Episodes
-
How quickly could you detect sensitive data being exfiltrated?
Join us for a free one-hour BHIS webcast with Ashley Knowles on best practices for data loss prevention and keeping your most sensitive information safe.
You’ll learn about common vulnerabilities, real-world scenarios, and practical, actionable strategies to protect the data you’ve been hired to safeguard.🛝 Webcast Slides
https://www.blackhillsinfosec.com/wp-content/uploads/2026/02/SLIDES_Data-Loss-Protection-Survival-Guide.pdf
(00:00) - Intro(02:57) - About Ashley Knowles(03:26) - Why DLP Shouldn't Terrify You (Too Much)(08:10) - Understanding Your Data Landscape(10:23) - Data Classification Framework(11:49) - Where Does Your Data Live?(14:24) - Understanding Data Exfiltration(18:34) - Advanced Exfiltration Methods(22:20) - The Insider Threat Reality(24:19) - How to Stop Data Loss: The Basics(25:51) - Technical Controls That Work(27:44) - Recommended Layered Approach(30:56) - Cloud & Modern Workplace Protection(32:01) - The Purple Team Process(34:18) - Purple Team Testing: Scenario 1(36:38) - Purple Team Testing: Scenario 2(39:13) - Purple Team Testing: Scenario 3(40:12) - Purple Team Testing: Scenario 4(40:40) - Purple Team Testing: Scenario 5(42:03) - Starting Your DLP Journey(43:50) - Key Takeaways & Action Items(44:16) - Questions & Resources(55:59) - The "What it's like to work with Black Hills Information Security" segment
Chapters
Creators & Guests Jason Blanchard - Host Ryan Poirier - Producer Deb Wigley - Host Bryan Strand - Guest Ashley Knowles - GuestChat with your fellow attendees in the BHIS Discord server:
https://discord.gg/bhis
in the #🔴live-chat channel🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.comClick here to watch a video of this episode.
Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest
https://wildwesthackinfest.com
Click here to view the episode transcript.
-
Are you reviewing findings or managing chaos?
🛝 Webcast Slides
https://www.blackhillsinfosec.com/wp-content/uploads/2026/01/SLIDES_Simplify-Pentest-Workflows-Using-Cerno.pdf✏️ Learn from Chris Traynor with Offensive Tooling for Operators
https://www.antisyphontraining.com/product/offensive-tooling-for-operators-with-chris-traynor/🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.comIf you are a pentester, you have been there. Hundreds of findings. Critical vulns buried in noise. Too many terminal windows, lost context, and manual tracking slowing you down. On offensive work, time is everything, and disorganization wastes it fast.
Join us for a free one-hour webcast with Chris Traynor, Security Consultant at Black Hills Infosec, as he introduces Cerno, a new free and open-source tool designed to bring order to pentest findings.
Cerno is a Terminal User Interface tool that imports vulnerability data for structured review and validation. Navigate findings with keyboard shortcuts, launch tools with a single keystroke, track progress automatically, extract CVEs, look up related exploits, compare findings across hosts, and follow built-in or custom verification workflows.
You'll learn how to use Cerno to organize, review, and validate pentest findings faster, reduce chaos during engagements, and stay efficient under real-world time pressure.
Get familiar with Cerno: https://github.com/ridgebackinfosec/cernoChapters
(00:00) - Intro – Simplify Pentest Workflows Using Cerno w/ Chris Traynor(06:03) - The Problem(10:55) - The Solution(13:14) - Feature Overview(16:37) - Database-First Design(17:17) - Module Architecture(18:11) - Data Flow(19:02) - Interactive TUI(21:16) - Severity Filtering(22:57) - Finding Review(25:09) - Tool Orchestration - nmap(27:35) - NetExec & Custom Tools(28:45) - NetExec DB [Beta](30:22) - Host Comparison(32:40) - Session Persistence(34:23) - Configuration(36:22) - Demo Time(57:38) - Getting Started(57:49) - Resources(58:13) - Thank You / Free Labs(59:58) - CTF challenge(01:00:23) - Free Survival Guide - Spearphish General Store(01:00:42) - QA Start(01:10:16) - Taking Care of Business Related PlugsChat with your fellow attendees in the BHIS Discord server:
https://discord.gg/bhis
in the #🔴live-chat channel -
Missing episodes?
-
What if world-class network monitoring didn’t require being a Linux expert?
🛝 Webcast Slides (URL)
https://www.blackhillsinfosec.com/wp-content/uploads/2026/01/SLIDES_Zero-to-Zeek_TroyWojewoda_2026-01-22.pdf
Join Antisyphon instructor Troy Wojewoda (Black Hills Infosec – Incident Response) for a free one-hour training session on how to standup a Zeek sensor in as little as three commands...maybe four.Troy will teach you how to quickly deploy and customize a powerful network visibility sensor without needing Linux expertise.
