Summary

In this episode of the Phillip Wylie Show, Phillip Wylie interviews Alethe Denis from Bishop Fox, exploring her journey into hacking, the significance of social engineering in cybersecurity, and the evolving landscape of phishing and red teaming. Alethe shares her unique origin story, insights into the importance of real phishing engagements, and creative methods for gaining access during physical pen tests. The conversation also touches on the ethical implications of social engineering, the challenges posed by increasing security awareness, and valuable advice for aspiring security professionals.

Takeaways

• Alethe's journey into hacking began with an interest in social engineering as a child.
• The evolution of hacking has always involved human manipulation.
• Real phishing engagements provide a more accurate assessment of security posture.
• Red teaming is essential for testing security assumptions and controls.
• Physical pen testing requires creative strategies to gain access.
• Voice phishing techniques are becoming increasingly sophisticated.
• Security awareness training is improving, but challenges remain.
• Ethical considerations are crucial in social engineering practices.
• AI is being misused to create fake explicit images for extortion.
• Networking and community engagement are vital for career growth in cybersecurity.

Connect with Alethe!

https://www.linkedin.com/in/alethe/

https://alethedenis.com/

Chapters

00:00 Introduction and Background

02:29 Alethe's Hacker Origin Story

06:40 The Evolution of Hacking and Social Engineering

08:11 Role of Social Engineering in Red Teaming

10:23 The Importance of Realistic Phishing Engagements

13:42 Physical Pen Testing and Access Strategies

16:15 Creative Methods for Gaining Access

20:03 Voice Phishing Techniques and Challenges

22:56 Navigating Social Engineering and Security Awareness

28:02 The Evolution of Scams and Manipulation Techniques

32:43 Career Pathways in Cybersecurity

40:31 Balancing Offensive and Defensive Security Roles