7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
…
continue reading
Career Hacker Academy Podcasts
Join us for Simply Defensive, a podcast dedicated to exploring the world of defensive cybersecurity through the lens of real-world experts. In each episode, we'll interview leading professionals from the cybersecurity industry, delving into their experiences, challenges, and innovative solutions. Whether you're a seasoned cybersecurity veteran or just starting to learn about the field, Simply Defensive offers valuable insights and practical advice to help you stay ahead of the curve. Tune in ...
…
continue reading
If you’re looking to pivot into your next big role, make more impact, increase your salary, or break into a top tech company, this podcast is for you. Yannick Kpodar, a LinkedIn alum, was once a struggling business graduate who couldn’t find a job. Through trial and error, he learned the “secrets” to hacking the job hunt process and leapfrogging in his career. Since then, he’s been able to break into B2B Sales in a Fortune 100 company, pivot into Product Marketing at Linkedin in San Francisc ...
…
continue reading
1
From Help Desk to SOC: How KevTech Broke Into Cybersecurity Without Certs
29:40
29:40
Play later
Play later
Lists
Like
Liked
29:40
What happens when you go from fixing executives’ laptops at Goldman Sachs to defending against cyber threats in a SOC? In this episode of Simply Defensive, hosts Josh Mason and Wade Wells sit down with Kevin Apolinario — better known as KevTech — to unpack his journey from IT support to cybersecurity analyst, all without a single certification. Kev…
…
continue reading
1
7MS #697: Pwning Ninja Hacker Academy – Part 4
13:22
13:22
Play later
Play later
Lists
Like
Liked
13:22
Today your pal and mine Joe “The Machine” Skeen pwn one of the two Ninja Hacker Academy domains! This pwnage included: Swiping service tickets in the name of high-priv users Dumping secrets from wmorkstations Disabling AV Extracting hashes of gMSA accounts We didn’t get the second domain pwned, and so I was originally thinking about doing a part 5 …
…
continue reading
1
Detection Engineering Tutorial: Cloud Security, Kubernetes Logging & SOC Career Path
34:44
34:44
Play later
Play later
Lists
Like
Liked
34:44
In this episode of Simply Defensive, we sit down with JB, a Senior Cybersecurity Engineer working in detection engineering. JB shares his journey from SOC analyst to detection engineer, diving deep into the challenges of cloud-native security, Kubernetes logging, and building a sustainable career in cybersecurity. What We Cover: What detection engi…
…
continue reading
1
7MS #696: Baby's First Security Ticketing System
27:45
27:45
Play later
Play later
Lists
Like
Liked
27:45
In today’s episode: I got a new podcast doodad I really like JitBit as a security ticketing system (not a sponsor) The Threat Hunting with Velociraptor 2-day training was great. Highly recommend. I got inspired to take this class after watching the 1-hour primer here.
…
continue reading
1
Hands-On Defense: Markus Schober on DFIR, Labs, and Building Better Blue Teamers
30:31
30:31
Play later
Play later
Lists
Like
Liked
30:31
In this episode of Simply Defensive, Josh Mason and Wade Wells sit down with Markus Schober, founder of Blue Cape Security, to talk all things digital forensics, incident response (DFIR), and why hands-on training beats theory every time. We dig into: 🔹 The hidden value of building your own cyber range 🔹 How IR pros train using real attacks (and wh…
…
continue reading
1
7MS #695: Tales of Pentest Pwnage - Part 78
15:57
15:57
Play later
Play later
Lists
Like
Liked
15:57
Today’s tale of pentest pwnage involves: Using mssqlkaren to dump sensitive goodies out of SCCM Using a specific fork of bloodhound to find machines I could force password resets on (warning: don’t do this in prod…read this!) Don’t forget to check out our weekly Tuesday TOOLSday – live every Tuesday at 10 a.m. over at 7MinSec.club!…
