Cyber Crime Junkies

Business Benefits for Having Security Assessments Done

January 12, 2023 Cyber Crime Junkies-David Mauro Season 2 Episode 4
Business Benefits for Having Security Assessments Done
Cyber Crime Junkies
More Info
Cyber Crime Junkies
Business Benefits for Having Security Assessments Done
Jan 12, 2023 Season 2 Episode 4
Cyber Crime Junkies-David Mauro

NEW! Text Us Direct Here!

 BUSINESS BENEFITS FOR HAVING SECURITY ASSESSMENTS DONE

Special Guests Christian Scott and Travis DeForge join us in the CCJ studio discussing business benefits for having security assessments done. They also answer Where You Can Find Cybersecurity Resources for free , discussing their Great Open Source Knowledge Base System and newest ways to learn cybersecurity. 

We touch on their outstanding creations you should all check out, Cyber-Judo, Enclave-Regenerous as well as their impactful work with GoVanguard.

👋 To see shows like this 🙏please Subscribe🙏 to our Channel @Cybercrimejunkiespodcast

👩‍💻 VIDEO EPISODE: https://youtu.be/t0q0x2luVLM

🎥 More video episodes on our channel @Cybercrimejunkiespodcast

📲 Podcast Episode: https://cybercrimejunkies.buzzsprout.com 

Thanks for being a Cyber Crime Junky!

Click the link above and leave your message!

You can now text our Podcast Studio direct. Ask questions, suggest guests and stories. 

We Look Forward To Hearing From You!




Custom handmade Women's Clothing, Plushies & Accessories at Blushingintrovert.com. Portions of your purchase go to Mental Health Awareness efforts.

🎧 Subscribe now http://www.youtube.com/@cybercrimejunkiespodcast and never miss an episode!

Follow Us:
🔗 Website: https://cybercrimejunkies.com
📱 X/Twitter: https://x.com/CybercrimeJunky
📸 Instagram: https://www.instagram.com/cybercrimejunkies/

Want to help us out? Leave us a 5-Star review on Apple Podcast Reviews.
Listen to Our Podcast:
🎙️ Apple Podcasts: https://podcasts.apple.com/us/podcast/cyber-crime-junkies/id1633932941
🎙️ Spotify: https://open.spotify.com/show/5y4U2v51gztlenr8TJ2LJs?si=537680ec262545b3
🎙️ Google Podcasts: http://www.youtube.com/@cybercrimejunkiespodcast

Join the Conversation: 💬 Leave your comments and questions. TEXT THE LINK ABOVE . We'd love to hear your thoughts and suggestions for future episodes!

Show Notes Transcript

NEW! Text Us Direct Here!

 BUSINESS BENEFITS FOR HAVING SECURITY ASSESSMENTS DONE

Special Guests Christian Scott and Travis DeForge join us in the CCJ studio discussing business benefits for having security assessments done. They also answer Where You Can Find Cybersecurity Resources for free , discussing their Great Open Source Knowledge Base System and newest ways to learn cybersecurity. 

We touch on their outstanding creations you should all check out, Cyber-Judo, Enclave-Regenerous as well as their impactful work with GoVanguard.

👋 To see shows like this 🙏please Subscribe🙏 to our Channel @Cybercrimejunkiespodcast

👩‍💻 VIDEO EPISODE: https://youtu.be/t0q0x2luVLM

🎥 More video episodes on our channel @Cybercrimejunkiespodcast

📲 Podcast Episode: https://cybercrimejunkies.buzzsprout.com 

Thanks for being a Cyber Crime Junky!

Click the link above and leave your message!

You can now text our Podcast Studio direct. Ask questions, suggest guests and stories. 

We Look Forward To Hearing From You!




Custom handmade Women's Clothing, Plushies & Accessories at Blushingintrovert.com. Portions of your purchase go to Mental Health Awareness efforts.

🎧 Subscribe now http://www.youtube.com/@cybercrimejunkiespodcast and never miss an episode!

Follow Us:
🔗 Website: https://cybercrimejunkies.com
📱 X/Twitter: https://x.com/CybercrimeJunky
📸 Instagram: https://www.instagram.com/cybercrimejunkies/

Want to help us out? Leave us a 5-Star review on Apple Podcast Reviews.
Listen to Our Podcast:
🎙️ Apple Podcasts: https://podcasts.apple.com/us/podcast/cyber-crime-junkies/id1633932941
🎙️ Spotify: https://open.spotify.com/show/5y4U2v51gztlenr8TJ2LJs?si=537680ec262545b3
🎙️ Google Podcasts: http://www.youtube.com/@cybercrimejunkiespodcast

Join the Conversation: 💬 Leave your comments and questions. TEXT THE LINK ABOVE . We'd love to hear your thoughts and suggestions for future episodes!

BUSINESS BENEFITS FOR HAVING SECURITY ASSESSMENTS DONE 

[00:00:00] @David Mauro: Lucky to work for a great group of people you really believe in. Find yourself making an impact. Technology is a river that flows through every aspect of an organization, and today is different. We put ourselves and our organizations literally at risk of complete destruction every single time we get online.

[00:00:21] @Mark Mosher: One click, one distraction is all it takes.

[00:00:25] @David Mauro: Hi, cybercrime joke is this is your host, David Mauro, along with co-host Mark. Come join us as we explore our research into these blockbuster true cybercrime stories, along with interviews of leaders who built and protect great brands.

[00:00:44] And now the show.

[00:00:52] Good morning and uh, welcome to Cybercrime Junkies. I am your host, David Mauro in the studio today, we are very fortunate, uh, to be joined first by my illustrate Coho . I was wondered if you're gonna recognize that I was, I was on the screen too. You studio as well. Good morning. Good 

[00:01:11] that's great. You are my illustrious fantabulous co-host, which is the words I got from my "insincere things to say to coworkers" app. 

[00:01:20] @Mark Mosher: That's really good, always effective. Always effective. It's fantastic. 

[00:01:24] @David Mauro: We are joined today by Travis De Forge and Christian Scott. Gentlemen. Welcome. 

[00:01:30] @Travis: Thank you guys for having us.

[00:01:31] @David Mauro: We appreciate. Great. I am really excited. Uh, we are aware of your work both professionally and in your passions, your your projects to help the security community. We're gonna get into that. We're gonna talk about tips for people to get into cybersecurity. We're gonna talk about, uh, what we see. You know, and then we'll open it up for, uh, discussion.

[00:01:54] We get to do this live, which is always fun, cuz you never know what questions will pop up. So we're always excited about [00:02:00] that. So, um, so, uh, let's start with, uh, let's, lemme pick one of you. Let's talk with, uh, Christian, kind of, um, tell me kind of where you're from and how you kind of got into, uh, uh, security.

[00:02:17] And then I want to ask you how you met Travis, et cetera. Fantastic. Uh, so first and foremost, uh, again, thank you guys so much for having us on. 

