The Cyber Threat Perspective
Step into the ever-evolving world of cybersecurity with the offensive security group from SecurIT360. We’re bringing you fresh content from our journeys into penetration testing, threat research and various other interesting topics.
brad@securit360.com
Episodes
159 episodes
Episode 127: SaaS Supply Chain Attacks - How to Stay Secure
This episode focuses on SaaS (Software as a Service) Supply Chain Attacks. We discuss what SaaS applications are most at risk, what the real danger of saas supply chain attacks are and most importantly how to defend and detect these attac...
•
Season 1
•
Episode 126
•
42:53
Episode 126: Typosquatting - How and Why It Works and How to Defend Against It
Dive into the quirky underworld of digital misdirection in this episode, where we explore the art of typosquatting. Discover how a simple mistyped URL can turn into a gateway for cyber trickery, as we break down the many forms of typosquatting—...
•
Season 1
•
Episode 126
•
31:37
Episode 125: Whose Job Is Harder? Red or Blue
In this episode, we discuss whose job is harder. The red team or the blue team? We discuss the roles and responsibilities of many red and blue teamers, the challenges both those teams face, and then we share some advice for handling and overcom...
•
Season 1
•
Episode 125
•
55:30
(Replay) How To Monitor Your Attack Surface
Unlock the secrets of effective attack surface monitoring in this replay of The Cyber Threat Perspective. Brad and Spencer dive into essential practices, tools, and methodologies to keep your systems secure.Define and understand att...
•
35:12
Episode 123: Insecure Active Directory Protocols
In this episode, we discuss several insecure protocols that are found within Active Directory environments. When these protocols are enabled, they could be abused by an attacker to perform a number of attacks, including privilege escalation and...
•
Season 1
•
Episode 123
•
39:47
Episode 122: AI/ChatGPT Interviews a Web Pen Tester!!
In this episode, Chelsea (ChatGTP) interviews Brad about web application penetration testing. Listen in to learn how the process works from start to finish! Resourceshttps://owasp.org/https://nvd.nist.gov/vul...
•
Season 1
•
Episode 122
•
15:02
Episode 121: How We Evade Detection During Internal Pentests
In this episode, Spencer and Brad discuss the ever popular and highly debated topic of evasion. In this podcast we talk about evasion from the context of evading defense controls, not necessarily EDR specific evasion techniques. Our hope with t...
•
Season 1
•
Episode 121
•
40:44
Episode 120: Demystifying Pentests: What Every Organization Needs to Know
In this episode, Spencer and Tyler discuss key things that they as pentesters wish all organizations knew about pentesting and the pentest process. They go through the entire lifecycle of a pentest and discuss definitions, processes, misconcept...
•
Season 1
•
Episode 120
•
40:38
Episode 119: Lessons Natural Disasters Can Teach Us About Cybersecurity
In this episode, we draw parallels between natural disasters and navigating today’s cybersecurity landscape. From the importance of preparation and layered defenses to the critical need for constant monitoring and resilience, we uncover valuabl...
•
Season 1
•
Episode 119
•
45:33
(Replay) Tales From The Trenches
Join us for this replay of episode 78 - an enthralling journey into the heart of cybersecurity operations with “Tales from the Trenches,” an exclusive podcast presented by Brad Causey, Vice President of Offensive Security at SecurIT360....
•
57:06
(Replay) Email Spoofing: From Basics to Advanced Techniques and Solutions
Welcome to this replay on The Cyber Threat Perspective! In this episode, Brad and Spencer dive into the mechanics and recent developments of email spoofing, shedding light on how attackers are bypassing advanced email protections....
•
27:10
(Replay) Windows and Active Directory Hardening
In this episode of The Cyber Threat Perspective, Nathan and Spencer discuss crucial strategies for Windows and Active Directory hardening, emphasizing the importance of community collaboration and the value of using CIS benchmarks for security ...
•
47:58
Episode 118: 2025 - A CISO's Perspective with Mike Whitt
In this episode, we’re discussing what a seasoned CISO is focused on going into 2025. Mike Whitt is a Cheif Information Security Officer in the financial sector with over 20 years of experience building teams, security programs, and leading org...
•
Season 1
•
Episode 118
•
46:26
Episode 117: Why Do Pentests Cost So Much?
In this episode, we’re peeling back the layers of the question so many organizations ask: Why do penetration tests cost so much? But here’s the real twist—are they actually expensive, or are we measuring their value the wrong way?<...
•
Season 1
•
Episode 117
•
39:03
Episode 116: Painfully Persistent Problems - Weak Passwords
In this episode, we’re diving into one of the most enduring cybersecurity challenges—weak passwords. We’ll explore how poor password practices and identity management pitfalls leave organizations vulnerable to compromise. From understanding the...
•
Season 1
•
Episode 116
•
35:52
Episode 115: How to understand and address risk w/ Robert McElroy
In this episode, we discuss the broad concept of risk, what it is, and how to manage it. This episode is a great way to begin understanding how to develop an overall risk management strategy at your organization or understand how a risk managem...
•
Season 1
•
Episode 115
•
40:25
Episode 114: Making Penetration Test Results Actionable
In this episode, we discuss the challenge of translating penetration test findings into practical and effective security improvements, and we delve into the three major bottlenecks to improving security and give recommendations for overcoming t...
•
Season 1
•
Episode 114
•
38:07
Episode 113: Phishing with Malicious RDP Files
In this episode, we're talking about a significant development in the cyber threat landscape. There has been a surge in activity from a group known as Midnight Blizzard, also known as APT29. They're a sophisticated Russian state-sponsored group...
•
Season 1
•
Episode 113
•
28:14
Episode 112: Key Insights From The Microsoft Digital Defense Report 2024
In this episode, we dive deep into the newly released Microsoft Digital Defense Report 2024, which offers a comprehensive look at the latest trends in the global cybersecurity landscape. From evolving cyber threats and attack strategies to Micr...
•
Season 1
•
Episode 112
•
38:45
(Replay) How To Actually Protect Credentials
In this episode replay, Spencer and Darrius break down the complexities of credential protection, discussing everything from user education and tools to threat modeling and guardrails. Plus, we delve into the world of protecting credentials wit...
•
43:31
Episode 111: Red Team Tools (OST) Managing Open-Source Threats
In this episode, Spencer and Brad discuss a recent Trend Micro research project and associated white paper "Red Team Tools in the Hands of Cybercriminals and Nation States". Spencer and Brad dig into what red teaming is, what red team ...
•
Season 1
•
Episode 111
•
31:04
(Replay) Vulnerability Management Deep Dive
In this replay episode, Spencer is joined by Daniel Perkins, a Senior Information Security Officer at SecurIT360 to discuss the intricacies of vulnerability management, the important prerequisites to vulnerability management, and best practices...
•
35:42
Episode 110: AD Security Workshop Preview
In this episode, Brad and Spencer discuss Spencer's upcoming in-person workshop at Cyber SC. The **Hardening Active Directory to Prevent Cyber Attacks** Workshop is aimed at IT professionals, system administrators, and cybersecurity professiona...
•
Season 1
•
Episode 110
•
23:28
Episode 109: Current State of Pentesting - Internal and External
In this episode, Spencer and Tyler share what they love and hate about the current state of penetration testing, they discuss current and future trends, and what it means to be a true cybersecurity partner. We hope you enjoy this episode!
•
Season 1
•
Episode 109
•
39:41