Every day, companies face threats from digital attackers. Bad guys on the internet looking to score. Every day, teams of engineers make sure they’re keeping their company’s digital assets locked down. They work tirelessly to make sure these remote hackers have a hard time finding their way in. But when you focus so much attention on the security of the front entrance, sometimes hackers can get through the side door. That's where Jenny Radcliffe (@Jenny_Radcliffe), the People Hacker comes in. With con-artist charm, Jenny shows companies where hackers can break in physically.
Check out her show Human Factor Security here
Get 3 months of 1Password Families free at hackerculture.fm/1password
We got on the Top 200 charts! Thank you so much for all of your support. To give a little something back, we're giving away shirts to the first 10 people who leave us a review!
For more information, go to hackerculture.fm.
Support our creators at hackerculture.fm/store
Follow us at @hackerculturefm
A common theme we explore on this podcast is cybersecurity entrepreneurship. Talking to startup founders about what they’re making that’s shaping the future of our industry. They share stories of how they’ve built their product and learning about what’s worked and what hasn’t along the way. But there are… a few myths around entrepreneurs.
Like.. that they’re… super people who can do it all. Or that they were born to be a CEO. Or that one day a founder wakes up with an amazing idea that will change the world. But if those were the only ways to start a company, this episode wouldn’t be titled “Not Doing it Alone with Bryson Bort!”
On this episode, we talk about his companies GRIMM and SCYTHE, his time in the army, and his very important announcement regarding the names of some unicorns.
Events SCYTHE is hosting at Hacker Summer Camp:
Arcade Party: https://www.eventbrite.com/e/arcade-party-at-def-con-27-tickets-65109807186
Scotch & Bubbles: https://www.eventbrite.com/e/scotch-bubbles-tasting-during-black-hat-tickets-65566813103
Rise & Shine: https://www.eventbrite.com/e/rise-shine-breakfast-during-black-hat-tickets-65106326776
Smart Peoples: https://www.eventbrite.com/e/smart-peoples-las-vegas-during-black-hat-tickets-65534508479
Also, you can get 3 months of 1Password Families free by going to hackerculture.fm/1password
Welcome back! Lots of updates, but there's a little gift at the end that only lasts for the next two weeks! Gotta go to https://hackerculture.fm/store to use it though
Also, you can get 3 months of 1Password Families free by going to hackerculture.fm/1password
Alyssa Miller (@AlyssaM_Infosec) has had a long career in infosec. From developer to pentester to manager, she has also become a great public speaker. With conference talks coming up in the next few months, she drops some knowledge on how to talk to your audience and why it's important to get up on a stage and share the information you know.
Kelly Shortridge (@swagitda_) is the Vice President of Product Strategy at Capsule 8, a security platform that detects and defends your entire Linux production environment. Her background is in economics and behavioral economics, a perspective that has helped her call out the cognitive biases behind security decision making.
On this episode, we talk about how to think clearly about security, how to be a therapist for Chief Information Security officers, and how the dragons from Game of Thrones relate to this industry.
Pete Yaworski is the author of Web Hacking 101 and Real-World Bug Hacking. He also works on the application security team at Shopify. On this episode, we talk about his books, his journey into bug bounties, and how to stay healthy while hacking!
According to Bugcrowd’s 2019 Inside the Mind of a Hacker Guide, a mere 4% of the global hacking community are women. But the underlying cause of this gender imbalance is not solely due to whether or not we’re hiring with diversity in mind. There’s also the internal discrimination that can drive people away.
Chloé Messdaghi (@chloemessdaghi)is a security researcher advocate at Bugcrowd and a humanitarian advocate in the cybersecurity world. She's been presenting her talk "How to Fix the Diversity Gap in Cybersecurity" at multiple conferences to shine a light on stories of inequalities that hackers face.
On this episode, we talk about her conference presentation, her work at Bugcrowd, and her really cute Shiba Inu pup, Sherlock!
Frank Wang (@ffwang2) is an investor at Dell Technologies Capital. You can find his work at frankwang.org. He is also the co-founder of Cybersecurity Factory (@cybersecfactory). He joins the show to talk about the factory, where those companies are now, and #securityvclogic!
Cory Doctorow (@doctorow) is an author, co-editor at Boing Boing, adviser to the EFF, and ginger liqueur connoisseur. He just published his new book Radicalized on March 19th, 2019 and joins me on this episode to talk about it. It's a collection of four amazing science fiction novellas to remind us to become masters of our own technology. On this episode, we talk about his previous startup, his writing, and where to find robots that drink.
