Purple Squad Security
If you know the enemy and know yourself, you need not fear the result of a hundred battles.
May 26, 2019

Episode 56 – John Reads: Choose Your Own Red Team Adventure

John reads a Choose Your Own Adventure story that was posted on Medium related to Red Teaming!

A few weeks ago, Sam King on Twitter mentioned me in a tweet that included a link to a Medium post, but not just any Medium post.  Tim MalcomVetter had posted up an "Choose Your Own Red Team Adventure", which I thought was just amazing!  I used to read a lot of choose your own adventure books as a kid, so I was naturally excited!  For this episode, I will be going through the story the first time, reading aloud as I try my hand at red teaming against a customer.  I hope you enjoy!

Some links of interest:



We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
May 12, 2019

Episode 55 – Talking Privacy with Matt Beland

Matt Beland stops by to talk about privacy and what that means for a security professional.

CORRECTION: Early in this episode I mentioned that Amazon would ask for your email password when signing up for a new account.  I meant to say Facebook, not Amazon.  The practice has since been discontinued, but I wanted to make it clear that this was a Facebook practice, not Amazon.  Amazon has not, to the best of my knowledge, ever done something like this.  Sorry for the mixup.


For most security professionals, we view the CIA triad as our grail.  No, not the US government agency that works around the world doing a lot of questionable things, but rather the more tame version of Confidentiality, Integrity, and Availability.  For today's episode, Matt Beland joins me to explain privacy and how it's not all about Confidentiality as I, and I'm sure a few of you, may have thought.

Some links of interest:



We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
April 28, 2019

Episode 54 – Tribe of Hackers with Marcus J. Carey

Marcus Carey joins me to talk about his latest book, Tribe of Hackers.

Tribe of Hackers is a recently released book by Marcus Carey and Jennifer Jin that is a collection of stories from member of our community, or tribe as Marcus describes it.  This was a great and insightful interview, and definitely one you will want to listen to if you haven't read the book yet. Some links of interest:



We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
April 14, 2019

Episode 53 – #Ginfosec with @InfoSecSherpa – All About Cons!

The @InfoSecSherpa comes back for another #ginfosec episode where we talk about attending conferences

Once again I am pleased to share a #ginfosec episode with the woman who helps guide others through the mountains of infosec, Tracy InfoSecSherpa Maleeff!  In this extended episode Tracy and I speak about conferences from the attendee point of view; what to expect, what to bring, how to go, and what you should aim to get from the con.  Enjoy! Some links of interest:



We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
March 31, 2019

Episode 52 – John The Generalist

John goes solo to talk about him being a generalist in Information Security

This week John goes solo and decides to talk about a recent threat he spun up about on Twitter, naming himself as a generalist within Information Security and discussing what that means to him. Some links of interest:


We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
March 10, 2019

Episode 51 – Fireside Chat with Chris Foulon

Chris Foulon stops by for a fireside chat about breaking into Information Security.

Chris Foulon stops by for a fireside chat to talk about breaking into Infosec.  For those unfamiliar with the fireside chat series, this is where we come in with a topic but no other real agenda.  It's a casual conversation where I just have a casual conversation with my guest, similar to what would happen in hallway con.  I hope you enjoy! Some links of interest:



We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
February 17, 2019

Episode 50 – Tabletop D&D with Tim De Block, Ed Rojas, Daniel Ebbutt, and Kyle Andrus

Another tabletop D&D episode! Pure mayhem with this one, which is fitting for a bicentennial episode!

It's that time again!  Yes, another Tabletop D&D episode is upon us!  This time I asked Timothy de Block from the Exploring Information Security podcast to join me, along with a few interesting characters.  Let's just say this particular episode is not for the faint of heart, and we have a few swears thrown in to keep with the atmosphere.  Enjoy! Some links of interest:



We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
February 3, 2019

Episode 49 – The Red Team Life with Curtis Brazzell

Curtis Brazzell from Pondurance joins me to talk about red teaming and managing red teams.

What is a red team?  How does it differ from a penetration tester's day-to-day?  How do red teams stay sharp?  How do they stay motivated?  These are a few of the questions I seek to have answered by Curtis Brazzell, a managing Security Consultant at Pondurance.  It's a great interview and sheds light on the difference between red teaming and penetration testing.

Some links of interest:



We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale:

https://purplesquadsec.com/store

Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
January 20, 2019

Episode 48 – All About Magecart with Yonathan Klijnsma

Yonathan Klijnsma joins me from RiskIQ to discuss Magecart, what it is, what it does, and how they found it.

Magecart - a web-based credit card skimming kit used by various groups to grab ahold of online shoppers credit cards.  Interesting?  You bet!  On this episode of the Purple Squad Security podcast I have Yonathan Klijnsma, Head Researcher at RiskIQ, joining me to discuss their research on Magecart.

Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
January 6, 2019

Episode 47 – Happy New Year! Show Updates and Other News

John talks about his plans for the upcoming year and some show updates.

Welcome to 2019!  John goes solo in this episode and talks about his personal goals for 2019, plus some updates for the show that should make things a bit more structured and hopefully more interesting for the listeners.

Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…