tim Folwer on Linkedin

Support the Podcast:

Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn][YouTube]

Offensive Tools for Pentesters
Chris Traynor


Hands-On Hacking with James Gillkey

Summary:

In this episode of Exploring Information Security, host Tim De Block sits down with James Gillkey to discuss hands-on hacking training at ShowMeCon. James is revamping a long-standing pentesting training course to bring modern techniques, updated tools, and a focus on efficiency to security professionals. He shares insights into building effective training labs, leveraging Python virtual environments, and incorporating real-world offensive security methodologies into a structured learning experience.

Topics Discussed

  • The evolution of hands-on hacking training and its history

  • Setting up virtualized pentesting environments with Python and GitHub tools

  • Common mistakes in pentesting and how to avoid them

  • The balance between red team engagements and SOC awareness

  • The importance of password cracking, enumeration, and network recon

  • How cloud security assessments differ from traditional network pentesting

  • The role of AI in pentesting and whether it’s a useful tool or a shortcut

  • ShowMeCon’s Fallout-themed hacking lab and what to expect in the training

Key Takeaways

  • Hands-on experience is crucial. The best way to learn pentesting is by doing it.

  • Virtualized environments simplify tool management and prevent conflicts.

  • AI is an emerging tool in pentesting, but it doesn’t replace fundamental knowledge.

  • Cloud security requires a different mindset due to its unique challenges and toolsets.

  • Communication with SOC teams is essential to avoid unnecessary panic during testing.

  • Efficiency matters. The goal of the training is to give students actionable skills they can use immediately.

Further Resources

Use the promo code “ExploringSec” to get $50 off your registration

Showmecon Links and Resources:

Support the Podcast:

Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn][YouTube]

Hands on Hacking
James Gilkey


Breaking Bad Code with Kevin Johnson

Summary:

In this episode of Exploring Information Security, host Timothy De Block welcomes Kevin Johnson, founder of Secure Ideas, to discuss web application penetration testing, API security, and hands-on security training. Kevin shares insights on why pentesters need to understand business risk, how API security is often misunderstood, and what participants can expect from his Breaking Bad Code workshop at ShowMeCon. He also reflects on the state of security talks at conferences, the importance of interactive learning, and Secure Ideas’ 15-year journey in the industry.

Topics Discussed:

  • Web Application Security Challenges – Why automated tools alone aren’t enough, and how attackers think differently.

  • API Security & Misconceptions – How APIs change attack surfaces and why developers often overlook key security flaws.

  • Breaking Bad Code Training at ShowMeCon – What attendees will learn and why hands-on hacking beats passive lectures.

  • Security Talks vs. Vendor Pitches – The problem with sales-driven conference talks and why real education matters.

  • The Evolution of Secure Ideas – Celebrating 15 years in business, plus challenge coins and community growth.

  • Fun Side Tangents – Muppets, hacking culture, and why Wacka Hack is the talk you don’t want to miss at ShowMeCon.

Key Takeaways:

  • Effective pentesting goes beyond tools—it’s about understanding the purpose and risk of an application.

  • API security isn’t a separate discipline—it requires a shift in attacker mindset.

  • Hands-on training is the best way to learn—expect to actively hack at the Breaking Bad Code workshop.

  • Security conference talks should educate, not sell—vendor-heavy presentations fail to engage the audience.

  • ShowMeCon is an invaluable event for anyone interested in offensive security and application security.

Guest Info:

  • Kevin Johnson – Founder & CEO of Secure Ideas, security consultant, trainer, and conference speaker.

Links and Resources:

Use the promo code “ExploringSec” to get $50 off your registration

Showmecon Links and Resources:

Support the Podcast:

Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn][YouTube]

Breaking Bad Code
Kevin Johnson


ShowMeCon and Security Perspectives with Amanda Berlin

Summary:

Use the promo code “ExploringSec” to get $50 off your registration

In this episode of Exploring Information Security, host Timothy De Block welcomes Amanda Berlin, CEO of Mental Health Hackers & Senior Product Manager at Blumira, to discuss her experiences in security product development, incident detection, and the challenges of balancing security with usability. They explore the limitations of pentest reports, the practicality of security automation, and the psychology behind effective security awareness training. Amanda also shares insights on how small businesses can implement security without breaking the bank and what to expect from ShowMeCon.

