Hacker Valley Studio
Episode 102 - Tale of Three C’s Craig, Corey, and Cyvatar

Episode 102 - Tale of Three C’s Craig, Corey, and Cyvatar

October 28, 2020

In this one-of-a-kind episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview two amazing founders who are disrupting the industry and bringing in unique perspectives.  They are Corey White and Craig Goodwin, the founders of Cyvatar, a cybersecurity-as-a-service startup.  The conversation centers on the business itself, Corey and Craig’s journey as founders, and more!

The conversation starts with Craig and Corey sharing a bit about their respective backgrounds.  Craig has been a CISO for about 20 years, having moved into that line of work after spending the previous years working for the government of the UK and in security services.  Corey has been in his current industry for about 25 years, and he details his work with companies such as Foundstone and Cylance that eventually led him to his present work.  Craig and Corey share an entrepreneurial spirit that they’ve each had since childhood, but they have complementary backgrounds that help them to work well together, with Corey approaching the company from an industry perspective, and Craig from a CISO perspective.

Corey and Craig talk with their hosts about Cyvatar.  They share about their first seed round, the gaining of their first customers, and their aim to be cyber avatars for their customers - putting customer needs first and taking a background role to make the customers look good.  Further, Corey and Craig discuss the way they navigate dynamics of team synergy and collaboration when they live on different sides of the world, address their decision to include services with their startup, explain their slogan and the terminology they’ve developed, and finally share lessons they’ve learned from their journey.

0:56 - This is a one-of-a-kind episode!

2:05 - The conversation turns to Corey and Craig’s respective backgrounds.

5:18 - What is the background of the company?

8:45 - The focus shifts to Craig and Corey’s complementary skills.

13:19 - How did Corey and Craig realize they had an entrepreneurial spirit?

17:06 - A team needs synergy and collaboration.

20:40 - Corey and Craig decided to include services with their startup.

24:57 - The two founders introduced new technology.

27:21 - Corey and Craig are asked about lessons they’ve learned.

 

Get your free audiobook from Audible.com

Learn more about Hacker Valley Studio

Connect with Cyvatar on LinkedIn.

Follow Cyvatar on Twitter.

Connect with Corey White on LinkedIn.

Follow Corey White on Twitter.

Connect with Craig Goodwin on LinkedIn.

Follow Craig Goodwin on Twitter.

Email Corey at corey@cyvatar.ai

Email Craig at craig@cyvatar.ai

Learn about Cyvatar’s recent seed round and press release.

Episode 101 - US CyberWeek With Congresswoman Yvette Clarke and Laura Robbins

Episode 101 - US CyberWeek With Congresswoman Yvette Clarke and Laura Robbins

October 22, 2020

The Daniel Initiative was kind enough to involve us in a special event for CyberWeek. We produced a live podcast session called "Our Space". Ron and Chris, from the award-winning podcast Hacker Valley Studio, interviewed Congresswoman Yvette Clarke (NY-9th) and Laura Cathcart Robbins from "The Only One in the Room Podcast".

Both interviews focused on representation, people of color in technology leadership, and occupying our place in society.

 

Congresswoman Yvette Clarke's Social

https://www.instagram.com/repyvetteclarke/
https://twitter.com/VoteYvette
https://www.linkedin.com/in/yvette-clarke-9b3aa810/

 

Laura Robbins' Social

https://theonlyonepod.com/
https://www.instagram.com/lauracathcartrobbins/
https://twitter.com/lauracrobbins?lang=en
https://twitter.com/TheOnlyOnePodc1

 

Get your free audiobook from Audible.com

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Episode 100 - A Very Special Episode

Episode 100 - A Very Special Episode

October 21, 2020

In this special 100th episode we dip into the Hacker Valley Studio vault to bring you never before heard content from some brilliant experts in their field. We will be releasing these episodes in their entirety on our Patreon page down below.

