You can keep discussing all the topics related to Cyber Security.... We are going to keep watching it... The most informative discussion series ever....

Who else Also loves The Talks Between both of them??

Menu: Are we in a cybersecurity war? 0:00 Do corporate companies need to care? 0:30 State sponsored hackers: 1:23 Hacker goals: 2:20 Hacking example 3:05 Intelligence. Learn from the military: 3:55 Does cyberware apply to the corporate world? 5:00 OODA: 6:03 Recommended book: 7:15 Relation between blue and red teams: 8:00 10 to 1 jobs: 9:44 How to get into cybersecurity: 11:34 Red and blue need to learn both: 13:15 ================ Connect with me: ================ Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZbin: kzbin.info ================ Links: ================ eLearn Security: elearnsecurity.com OSCP: www.offensive-security.com/courses-and-certifications/ INE: bit.ly/inetraining SANS: www.sans.org/ Hack the box: www.hackthebox.eu/ Try Hack Me: tryhackme.com/ CTF Time: ctftime.org/ctf-wtf/ CEH: www.eccouncil.org/programs/certified-ethical-hacker-ceh/ Cyber Blue: securityblue.team/ Cyber Defenders: cyberdefenders.org/ Did I miss something? Please comment. Book mentioned: www.recordedfuture.com/threat-intelligence-handbook-second-edition/ ================ Connect with Neal: ================ LinkedIn: www.linkedin.com/in/nealbridges/ Twitter: twitter.com/ITJunkie Twitch: www.twitch.tv/cyber_insecurity ================ Support me: ================ DavidBombal.com: CCNA ($10): bit.ly/yt999ccna Udemy CCNA Course: bit.ly/ccnafor10dollars GNS3 CCNA Course: CCNA ($10): bit.ly/gns3ccna10 ====================== Special Offers: ====================== Boson software: 15% discount Link: bit.ly/boson15 Code: DBAF15P Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

I definitely agree that SOC analyst is the best entry-level job to aim for if you want to get your foot in the door. From there, if you can do a little scripting, you will stand out right away and can move you way into a Security Engineer role and eventually a Security Architect role. There are also analysts who never grow and are destined to be nothing but screen-watchers.

These are incredibly useful sessions, please continue to make more of these as they provide the true and real insight into the cyber security industry. Absolutely love the passion of both of you guys, Neal is amazing with his knowledge, energy and career guidance. I reckon David your channel is probably the only one which is producing the much needed quality content, these talks are better than all my university sessions honestly.

@David Bombal I'm a disabled combat vet, and your channel has given me hope and inspiration to get involved with the things that shaped who I am today, and to help the world in ways that I know are indirect but wholly necessary. I love your material, and I'm finding purpose again.

I read the SolarWinds technical report and it blew me away. Even though i didn't understand all aspects of it, and only understood it on a base level i understood how it propagated the malware by being sent out through an update from SolarWinds. Then later the malware after staying silent, it was able to start creating malicious .dll's(encased in a beacon iirc) on the machines it compromised. And the crazy part is that *each* compromised machine had .dlls with conpletely *unique values.* All completely unique from each other. IOW each infected machine was infected by a totally unique infection.. so you couldn't just figure out one machine's malware and apply it to every one, you had to search it out on each machine. I'm not even explaining all the levels of it, but it was a fucking insane attack.

Love the talks between you guys!

When ever I try to start a proper cyber security course I always end up failing either because of lack of resourse or lack of time....:(

So glad I found this channel. Between these interviews and the Udemy courses, I can't get over how advantageous these channels of education are!

CYBERSECURITY CONSULTANTING IS EXTREMELY IN DEMAND FIRST STEP TO SELF EMPLOYMENT

When will you interview him blue team (defensive) part How to start The resources Books for blue team Certification

At this point we really need a dedicated video to Linkedin.

