The Cyber Threat Perspective
Step into the ever-evolving world of cybersecurity with the offensive security group from SecurIT360. We’re bringing you fresh content from our journeys into penetration testing, threat research and various other interesting topics.
brad@securit360.com
Episodes
151 episodes
Episode 120: Demystifying Pentests: What Every Organization Needs to Know
In this episode, Spencer and Tyler discuss key things that they as pentesters wish all organizations knew about pentesting and the pentest process. They go through the entire lifecycle of a pentest and discuss definitions, processes, misconcept...
•
Season 1
•
Episode 120
•
40:38
Episode 119: Lessons Natural Disasters Can Teach Us About Cybersecurity
In this episode, we draw parallels between natural disasters and navigating today’s cybersecurity landscape. From the importance of preparation and layered defenses to the critical need for constant monitoring and resilience, we uncover valuabl...
•
Season 1
•
Episode 119
•
45:33
(Replay) Tales From The Trenches
Join us for this replay of episode 78 - an enthralling journey into the heart of cybersecurity operations with “Tales from the Trenches,” an exclusive podcast presented by Brad Causey, Vice President of Offensive Security at SecurIT360....
•
57:06
(Replay) Email Spoofing: From Basics to Advanced Techniques and Solutions
Welcome to this replay on The Cyber Threat Perspective! In this episode, Brad and Spencer dive into the mechanics and recent developments of email spoofing, shedding light on how attackers are bypassing advanced email protections....
•
27:10
(Replay) Windows and Active Directory Hardening
In this episode of The Cyber Threat Perspective, Nathan and Spencer discuss crucial strategies for Windows and Active Directory hardening, emphasizing the importance of community collaboration and the value of using CIS benchmarks for security ...
•
47:58
Episode 118: 2025 - A CISO's Perspective with Mike Whitt
In this episode, we’re discussing what a seasoned CISO is focused on going into 2025. Mike Whitt is a Cheif Information Security Officer in the financial sector with over 20 years of experience building teams, security programs, and leading org...
•
Season 1
•
Episode 118
•
46:26
Episode 117: Why Do Pentests Cost So Much?
In this episode, we’re peeling back the layers of the question so many organizations ask: Why do penetration tests cost so much? But here’s the real twist—are they actually expensive, or are we measuring their value the wrong way?<...
•
Season 1
•
Episode 117
•
39:03
Episode 116: Painfully Persistent Problems - Weak Passwords
In this episode, we’re diving into one of the most enduring cybersecurity challenges—weak passwords. We’ll explore how poor password practices and identity management pitfalls leave organizations vulnerable to compromise. From understanding the...
•
Season 1
•
Episode 116
•
35:52
Episode 115: How to understand and address risk w/ Robert McElroy
In this episode, we discuss the broad concept of risk, what it is, and how to manage it. This episode is a great way to begin understanding how to develop an overall risk management strategy at your organization or understand how a risk managem...
•
Season 1
•
Episode 115
•
40:25
Episode 114: Making Penetration Test Results Actionable
In this episode, we discuss the challenge of translating penetration test findings into practical and effective security improvements, and we delve into the three major bottlenecks to improving security and give recommendations for overcoming t...
•
Season 1
•
Episode 114
•
38:07
Episode 113: Phishing with Malicious RDP Files
In this episode, we're talking about a significant development in the cyber threat landscape. There has been a surge in activity from a group known as Midnight Blizzard, also known as APT29. They're a sophisticated Russian state-sponsored group...
•
Season 1
•
Episode 113
•
28:14
Episode 112: Key Insights From The Microsoft Digital Defense Report 2024
In this episode, we dive deep into the newly released Microsoft Digital Defense Report 2024, which offers a comprehensive look at the latest trends in the global cybersecurity landscape. From evolving cyber threats and attack strategies to Micr...