[00:02:25] @Christian: Really appreciate it. Um, that all being noted. Uh, in regards to our background, Travis and myself, uh, currently work at, uh, go Vanguard Security slash Gotham Security.

[00:02:36] Uh, I am our Chief Operating Officer and Chief Information Security Officer. Travis will introduce a little bit about himself and his role in a. Uh, in regards to, uh, just kinda our site projects and what we've been doing in for the cybersecurity community and helping people break into cybersecurity, uh, we've had, uh, two main, uh, initiatives and projects that we've been investing a lot of time and resource into.

[00:02:57] Uh, one is, uh, cyber Judo, uh, where, uh, Travis and myself do, uh, weekly Wednesday night, uh, training sessions with folks. It's very candid and, and off the cuff, and a mix between a little bit of an instructional. Is kind of podcast type of feel, and then opening up to discussions with people in real. Real time so that they can kind of pick our brain.

[00:03:17] Right. Uh, and then the other, uh, initiative that we have for helping people break into cybersecurity and also build their leadership skills is Enclave Regener, which, uh, myself and my, uh, partner Blake Sham, uh, works with me on and creating that type of content, uh, and which it's got a little kind of like codified into like a.

[00:03:36] @David Mauro: In knowledge base, it's really easy for people to find and to navigate through and search through, various like databases, guides, tips, trends, all that, that stuff really cool for those that haven't checked this stuff out. Um, and, and we will, we'll get into this in just a second, but, um, Tell, tell me about Phil.

[00:03:54] Tell me who, who Blake is the person that you, um, uh, joined. I know who Blake is through [00:04:00] LinkedIn, but how did you guys, how do you guys know each other and what came, what gave you the impetus to come up with, uh, enclaved? Regenerist? Because it's really cool.

[00:04:09] @Christian: It's really interesting. that, that's a fantastic question.

[00:04:12] Cause it, it continues with the lead in right? Of like the introduction of myself and like getting started in cybersecurity. Mm-hmm. because when initially I got started in cybersecurity ish, right? It was very much from like a technology heavy background, right? When I was really young doing like software development when I was about 14 years old, I got into programming and then I thought to myself, Hey, you know what hate doing for a.

[00:04:33] I would, by the way, can I swear here? Is it all right for me to swear?

[00:04:36] @David Mauro: Of course. We'll just, we'll let Apple know, but before it's released as a podcast later. Okay. I'll just, don't worry.

[00:04:44] @Christian: I always used to say to people when I was really young and I was like, Hey, I want to be an awesome software developer.

[00:04:50] And I would hate doing anything like fucking networking. And then trying to find out, my first job was in network administration. In network. You gotta start where you gotta start, man. Exactly right. And so for, for many, many years I, I was on the blue team side of doing , building data centers, architecture work and all that kinda stuff.

[00:05:07] And I worked for an IT managed services firm at the time, and believe it or not, Blake, who started Gotham Security, came to us one day and was like, Hey, you guys doing any pen testing? I was just like, sure, I'll try it out. I'll give it a shot. Right. You know, let's just, you know. , build the planet as we fly it here and got into it.

[00:05:25] So she was the one who actually initially got me into cybersecurity and her background in business development and marketing. And then as we kind of like dug into it, I, I was just really enthusiastic, engaged with it and soaking it all up. And I really loved the red team side of things. Yeah. And so as time continued forward, , we essentially merged forces between, our current firm go Vanguard and, and Gotham Security.

[00:05:49] And so Blake and myself essentially collaborate on a day-to-day basis of, you know, project management, customer relationship management team and culture building and all that kind of stuff. When it came to, to [00:06:00] enclave Blake and myself really said like, You know, for other people who are aspiring to be like young cybersecurity leaders, what type of resources and guidance can we, can we provide them, you know?

[00:06:10] Right. And it's a little bit of a different format from the cyber judo stuff because it's a, Hey, let's codify this into a set of guides here. Not necessarily AMA format. Pick my brain here, 

[00:06:20] and so Travis and myself on the cyber judo side, You know, we had it where you know, I've been mentoring people in my free time for a long time now, for probably about six years.

[00:06:29] And Travis started getting into it as well, and we thought like, Hey, wait, why don't we join forces? Like, you're working on these nights and I'm working on these nights here. Let's just kind of collaborate and just get it all together. And we're like, Hey, you know what, why don't we like put like these up on like, you know, LinkedIn and, and, and spread the word and, and like the more impact that we have, the, the, the greater, you know?

[00:06:46] And so that's kind how they both like kicked off. It was very. Organic and, and neither of those like initiatives that we have are really associated to, you know, go Vanguard security or Gotham security in a sense of like, you know,, we do this as a, a project of, of of love, right? We don't have, we don't run ads, we don't ask for money, we don't have any fees, we don't sell 'em merch or anything like that.

[00:07:07] Driving to myself legitimately are just kind of interested in helping people avoid the pitfalls and all the bullshit that we had to kind of go through as we got on into cybersecurity. You know what I mean? 

[00:07:17] @Mark Mosher: Absolutely, absolutely. 

[00:07:20] @David Mauro: I absolutely love it. 

[00:07:22] So if people will have links in the show notes when we push this out, especially as a podcast because that's where the long tail reach really comes from. Christian and Travis, we get tens of thousands of, of, of listeners later. So we will have links to this and, and I encourage the listeners to. Go check this stuff out.

[00:07:40] Like it's different. I'm telling you all.

[00:07:43] @Mark Mosher: Yeah. It's a different look, it's a different field and yeah.

[00:07:46] @David Mauro: Who does the design? My guess is it's Christian. I'm just guessing.

[00:07:54] I haven't met Blake yet. But my guess is it's Christian. Is it are, are you [00:08:00] the designer here or who's got the creative?

[00:08:03] @Christian: Uh, when I did software development, I did a lot of graphics design and web design work when I, okay. That explained, and actually I was one of the, uh, I was, um, so, uh, one of the large chip manufacturing firms that exist in, in the world. I helped actually develop their, their logo, uh, and they're based right out of Malta, New York called Global Foundries.

[00:08:25] @David Mauro: Ok. Ok. And I, let's go down a rabbit hole. So, so, so, so hang on. Let's go down a rabbit hole. So, how did, how did one of the largest chip manufacturers with all the resources and their global connections go? We need a, we need a, Somebody get Christian? Like, how did that happen? I was part of a team. I, so, so I was part of a, of a firm in the Saratoga area, and Saratoga in New York is very known for being a very artsy, sophisticated area, that kind of stuff.

[00:08:57] @Christian: Yes. I was working for a small business at the time, and the reason why Global Foundries chose that business is because, They were basically incentivized by New York state. Right. To Okay. Oh, all. Take somebody local. Take somebody local. Exactly. Yeah. At the right time. Gore talented. But when it comes to our, nor we nor, yeah.

[00:09:22] We should get along just fine. . Yeah. Nor are we. We were like, I'm a, you know, a. Little peek behind the curtain. I'm a huge true crime fan because of my background, right? And one of my favorite podcasts is crime junkies. And so we do cybersecurity. We were thinking of starting a podcast. We had a prior one on brands, brand ology and stuff.