Kudos to Ted for making it the longest episode on the show so far!
Creating a healthy culture is hard. Nurturing it to grow is even harder. I̶t̶'̶s̶ ̶w̶h̶y̶ ̶t̶h̶e̶ ̶y̶o̶g̶u̶r̶t̶ ̶b̶u̶s̶i̶n̶e̶s̶s̶ ̶i̶s̶ ̶7̶ ̶b̶i̶l̶l̶i̶o̶n̶ ̶d̶o̶l̶l̶a̶r̶s̶
Bug bounty platforms are websites that link up with companies you can hack. If you find a vulnerability and report it to the company, you get paid through the platform. And when you're one of the best hackers on the platform, you get invited to a live hacking event where everyone has to consolidate into one spot.
Which is supposed to be 40-50 security experts in a room attacking the same target. But it's way more than that, it's an event where they can just hangout and share information. Just groups of people staying up until 4 in the morning eating pizza and sharing stories.
But what drives this success? What creates this environment of sharing and friendship? I asked Ted Kramer to drop some knowledge. He's HackerOne's ex-Chief of Staff and Bugcrowd's ex-Advsior. In both positions, he has created successful events where the biggest downside is that they didn't last forever.
On this episode, we talk about his time at both companies, how to build a successful community, and what he’s working on now after leaving the security community.
Let’s be honest, the cybersecurity community is still predominantly male. As of March 13, 2019, Cybersecurity Ventures states that women will represent 20 percent of the workforce globally in 2019, still an under represented group. The 2018 McAfee Cybersecurity Talent Study stated that Australia’s cybersecurity workforce is 25 percent female. But how can we get this number closer to 50? What gender biases and double standards lie in the way of that goal? Someone tackling this issue is Alannah Guo (@alannahguo), the founder of 0xCC, Australia’s first women-only cybersecurity training conference.
On this episode, we talk about her experience creating 0xCC, the importance of women-only conferences, her adventure of meeting the happiest animal on the planet.
Over the past few years, "blockchain" has been a serious buzzword. Bitcoin and other cryptocurrencies have made people overnight millionaires. But new technologies come with new security issues. LedgerOps is a penetration testing firm specializing in blockchain security, cofounded by Ajay Chandhok and Preston Thornburg. They join the show to talk about blockchain security, how to run a good penetration testing firm, and whether or not blockchain will even last.
Tweet at us @HackerCultureFM and let us know how many times we said the word "blockchain".
The background noise of the Internet is a loud hum and rumble. Everyday, automated scanners bombard servers with traffic. Sometimes they're benign, other times malicious; when you're an analyst, it takes time to tell the difference. For the past year, Andrew Morris (@Andrew___Morris) has been helping companies filter pointless alerts and reduce false positives. He's built GreyNoise Intelligence, a platform that helps companies and analysts understand what NOT to worry about. Through collecting and analyzing widespread internet scans and attack activity, GreyNoise gives SIEMs the ability to tune out the background noise of the Internet.
Approximately 70 percent of breaches associated with state-affiliated actors involve phishing. It's continues to play a major role in our lives whether it's our family members or our politicians. At some point, everyone gets an email that they shouldn't click. But not everyone knows they shouldn't.
Sublime Security is cofounded by Josh Kamdjou and Ian Thiel, who have dedicated their time to helping us defend our email inboxes with the power of machine learning. And even better, it's free for consumers! You can try it out at sublimesecurity.com.
Whether you’re reading about court rulings on fingerprint authentication or about the newest privacy scandal on Ars Technica, chances are, it was written by Cyrus Farivar (@cfarivar), their Senior Tech Policy Reporter. As of tomorrow February 19th, he’ll be joining NBC’s Tech News Investigation team!
On this episode, we revisit some of his favorite stories he’s written and talk about his second book, Habeas Data. It’s a culmination of his efforts and dedication to bringing public awareness to data privacy issues and internet surveillance.
The very first episode launches on Monday, February 18th, 2019! Afterwards, new episodes every Monday to start your week off right.
Hacker Culture FM is a brand new show about the people and movements driving cybersecurity culture forward.
Follow us on wherever you socialize @HackerCultureFM.
Sign up for updates and episode sneak peaks at https://hackerculture.fm