How to find vulnerabilites

In this susceptible edition of the Exploring Information Security podcast, Samy Kamkar joins me to discuss how to find vulnerabilities.

Samy (@samykamkar) shouldn't need too much of an introduction to most people. He's been in the news for hacking garage doors, credit cards, cars, and much much more. Samy likes to hack things and has a knack for finding vulnerabilities in everything from locked machines to wireless doorbells. His site has the full list of vulnerabilities as well as videos and press appearances. Which made him the perfect guess for talking about how to find vulnerabilities.

In this episode we discuss:

  • What got him started in looking for vulnerabilities
  • What is a vulnerability
  • What skills are necessary for finding vulnerabilities
  • How he decides his next project
  • The steps to finding vulnerabilities
  • What he does when he discovers a vulnerability
  • How long the process takes

What is the SANS Holiday Hack Challenge

In this holiday edition of the Exploring Information Security podcast, Ed Skoudis joins me to discuss the SANS Holiday Hack Challenge.

Around this time each year the SANS Holiday Hack Challenge releases under the direction of Ed (@edskoudis) and instructor with the SANS institute. This year Santa has been kidnapped and it’s up to use to figure out who did it and save Christmas. The challenge is for new people in infosec, and for those who have been in the industry for many years. As Ed notes in the episode it is even for children. The challenge itself has been around for years and several past years are still available for people to go through.

In this episode we discuss:

  • What is the SANS Holiday Hack Challenge
  • How it got started
  • What preparation goes into making the challenge each year
  • Who can participate

How to hire qualified application security talent - Part 2

In this two-part edition of the Exploring Information Security podcast, James Jardine of Jardine Software joins me to discuss how to hire qualified application security talent.

James (@JardineSoftware) recently wrote a post about the five mistakes to avoid when hiring qualified application security talent. It's such an interesting list and something I don't see a lot of people talking about. For more application security advice be sure to check out James podcast DevelopSec.

In this episode we discuss:

  • The fifth mistake to avoid when hiring
    • Overly broad job requirements
  • How involved should the development team be in the process?

How to hire qualified application security talent - Part 1

In this two-part edition of the Exploring Information Security podcast, James Jardine of Jardine Software joins me to discuss how to hire qualified application security talent.

James (@JardineSoftware) recently wrote a post about the five mistakes to avoid when hiring qualified application security talent. It's such an interesting list and something I don't see a lot of people talking about. For more application security advice be sure to check out James podcast DevelopSec.

In this episode we discuss:

  • What prompted James to write the article
  • What he considers qualified application security talent
  • Four of the five mistakes to avoid
    • Not understanding your current needs
    • Ignoring existing resources
    • Not sharing the worload
    • Not defining the role

How to find a mentor

In this advised edition of the Exploring Information Security podcast, I have three guests join me to discuss how to find a mentor.

First up is Wolfgang Goelrich (@jwgoerlich). Wolf provided me with a video he recently did on how to find a mentor for his stuck in traffic series on YouTube. His focus is on what to look for in a mentor and that where we focused in the interview. He's also written about finding and using a mentor on his website.

Next we have Javvad Malik (@J4vv4d). You may no him from his YouTube channel and the wonderful infosec video he posts there. He also recently started doing the weekly infosec update with Alien Vault, titled Alien Eye In The Sky. In our interview we focus on where to look for a mentor.

Finally we have Johnny Xmas (J0hnnyXm4x). Who gave me some feedback that I didn't expect, don't look for a mentor. He thinks mentors can be placed on pedestals. The result of that can mean overlooking the people you already look at as mentors. 

How to find your niche in information security

In this stag episode of the Exploring Information Security podcast, I provide tips on how to find your niche and share my story of getting into information security.

This topic is one that I've submitted to a couple different conferences, but didn't get excepted. I still think it's an interesting topic and useful for those just getting into infosec. Find your niche is advice you will see other professionals give to new people in the field. I think it's good advice, but it can be frustrating figuring out how to do it. Some will find their niche quickly, while for others it may take a while. It took me a long time to figure out that I even wanted to be in infosec. I was then shocked when I got in and had to find a niche within a niche. 