[00:09:43] And then I was like, well, there's gotta be, mark and I were on the phone or on a Zoom or something. I'm like, well, there's gotta be cyber crime junkies. And we looked it up. , nobody has it. So I'm like, I'm registering the trademark on the URL that afternoon. We got a ho uh, we shifted over our [00:10:00] podcast like we did it immediate.

[00:10:02] So a lot of it is just at the right, having the right idea, right at the right time. Exactly. For the enclave stuff. Blake and myself collaborated really closely on the design in, in the field, but you know, when it comes to, you know, making it happen and slapping the website together, you know, certainly I'm a little bit more on that side as for, uh, cyber judo that has a bit of a different feel and it's very weaky like you're kind of, uh, to be interactive resource research like, and it's really.

[00:10:29] Like it's, it's exactly, they're, they're different fields and so, but I'll tell you the content is, and, and, and I'm, I'm telling you if like, if you're technical and you wanna advance your technical skills, like both of them have phenomenal resources. But when you are just doing what you're doing and you want to learn all of.

[00:10:51] The best practices, the current things, some of the trends, like you guys really, you, you almost gamify it for people like it has the game gamification feel, and I tell our company, mark and I talk about it all the time, if I could create a mobile app or a video game that could just help people have fun and learn about cyber.

[00:11:14] Oh my gosh, I would do that 24 7. I would never sleep like that is, that's a good idea you got there, . They're both scratched your head like, you know what, you, you heard it here first, so I'm just letting everybody know this thing comes out in a month. We heard it here. . So, so for, for, for Cyber Dojo though, uh, Travis and myself collaborated really closely on that actually.

[00:11:37] Um, Travis had an initial background in when he was really, really young. We first met in mixed martial arts, and so that was kind of like the aspiration behind it, that kinda stuff. Ah, and so very, like, very cool. Yeah. Not judo, but I did, I didn't teach martial arts for about a decade before I joined the serve, so, so, yeah.

[00:11:54] So, so let's switch gears here and then we'll come back. Okay. So, Travis, tell us about [00:12:00] yourself and, and then I want to, and, and your path into cyber security, and then I wanna hear how you. Yeah. Yeah. So, because I know Travis, you have a, a military background and, uh, that's always inspiring cuz there's a lot of people that enter cybersecurity from the military, both because of the technical skills and my, this is my, my two both because of the technical skills that are gained in the, and the experience, but also because in cybersecurity there's a bigger calling.

[00:12:29] Would you guys agree? Like there's a bigger calling. There's a, there's a sense. Protection of others. Right. And that is something that's ingrained in people that join the military, and that's why I love it so much. But they tend to be pretty patriotic people. They tend to be people that are very creative.

[00:12:49] It's a great mix. It's a great community. So Travis, tell, tell us you uh uh, The organizations we've been talking to are mostly in the New York City area, right. Manhattan, et cetera. Um, but you are in the Central Plains area, North Dakota. Right? North, north, North Dakota. Um, which actually has worse weather than.

[00:13:15] You better . Yeah. So, um, so we're, we're, we're, we're stocky people. We're, we have people with grit in the Midwest here. So, um, tell, tell us about your, tell us about your journey. Tell us about yourself please. Yeah, so I, I definitely come from a much different, uh, upbringing into the industry than Christian does.

[00:13:34] I don't come from a tech background at all. My undergrad was actually in Mandarin. And Wow. I did. I did Army

[00:13:44] Were you in these back stories? Love. I know. I love this. Like some, somebody's, like I was a guitar player in a band in Tulsa and then I became a sock manager and I'm like, these back are always the best part. Yeah. How didn't you do ? [00:14:00] How did happen? Mandarin. Mandarin, Chinese. Now, were you already in the military when you were getting your I was on an Army RTC scholarship, so this, I had the opportunity to do a tactical language at University of Vermont, which they offered two of them, Chinese and Russian choose.

[00:14:13] I can do that. Okay. Chose Chinese, spent some time in China. Met my wife in Shanghai and graduated. Very cool. As a active duty military intelligence officer, wow, you would think that with Chinese language and working in intelligence, I would've gone over to the Pacific Command. So naturally I was placed by the government in Eastern Europe with a company full of Russian linguists.

[00:14:36] Right. Why not? Because that our government at work . What happened, guys, I love you guys, but some of the decisions, I'm just . I wonder why we're getting our butts kicked, so, all right. Okay, so you're, you're in Eastern Europe. Yeah. So you're in Eastern Europe. It was. doing more of a managing oversight position over a unit that does, uh, real world intelligence, mission supporting, uh, US Army, Europe and European command.

[00:15:06] So we, we did things like sig signals intelligence, electronic intelligence, open source intelligence, human human intelligence, all that kind of things. And it was a fusion center. So we bring all those things together and it, it was really interesting to learn about those different forms of intelligence, but also see how they can, can aggregate to form a bigger.

[00:15:24] Now I was, didn't really have much of a, a tech-heavy hand in that role. But when I switched to my next role at Fort Irwin, which is a, uh, combat training center, one of the largest in the world, that's actually where army units will go and they will train and practice against a on station unit. So it was actually the Army's version of a red team to certify.

[00:15:43] Cool. So when I worked over there, I was actually on the red team and I was in charge of doing, uh, information operations. Uh, misinformation campaigns, a lot like what pen testers would call social engineering at scale, doing tactical deception operations. And I also had got a chance to work there on [00:16:00] a really interesting, uh, cutting edge, uh, micro UAV program, which was swarming.

[00:16:05] So we would have 40 plus UABs all controlled by basically one 18 year old kid with an iPad. And that was the first time that I was in like a, a project managing role of something that was very tech heavy where I had to really learn about te. And I just, I loved it. I loved the idea that we could go out there in the middle of the Mojave Desert, build our own wifi, which I didn't even think was a thing you could do.

[00:16:26] Right? Push a 2.4 gigahertz signal out and then fly, fly all these drones out with a cyber payload and tar and target units down range. I thought it was so cool. So I started, I started learning more about technology. I got a master's degree in IT management while I was out there. Uh, so that's a blast. So let me, let me pause you there.

[00:16:46] Given that experience that doing that in the Mojave De Desert and, and seeing that, that's gotta be like, and how old were you at this time? At the time of that? 4 25, something like that. Okay. So that's like every young boy's drink. Like you got toys, . That's some really cool stuff. Like military stuff. You got creativity.

[00:17:08] You're out in the middle of nowhere, like they let you do this. Like that's a great playground, right? Like that. I can see why that total, like I always look for the triggers. Like something in life that happens, that inspires somebody, pisses somebody off, does something that makes somebody drive. Like, why are you reading this at one o'clock in the morning when you're 44?