I like Neal's soapboxes. Its not like "look who am i and what i proved!" its more like "hey, the things works like that. i know it because i was part of that things". Amazing content :)

About Neal's baby milk story, my aunt owns the biggest pharmacy here in Portugal and she says that the biggest consumers of the powder milk that she sells are chinese... Great video as always! Cheers! :D

I absolutely love this video, this really cleared all my doubts and painted a clearer picture for me. Thank you, Sir. And please keep doing more I really love the synergy between Mr David and Mr Neal

Really enjoying these conversations, thanks to you and Neal!

Damn. I love the new Intro. Its god damn awesome.

Since I was young scene enthusiast, I remember a article in 2600 back in 1999, that mentioned we were at virtual Ww3 already. Working in IT since then, I'm acutely aware of how precious our infrastructure is and how important it is.

I really enjoy these interviews. Especially since my work schedule makes it near impossible to catch Neil's stream live.

The more I listen to you and Neal the more it sounds like cybersecurity/cyberwar is so similar to what we used to call electronic combat. The tech has changed, we used radio, telephone, radar, etc., but the techniques and objectives are nearly the same. Please keep up the great work, I am learning a lot listening to you and Neal.

Any tips on trying to find an Internship in cybersecurity... I've been trying for the past month and either can't find anything I am qualified for or never hear anything back.

Man distraction is everywhere.. yesterday when I wanted to know more about WAP I googled it..and this SEO gives me WAP song by Cardi B 🤷🤦

Neal and David I so look forward to your unique perspective. You are about the only voice that is clearly saying this is not the single work of one nation-state. It just appears that everyone is going in one direction which is so immature when really trying to understand the global landscape of where these nations are. Neal, LOVE the Synack shirt I have one myself :). Gentlemen please keep up with this mature explanation in the hopes others might come around to not blinding themselves to a simple finger pointing mentality.

I love these videos. I wish I had Neal as a mentor when I first started to learn security... Had to learn everything myself but at a slower pace. I'm okay now but having someone teach you and mentor you I think the learning process would be much easier and quicker on picking up stuff. Guess I will continue to watch videos and learn ... Keep up the great work!!!

Completely agree with Neal’s point on red/blue teams knowing each other’s space - just like Ops & Engineering roles - the best performers know/have experience in both areas. Ps: Loving the new intro 🔥

I really enjoyed the conversation. looking forward to the continuation.

I agree with Neal, if you are part of the Blue/Red team you need to understand how your adversary thinks/acts so basic knowledge about both sides are really important. Trainings, Certifications and Self-Study is critical to become a Holistic Cybersecurity Professional

It's crazy cyber series thank u David sir lots of info for us

-Great content teachers David and Neal .... !!! -One of the doubts that I always put here and put on the Discord server was what we as a Civil Network Engineer working in Civil (even Milk companies are target as Neal say) or Government Companies have to study in order to have some security against Cyber ​​Wars players ...? -In the past few years we have had at least two actions by the Israeli military personnel from Unit 8200: -One using CLP Scada protocol to sabotage Iran's nuclear research with worn Stuxnet which is one of the most ingenious I have ever seen and at least another discovering the geolocation of Islamic terrorists to generate targets for a base missile attack. from them. -For that we had the Solarwinds that I read at the time the suspects were the Russian Hackers of the GRU that are on the list of the FBI and Interpol but as they are financed and protected by the Russian government. - Other than that, we have the American NSA that Neal knows in depth and the Ciber War personnel of the American armed forces. -I in Brazil I met the network security personnel of the Air Force and I know that the ABIN that is the secret service here has a staff of Ciber War as well as every large country must have a staff like that, apart from the staff of Ciber Guerilha who is not directly supported financially by some government. -The question that always remains is how does a Civil Engineer have to prepare to protect the company that works from this type of opponent extremely well trained and with a lot of support even from governments ...? -Thanks for the knowledge teachers Neal and David .... !!!

You guys addressed many misconceptions people might have. I did not even know these questions and misconceptions existed though. I feel like it shows how little people know about Sec. and it’s a bit terrifying.

