Welcome back to the show! Hacker Valley Studio podcast features Host Ron Eddings, as he explores the world of cybersecurity through the eyes of professionals in the industry. We cover everything from inspirational real-life stories in tech, to highlighting influential cybersecurity companies, and we do so in a fun and enthusiastic way. We’re making cybersecurity accessible, creating a whole new form of entertainment: cybertainment.
Episodes
Tuesday Sep 01, 2020
Tuesday Sep 01, 2020
This episode of the Hacker Valley Studio podcast’s Hacker Valley Blue series is a bit unique. It features Brandon Dixon, the VP of Strategy at RiskIQ, a major sponsor of the podcast. Brandon co-founded Passive Total in 2014, and it was later purchased by RiskIQ. He is the quintessential guest, invested in fitness, philosophy, tech, and leadership. He is an expert in both the practice and business of threat intelligence, and he shares with Ron and Chris about himself, his work, and the field.
Much of the conversation focuses on Brandon and his work background. Brandon explains his journey into the threat intelligence field, from his early interest, through jobs in tech and academia, and to work in espionage research. Eventually, he and friend Steve McGinty saw a need and tried to solve it; their efforts took shape in the company they co-founded, Passive Total. Brandon explains to listeners the process by which he and Steve created Passive Total, as well as the way in which they arrived at the deal to sell Passive Total to RiskIQ. Brandon was heavily involved in the integration of Passive Total into RiskIQ, before eventually settling into a specific role within RiskIQ that capitalizes his love of the business side of the field. He aims to work in light of his personal philosophy on life and success, which he also details.
The conversation touches on many practically relevant details of the threat intelligence field, as well. Brandon addresses the changes in the field and motivation he draws from these changes, bias and intelligence collection, and lessons that have arisen through his specific experiences. Other topics covered include intelligence leads and the future of threat intelligence, unhackability, the place of circumstances in life and business, and how intelligence leaders can improve their programs. As Brandon anticipates that threat intelligence will only become a more pervasive field, listeners will doubtless benefit from his own insights, as well as his recommendations of such resources as Malcolm Gladwell’s Outliers and RiskIQ workshops.
0:26 - The conversation begins with an introduction to this unique episode, its guest, and his background.
2:43 - The group considers the changing business of threat intelligence and what drives Brandon.
8:24 - The next topics are bias and intelligence collection, as well as what surprises Brandon.
13:00 - Brandon shares the story of Passive Total and its integration into RiskIQ, also addressing the business side of the field and lessons learned through his experience.
24:04 - Brandon addresses intelligence leads and the question of unhackability.
34:44 - What is Brandon’s philosophy on life and success?
39:37 - Brandon explains what threat intelligence leaders need to do to improve their programs.
Links:
Learn more about Hacker Valley Studio
Support Hacker Valley Studio on Patreon
Follow Hacker Valley Studio on Twitter
Follow Ronald Eddings on Twitter
Follow Chris Cochran on Twitter
Tuesday Sep 01, 2020
Tuesday Sep 01, 2020
This episode of the Hacker Valley Studio podcast is the fifth installment in this first season of the Hacker Valley Blue series, and features guest Susan Peediyakkal, an expert in building threat intelligence programs. Susan is a cyber threat intelligence consultant, the founder of BSides Sacramento, and a member of the advisory boards for several cybersecurity companies. She joins hosts Ron and Chris to speak to her background, the future of threat intelligence, and much more.
Susan first details her background, running through the highlights of her approximately 16 years in cybersecurity, which have focused mostly on threat intelligence. Susan began her career in the air force, and is still a reservist. She worked with radar, and eventually decided to cross-train and branch into IT. The following years saw her in a number of roles with various organizations, and move decisively into the threat intelligence field. Eventually, Susa noticed that her career trajectory was moving her toward building threat intelligence programs for government entities. She built programs for such varied clients as the government of Abu Dhabi, USPS, US courts, and industry leaders. She recently paused her work to pursue further education, but has since returned to work as a threat intelligence practitioner..
