Influencing Bug Bounty Hackers with STÖK
STÖK (@stokfredrik) is that hacker guy that your friends told you about. He travels the world, hacks, and vlogs about the #bountylife. He has an incredibly successful Youtube channel as well as a sustainable fashion store at thrivestore.se. He joins me to talk about creating content, pwning webapps, and surfing! Also, you can get 3 months of 1Password Families free by going to hackerculture.fm/1password
September 17, 2019
Building your Basecamp with Zate
Security management is not just about having the best tools and more secure technologies. It also involves taking care of your people. When it comes to building your security team, Zate (@zate) is a great example of a leader who has built an effective cybersecurity team within an organization. He joins me to talk about how to create a steady foundation and turn a team of 8 security engineers into 41.
August 27, 2019
Behind Locked Doors with Jenny Radcliffe
Every day, companies face threats from digital attackers. Bad guys on the internet looking to score. Every day, teams of engineers make sure they’re keeping their company’s digital assets locked down. They work tirelessly to make sure these remote hackers have a hard time finding their way in. But when you focus so much attention on the security of the front entrance, sometimes hackers can get through the side door. That's where Jenny Radcliffe (@Jenny_Radcliffe), the People Hacker comes in. With con-artist charm, Jenny shows companies where hackers can break in physically. Check out her show Human Factor Security here Get 3 months of 1Password Families free at hackerculture.fm/1password
August 14, 2019
Thank You Update
We got on the Top 200 charts! Thank you so much for all of your support. To give a little something back, we're giving away shirts to the first 10 people who leave us a review! For more information, go to hackerculture.fm. Support our creators at hackerculture.fm/store Follow us at @hackerculturefm
August 05, 2019
Not Doing It Alone with Bryson Bort
A common theme we explore on this podcast is cybersecurity entrepreneurship. Talking to startup founders about what they’re making that’s shaping the future of our industry. They share stories of how they’ve built their product and learning about what’s worked and what hasn’t along the way. But there are… a few myths around entrepreneurs. Like.. that they’re… super people who can do it all. Or that they were born to be a CEO. Or that one day a founder wakes up with an amazing idea that will change the world. But if those were the only ways to start a company, this episode wouldn’t be titled “Not Doing it Alone with Bryson Bort!” On this episode, we talk about his companies GRIMM and SCYTHE, his time in the army, and his very important announcement regarding the names of some unicorns. Events SCYTHE is hosting at Hacker Summer Camp: Arcade Party: https://www.eventbrite.com/e/arcade-party-at-def-con-27-tickets-65109807186 Scotch & Bubbles: https://www.eventbrite.com/e/scotch-bubbles-tasting-during-black-hat-tickets-65566813103 Rise & Shine: https://www.eventbrite.com/e/rise-shine-breakfast-during-black-hat-tickets-65106326776 Smart Peoples: https://www.eventbrite.com/e/smart-peoples-las-vegas-during-black-hat-tickets-65534508479 Also, you can get 3 months of 1Password Families free by going to hackerculture.fm/1password
July 29, 2019
Season 2 Updates!
Welcome back! Lots of updates, but there's a little gift at the end that only lasts for the next two weeks! Gotta go to https://hackerculture.fm/store to use it though Also, you can get 3 months of 1Password Families free by going to hackerculture.fm/1password
July 29, 2019
End of Season 1
Thank you so much for listening to Season 1 of Security Sandbox. Stay tuned for updates on Season 2, we have so many more stories to cover!
May 20, 2019
Cybersecurity Public Speaking with CDW's Alyssa Miller
Alyssa Miller (@AlyssaM_Infosec) has had a long career in infosec. From developer to pentester to manager, she has also become a great public speaker. With conference talks coming up in the next few months, she drops some knowledge on how to talk to your audience and why it's important to get up on a stage and share the information you know.
May 20, 2019
Thinking Clearly about Cybersecurity with Kelly Shortridge
Kelly Shortridge (@swagitda_) is the Vice President of Product Strategy at Capsule 8, a security platform that detects and defends your entire Linux production environment. Her background is in economics and behavioral economics, a perspective that has helped her call out the cognitive biases behind security decision making. On this episode, we talk about how to think clearly about security, how to be a therapist for Chief Information Security officers, and how the dragons from Game of Thrones relate to this industry.
April 30, 2019
Plain Language Web Hacking with Pete Yaworski
Pete Yaworski is the author of Web Hacking 101 and Real-World Bug Hacking. He also works on the application security team at Shopify. On this episode, we talk about his books, his journey into bug bounties, and how to stay healthy while hacking!
April 23, 2019
Advocating for Hackers with Bugcrowd's Chloé Messdaghi
According to Bugcrowd’s 2019 Inside the Mind of a Hacker Guide, a mere 4% of the global hacking community are women. But the underlying cause of this gender imbalance is not solely due to whether or not we’re hiring with diversity in mind. There’s also the internal discrimination that can drive people away. Chloé Messdaghi (@chloemessdaghi)is a security researcher advocate at Bugcrowd and a humanitarian advocate in the cybersecurity world. She's been presenting her talk "How to Fix the Diversity Gap in Cybersecurity" at multiple conferences to shine a light on stories of inequalities that hackers face. On this episode, we talk about her conference presentation, her work at Bugcrowd, and her really cute Shiba Inu pup, Sherlock!