Travis McPeak

Rishi Bhargava

Simran S. Sakraney

Gary Berman

Josh Halbert

Nick Vigier

Davi Ottenheimer

Christina Morillo

Rafael Nunez

 

Get your free audiobook from Audible.com

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Episode 99 -  Securityweek’s 2020 CISO Forum: HVS Style

Episode 99 - Securityweek’s 2020 CISO Forum: HVS Style

October 12, 2020

In this special live recording of the Hacker Valley Studio podcast,  Chris and Ron are joined by Fredrick 'Flee' Lee, chief security officer at Gusto and an inspirational cybersecurity leader who is focused on making security "lovable" across the organization.

Securityweek’s CISO Forum is designed for senior level security leaders to discuss, share and learn innovative information security and risk management strategies. The forum addresses issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

The Hacker Valley Studio podcast explores the human element of cybersecurity programs and the inspirational stories and knowledge to elevate culture and quality of security programs.

 

Learn more about Securityweek’s CISO Forum

Follow Flee on Twitter

Get your free audiobook from Audible.com

Hacker Valley Red Finale - Marco Figueroa

Hacker Valley Red Finale - Marco Figueroa

October 6, 2020

This episode of the Hacker Valley Studio podcast concludes the Hacker Valley Red series.  In this finale, Ron and Chris interview their friend - and formerly their shared roommate - Marco Figueroa.  Marco is a security researcher and cybersecurity speaker, and he is also a bug bounty enthusiast.  He and the hosts constant improvement, bug bounty, and more, while also looking back at the conversations thus far in the season.

 

At the start of the conversation, Marco shares about his background and what he’s doing now.  He runs through the past 7-8 years of his career, ultimately arriving at his current transition to Sentinel.  Ron and Chris jump in to thank him for his contributions to their podcast, and to share with listeners about their friendship with Marco.  Moving forward, Marco talks about how he first got into the security community, and eventually found a niche in reverse-engineering malware.  He also involved himself in the bug bounty community, and in his various spheres of life, he is committed to building relationships and staying relevant.  Marco explains his system of scheduling calls, his practice of (and future plans for) content creation, and love of learning and feedback.

 

Throughout the conversation, Ron and Chris lead the conversation to cover a wide variety of topics.  They ask about the possibility of an unhackable device (which Marco denies), the mindset of a hacker, Marco’s philosophy in protection work, and the question of whether or not coding experience is needed for hacking.  The group looks back to former conversation about the hacker mindset (with Ted), about community (with Alex), and about social engineering (with Rachel).  In view of the whole season, the group considers two main takeaways: the value of mentorship and the need to put oneself out there and take a first shot.  Marco shares a lot from his own experience, and makes sure listeners know to press on and trust the process.

 

-The episode features Marco Figueroa, and listeners are introduced to the content ahead.

-What is Marco’s background, and what is he doing now?

-Is there such a thing as an unhackable device?

-The group talks about Marco’s philosophy in his protection work, the place of social engineering, and the value of building relationships.

-What is the hacker mindset, and do you need coding experience to be a good hacker?

-If interested in the red side of the field, what should someone do first?

-Marco shares about what he sees on the horizon.

-The group considers two major season takeaways: the value of mentorship and the need to put yourself out there and take the first shot.

-Where is Marco planning to take his contact creation from here?

 

Links:

Connect with Marco Figueroa on Twitter

Connect with Marco on LinkedIn

Follow Marco’s Livestream

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about the season sponsor, RiskIQ

Hacker Valley Red Episode 7 - Maurice Ashley

Hacker Valley Red Episode 7 - Maurice Ashley

October 6, 2020

This episode of Hacker Valley Studio podcast’s Hacker Valley Red Series features guest Maurice Ashley, a chess grandmaster and author of Chess for Success. Maurice is a chess guru and has been playing it ever since his high school years. He is currently involved in commentating for chess events, teaching chess, and training national chess champions. In this episode, Maurice and the hosts talk about Maurice’s chess journey along with some parallels between chess and cyber security.

