Episodes
All four of the Empirical Trainers sit down to discuss the latest threats they've been facing in their SOCs. Securing S3 buckets has been an issue since they existed, and new developments have seen an increase in success for S3 bucket sniping and namesquatting, stealing data or uploading malicious files. A new zombie botnet is on the lose, thousands of TPlink devices being compromised by a new remote code execution attack.Support the show
Published 11/06/24
There's a lot to be scared about in cyber security, ransomware actors, payment of ransoms, 23 and me genome mapping company breach, and critical incidents coming in at 5:25pm.Josh and Robbie, former SOC analyst together and present day builder of SOCs, and strategist of security products, to try and scare each other with real stories about cyber security in the news, and from the frontlines.Support the show
Published 10/30/24
Price's Law, also known as Price's Square Root Law, is a rule of thumb that states that the square root of the total number of people in a group will achieve 50% of the results - but how does this play out in cyber security? Join the Empirical Trainers as they discuss the reality of life as a good SOC analyst and how to make yourself stand out without burning out.Support the show
Published 10/23/24
Josh and Robbie are joined by James Gallen, Tech and Cyber Security recruiter for this part two of a recruiter ask me anything. Our community ask James for tips and tricks to success in getting security roles, while he shares some wins from people he has helped place and lifts a lid on the reality of what hiring managers are looking for in a candidate.Support the show
Published 10/09/24
Josh has been deep in the emerging Linux CUPS threat, with four mysterious CVEs touted to drop in October, all of a sudden the researcher made proof of concept exploits public, forcing developers hands to release advisories on the fixes and security teams to create detection and prevention content before the threat actors exploit it. Is it that big a deal though? Then Robbie takes us through another interview masterclass from his SOC leader days.Support the show
Published 10/02/24
Kaspersky customers woke up this week to find that their anti-virus had been uninstalled and replaced with UltraAV. This caused panic that threat actors has uninstalled endpoint protection controls as part of an attack, and although this wasn't the case, it has raised a lot of questions around how security companies should operate.Join Josh, Vaughan, AJ and Robbie to discuss the implications of the switcheroo and also take questions from the audience to support those on their cyber security j...
Published 09/25/24
Robbie has been working on creating insider threat detections for suspicious employees that may be taking competitive sensitive data from their employer just before some mass lay offs. The boys discuss the challenges of insider threat detection, using the example of the North Koreans who impersonated employees to get hired and steal trade secrets from western organisations. Finally, we discuss what you should do if you find an unlocked screen in your work place to teach that person a lesson t...
Published 09/11/24
Kyree GRC Joins us again! Lifting the lid further on governance risk and compliance, as Robbie and Josh get to know Kyree better, how he thinks and what fruit he would be...Kyree shares the realities of what it takes to succeed in a GRC role, while the SOC analysts surprise themselves as they start to warm up to the risk analysts role - at least when it's done well by someone like Kyree.Support the show
Published 09/04/24
Josh and Robbie are joined with a special guest, Kyree GRC, who tells us how some key mentors, numerous internships and personal tenacity helped him find his pathway into governance risk compliance.Today Kyree is a risk analyst, who passes the favour on by mentoring people for GRC roles in his spare time. Listen in and find out the realities of working in GRC and how GRC can either clash, or better yet, compliment security operations.Support the show
Published 08/28/24
We all face procrastination in some form, but in the high paced and high stakes world of cyber security, dealing with procrastination can be even more challenging. AJ, Rob and Vaughan share their experience of getting into cyber security and how they face, and deal with procrastination throughout their careers to the present day.Support the show
Published 08/21/24
Josh is joined by all four of the Empirical Trainers, combining their decades of experience in the field to discuss how the CrowdStrike outage has changed security buyers and customers, a fun update on AJ's wedding celebrations where AJ and Vaughan met for the first time IRL, before ending with some ransomware questions from our Skool community.Support the show
Published 08/14/24
Josh takes Robbie back to school, and a 2000 year old computer to explain the compute evolution from analogue to digital and the impending quantum revolution. We'll discuss the security implication of quantum computers, the 'steal now, crack later' issue, how NIST are progressing with post-quantum cryptography and a brief discussion on privacy vs convenience as the NFL look to roll out facial recognition technology.Support the show
Published 08/07/24
Josh has gone MIA, so AJ hosts Robbie and Vaughan to explore their experiences with imposter syndrome during their careers in cyber security. Support the Show.
