Podcast thumbnail for We think we know

We think we know

Claim This Podcast
5.0(8 reviews)
13 episodes
Updated Weekly
Accepts GuestsHas SponsorsLocation 🇬🇧

Podcast Overview

We think we know how computer systems work, but how come they keep surprising us? We also think we know how humans behave, but we keep finding out we don’t. This podcast is for ethical hackers who are thirsty for challenges and who never settle for easy answers. We challenge some of the best offensive security pros in the world to reveal the unique traits, skills, and real-world experiences that got them where they are today. Get ready to be caught off guard as we debunk misconceptions, dissect wins, and explore what ethical hacking culture teaches us. This is the “We think we know” podcast from Pentest-Tools.com.

Language

🇺🇲

Publishing Since

11/6/2023

1 verified contact email on file for We think we know

Pitch yourself as a guest, propose sponsorships, or reach out directly to the host.

Recent Episodes

Episode thumbnail for We think we know hackers thrive on deep environment knowledge

April 9, 2024

We think we know hackers thrive on deep environment knowledge

<p>“Not everything works as configured. Not everyone behaves as trained.”</p><p>The reality of this statement makes it possible for us, the people in offensive security, to have a job. It also highlights how unpredictable our work can be and how never-ending our learning process is.</p><p>We work in a space where things are so complex that we need to combine big-picture, higher-level thinking with boost-on-the-ground practice.</p><p>And our guest today is <i>brilliant </i>at doing just that. </p><p>Pete Herzog has spent over two decades distilling the fundamental principles of security testing, turning them into a decade-defining manual - the Open Source Security Testing Methodology Manual (OSSTMM). Pete brings offensive and defensive security concepts together to break down important misconceptions.  </p><p>Listen to this conversation to uncover:</p><ul><li>Why you can’t do security without understanding the process behind it [08:23]</li><li>How automation can help but, at the same time, hurt the ones using it [11:00]</li><li>Why you can’t rely only on automated security tools in your pentests [19:10]</li><li>The importance of implementing security controls to change the environment [28:22]</li><li>Pete’s perspective on "Zero Trust" and how they tackled this ion OSSTMM [35:18]</li><li>Why he thinks there are “too many parrots, not enough pirates” in this space [43:42]</li><li>The excitement of researching for OSSTMM v4 and exploring new technologies [51:40]  </li></ul><p>From the expert systems behind AI-driven tools and their blindspots to generalizations that hurt offensive security outcomes, we explore key elements that shape today’s problems - some of which you’re probably wrestling with as well. </p><p>Let’s explore them!</p>

Episode thumbnail for We think we know you can't attack what you don't understand

March 26, 2024

We think we know you can't attack what you don't understand

<p>In this episode, we continue to ask the meaningful questions:</p><ol><li>What makes a great pentester? </li><li>How can you balance the art of manual testing with the efficiency of automation?</li><li>What is the unique value that pentesters bring to offensive security? </li><li>And what can't be commoditized in this craft?</li></ol><p>Gabrielle's mantra, “action for cyberpeace”, resonates through her work, and today, she shares her journey, experiences, and the lessons that shaped her career so far. </p><p>Key highlights from this conversation:</p><ul><li>What specific skills do you need to be a great penetration tester [02:45]</li><li>How self-learning and consistency help you achieve your goals [07:55]</li><li>Why she values team collaboration to deliver the best work you can do [13:57]</li><li>How she got into cybersec and why she strives for cyberpeace [24:35]</li><li>How to find balance between your personal life and your work [28:37]</li><li>When automation is effective in pentesting and where that ends [32:02]</li><li>How to set healthy boundaries to protect your personal life and health [41:11]</li><li>Which hobbies juggle her curiosity and broaden her horizons [51:59]  </li></ul><p>Give this episode with Gabrielle a listen if you want to level up your ethical hacking skills and challenge your modus operandi. </p>