Topics Discussed:

  • Amanda’s Keynote at ShowMeCon – How she ended up speaking and why Dave’s method of picking speakers is unconventional.

  • Security Automation vs. Usability – Why some industries can implement auto-lockouts, while others (like hospitals) cannot.

  • The Problem with Pentest Reports – Why they often contain unrealistic security expectations that don’t translate to real-world environments.

  • Getting Buy-In for Security Solutions – How to understand what organizations actually need instead of pushing the latest security trend.

  • The Role of Nudge Theory in Awareness Training – Why small, repeated reinforcements can be more effective than long training videos.

  • Security for Small Businesses – Strategies for implementing security on a limited budget and making defenses practical.

  • Side Tangents & Fun Conversations – Crossword puzzles, Wordle streaks, and the absurdity of marketing budgets in cybersecurity.

Key Takeaways:

  • Security needs to be tailored to the environment—automation can improve security, but in some cases, it can create more risks.

  • Pentest reports often miss the mark by listing detected issues without considering operational feasibility.

  • Security awareness is most effective when it’s continuous and engaging, rather than a one-time annual training.

  • Listening to users is critical—security teams must balance technical controls with usability needs.

  • ShowMeCon continues to be a top-tier conference for hands-on security learning and industry networking.

Showmecon Links and Resources:

Support the Podcast:

Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn][YouTube]

ShowMeCon and Security Perspectives with Amanda Berlin
Amanda Berlin


How to Participate in a CTF

Summary:

In this episode of Exploring Information Security, host Timothy De Block sits down with James Pope, Vince Stoffer, and Blake Cahen from Corelight to discuss Capture The Flag (CTF) competitions and how they can be an invaluable learning tool for security professionals. Whether you're new to CTFs or a seasoned competitor, this episode covers everything from getting started to advanced strategies. The conversation dives into network-based CTFs, the skills required, and how Corelight’s own CTF events offer hands-on experience in network forensics.

Topics Discussed:

  • What is a CTF? Understanding how security CTF competitions work and what skills they test.

  • Getting Started with CTFs: Tips for beginners, from choosing the right event to practicing with the right tools.

  • Network Forensics and Security Analysis: How network-based CTFs differ from other styles and what data sources are most valuable.

  • Common Pitfalls and Mistakes: Strategies to avoid overthinking problems and making costly errors during competitions.

  • AI and the Evolution of CTFs: How AI is impacting CTF challenges and whether it’s changing how competitions are designed.

Guest Info:

  • James Pope – Director of Technical Marketing & Enablement at Corelight and experienced CTF organizer.

  • Vince Stoffer – Field CTO at Corelight, with a background in network security and incident response.

  • Blake Cahen – Security expert with experience in offensive cyber operations and threat hunting.

Links and Resources:

Support the Podcast:

Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn][YouTube]

How to Participate in a CTF
Corelight


Real World Windows Forensics and Incident Response with JC at ShowMeCon 2025

Summary:

In this episode of Exploring Information Security, host Timothy De Block sits down with JC, President at Snowfensive, to discuss Windows forensics, incident response, and the upcoming training session at ShowMeCon. JC shares insights on real-world forensic investigations, common challenges organizations face in responding to incidents, and how forensic methodology plays a critical role in cybersecurity operations. This episode is packed with valuable information for security professionals, IT admins, and anyone interested in digital forensics.

Showmecon Links and Resources:

Topics Discussed:

  • ShowMeCon Training Session: What attendees can expect from JC’s Windows forensics course.

  • The Reality of Incident Response: The distinction between forensic analysis and incident response and how they complement each other.

  • Ransomware Trends: The evolution from encryption-based ransomware to data extortion and the impact on organizations.

  • Real-World Forensic Cases: Examples of forensic investigations, including rapid containment strategies and detecting data exfiltration.

  • Critical Thinking in Forensics: How forensic methodology is akin to detective work, and why troubleshooting skills are essential.

  • Challenges in Reporting: Why documenting forensic findings properly is just as important as the investigation itself.

Key Takeaways:

  • Organizations are improving at responding to ransomware but still struggle with preventing data exfiltration.

  • Understanding Windows forensic artifacts is crucial for both security teams and IT administrators.

