Ah, I love anniversaries. This is an anniversary episode celebrating 2 years of Purple Squad Security! Just a few personal rants and discussions for those interested in a bit of a behind the scenes view of things here at the show. No guests, just me blathering on about stuff. Enjoy!

Some links of interest:

• Cyber City
  • Website
  • Twitter
• Podcast Store: https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!

• Purple Squad Security's Twitter: @PurpleSquadSec
• John's Twitter: @JohnsNotHere
• John's Mastodon: https://infosec.exchange/@JohnsNotHere
• Podcast Website: purplesquadsec.com
• Sign-Up for our Slack community: https://signup.purplesquadsec.com

Thanks for listening, and as always, I will talk with you all again next time.

Find out more at http://purplesquadsec.com

The hiatus is over! Welcome back everyone to the latest episode of the Purple Squad Security podcast! In this episode we have Ken Johnson and Seth Law from the Absolute AppSec Podcast joining me for the latest session of Tabletop D&D. Enjoy!

Some links of interest:

• Absolute AppSec
  • Website
  • Twitter
• Seth's Twitter Account: @sethlaw
• Ken's Twitter Account: @cktricky

Want to hear about a new Infosec con?  If you're in and around the Waterloo region area in October, why not check out Cyber City!  This is Waterloo region's premier information security conference.  Tickets are on sale now!

• Cyber City Conference: https://www.cybercityconf.io/

We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!

• Purple Squad Security's Twitter: @PurpleSquadSec
• John's Twitter: @JohnsNotHere
• John's Mastodon: https://infosec.exchange/@JohnsNotHere
• Podcast Website: purplesquadsec.com
• Sign-Up for our Slack community: https://signup.purplesquadsec.com

Thanks for listening, and as always, I will talk with you all again next time.

Find out more at http://purplesquadsec.com

Often times in information security, we look upon penetration testing and red teaming with awe and view those professions as the "sexy" side of security.  Truth be told, the defensive side has a lot of exciting opportunities as well!  Kyle Andrus joins me this week to talk about malware analysis, which I think is definitely one of the sexier sides of defense. Some links of interest:

• Practical Malware Analysis Book - https://nostarch.com/malware

• Cuckoo Sandbox - https://cuckoosandbox.org/

• CyberChef - https://gchq.github.io/CyberChef/

• Leny Zeltser's Blog - https://zeltser.com/blog/

• Journey Into Incident Response - http://journeyintoir.blogspot.com/

• Malware Unicorn's Reverse Engineering Workshop - https://malwareunicorn.org/#/workshops

• MiSec - https://www.misec.us/

• Kyle's Twitter Account: @chaoticflaws

Want to hear about a new Infosec con?  If you're in and around the Waterloo region area in October, why not check out Cyber City!  This is Waterloo region's premier information security conference.  Tickets are on sale now and the CFP is open until July 31st, 2019.  Don't wait, and come participate today!  

• Cyber City Conference: https://www.cybercityconf.io/

• Cyber City Conference CFP: https://www.papercall.io/cybercityconf

We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!

• Purple Squad Security's Twitter: @PurpleSquadSec

• John's Twitter: @JohnsNotHere

• John's Mastodon: https://infosec.exchange/@JohnsNotHere

• Podcast Website: purplesquadsec.com

• Patreon - https://www.patreon.com/purplesquadsec

• Sign-Up for our Slack community: https://signup.purplesquadsec.com

Thanks for listening, and as always, I will talk with you all again next time.

Find out more at http://purplesquadsec.com

There were more than a few of you who were anxiously awaiting his return, and he's back!  Tinker joins me once again to share some stories from his adventures in hackerland.  In addition, I have given Tinker free reign to speak as he chooses, and naturally I participate as well.  Fair warning, this is not safe for work or sensitive ears.  I do ask that you try not to be offended, as his stories and reflections on those events makes for one excellent episode.

