Episode OverviewJoin host Phillip Wylie as he interviews Matt Brown, a cybersecurity professional, hardware hacker, and successful YouTuber who has grown from zero to over 100,000 subscribers in just two years. This episode dives deep into hardware security, IoT penetration testing, content creation strategies, and the future of cybersecurity careers in the age of AI.Guest BioMatt Brown is a cybersecurity professional specializing in hardware hacking and IoT security. He's the creator of a popular YouTube channel focused on unedited, real-time hardware hacking tutorials. Matt has experience in offensive security, bug bounty hunting, and has won multiple live hacking events, including competitions hosted by Amazon. He holds degrees in IT and computer engineering with a focus on information assurance.Key Topics CoveredHardware Security & IoT HackingGetting started in hardware hacking without expensive equipmentEssential tools and techniques for IoT penetration testingMicrocontroller vs. Linux-based device securityHardware security conference insights from Hardwear.io USAThe growing demand for hardware security professionalsContent Creation SuccessHow Matt grew from 0 to 100K+ YouTube subscribers in 2 yearsThe power of unedited, mistake-inclusive contentEquipment setup for hardware hacking videosMonetization through bug bounty opportunitiesBuilding authentic connections with technical audiencesCareer DevelopmentBreaking into offensive security and penetration testingThe value of diverse technical backgrounds (sysadmin, development, blue team)Academic vs. self-taught paths in cybersecurityWhy communication skills are crucial for pen testersJob market opportunities in hardware securityAI and the Future of CybersecurityHow AI tools can enhance rather than replace security professionalsUsing AI for reconnaissance and information gatheringThe importance of critical thinking when using AI toolsCareer advice for staying relevant in an AI-driven worldHacker Origin StoryMatt's journey began in junior high with an electronics and soldering class - an opportunity he notes many people don't have today. His first real introduction to hacking came through a YouTube video demonstrating WEP cracking using a bootable Linux CD. This experience of seeing his home network's Wi-Fi password decrypted sparked his passion for cybersecurity.Connect with Matt BrownYouTube Channel: https://www.youtube.com/ @mattbrwn LinkedIn: https://www.linkedin.com/in/mattbrwn/Website: https://brownfinesecurity.com/
--------
30:32
--------
30:32
Matt Toussain: From JAG Aspirations to Cybersecurity
SummaryIn this engaging episode of "The Phillip Wylie Show," host Phillip Wylie welcomes cybersecurity expert Matthew Toussain. Known for his extensive history in the cybersecurity field, Matt opens up about his unconventional career path, from aspiring to be an Air Force lawyer to developing a passion for cybersecurity. This episode covers a multitude of insights into the world of offensive security, open-source development, and vulnerability management, all backed by Matt's diverse experiences and successes in the cybersecurity landscape.Throughout the episode, Matt shares invaluable advice for those entering the offensive security field, highlighting the importance of contributing to open-source projects and understanding key programming languages. He elaborates on his project, SeriousScan, an open-source vulnerability scanner aimed at providing affordable security solutions for mid-cap firms. Discussing the evolving landscape of cybersecurity, Matt emphasizes the impact of artificial intelligence on security practices and development, shedding light on modern strategies to secure environments against potential threats. Listeners are treated to an in-depth look at the significance of vulnerability management and how organizations can optimize their cybersecurity efforts.Takeaways: The advanced capabilities of modern AI tools enable them to understand programming languages like TypeScript, Golang, and Python significantly better than others. The podcast discusses the importance of vulnerability management, emphasizing that organizations must actively manage vulnerabilities to prevent exploitation. Penetration testing provides a crucial opportunity to not only identify vulnerabilities but also to understand the context and potential risks associated with them. Listeners are encouraged to leverage real-world examples and case studies to justify security budgets and improve vulnerability management programs. The conversation highlights the significance of hands-on experience and practical application in learning cybersecurity skills, particularly through capture-the-flag competitions. The necessity of open-source contributions is reiterated as a vital avenue for aspiring cybersecurity professionals to demonstrate their skills and commitment to the field.Resources:https://www.linkedin.com/in/matthew-toussain/https://www.linkedin.com/company/open-security/https://opensecurity.com/https://sirius.publickey.io/
--------
47:25
--------
47:25
Kevin Woods: Why Companies MUST Invest in Junior Cyber Talent