As the conversation continues, Ron and Chris ask Susan to share insights on several topics. The group considers the importance of community and a human element within the threat intelligence field, ways Susan has faced misconceptions when starting threat intelligence programs, the concept of unhackability, and what stakeholders outside the field get wrong about it. Returning to a topic that has been forefront on Ron and Chris’s minds recently, Susan also shares about bias in her line of work and how threat intelligence analysts go wrong in dealing with it. Moving into more personal topics, the group discusses Susan’s podcast-worthy voice, clarity, and articulation. Susan explains how experts in threat intelligence can cultivate a new wave of speakers, and the conversation ends with a look at what the future holds for both Susan and the field of threat intelligence.
1:40 - Listeners are introduced to the episode and today’s guest, Susan Peediyakkal; Susan then shares her background.
5:41 - The group considers the importance of community, misconceptions Susan has noticed about her field, and the artistry and human element of threat intelligence.
16:02 - What kind of bias is Susan running into, and where do analysts go wrong with regard to bias?
21:38 - Susan addresses the term “unhackable.”
24:35 - Susan and her hosts turn to matters of podcasting, voice, and speaking.
31:40 - What do people outside the field get wrong about it?
33:48 - What’s the future look like for Susan, her field, and the workforce?
Links:
Learn more about Hacker Valley Studio
Support Hacker Valley Studio on Patreon
Follow Hacker Valley Studio on Twitter
Follow Ronald Eddings on Twitter
Follow Chris Cochran on Twitter
Tuesday Sep 01, 2020
Tuesday Sep 01, 2020
This episode of the Hacker Valley Studio podcast features Jon DiMaggio, a Senior Threat Intelligence Analyst at Symantec. Jon is a researcher and longtime bad guy chaser, and Ron and Chris fill this installment of Hacker Valley Blue with Jon’s thoughts on ransomware, threat research, attribution, and more!
Jon introduces himself to listeners who may not yet know much about him, explaining that he started his career as an engineer and that his work for the government in the early 2000s forced him to focus a lot on defending against nation-state attacks. He developed into an expert in the field, and transitioned about 13-14 years ago into his current line of work. He now teaches alongside his work as an analyst, and he moved from a government position to Symantec in 2014. Jon’s specialty is still nation-state, but he has also ventured into enterprise ransomware. He shares about these areas of specialization with Ron and Chris, detailing what a nation-state is and how to combat it within the context of threat intelligence, and addressing the economics of ransomware.
As the conversation continues, Ron and Chris raise a variety of other topics for Jon to address. Jon considers the threat of a future major worm attack, and provides listeners with insight on how to become established in his line of work. There are a lot of available resources that people can use to develop their own skills and increase their visibility. However, becoming a government hacker, and so having an offensive rather than a defensive role, is much more challenging. Moving toward the conclusion of the conversation, Jon offers tips on navigating attribution and bias (such as being sure to have evidence before making public claims!), explains how he mentally organizes and recalls information, and speaks to the nature of strong communication.
1:41 - Listeners are introduced to Jon DiMaggio and the episode before Jon explains his background..
5:04 - The first major topic Jon shares about is that of nation-states, specifically speaking to the work of combating nation-state attackers.
12:57 - The conversation turns to the economics of ransomware.
18:39 - What are Jon’s thoughts on the possibility of another major worm attack?
20:26 - Jon is asked about how people can enter his field or that of hacking.
24:54 - How should listeners approach attribution and bias, and how has Jon navigated bias in his own life?
31:31 - The group considers Jon’s mental organization, his recall of information, and the topic of communication.
Links:
Learn more about Hacker Valley Studio
Support Hacker Valley Studio on Patreon
Follow Hacker Valley Studio on Twitter
Follow Ronald Eddings on Twitter
Follow Chris Cochran on Twitter
Access the recent work and research on Symantec’s threat intelligence feed
Tuesday Sep 01, 2020
Tuesday Sep 01, 2020
In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris welcome Valentina Palacín for the third episode in the Hacker Valley Blue series. Valentina is a threat hunter who used to work as a translator, and she is currently a senior cyber threat intelligence analyst. She joins Ron and Chris to talk about her background in languages, poetry and the impact of words, and much more.