  • Effective forensic investigations require both technical expertise and strong reporting practices.

  • Training and tabletop exercises are essential for preparing organizations to handle real-world incidents.

Guest Info:

  • JC is a cybersecurity expert specializing in Windows forensics, incident response, and offensive security services. He is the President of Snowfensive and Co-Founder of the Social Engineering Community.

Support the Podcast:

Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn][YouTube]

Real World Windows Forensics and Incident Response at ShowMeCon 2025
JC


ShowMeCon: A Must-Attend Conference for Cybersecurity Pros

Summary:

In this episode of Exploring Information Security, host Timothy De Block sits down with Dave Chronister and Brooke Deneen to discuss ShowMeCon, the Midwest’s premier security conferences. Dave shares the vision behind ShowMeCon, how it stands apart from other security events, and what attendees can expect from the 2025 edition. Brooke provides insights into the logistics of running the conference and the community-driven experience that makes it special. Whether you're a seasoned security professional or new to the space, this episode highlights why ShowMeCon is a must-attend event.

Use ExploringSec to get $50 off.

Showmecon Links and Resources:

Topics Discussed:

  • The Origin of ShowMeCon: How the conference came to be and its unique place in the cybersecurity event landscape.

  • Balancing Corporate and Hacker Culture: Creating a professional yet welcoming environment that bridges the gap between security research and IT professionals.

  • Venue and Experience: Why the Ameristar Casino in St. Louis is an ideal location and what makes the event an immersive experience.

  • Speaker and Attendee Engagement: The focus on quality content, hands-on learning, and ensuring speakers are passionate and approachable.

  • Expanding to New Cities: Plans to bring the ShowMeCon model to new locations like Nashville and beyond.

  • ShowMeCon 2025 Highlights: The return of pre-conference training, CTFs, lockpicking villages, and an exciting Fallout-themed experience.

  • Building a Security Community: Encouraging new speakers, creating a welcoming space, and fostering professional development.

Key Takeaways:

  • ShowMeCon is designed for practical security education, offering content relevant to both IT and security professionals.

  • The conference prides itself on being a well-run, high-quality event where speakers and attendees engage meaningfully.

  • Training opportunities and community events, such as CTFs and lockpicking villages, enhance the overall experience.

  • ShowMeCon’s future includes expansion to other cities and continued efforts to foster an inclusive and passionate security community.

Guest Info:

  • Dave Chronister is the founder of ShowMeCon and a cybersecurity professional with over 18 years of experience in the industry.

  • Brooke Deneen plays a key role in organizing ShowMeCon and ensuring the event runs smoothly.

Support the Podcast:

Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and cybersecurity events.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn][YouTube]

ShowMeCon: A Must-Attend Conference for Cybersecurity Pros
With Dave Chronister and Brooke Deneen


Enhancing Online Privacy with Anonyome Labs

Summary:

In this episode of Exploring Information Security, host Timothy De Block sits down with Dr. Paul Ashley, privacy expert and leader at Anonyome Labs, to discuss how individuals and organizations can take control of their digital privacy. They explore the growing need for online anonymity, the benefits of using pseudonymous identities, and the challenges posed by modern surveillance and data collection practices. Dr. Ashley provides insights into privacy-enhancing technologies and practical strategies for safeguarding personal information online.

Topics Discussed:

  • The Origin of Anonyomy Labs: How a team of enterprise security professionals created solutions to bring corporate-grade privacy to everyday users.

  • The Concept of Pseudonymous Identities: How services like MySudo allow users to compartmentalize their digital presence and limit personal data exposure.

  • Privacy for Everyday Users vs. High-Risk Individuals: Use cases ranging from avoiding spam to secure communications for journalists and whistleblowers.

  • Virtual Credit Cards and Secure Transactions: Reducing financial risk when shopping online and protecting personal banking details.

  • Privacy Challenges in Social Media and Online Accounts: How users can limit tracking, reduce unwanted exposure, and navigate social media restrictions.

  • Decentralized Identity and the Future of Online Authentication: The emerging shift from centralized logins to self-sovereign identity management.

  • Practical Steps to Improve Privacy: Simple actions users can take to start protecting their online presence today.