[00:17:35] It's like, well, let me tell you, when I was 22 this happened. And like a lot of it goes back to like some of these things that drive people. And so I'm always trying to find that out. So this like, that's a perfect example. I'll send you my therapist Bill later, . But uh, just, I'm just trying to try and so let's go back to the desert.

[00:17:56] So you figure that out, then you get your master's degree. Mm. Yep. [00:18:00] And at that point, uh, when got married, we had a, we had a baby on the way, thought we were, we're planning on getting out of the service cause I'd been to like 28 countries and four years and moved nine times and we're kind of Wow. Little, little bit.

[00:18:12] Yeah, it's a lot. So I started looking at options. I spun up a LinkedIn, which I had like years ago and never looked at again. Reconnected with Christian who actually met years. Which I get into a little bit. Yep. Um, and I learned about this really awesome program that the DA Department of Defense has called the Career Skills Program, or in other services that there Army.

[00:18:29] It's called Skill Bridge. And what it is, is it's an opportunity for service members in their last six months of their contractual service to do an internship with a civilian, with a civilian company. And it's a, it's a great win-win because the company that's providing the internship doesn't have to pay them.

[00:18:45] They're still being paid by the. And then it extended. Just, it's, it's there to help ease the transition for certain, and that's a win-win for, for people. And a lot people don't, don't, don't, don't realize that. What's it called again? Just so that people that are listening in the army, it's called Career Skills program.

[00:19:01] Um, but it exists in all the other four, all the other branches as um, skill Bridge. SkyBridge. Right. Okay. That's pretty, so I had, I actually got to do that with, uh, go Vanguard and there obviously we do a lot of penetration testing and all that. I didn't really have that hard of technical skills. I had a little understanding, I had security plus, but, uh, you need to choose the, the, the place where you did it or was Go Vanguard already approved by the, by the government.

[00:19:27] Good. Great question. So there are a whole bunch of organizations and. Individual companies that do have pre-approval on it, and there's a certain number of slots and people can pick from a pool of that every year and apply, but it service members can also do one-offs if you go through the, the paperwork process of getting the individual legal approval done and all, all that things.

[00:19:47] And thankfully I had, uh, we had identified it and Christian had approved it on the Go Vanguard side early enough that I was able. Get a, you know, a single legal, uh, legal agreement, thumbs up from the military to do it with Go Vanguard. So it [00:20:00] was the first time go Vanguard did it. We've done it several times a uh, after me.

[00:20:04] Interesting. So let's, so let me ask you the elephant in the room. How did you two meet? Because you had met, you said you had met before and was it through LinkedIn or was it through some other avenue? Like how did you guys first meet? Oh, I, so Christian grew up in upstate New York and I was in Vermont right over the border.

[00:20:24] So we actually met in high school just through some mutual friends. Really? Yeah. And then we, I love these backs, stories, . Yeah, I know. And then I, I went, when I went to college and the service, I pretty much dropped off the face of social media. Right. So we were out touch. Right. Eight years-ish, something like that.

[00:20:42] A long time. Um, and then when I started, I got back on LinkedIn and I started talking to people and just reconnecting with some old folks, older folks. Christian reached out and was like, Hey man, do you wanna hack some banks? And I was like, no, I think I illegal. I didn't even know what pen testing was. We kept the conversation going and, uh, uh, it, it seems to have worked.

[00:21:03] That's, that's fantastic. So when, uh, Christian said, do you wanna hack some banks, was he thinking like you guys connect you, you download the tour browser, you both connect on Telegram and talk already doing it by a bank. To actually penetrate so that they can fix their, oh, these are, these are C guys.

[00:21:27] These are the good guys. I just didn't know, just let Vito over here. But when, when we were kids, when we were younger, we got to have all types of fun. We did like things like metalworking in the backyard and all that kind of stuff, and making taser gloves outta disposable cameras, all of that just. Kid stuff, you know, the typical kid stuff, right.

[00:21:47] Crack anal thing, you know, car batteries and boiling it down and get, you know, you know, like, you know, pulling acid for whatever reasons, you know. Sure. You know, that, that's, that's fantastic. [00:22:00] So let me, let me boil it down to let's get some advice for, for, for people. So we'll start with, uh, let's, let's start with you Travis.

[00:22:09] Um, what are your top. Top three, let's say tips for people that want to enter into cybersecurity. It's a really general question, and I apologize for that, but I know it's on the back of a lot of people's minds. The. Top, top of the list for me, right off the top of my head is certainly to leverage LinkedIn and other social media platforms.

[00:22:31] The, the right way. Being on there and doing the little thumbs up thing on different things or posting interested on job postings. That's not, that's not gonna cut it. You have a really awesome opportunity to interact with a community that is very, very, very active and just by, there's some really.

[00:22:48] Cybersecurity talent on LinkedIn. Absolutely. And what I love about the community, I just don't, I don't mean to interrupt, but I talk a lot. Sorry, I, you know, I haven't got a podcast. Um, but I do wanna just say, th this community, the cybersecurity community on, on LinkedIn. They really are helpful. It's a really positive one.

[00:23:10] It's a very supportive group when somebody's like, and so often you'll hear somebody chime in and they don't usually give a lot of content usually, but then they'll chime in. They're like, I'm on my seventh interview. This sucks. And five or six people will chime in and say, don't give up. Let us help you DM me.

[00:23:28] Like let me walk you through it. Maybe it's a question that you're getting stuck on. It's like total strangers from around the world are like trying to help this person Yeah. Get a job. Like what a great, what a great platform. Like Yeah. That's actually how I started, uh, doing mentoring with people and, and making content that, and eventually turned into cyber Judo is, I was, at first I was, I was new to the industry, but I had done sec plus net plus and pen test plus, so I was just helping people study for security plus, you know?

[00:23:56] Yeah. So you had gone through the traditional. Getting [00:24:00] certain certifications along the path, right? I, I, I did a, I did a little bit, uh, for me, maybe it was the, maybe it's the structure of the military background, but having a right specific path with an endpoint, uh, really helps me hone in on what I'm studying.

[00:24:14] Uh, now I'm a little bit, now I'm a little bit less about, you know, Doing the certification test, it's really more about learning the content. So, uh, but when you're coming from nothing, like when you're first learning though, like having those fundamentals and having that, that background is critical of it.

[00:24:29] The, the fundamentals. Exactly. What I would say for 0.2 of getting into it is you need to learn the lexicon first. So a lot of people, you know, they, they watch Mr. Rob Robot and then they think they wanna be a pen tester. So the first thing they try to do is the O S C P, that's not gonna work for you. It's not gonna work for.

[00:24:43] Now, and you'll be, it'll be much better off getting an understanding of the language of security, how security professionals talk. And a good way to do that is something like the security plus, whether you take the test or not, it'll give you the, the, the understanding of what the different attacks are at a high level, understanding what the words mean.

[00:25:01] Then you can start honing in on a specific area that you wanna focus on. And there's great free resources like Professor Messer on YouTube. He's got awesome content. Full. Yeah, he does. That's what I use. You don't need to pay a bunch of money. You certainly don't need to pay for a $3,000 bootcamp or something like that.

