Ephemeral Security

Chat with Lisa Falzone and Michael Green of Athena Security Athena Security focuses on Entryway Security - https://www.athena-security.com/ Guests Michael Green, CEO and Co-Founder Lisa Falzone, President and Co-Founder Show Notes https://ephemeralsecuritypodcast.com/athena-security/ Podcast edited and mastered by Charlie Clark, https://www.fiverr.com/chuckaudio Intro music by Margo Stonebraker 

Chat with @Ethan_Heilman, CTO of @getBastionZero on how they are adding additional security when accessing remote infrastructure. BastionZero adds an additional separate Multi Factor Authentication into the authentication process and has a unique multi-root security model.  Ethan can be found at:  LinkedIn: https://www.linkedin.com/in/ethan-heilman-39896934/ Twitter: https://twitter.com/Ethan_Heilman  //Show Notes// BastionZero's website - https://www.bastionzero.com/  Video on how multiple MFA works with Bastion Zero - https://brakertech.com/aws-systems-manager-session-manager-on-steroids/ Podcast edited and mastered by Charlie Clark, https://www.fiverr.com/chuckaudio Intro music by Margo Stonebraker  //Chapter Timestamps//  00:00:41 Meet Ethan Heilman  00:01:10 When did you first use a computer?  00:01:29 How did you get into Information Security  00:02:42 Crypto Company to Bastion Zero  00:05:08 Multiparty Computation  00:06:07 Certificate Authorities  00:08:13 AWS PrivateLink/VPC Endpoints  00:10:38 How does Bastion Zero Work?  00:14:55 Shared Responsibility  00:16:50 Dynamic Targets  00:19:46 What does the term "Zero Trust" mean to you?  00:21:01 Proxying HTTP  00:23:17 SELinux  00:23:45 Privileged Access Management  00:27:35 AWS Root Account  00:33:26 Separate Admin Accounts  00:36:12 API Keys  00:40:58 Response for product in the wild?  00:45:11 Stopping Ransomware  00:52:26 Phishing 01:01:21 Modifying Linux Pluggable Authentication Module 01:06:18 Goodbye

Chat with @DevinCasadey, Managing Principal / Global Red Team Lead. Devin's Certifications: OSCE3 (OSWE, OSEP, OSED), OSCP, OSCE, OSEE, OSWP, eCTHP, GCPN Devin can be found at Hack the Box:https://www.hackthebox.eu/profile/28293 HTB & CTF Team:https://www.hackthebox.eu/teams/profile/1685 Github: https://keramas.github.io/about.html LinkedIn: https://www.linkedin.com/in/devin-casadey-198117b/ Twitter: https://twitter.com/DevinCasadey Show Notes Don't Roll Your Own: Devin's Writeup for how he decoded the database (referenced in the episode) - https://keramas.github.io/2022/05/03/dont-roll-your-own.html EvilGinx: Man in the Middle Two Factor Auth - https://github.com/kgretzky/evilginx2 Chapter Timestamps 01:09 -- Why are you passionate about Infosec? 02:17 -- First use a computer? 05:31 -- What are you doing now? 06:16 -- Best way to hone skills? 07:54 -- Difference between Redteaming and Pentesting 09:12 -- Are Pentesters ever asked to emulate APTs? 11:51 -- Do you test different EDR Vendors? 16:18 -- Test Scenario 17:42 -- Do you have to write custom exploits for engagements? 23:31 -- Do you tell vendors you can bypass their EDR product? 26:02 -- Trying to get caught by Security Team 27:21 -- What can customers do to get the most out of a pentesitng engagement? 32:09 -- Pentest Client Behavior 35:56 -- Linux Boxes 37:11 -- Windows Security 40:30 -- Found Machine Already Compromised? 41:44 -- Pentest Planning 43:46 -- Memorable Engagements 47:07 -- Zero Trust 53:44 -- Initial Point of Entry 58:55 -- Okta Breach 01:01:27 -- Triple MFA 01:02:53 -- Avoid Burnout? 01:05:00 -- Joining a Redteam 01:09:44 -- Any Passion Projects? 01:10:21 -- Goodbye // LINKS // Podcast Website: https://ephemeralsecuritypodcast.com Blog: https://brakertech.com Github: https://github.com/ssstonebraker // SOCIAL // LinkedIn: https://www.linkedin.com/in/stevestonebraker Twitter: https://twitter.com/brakertech

Chat with Mike Wyatt, Chief Security Officer at CYDERES Mike can be found at: https://twitter.com/cleverexploit https://www.linkedin.com/in/cleverexploit/ Note: This episode has chapters embedded in the file!

The Cyclops Blink botnet is explained (how it worked) and a question is posed to the guests if this should be considered an act of Cyber War Guests: Matt Wright and Brad Lindsley Episode Extras: https://ephemeralsecuritypodcast.com/cyclops-blink/ (includes diagram of botnet, link to the court order to disrupt the botnet, and more)

Guest: Iman Joshua - Head of Information Security at Vimeo Host: Steve Stonebraker stevestonebraker.com Special Thanks Audio Editing and Sound - Adam Joesph - https://www.adamjosephsounds.com/ Theme music - Margo Stonebraker - codewithmargo.com

Interview with CyberSN founder Deidre Diamond, who is redefining passive recruiting for cybersecurity professionals and throwing the resume out the window. Guest: Deidre Diamond, Founder and CEO CyberSN.com Host: Steve Stonebraker brakertech.com Special Thanks: Theme music - Margo Stonebraker - codewithmargo.com

What would you do differently if you could start your Information Security career over again? Special Thanks: Audio Editing and Sound - Adam Joesph - daseinazam.wixsite.com/website Theme music - Margo Stonebraker - codewithmargo.com Host: Steve Stonebraker Information Security Manager, Architecture & Engineering OSCP (Offensive Security Certified Professional) AWS Certified Security - Specialty AWS Certified Solutions Architect - Associate AWS Certified SysOps  Administrator - Associate AWS Certified Cloud Practitioner https://brakertech.com https://ephemeralsecuritypodcast.com https://aolunderground.com Guests: Joe South Senior Cloud Security Engineer CISSP AWS Certified Security - Specialty AWS Certified Cloud Practicioner Host of the "Security Unfiltered" Podcast https://securityunfiltered.buzzsprout.com/ Jason Thorn Information Security Manager GIAC Advisory Board GIAC Penetration Tester GIAC Certified Incident Handler GIAC Certified Forensic Analyst Shane Armbrister IT Security Analyst - Team lead Splunk Certified Admin GIAC Security Essentials Certification Sound used in the episode: Alice In the City by Jeris (c) copyright 2013 Licensed under a Creative Commons Attribution (3.0) license. http://dig.ccmixter.org/files/VJ_Memes/43424 Ft: Orrisroot To See The Past by Hayden Folker | https://soundcloud.com/hayden-folker Music promoted by https://www.free-stock-music.com Creative Commons Attribution 3.0 Unported License https://creativecommons.org/licenses/by/3.0/deed.en_US