エピソード

  • Ridge Security in the Real World: An Offensive Security Practitioner's Perspective
    2026/06/23

    ## How AI-Powered Penetration Testing Is Transforming Security Validation with Andy Simpson**Sponsored by Ridge Security**In this sponsored episode of The Phillip Wylie Show, Phillip Wylie welcomes Andy Simpson, founder of Cipher Security, for an in-depth discussion about the future of penetration testing, continuous security validation, API security, and the growing role of AI in offensive security.What makes this conversation unique is that Andy is not a Ridge Security employee. As a cybersecurity consultant and penetration testing practitioner, he evaluated multiple automated security testing platforms before selecting Ridge Security to help scale and enhance his team's testing capabilities.Drawing on decades of experience in IT, infrastructure, executive leadership, and offensive security, Andy shares his journey from working at IBM to building a successful offensive security consultancy serving organizations throughout Australia and New Zealand.The conversation explores the challenges facing modern security teams, including expanding attack surfaces, API security risks, infostealer-driven attacks, limited security resources, and the need to continuously validate security controls. Andy also demonstrates how automation and AI-driven testing are changing the way organizations identify and validate risk.## Topics Covered* Andy Simpson's cybersecurity origin story* From IBM engineer to offensive security consultant* The evolution of penetration testing* Common shortcomings in traditional API assessments* Continuous Threat Exposure Management (CTEM)* Vulnerability validation versus vulnerability identification* Automated penetration testing at scale* Attack surface management## Key Takeaways* Annual penetration testing is often insufficient for today's threat landscape.* Organizations need continuous validation of their attack surface and security controls.* API security remains one of the most overlooked areas of cybersecurity.* Security teams must focus on validating risk rather than simply identifying vulnerabilities.* Automation helps security teams scale without sacrificing visibility.* Generative AI is enabling deeper testing of business logic and application workflows.* Human expertise remains critical, but AI-powered testing is becoming an important force multiplier.* Attackers are increasingly leveraging stolen credentials and authenticated access paths, making continuous testing more important than ever.Connect with Andy Simpson:Andy's LinkedIn:

    https://www.linkedin.com/in/andy-simpson-nz/Cipher Security website: https://ciphersecurity.co.nz/## Episode SponsorThis episode is sponsored by Ridge Security.Connect with Ridge Security:Ridge Security website: https://ridgesecurity.aiGet a free RidgeBot Demo: https://ridgesecurity.ai/demo-request/

    Ridge Security LinkedIn: https://www.linkedin.com/company/ridge-security/posts/?feedView=allRidge Security provides automated penetration testing and security validation solutions that help organizations continuously identify, validate, and prioritize security risks across networks, web applications, APIs, and cloud environments. During this episode, Andy shares his firsthand experience using Ridge Security's platform as part of his offensive security practice. ## Connect with Andy SimpsonConnect with Andy on LinkedIn to learn more about offensive security, API testing, threat exposure management, and the future of AI-powered security testing.## Listen, Subscribe, and ShareEnjoyed the episode? Subscribe to The Phillip Wylie Show, leave a review, and share this episode with your network to help others learn about the future of penetration testing and security validation.#ThePhillipWylieShow #Cybersecurity #PenTesting #OffensiveSecurity #APISecurity #AI #ArtificialIntelligence #CTEM #ThreatExposureManagement #RidgeSecurity #SecurityTesting #EthicalHacking #CyberDefense #InfoSec #CyberRisk

    続きを読む 一部表示
    59 分
  • From Hacker to Medical Device Pentester: Sean Satterlee on Securing Life-Critical Technology
    2026/06/17

    What happens when hacking moves beyond computers and into devices that can keep people alive?
    In this episode of The Phillip Wylie Show, Phillip Wylie welcomes Sean Satterlee to discuss the rapidly growing field of medical device security. Sean explains how security researchers evaluate connected healthcare technology, the skills needed to transition into hardware hacking, and why traditional pentesting knowledge is still incredibly valuable in the world of embedded systems.
    From Wireshark and wireless protocols to JTAG, UART, and hardware analysis, this conversation provides a practical roadmap for cybersecurity professionals interested in expanding their offensive security skillset.
    =========================
    Connect with Sean Satterlee:
    LinkedIn: https://www.linkedin.com/in/seansatterlee/
    =========================
    Connect with your host, Phillip Wylie:
    LinkedIn: https://linkedin.com/in/phillipwylie
    X: https://x.com/PhillipWylie
    Instagram: https://www.instagram.com/phillipwylie

    続きを読む 一部表示
    31 分
  • From Mischief to Mastery: Christian Gonzalez's Cybersecurity Journey
    2026/06/09

    In this episode of The Phillip Wylie Show, Phillip sits down with longtime friend, former student, and offensive security professional Christian Gonzalez.