In this episode I discuss:

  • Tips for finding your niche
  • Share my story of getting into infosec
  • Then getting into application security

More Resources:

What is straight talk - Part 2

In this to the point episode of the Exploring Information Security podcast, Michael Santarcangelo joins me to discuss straight talk.

Michael (@catalyst) has launched a new program called straight talk. What I like about this program is that it helps solves problems. It cuts right through symptoms and other distractions and gets right to the point. This framework is for managers and executives, but worth the time for security professionals at any level.

In this episode we discuss:

  • How to get started with straight talk
  • Resources available for getting started with straight talk

More resources:

What is straight talk - Part 1

In this to the point episode of the Exploring Information Security podcast, Michael Santarcangelo joins me to discuss straight talk.

Michael (@catalyst) has launched a new program called straight talk. What I like about this program is that it helps solves problems. It cuts right through symptoms and other distractions and gets right to the point. This framework is for managers and executives, but worth the time for security professionals at any level.

In this episode we discuss:

  • What is straight talk
  • Why it's important
  • Who should use it

More resources:

How to harden AWS

In this firm episode of the Exploring Information Security podcast, Andrew Krug of ThreatResponse joins me to discuss tips and resources for hardening AWS.

Andrew (@andrewkrug) and Alex (@amccormack) recently presented on AWS hardening at DerbyCon (slides). I previously talked about their talk on the "What I learned at DerbyCon" episode. Alex was gracious enough to join me to discuss what he talked about in his talk. He also provided some other tips and resources for improving the security in an AWS environment.

In this episode we discuss:

  • Why hardening AWS is important
  • What attacks we need to worry about in AWS
  • How to harden AWS
  • What are the tools he's created to help harden AWS

More resources:

How to break android apps for fun and profit - part 2

In this ruptured episode of the Exploring Information Security podcast, Bill Sempf joins me to discuss how to break android apps.

Bill (@sempf) is an application security architect who loves the grind of security. He recent spoke at DerbyCon on "Breaking android app for fun and profit." Watching the talk prompted me to invite Bill on the show to dive in a little more. What I like about the talk is that it's almost entirely a demo that walks through the steps of setting up the test environment. You can find more content from Bill at his website and the OWASP .NET project.

In this episode we discuss:

  • Other tools to use for testing mobile applications
  • OWASP Mobile Top Ten
  • Methodology for testing
  • Types of vulnerabilities Bill has found

More resources:

How to break android apps for fun and profit - part 1

In this ruptured episode of the Exploring Information Security podcast, Bill Sempf joins me to discuss how to break android apps.

Bill (@sempf) is an application security architect who loves the grind of security. He recent spoke at DerbyCon on "Breaking android app for fun and profit." Watching the talk prompted me to invite Bill on the show to dive in a little more. What I like about the talk is that it's almost entirely a demo that walks through the steps of setting up the test environment. You can find more content from Bill at his website and the OWASP .NET project.

In this episode we discuss:

  • Whybreak an android app
  • The skills needed to break android apps
  • We start to get into some of the tools needed to break an android app
  • What operating system to perform the tests on

More resources:

What is a denial of service (DOS) attack?

In this disclaimed episode of the Exploring Information Security podcast, Daniel Smith of Radware joins me to discuss denial of service attacks.

Daniel (@hypoweb) is a security researcher at Radware and he loves watching denial of service attacks. He joins me to explain what is a denial of service attack and the nuances of this type of attack. He will be speaking on this type of attack and the threat landscape in general in Bogota Columbia October 26, 2016, at Tactical Edge.

In this episode we discuss:

  • What is a denial of service attack
  • The different kinds of denial of service attacks
  • Who will launch a denial of service attack
  • Who DOS attacks typically target

What I learned at DerbyCon

In this enlightening episode of the Exploring Information Security podcast, I talk about what I learned at DerbyCon.

This was my second trip to DerbyCon. Last year was a wonderful experience. This year was much the same. While at the conference I had some takeaways that I wanted to share on the podcast (Also, I've been slack in getting guests on the show lately).

In this episode I discuss:

What is Practical Web Applicaiton Penetration Testing?

In this educational edition of the Exploring Information Security podcast, Tim Tomes joins me to discuss Practical Web Application Pentration Testing (PWAPT) training.