Key Takeaways:

  • Personal privacy requires active management—tools like MySudo help compartmentalize information to reduce exposure.

  • Using pseudonyms, temporary email addresses, and virtual credit cards can help protect against identity theft and financial fraud.

  • Social media platforms attempt to correlate identities, making it essential to separate accounts and use different networks.

  • Enterprises can also benefit from privacy-focused solutions to ensure secure communication and limit data leaks.

  • The move toward decentralized identity will reshape online authentication, offering greater control to individuals.

Guest Info:

Dr. Paul Ashley is a privacy advocate and security expert at Anonyomy Labs, working to develop privacy-focused technologies that empower individuals and organizations. You can learn more about Anonyomy Labs and their privacy solutions at Anonyome Labs.

Links and Resources:

Support the Podcast:

Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and cybersecurity events.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn][YouTube]

Enhancing Online Privacy with Anonyome Labs
Dr. Paul Ashley


Navigating the Cybersecurity Job Market in 2025

Summary:

In this episode of Exploring Information Security, Timothy De Block welcomes Erin Barry, a recruiter with nearly a decade of experience specializing in software development and security roles. Erin shares her insights into the current job market landscape, recruitment trends, and the evolving expectations for candidates in tech and security sectors. Whether you're a job seeker or an employer, this episode is packed with valuable takeaways on hiring practices, remote work dynamics, and the impact of AI on recruitment.

Topics Discussed:

  • The Current Job Market: Erin discusses the heightened competition for roles, the evolving expectations from employers, and why remote work is no longer the standard but a perk.

  • Recruitment in Tech and Security: Insights into hiring for startups, the rise of AI-focused roles, and how companies are adapting to the rapid evolution of technology.

  • AI in Recruitment: Erin and Timothy talk about the misuse of AI in interviews, the challenges of identifying true expertise in AI, and tools being developed to combat deep fakes in recruitment.

  • Job Seeker Tips: Erin offers actionable advice for candidates, including the importance of researching companies, maintaining an online presence (e.g., GitHub, blogs), and avoiding AI during interviews.

  • Hiring Trends: Erin highlights the demand for roles in product and application security, blockchain, and AI, and shares her observations on the types of candidates employers are seeking in these fields.

Key Takeaways:

  • Startups are increasingly adopting hybrid work models with occasional in-person collaboration.

  • Companies are becoming pickier in hiring and extending interview processes to ensure the right fit.

  • Candidates claiming expertise in AI and blockchain are often scrutinized for authenticity.

  • Remote roles are becoming more competitive and limited, with a preference for local or hybrid arrangements.

  • Job seekers should invest in building an online portfolio, such as maintaining a GitHub page or personal blog, to stand out.

Guest Info:

Erin Barry is a seasoned recruiter at Code Red Partners with extensive experience placing candidates in cutting-edge tech roles. She specializes in the software development lifecycle and security positions, working primarily with startups in San Francisco, Seattle, and beyond. You can follow Erin on LinkedIn for the latest job opportunities and industry insights: Erin Barry's LinkedIn.

Links and Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn][YouTube]

Navigating the Cybersecurity Job Market in 2025
Erin Barry


Brian Dye on Network Detection and Response (NDR) with Corelight

Summary:

In this episode of Exploring Information Security, host Timothy De Block sits down with Brian Dye from Corelight to discuss the evolution of cybersecurity, the importance of Network Detection and Response (NDR), and the challenges modern organizations face with securing their networks. Brian shares valuable insights into how Corelight leverages open-source technologies and data to provide advanced threat detection and forensics.

Key Topics Covered:

  • The Evolution of Corelight
    Brian discusses the history of Corelight, the transition from the open-source project Zeek (formerly Bro) to the Corelight company, and the importance of supporting the open-source community. He also touches on how the company has grown as cybersecurity needs have evolved.

  • Network Detection and Response (NDR)
    Corelight's NDR solutions help organizations detect advanced threats that bypass traditional security controls like firewalls and EDR. Brian explains the differences between EDR and NDR, and why both are essential for a comprehensive cybersecurity strategy.

  • AI and Machine Learning in Security
    Brian dives into how Corelight has embraced AI and machine learning, particularly with generative AI (GenAI), to improve threat detection and response capabilities. He shares examples of how organizations are using GenAI to automate security workflows and accelerate alert investigations.

