OwlTail

Cover image of Ed Skoudis

Ed Skoudis

18 Podcast Episodes

Latest 28 Aug 2021 | Updated Daily

Weekly hand curated podcast episodes for learning

Episode artwork

Penetration Testing and Ethical Hacking with Ed Skoudis

Easy Prey

Is there such a thing as an ethical hacker? Do all hackers use their skills to attack infrastructures? If you’re interested in ethical hacking and penetration testing, this is the episode for you.  Today’s guest is Ed Skoudis. Ed has taught upwards of 20,000 security professionals globally and his contributions to information security have had an immense impact on the community. His courses distill the essence of real world frontline case studies he accumulates, because he is consistently one of the first authorities brought in to provide post-attack analysis on major breeches. He’s not just an expert in the field, he’s created many of the founding methodologies empowered by governments and organizations around the world to test and secure their infrastructures. Ed is the founder of the SANS Penetration Testing Curriculum and Counter Hack; leads the team that builds NetWars, Holiday Hack, and CyberCity; and serves on the Board of Directors for the SANS Technology Institute. A consummate presenter, Ed is a keynote speaker appearing internationally at conferences, and is an Advisory Board member for RSA. Show Notes: [1:14] - Ed introduces himself as a penetration tester and hacker. He does expert witness work on large scale breeches and incident response. [1:37] - He started this path as hacking for phone companies. He explains how he started and why he was hired. [3:55] - Ed describes what penetration testing (or pen testing) is. It is when he models the techniques used by real world attackers and then apply them in structured fashion to help protect companies from future attacks. [4:53] - Pen tests can be used by an organization for a specific reason or can be done as a “check-up” to make sure everything is okay. [5:40] - Zero Day is researching vulnerabilities that aren’t known yet. It is called Zero Day because it has been known for zero days. [6:18] - Ed never believed the cybersecurity industry would be as huge as it is today and explains some of the more recent issues we’ve been seeing through Covid. [7:52] - Security is now a part of the process and is becoming less of an afterthought. Ed shares this idea long-term, but sees the same vulnerabilities repeatedly. [8:49] - There is no such thing as 100% safe and secure. The goal is to raise the bar to make things more difficult for an attacker. [9:31] - With ransomware, attackers have figured out a really reliable way to get paid for their malware. [10:08] - Ransomware is a real problem and have even attacked hospitals and local governments. [12:37] - There is so much that we do that leaves us vulnerable. [13:29] - One major piece of advice that Ed gives in regards to general consumer security is to keep all of your devices patched and updated. [14:18] - Another area to be aware of is always spear phishing. Don’t click unless you are confident in the link. [15:19] - Ed has a separate computer that is separate and independent that he only uses for financial transactions.  [17:17] - Chris and Ed discuss routers that consumers buy from their ISP. [19:01] - Ed shares how “Live Off the Land” attacks work by using what is already installed on a computer. These are harder to detect. [20:18] - With ransomware, organizations have to think about what is best for the business. Is it better to give the attacker the money or spend the time and money to fix the problem? [22:27] - The dominant trend in technology today is cloud storage. [24:18] - Ed describes how this works and some of the various problems associated with it. [25:39] - The US Army, Tesla, and Uber are a few organizations that have lost data to this common vulnerability. [26:10] - Ed describes the Holiday Hack Challenge and the fun way he has modeled this problem to educate users. [28:03] - Although there are some security risks if not managed properly, Ed shares that cloud data storage is a very cost effective option for small to medium sized businesses. [29:24] - Most organizations use multiple cloud services. Cloud migration is good if a different service is necessary, but the previous cloud service is left alone and vulnerable. [31:01] - The Holiday Hack Challenge is a free educational event that Ed and his team have created to solve cybersecurity challenges. This is a worldwide event. [34:02] - The Holiday Hack Challenge is something that some people participate in with their kids due to the video game aspect. There is also a social aspect to it with the chat feature. [35:29] - Not only is the Holiday Hack Challenge free, but all of the past challenges are free and accessible to play. This can build your skills. [36:30] - Chris asks if Holiday Hack Challenge has ever been compromised. Ed admits that there are three people who have hacked their way in as players, but there were no purposeful attacks. [39:43] - Ed admits that he sees the world through the eyes of an ethical hacker because he likes to explore and see what’s beyond the edges.  [40:48] - Chris and Ed discuss Bug Bounty Programs and can be useful. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest SANS Web Page Counter Hack Web Page Ed Skoudis on Twitter 2020 Holiday Hack Challenge