…
continue reading
1
7MS #694: Tales of Pentest Pwnage – Part 77
33:11
33:11
Play later
Play later
Lists
Like
Liked
33:11
Hey friends, today I talk about how fun it was two combine two cool pentest tactics, put them in a blender, and move from local admin to mid-tier system admin access (with full control over hundreds of systems)! The Tuesday TOOLSday video we did over at 7minsec.club will help bring this to life as well.…
…
continue reading
1
7MS #693: Pwning Ninja Hacker Academy – Part 3
28:44
28:44
Play later
Play later
Lists
Like
Liked
28:44
This week your pal and mine Joe “The Machine” Skeen kept picking away at pwning Ninja Hacker Academy. To review where we’ve been in parts 1 and 2: We found a SQL injection on a box called SQL, got a privileged Sliver beacon on it, and dumped mimikatz info From that dump, we used the SQL box hash to do a BloodHound run, which revealed that we had ex…
…
continue reading
1
Cyber Threat Intelligence for Blue Teams with Jordan Kalm (Morado COO)
32:50
32:50
Play later
Play later
Lists
Like
Liked
32:50
From Army recon missions to building Morado, COO Jordan Kalm reveals how military intelligence tactics translate into modern cyber threat intelligence. In this Simply Defensive episode, Josh Mason and Wade Wells dive into what really works for blue teams and SOC analysts — and what’s just noise. 👉 If you’ve ever wondered how to turn raw intel into …
…
continue reading
1
7MS #692: Tales of Pentest Pwnage – Part 76
32:45
32:45
Play later
Play later
Lists
Like
Liked
32:45
Happy Friday! Today’s another hot pile of pentest pwnage. To make it easy on myself I’m going to share the whole narrative that I wrote up for someone else: I was on a pentest where a DA account would sweep the networks every few minutes over SMB and hit my box. But SMB signing was on literally everywhere. The fine folks here recommended I try rela…
…
continue reading
1
How a Detective Became the Ginger Hacker: SOC Life, Job Hunts & Blue Team Wisdom
36:02
36:02
Play later
Play later
Lists
Like
Liked
36:02
From the streets to the SOC. 💻 In this episode of Simply Defensive, Josh Mason and Wade Wells talk with Andrew Crotty — aka Ginger Hacker. A former detective turned Tier 3 SOC analyst and Army reservist, Andrew shares his journey into cyber, the struggles of breaking in, and the lessons he’s learned (including the rookie mistake that accidentally d…
…
continue reading
1
7MS #691: Tales of Pentest Pwnage – Part 75
31:39
31:39
Play later
Play later
Lists
Like
Liked
31:39
Holy schnikes, today might be my favorite tale of pentest pwnage ever. Do I say that almost every episode? yes. Do I mean it? Yes. Here are all the commands/links to supplement today’s episode: Got an SA account to a SQL server through Snaffler-ing With that SA account, I learned how to coerce Web auth from within a SQL shell – read more about that…
…
continue reading
1
Automating the Blue Team | Kevin Mata (Swimlane) on SOAR & AI in Cybersecurity
32:43
32:43
Play later
Play later
Lists
Like
Liked
32:43
Automation is changing the way defenders work. In this episode of Simply Defensive, we sit down with Kevin Mata, Director of Cloud Operations at Swimlane, to talk about his journey from flipping burgers at In-N-Out to flipping SOC alerts with automation, SOAR, and AI. Kevin shares how he got started in cybersecurity, how Swimlane helps Blue Teams s…
…
continue reading
1
7MS #690: Tales of Pentest Pwnage – Part 74
21:13
21:13
Play later
Play later
Lists
Like
Liked
21:13
Today’s tale of pentest pwnage is a classic case of “If your head is buried in the pentest sand, pop it out for a while, touch grass, and re-enumerate what you’ve already enumerated, because that can lead to absolute GOLD!”
