7MS #430: Interview with Dan DeCloss
7 Minute Security2 Sep 2020

7MS #430: Interview with Dan DeCloss

Today we're thrilled to have our friend and PlexTrac CEO Dan DeCloss back to the program! (P.S. PlexTrac is launching runbooks as a feature - and you should definitely check out PlexTrac's upcoming Webinar about runbooks on September 9!). We also did a PlexTrac 101 Webinar with them recently!

You may remember Dan from such podcasts as this one when we first talked to him in 2019. Dan and I have a lot in common in that we both started security companies about the same time, so I had a lot of questions for Dan around how business has been going since we last talked on the podcast. Today our topics/questions include:

  • What are the (good) warning signs that a passion project you have could be a viable business?

  • Why "having all the jobs there has ever been" is a great way to figure out it's time to start your own business :-)

  • At what point does a side project have to become what you do for your day job?

  • How do you safely prepare to quit a comfortable corporate life to life as a small biz owner? Do you go 100% on faith? Do you save your $ for a year so you can "float" your business for a while? Some combination of the two?

  • How important is it to have the support of your friends/family when starting a new biz?

  • Once you start a biz what are the best/worst things about wearing all the hats (engineering, sales, marketing, accounting, HR, etc.)?

  • When is it time to hire additional resources or raise additional money to support your growing business?

  • What marketing efforts are fruitful for a new security biz to spend time/money on?

  • How do you decide what bells/whistles to add to PlexTrac? Follow your own roadmap? Let the customers drive your direction? Some combo of both?

  • What new bells and whistles are coming to PlexTrac in the Webinar on September 9?! (Spoiler alert: RUNBOOKS!)

Avsnitt(683)

7MS #146: Friday Infosec News and Links Roundup

7MS #146: Friday Infosec News and Links Roundup

Here are some of my favorite stories and links for this week! If you missed last week's BURN IT ALL! Webcast, it's now online as a Youtube video. There is still time to register for the Real World Web Penetration Testing Webinar. It's(Thursday, January 28 @ 1 p.m. CST) and $25 (cheap!) Trustwave is in big trouble after failing to find hackers under their noses. Their noses mustreally hurt because Mandiant was quick to point out the work done by Trustwave was "woefully inadequate." I'm scared of IoT stuff. Why? Oh, I don't know, because what happens when your Nest fails and leaves your buttcheeks freezing cold?!?!? Or what if hackers steal your doorbell, and thus your wifi password and pwn your network? Thankfully, OWASP now now has a top 10 for IoT stuff too. A researcher found some clever ways to abuse Lastpass with an exploit called Lostpass. Lastpassresponded with a security change wherein a Lastpass authentication from a new device requires approval via email. A new Sysinternals tool helps figure out if you have shady, unsigned files in c:\windows\system32. Oh, and for sure upgrade all your iThings ASAP. Apple patched some ugly security holes.

23 Jan 201610min

7MS #145: OFF-TOPIC - Sicario and The Walk

7MS #145: OFF-TOPIC - Sicario and The Walk

In today's off-topic episode I review two movies: Sicario and The Walk.

21 Jan 20167min

7MS #144: Shoulder-Surfing with Seasoned Pentesters

7MS #144: Shoulder-Surfing with Seasoned Pentesters

I recently had the opportunity to shoulder-surf with some seasoned Webapp pentesters, and wanted to share what I learned about their tools, techniques and methodologies.

18 Jan 20167min

7MS #143: Friday Infosec News and Links Roundup

7MS #143: Friday Infosec News and Links Roundup

Here are some of my fav' stories and links for this week! * Burn it all...The New Security Fundamentals **(Wednesday, January 20 @ 1 p.m. CST)**: a free Webinar on setting up the "*core technical things you need to do for your security program*." I've attended many Webinars from the BHIS group and they're always informative and humorous. * Real World Web Penetration Testing **(Thursday, January 28 @ 1 p.m. CST)**: a $25 Webinar on going through "*a real world penetration test. We will explore the methodology and procedures Secure Ideas follows as we test web applications. The course will also walk through some tricks and tips on how to focus your testing on likely flaws*." I have seen four of their recorded courses before and found them to be *absolutely* worth the money I spent, so I'm confident this upcoming session will be no exception. * Fortinet SSH backdoor not much to say except if you use any of the affected products, update immediately as they contain an SSH backdoor: * FortiOS v4.3.17 or any later version of FortiOS v4.3 (available as of July 9, 2014) * FortiOS v5.0.8 or any later version of FortiOS v5.0 (available as of July 28, 2014) * Any version of FortiOS v5.2 or v5.4 * Hacker sentenced to 334 years in prison for operating a phishing Web site similar to that of a legit banking Web site. Moral of the story? Don't do that. * Don't use IE 8, 9 or 10 anymore! unless you like to live dangerously.

15 Jan 20168min

7MS #142: OFF-TOPIC - Media Servers and Making a Murderer

7MS #142: OFF-TOPIC - Media Servers and Making a Murderer

This off-topic episode covers: * Media servers - I'm a newb in this area and could use your help in setting up a config that actually works! * Making a Murderer - this is a fantastic documentary on Netflix. Stop what you're doing (once you listen to this episode) and watch *immediately* please.

13 Jan 20168min

7MS #141: Happy (Belated) New Year!

7MS #141: Happy (Belated) New Year!

Happy (belated) new year! This episode is more of a "What am I listening to, a PBS telethon?!" kind of thing, and I'm sorry for that. But I want to cover: * Scheduling changes for 2016 - we're gonna be 3 times a week! * A new documentation project I'm working on called BPATTY (Brian's Pentesting and Technical Tips for You) * A way you can support the podcast financially.

11 Jan 20168min

7MS #140: OFF-TOPIC - Video Games I'm Currently Playing

7MS #140: OFF-TOPIC - Video Games I'm Currently Playing

This episode talks about some cool video games I've been playing lately: * Metal Gear Solid Phantom Pain (Xbox 360) * Rise of the Tomb Raider (Xbox 360) * Luminocity (iPhone) * Super Mario Maker (Wii U) I recommend 'em all!

8 Jan 20169min

7MS #139: Securing Your Life - Part 2

7MS #139: Securing Your Life - Part 2

Back in episode #93 I talked about securing your life - in other words, asking yourself "What would happen if I was dead right now? Do I have adequate insurance? Are my finances in order? How about estate planning?" This episode continues that train of thought, and I share some new changes I've made in my "life security" department.

8 Jan 20168min

Populärt inom Politik & nyheter

p3-krim
svd-dokumentara-berattelser-2
rss-krimstad
flashback-forever
aftonbladet-daily
olyckan-inifran
rss-sanning-konsekvens
rss-vad-fan-hande
rss-viva-fotboll
svenska-fall
krimmagasinet
rss-expressen-dok
motiv
fordomspodden
rss-frandfors-horna
dagens-eko
blenda-2
svd-nyhetsartiklar
spar
spotlight