Some links of interest:

• Tinker's Fediverse Account: @[email protected]

• Tinker's Twitter Account: @TinkerSec

• Tinker's Blog: https://tinker.sh

• SecLists: https://github.com/danielmiessler/SecLists

• Cyber City Conference: https://www.cybercityconf.io/

• Cyber City Conference CFP: https://www.papercall.io/cybercityconf

We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!

• Purple Squad Security's Twitter: @PurpleSquadSec

• John's Twitter: @JohnsNotHere

• John's Mastodon: https://infosec.exchange/@JohnsNotHere

• Podcast Website: purplesquadsec.com

• Patreon - https://www.patreon.com/purplesquadsec

• Sign-Up for our Slack community: https://signup.purplesquadsec.com

Thanks for listening, and as always, I will talk with you all again next time.

Find out more at http://purplesquadsec.com

A few weeks ago, Sam King on Twitter mentioned me in a tweet that included a link to a Medium post, but not just any Medium post.  Tim MalcomVetter had posted up an "Choose Your Own Red Team Adventure", which I thought was just amazing!  I used to read a lot of choose your own adventure books as a kid, so I was naturally excited!  For this episode, I will be going through the story the first time, reading aloud as I try my hand at red teaming against a customer.  I hope you enjoy!

Some links of interest:

• Choose Your Own Red Team Adventure - https://medium.com/@malcomvetter/choose-your-own-red-team-adventure-f87d6a3b0b76

• Tim MalcomVetter's Twitter - @malcomvetter

We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!

• Purple Squad Security's Twitter: @PurpleSquadSec

• John's Twitter: @JohnsNotHere

• John's Mastodon: https://infosec.exchange/@JohnsNotHere

• Podcast Website: purplesquadsec.com

• Patreon - https://www.patreon.com/purplesquadsec

• Sign-Up for our Slack community: https://signup.purplesquadsec.com

Thanks for listening, and as always, I will talk with you all again next time.

Find out more at http://purplesquadsec.com

CORRECTION: Early in this episode I mentioned that Amazon would ask for your email password when signing up for a new account.  I meant to say Facebook, not Amazon.  The practice has since been discontinued, but I wanted to make it clear that this was a Facebook practice, not Amazon.  Amazon has not, to the best of my knowledge, ever done something like this.  Sorry for the mixup.

For most security professionals, we view the CIA triad as our grail.  No, not the US government agency that works around the world doing a lot of questionable things, but rather the more tame version of Confidentiality, Integrity, and Availability.  For today's episode, Matt Beland joins me to explain privacy and how it's not all about Confidentiality as I, and I'm sure a few of you, may have thought.

Some links of interest:

• Smooth Sailing Solutions: smoothsailingsolutions.com

• Matt's Twitter: @Beland_Matt

• International Association of Privacy Professionals: https://iapp.org

• CIPP / CIPM / CIPT Certifications: https://iapp.org/certify/programs/

• Ethical Data and Information Management: Concepts, Tools and Methods: https://www.amazon.com/Ethical-Data-Information-Management-Concepts/dp/0749482044

We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!

• Purple Squad Security's Twitter: @PurpleSquadSec

• John's Twitter: @JohnsNotHere

• John's Mastodon: https://infosec.exchange/@JohnsNotHere

• Podcast Website: purplesquadsec.com

• Patreon - https://www.patreon.com/purplesquadsec

• Sign-Up for our Slack community: https://signup.purplesquadsec.com

Thanks for listening, and as always, I will talk with you all again next time.