SOC analyst is the easiest cybersec role to get into? Well I'm screwed. Even after finishing my bachelors in computer science and doing an 800 hour boot camp it's impossible to get a stable job. I graduated at the end of 2019 and didn't find my first job till August 2020. It was a terribly paid triage analyst role at a mid-sized MSSP, which I got laid off from at the start of the year. Even though it only paid $1500 a month it's still better than the diddly I'm making now while looking for work again and watching the bills pile up. In the boot camp we had an ex-West Point instructor who taught us the OODA loop and warned us that state actors are more of a worry than most people realize. It's neat to hear others teaching and warning about the same things. For his class we went over the Ukrainian power grid attack and then had to develop alternate scenarios for the Stuxnet attack on Iran's nuclear program for the final. Overall in the boot camp I enjoyed the blue team aspect of things more than pen testing or red teaming. It's good to hear that that's more in demand. I loved taking apart malware, learning about no-op sleds, digging through logs, etc.

It is even in the mainstream news; India's economic Capital- Mumbai, had a power outrage which was found to be a result of China's cyber attack! It took place during the border clash back in September! They wanted to send a message to India that if they push their border interests too much, China will engage with India in other dimensions of warfare! Basically an escalation threat! Even India did it to Pakistan back in 2019 when a state sponsored terrorist group from Pakistan killed 40 Indian soldiers in a Daesh type suicide attack! Indian hackers hacked Pakistani govt and public assets rigorously! They even hack a national TV channel and openly displayed Indian flag on the screen with the message highlighted; "we won't forgive Pakistan for Pulwama terrorist attack"! (Ngl, this did seem bad ass!)

really like the videos between Neal and David, they always have good information to share on how to get into cybersecurity.

Tell me pls. One of my best friends told me all the time - Pentesting got no future. He stay on AWS automation and he believe - Penetration automation will kill Offensive Security. I just planning do OSCP, and not sure i get proper course in this case, if looking in future... ( next 20 years )

Strange I couldn't find that exact book online to buy it. anyone have a link to it? Thanks.

Thank you so much David for these amazing videos. You and Neal are doing great.

I love following these podcasts. Love you David and Neil. From Nairobi, Kenya.

I hope you've read sandworm, and perfect weapon. Unfortunate takeaway is that often government leaves private companies 1on1 with APTs. Google how much Maersk lost. And what did government do about it?

Finally Neal again ! Love your videos guys thanks!

I prefer to call it information warfare, because while it is 99% involved with attacking and defending cybersecurity, its also a lot more than that. Its a war of propaganda, of personal information, of product selling, idea selling, and its happening on all fronts. Average people and their information are just pawns in a game larger than any one man, nation, or ideal.

Best you tube canal whit sybersecurity and network generally topics. My respect David, your videos help me a lot.

I love this cyber security Series ♥️♥️♥️

This channel is pure gold. Congratulations.

I can't stop staring at how he never took the warning label off of his PC case 😖

Really enjoying this series, thanks!

China : ctrl x + ctrl v

at no point in time was i ever under the impression we weren't in a war.

Appreciated your work and great feed back of your knowledge. Love you sir

That explains my flashbacks of loading windows 3.1 one floppy disk at a time and getting near the end when it fails

Why most hacking os uses Debian over Ubuntu?

Thanks! I learned a lot from this.

Love your content Mr. David Bombal❤ Keep it up, full support from Africa here.

It is true. Sir great conversation. Love you david sir

I want to get into Cyber especially for the feds maybe but I'm concerned about getting a clearance. What are some smaller things people might get disqualified for? Is there a way to like dry run the process to see if I would ever be seriously considered for a clearance?

Thank you so mouch. But I have a question to you. I want to learn this. I have hacked my own wifi throgh your way with linux. But I can not get into the manage router. Only knowing the wifi passkey is not enough to get into the router management. Will you please make a separate video about this ? I really wanna learn this. I want to do this with my network ethically.

Another great video! Thanks a lot for it! It helps people like me to get a better decision when comes to getting into the industry. I was looking forward to a graduate scheme program as a red teamer but instead might end up in a blue team one and after a while eventually swap. Looks like first, it will be easier to get into the scheme as there will be more positions, and second, will get used to defending before attacking, which would be a big plus I guess. Keep the series going, stay safe and take care! Best regards!