You'll learn to adjust log formats, reduce noisy traffic, and tune the sensor for richer, higher-quality event data.
Don't let Linux be the barrier to outstanding insight into your network.
Register now and gain the power of Zeek today!
Chat with your fellow attendees in the BHIS Discord server:
https://discord.gg/bhis
in the #🔴live-chat channel🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.com -
Are small Active Directory misconfigurations putting you at risk?
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.com
🛝 Webcast Slides
https://www.blackhillsinfosec.com/wp-content/uploads/2026/01/SLIDES_Active-Directory-Attack-Path-in-Action.pdfAntisyphon Training events featuring Alyssa & Kaitlyn
https://www.antisyphontraining.com/search/Alyssa%20KaitlynChapters
(00:00) - Intro - Active Directory Attack Path in Action(02:06) - Alyssa and Kaitlyn Fun Facts(02:43) - Webcast Overview(03:34) - Web Services(06:20) - Jenkins Env Hunter - Tool by Kent Ickler!(07:53) - Test Credentials(08:57) - Username Enumeration(12:12) - Domain Enumeration(14:11) - NetExec(15:12) - BloodHound.py(16:29) - SharpHound(17:28) - ADExplorer(19:30) - Convert Snapshot(20:07) - BOFHound(22:46) - Identify Attack Path(23:55) - Abusing RBCD for Local Priviledge Escalation(26:43) - Machine Account Quota(27:40) - Resource-Based Constrained Delegation Expolitation Flow(30:36) - Create Computer Object(31:58) - Set Delegation(33:22) - Delegation Attribute(33:53) - Select a Target Account(34:34) - Avoid Protected Users(35:24) - Get Privileged TGS(37:07) - Delegation Failure Example(37:39) - Escalation Success(39:18) - Dump local Secrets(40:53) - Domain Admin Compromised(41:39) - Attack Path Summary(44:24) - Defensive Considerations(45:42) - Related Antisyphon Courses(46:08) - More Resources(47:27) - Q&A Start(50:03) - Alternative Path for Attackers(51:30) - Whats the Assumed Compromize Course like?(56:27) - Are Extended Test Timelines an advantage?(57:51) - BHIS "Side Quest" capabilities(58:55) - BHIS CPT On-Boarding Process(01:02:29) - Getting the Ball Rolling on Test Assessments(01:04:22) - The Price of Continous Pen Testing(01:05:30) - Favorite Things About Customer CPTs
Join Kaitlyn Wimberley and Alyssa Snow (Black Hills Infosec – Continuous Penetration Testers) for a free one-hour webcast where they’ll walk through an example Active Directory attack path, from un-credentialed network access to Domain Administrator.You’ll learn how attackers can escalate from un-credentialed access to Domain Admin, identify common misconfigurations, and understand how small weaknesses can combine to compromise your network.
Chat with your fellow attendees in the Black Hills Infosec Discord server:
https://discord.gg/BHIS
in the #🔴live-chat channel.Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest
https://wildwesthackinfest.com
-
Inside SOC: Triage Smarter, Not Harder w/ Tom Dejong
🛝 Webcast Slides
https://www.blackhillsinfosec.com/wp-content/uploads/2025/12/SLIDES_Inside-SOC-Triage-Smarter-Not-Harder-1.pdfCould you triage an alert on the spot?
Learn why alert triage is a crucial skill for every SOC analyst.
Tom will teach you the basics of triage, including alert anatomy, how to separate real threats from noise, and when to escalate or close an alert.
You’ll also learn documentation best practices, common mistakes to avoid, and tips for strengthening your soft skills.
This webcast is ideal for anyone starting out in a SOC or looking to sharpen their foundational skills.Chat with your fellow attendees in the Antisyphon Discord server:
(00:00) - Inside SOC: Triage Smarter, Not Harder(01:31) - About Tom DeJong(02:41) - Agenda: What We’ll Cover Today(03:21) - What Is Triage?(06:37) - Why Triage Matters(08:01) - The Triage Mindset(12:47) - Anatomy of an Alert(17:51) - The Triage Process(23:21) - Real Threat or Just Noise(27:21) - Escalate or Close(32:49) - Common Mistakes to Avoid(34:49) - Tips for Making the Right Call(35:37) - Smart Documentation Tips(39:01) - Basic Documentation Template(39:47) - Soft Skills That Make a Difference(44:48) - Managing Alert Fatigue(50:05) - Live Demo(56:14) - Rule Logic and Detection Examples(58:56) - Resources and References(59:21) - Wrap-Up and Thanks(01:00:16) - Post Show Banter Q&A
https://discord.gg/bhis
in the #🔴live-chat channel🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.com
Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest
https://wildwesthackinfest.com
