Purple Squad Security
If you know the enemy and know yourself, you need not fear the result of a hundred battles.
October 20, 2019

Episode 62 - Backdoors & Breaches with John Strand

John Strand (@strandjs) stops by to chat about physical security assessments, Backdoors & Breaches, and the InfoSec community!

Oh what I treat I have for you today! John Strand, former SANS instructor, long time co-host on Enterprise Security Weekly, Founder of Black Hills Information Security, and a whole lot more has taken time out of his busy schedule to stop by and talk about Backdoors & Breaches, the new IR card game from BHIS. Naturally we talk about more than just the game, but it was all as amazing as I had hoped. I trust you will enjoy listening to this one about as much as I enjoyed recording it.

Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to their Tip Jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
October 6, 2019

Episode 62 - #ginfosec with InfoSecSherpa - Empathy as a Service

Tracy "InfoSecSherpa" comes back for another #ginfosec episode to talk about Empathy as a Service

It's been long enough, and it's time for Tracy "InfoSecSherpa" to return for another #ginfosec episode! This time around we're going to talk about Empathy as a Service, a talk that she recently did at DerbyCon. Soft skills will get you everywhere, and Tracy has some great advice to share about a topic she's very passionate about.

Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to their Tip Jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
September 22, 2019

Episode 61 – Anniversaries and Updates

John talks about the 2 year anniversary of the show as well as other behind-the-scenes details.

Ah, I love anniversaries. This is an anniversary episode celebrating 2 years of Purple Squad Security! Just a few personal rants and discussions for those interested in a bit of a behind the scenes view of things here at the show. No guests, just me blathering on about stuff. Enjoy!

Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to their Tip Jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
September 1, 2019

Episode 60 – Tabletop D&D with Ken Johnson & Seth Law from Absolute AppSec

Ken Johnson and Seth Law from the Absoute AppSec Podcast join me for another Tabletop D&D episode!

The hiatus is over! Welcome back everyone to the latest episode of the Purple Squad Security podcast! In this episode we have Ken Johnson and Seth Law from the Absolute AppSec Podcast joining me for the latest session of Tabletop D&D. Enjoy!

Some links of interest:



Want to hear about a new Infosec con?  If you're in and around the Waterloo region area in October, why not check out Cyber City!  This is Waterloo region's premier information security conference.  Tickets are on sale now!


We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
July 7, 2019

Episode 59 – Business Processes in Infosec with Cheerio

Cheerio stops by to share her experiences of using business processes in her role of cyber threat intelligence.

Working in information security has its own set of challenges, but aside from the technical challenges, many of us face hurdles within our own workspace.  Working with non-technical folks can be painful to most of us, but it doesn't have to be!  Cheerio joins me on this week's podcast to talk about how she uses business processes that she's learned from years of being in the small business space and has started to apply them to her role as a Cyber Threat Intelligence analyst! Some links of interest:



Want to hear about a new Infosec con?  If you're in and around the Waterloo region area in October, why not check out Cyber City!  This is Waterloo region's premier information security conference.  Tickets are on sale now and the CFP is open until July 31st, 2019.  Don't wait, and come participate today!  


We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
June 23, 2019

Episode 58 – Malware Analysis with Kyle Andrus

Kyle Andrus comes back to talk about what malware analysis is and some starting points for getting into it.

Often times in information security, we look upon penetration testing and red teaming with awe and view those professions as the "sexy" side of security.  Truth be told, the defensive side has a lot of exciting opportunities as well!  Kyle Andrus joins me this week to talk about malware analysis, which I think is definitely one of the sexier sides of defense. Some links of interest:



Want to hear about a new Infosec con?  If you're in and around the Waterloo region area in October, why not check out Cyber City!  This is Waterloo region's premier information security conference.  Tickets are on sale now and the CFP is open until July 31st, 2019.  Don't wait, and come participate today!  


We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
June 9, 2019

Episode 57 – Tinker After Dark – Tinker Tales by the Fire

Tinkers back! With the green light to speak as he wants, we get some excellent stories and great retrospectives!

There were more than a few of you who were anxiously awaiting his return, and he's back!  Tinker joins me once again to share some stories from his adventures in hackerland.  In addition, I have given Tinker free reign to speak as he chooses, and naturally I participate as well.  Fair warning, this is not safe for work or sensitive ears.  I do ask that you try not to be offended, as his stories and reflections on those events makes for one excellent episode.

Some links of interest:



We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
May 26, 2019

Episode 56 – John Reads: Choose Your Own Red Team Adventure

John reads a Choose Your Own Adventure story that was posted on Medium related to Red Teaming!

A few weeks ago, Sam King on Twitter mentioned me in a tweet that included a link to a Medium post, but not just any Medium post.  Tim MalcomVetter had posted up an "Choose Your Own Red Team Adventure", which I thought was just amazing!  I used to read a lot of choose your own adventure books as a kid, so I was naturally excited!  For this episode, I will be going through the story the first time, reading aloud as I try my hand at red teaming against a customer.  I hope you enjoy!

Some links of interest:



We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
May 12, 2019

Episode 55 – Talking Privacy with Matt Beland

Matt Beland stops by to talk about privacy and what that means for a security professional.

CORRECTION: Early in this episode I mentioned that Amazon would ask for your email password when signing up for a new account.  I meant to say Facebook, not Amazon.  The practice has since been discontinued, but I wanted to make it clear that this was a Facebook practice, not Amazon.  Amazon has not, to the best of my knowledge, ever done something like this.  Sorry for the mixup.


For most security professionals, we view the CIA triad as our grail.  No, not the US government agency that works around the world doing a lot of questionable things, but rather the more tame version of Confidentiality, Integrity, and Availability.  For today's episode, Matt Beland joins me to explain privacy and how it's not all about Confidentiality as I, and I'm sure a few of you, may have thought.

Some links of interest:



We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
April 28, 2019

Episode 54 – Tribe of Hackers with Marcus J. Carey

Marcus Carey joins me to talk about his latest book, Tribe of Hackers.

Tribe of Hackers is a recently released book by Marcus Carey and Jennifer Jin that is a collection of stories from member of our community, or tribe as Marcus describes it.  This was a great and insightful interview, and definitely one you will want to listen to if you haven't read the book yet. Some links of interest:



We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
April 14, 2019

Episode 53 – #Ginfosec with @InfoSecSherpa – All About Cons!

The @InfoSecSherpa comes back for another #ginfosec episode where we talk about attending conferences

Once again I am pleased to share a #ginfosec episode with the woman who helps guide others through the mountains of infosec, Tracy InfoSecSherpa Maleeff!  In this extended episode Tracy and I speak about conferences from the attendee point of view; what to expect, what to bring, how to go, and what you should aim to get from the con.  Enjoy! Some links of interest:



We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…