•
Season 1
•
Episode 112
•
38:45
(Replay) How To Actually Protect Credentials
In this episode replay, Spencer and Darrius break down the complexities of credential protection, discussing everything from user education and tools to threat modeling and guardrails. Plus, we delve into the world of protecting credentials wit...
•
43:31
Episode 111: Red Team Tools (OST) Managing Open-Source Threats
In this episode, Spencer and Brad discuss a recent Trend Micro research project and associated white paper "Red Team Tools in the Hands of Cybercriminals and Nation States". Spencer and Brad dig into what red teaming is, what red team ...
•
Season 1
•
Episode 111
•
31:04
(Replay) Vulnerability Management Deep Dive
In this replay episode, Spencer is joined by Daniel Perkins, a Senior Information Security Officer at SecurIT360 to discuss the intricacies of vulnerability management, the important prerequisites to vulnerability management, and best practices...
•
35:42
Episode 110: AD Security Workshop Preview
In this episode, Brad and Spencer discuss Spencer's upcoming in-person workshop at Cyber SC. The **Hardening Active Directory to Prevent Cyber Attacks** Workshop is aimed at IT professionals, system administrators, and cybersecurity professiona...
•
Season 1
•
Episode 110
•
23:28
Episode 109: Current State of Pentesting - Internal and External
In this episode, Spencer and Tyler share what they love and hate about the current state of penetration testing, they discuss current and future trends, and what it means to be a true cybersecurity partner. We hope you enjoy this episode!
•
Season 1
•
Episode 109
•
39:41
Episode 108: New tales from the trenches!
In this episode, Tyler and Brad talk about various security issues found on recent penetration tests. They outline the how and why, and talk about mitigation strategies to help you beat these issues in your environment.Resources<...
•
Season 1
•
Episode 108
•
38:38
Episode 107: How To Defend Against Lateral Movement
In this episode, Spencer and Brad dive into lateral movement, discussing various techniques like RDP, RATs, Impacket tools, PsExec, PTH, PTT, and PowerShell Remoting. They explain how attackers use these methods to gain unauthorized access, eva...
•
Season 1
•
Episode 107
•
37:48
(Replay) DNS Security
In our "DNS Security" podcast, we delve into DNS's critical role in how the internet works, exploring its vulnerabilities and attacks like DNS spoofing, cache poisoning, and DDoS. We discuss DNSSEC and its components, including public and priva...
•
31:12
Episode 106: An Overview of Cyber Risk
Let's talk about cyber risk classification in this episode of The Cyber Threat Perspective. Brad and Tyler provide a high-level overview of various types of cyber risk encountered in penetration testing.-Reputational Risk
•
Season 1
•
Episode 106
•
27:52
Episode 105: How to Monitor Your Attack Surface
In this episode Brad and Spencer discuss Attack Surface Monitoring, what it is, and why it's important for defending against cyber-attacks. They give into the difference between attack vectors and attack surface and share a high-level overview ...
•
Season 1
•
Episode 105
•
35:12
Episode 104: How To Get Into Cyber For First Responders
In this episode, Spencer has Sam Killingsworth on the show to talk about getting into cybersecurity, specifically penetration testing, coming from a first responder background. Sam is currently a full-time Firefighter/EMT and part-time penetrat...
•
Season 1
•
Episode 104
•
32:41
Episode 103: Email Spoofing
In this episode, Spencer and Brad dive into the complex maze of 3rd party email providers, filtering and spoofing. Email spoofing is a technique used by cybercriminals to disguise the sender's address in an email message, making it appear as th...
•
Season 1
•
Episode 103
•
27:10
Episode 102: The Global CrowdStrike Outage
In this episode, Spencer is joined by Joey Vandergrift (SecurIT360's VP of Security Operations) and Mark Brophy (SecurIT360's DFIR practice lead). Together they discuss how CrowdStrike, a leading EDR product, caused one of the largest global IT...
•
Season 1
•
Episode 102
•
48:30