Skip to main content
Ephemeral Security

Ephemeral Security

By Steve Stonebraker
Interviews and fun with professionals, hackers, and everything in between
Where to listen
Amazon Music Logo

Amazon Music

Apple Podcasts Logo

Apple Podcasts

Castbox Logo


Google Podcasts Logo

Google Podcasts

Spotify Logo


Currently playing episode

Presenting: AOL Underground "Origin story of a Digital Forensic Incident Responder (DFIR)"

Ephemeral Security

Presenting: AOL Underground "Origin story of a Digital Forensic Incident Responder (DFIR)"
Surf Kahuna (Ryan Chapman) shares his origin story about a series of events that occurred on AOL that rocked his world and led him down the path of digital forensics.  Then Steve and Ryan talk espionage, multiple Advanced Persistent Threats, retro gaming, password spraying, ransomware, and what has helped Ryan be successful in Infosec. Guest: Surf Kahuna/Mac Diablo (Ryan Chapman) Host: Steve Stonebraker CoverArt: Created by Broast (, original idea by LampGold. -- Ryan Chapman Follow Ryan on Twitter - @rj_chap Ryan's Blog - Author of SANS FOR528 "Ransomware for Incident Responders" - Instructor of SANS FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques  - Part of the @CactusCon crew - -- AOL Underground Podcast Follow us on twitter - @AOLUnderground @brakertech Merch - Donate - Contact the Host - Reconnect with old AOLers -
July 28, 2022
Sandeep Lahane - Deepfence
Chat with Sandeep Lahane, CEO of Deepfence, on how ThreatStryker is changing the game for Cloud Workload Protection.  We go deep in to the product's unique full SSL decryption and packet capture capability, identification of an organizations most vulnerable endpoints, and automated workflows to remediate compromised systems. Episode Show Notes: Sandeep Lahane - Deepfence - Review of Deepfence's sandbox environment - Links: Podcast Website: Blog: Github: Social: LinkedIn: Twitter: Credits: Intro music by Margo Stonebraker
June 15, 2022
Ryan Fried - Senior Security Engineer & Adjunct Professor
Chat with Ryan Fried about being and adjunct professor in the Cyber Security space, being a virtual CISO and talking to executives, purple teaming, true positive security incidents, validating your controls and what you think you know, and Atomic Red Team.  Episode Show Notes: Ryan Fried - Atomic Red Team - Bloodhound - Checkov - Links: Podcast Website: Blog: Github: Social: LinkedIn: Twitter: Credits: Podcast edited and mastered by Charlie Clark, Intro music by Margo Stonebraker
June 08, 2022
Lisa Falzone and Michael Green - Athena Security
Chat with Lisa Falzone and Michael Green of Athena Security Athena Security focuses on Entryway Security - Guests Michael Green, CEO and Co-Founder Lisa Falzone, President and Co-Founder Show Notes Podcast edited and mastered by Charlie Clark, Intro music by Margo Stonebraker 
May 16, 2022
Ethan Heilman – BastionZero
Chat with @Ethan_Heilman, CTO of @getBastionZero on how they are adding additional security when accessing remote infrastructure. BastionZero adds an additional separate Multi Factor Authentication into the authentication process and has a unique multi-root security model.  Ethan can be found at:  LinkedIn: Twitter:  //Show Notes// BastionZero's website -  Video on how multiple MFA works with Bastion Zero - Podcast edited and mastered by Charlie Clark, Intro music by Margo Stonebraker  //Chapter Timestamps//  00:00:41 Meet Ethan Heilman  00:01:10 When did you first use a computer?  00:01:29 How did you get into Information Security  00:02:42 Crypto Company to Bastion Zero  00:05:08 Multiparty Computation  00:06:07 Certificate Authorities  00:08:13 AWS PrivateLink/VPC Endpoints  00:10:38 How does Bastion Zero Work?  00:14:55 Shared Responsibility  00:16:50 Dynamic Targets  00:19:46 What does the term "Zero Trust" mean to you?  00:21:01 Proxying HTTP  00:23:17 SELinux  00:23:45 Privileged Access Management  00:27:35 AWS Root Account  00:33:26 Separate Admin Accounts  00:36:12 API Keys  00:40:58 Response for product in the wild?  00:45:11 Stopping Ransomware  00:52:26 Phishing 01:01:21 Modifying Linux Pluggable Authentication Module 01:06:18 Goodbye
