About the Guest:
Jacob Krasnov is a cybersecurity expert, CEO, and co-founder at BC Security. He and his co-founder Anthony and Vincent Rose have significantly contributed to the cybersecurity field, particularly with their work on the Empire project. Jacob's background includes aerospace engineering and high-level cybersecurity assessments in the Air Force, where he was involved in rigorous testing of military aircraft like the F-22 and F-35. Transitioning to BC Security, Jacob has focused on enhancing tools for red teaming and threat emulation, making sophisticated cybersecurity tools accessible and maintainable.
Episode Summary:
In this episode of the Phillip Wylie Show, Phillip Wylie sits down with Jacob Krasnov from BC Security to delve into the evolution of the Empire project, cybersecurity's role in modern defense systems, and the importance of making advanced security tools accessible. Jacob elaborates on his journey from working on military aircraft cybersecurity assessments to co-founding BC Security, a company that has breathed new life into the Empire project—a project initially shelved by its original developers but resuscitated and advanced by Jacob and his team.
The conversation spotlights the significance of rigorous and repeatable security testing, as well as tying cybersecurity impacts to operational outcomes. Jacob details the extensive updates made to Empire, including support for Python 3, new agent types, and a comprehensive code rewrite to enhance maintainability and extend the tool's functionality. The show also touches on the importance of entry-level cybersecurity tools for global teams, the learning curve of such tools, and using AI in cybersecurity.
Key Takeaways:
Evolution of Empire: BC Security transformed Empire from a deprecated tool into a sophisticated platform with Python 3, C sharp, and Iron Python agents.
Cybersecurity Experience: Jacob's rich background in aerospace cybersecurity underpins his approach to advanced cyber defense strategies.
Educational Resources: Various training programs and resources, including TryHackMe and workshops at Defcon, are highlighted for budding cybersecurity professionals.
Tool Accessibility: Making advanced cybersecurity tools like Empire accessible is crucial for small and mid-sized business security postures.
AI in Cybersecurity: AI can streamline workflow and assist with complex tasks in cybersecurity but has its limitations, particularly in advanced and fringe areas.
Notable Quotes:
“We really liked the platform. We wanted to keep it up to date.” — Jacob Krasnov
“…important thing for those small businesses. And they can actually go fix stuff because they can't afford for a 15-20, $30,000 pen test to come in because that was their whole security budget for the year.” — Jacob Krasnov
“The conversation spotlights the significance of rigorous and repeatable security testing, as well as tying cybersecurity impacts to operational outcomes.” — Jacob Krasnov
“I'm excited to be here. Thanks for having me on.” — Jacob Krasnov
“…useful for people to be able to learn those tools. And I would imagine more willing to have people to help out from the community, create modules and add-ons and stuff, I would think.” — Phillip Wylie
Resources:
https://www.linkedin.com/in/jacobkrasnov/
BC Security Website
Black Hat 2024 Training - ADVANCED THREAT EMULATION: EVASION
Black Hat 2024 Training - ADVANCED THREAT EMULATION: ACTIVE DIRECTORY
Empire Operations I Training
BC Security Discord
TryHackMe
Defcon
The Empire Project on GitHub
Discover the intricacies of cybersecurity, the evolution of powerful tools, and insightful professional journeys in this episode. Tune in to not only learn about the technical advancements but also the significance of making these tools accessible to a broader audience. Stay tuned for more enriching content from the Philip Wylie Show.
