The Cyber Threat Perspective

Apr 30, 202628m#179

In Episode 179 of the Cyber Threat Perspective podcast, host Brad Causey and web app pen tester Jordan Natter kick off a multi-part series on the OWASP Top 10, the newly updated list of the most common and critical web a

Apr 22, 202631m#178

In Episode 178 of the Cyber Threat Perspective podcast, hosts Spencer and Tyler take a practitioner-first look at the internal security controls that genuinely make attackers' lives difficult, drawing directly from their

Apr 14, 202641m#177

In Episode 177 of the Cyber Threat Perspective podcast, host Brad Causey and virtual CISO Daniel Perkins take a clear-eyed look at Claude Mythos — Anthropic's AI model that's generating serious buzz in the cybersecurity

Apr 9, 202638m#176

In Episode 176 of the Cyber Threat Perspective podcast, Brad and Spencer break down some of the most repeated cybersecurity best practices in the industry and explain why, despite sounding solid on paper, they consistent

Apr 2, 202624m#175

In Episode 175, Spencer and Tyler break down NetTools — a free, self-contained Active Directory management and troubleshooting tool that’s become a go-to for their internal penetration testing engagements. They start wit

Mar 26, 202628m#174

In Episode 174, host Brad Causey is joined by guest Jordan Natter for a practical, tool-focused conversation on web application penetration testing. Together they break down the essential tools and Burp Suite Pro extensi

Mar 19, 202623m#173

How do you find insecure permissions in Active Directory before they turn into attack paths? In this episode, we take a practical look at how to identify insecure Active Directory permissions using ADeleg , a free securi

Mar 12, 202633m#172

Hey folks! Greetings from the Offensive Security group at SecurIT360. Brad & Spencer are on this episode of The Cyber Threat Perspective to break down The Biggest Security Blind Spots in Mid-Size Companies. In this episo

Mar 6, 202633m#171

Pentesting is quickly evolving with the integration of AI, fundamentally changing how cybersecurity professionals approach their work. In this episode, Spencer and Brad discuss the real shifts they’re seeing in the indus

Feb 27, 202634m#170

In this episode, we break down the biggest insights from the CrowdStrike 2026 Global Threat Report and what they actually mean for IT leaders, security teams, and executives. From attackers abusing trusted identities and

Feb 20, 202630m#169

In this episode, we’re digging into malicious browser extensions...the quiet, often overlooked attack vector living inside nearly every organization. While we focus on patching servers, hardening Active Directory, and de

Feb 13, 202623m#168

Brad and Jordan talk bout web app pen testing, why you might need it, and why other forms of app sec might not be good enough. Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://

Feb 6, 202630m#167

You've got Tyler & Brad and In this episode, we break down the early versions of Transport Layer Security (TLS) — TLS 1.0 and TLS 1.1 — and explain why these once-standard encryption protocols are now considered insecure

Jan 30, 202639m#166

In this episode, we explore why many organizations invest in penetration testing yet see little improvement in their actual security posture. We discuss the common pitfalls of treating pentests as one-time events, how at

Jan 23, 202633m#165

In this episode, Brad and Jordan talk about API pen testing, how it works, and what you can expect if you want to procure one. They discuss pitfalls, common findings, and ways to streamline the process. Blog: https://off

Jan 16, 202635m#164

In this episode, we take a step back from the AI hype and focus on what has actually changed in offensive security. AI isn’t replacing attackers or inventing brand-new techniques, but it is dramatically reducing friction

Jan 9, 202634m#163

In this episode, we dissect the dangerous trend of organizations ceding control of their security strategy to vendors, exploring the pitfalls of vendor lock-in, overspending, and the illusion of comprehensive protection.

Dec 19, 202536m#162

In this episode, Brad and Spencer from SecurIT360's Offensive Security group delve into the crucial reconnaissance phase attackers undertake before launching an attack. They discuss the real-world impact of seemingly har

Dec 12, 202538m#161

In this episode Brad and Spencer discuss the rapid technology shift that's happening in cybersecurity, hybrid pentesting models and the overall evolution of pen testing as we head into 2026. Need a pentest before the end

Dec 5, 202532m#160

In this episode, we're discussing the pros and mostly the cons of notifying your SOC/MSSP before your penetration test. Spencer and Brad delve into the details of why it matters and share their experience from hundreds o

Nov 28, 202544m#159

In this episode, we’re sharing practical, no-fluff advice for getting into cybersecurity, whether you're switching careers, just starting out, or leveling up your IT skills. We’ll cover what actually matters to employers

Nov 21, 202521m#158

In this episode Brad and Jordan sit down to discuss how she was caught and reported on a penetration test engagement. We deep dive into the details and why it's a net positive. Blog: https://offsec.blog/ Youtube: https:/

Nov 13, 202524m#157

In this episode Brad and Jordan sit down to discuss common web application security findings we've seen this year. Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cybert

Nov 7, 202528m#156

In this episode Spencer and Tyler discuss post-exploitation tactics that still work in 2025. The guys discuss everything from credential access techniques to defense evasion, lateral movement and even exfiltration. Blog:

Oct 31, 202537m#155

In this episode, we're taking a deep dive into how the Offensive Security group at SecurIT360 is strategically leveraging and utilizing artificial intelligence technologies in offensive security operations. We'll explore