May 08, 2022
Devin Casadey – Global Red Team Lead
Chat with @DevinCasadey, Managing Principal / Global Red Team Lead. Devin's Certifications: OSCE3 (OSWE, OSEP, OSED), OSCP, OSCE, OSEE, OSWP, eCTHP, GCPN  Devin can be found at: Hack the Box: HTB & CTF Team: Github: LinkedIn: Twitter:  Show Notes  Don't Roll Your Own: Devin's Writeup for how he decoded the database (referenced in the episode) - EvilGinx: Man in the Middle Two Factor Auth -  Chapter Timestamps 01:09 -- Why are you passionate about Infosec? 02:17 -- First use a computer? 05:31 -- What are you doing now? 06:16 -- Best way to hone skills? 07:54 -- Difference between Redteaming and Pentesting 09:12 -- Are Pentesters ever asked to emulate APTs? 11:51 -- Do you test different EDR Vendors? 16:18 -- Test Scenario 17:42 -- Do you have to write custom exploits for engagements? 23:31 -- Do you tell vendors you can bypass their EDR product? 26:02 -- Trying to get caught by Security Team 27:21 -- What can customers do to get the most out of a pentesitng engagement? 32:09 -- Pentest Client Behavior 35:56 -- Linux Boxes 37:11 -- Windows Security 40:30 -- Found Machine Already Compromised? 41:44 -- Pentest Planning 43:46 -- Memorable Engagements 47:07 -- Zero Trust 53:44 -- Initial Point of Entry 58:55 -- Okta Breach 01:01:27 -- Triple MFA 01:02:53 -- Avoid Burnout? 01:05:00 -- Joining a Redteam 01:09:44 -- Any Passion Projects? 01:10:21 -- Goodbye Links: Podcast Website: Blog: Github: Social: LinkedIn: Twitter:
May 05, 2022
Mike Wyatt: CYDERES
Chat with Mike Wyatt, Chief Security Officer at CYDERES Mike can be found at: Note: This episode has chapters embedded in the file!
April 22, 2022
Cyclops Blink
The Cyclops Blink botnet is explained (how it worked) and a question is posed to the guests if this should be considered an act of Cyber War Guests: Matt Wright and Brad Lindsley Episode Extras: (includes diagram of botnet, link to the court order to disrupt the botnet, and more)
April 12, 2022
Iman Joshua: Vimeo
Guest: Iman Joshua - Head of Information Security at Vimeo Host: Steve Stonebraker Special Thanks Audio Editing and Sound - Adam Joesph - Theme music - Margo Stonebraker -
December 09, 2021
Deidre Diamond: CyberSN
Interview with CyberSN founder Deidre Diamond, who is redefining passive recruiting for cybersecurity professionals and throwing the resume out the window. Guest: Deidre Diamond, Founder and CEO Host: Steve Stonebraker Special Thanks: Theme music - Margo Stonebraker -
August 16, 2021
Information Security Career Do-over: Joe South, Jason Thorn, Shane Armbrister
What would you do differently if you could start your Information Security career over again? Special Thanks: Audio Editing and Sound - Adam Joesph - Theme music - Margo Stonebraker - Host: Steve Stonebraker Information Security Manager, Architecture & Engineering OSCP (Offensive Security Certified Professional) AWS Certified Security - Specialty AWS Certified Solutions Architect - Associate AWS Certified SysOps  Administrator - Associate AWS Certified Cloud Practitioner Guests: Joe South Senior Cloud Security Engineer CISSP AWS Certified Security - Specialty AWS Certified Cloud Practicioner Host of the "Security Unfiltered" Podcast Jason Thorn Information Security Manager GIAC Advisory Board GIAC Penetration Tester GIAC Certified Incident Handler GIAC Certified Forensic Analyst Shane Armbrister IT Security Analyst - Team lead Splunk Certified Admin GIAC Security Essentials Certification Sound used in the episode: Alice In the City by Jeris (c) copyright 2013 Licensed under a Creative Commons Attribution (3.0) license. Ft: Orrisroot To See The Past by Hayden Folker | Music promoted by Creative Commons Attribution 3.0 Unported License
August 04, 2021