SummaryIn this episode of the Phillip Wylie Show, Kevin Woods from GuidePoint Security shares his unique journey into cybersecurity, emphasizing the importance of community support, hands-on experience, and investing in entry-level talent. He discusses the various paths one can take in the cybersecurity field, the value of certifications, and the role of education in preparing individuals for careers in this industry. The conversation highlights the need for companies to take risks on junior talent and the significance of providing opportunities for growth and development in cybersecurity.Takeaways• Kevin Woods transitioned from a biology background to cybersecurity through military service.• Community support plays a crucial role in career development in cybersecurity.• Investing in entry-level talent can yield long-term benefits for companies.• Hands-on experience is essential for success in cybersecurity roles.• There are various paths in cybersecurity beyond just pen testing.• Certifications can help demonstrate foundational knowledge to employers.• Boot camps can be beneficial, but research is necessary to find quality programs.• Passion for cybersecurity can be showcased through personal projects and contributions.• Companies need to take risks on junior talent to address the skills gap in the industry.• Education must evolve to meet the demands of the cybersecurity landscape.Sound Bites"Education is key for our success.""We have to invest in people."Chapters00:00 Introduction to Cybersecurity Journeys02:28 Kevin's Unique Path to Cybersecurity05:27 The Importance of Community and Support07:50 Investing in Entry-Level Talent09:47 The Role of Education in Cybersecurity11:05 Exploring Different Cybersecurity Roles13:13 Hands-On Experience vs. Theory17:17 Finding Your Passion in Cybersecurity20:01 Showcasing Skills on LinkedIn21:46 The Value of Certifications23:48 Boot Camps: Pros and Cons27:25 Encouraging Risk-Taking in Hiring29:21 The Future of Cybersecurity CareersResourceshttps://www.linkedin.com/in/krwoods/
--------
33:03
--------
33:03
From Military to Cybersecurity: John Rodriguez on Mentorship, Ransomware, and Building Resilient Defenses
The Phillip Wylie Show episode featuring John Rodriguez from Cyber Dagger:🔍 Episode Summary:In this episode of The Phillip Wylie Show, cybersecurity expert John Rodriguez, founder of Cyber Dagger, shares his inspiring journey from the military to launching a cybersecurity company. John dives into the critical challenges faced by educational institutions and nonprofits, the growing threat of ransomware, and why a holistic security strategy is vital. He emphasizes the power of mentorship, community service, and continuous hands-on learning in shaping the next generation of cybersecurity professionals. This conversation is packed with real-world insights, career tips, and practical approaches to improving cyber defenses.✅ Key Takeaways:Giving back through cybersecurity strengthens communities and builds talent pipelines.Diverse backgrounds, like military service, offer valuable skills for cyber careers.Schools and nonprofits are prime targets for ransomware and must prioritize security.Mentorship and guidance are essential to developing future cyber leaders.Adversarial thinking is crucial for effective red teaming and threat response.Building in-house tools and platforms can greatly improve cyber resilience.Don’t rush—take time to master the fundamentals and stay curious.🎧 Memorable Sound Bites:"It's important that we stay together.""Don't rush through it.""Leave it better than what you found it."🕒 Episode Chapters:00:00 – Intro to John Rodriguez & Cyber Dagger02:22 – From Military to Cybersecurity04:45 – Mentorship's Role in Cybersecurity07:05 – Securing K–12 and Nonprofits09:31 – Ransomware Realities in Education12:16 – Why Incident Response Matters15:48 – Pen Testing vs. Incident Response18:18 – Real-World Testing in Cybersecurity21:38 – Role of EDR & Security Platforms24:53 – Military Influence on Cyber Strategy27:49 – Holistic Security: Why It Matters31:05 – Building In-House Security Tools36:09 – Career Advice for Aspiring Pros41:15 – The Power of Mentorship & Community🔗 Resources & Links:Connect with John Rodriguez: LinkedInLearn more about Cyber Dagger: Website | LinkedIn
--------
48:59
--------
48:59
Dan DeCloss: The Evolution of Cybersecurity
SummaryIn this episode of the Phillip Wylie Show, host Phillip Wylie speaks with Dan DeCloss, founder of PlexTrac, about his journey in cybersecurity, the evolution of pen testing, and the challenges faced in the industry. Dan shares his hacker origin story, insights on recruiting talent, and the inspiration behind PlexTrac, a tool designed to streamline the pen testing reporting process. They discuss the future of cybersecurity, including the role of AI and the importance of community engagement in recruiting talent.Takeaways• Dan DeCloss has over 20 years of experience in cybersecurity.• PlexTrac aims to simplify the pen testing reporting process.• Networking is crucial for breaking into cybersecurity.• BSides events are great for recruiting talent.• The cybersecurity landscape has evolved significantly over the years.• AI is becoming increasingly important in cybersecurity tools.• Pen testing is not just about finding vulnerabilities but also about effective reporting.• Community engagement is vital for talent acquisition in cybersecurity.• PlexTrac was inspired by the challenges of report writing in pen testing.• The future of PlexTrac includes enhanced features and AI integration.Sound Bites"I feel like we truly helped the industry.""AI is going to help our customers.""We do have a free trial."Chapters00:00 Introduction to PlexTrac and Dan DeCloss03:01 Dan's Hacker Origin Story07:19 Evolution of Cybersecurity and Pen Testing13:39 Types of Pen Testing and Experience16:31 Advice for Aspiring Pen Testers20:33 Recruiting Talent in Cybersecurity23:13 Inspiration Behind PlexTrac30:10 Future Roadmap for PlexTracResourceshttps://www.linkedin.com/in/ddecloss/https://www.linkedin.com/company/plextrac/Try PlexTrac Core for Free
Join Phillip Wylie Show host Phillip Wylie as he and his guests discuss the intriguing and ever-expanding field of cybersecurity, including topics from the offensive security side to the defensive and response sides of cybersecurity. Frequent offensive security topics include pentesting, red teaming, ethical hacking, security research, and bug bounties. Guests share their origin stories, tips, and career advice. Phillip and his guests discuss content creation and personal branding in this podcast. If you enjoyed Phillip's previous podcast, The Hacker Factory, you will love this!
Ireland