The hosts, Ron and Chris, start off the interview by pointing out one parallel between chess and cybersecurity: the art of training. Maurice responds by sharing about the rigorous training of chess, and of the different strategies and techniques that must be learned. He also takes some time to explain his own journey with training in chess and how it progressed through the years. In high school, he started playing with his brother, and then moved to playing in more formal settings with more challenging opponents. This eventually led to earning the title of chess grandmaster. Being the first black male to receive the Chess Grandmaster title, Maurice speaks on how this accomplishment inspired others to reach for their goals.

Circling back to the parallels between chess and cyber security, Maurice touches on the importance of practicing for performance. This means knowing your opponent, studying their strategies, and using their energy against them. Chris and Ron highlight how this parallels with cyber security in knowing how to approach the opponent. They then ask Maurice about his thoughts on an unbeatable chess player and how it relates to an unhackable system. Maurice responds by explaining that in the game if chess with its millions of possible outcomes, having an unbeatable player is impossible. Additionally, He emphasizes how this truth relates to cyber security. Rather than focusing on being unbeatable, Maurice encourages focus to be spent on readiness which is acquired through practice. In cyber security, Chris and Ron explain how readiness means having the ability to respond automatically to situations. They ask Maurice about blitz and bullet chess and how it relates to this kind of practice. According to Maurice, blitz and bullet chess rely heavily on instinct and experience.

The conversation ends as the hosts ask Maurice to share some tips for people interested in learning chess. Maurice encourages people interested in chess to download his new app, Learn Chess with Maurice Ashley, where he provides lessons on chess. He closes by encouraging others to reach for the greatness inside them. According to Maurice, greatness is defined as having the right mindset, doing the hard work, making the sacrifices, and learning through the process. This is the greatness that will be reflected in the end goal.

2:49 - Maurice introduces himself

6:46 - Maurice’s journey of becoming a grandmaster

9:20 - The impact of Exposure

11:07 - Maurice tells of the significance of being the first black male to earn the title of Chess Grandmaster.

15:00 - Maurice tells of the influence of his family in earning the title of Chess Grandmaster.

17:58 - Maurice speaks on practicing for performance and how it relates to cyber security.

22:00 -The parallels between an unbeatable chess player and an unhackable system

25:18 - Maurice explains blitz and bullet chess and how it relates to cyber security.

33:25 - Maurice gives some tips on how to get started playing chess.

37:04 - Maurice gives advice on how to reach greatness.

 

Links:

To learn more about Maurice Ashley, visit https://mauriceashley.com

Follow Maurice Ashley on Twitter and Instagram

Learn more about Maurice Ashley’s book Chess for Success and his app Learn Chess with Maurice Ashley

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about the season sponsor, RiskIQ

Hacker Valley Red Episode 6 - Lisa Jiggetts

Hacker Valley Red Episode 6 - Lisa Jiggetts

October 6, 2020

On this episode of Hacker Valley Studio, hosts Ron and Chris speak with Lisa Jiggetts, founder of Women’s Society of Cyberjutsu. Their conversation covers Lisa’s background, her current work and her involvement as a penetration tester.

 

Lisa says she’s always been a techie who loved gadgets, breaking things and trying to understand how they fit together. She knew she wanted to work with computers, but wasn’t sure what that meant, exactly. Out of high school she joined the military working in IT, but knew she wanted to be a hacker. Eventually, she made her way to pentesting apps and systems in the cloud. Lisa loves the game aspect of pentesting and the red team. She says she enjoys the challenge of trying to get into the box and “level up,” trying more and more ways in before reaching out for help.

 

In between jobs a few years ago, Lisa began dreaming of a hands on training group for women like herself. It began as a meet-up group, which grew into the Women’s Society of Cyberjutsu, (WSC). She wanted hands-on workshops and an opportunity for networking and building a network of mentors and mentees. The first workshops and members were women in IT and even outside of tech, who were looking for a change and challenge in their career. Now the organization is in a state of growth with chapters across the country. To anyone interested, she says WSC gives the opportunity for hands-on training and a network of support.