45mins

2 Dec 2020

Episode artwork

Episode 92 - Holiday Hack 2020 with Ed Skoudis

Iron Sysadmin Podcast

Welcome to Episode 92 Main Topic Interview with Ed Skoudis!  Who is Ed? What is holiday hack (for those that are new to this) How many participants did you get last year? What sort of new theme can we expect this year? You guys developed an entire web game engine for this.. How'd that go? What kind of infrastructure do you have the event running on this year? Want to be a Kringleconcierge?  Contact: info@counterhack.com Register for KringleCon: https://holidayhackchallenge.com Announcements Patreon Update, 20 patrons for $87/month  rootisgod Bruce Robert Matt David S0l3mn Erwin Trooper_Ish LinuXsys666 gimpyb Ryan Mark DeMentor PowerShellOnLinux Jon Marc Julius Andi J Charles 22532 Get your Iron Sysadmin Merch at Teespring! https://teespring.com/stores/ironsysadmin   Reviews Nothing New Chat [nate] https://www.redhat.com/en/blog/introducing-using-openshift-serverless-event-driven-applications Serverless without the lock-in! https://jon.sprig.gs/blog/post/1980 [unclemarc] Cool list of ASCII terminal games: https://ligurio.github.io/awesome-ttygames/ Watched “Bushwick” on Netflix last night. Kinda like “Red Dawn” but different. Stars Drax from the Avengers AppleTrek: http://www.virtualapple.org/appletrekdisk.html “News” (not really) Parler…   https://en.wikipedia.org/wiki/Parler Was originally intended to be pronounced as “Parlay”.   It feels sort of like “old” twitter. Or even ‘old’ facebook No filtering, little moderation Timeline is chronological instead of curated Simple UI, not cluttered with ads No fact checking Pros Doesn’t appear to use a tracking cookie (though i could be wrong) Cons Well… It’s a bit of an echo chamber at the moment Critical Mass We get a little passionate... Watch us live on the 2nd and 4th Thursday of every month! Subscribe and hit the bell! https://www.youtube.com/IronSysadminPodcast OR https://twitch.tv/IronSysadminPodcast Matrix Community: https://matrix.to/#/+ironsysadmin:trixie.undrground.org Find us on Twitter, and Facebook! https://www.facebook.com/ironsysadmin https://www.twitter.com/ironsysadmin Subscribe wherever you find podcasts! And don't forget about our patreon! https://patreon.com/ironsysadmin  Intro and Outro music credit: Tri Tachyon, Digital MK 2http://freemusicarchive.org/music/Tri-Tachyon/ 

1hr 57mins

20 Nov 2020

Similar People

Episode artwork

Making CTFs count at any point in your story with Ed Skoudis

GIAC Certifications: Trust Me I'm Certified

Though Ed Skoudis knew he was a tinkerer since playing with Legos during childhood, his younger self could never have envisioned the expansive career he now has. In this episode, Ed shares advice gleaned from years of creating challenges, building teams, and writing and teaching SANS courses. He and Jason discuss why CTFs are essential skill-building tools at any career level, how to overcome self-doubt and imposter syndrome, and why you should never let fear stop you from starting.

38mins

14 Jul 2020

Episode artwork

Ed Skoudis & Security News - PSW #653

Paul's Security Weekly TV

In this week's Security News, NSA warns Russia-linked APT group is exploiting Exim flaw since 2019, Hackers Compromise Cisco Servers Via SaltStack Flaws, OpenSSH to deprecate SHA-1 logins due to security risk, all this and more with Special Guest Ed Skoudis, Founder of Counter Hack and Faculty Fellow at SANS Institute! To check out the SANS Pen Test HackFest and Cyber Range Summit, visit: https://www.sans.org/event/hackfest-ranges-summit-2020 Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode653

1hr 44mins

30 May 2020

Most Popular

Episode artwork

Ed Skoudis & Security News - PSW #653

Paul's Security Weekly (Video-Only)

In this week's Security News, NSA warns Russia-linked APT group is exploiting Exim flaw since 2019, Hackers Compromise Cisco Servers Via SaltStack Flaws, OpenSSH to deprecate SHA-1 logins due to security risk, all this and more with Special Guest Ed Skoudis, Founder of Counter Hack and Faculty Fellow at SANS Institute! To check out the SANS Pen Test HackFest and Cyber Range Summit, visit: https://www.sans.org/event/hackfest-ranges-summit-2020 Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode653

1hr 44mins

30 May 2020

Episode artwork

InfoSec Career Podcast - #4 - Interview with Ed Skoudis

The InfoSec Career Podcast

In this episode, we welcome Ed Skoudis to the show! Ed shares his thoughts on the need to always be learning and some tips on how to learn more deeply. He also shares a bit about this year's Holiday Hack Challenge.  Prepare for KringleCon 2! Please subscribe and share with others!

