Hack Responsibly Wed, 20 May 2026 13:00:33 -0500 https://www.buzzsprout.com/2244005 en-us © 2026 Hack Responsibly yes d6f84799-b5bf-5814-83e2-50842d94bed0 NetSPI episodic false Coming soon.

]]> Buzzsprout (https://www.buzzsprout.com) NetSPI https://storage.buzzsprout.com/1r3igbxrq24hjnqwa7emjqci8g37?.jpg Hack Responsibly Karl Fosaaen Hack Responsibly Episode 06: Testing at the Speed of Attackers Hack Responsibly Episode 06: Testing at the Speed of Attackers In this episode of Hack Responsibly, Karl Fossen talks to James Albany, NetSPI’s Senior Director of Network Pentesting, about his path from a SOC analyst to a penetration testing leader. They cover how AI and continuous testing are reshaping the security industry, what common gaps still show up in assessments, and what James is up to outside of work. 

What’s discussed: 

  • Advice for newcomers: understand the fundamentals so you can gut-check what AI is doing well versus poorly 
  • The shift from point-in-time assessments to continuous testing programs and why clients are increasingly asking for it 
  • AI's role in security testing, including generating Nuclei templates and accelerating vulnerability discovery, and when traditional automation is still the better choice 
  • The "fire hose effect" of AI tools like Mythos compressing timelines for vulnerability discovery, proof-of-concept development, and remediation 
  • Underrepresented topics in security: SCCM/deployment server risks, Linux and Kubernetes environments, and supply chain security 
  • Common gaps still showing up in assessments, including Active Directory and application-level vulnerabilities that network scanners miss 
  • TFTP and PXE booting as surprisingly persistent and effective attack vectors 
]]> In this episode of Hack Responsibly, Karl Fossen talks to James Albany, NetSPI’s Senior Director of Network Pentesting, about his path from a SOC analyst to a penetration testing leader. They cover how AI and continuous testing are reshaping the security industry, what common gaps still show up in assessments, and what James is up to outside of work. 

What’s discussed: 

  • Advice for newcomers: understand the fundamentals so you can gut-check what AI is doing well versus poorly 
  • The shift from point-in-time assessments to continuous testing programs and why clients are increasingly asking for it 
  • AI's role in security testing, including generating Nuclei templates and accelerating vulnerability discovery, and when traditional automation is still the better choice 
  • The "fire hose effect" of AI tools like Mythos compressing timelines for vulnerability discovery, proof-of-concept development, and remediation 
  • Underrepresented topics in security: SCCM/deployment server risks, Linux and Kubernetes environments, and supply chain security 
  • Common gaps still showing up in assessments, including Active Directory and application-level vulnerabilities that network scanners miss 
  • TFTP and PXE booting as surprisingly persistent and effective attack vectors 
]]> NetSPI Buzzsprout-19210529 Wed, 20 May 2026 12:00:00 -0500 2097 full false Hack Responsibly Episode 05: Proactive Cloud Security: Mitigate Real Risks Hack Responsibly Episode 05: Proactive Cloud Security: Mitigate Real Risks In this episode of Hack Responsibly, Karl Fossen chats with Thomas Elling, NetSPI’s Director of Cloud Pentesting, about today’s cloud security challenges. They dive into cloud pentesting tips and common misconfigurations, discussing how attackers take advantage of these gaps. Thomas also shares his own path into cybersecurity. Listen to practical advice for newcomers, and a look at why staying curious and adaptable matters for anyone tackling today’s evolving threats. 

We dive into: 

  • Strategic cloud adoption and layered security 
  • Mitigating high-impact cloud vulnerabilities 
  • The threat of attack chaining 
  • Cultivating a resilience security culture 
]]> In this episode of Hack Responsibly, Karl Fossen chats with Thomas Elling, NetSPI’s Director of Cloud Pentesting, about today’s cloud security challenges. They dive into cloud pentesting tips and common misconfigurations, discussing how attackers take advantage of these gaps. Thomas also shares his own path into cybersecurity. Listen to practical advice for newcomers, and a look at why staying curious and adaptable matters for anyone tackling today’s evolving threats. 

We dive into: 

  • Strategic cloud adoption and layered security 
  • Mitigating high-impact cloud vulnerabilities 
  • The threat of attack chaining 
  • Cultivating a resilience security culture 
]]> NetSPI Buzzsprout-18879865 Fri, 20 Mar 2026 09:00:00 -0500 1826 full false Hack Responsibly Episode 04: From Blue Team to Pentesting - Tools, Tales, and Techniques Hack Responsibly Episode 04: From Blue Team to Pentesting - Tools, Tales, and Techniques In this episode, host Karl Fosaaen sits down with Paul Ryan, Senior Director of Application Security at NetSPI, to explore his journey in cybersecurity and his leadership in application pentesting. Paul shares how his career evolved from IT and blue team roles to becoming a key figure in application security at NetSPI. 

