Shoulders of Infosec (with Jack Daniel)
ADVANCED PERSISTENT SECURITY PODCAST
GUEST: Jack Daniel
SEPTEMBER 26, 2016
If you enjoy this podcast, be sure to give us a 5 Star Review and “Love Us” on iTunes; Like us on Google Play, Stitcher, Sound Cloud, Spreaker, and YouTube.
NOTE: The opinions expressed in this podcast are ours alone and do not reflect those of our employers
I apologize for my voice and coughing, I was fighting off some “crud.”
Shoulders of Infosec (with Jack Daniel) SHOW NOTES
I introduced Jack and we discussed his Hacker Halted talk and Shoulders of Infosec. We talk about buzzword reuse and the challenges that infosec people face. Jack talks about how to react to and talk to the business unit as a security professional. Joe channels his inner Kenny Rogers in The Gambler, “You have to know when to hold ’em and know when to fold ’em.” We transition into a discussion about passwords and password managers. We also discuss prioritizing security from the perspective of budget, effort, and business.
Jack tells us what is bothering him (he gets wound up easily). The inability to see the world views of others bothers Jack. Joe and Jack talk about security elitism and those who believe that people who don’t write code can’t be security people and the frustrations with that belief. Jack provides his advice to the up and coming infosec people. We talk about certifications vice experience vice studying to learn. Jack mentions phosgene gas and reminds Joe of his Navy days aboard a submarine. Jack affirms that pen testing is not the end all/be all of working in infosec. Take technical writing classes!
Jack says goodbye and provides more information about Shoulders of Infosec. He gives us links to his social media and other endeavors. Jack tells us about his “Infosec Survival Skills” talks coming up as well as other topics he is passionate about.
Jack Daniel works for Tenable Network Security, has over 20 years’ experience in network and system administration and security, and has worked in a variety of practitioner and management positions.
A technology community activist, he supports several information security and technology organizations. Jack is a co-founder of Security BSides, serves on the boards of three Security BSides non-profit corporations, and helps organize Security B-Sides events.
Jack is a frequent speaker at technology and security events and is a co-host on the award-winning Security Weekly Podcast. An early member of the information security community on Twitter, Jack is an active and vocal Twitter user. Jack is a CISSP, holds CCSK, and is a Microsoft MVP for Enterprise Security.
ABOUT Shoulders of Infosec
One of the key projects Jack is involved in today is Shoulders of Infosec.
“If I have seen further it is by standing on the shoulders of giants”
Most famously attributed to Sir Isaac Newton, this quote reflects the sentiment of this project. All of us in the field of information security stand on the shoulders of giants, this project is dedicated to shining a light on those shoulders- the the known and unknown.
This blog will primarily be used for updates and announcements, most of the content will be on a wiki at wiki.shouldersofinfosec.org.
PASSWORD BLOG LINKS:
WI-FI BLOG LINK:
The Zen of Python
To recreate this, type: python import this
Beautiful is better than ugly.
Explicit is better than implicit.
Simple is better than complex.
Complex is better than complicated.
Flat is better than nested.
Sparse is better than dense.
Special cases aren’t special enough to break the rules.
Although practicality beats purity.
Errors should never pass silently.
Unless explicitly silenced.
In the face of ambiguity, refuse the temptation to guess.
There should be one– and preferably only one –obvious way to do it.
Although that way may not be obvious at first unless you’re Dutch.
Now is better than never.
Although never is often better than *right* now.
If the implementation is hard to explain, it’s a bad idea.
If the implementation is easy to explain, it may be a good idea.
Namespaces are one honking great idea — let’s do more of those!
Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.
If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.