Watch Now

Show Notes

We’re joined by sponsor and guest Dan DeCloss, CEO and Founder of PlexTrac, on the podcast today to talk about communication and collaboration between the red and blue side of cybersecurity and why security success depends on those two sides working together. On their mission to build stronger, more productive, and well-rounded security teams, PlexTrac provides incredible and insightful metric and messaging tools that change the game for the cybersecurity industry.

Timecoded Guide:

[05:36] Understanding PlexTrac’s history and mission for cybersecurity teams

[09:58] Lack of empathy and understanding in red team and blue team communication

[18:48] Breaking through the resentment and confusion within a team

[24:45] Envisioning the future of PlexTrac’s community impact

[27:52] Caring about your cybersecurity mission beyond yourself

Sponsors:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone

PlexTrac is pleased to offer an exclusive Red Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!

What is the function of PlexTrac that would help you the most as a pen tester?

With prior hands-on experience on the red side, Dan found his journey to creating PlexTrac to be full of moments where he wanted to fix the same problems he encountered over and over with reporting and communicating. One of these problems was solved easily with the addition of a video feature, a simple function that has existed since PlexTrac first began but is instrumental and is a huge time-saver for visual learners.

“As a pen tester, I hated finding that I had 20-odd screenshots if it's a pretty complex exploit. I think the adage for us is like, if a picture's worth 1,000 words, then a video is worth 1,000 pictures, right?”

What do you think are some of the gaps in skills that organizations face when hiring these professionals to perform offensive operations?

Communication is key— not just in life, but in this episode. While we’ve discussed skills gaps previously in cybersecurity, Dan is quick to point out that a consistent gap he sees in all areas of cybersecurity is effective communication. PlexTrac keeps this struggle to communicate in mind and creates easy, simple pathways and functions that encourage communication and facilitate collaborative problem solving.

“If there's one area that I really emphasize with anybody that I'm mentoring or have hired in the past is, as a security person, whether you're red or blue, you really do need to be a good communicator and be able to communicate risk effectively within the right context.”

 

What would you want to say to those folks that don't see eye-to-eye from the red or the blue side?

 

We’re fighting the same fight, no matter if we’re on the red side or the blue side of cybersecurity. Dan’s message for our warring red and blue teams throughout the industry is to understand the importance of your mission and to not let relationships between red and blue feel clouded with misunderstanding or resentment. No one’s job is harder than anyone else’s, and each role on offensive and defensive plays a part in our collective victory.

“I'm gonna just be point blank about it…Are you trying to just prove a point about your knowledge and your skills? Or, are you actually trying to make the world a safer place?”

 

What would you want to say to all those folks out there [in cybersecurity]?

As PlexTrac aims to make a huge impact on our community, Dan and his team acknowledge a need for a unified, focused, and collaborative cybersecurity industry, with hard workers on both the red and blue sides. With PlexTrac’s assistance in making reports, measurable results, and communication that much easier, our team at Hacker Valley is thankful to be a part of PlexTrac’s amazing network and can’t wait to share more tools like this with all of you.

“I think keep fighting the good fight, for both sides, and recognizing that your mission is vital to the safety and security of your organization and the world at large, right? We are all in this battle together.”

----------

Links:

 

Spend some time with our guest, Dan DeCloss, on LinkedIn, and the PlexTrac website

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter and LinkedIn

Catch up with Chris Cochran on Twitter and LinkedIn

Recent Episodes

Jul 17, 2024

How Can I Best Proactively Secure My SaaS?

In this episode, Ron Eddings will explore the massive adaptation of SaaS applications and ways to tame the beast. Our guest Yoni Shohet, Co-Founder & CEO at Valence Security, will help ...

Jul 9, 2024

What We All Should Be Talking About When It Comes to AI and ...

In this episode, Host Ron Eddings is joined by guests Anirban Banerjee, CEO and Co-Founder at Riscosity, and James Berthoty, Founder and Analyst at Latio Tech. Together they focus on data ...

Jul 2, 2024

Navigating AI as a CISO with Whitney Palacios

In this episode, Host Ron Eddings catches up with one of his colleagues, Whitney Palacios, Vice President and CISO at BigBear.ai. They explore the challenges and responsibilities of being a CISO ...

Jun 26, 2024

The Power of AppSec, Cyber Education, and Friendship with Tanya ...

In this episode, Host Ron Eddings catches up with longtime friend, Tanya Janca, Head of Education and Community at SemGrep and author of 'Alice and Bob Learn Application Security.' Tanya shares ...

Jun 18, 2024

Networking 2.0: The Future of Decentralized Networking & Access ...

In this episode, Hosts Ron Eddings, and Jen Langdon share takeaways from Ron's RSA conversation with Colin Constable, Co-Founder and CTO at Atsign On this show, they’ll break down Networking 2.0 ...

Jun 11, 2024

How AI and TPRM Makes Security the ‘Dept. of Innovation’ with Paul ...

In this episode, Host Ron Eddings enjoys a reprieve from the hectic RSA conference with guest Paul Valente, CEO of VISO Trust. Paul discusses how he used his extensive experience as a CISO to ...

Jun 4, 2024

A Deep Dive into MSSPs: Understanding the Evolution and Secrets ...

In this episode, Ron Eddings and Jen Langdon explore the origins of MSSPs and the solutions they offer to the cybersecurity industry with insights from Ricardo Nicolini, CTO at Bulletproof. ...

May 28, 2024

Zero Trust Tactics: Preventing Breaches with Ivan Fonseca & Nick ...

In this episode, Host Ron Eddings teams up with Ivan Fonseca and Nick Cottrell, Cybersecurity Engineers at ThreatLocker, as they break down the anatomy of previous breaches and the attacker’s ...

May 21, 2024

Enterprise Browsers: Work’s Natural Next Step

In this episode, Ron Eddings and Jen Langdon talk about the evolution of browsers and how enterprise browsers have entered to change the game for corporations. Special guest Brayden Rogers, ...

May 14, 2024

Building Tech and Adding Value in the Era of AI with Josh Danielson

In this episode, Ron Eddings talks with guest Josh Danielson, CEO at Kustos, about how his journey at a previous organization has led him to build and create new products in the industry. ...

WORK WITH US

PODCASTS + SPEAKING + EVENTS

Are you the best kept secret in cybersecurity? Let's change that by partnering together for podcast ads, social campaigns, and your next event or keynote. Send us your details to get started.