[00:25:16] That's outrageous. But the content is out there. But people get so fixated on the shiny thing, right? That they forget. You need to build the foundation, uh, before you can go forward. And, and it gets into the 0.3 is once you have that foundation, pick a niche is civic secur information security is massive.

[00:25:35] Yeah. And even, even pen testing is massive. There's a bunch of different kinds of Yeah. Yeah. Right. And not saying everybody has to be a pen tester, that's just what I'm particularly aware of. Mm-hmm. . But, um, you can be. A gray expert in any, any different one of those areas. And it's okay to have multiple different interests, but a lot of times what I'll see with people that I do work with, that I do mentoring as they're trying to get into the industry is they think they need to learn everything.

[00:25:59] Right? Right. They [00:26:00] think they need to be the master of this, of the security incident, event management. System. They need to know how to do web app, pen test. They need to be cloud. It's too much. They're, they're trying to light off too much. Yeah, it's too much. That's, that's exactly right. So a lot of times when I, when I'm working with people, I'll say, oh, oh wow, you have a little bit of, you have a background in web development.

[00:26:17] That's really awesome. Why don't you focus on web app security? Why are you so interested in doing this Cisco certification? I mean, that's great. I'm glad that you're interested in that. But why don't you strong point this area? Then once you get in, once you get through a foot in the door, then it's a lot easier to spider out into different.

[00:26:31] Absolutely. No, that's a great point. When we talk to people throughout the community, it's a lot of leadership in the successful people always gotta figure out what that endpoint is that you want and why do you want it, and then even reverse yourself into it from there. But don't, don't just go out and get certs to get certs.

[00:26:49] I mean, they're good to have. Yeah, but to Travis's point, it's really you gotta build that fundamental foundation because that's your launching pad. But, but you gotta have launch. You can't be a master of everything, right? As big as cybersecurity is, it's very specific when you start traveling down that path and take that journey.

[00:27:08] So, yeah, that's a great point, Travis. That's excellent. So let's shift gears here. Uh, uh, Christian, tell, give, give us your, your, your top thoughts and top suggestions on, on somebody wanting to break into to the. Fantastic question. Uh, I think building off of what Travis was noting in regards to, like, he's particularly familiar with, with pen testing, right?

[00:27:32] Mm-hmm. , the things that usually people are attracted to first is the pen testing and everybody thinks about pen testing and that's, that's the sexy thing in the room. Right when we talk about cybersecurity information security, and so my, I guess my first big pro tip to folks is know that it, cybersecurity information security is more than pen testing.

[00:27:50] And actually, um, on, uh, cyber judo, we did a whole session on this and we have a page on it about resume writing and career skills tips. And we got this big [00:28:00] diagram of like, Hey, here are all the different cybersecurity domains, you know, for cyber threat, inte. Right. And you know, security, architecture and governance.

[00:28:08] Risk and compliance, right? There are so many different elements. Don't just like narrow yourself down to something that's just the pen testing or just this or just that, right? And as you then explore what potential career paths might lie out there, you can kind of line that up to. Strengths and your weaknesses.

[00:28:27] So for example, somebody who might have better soft skills might be in a better role for let's say information security or cybersecurity project management, right? Or sales, right? Right. Um, and so you don't, don't just have to be a pen tester. Uh, and one of the things I also say to a lot of people is say, Hey, if you're looking to be the super elite hacker motherfucker when it comes to pen testing, That you have to live and breathe every day.

[00:28:51] Are you willing to sacrifice that? Right? And like, are you, are you that passionate? You can get into the, into the introductions and basics and fundamentals of like network pen testing and web pen testing. But after that, when it comes to like APIs, cloud security, architecture, and like mobile app pen testing, you're gonna have to really love it, right?

[00:29:09] And. , certainly, again, explore all the career opportunities and domains out there. And I think too, what, uh, mark was, uh, noting a little bit, identify a goal point. I always like, one of the things I, when I mentor people, say, okay, where, where do you want to be in two years? Right. Right. I wanna be this, making this amount of money.

[00:29:28] Okay. Is that optimistic or is that realistic? Right. And then starting to line up what's based on, right. Like what's it based on, like where you, where's it gonna come from? Like a, as opposed to, and I always have an issue with that. And there's nothing wrong with. making money. You know, it's a capitalist society and honestly, we all need it because that's what, that's the fuel.

[00:29:49] Yeah. Make. You can't make that. My advice to people would always be, it always has been like, don't make that the end goal. It's a result. Mm-hmm. . Right, right. Have your [00:30:00] end goal be something you would love or at least not despise doing on a regular basis and get good at that. The money will. Right, exactly.

[00:30:09] And if you wanna make a certain amount, then pick an end goal that pays that amount, right? Like you wanna make. Right, you, you, you want on your target, and then run it backwards, right? What are the school skills? What is the knowledge? What's necessary for that? This way, what you can do, practically speaking, is narrow down where you need to focus your domains of knowledge.

[00:30:29] Because one of the biggest problems also in the cybersecurity information security community is there's too much information. It's information overload, right? So once you identify your goal point, work that backwards, figure out the specific tracks that. Focus on, right? That's gonna make your life a lot easier, right?

[00:30:45] And you're gonna be a lot more productive. My second big pit, uh, big tip is, um, it, and this goes along with Travis talking about LinkedIn and getting out there, is find a mentor, uh, interface with your peers and find a mentee, uh, mentor. There are a ton of great mentors out there, and, They don't require money.

[00:31:03] Really good mentors at the end of the day. They want to just help other people avoid the bullshit that they went through, right? And find hardworking, motivated folks. And it's like, Hey kid, you know, here's a couple good tips for you, right? Here's a couple good tricks. Here's a couple things I learned the hard way.

[00:31:18] So you can find those folks as long as they're not asking for money or asking you to do any sus. Like, Hey, you know, you could go test this thing without authorization. No. Like , you have to, you have to, you know, use a certain level of just, but when you asked Travis to break into that bank , by the way, you know, so we're gonna have to call our in the Yes.

[00:31:41] In the acronym business for 15 years. Okay. . But anyways, uh, and then, When it came to, uh, and then when it comes to, uh, networking with your peers, being in the trenches with other people, sharing tips and tricks on what's going on, uh, and um, this way you're always kind of on the [00:32:00] bleeding edge of like how other people are doing things.

[00:32:01] And, and maybe sometimes you want to avoid how other people are doing things cuz you don't wanna follow the zoom, right? Right. You wanna differentiate. Right. And then lastly, having mentees, right? Even if that starts with your mom or your spouse or your kids talking about even fundamental things, right?

[00:32:17] Like being aware of how much information you put on social media, protecting your workstation, your mobile device, that kind of stuff. The reason why having a mentee is important, even when you're entry level to cybersecurity, is because it helps you build your own leadership skills, presentation skills, right.