Published 07/31/24
Josh, Robbie and AJ sit down with the community to discuss how the Crowdstrike BSOD update has affected their security teams and organisations, identifying lessons can learn and exploring the knock on effects while also discovering that this wasn't the first time Crowdstrike broke an OS with an update! They then turn to the Olympics and the heightened cyber security threat posed by geo-political events and financially motivated threat actors.Join us and enjoy this relaxed security podcast.Sup...
Published 07/24/24
Rob and Josh jump on for an emergency episode while the world tries to deal with, what has been dubbed; "The biggest IT outage of our time". Join us for an update on all the latest public information, as well as some security and developer perspectives to work out exactly what caused this outage? what lessons can we learn? and what might be yet to come as the story unfolds.Support the Show.
Published 07/19/24
This bonus episode is a little different, with less focus on security and more focus on getting to know the Empirical Team, Josh, AJ, Robbie and Vaughan. We share stories on how we kept each other sane during our tough first SOC roles, re-visit AJ's origin story as a bus driver, and Rob shares a secret talent.Usually programming will resume next week!Support the Show.
Published 07/17/24
Josh, Robbie, AJ and Vaughan are back to talk all things cyber security, again with the Empirical community as part of this live podcast. Join us to talk about the emerging CloudSorceror advanced persistent threat (APT), as well as diving into the principles behind tracking threat actors, open source intelligence and how this information can make you a better cyber security professional. Support the Show.
Published 07/10/24
Josh is out sick, so AJ and Vaughan take the reigns and discuss incident response tooling, answering questions about TheHive Project, an open source incident response tool and how real world organisation use tools like that. They quickly move onto automation, and how now is the perfect time to start your career in Cyber Security, before they automate some of the entry level tasks completely!... Don't worry, we're not there yet.Support the Show.
Published 07/03/24
The four Empirical Trainers and joined by the biggest and best Empirical member, the Community! For another live podcast discussion and Q+A.This week we dive into the topics that have gotten our community talking most. First we explore the potential security implications of the OpenAI and Apple partnership, how the free-market succeeds and fails to regulate security and whether the uproar has been justified. We then look into the related topic of shadow engineering, the new shadow IT, which c...
Published 06/26/24
Josh is joined by Robbie, Vaughan and AJ from Empirical Training with extra special guest, the Skool community! In this episode, we recorded live with our community to take their security questions, using our combined experience to give insights into what it is like working as a security analyst, big wins from our careers, our favourite analysis tools, which capture the flag do we like best for offensive security training? Find the answer to all these questions, and more, by listening in. Sup...
Published 06/19/24
All 4 former cyber security colleagues and now friends join for a community podcast, where we pick out the key news stories, discussions and knowledge that has been shared in our Skool community. We field live questions on SOC processes, dive into the morality of the threat actor and share experiences on incident response exercises we conducted with IT teams to make sure they were prepared for a real life incident, when they get breached. Support the Show.
Published 06/12/24
In our second ever live edition of the podcast, We have all four members of Empirical Training, Robbie - Security Consultant and former SOC leader, AJ - Incident Response Specialist, Vaughan - SOC Leader and Automation Specialist and your usual host, Josh - Security Product Strategist.We bring the key discussions from within our Skool community to the podcast, discussing the latest flurries of breaches and connecting linked ones to an attack on AWS Snowflake instances, while sharing insights ...
Published 06/05/24
Josh is alone and on the road supporting security teams in south east Asia with incident response exercises. In our first solo episode, Josh dives into the Play ransomware group who recently overtook LockBit as the most prevent ransomware family reported in breaches. Find out more about their tactics, why they are called Play, and suspected links to other ransomware families. Support the Show.
Published 05/29/24
The Verizon Data Breaches and Incidents Report (DBIR) is our hosts favourite cyber security report. The 2024 edition compiles insights from over 10,000 real world breaches with insights that help security novices to experts. Josh talks Robbie, SOC consultant and leader, through the key findings to see how his lived experience matches up with the key findings in the data. Support the Show.
Published 05/22/24