Exploring Information Security Archive 1

Ed (@EdgarR0jas) is the creator of Tactical Edge (@Tactical3dge), which runs October 24 - 27, 2016, and PVC Security podcast co-host. For listeners of that podcast, I apologize. You've heard about about Tactical Edge extensively. However, I managed to get a little more out of him in this episode. We discuss origins and what makes this conference unique.

Valerie (@hacktress09) is an executive consultant for Securicon. She uses many techniques to pentest an organization via social engineering. One of the techniques she uses the most is phishing emails. In this episode we discuss what is social engineering and why it's important.

Chris (@_Lopi_) has some interesting thoughts on mentorship and how the infosec community can be better at it. Here is the tweet from Chris that caught my attention, "What do I want? To get more folks interested in infosec and help them break into the industry. We need better mentors." Upon further investigation I noted that Chris is creating a game for people trying to break into information security. How this applies? You will have to listen to the episode.

Steven (@ZenM0de) is a principal security strategist at eSentire. Part of his role is implementing, and even sometimes creating, security frameworks for organizations. We define what a security framework is and then discuss the process for choosing a framework.

Chris (@cmaddalena) and I were asked the question on Twitter, "How do you make time for a home lab?" We answered the question on Twitter, but also decided the question was a good topic for an EIS episode. Home labs are great for advancing a career or breaking into information security. To find the time for them requires making them a priority. It's also good to have a purpose. The time I spend with a home lab is often sporadic and coincides with research on a given area.

Chris (@cmaddy) and I have submitted to a couple of calls for training at CircleCityCon and Converge and BSides Detroit this summer on the topic of building a home lab. I will also be speaking on this subject at ShowMeCon. Home labs are great for advancing a career or breaking into information security. The bar is really low on getting started with one. A gaming laptop with decent specifications works great. For those with a lack of hardware or funds there are plenty of online resources to take advantage of.

Rob (@Mubix), recently had a post titled "Friendly Fire." In the post he talks about the red vs. blue dynamic and some of the pitfalls of that attitude. I knew of the red vs. blue dyanmic, but I never thought it would be hurting the security industry. I decided to have Mubix on to discuss the topic a little bit more. We discuss maximizing a pentest and CTFs.

Rob (@Mubix), recently had a post titled "Friendly Fire." In the post he talks about the red vs. blue dynamic and some of the pitfalls of that attitude. I knew of the red vs. blue dyanmic, but I never thought it would be hurting the security industry. I decided to have Mubix on to discuss the topic a little bit more. We define red team vs. blue team and then talk about working together.

Johnny, (@J0hnnyXm4s), helps organize four monthly meetups in the Chicago area called BurbSec. Starting a CitySec is a unique challenge but one that is easily doable. CitySec's provide an opportunity for security professionals and enthusiasts to get together to network, learn, and improve their security mindset. Johnny will be presenting this topic as a talk at BSides Nashville April 16, 2016. In this episode we discuss location and websites.

Johnny, (@J0hnnyXm4s), helps organize four monthly meetups in the Chicago area called BurbSec. Starting a CitySec is a unique challenge but one that is easily doable. CitySec's provide an opportunity for security professionals and enthusiasts to get together to network, learn, and improve their security mindset. Johnny will be presenting this topic as a talk at BSides Nashville April 16, 2016. In part one we discuss the origin story of BurbSec, marketing, and the people who attend.