[00:32:33] And foundation improve to you. That's really good. And you know, so for listeners, you know the people that'll listen to this in a month as a podcast. Um, some of 'em aren't even in cybersecurity, right? Some of 'em are business owners. Some of 'em are working in a, in, in, in a bank, in a finance company, insurance, whatever.

[00:32:52] But this advice then, the advice that we get from people in this community applies to every industry. That's brilliant, Christian. And I'll tell you why. Because you don't know a topic until you have to articulate it, right? And to articulate it, you have to. Right, because, so to be, to have a mentee, you have to be able to explain it in English, right?

[00:33:16] And so by being able to do that, you're simplifying it down, right? Like if you learn 75 different aspects of something, right? You can't tell somebody that is your cousin or your mom or your college buddy or whatever, 75 things that you just learned, you need to say. I learned and you need to start synthesizing it.

[00:33:38] Right, and then to, to, to, I think there's great sophistication in simplicity. I, I think, you know, I mean, think about, you know, think about brand slogans. Think about like, you know, the dairy industry tried to get us to drink milk for decades, telling us it was really good for us, part of a four course aspect [00:34:00] of our, of our, uh, of our, of, of our diet.

[00:34:03] And it might have been a lie, but it's, they still were doing it. But the point is, is that it kept going down, sales kept going down, kept going on. Then they came up with, got. . Yeah. And sales R Rocket it up. Doesn't even talk about the product. It talks about the absence of the product. Right. But it's brilliant because it talks about the need.

[00:34:20] It identifies exactly when you need milk. Like when does somebody buy that product? It's when they go into the refrigerator, it's not there. Right. They need it for their coffee, they need it for whatever. They identified that. Yeah. And by doing that with these complex ideas, as a mentee, like having a mentee, it allows you to synthesize what you're learning.

[00:34:41] into simplistic terms. It's a really good idea. It's a really good. That's one of the things I tell folks all the time in our cyber judo sessions, that kind of stuff, is at the end of the day, you need to be able to communicate to business leaders in their terms, right? And how it's actually gonna impact the organization and how it relates back to the top line and the bottom line for the organization.

[00:35:02] Throwing jargon at people is not gonna be very productive or helpful. If you want to orchestrate real change and improve an organization's cybersecurity posture, that means that what you need to do is take the opportunity to understand who you're communicating with and boil it down, break it into the action items, right?

[00:35:21] And then. Provide them a roadmap to success, right? So like our firm, which this is not a sales stick or anything like that, but one of the reasons why we're a small but mighty, you know, boutique firm and we do pen testing for tons of multi-billion dollar companies and all kinda stuff is cuz they love the simplicity in the pen testing report where it's not focused on the vulnerabilities and the weakness and just like, oh, go fix that and go fix this.

[00:35:41] It, it provides a roadmap. Right of to success and it breaks it down into action items where executive management's like, oh, I get that. I understand that. That makes a lot of sense. Right? Like one of the things that we include in a lot of your technical aspect, this technical aspect would be bad for our brand because of this.

[00:35:58] We can go fix it by doing this. [00:36:00] Exactly. Makes perfect sense. Makes perfect sense. We'll put like a little diagram, uh, in a, in the majority of our reports, which is a swap diagram, strengths, weaknesses, opportunities and threats. So fundamental, so simplistic, great way to break things down for somebody telling 'em how their posture looks.

[00:36:15] Um, and then I would say for the third big point is when people are getting into cybersecurity, uh, a good way that you can help motivate yourself and really soak it up and immerse yourself is start to apply to your personal life first. Right? Which means think about. All the information you have out on the internet kind stuff, right?

[00:36:34] All the people finder sites, right? That you can just search up, right? You could see your address, your name, all your relatives, every email address, every address you live at, all that kind of stuff. You can find all your phone numbers, right? Mm-hmm. , all go to have imon. You can sell your accounts at, been compromised, look at your relatives, all that kind stuff.

[00:36:49] So start, start with stuff like that and cleaning up your own cybersecurity posture. Now start to apply that to, what about your home network? Are you using the Insecure, you know, uh,

[00:37:01] we're sitting over behind the tv. Yeah. Yeah. It's provided by the I p Oh, okay. Well here, how about you build your own firewall and configure it? Right? Right. And I'll tell you what you, you know, what's really, really motivating is when you're trying to set up a new firewall and you're trying to get the internet working again and you're really motivated cuz you're not getting a dopamine hit.

[00:37:21] The YouTube videos, right? And your social media like, fuck, I wanna fix the internet really quickly. Right, right. and engages you in that process and you know, so many o other aspects of securing your mobile devices and workstations. Like people should apply that to their personal lives first and to their relatives and to their families.

[00:37:36] That's gonna help them immerse you, get you started, make you feel confident, and then you can build from there right into, you know, setting up a fantastic pen testing lab and all that kind of stuff. That's a really great point, Christian. That's a really good point. I like, That's fantastic. And we've done sessions in the past on setting up your home network or PO poking at, uh, out of the box routers and all that.

[00:37:58] It's on Cyber J for free. We've got videos, we've [00:38:00] got guides on exactly how to, things to consider, different ways to go about it. That's great. We'll, we'll have links to that in the show notes. I've been playing around, I've been poking around your sites for a while. Like, I love that stuff. I, I learned something.

[00:38:12] I go down a rabbit hole. You'll have something on there and then like five hours later I'll look up and I'll be like, crap, I gotta get shit done. Like I've got , . These two guys set me down a rabbit hole. Like I've gotta get, I gotta get back on task. David, we had one, uh, one of the viewers, Joshua had a question.

[00:38:30] You may wanna pull that up and see what Yeah. See what Travis and Christians say. So, uh, Joshua Shut and dod um, asked any recommendations for cyber forensics as somebody wanting to go into uni apprenticeship in the uk. . Ooh, that's a really fantastic, that, that is a really good question. This is why we do it live, man.

[00:38:50] Like I, that question was not coming outta tomorrow or Mosher, I'll tell you that. Yeah, no, I, I, uh, so, so Travis has the, the con more conventional, again, certifications path, that kind of stuff. As I was elaborating to just a little bit earlier is I came from a background of when I was really young getting into computers and software development and just.

[00:39:10] Tearing our apart shit, right? And so my recommendations are really gonna come from a more focused on the skills, focused on learning it right type of background, not necessarily a certification. So I do not have any certifications and in mind, particularly around cyber forensics, so my apologies to that.

[00:39:27] But in regards to things to play with, and things to leverage and whatnot, what I would highly recommend is this. So I would probably start out with either grabbing an old computer or old device. Or making a device right? And set and, and, and setting it up, right? Pull the hard drive out, right? And then what you can do is get a, get a right blocker off of Amazon or that kind of stuff, right?

[00:39:47] And so you could start to forensically image, right? Without manipulating the original data on the, on the hard drive, right? Image it. And then now take that image and hey, can you get that mounted up into a virtual machine, right? To start analyzing [00:40:00] it in real time and performing dynamic analysis. or get familiar with tools like autopsy is probably uh, one of my favorite tools.