Tim (@LaNMaSteR53) is one of the leading names within the application security field. A former instructor for many organizations, he wanted to do more with training. He wanted to provide attendees to training with more hands on work. Get into an application, exploit it, and then provide remediation steps. He came up with the PWAPT training.

In this episode we discuss

  • How the idea for the training came about
  • Why the training is important
  • Who should attend the training
  • What makes this training unique

How to find balance in information security

In this balanced edition of the Exploring Information Security podcast, Joey Maresca AKA l0stkn0wledge joins me to discuss finding balance in information security.

Joey (@l0stkn0wledge) has been i the infosec industry for over 10 years. He's had his highs and he has had his lows. He joins me to discuss some of those lows and what he did to get out of them. In the end it's all about setting goals and moving towards inner peace. This is another episode in our DerbyCon series.

Joey's DerbyCon talk is available here.

In this episode we discuss:

  • What the talk is about
  • The idea for this talk
  • Why finding balance is important
  • How to find that balance

What can an OSINT creeper learn?

In this creepy edition of the Exploring Information Security podcast, Josh Huff and I discuss what you can learn being an OSINT creeper.

Josh (@baywolf88) is one of the up and coming professionals in the Open Source Intelligence (OSINT) discipline. By day, he's a forensic analyst at an investigation firm. By night, he's an information gathering OSINT creeper. He's been studying OSINT heavily the last year and is here to share his experience and lessons learned.

Josh's talks is available here.

In this episode we discuss:

  • What is an OSINT creeper?
  • What is the methodology of an OSINT creeping?
  • What are the lessons learned?
  • How to get started OSINT creeping

How to automate security into the SDLC

In this automatic episode of the Exploring Information Security podcast, Jimmy Byrd joins the show to discuss his DerbyCon talk, "Security automation in your continuous integration pipeline."

Jimmy (@jimmy_byrd) is the lead developer at Binary Defense. Recently, he was accepted to speak at DerbyCon. He will be speaking Saturday September 24, 2016, in the stable talk track. His topic is on integrating security into the automation part of the software development life cycle (SDLC).

Jimmy's DerbyCon talk is available here.

In this episode we discuss:

  • What is the SDLC?
  • What is continuous integration?
  • Why getting security automated in the SDLC is important
  • How to get security automated in the SDLC

More resources:

What is DerbyCon?

In the return of the Exploring Information Security podcast, I explore DerbyCon with Adrian Crenshaw AKA Irongeek.

Adrian (@Irongeek_adc) is one of the founding members of DerbyCon. Last year I went to DerbyCon for the first time. I had an absolute blast and I happy that I am getting an opportunity to go again this year. The talks are all fantastic, but even better are the connections that can be made at the conference. DerbyCon is in Louisville, Kentucky, September 21 - 25, 2016. The conference is sold out, but tickets can be usually found by watching Twitter for people selling tickets.

DerbyCon videos are up.

In this episode we discuss:

  • The origins of DerbyCon
  • All the events and activities available
  • How to get involved in the conference
  • BONUS: How to get accepted at DerbyCon

Other resources:

EIS taking a break

First, thank you to everyone who listens to the show regularly. From time-to-time I hear from people who enjoy the show and I couldn't be happier that they enjoy the content I produce. With that said, the show is going into a temporary hiatus. I am in a big transition right now in life and maintaining the show has become a struggle.

I have decided to take a break because I don't want the quality of the shows to suffer. I'm hoping it's only a month long hiatus, but there is a chance it could be longer. A lot of it will depend on how quickly I can get out of the chaos and into a regular routine. I want to thank everyone in advance and I am looking forward to filling the feed with new episodes.

Thank you,

Tim

When not to use Burp Suite

In this gassy edition of the Exploring Information Security podcast, James Green joins me to discuss when not to use Burp Suite. 

James (@Greenjam94) is a member of the MISec community and recently gave a talk about why not to use Burp Suite. Being in application security this was a topic I had interest in. Unfortunately, the presentation was not recorded. I decided to take matters into my own hands and have James on the show to discuss this topic.

In this episode we discuss

  • What is Burp Suite?
  • How is Burp used
  • Why Burp shouldn't be use
  • When to use Burp