    Christian shares his journey from curious teenager and network engineer to penetration tester, mobile application security specialist, and AI security researcher.

    The conversation explores career growth, certifications, AI security, and how aspiring pentesters can stay relevant in an increasingly competitive cybersecurity landscape.



    =========================
    Connect with Christian Gonzalez:
    LinkedIn: https://www.linkedin.com/in/christian-g-672104160/
    Educational AI Pentesting Lab: https://www.aipwn.me/
    =========================
    Connect with your host, Phillip Wylie:
    LinkedIn: https://linkedin.com/in/phillipwylie
    X: https://x.com/PhillipWylie
    Instagram: https://www.instagram.com/phillipwylie

    続きを読む 一部表示
    24 分
  • Creating Content That Matters: Cybersecurity, Authenticity, and Building Your Brand with Eva Benn
    2026/06/02

    In this episode of The Phillip Wylie Show, Phillip Wylie welcomes back cybersecurity leader, content creator, and self-described "Cybersecurity Bestie," Eva Benn. Eva shares her journey from growing up in rural Bulgaria with no access to technology to becoming a cybersecurity leader, red team professional, and influential content creator. The conversation explores how cybersecurity professionals can leverage content creation to educate others, grow their careers, and make a meaningful impact on the community.
    Rather than focusing on followers or personal branding, Eva discusses why successful content creation starts with helping others. She offers practical advice for aspiring creators, explains how she built her Security Mondays series, shares lessons learned from producing cybersecurity content, and discusses the importance of authenticity in an AI-driven world.
    =========================
    Connect with Eva Benn:
    LinkedIn: https://www.linkedin.com/in/evabenn/
    YouTube: https://www.youtube.com/@evabennofficial
    Instagram: https://www.instagram.com/evabennofficial/
    =========================
    Connect with your host, Phillip Wylie:
    LinkedIn: https://linkedin.com/in/phillipwylie
    X: https://x.com/PhillipWylie
    Instagram: https://www.instagram.com/phillipwylie

    続きを読む 一部表示
    32 分
  • Jeremiah Grossman: The Future of Vulnerability Management
    2026/05/26

    In this episode of The Phillip Wylie Show, Phillip Wylie sits down with legendary application security pioneer and entrepreneur Jeremiah Grossman to discuss the evolution of web security, vulnerability management, cyber insurance, AI-driven software development, and the future of offensive security.Jeremiah shares his hacker origin story, from hacking his ISP as a teenager to discovering vulnerabilities in Yahoo Mail during the early days of the web. That experience eventually led him to Yahoo and later to founding WhiteHat Security, one of the first SaaS-based web application security companies.The conversation dives deep into how application security evolved from manual testing and early vulnerability scanners into scalable AppSec programs, as well as why modern vulnerability management is still fundamentally broken. Jeremiah explains why only a tiny percentage of CVEs ever lead to real financial loss and how his latest company is approaching vulnerability prioritization differently.


    =========================

    Connect with Jeremiah Grossman:

    LinkedIn: https://www.linkedin.com/in/grossmanjeremiah

    Website: https://www.jeremiahgrossman.com

    Root Evidence: https://www.rootevidence.com


    =========================

    Connect with your host, Phillip Wylie:

    https://linkedin.com/in/phillipwylieX

    https://x.com/PhillipWylieInstagram

    https://www.instagram.com/phillipwylie


    Chapters


    00:00 Introduction to Content Creation Journey

    02:15 Eva's Hacker Origin Story

    05:03 Career Advice for Aspiring Cybersecurity Professionals

    06:19 The Importance of Skills Over Certifications

    07:44 Motivation Behind Content Creation

    10:00 Navigating Misinformation in Cybersecurity Education

    12:57 The Role of AI in Content Creation

    13:41 Mindset Shifts for New Content Creators

    16:38 Types of Content and Finding Your Niche

    18:20 The Importance of Experience in Content Creation

    20:41 Balancing Structure and Authenticity in Content

    24:44 Equipment Recommendations for Beginners

    28:18 Final Thoughts on Content Creation

    31:44 Phillip Wylie Show Outro


    続きを読む 一部表示
    28 分
  • Hacking Then and Now: Ed Skoudis on AI, Pen Testing, and the Future of Cybersecurity
    2026/05/19