  • The Changing Threat Landscape
    Brian talks about how attackers are evolving their tactics, moving away from malware-based attacks to techniques like "living off the land" (LoL) to avoid detection. He discusses the importance of understanding these advanced attack methods and how NDR tools help provide the data needed to investigate and respond.

  • Real-World Success Stories
    Brian shares examples of how Corelight has helped organizations respond to cyber threats, including a ransomware attack scenario where Corelight's tools provided the necessary data to help the victim organization make informed decisions about whether to pay a ransom.

  • The Future of Network Security
    Looking ahead, Brian outlines the future of Corelight and its focus on expanding its data capabilities to enable more advanced detections. He highlights the importance of data as a foundational element for security and how Corelight plans to continue innovating in the NDR space.

Guest Bio:

Brian Dye is the Chief Product Officer at Corelight, a leading provider of Network Detection and Response (NDR) solutions. With years of experience in cybersecurity, Brian is dedicated to helping organizations defend against advanced threats using open-source tools and innovative technology.

Links and Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]

What is Network Detection and Response (NDR) with Corelight
Brian Dye


Solving Compliance Complexity with risk3sixty

Summary:

In this episode of Exploring Information Security, host Timothy De Block is joined by Christian Hyatt, CEO of risk3sixty, a company that specializes in helping businesses with security and compliance. Christian shares his thoughts on how organizations are dealing with the increasing complexity of compliance programs, third-party risks, and the role of offensive security in bridging the gap between compliance and risk management.

Key Topics Covered

  • What is risk3sixty and the Problem it Solves?
    Christian discusses how risk3sixty helps organizations streamline and harmonize complex security and compliance programs, providing significant cost savings and efficiency.

  • The Importance of GRC Transformation
    Christian explains the role of Governance, Risk, and Compliance (GRC) transformations in helping businesses manage multiple frameworks, such as ISO, SOC 2, and NIST.

  • Offensive Security and Compliance
    How risk3sixty integrates offensive security services like red team engagements and continuous pen testing with a focus on both compliance and true risk management.

  • The Evolution of Security and Compliance
    The challenges and opportunities in integrating security directly into the development lifecycle, and how risk3sixty is positioning itself to lead the way in managing third-party risks.

  • AI and the Future of Compliance
    Christian’s perspective on how AI is impacting compliance roles and what it means for the future of security and risk management.

Highlights

  • risk3sixty’s Full Circle GRC platform streamlines compliance management, helping businesses save time and reduce costs.

  • The increasing need for businesses to manage third-party risks as part of their cybersecurity strategy.

  • How risk3sixty is adapting to the changing cybersecurity landscape, especially in highly regulated industries.

Guest Bio

Christian Hyatt is the CEO of risk3sixty, a leading provider of security and compliance services. With years of experience in helping businesses navigate complex GRC challenges, Christian is passionate about making security more efficient and accessible to organizations of all sizes.

Links and Resources

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]

Solving Compliance Complexity with risk3sixty
Christian Hyatt


Hacking Space Systems: Inside Tempest with Tim Fowler

Summary:

In this episode, host Timothy De Block sits down with Tim Fowler, the creator of Tempest, a hands-on educational project focused on space cybersecurity. Tim shares the story behind the development of Tempest, a 1U CubeSat designed for teaching and exploring cybersecurity in space systems. With insights from his background in space cyber, Tim explains how Tempest offers a unique, vulnerable, and modular platform for learning, hacking, and improving space security.

Key Topics Covered:

  • What is Tempest?
    Tim introduces Tempest, a one-unit CubeSat built for educational purposes, focusing on the cybersecurity aspects of space systems. He explains how CubeSats are small satellites with low cost and accessibility but often lack a focus on security.

  • Design and Development of Tempest
    Tim talks about his 18-month journey developing Tempest, a project that started as an educational tool for his class on space cybersecurity. The CubeSat is intentionally vulnerable, offering students a chance to explore hacking and security concepts in space systems.

  • Tempest as a Teaching Aid
    Tempest is designed to be hands-on, giving students real-world exposure to the challenges and opportunities in securing space systems. The first version of Tempest debuted at Wild West HackingFest, and Tim discusses how he plans to scale and release the hardware for public use.