 

As the episode ends, Lisa shares her advice to anyone interested in the red team or the world of cyber security in general. Her number one piece of advice is networking, because that’s the way she’s found a lot of her work in the past. She also encourages listeners, regardless of where they’re starting, to get their skills up any way they can. The field is always changing, Lisa says, so the initiative to work and show up is invaluable.

 

2:12 - The episode and guest are introduced.

3:50 - Lisa gives an overview of her background.

10:00 - Lisa explains her breaker mentality.

15:57 - What made Lisa commit to pentesting and the red team?

20:34 - Lisa discusses the founding of the Women’s Society of Cyberjutsu.

29:44 - Lisa’s advice for listeners interested in the red team and cyber security.

 

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about WSC

Follow Lisa Jiggetts on Twitter

Hacker Valley Red Episode 5 - Ted Harrington

Hacker Valley Red Episode 5 - Ted Harrington

October 6, 2020

In this episode of the Hacker Valley Studio podcast’s Hacker Valley Red series, this time featuring guest Ted Harrington.  Ted is an Executive Partner at ISE Security, an author, and a professional speaker. Hosts Ron and Chris speak with Ted about the concept of unhackability, his experience in the security field, an interesting story of an attack in real time, and more!

 

To start off the interview, Ted shares about his background.  He currently works for a consulting firm that focuses on ethical hacking and aims to help companies solve their security problems, and his interest in the work of hacking goes back to a car-hacking experience in which he and his colleagues were inspired by a claim of unhackability and disproved the claim.  Ted clarifies that there is effectively no such thing as an unhackable device or application, but that his work centers on closing attack vectors and making security systems stronger.  In fact, he wants his legacy in the field to center on making things better.  He shares about his own energy and motivation, and also explains the mindset of a hacker, which involves creativity and a certain way of thinking about and solving problems.

 

Ted has learned a great deal in his years in the hacking field, and Ron and Chris are eager to draw lessons out for listeners.  Ted explains misconceptions about the red side of security before providing an extended example of hacking in real time: an example of cryptocurrency wallets that involved Ted and his team happening upon a real thief at work.  Ted explains that people should not have a laissez-faire attitude about security, and that they should foster a right mindset and right partnerships.  He clarifies that he sees many breakers start as builders, explains the utility of thinking from the perspective of a buyer, and offers advice for listeners looking to enter the field.  This advice centers on mindset and hands-on activity; there are lots of opportunities to get involved with DEF CON, talks, contests, and even internships (including some at Ted’s company). 

 

1:50 - The episode features Ted Harrington; listeners are introduced to him and the episode ahead.

3:05 - The conversation begins with Ted’s background.

7:21 - The group considers the term “unhackable,” closing attack vectors, and breakers starting as builders.

14:02 - “Think like a hacker.”

20:02 - Ted explains some lessons from real-life work, focusing on a cryptocurrency wallet example.

25:13 - What should people learn and do?

30:38 - Where do Ted’s energy and motivation come from, and what is the most interesting part of his work?

34:32 - Ted offers advice and shares what he hopes his legacy in the field will be.

 

Links:

Connect with Ted on LinkedIn or email him at ted@ise.io

Learn about Ted’s book, Hackable

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about the season sponsor, RiskIQ

Hacker Valley Red Episode 4 - Alissa Knight

Hacker Valley Red Episode 4 - Alissa Knight

October 6, 2020

On this episode of Hacker Valley Studio, hosts Ron and Chris speak with Alissa Knight, author of the book Hacking Connected Cars and self described “recovering hacker.” Their conversation covers content creation, API’s and hacking cars.

 

Alissa grew up in Seattle, Washington where there was a big art scene. She began building her own computers and running her own boards at an early age. She says a lot of people don’t know that she started out in the BBS scene back in the 90’s. At seventeen she hacked into a government network and was arrested. Eventually, the charges were dropped on a technicality and she went on to work for the US Intelligence Community in cyber warfare.