I legit would want to start learning about Cyber security but I do not know where to start at all!

can u please tell me how to work dicord.david bombal site.i don't even understant it

Are those special glasses for computer work? Those with the yellow tint

Amazing interview David, for the next topic, should take about on how to make a pathway in Cybersecurity or in this case a pathway to get this kind of cyberwar jobs... anyway thank you David for this :)

Fantastic stuff up here.. I love it!

Hi David, would you make a video on the tools or how to make a home lab for blue team/soc analyst related jobs? Thank you.

you guys are always 100 steps ahead!!

Do you think it is likely cyber defence jobs will be automated? If so, when?

Thanks David and Neil for this topic 👍👍👍

These discussions are informative and give me that little nudge of motivation.

my god im loving this content from both of you, sexy topics from interesting and experienced people. Keep it going.

Great info, thank you!

Excellent content! Cyber threat intelligence is vital to protecting networks across the spectrum!

Nice video bro 👍👍 , super information 😀😀

Do blue teams mostly work on security implementation, operations, etc and red team mostly run pen tests?

Happy to see Neil and you together making a video again sir bombal. I started watching you as soon as i started hacking, and will always support you. Amazing video!! Ill start watching!

Do private organisations attack governments?

Love the pulp fiction painting

Lets do this! Awesome content thanks!

1:50 and South Africa is ek reg?

I've been working in getting a blue team role for over a year. I'm hoping that's mainly because of COVID.

Great stuff David!

I hear a lot about jobs not being filled in the tech industry. I find that hard to believe. I received my masters degree in Cyber Security in 2018. I have you to get my foot in the door in the world of cyber security due to no cyber security working experience

My self and a friend want to get qualified in cyber security and ethical hacking. Where do we start. Wat quals do we need. What training courses should we be looking at.

Thanks sir and nice intro❤️❤️

this is a very interesting subject, but I have a question for you David (and for those who'll read the comments): is there/will there be a job market for those interested in cybersecurity from a policy perspective?

Hi David please , I wanna ask you about one problem . I 'm doing now the formation of Certified Hethical Hacker I 'm in Ivory coast . my problem is if I've the lucky to go to USA can I find one work theire ? after the CEH which formation can I do to update my skills .

Nice video Mr.David You are The Best Keep Going ! ❤💚💜💖🌌🔥🔥👏👏🍬🍬💕✅🤗

Question I’m 58 working in telecommunications I’m about 2 months away from my CCNP encore. But really have a desire for cyber security. Before I spend $400 us on exam and 2 months cramming because of my age should I move over take INE cyber course take eJPT exam. Or stay encor and automation

thanks a lot , Please would you have a video about how to get in to tier 1 SOC analyst job! what kinda skill does it need and how many years does it need for experience ? as I understand from your great videos its the first and entry level to be in cyber career path! thanks .

Mr David Bombal please how can I do an intro video just like yours? The part where its showing your Info's

Great Video Sir .....

Do you teach beginners and anyone wanting to learn

Thank your for this nice stream again.

SO , hi i have experience in the programming you can do video with my ?😊🙂

cyber force military branch incoming?

Great Video! I watch all your videos. Love, Neal's info. So, I have been working on the INE course. Is there a path that you recommend for Blue Team training? Thank you, so much. These videos have helped me so much.

Is there away to make a autorun usb drive to run with out enabling administrator like it does when you plug in your usb drive for your cordless keyboard and mouse. Is that even possible.... your the best technician hacker on KZbin... I've liked and subscribe/share. Please help.

Nice 👍🏽 information ℹ️

The culture in those other countries is more geared towards promoting hackers in the interest of the nation state. Here we seem to be so behind in encouraging our citizens to become interested in technology. If we could sell the romance of being a tech professional, as sexy as it is to become a professional athlete, that would definitely change some things.

How do I get a copy of the "Threat Intelligence Handbook"?

Love from India🇮🇳

Great stuff - David