  • Challenges and Learning Through Failure
    Tim shares some humorous and insightful moments from teaching with Tempest, including a broadcast storm in the classroom caused by satellites "talking" to each other. He reflects on the importance of troubleshooting and learning through failure, both as a developer and instructor.

  • Upcoming Plans for Tempest
    Tim outlines his goals for 2025, including releasing Tempest hardware for public consumption and expanding the educational content around space cybersecurity. He also hints at adding AI capabilities to the CubeSat for future applications like missile detection or weather observation.

Guest Bio:

Tim Fowler is a space cybersecurity expert and creator of Tempest, a unique educational tool designed to teach security in space systems. With years of experience in both the defense and cybersecurity sectors, Tim is passionate about making space systems more secure and accessible for hands-on learning.

Links and Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]

Hacking Space Systems: Inside Tempest
Tim Fowler


2024 in Review and What's Next in 2025

Summary:

In this solo episode, Timothy De Block takes a step back to reflect on the journey of Exploring Information Security in 2024 and look ahead to what's coming in 2025. Timothy shares insights into the podcast's growth, highlights from the past year, and the direction for the future, including new initiatives and exciting changes.

Key Topics Covered:

  • Podcast Growth and Feedback
    Timothy discusses the steady growth of the podcast, with the introduction of new platforms like Spotify and Amazon Podcasts, and a significant expansion into YouTube. He emphasizes the importance of feedback and encourages listeners to connect and rate the podcast.

  • The Podcast’s Focus and Vision
    Reflecting on the podcast's evolution, Timothy talks about how the content has expanded beyond traditional technical topics to cover security awareness, human behavior, and broader cybersecurity challenges. He also mentions the plan to increase blog posts and share security awareness content for listeners to use within their own companies.

  • Live Podcasting and Future Engagement
    Timothy highlights the success of the live podcast with the ILF crew and shares plans for more live sessions, with opportunities for audience interaction and sponsor exposure. He expresses his excitement to continue experimenting with live recordings and expanding the podcast’s reach.

  • Vendor Insights and Sponsored Content
    Discussing the rise in vendor interest, Timothy talks about how the podcast will feature discussions with vendors about the problems they solve in the cybersecurity space. He shares his commitment to providing meaningful content and avoiding any “sales pitch” style conversations, ensuring that vendor content is both educational and valuable to listeners.

  • ShowMe Con and Networking Opportunities
    Timothy promotes ShowMe Con, a conference where he will be speaking and attending. He shares how it offers a unique mix of hacker and business vibes, and he encourages listeners to participate in the conference or attend as speakers for valuable exposure and networking.

  • Plans for 2025
    Looking to the future, Timothy discusses his goals for 2025, including more live podcasting, increased blog content, and deeper engagement with the audience. He also shares his excitement for upcoming content, including vendor conversations and security awareness-focused material.

  • Personal Reflections and Motivations
    Timothy closes with a personal note, reflecting on his 23 years in IT and his growth in the security field. He talks about his passion for teaching and mentoring, particularly in the realm of security awareness. He also humorously discusses his New Year’s resolution to take January off from drinking, highlighting his commitment to personal growth.

Links and Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn][YouTube]

Reflecting on 2024 and Looking Ahead to 2025
Timothy De Block


[RERELEASE] How to get into information security

Originally posted June 25, 2014

I've been wanting to do a podcast, for a while now, on information security. I wasn't sure what I wanted the objective of the podcast to be. Most of the information security podcasts out there, or at least the ones I listen to, usually do a guest interview and cover some of the latest news and happenings within the information security. I didn't want to spin up, yet, another one of those.

Instead I've decided to spin up a podcast that explores the world of information security. One of the things I've been hearing the infosec community needs are people to teach security to those inside and outside the community. I am still very much in the early stages of my career as an information security professional and trying to learn as much as I can. I thought a podcast that allowed me to share what I've learned and explored would make for a great podcast. So here we are and my first podcast is about how to get into information security.

To explore that topic I decided to do an interview with VioPoint consultant and roundhouse master Jimmy Vo (@JimmyVo). We covered how he got into information security and also talked about some of things people on the outside looking in can do to get into information security.