[00:40:07] It's open source and it's free. It's very thorough and and effective, and you can melt your forensic image to that and start sorting through it and getting a good feel for what type of insights you can get from that. I would also say getting familiar with some of my favorite tools, being like low-key is a really great one, especially cuz it has like yaro rules that are a belt in for looking at the file system for any types of interesting indicator.

[00:40:30] Compromise, uh, and any type of hashes that might be associated with malicious actor events. Uh, but um, those would be some of the just kind of initial pro tips there and, you know, my background. Okay. Hang on. Let's, let's, let me, let me back you up cuz you just had a couple good recommendations. Yeah. State the names of those devices help you confine.

[00:40:52] And then, um, and, and, and then you also mentioned something about Yari. And I wanna ask you what does that mean for listeners later on? Cuz some of these people have done this before. Some of 'em have no idea. Some of 'em are just interested in it, so. Uh, he's, he's scrounging around, down below. I think he's looking for the cash from that bank.

[00:41:11] I thought my forensic right here. So I'll a specific name of the right blocker device that I use. So for listeners, he's like pulling out like a bag of tricks. Oh yeah. frigging magician. He left his Scott like, wait, there's a rabbit back there, I think. No. Yeah, right. . So I got a C R u, uh, weep Tech forensic Ultra Doc.

[00:41:31] Uh, this is really fantastic. It's a really, uh, what does that do? What does that do? It looks like a old floppy disc. Uh, it, it allows. It allows you to mount up various types of media, like hard drives and all that kind of stuff, uh, for forensic analysis. And it's a what's called a right blocker that prevents, um, essentially you as a forensic and analyst, uh, from and overwriting the actual data.

[00:41:56] Yeah, so you don't affect, quote unquote the crime scene, right? Right. [00:42:00] So pick up one of these. I would say to start with a great open source tool. It's called Autopsy. Um, so, uh, I would, uh, start with, uh, leveraging that. And then I would also get familiar with some other open source scripts and tools. Uh, big one's called Loki.

[00:42:13] And that has, uh, the Yara rules built into it, and it does a lot of other cool things. And what are Yaro rules? Uh, what, what? Explain, explain to us what those are. Yeah. So Yara rules are essentially a rule set for identifying, uh, various hashes and indicators of compromise on a, on a file system that a malicious actor might leave behind as they have, um, they gain access to a particular workstation or server, that kind of stuff.

[00:42:40] Breadcrumbs Smoking guns. Yeah. Breadcrumbs, smoking guns. It's fingerprints left at the scene. Exactly. So the YA rules will help you find those types of things. That's what we do. We simplify things for . Cause I, I, I, my, my litmus test is the glazed looked at Mark Getz. Yeah. And as soon as I see that, I'm like, let's explain it to 'em.

[00:43:01] Yeah. If it's not digestible data, then it's, yeah. It's not going down . Yeah. Uh, Sure. Okay. And I could be a little bit like carrot top. Sometimes when I pull out like my tools, I'm like, oh, I got a tool for that. Lemme get . You know? I love that analogy. That's really good. . That's phenomenal. The next step creates a great visual to podcast Travis.

[00:43:24] Gosh, you were there Is once you've got, you've got those tools you're starting to play with or you're starting to learn, get those hands on experiences. That's really good. You also need to let people know, people who you are applying to know that you know things too. So good. A good way to go about that is to start doing some write-ups, do some guides, post it on his GitHub, uh, of just the different labs that he was doing the different no, that's playing with do, do a little walkthroughs.

[00:43:47] They don't have to be complicated. Get, just get that up. Update one. It will show that he's, he's using something that everybody uses like GitHub. He's, it's demonstrating a little bit of his writing capability and that he's really interested in poking with these things at his, [00:44:00] in his free time. Then take all that material and start sharing it out on LinkedIn because other people are gonna be looking for those same kind of Exactly.

[00:44:07] That's a really good point. Holding that brand and it's gonna be a lot easier to get, get that first interview when they can Google you. Let's see what you've done. All the cyber forensic stuff that you've been. So from the business perspective and the career perspective, two things I wanna point out.

[00:44:21] What you guys were just saying was brilliant. Okay. And the two most significant things that I always try and help people with when they're entering into, I don't care if it's cybersecurity, you want to get into grc, whatever it is, right? However you want to break into the field, whatever it is, is developing that, that self.

[00:44:42] Right. And LinkedIn is the phenomenal platform to do it in. And while you will certainly create a GitHub and, and, and post your technical findings there. . That's the technical aspect. Technical people will go to GitHub, right? But people that would hire you won't necessarily, right? And so how do you bridge that gap?

[00:45:09] And one of the best suggestions I would always have is not only just to post that as original content, like, Hey everybody, have you ever wondered about this? Well, I did an experiment and here's a link to my findings on GitHub. . LinkedIn has a phenomenal newsletter opportunity, right? Yeah, you can. You can create your own newsletter, get subscribers.

[00:45:33] It's built into LinkedIn and you can, and literally you can copy and paste what you've done in GitHub. and just address. Always think of things. I always think of things like Iraq, i r, ac, right? Like what's the issue? What's the rule? How do you apply it? And then what's the conclusion, right? Or something, some model like that for just communicating a business case.

[00:45:57] If you do that and you demonstrate that on [00:46:00] LinkedIn, you're gonna have business owners, you're gonna have people that are the decision makers, c a. The technical aspect, right? And if they even understand it, that's great, but b, they're gonna see you doing this. You identified a, an issue, you applied the rules, you applied the technology, you solved it, and you came up with some conclusions.

[00:46:22] Like that is such a great step for self-branding. Um, the other thing you talked about, both of you talked about was the communication aspect. And I can't tell people enough, no matter what field you are in. Being able to build an internal business case, right? Being able to identify, here's an issue where like if you want to get a job or if you want, let's say you get the job right.

[00:46:49] What's the biggest struggle for internal resources? No matter what field, no matter what's niche you're in, and that is to get funding to accomplish something. Right? From a very simplistic level, we all feel it is that. . Oh yeah, certainly. I mean, one of the things I, I know people all the time is like, we'll have a pen testing report, and a lot of times I'm like, Hey, this is something that you can then take to your customers who are asking about your cybersecurity posture, right?

[00:47:14] Yes. And that's gonna help institute good trust with your customers, help reduce contracting friction, right? Which means that you're, it's gonna increase your revenue stream. Right, and at the end of the day, then they see the pen testing report, not just as a piece of technical insight, but also as a marketing deliverable and instrument.

[00:47:30] Right. Right. Why is that? Because at the end of the day, nobody wants to do business with people that are gonna lose their stuff. , right? Like, like, come on. Like, we don't wanna, we don't wanna do business with, like, everything everybody does is essentially commoditized, right? You like a jacket, you can buy a jacket anywhere.