April 15, 2019
Guiding Early Stage Cybersecurity with Dell Technologies Capital's Frank Wang
Frank Wang (@ffwang2) is an investor at Dell Technologies Capital. You can find his work at frankwang.org. He is also the co-founder of Cybersecurity Factory (@cybersecfactory). He joins the show to talk about the factory, where those companies are now, and #securityvclogic!
April 08, 2019
Masters of our Technology with Cory Doctorow
Cory Doctorow (@doctorow) is an author, co-editor at Boing Boing, adviser to the EFF, and ginger liqueur connoisseur. He just published his new book Radicalized on March 19th, 2019 and joins me on this episode to talk about it. It's a collection of four amazing science fiction novellas to remind us to become masters of our own technology. On this episode, we talk about his previous startup, his writing, and where to find robots that drink.
April 01, 2019
Building a Community of Hackers with Ted Kramer
Kudos to Ted for making it the longest episode on the show so far! Creating a healthy culture is hard. Nurturing it to grow is even harder. I̶t̶'̶s̶ ̶w̶h̶y̶ ̶t̶h̶e̶ ̶y̶o̶g̶u̶r̶t̶ ̶b̶u̶s̶i̶n̶e̶s̶s̶ ̶i̶s̶ ̶7̶ ̶b̶i̶l̶l̶i̶o̶n̶ ̶d̶o̶l̶l̶a̶r̶s̶ Bug bounty platforms are websites that link up with companies you can hack. If you find a vulnerability and report it to the company, you get paid through the platform. And when you're one of the best hackers on the platform, you get invited to a live hacking event where everyone has to consolidate into one spot. Which is supposed to be 40-50 security experts in a room attacking the same target. But it's way more than that, it's an event where they can just hangout and share information. Just groups of people staying up until 4 in the morning eating pizza and sharing stories. But what drives this success? What creates this environment of sharing and friendship? I asked Ted Kramer to drop some knowledge. He's HackerOne's ex-Chief of Staff and Bugcrowd's ex-Advsior. In both positions, he has created successful events where the biggest downside is that they didn't last forever. On this episode, we talk about his time at both companies, how to build a successful community, and what he’s working on now after leaving the security community.
March 25, 2019
Debugging Diversity in Australia's Infosec Community with 0xCC's Alannah Guo
Let’s be honest, the cybersecurity community is still predominantly male. As of March 13, 2019, Cybersecurity Ventures states that women will represent 20 percent of the workforce globally in 2019, still an under represented group. The 2018 McAfee Cybersecurity Talent Study stated that Australia’s cybersecurity workforce is 25 percent female. But how can we get this number closer to 50? What gender biases and double standards lie in the way of that goal? Someone tackling this issue is Alannah Guo (@alannahguo), the founder of 0xCC, Australia’s first women-only cybersecurity training conference. On this episode, we talk about her experience creating 0xCC, the importance of women-only conferences, her adventure of meeting the happiest animal on the planet.
March 19, 2019
Securing Your Blockchain with LedgerOps' Ajay Chandhok and Preston Thornburg
Over the past few years, "blockchain" has been a serious buzzword. Bitcoin and other cryptocurrencies have made people overnight millionaires. But new technologies come with new security issues. LedgerOps is a penetration testing firm specializing in blockchain security, cofounded by Ajay Chandhok and Preston Thornburg. They join the show to talk about blockchain security, how to run a good penetration testing firm, and whether or not blockchain will even last. Tweet at us @HackerCultureFM and let us know how many times we said the word "blockchain".
March 11, 2019
Reducing Alert Fatigue with GreyNoise's Andrew Morris
The background noise of the Internet is a loud hum and rumble. Everyday, automated scanners bombard servers with traffic. Sometimes they're benign, other times malicious; when you're an analyst, it takes time to tell the difference. For the past year, Andrew Morris (@Andrew___Morris) has been helping companies filter pointless alerts and reduce false positives. He's built GreyNoise Intelligence, a platform that helps companies and analysts understand what NOT to worry about. Through collecting and analyzing widespread internet scans and attack activity, GreyNoise gives SIEMs the ability to tune out the background noise of the Internet.
March 04, 2019
Securing the Inbox with Sublime Security's Josh Kamdjou and Ian Thiel
Approximately 70 percent of breaches associated with state-affiliated actors involve phishing. It's continues to play a major role in our lives whether it's our family members or our politicians. At some point, everyone gets an email that they shouldn't click. But not everyone knows they shouldn't. Sublime Security is cofounded by Josh Kamdjou and Ian Thiel, who have dedicated their time to helping us defend our email inboxes with the power of machine learning. And even better, it's free for consumers! You can try it out at sublimesecurity.com.
February 26, 2019
Secret Surveillance and Public Privacy with Cyrus Farivar
Whether you’re reading about court rulings on fingerprint authentication or about the newest privacy scandal on Ars Technica, chances are, it was written by Cyrus Farivar (@cfarivar), their Senior Tech Policy Reporter. As of tomorrow February 19th, he’ll be joining NBC’s Tech News Investigation team! On this episode, we revisit some of his favorite stories he’s written and talk about his second book, Habeas Data. It’s a culmination of his efforts and dedication to bringing public awareness to data privacy issues and internet surveillance.
February 18, 2019
Coming Soon: Hacker Culture FM
The very first episode launches on Monday, February 18th, 2019! Afterwards, new episodes every Monday to start your week off right. Hacker Culture FM is a brand new show about the people and movements driving cybersecurity culture forward. Follow us on wherever you socialize @HackerCultureFM. Sign up for updates and episode sneak peaks at https://hackerculture.fm
February 15, 2019