Feedback is very much appreciated and wanted. Leave them in the comment section or contact me via email.

 

How to get into informaton security
With Jimmy Vo

David Mytton on Developer-Centric Security with ArcJet

Summary:

In this episode of Exploring Information Security, host Timothy De Block talks with David Mytton, founder of ArcJet, about enabling developers to build secure applications seamlessly. David shares his journey from running a cloud monitoring business to developing ArcJet, a security-as-code platform that integrates security measures directly into an application's codebase.

They discuss ArcJet's approach to empowering developers with tools for bot detection, rate limiting, and more, all without compromising the developer experience. David and Timothy explore the challenges of bridging the gap between development and security, the philosophy behind "DevSecOps," and how ArcJet addresses real-world issues like bot abuse and API misuse. Whether you're a developer, security professional, or tech enthusiast, this episode offers unique insights into making application security more accessible.

Key Topics Covered

  • What is ArcJet and the problem it’s solving?: A security-as-code platform designed for developers to integrate protections directly into their applications.

  • Developer-Centric Security: How ArcJet enhances security workflows by providing developers with intuitive SDKs and tools.

  • Real-World Use Cases: Stories of companies reducing infrastructure costs and mitigating bot-driven abuse with ArcJet.

  • The Evolution of DevSecOps: Challenges and opportunities in integrating security into the development lifecycle.

  • David's Philosophy: The importance of documentation, user experience, and building tools developers love.

Highlights

  • Developers can start using ArcJet with just a few lines of code.

  • ArcJet helps teams address spam, API abuse, and fraud while focusing on feature development.

  • David's perspective on the state of security tooling and how ArcJet stands out.

Guest Bio

David Mytton is the founder of ArcJet, a security-as-code platform. He previously founded a cloud monitoring business and has extensive experience with developer tools and application security. David is passionate about creating seamless developer experiences and advancing security tooling to meet modern demands.

Links and Resources

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]

Developer-Centric Security with ArcJet
With David Mytton


[RERELEASE] What is MS08-067?

In this artistic episode of the Exploring Information Security podcast, Mubix joins me to discuss MS08-067.

Mubix (@mubix), available at room362 and Hak5, joins me to discuss one of his favorite exploits: MS08-067. I invited Mubix on to talk about MS08-067 because of a tweet he retweeted. The tweet included a confession that a consultant used the MS08-067 vulnerability to break into a clients network. This vulnerability is really old and while not widespread it does pop-up from time-to-time. I was happy to discover that Mubix has a great appreciation for the exploit.

In this episode we discuss:

  • What is MS08-067?

  • How long has it been around?

  • Why is it still around?

  • What name it would be given in today

More resources:

What is MS08-067
With Mubix
Download

Exploring the Defensive Security Handbook with Amanda Berlin

Summary:

In this episode of Exploring Information Security, host Timothy De Block sits down with Amanda Berlin, co-author of the Defensive Security Handbook, to discuss the evolution of the book, the challenges of writing for the blue team, and how it’s helping cybersecurity practitioners today. Amanda shares insights on creating accessible resources for security professionals and the importance of designing security that works for everyone, from SMBs to enterprise teams.

Key Takeaways:

  • Origins of the Handbook: Amanda reveals how the Defensive Security Handbook was born from her own challenges as a security professional and the lack of accessible, practical blue team resources.

  • Writing Process and Updates: The journey of creating the first edition and the significant updates in the second edition, including expanded cloud coverage and reorganized database content.

  • Designing Security for SMBs: Amanda highlights the unique challenges small and medium businesses face, from budget constraints to vendor complexities, and how the book aims to provide practical, scalable advice.

  • Balancing Technical and Practical: The handbook’s goal is to simplify complex concepts, making them digestible for newcomers while still useful for seasoned professionals seeking quick references.

  • The Importance of Empathy in Security: Amanda emphasizes the need for empathy in designing security tools and processes, especially for SMBs that lack dedicated resources or expertise.

  • Feedback and Impact: How the book has resonated with unexpected audiences, including developers and detection engineers, as a guide to understanding security concepts.

