November 17, 2022

Pentesting for a Better Purple Team with Plextrac’s Nick Popovich

by Hacker Valley Blue

Show Notes

Nick Popovich, Hacker in Residence at PlexTrac, drops by to say hi to the Hacker Valley crew and give some insight into PlexTrac’s purple teaming services. Starting his career in offensive security as a pen tester, Nick gained great insight into purple teaming at companies like Optiv before he joined PLexTrac’s team of hackers. This week, Nick talks about PlexTrac’s unique software integrations, practical purple team collaboration, and differentiating between his experiences in red teaming and pen testing in offensive cyber.

 

Timecoded Guide:

[00:00] Getting involved in tech through the Army & continuing as a civilian 

[07:02] Transitioning from security analyst into pen testing & offensive security

[14:41] Explaining the difference between red teaming & pen testing

[36:11] Collaborating red & blue to make the perfect purple team

[43:16] Using PlexTrac for purple team engagements 

[50:07] Avoiding burnout & disengaging from hacking after work

 

Sponsor Links:

Thank you to our friends at Axonius and PlexTrac for sponsoring this episode!

The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley

PlexTrac, the Proactive Cybersecurity Management Platform, brings red and blue teams together for better collaboration and communication. Check them out at plextrac.com/hackervalley

 

What was that transition like for you from security analyst to pen tester?

Nick describes his transition from being a security analyst who looked at pen testing reports to becoming a pen tester as nothing short of fascinating. After struggling to re-engineer the reports he was seeing at work as an analyst, Nick took his chances on becoming a practitioner through getting certified, expanding his education, and working for a small pen testing consulting company. Working in that boutique environment gave him an overall appreciation for the nuance and knowledge needed to be a successful pen tester. 

“I've gotten lucky to see both sides of the coin, meaning that raw boutique with six folks where you're the entire pen testing practice. And also, I've been in a pen testing practice with dozens upon dozens of team members supporting me.”

 

People misunderstand purple teaming. Can you talk about what purple team collaboration really looks like?

Many perceive purple teaming as the red team and the blue team just working together. In reality, Nick explains that an actual purple team requires a lot more than occasional proximity and communication— it requires strategy, established procedures, and set goals and outcomes. Instead of forcing proximity without the proper leadership or planning, a program like PlexTrac needs to be in place to further facilitate and create that complete purple team integration.  

“Folks still have their day job. During a purple team engagement, the blue team still has to protect the fidelity of the environment, they have a day job they're doing. So, establish rules, establish a procedure, and then, really come up with outcomes that you want to see.”

 

How does red vs blue team collaboration translate into PlexTac’s application?

Purple team collaboration starts with having a clear plan and communication strategy. Enter PlexTrac, a program designed to be a place for collaboration. The best part of PlexTrac in Nick’s opinion? They’re the pane of glass to look through, not the replacement for other programs. Being able to integrate programs like SCYTHE into PlexTrac not only maximizes collaboration opportunities, but also avoids issues of conflicting technology. 

“It's a place for collaboration. It's a place where the data lives and you work on it together. Whether you're starting your purple team journey, or you have an established purple team and you want to derive more value, a platform like PlexTrac can go a long way.”

 

What do you do outside of cybersecurity to avoid burnout?

In his years of working with pen testers and practitioners, Nick has seen a lot of burnout and a lot of overworked cyber professionals. To avoid the burnout that feels all too common during the industry’s current labor shortage, Nick hikes, plays pool, and tries to keep his screen time down. No matter what your hobby is, be it the media you consume, the content you create, or the games you enjoy, having an outlet outside of the industry will save you from burning out.

“I'm not saying screens are bad. I'm just saying to find something that can disengage your mind from the hacks and the cracks, from the tech debt that your brain is incurring, is absolutely important. If you don't find a way to have balance, your brain is going to fry.”

---------------

Links:

Keep up with our guest Nick Popovich on LinkedIn and Twitter

Learn more about PlexTrac on LinkedIn and the PlexTrac website

Thank you to our friends at Axonius and PlexTrac for sponsoring this episode!

Connect with Davin Jackson on LinkedIn and Twitter

Watch the live recording of this show on our YouTube

Continue the conversation by joining our Discord

Hear more from Hacker Valley Media and Hacker Valley Blue



00:00:00