…
continue reading
1
Inside Hack Defender Academy: Gamified Malware Training for Blue Teamers
29:27
29:27
Play later
Play later
Lists
Like
Liked
29:27
Ready to level up your defensive cybersecurity skills? In this episode of Simply Defensive, Josh Mason and Wade Wells sit down with Dan Regalado and Belem — the founders of Hack Defender Academy — to explore how they’re using CTF-style challenges, real malware cases, and gamification to prepare the next generation of defenders. 💡 We cover: Why gami…
…
continue reading
1
7MS #689: Pwning Ninja Hacker Academy – Part 2
15:40
15:40
Play later
Play later
Lists
Like
Liked
15:40
Hello friends! Today your friend and mine, Joe “The Machine” Skeen joins me as we keep chipping away at pwning Ninja Hacker Academy! Today’s pwnage includes: “Upgrading” our Sliver C2 connection to a full system shell using PrintSpoofer! Abusing nanodump to do an lsass minidump….and find our first cred. Analyzing BloodHound data to find (and own) e…
…
continue reading
1
Rob Allen (ThreatLocker) on Zero Trust, Proactive Security, and Ransomware Prevention
25:27
25:27
Play later
Play later
Lists
Like
Liked
25:27
In Season 4, Episode 4 of Simply Defensive, hosts Josh Mason and Wade Wells sit down with Rob Allen, Chief Product Officer at ThreatLocker, to dive deep into the world of Zero Trust security, proactive cybersecurity strategies, and ransomware prevention. Rob shares expert insights on: Proactive vs. Reactive cybersecurity — why a balanced security s…
…
continue reading
1
7MS #688: Building a Pentest Training Course Is Fun and Frustrating
22:13
22:13
Play later
Play later
Lists
Like
Liked
22:13
Today I talk about a subject I love while also driving me crazy at the same time: building a pentest training course! Specifically, I dissect a fun/frustrating GPO attack that I need to build very carefully so that every student can pwn it while also not breaking the domain for everybody else. I also talk about how three different flavors of AI fai…
…
continue reading
1
7MS #687: A Peek into the 7MS Mail Bag – Part 5
57:26
57:26
Play later
Play later
Lists
Like
Liked
57:26
Hi friends, we’re doing something today we haven’t done in a hot minute: take a dip into the 7MinSec mail bag! Today we cover these questions: If I’m starting a solo business venture as a security consultancy, is it a good idea to join forces with other solo security business owners and form a consortium of sorts? Have you ever had anything go cata…
…
continue reading
1
Why Your CISO Needs a “Shut Up, Boss” Button
34:09
34:09
Play later
Play later
Lists
Like
Liked
34:09
What if GitHub sucks for security detections—and AI is finally good enough to replace it? Join Josh Mason and Wade Wells as they sit down with Aaron Mog, the outspoken founder of Detections.ai, to unpack why detection engineering is broken—and how his new platform signed up 4,000+ users in just two weeks. Aaron doesn’t hold back. From ranting about…
…
continue reading
1
7MS #686: Our New Pentest Training Course is Almost Ready
23:30
23:30
Play later
Play later
Lists
Like
Liked
23:30
Oh man, I’m so excited I can hardly sleep. Our new three-day (4 hours per day) training is getting closer to general release. I talk about the good/bad/ugly of putting together an attack-sensitive lab that students can abuse (but hopefully not break!), and the technical/curriculum-writing challenges that go along with it.…
…
continue reading
1
Why Jack in the Box Might Have the Best Security Team in Fast Food
29:58
29:58
Play later
Play later
Lists
Like
Liked
29:58
How does a Navy fire control tech who once wrangled a six-barrel death robot become the head of security operations at Jack in the Box? In this episode of Simply Defensive, we sit down with Chris Julio — SOC Manager, veteran, and self-proclaimed lover of both metrics and munchie meals. Chris shares his journey from Windows NT and dot-matrix printer…
…
continue reading
1
7MS #685: The Time My Neighbor Almost Got Scammed Out of $13K
22:56
22:56
Play later
Play later
Lists
Like
Liked
22:56
Today’s kind of a “story time with your friend Brian” episode: a tale of how my neighbor almost got scammed out of $13k. The story has a lot of red flags we can all keep in mind to keep ourselves (as well as kids/friends/parents/etc.) safer from these types of shenanigans.
…
continue reading
1
Coffee Is Your Top Supply Chain Risk: A Conversation with Kyle Kelly
28:56
28:56
Play later
Play later
Lists
Like
Liked
28:56
SOC analysts, detection engineers, and pentesters—you’re not imagining it: software supply chain security is a dumpster fire 🔥. In this episode of Simply Defensive, we sit down with Kyle Kelly, engineering manager at GitHub and author of Crime Hacks, to unpack the chaos. We cover: - Why malicious packages are sneaking past defenders - The truth abo…
…
continue reading