Resources Mentioned:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]

What is the Defensive Security Handbook?
With Amanda Berlin


How to Create User-Centric Security with Javvad Malik

Summary:

In this episode of Exploring Information Security, host Timothy De Block and guest Javvad Malik, security awareness advocate and writer for KnowBe4, delve into the concept of user-centric design in security. Javvad shares insights on building security controls that enhance user experience rather than hinder it, and explores how organizations can foster a security culture by making processes more intuitive and less obstructive.

Key Takeaways:

  • Empathy in Security Controls: Javvad discusses the importance of understanding users’ needs and challenges. He emphasizes that security should focus on helping users rather than enforcing rigid policies. Using familiar examples, like Tetris vs. Minecraft, he illustrates the shift from a rigid, top-down approach to a more adaptable, user-driven model.

  • Learning from Shadow IT: Rather than forbidding unauthorized tools, Javvad suggests engaging with employees to understand why they choose certain applications. By integrating tools that users find convenient, security teams can balance security with user needs.

  • Behavioral Science Meets Security: Javvad highlights the value of metrics in understanding user behavior and assessing risks. He proposes using a combination of security metrics—like phishing susceptibility and device usage—to gauge an individual’s or department’s security behavior, thereby creating a more effective, user-centric security program.

  • The Power of Nudge Theory: Drawing from behavioral science, Javvad explores how gentle prompts, like password managers and risk reminders, can steer users toward safer behaviors. He likens this to everyday nudges we see, such as speed-limit reminders on roads, which encourage compliance without confrontation.

Resources Mentioned:

About Our Guest:

Javvad Malik is a security awareness advocate and writer at KnowBe4. He uses storytelling and humor to make security concepts relatable and user-friendly. Follow his latest articles on the KnowBe4 blog, where he offers practical insights into security awareness and user-focused security design.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]

How to Create User-Centric Security
with Javvad Malik


How to Pick a Whiskey Barrel With The Innocent Lives Foundation Charity

Summary:

Timothy De Block is joined by Shane McCombs and John McCombs of the Innocent Lives Foundation (ILF), Josh Huff and Rev3Dood who volunteer their time with ILF, as they delve into an adventurous and charitable whiskey barrel pick trip from April 2024. This live episode gives an insider’s look into the process of selecting exclusive bourbon barrels and the exciting world of whiskey enthusiasts. From Four Roses to Starlight Distillery, Tim and the team explore unique blends, share laughs, and reflect on how each sip supports a meaningful cause.

Check out Unicorn Auction to place a bid on one of the bottles we’re discussing

Check out the ExploreSec YouTube channel for the live video recording.

In this Episode, You’ll Learn:

  • The Origins of ILF's Barrel Pick Club: Learn about how the passion for whiskey and charity combined to form this unique fundraising avenue for the ILF.

  • The Complexity of Barrel Picking: Discover why selecting a barrel involves more than just a good taste – it requires considering the community’s preferences, uniqueness, and the impact on the ILF mission.

  • Inside Four Roses & Starlight Distilleries: Hear about the in-depth tours, the science of barrel aging, and the behind-the-scenes processes that make these distilleries so iconic.

  • Unique Barrels and Bottles: Highlights include details on Four Roses’ single-tier rickhouses, rare yeast strains, and the exceptional Starlight Mizunara cask, a rarity in the whiskey world.

  • The Auction and Community Impact: John McCombs from ILF explains how the auction supports ILF and offers tips for placing bids on exclusive bottles.

Memorable Moments:

  • Whiskey Tasting: A breakdown of tasting notes for Four Roses and Starlight bottles, featuring everything from minty finishes to complex layers of caramel, chocolate, and spices.

  • Funny Stories: From almost puking in a 15-passenger van to accidental whiskey spills, Tim and the team share some hilarious moments from their trip.

  • Chris Hadnagy’s Unique Taste: Chris’s love for scotch sets him apart as he humorously describes notes like “pine sol” that others struggle to find.

Auction Information: The auction, hosted by Unicorn Auctions, is open for two weeks, and all proceeds go to supporting ILF’s mission. Bids can be placed on unique bottles hand-picked by the ILF team, with Unicorn waiving all fees to maximize impact. Check out the auction site for updates and be ready to place your bids!

Connect with ILF:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]

How to Pick a Whiskey Barrel with the Innocent Lives Foundation Charity
With Shane and John McCombs and Josh Huff and Rev3dood