As the conversation gets underway, Valentina explains her background to listeners. She studied translation before starting her career in that field, but transitioned to information technology about two years ago. In her free time, she researches threat hunting in her home country of Argentina. It was challenging for Valentina to change her career path, since she had no background in computer science, but she took multiple steps - working in web development, learning to do programming, taking courses, and more - ultimately becoming a threat intel analyst and speaker. Though the journey was difficult, Valentina feels she was born to work in her current field, and has found her past experience, including knowledge of over 7 languages, to be helpful in her work.
The episode also features Valentina’s insights into threat intelligence. She and her hosts discuss how knowledge of programming can aid a threat intel analyst, Valentina’s philosophy of MITRE, the relationship between intelligence and threat hunting, and how to keep up with changes in the field. They arrive at the conclusion that, while it is helpful to stay up to date on political and cyber news, analysts must realize that they cannot know everything, and people in general must realize that threat intelligence is not a catch-all. The group bridges the gap between personal and professional aspects of life by talking about the importance of hobbies outside of work; most notably, the group addresses poetry and its usefulness for threat intelligence. Finally, the conversation turns to Valentina’s work with BlueSpace Security.
1:38 - Listeners are introduced to Valentina, her background, and her challenging process to enter into the large intel community in Argentina .
5:24 - Did knowledge of language impact Valentina’s threat intelligence work?
7:55 - Valentina shares about her programming experience and details her journey into threat intel.
14:23 - What are Valentina’s thoughts about MITRE and the relation between intelligence and threat hunting?
18:06 - The group considers how to keep up with changes in the field, and acknowledges that threat intelligence will not catch everything.
22:48 - One thing that Valentina is passionate about pursuing is hobbies outside of work.
27:56 - Does poetry help with threat intelligence work?
32:53 - The conversation turns to Valentina’s community, focusing on BlueSpace Security.
Links:
Learn more about Hacker Valley Studio
Support Hacker Valley Studio on Patreon
Follow Hacker Valley Studio on Twitter
Follow Ronald Eddings on Twitter
Follow Chris Cochran on Twitter
Connect with Valentina Palacín on Twitter
Tuesday Sep 01, 2020
Tuesday Sep 01, 2020
Fan-favorite Jack Rhysider of the Darknet Diaries podcast joins Hacker Valley Studio hosts Ron and
Chris for the second episode of Hacker Valley Blue! Jack joins the show again during an ideal season - one focused on threat intelligence - and this episode will focus on Jack’s past in the field of threat intelligence, as well as on a major issue faced daily by analysts in the field: that of managing bias.
As the conversation begins, the group focuses on threat intelligence and Jack’s work in the field. Jack has been pouring himself into his own podcast, leaning into the fact that threat intelligence is a form of knowing what has happened in the past by his sharing of stories. Jack explains what has surprised him recently in his work, how he maintains a sharp sense of focus, and what sort of continuity he sees between the news-sharing of his current role and a more formal practitioner role within the field of threat intelligence.
Jack’s podcast work necessitates practical skill in his field, and demands an ability to share complex concepts through simple expression.
The work also necessitates strong skills of managing bias, and it is to this topic that the group turns. Jack makes a practice of putting aside negative personal feelings about a person and looking for areas of agreement with the individual. This practice, along with his feedback loop and his efforts to listen to actual voices, help Jack to tell both sides of the stories he shares. In discussing the counteraction of bias, Jack touches on concepts of assumptions, bias toward self, empathy, and humanization. And as the conversation winds toward a close, listeners will hear about Jack’s use of audio books, balancing fact and listener interest, appealing to different audiences, and navigating questions of personal privacy.
1:40 - Listeners are introduced to Jack and the episode ahead.
4:13 - How is Jack currently thinking about storytelling?
8:40 - The group dives into some topics related to Jack’s work: his focus and need for practical skill.
12:37 - The conversation turns to the subject of bias.
28:28 - What is Jack doing for research today, and how does he navigate technical questions of storytelling?
36:35 - Finally, Jack and his hosts turn to considerations of personal privacy.
Links:
Learn more about Hacker Valley Studio
Support Hacker Valley Studio on Patreon
Follow Hacker Valley Studio on Twitter
Follow Ronald Eddings on Twitter
Follow Chris Cochran on Twitter
Learn more about Jack Rhysider