    In this episode of The Phillip Wylie Show, Phillip Wylie sits down with legendary security expert Ed Skoudis to discuss his hacker origin story, the evolution of penetration testing, and how AI is transforming offensive security.
    Ed shares how he got started hacking on early home computers like the Commodore VIC-20 and Timex Sinclair 1000, his journey into professional penetration testing, and the early days of DEF CON and the cybersecurity industry. The conversation also dives deep into AI-assisted penetration testing, vulnerability discovery, the future of CTFs, certifications, home labs, and what aspiring hackers should focus on to succeed in today’s rapidly changing landscape.
    From classic hacking stories to cutting-edge AI research, this episode is packed with insights for anyone interested in ethical hacking, red teaming, and the future of cybersecurity.
    =========================
    Connect with Ed Skoudis:
    LinkedIn: https://www.linkedin.com/in/edskoudis
    Website: https://www.counterhack.com/
    SANS Holiday Hack Challenge: https://www.sans.org/cyber-ranges/holiday-hack-challenge
    =========================
    Connect with your host, Phillip Wylie:
    LinkedIn: https://linkedin.com/in/phillipwylie
    X: https://x.com/PhillipWylie
    Instagram: https://www.instagram.com/phillipwylie

    続きを読む 一部表示
    33 分
  • Winn Schwartau: Hacker Culture, Cognitive Security, and the Human Element
    2026/05/12

    Computer security analyst and author Winn Schwartau joins Phillip Wylie for a deep conversation on hacker culture, cognitive security, information warfare, and the evolution of cybersecurity from the early days of computing to today’s AI-driven world.
    Winn shares stories from his early days bypassing locked telephone systems as a child, his transition from the live recording industry into cybersecurity in the 1980s, and how his engineering mindset shaped his approach to systems hacking. The conversation explores the rise of cloud computing, the increasing specialization required in cybersecurity, and why human behavior remains one of the industry’s biggest vulnerabilities.
    The episode also dives into Winn’s groundbreaking work around cognitive security, misinformation, disinformation, and “critical ignoring” — the idea that filtering out noise is becoming just as important as critical thinking in today’s information-overloaded society.
    Listeners will also hear Winn’s thoughts on hiring practices in cybersecurity, why failure is essential for growth, and how the industry still overlooks talented people who do not fit traditional hiring molds.
    =========================
    Connect with Winn Schwartau:
    LinkedIn: https://www.linkedin.com/in/winnschwartau

    Website: https://www.winnschwartau.com/
    =========================
    Connect with your host, Phillip Wylie:
    LinkedIn: https://linkedin.com/in/phillipwylie
    X: https://x.com/PhillipWylie
    Instagram: https://www.instagram.com/phillipwylie

    続きを読む 一部表示
    32 分
  • Amar Sonik: Why Cybersecurity Fundamentals Still Matter
    2026/05/05

    In this episode of The Phillip Wylie Show, Phillip sits down with Amar Sonik to talk about what really matters in cybersecurity.
    They dig into why fundamentals like networking and Linux still separate good security professionals from great ones, how conferences like B-Sides Singapore and CYBR.HAK.CON. help shape careers, and how AI is changing the way people learn hacking.
    Amar Sonik shares practical advice for anyone trying to break into cybersecurity, along with lessons from organizing security events and working in the field.
    If you’re trying to get started or level up your skills, this episode keeps it real.
    =========================
    Connect with Amar Sonik:
    LinkedIn: https://www.linkedin.com/in/amarjitsonik/
    =========================
    Connect with your host, Phillip Wylie:
    LinkedIn: https://linkedin.com/in/phillipwylie
    X: https://x.com/PhillipWylie
    Instagram: https://www.instagram.com/phillipwylie
    =========================
    Information about CYBR.HAK.CON. and tickets:
    https://cybrhakcon.com/

    続きを読む 一部表示
    27 分