Episode thumbnail for We think we know what makes a good pentester

March 12, 2024

We think we know what makes a good pentester

<p>With 20+ years of cybersecurity work, Tom unpacks the complexities of penetration testing, discussing the roles of vendors, practitioners, and technological advancements. </p><p>He also shares his perspective on what makes a good pentester, the value of mentorship, and the ethical challenges in this line of work. </p><p><strong>Explore this conversation to learn:</strong></p><ul><li>How pentesting changed over the years and who’s shaping it [03:02]</li><li>How to avoid burnout and deal with imposter syndrome [09:13]</li><li>Why he seeks and values mentorship for personal and professional growth [19:44]</li><li>The importance of constant learning and networking with your peers  [23:23] </li><li>How compliance brings down the value of pentesting and what to do about it [30:04]</li><li>How cultivating range can help you in your pentesting career [37:24]</li><li>How to set healthy boundaries to protect your health [41:11]</li></ul><p>This episode with Tom is a <i>must-listen</i> if you want to learn how to showcase your work and elevate your thinking and tactics.</p><h2>Resources from this episode</h2><ul><li>Tom’s <a href="https://www.spylogic.net/">personal website</a></li><li>Tom on <a href="https://www.linkedin.com/in/tomeston/">LinkedIn</a></li><li>Tom on <a href="https://twitter.com/agent0x0">Twitter</a></li><li><a href="https://sharedsecurity.net/">The Shared Security podcast</a></li><li><a href="https://www.goodreads.com/en/book/show/61271741">The People Hacker book</a> by Jenny Radcliffe</li><li>Tom’s journey from offensive security to leadership at the <a href="https://www.phillipwylieshow.com/episodes/a-journey-from-offensive-secur">Phillip Wylie Show</a></li><li>Ethical hackers and the legacy of the hacker manifesto for <a href="https://www.cyberempathy.org/episodes/ethical-hackers-legacy-hacker-manifesto">Cyber Empathy</a></li><li><a href="https://tib3rius.com/">Tib3rius</a></li><li><a href="https://www.youtube.com/c/jhaddix">Jason Haddix </a></li><li><a href="https://twitter.com/HackingDave">Dave Kennedy</a></li></ul>

13 total episodes available

Deep-dive analytics for We think we know

Frequently asked questions

Have a different question and can't find the answer you're looking for? Reach out to our support team by sending us an email and we'll get back to you as soon as we can.

What is We think we know?

We think we know how computer systems work, but how come they keep surprising us? We also think we know how humans behave, but we keep finding out we don’t.

This podcast is for ethical hackers who are thirsty for challenges and who never settle for easy answers.

We challenge some of the best offensive security pros in the world to reveal the unique traits, skills, and real-world experiences that got them where they are today.

Get ready to be caught off guard as we debunk misconceptions, dissect wins, and explore what ethical hacking culture teaches us.

This is the “We think we know” podcast from Pentest-Tools.com.

How often does this podcast release new episodes?

This podcast updates weekly.

Where can I listen to this podcast?

This podcast is available on 8 platforms including Apple Podcasts, Spotify, and more. You can also use the RSS feed directly.

Does this podcast accept guests?

Yes, this podcast regularly features guests.

Legal Disclaimer

Pod Engine is not affiliated with, endorsed by, or officially connected with any of the podcasts displayed on this platform. We operate independently as a podcast discovery and analytics service.

All podcast artwork, thumbnails, and content displayed on this page are the property of their respective owners and are protected by applicable copyright laws. This includes, but is not limited to, podcast cover art, episode artwork, show descriptions, episode titles, transcripts, audio snippets, and any other content originating from the podcast creators or their licensors.

We display this content under fair use principles and/or implied license for the purpose of podcast discovery, information, and commentary. We make no claim of ownership over any podcast content, artwork, or related materials shown on this platform. All trademarks, service marks, and trade names are the property of their respective owners.

While we strive to ensure all content usage is properly authorized, if you are a rights holder and believe your content is being used inappropriately or without proper authorization, please contact us immediately at hey@podengine.ai for prompt review and appropriate action, which may include content removal or proper attribution.

By accessing and using this platform, you acknowledge and agree to respect all applicable copyright laws and intellectual property rights of content owners. Any unauthorized reproduction, distribution, or commercial use of the content displayed on this platform is strictly prohibited.