 

Alissa’s first start-up was a web design company where she ran a Lennox webserver around the time the teardrop attack in Lennox servers. The people she rented office space from were teardropping her web hosting server. She picked up a book on cyber security, and got introduced into the world of cyber security through necessity. She had a passion for finding vulnerabilities, and understanding things that were difficult to understand, which is what brought her to embedded systems. The rest she says is history.

 

As the episode ends, Alissa talks about her YouTube Channel, KnighTV. She says she’s always been an artist, and always wanted to do things at 200%. Her following is relatively new, at the beginning of 2019 she only had 4 followers on Twitter and now she’s passed the threshold to be part of the YouTube Partner Program. She wanted a cinematic experience for the viewer to stand out and not be just another video for the viewer. For anyone interested in getting started in being a breaker, she’s posted a couple videos on the topic, and explains there are many resources at their disposal. She says this line of work takes grit, and in her opinion a passion for reading.

 

2:08 - The episode and guest are introduced.

3:19 - Alissa gives an overview of her background.

6:29 - How Alissa’s career began.

10:16 - Do you have to program to hack?

14:26 - What led Alissa to hacking cars?

24:55 - Alissa explains what people get wrong about the red team.

29:25 - Alissa answers the question, “is there an unhackable device?”

36:54 - How KnightTV came into being.

41:08 - Alissa gives her advice on where to start getting into cyber security

 

Links:

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Follow Alissa Knight on Twitter

Subscribe to Alissa’s YouTube Channel

Learn more about the season sponsor, RiskIQ

Hacker Valley Red Episode 3 - Alex Rice

Hacker Valley Red Episode 3 - Alex Rice

October 6, 2020

This episode of the Hacker Valley Studio podcast continues the Hacker Valley Red series by featuring Alex Rice.  Alex is the CTO and co-founder of HackerOne, and he joins hosts Ron and Chris for a conversation about such topics as the beginnings of the researcher community, bug bounty, and the term “hacker.” 

 

Alex first shares about his background leading up to what he’s doing today.  He worked as a developer, and then about 20 years ago, he moved into the security field.  Part of his career trajectory was motivated by his frustration over a lack of feedback loops, and he explains both how HackerOne came to be and some details about bug bounty.  Ron and Chris are particularly interested in why HackerOne has the term “hacker” in it, even though the term can carry with it negative connotations (however inaccurate they may be).  Alex clarifies that he and his colleagues do not want to beat around the bush, but want to be part of the work of dismantling false stereotypes about hacking. 

 

Moving forward in the conversation, Alex covers a variety of topics related to his work.  He addresses changes in hackers’ experiences with cease and desist orders, the bug bounty community, and the gamification of security and hacking.  He shares about different motivations of security researchers, teenagers making a lot of income through bug bounty, hacking outliers and their personas, impacts of COVID-19, and writing reports.  Ron and Chris ask Alex about whether or not unhackability is possible (spoiler: it’s not!), as well as about the closest thing to unhackable that can be achieved.  Alex explains what he’s looking toward in the future, talks about his love of outdoor work, and finally offers encouragement to the person in bug bounty looking to keep progressing in the field.

 

1:34 - Listeners are introduced to Alex Rice and the conversation to come.

2:41 - What is Alex’s background, and what is he doing today?

7:45 - Alex explains why the term “hacker” is included in his company’s name.

10:45 - The group considers cease and desist orders, bug bounty community, and gamification of security and hacking.

18:11 - Alex addresses the reality of teenagers making millions through bug bounty, as well as the personas of hacking outliers.

22:43 - Alex talks bug bounty, COVID-19, and writing reports.

25:41 - Is unhackability possible?  If not, what’s the closest we can get to it?

30:02 - The conversation concludes with Alex’s thoughts on the future, hobbies, and encouragement to people in bug bounty looking to continue in the field.

 

Links:

Connect with Alex Rice on Twitter

Connect with the Bug Bounty Community at hackerone.com/hacktivity

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about the season sponsor, RiskIQ