[00:47:48] I'd like to buy a jacket from a place that's not gonna ruin my FICO score today. , can I do that? You know what I mean? Can I borrow, buy a jacket from a place that's not going to, you know, [00:48:00] um, compromise and file a false tax return for my kid? Can we do. , right? That's what, that's what security boils down to.

[00:48:08] And so by being able to work with organizations, just like you said, Christian, that have demonstrated right, that they care about their customers data, right? It means they care about their customers because it, it, it, they, they avoid the perils of technology. So that's really good. And building an internal business.

[00:48:32] Is so important, right? Identifying the issue, right? Identifying what your ask is, right? Talking about the alternatives, like state everything. Like when people make a internal business case, it's so important to be like one alternative is to do nothing. You don't have to fund this, you don't have to do this, but if you do that, here's the existing risk, which is why I'm bringing it up in the first.

[00:48:57] Right, that you have, here's what, what, what, what could happen? Here's where we're gonna always stay if we're stuck with the status quo. Alternative two is, uh, you know, take this path. Alternative three is maybe take a path with another vendor or something else, but you're gonna have this risk, right? And, and it lets you build your case and then you kind of conclude.

[00:49:18] I think just by doing that, it'll help you break in and it'll really help you in interviews too. Um, oh yeah. So when in, in some of your advice on, uh, resume writing and things like that, um, uh, you, you, you guys have resources on that. Is that, um, you, you guys can provide us those, those links and we can put those in the show?

[00:49:41] Yeah, we definitely wanna put those in the show. Yeah, I'm gonna like hit you with a denial service attack of resources. Okay. . Okay. Well, hey man, I'm protected by my Comcast router thing. Yeah, . I am, I unlock solid. So, [00:50:00] well, this was really good stuff, guys. This I, I, I really, I found this very useful and, and it's great to, uh, to see such, uh, leadership for the community, you know, as big as it feels is, is a global.

[00:50:11] You know, domain, uh, when you get on LinkedIn and start sharing some of these resources and start joining some of these groups. I encourage everybody listening, uh, and watching to follow Christian and Travis. Uh, it's a lot of good information out there that that is, as David said, there's a lot of people willing to jump in and help and share and, and guide, uh, in, in a moment's notice.

[00:50:34] So this was really good guys. I really appreciate you guys coming in for. No, absolutely fantastic. And, uh, Travis and Christian, this will not be our, uh, last conversation. I absolutely, no, not at all. , I got about dozen. I'm gonna reach out after this and we'll, we'll have other collaborations at Point. And Ryan, John said, look at that.

[00:50:53] He, he dropped the URL right in for everybody. He dropped the URL right in the chat. That is right dude. Uh, just as like a, a, a side tip for people breaking into cybersecurity. Yeah. And, and speaking of Ryan Johnson, cuz I think he's a really good, like, illustrative example of like the perfect type of, of mentee, right?

[00:51:11] And the perfect type of, of mentee are, like you guys were saying, folks who like engage in interface on social media. Right. Mm-hmm. , uh, and not just posts and comments, that kind of stuff, but, um, the, some of the coolest things that I've gotten, uh, out of folks like Ryan is they'll just shoot me a message on a side like, Hey, what are your thoughts on this?

[00:51:31] Hey, like, what, what are, what wireless adapters do you use for your wifi? I love that. I love it because it shows that while you go offline and you're busy at work and. They're at. They're thinking about it. They're thinking about it. They've got a question for you, and they trust you enough to reach out to you, and that's what it's all.

[00:51:51] And I would highly encourage that anyone who connects with, you know, Travis and myself, Hey, you guys can certainly send us questions off the sign, all that kind of stuff. And what I would recommend is, [00:52:00] hey, when you get a huge spiel from me of like all my little tidbits and details on how enthusiastic I am about cybersecurity and providing insight, take that and then go share that with other folks too.

[00:52:09] Hey, you know, I was speaking with blah, blah, blah, blah, blah. Here's a couple tips and tricks I happen to learn as. Or here's a couple additional things I wanted to add to it. And, you know, in some, you know, more context, you know, so that's a really great way as a mentee to build great relationships, network and, and likely build your career path a lot faster and in, you know, build that velocity to be, you know, you know much, you know, uh, , increase the momentum of your velocity, you know?

[00:52:39] Yeah. That's fantastic. So, uh, Christian, Scott, Travis, Def Forge, thank you so much for Yeah, this great stuff studio today. Um, we will be talking again, I promise you so. Absolutely. This, this is really, really, really fun. Um, you guys have classes every Wednesday as well. And, uh, we will have, uh, links in the show notes for, uh, for, uh, people to connect with you guys.

[00:53:03] Everybody get on LinkedIn. I'm just telling you, we are not sponsored by LinkedIn, but man, uh, LinkedIn, if you're looking, it's a great community. If you're listening, like, we owe you so much. Like this is, it is a great platform to learn, to share, to meet great people. Just, uh, just keep, keep on keeping on guys.

[00:53:23] So, uh, thank you so much. Uh, we, we, we really appreciate it. Any parting words that, that, that you gentlemen would like to share? Um, fir, first of all, thank you guys so much for, for having us. It's been an absolute, uh, pleasure and, and who, uh, we're looking forward to coming back hopefully in the near future.

[00:53:39] And, uh, when it comes to, uh, when it comes to cyber, uh, judo, uh, Wednesday nights 9:00 PM Eastern Standard time, uh, we, we always love having people join us. It's a Zoom meeting. It's a open format, right? You can unmute yourself and speak and ask questions in real time. And. Pick our brains, all that kind of stuff.

[00:53:57] So I'm always happy to have more [00:54:00] folks, uh, join us in that process and certainly don't hesitate to check out some of the, uh, resources we put on YouTube, some of the resources we have on Enclave, Regener as well. And hopefully it helps you guys out. If you guys ever have any tips, tricks, contributions, you guys want, add, we're big open source contributors and you know, we'll have folks contribute and make sure that they, you know, have attribution provided to 'em.

[00:54:21] Those are other really great ways, right, to demonstrate to potential employers. What you're doing and what you've been learning is contribute to the community. Yeah, yeah. It makes, it makes that resume come to life, right. That is fantastic. Hey, you guys keep on keeping on. We are gonna talk, um, probably a lot, lot more than you even think that we're gonna talk, so

[00:54:43] Alright, so, uh, everybody check these guys out, connect with them on LinkedIn, check out their information, their YouTube channel, their websites, their work. Um, thank you guys so much for not just joining us today, but everything that you do for the security. Yeah, thank you for what you. To the community.

[00:55:02] Yeah. You're welcome. Thanks guys. Have a good one. Bye now. Hi, cybercrime Junkies. Thanks for listening and watching. Got a question you want us to address on an episode, reach out to us@cybercrimejunkies.com. If you enjoy our content, then please consider subscribing to our YouTube channel at Cybercrime Junkies.

[00:55:19] Connect with us on all social media like LinkedIn, Facebook, and Instagram, and check out our website. It's cybercrime junkies.com. That's cybercrime junkies.com, and thanks for being a cybercrime.