Find out more at http://purplesquadsec.com

Tribe of Hackers is a recently released book by Marcus Carey and Jennifer Jin that is a collection of stories from member of our community, or tribe as Marcus describes it.  This was a great and insightful interview, and definitely one you will want to listen to if you haven't read the book yet. Some links of interest:

• Tribe of Hackers: https://www.amazon.com/Tribe-Hackers-Cybersecurity-Advice-World/dp/1793464189/

• Tribe of Mentors (inspiration for Tribe of Hackers): https://www.amazon.com/Tribe-Mentors-Short-Advice-World/dp/1328994961/

• The 4 Agreements - https://www.amazon.com/Four-Agreements-Practical-Personal-Freedom/dp/1878424319/

• Marcus's Twitter: @marcusjcarey

• Jennifer Jin's Twitter: @jen_jin

• Tribe of Hackers Twitter: @TribeOfHackers

• Tribe of Hackers Summit - May 2, 2019: https://www.eventbrite.com/e/tribe-of-hackers-summit-registration-59074697009

We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!

• Purple Squad Security's Twitter: @PurpleSquadSec

• John's Twitter: @JohnsNotHere

• John's Mastodon: https://infosec.exchange/@JohnsNotHere

• Podcast Website: purplesquadsec.com

• Patreon - https://www.patreon.com/purplesquadsec

• Sign-Up for our Slack community: https://signup.purplesquadsec.com

Thanks for listening, and as always, I will talk with you all again next time.

Find out more at http://purplesquadsec.com

Once again I am pleased to share a #ginfosec episode with the woman who helps guide others through the mountains of infosec, Tracy InfoSecSherpa Maleeff!  In this extended episode Tracy and I speak about conferences from the attendee point of view; what to expect, what to bring, how to go, and what you should aim to get from the con.  Enjoy! Some links of interest:

• Tracy's Twitter: @InfoSecSherpa

• Sign up for Tracy's Nuzzle Newsletter: https://nuzzel.com/InfoSecSherpa

• Study on different note taking techniques: https://www.scientificamerican.com/article/a-learning-secret-don-t-take-notes-with-a-laptop/

• Tracy's Unusual Journey into Infosec: https://www.secjuice.com/infosecsherpa-unusual-journeys/

• Tracy's Talk at BSides NoVa - Networking with Humans: https://www.youtube.com/watch?v=bbfyXTZCVC0

We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!

• Purple Squad Security's Twitter: @PurpleSquadSec

• John's Twitter: @JohnsNotHere

• John's Mastodon: https://infosec.exchange/@JohnsNotHere

• Podcast Website: purplesquadsec.com

• Patreon - https://www.patreon.com/purplesquadsec

• Sign-Up for our Slack community: https://signup.purplesquadsec.com

Thanks for listening, and as always, I will talk with you all again next time.

Find out more at http://purplesquadsec.com

This week John goes solo and decides to talk about a recent threat he spun up about on Twitter, naming himself as a generalist within Information Security and discussing what that means to him. Some links of interest:

• John's Twitter Thread

We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!

• Purple Squad Security's Twitter: @PurpleSquadSec

• John's Twitter: @JohnsNotHere

• John's Mastodon: https://infosec.exchange/@JohnsNotHere

• Podcast Website: purplesquadsec.com

• Patreon - https://www.patreon.com/purplesquadsec

• Sign-Up for our Slack community: https://signup.purplesquadsec.com

Thanks for listening, and as always, I will talk with you all again next time.

Find out more at http://purplesquadsec.com

Chris Foulon stops by for a fireside chat to talk about breaking into Infosec.  For those unfamiliar with the fireside chat series, this is where we come in with a topic but no other real agenda.  It's a casual conversation where I just have a casual conversation with my guest, similar to what would happen in hallway con.  I hope you enjoy! Some links of interest:

• Chris' LinkedIn: https://www.linkedin.com/in/christophefoulon/

• Chris' Twitter: @chris_foulon

We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!

• Purple Squad Security's Twitter: @PurpleSquadSec

• John's Twitter: @JohnsNotHere

• John's Mastodon: https://infosec.exchange/@JohnsNotHere

• Podcast Website: purplesquadsec.com

• Patreon - https://www.patreon.com/purplesquadsec

• Sign-Up for our Slack community: https://signup.purplesquadsec.com

Thanks for listening, and as always, I will talk with you all again next time.

Find out more at http://purplesquadsec.com