We dive into: 

  • The evolution of application pentesting, including the rise of APIs and AI in security testing. 
  • Paul’s favorite tools and techniques, including the importance of checklists for consistency and quality. 
  • Advice for aspiring cybersecurity professionals: "Follow your passions." 
  • Memorable pentesting engagements, from formula injection debates to creative vulnerability discoveries. 
  • Paul’s love for hacker culture, including his favorite movie, Sneakers, and his passion for tinkering with old tech. 
]]> In this episode, host Karl Fosaaen sits down with Paul Ryan, Senior Director of Application Security at NetSPI, to explore his journey in cybersecurity and his leadership in application pentesting. Paul shares how his career evolved from IT and blue team roles to becoming a key figure in application security at NetSPI. 

We dive into: 

  • The evolution of application pentesting, including the rise of APIs and AI in security testing. 
  • Paul’s favorite tools and techniques, including the importance of checklists for consistency and quality. 
  • Advice for aspiring cybersecurity professionals: "Follow your passions." 
  • Memorable pentesting engagements, from formula injection debates to creative vulnerability discoveries. 
  • Paul’s love for hacker culture, including his favorite movie, Sneakers, and his passion for tinkering with old tech. 
]]> NetSPI Buzzsprout-18734696 Mon, 23 Feb 2026 15:00:00 -0600 1811 full false Hack Responsibly Episode 03: The Hidden Risk in Legacy Infrastructure Hack Responsibly Episode 03: The Hidden Risk in Legacy Infrastructure For many enterprise organizations (particularly in financial services and healthcare) mainframes remain the backbone of daily operations. Yet, these critical legacy systems often operate under a false assumption of "security by obscurity." Overlooking the security of these core assets represents a significant, often unaddressed, operational risk. 

In this episode of the Hack Responsibly podcast, NetSPI VP of Research Karl Fosaaen connects with Phil Young, NetSPI Director of Mainframe Pentesting. Known in the industry as "Soldier of Fortran," Phil is a leading authority on mainframe security. Together, they dismantle the myth that legacy infrastructure is immune to modern threats and discuss why specialized testing is essential for business continuity. 

]]> For many enterprise organizations (particularly in financial services and healthcare) mainframes remain the backbone of daily operations. Yet, these critical legacy systems often operate under a false assumption of "security by obscurity." Overlooking the security of these core assets represents a significant, often unaddressed, operational risk. 

In this episode of the Hack Responsibly podcast, NetSPI VP of Research Karl Fosaaen connects with Phil Young, NetSPI Director of Mainframe Pentesting. Known in the industry as "Soldier of Fortran," Phil is a leading authority on mainframe security. Together, they dismantle the myth that legacy infrastructure is immune to modern threats and discuss why specialized testing is essential for business continuity. 

]]> Karl Fosaaen Buzzsprout-18471212 Wed, 07 Jan 2026 16:00:00 -0600 2305 full false Hack Responsibly Episode 02: Securing the AI Frontier Hack Responsibly Episode 02: Securing the AI Frontier The adoption of artificial intelligence and large language models (LLMs) presents a significant opportunity for business innovation, but also introduces a new and complex attack surfaces. Balancing the drive for AI integration with robust security measures is essential for long-term strategic success and risk mitigation. 

In this episode of the Hack Responsibly podcast, NetSPI VP of Research Karl Fosaaen speaks with Kim Wiles, Director of AI Penetration Testing, about the unique security challenges posed by emerging AI technologies.  

]]> The adoption of artificial intelligence and large language models (LLMs) presents a significant opportunity for business innovation, but also introduces a new and complex attack surfaces. Balancing the drive for AI integration with robust security measures is essential for long-term strategic success and risk mitigation. 

In this episode of the Hack Responsibly podcast, NetSPI VP of Research Karl Fosaaen speaks with Kim Wiles, Director of AI Penetration Testing, about the unique security challenges posed by emerging AI technologies.  

]]> Karl Fosaaen Buzzsprout-18471077 Wed, 07 Jan 2026 15:00:00 -0600 1608 full false Hack Responsibly Episode 01: Inside the Mind of a Social Engineer Hack Responsibly Episode 01: Inside the Mind of a Social Engineer A single human error can compromise even the most robust technical infrastructure. For executives and security leaders, understanding the psychology behind these breaches is critical to protecting organizational assets. 

In the first episode of the Hack Responsibly podcast, host and NetSPI VP of Research Karl Fosaaen talked with Patrick Sayler about dissecting the evolving landscape of social engineering. This discussion moves beyond simple phishing definitions to explore the sophisticated tactics threat actors use to bypass advanced security controls, from multi-factor authentication (MFA) fatigue to AI-driven deception. 

This episode offers high-level insights into how social engineering impacts your risk posture and what proactive measures you can take to align your security initiatives with business continuity goals. 

]]> A single human error can compromise even the most robust technical infrastructure. For executives and security leaders, understanding the psychology behind these breaches is critical to protecting organizational assets. 

In the first episode of the Hack Responsibly podcast, host and NetSPI VP of Research Karl Fosaaen talked with Patrick Sayler about dissecting the evolving landscape of social engineering. This discussion moves beyond simple phishing definitions to explore the sophisticated tactics threat actors use to bypass advanced security controls, from multi-factor authentication (MFA) fatigue to AI-driven deception. 

This episode offers high-level insights into how social engineering impacts your risk posture and what proactive measures you can take to align your security initiatives with business continuity goals. 

]]> Karl Fosaaen Buzzsprout-18470468 Wed, 07 Jan 2026 14:00:00 -0600 2826 full false