Ahead of the Breach

• Why is Continuous Pentesting a Must for Dynamic Environments?

  Welcome to a special edition of Ahead of the Breach, where our host Casey Cammilleri answers the top questions our listeners have asked us. In today's episode, Casey addresses why continuous pentesting is a must for dynamic environments.  Would you like to have Casey answer one of your questions in a future episode? Email [email protected] with your question and a short summary of why you're looking for an answer!   Get in touch with your host, Casey Cammilleri:  LinkedIn  Listen to more episodes:  Apple  Spotify

  --------  

  1:42

  --------

  1:42
• Armis' Andrew Grealy on Left-of-Boom Threat Actor Intelligence

  What if you could predict which vulnerabilities threat actors will weaponize months before CISA adds them to their Known Exploited Vulnerabilities list? Andrew Grealy, Head of Armis Labs, has built exactly that capability, providing organizations with threat intelligence that arrives 3-12 months ahead of traditional indicators. His "left of boom" approach changes how security teams prioritize patches and allocate resources. But early warning is just the beginning, Andrew tells Casey. From mom and pop honeypots that catch nation-state actors to AI-powered supply chain attacks that slip malicious packages into enterprise applications, Andrew details how attackers are weaponizing the same AI tools that security teams use for defense. He also offers insights on the "triple threat" evolution of ransomware and practical frameworks for securing AI-generated code. Topics discussed: Building CVE early warning systems that identify threat actor targets 56% faster than CISA's Known Exploited Vulnerabilities list. Implementing "left of boom" intelligence collection through honeypots in mom and pop infrastructure. Moving beyond CVSS scores as risk indicators to prioritize patches based on actual threat actor behavior and CWE patterns. Deploying strategic security controls like WAFs to eliminate 28% of ESX server console attacks, reducing patch urgency and operational disruption. Understanding the "triple threat" ransomware evolution that combines traditional encryption with data exfiltration and AI-powered internal investigation for multiple revenue streams. Combating AI-accelerated supply chain attacks where 54% of coding assistants automatically introduce vulnerabilities into generated code. Preventing typosquatting attacks where threat actors create packages with similar name that AI tools recommend to infiltrate internal applications. Establishing approved package repositories with exact version matching and implementing coding checks throughout the development pipeline as countermeasures. Evaluating LLMs for security applications by testing with known answers first, then gradually increasing complexity to validate capabilities before deployment. Listen to more episodes:  Apple  Spotify  YouTube Website

  --------  

  28:09

  --------

  28:09
• How Do You Build an Offensive Security Program from Scratch?

  Welcome to a special edition of Ahead of the Breach, where our host Casey Cammilleri answers the top questions our listeners have asked us. In today's episode, Casey addresses how to build an offensive security program from scratch.  Would you like to have Casey answer one of your questions in a future episode? Email [email protected] with your question and a short summary of why you're looking for an answer! Get in touch with your host, Casey Cammilleri:  LinkedIn  Listen to more episodes:  Apple  Spotify YouTube

  --------  

  2:45

  --------

  2:45
• Covert Entry: Tools, Tricks, and True Stories from the Field

  What happens when a covert entry specialist turns a Super Bowl hotel room into a rooftop breach point? Brent White, Sr. Principal Security Consultant & Covert Entry Specialist at Dark Wolf Solutions, offers Casey his approach to physical security testing that goes far beyond lock picking, rooted in understanding human psychology and building systematic infiltration strategies. Brent shares how his team compressed an entire backpack of penetration tools into a concealed-carry belt system that even works with swimming trunks. But the real breakthrough isn't in the gear — it's in his multi-day reconnaissance methodology that builds familiarity before attempting entry. Brent's "Post It flag" system transforms traditional physical assessments by having clients mark objects they're comfortable losing, leading to scenarios where his team wheels office chairs and $500 juice machines through bank lobbies while security guards helpfully watch their haul. This approach moves beyond simple "can you get in" to demonstrating real-world impact and exfiltration capabilities.  Topics discussed: Building familiarity through multi-day reconnaissance that establishes psychological comfort before entry attempts rather than relying on cold tailgating approaches. Transitioning from backpack-based toolkits to concealed carry belt systems that house bypass tools for major door configurations, American padlock bypasses, and dimple lock rakes. Mapping regional security culture patterns where Northeast locations show higher vigilance compared to South and Midwest willingness to help strangers. Using Proxmark readers and modified Flipper Zero devices hidden in Starbucks cups to capture badge credentials during natural conversations. Implementing hybrid covert-to-overt assessment methodology that escalates until detection then transitions to educational walkthroughs with clients. Developing systematic drone security evaluation frameworks that assess radio frequencies, web interfaces, payload access, and MAVLink flight data to identify pilot locations. Creating quick-change disguise systems using wig colors matched to facial hair combined with tactical clothing featuring concealed tool pockets. Establishing post-engagement flag collection strategies where clients mark acceptable-loss items, enabling teams to wheel office chairs and expensive equipment through lobbies as proof of exfiltration capability. Understanding how sUAS government standards are forcing commercial drone manufacturers to implement stronger security measures. Navigating destructive versus non-destructive entry protocols when clients approve hinge removal and window manipulation while avoiding classified room decertification that triggers 24/7 guard requirements. Listen to more episodes:  Apple  Spotify  YouTube Website

  --------  

  31:39

  --------

  31:39
• What Should You Ask Before Choosing an Offensive Security Platform?

  Welcome to a special edition of Ahead of the Breach, where our host Casey Cammilleri answers the top questions our listeners have asked us. In today's episode, Casey covers what you should ask before choosing an offensive security program.  Would you like to have Casey answer one of your questions in a future episode? Email [email protected] with your question and a short summary of why you're looking for an answer! Get in touch with your host, Casey Cammilleri:  LinkedIn  Listen to more episodes:  Apple  Spotify YouTube 

  --------  

  2:45

  --------

  2:45

More Technology podcasts

Trending Technology podcasts

About Ahead of the Breach

Ahead of the Breach: Podcasts in Family