53mins

6 Nov 2019

Episode artwork

Episode 51 – Ed Skoudis and the SANS Holiday Hack!

Iron Sysadmin Podcast

Main topic Interview with Ed Skoudis! Who’s this guy? Counter Hack, founder Netwars SANS instructor Holiday Hack Hacking in the physical world Epic office Free Pie Holiday Hack What’s new this year? What does the infrastructure for this beast look like? Why is the gate still up? Listener questions: How do you manage your time? Do you have any favorite stories about your time in the industry? Chat Jason broke his server, again Atomic! OSTree Nate fixed his jeep Charles has running model trains!   News https://www.bbc.com/news/technology-46456695 https://www.bloomberg.com/news/articles/2018-12-10/verizon-to-give-buyouts-to-10-400-employees-in-restructuring?srnd=premium https://www.wired.com/story/how-do-you-publish-the-work-of-a-scientific-villain/ https://arstechnica.com/information-technology/2018/12/supermicro-refutes-report-of-malicious-implants-with-audit/ https://www.extremetech.com/internet/281991-australia-becomes-first-western-nation-to-ban-secure-encryption Watch us live on the 2nd and 4th Wednesday of every month! Subscribe and hit the bell! https://www.ironsysadmin.com/youtube Slack workspace https://www.ironsysadmin.com/slack Find us on Twitter, and Facebook! https://www.facebook.com/ironsysadmin https://www.twitter.com/ironsysadmin Subscribe wherever you find podcasts! And don’t forget about our patreon! https://patreon.com/ironsysadmin Intro and Outro music credit: Tri Tachyon, Digital MK 2 http://freemusicarchive.org/music/Tri-Tachyon/

1hr 27mins

13 Dec 2018

Episode artwork

Episode 44 – SANS Holiday Hack Challenge with Ed Skoudis

Purple Squad Security

So, a very popular season is coming up shortly.  I'm not talking about Thanksgiving (for my US listeners) and I'm not talking about Christmas for my Christian listeners.  No, I'm talking about the season that all good little hackers look forward to - the time when the SANS Holiday Hack Challenge is released! This is probably one of the most ambitious CTFs I have ever known about, and I am lucky enough to get one of the main drivers behind it to join me for today's episode!  Ed Skoudis joins me to talk all about the SANS Holiday Hack Challenge, what it is, what goes into it, and why you should give it a try. Some links of interest: KringleCon: https://kringlecon.com/ Holiday Hack Challenge Website: https://www.holidayhackchallenge.com/2018/ Ed's Twitter: @edskoudis Infosec Mastodon - https://infosec.exchange/auth/sign_up Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Patreon - https://www.patreon.com/purplesquadsec Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening! And as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com

50mins

18 Nov 2018

Episode artwork

Ed Skoudis, Holiday Hack Challenge - Paul's Security Weekly #540

Paul's Security Weekly TV

Ed Skoudis has taught cyber incident response and advanced penetration testing techniques to more than 12,000 cybersecurity professionals. He is a SANS Faculty Fellow and the lead for the SANS Penetration Testing Curriculum. In the interview, Ed talks with the team about the Holiday Hack Challenge and what’s going on recently in his cybersecurity life! Full Show Notes: https://wiki.securityweekly.com/Episode540 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

39mins

18 Dec 2017

Episode artwork

Ed Skoudis, Holiday Hack Challenge - Paul's Security Weekly #540

Paul's Security Weekly (Video-Only)

Ed Skoudis has taught cyber incident response and advanced penetration testing techniques to more than 12,000 cybersecurity professionals. He is a SANS Faculty Fellow and the lead for the SANS Penetration Testing Curriculum. In the interview, Ed talks with the team about the Holiday Hack Challenge and what’s going on recently in his cybersecurity life! Full Show Notes: https://wiki.securityweekly.com/Episode540 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

39mins

17 Dec 2017

Loading