Content provided by Advanced Persistent Security and Joe Gray, Advanced Persistent Security, and Joe Gray. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Advanced Persistent Security and Joe Gray, Advanced Persistent Security, and Joe Gray or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

7+ y ago 1:21:04

MP3•Episode home

Archived series ("Inactive feed" status)

When? This feed was archived on July 28, 2021 10:09 (3y ago). Last successful fetch was on August 17, 2019 01:14 (5y ago)

Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Infosec Success (with Lesley Carhart)

Advanced Persistent Security

ADVANCED PERSISTENT SECURITY PODCAST

EPISODE 31

GUEST:Lesley Carhart

January 2, 2017

If you enjoy this podcast, be sure to give us a 5 Star Review and “Love Us” on iTunes; Like us on Google Play, Stitcher, Sound Cloud, Spreaker, and YouTube.
NOTE: The opinions expressed in this podcast are ours alone and do not reflect those of our employers

Infosec Success (with Lesley Carhart)

SHOW NOTES

PART 1

We discuss our predictions for 2017. Lesley gives us her theme of “Reaching a Breaking Point.” She says that some things will get worse in places. This will give risk managers a little more budgetary leverage. Lesley predicts more Distributed Denial of Service (DDOS) and IOT botnet DDOS attacks. Joe predicts a data breach bigger than Yahoo in terms of sensitivity, records, applicability, and ability for misuse. Lesley’s next prediction is government/Law Enforcement on cloud and social media providers and their data retention policies. Joe’s final prediction is to see a rise in social engineering and phishing.

PART 2

Lesley shares with us her wisdom about taking GIAC exams after SANS training and the value of having solid indices. We talk about what to take into the testing center. We talk about the various cost offset models. Lesley and I also talk about the advantages and disadvantages of the larger SANS events versus smaller events and venues. We talk about the SANS Blue Team (DFIR) and Red Team (Pen Test) pipelines. We talk about true “Purple Teamers.”

PART 3

In our Infosec success segment, Lesley’s first tidbit of advice is “Want to be in infosec.” Joe talks about being able to teach someone the knowledge, but not the passion. Joe talks about learning outside of work and tinkering in a home lab. Lesley talks about learning types and finding the method for you to learn best. Joe recommends getting active in the security community via BSides, defcon groups, 2600, ISSA, OWASP, and (ISC)2 chapters. We also talk about Irongeek’s site as well. Joe recommends business cards regardless of your career level. We talk about report writing and public speaking and the importance of producing quality reports regardless of the role. We discuss languages and programming languages.

ABOUT Lesley

Infosec Success (with Lesley Carhart) — Lesley Carhart

Lesley Carhart (GCIH, GREM, GCFA, GPEN, B.S. Network Technologies, DePaul University) is a 17 year IT industry veteran, including 8 years in information security (specifically, digital forensics and incident response). She speaks and writes about digital forensics and incident response, OSINT, and information security careers, is highly involved in the Chicagoland information security community, and is staff at Circle City Con, Indianapolis.

In her free time, Lesley studies three martial arts, is a competitive pistol marksman, and is generally all around a huge geek.

Lesley loves to speak about information security and digital forensics to technical and non-technical audiences, and would be happy to come to your con or speak to your class (time allowing)! Please reach out to @hacks4pancakes on Twitter, or at hacks4pancakes@gmail.com.

CONTACTING Lesley:

Twitter: @hacks4pancakes
Twitter: @Infosec_VetTix
Blog: Tisiphone

SANS References:

Rtfm: Red Team Field Manual
SANS Cheat Sheet Google Search String
Joe’s SANS Security 504 Mentor Course

Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Enter your email address:
Delivered by FeedBurner

SUBSCRIBE TO OUR MAILING LIST

* indicates required

Email Address *

First Name

Last Name

52 episodes