7 Minute Security
Hey friends! Fair warning: today’s episode is a bit of an emotional rollercoaster — we’ve got a big security win, some honest lab feedback, and a very personal share about my dad’s funeral. Buckle up. certified, baby! — I’m officially a , courtesy of the folks at . It’s been a long time coming (I originally signed up for the live version and fell off after missing a couple Saturdays), but I came back for the self-paced 30-day version and finally finished the job. The lab experience — the good: — ~25 objectives, a solid lab guide, and a really fun...
info_outline7 Minute Security
Hey friends! Still your grieving pal over here, but also your swarming friend and Protecting My Network Edge host — because this week I’ve been tinkering with something called and I’ve got my diapers on regarding it, but I really, really like what I see so far. Then, fair warning, I flip on the tangent light and verbally barf up some personal stuff at the end. I’ll make the hand-off super clear, so if you want your free security podcast to do exactly what you want and nothing else — totally fair, and you won’t offend me by hopping off. Here’s what we cover: ...
info_outline7 Minute Security
Hey friends! Still your grieving pal over here, but also your happy hacking host — because today we’re diving into baby’s first ! (Yes, I’m probably pronouncing that wrong. Yes, I’m going to keep saying it anyway.) Quick housekeeping: A few days ago I published a mini-series episode from our series, where I shared the news that my dad passed away last Friday. So many of you reached out with condolences — thank you from the bottom of my heart. I’ll share a little life update at the end of this episode. But first — Dracarys! I didn’t know it existed until...
info_outline7 Minute Security
Hey friends! This is a tough one to write. My dad passed away on Friday, and instead of the hacker-y tech episode I had planned, I pivoted to something more personal — another installment of our “Securing Your Family During and After a Disaster” series. I talk pretty raw and transparently today about loss, grief, and the practical stuff that makes a hard situation just a little less hard. Fair warning: it’s about death and dying, so if that’s not where your head is today, it’s totally okay to duck out – we’ll catch you next week. Here’s what I cover: My dad’s last...
info_outline7 Minute Security
Hello friends! It’s been over a year since we did a dedicated mental health episode, so today I’m doing a big catch-up and running through my 7-point plan for being a more mentally secure me. None of this is professional medical advice (I am most definitely not a doctor or therapist — well, actually, I am in therapy, but that’s tip #5), so take what’s useful and leave what isn’t. Terms and conditions apply. Here’s my current mental health toolkit: Drink a ton of water — I try to chug a full Yeti thermos before my morning mint hot cocoa, then keep it going...
info_outline7 Minute Security
Hello friends! I’ve been on a bit of an AI agent journey lately, and today I’m sharing my experience ditching OpenClaw and going all-in on — a self-hosted AI agent built by . A sold me on it, I wiped my Mac Mini (again), and baby’s first Hermes adventure began! Here’s what we get into today: Why I left OpenClaw — After getting the Mac Mini set up, OpenClaw left me feeling pretty meh: burning through API requests, random mid-conversation shutdowns, and a marketplace where the top listings were flagged as “potentially malicious.” Hard pass....
info_outline7 Minute Security
Hey friends! Backups are not as cool as pentesting, but boy do they matter when things go sideways. This week I’m sharing how a Proxmox backup disk space meltdown led me to a completely overhauled — and honestly pretty bulletproof — backup setup for both home and work. Claude played a big role in helping me sort it all out. Here’s what we get into: The backup history tour — I’ve been through CrashPlan, Dropbox, Backblaze (which saved my bacon after my in 2019!), and a mystery one that may or may not have had “Panda” in the name. These days I’m settled...
info_outline7 Minute Security
Hey friends! Today we’re going deep on external network pentesting — something I realize we’ve barely touched in however many episodes we’ve done. I’m currently in a long stretch of back-to-back external assessments, so it felt like a good time to talk about it. Here’s what we get into: Scoping headaches — why the old “count your public IPs and multiply by a big hourly rate” approach drives me crazy, and how we actually scope external tests to be fair to everyone Web apps in scope or not? — this needs its own conversation before the test starts, and skipping...
info_outline7 Minute Security
Hello friends! Today’s a hybrid episode — some security content up top about a new certification I’ve kicked off, followed by an aggressively quick trip to Tangent Town. Feel free to bail after the security stuff if tangents aren’t your thing! The security part: starting CARTP I’ve started the Certified Azure Red Team Professional course from Altered Security (). It’s the Azure follow-up to , which I took a few years back. Quick notes: Why now: Active Directory and internal pentests will always be my first love, but more and more of our customers are...
info_outline7 Minute Security
Hey friends! Quasi-vacation week over here, so today’s episode is lighter and more personal: just a story about how I turned my phone into a “” (kind of) and what that’s done for my mental health over the past week. The product is called Brick (). Not sponsored, no discount code — just something I’ve genuinely been enjoying. It’s a $50 NFC dongle + app that lets you “brick” your time-waster apps until you physically tap the brick again. Here’s what stood out: The physical separation is the magic. Other digital-wellbeing apps just need a code to unlock —...
info_outlineHey friends! After last week’s heavy episode about my wife’s health scare in Punta Cana, today’s is a lighter one. (Quick update: she’s doing better – still recovering, but appetite’s back and she’s got some pep again. Thanks so much to everyone who sent kind messages.)
Today I’m gushing about how AI has been making my IT and security life way more efficient:
- Firewall migration: Had AI walk me through a WatchGuard T15W → T25W migration (no clean config export path). AI captured everything – screenshots, branch office VPN, VLANs, firewall rules, DHCP reservations – all organized and replayed step-by-step. The whole project took ~1 hr 15 min (plus 30 min hunting down a subnet typo that was 100% my fault).
- GOAD lab automation: Worked with AI to build a script that handles the full lifecycle of my Light Pentest GOAD student lab – tear it down, rebuild from latest, assign Tommy Boy-themed passwords and sync user accounts to the Apache Guacamole and lab connections. Speaking of which – Light Pentest GOAD class will be re-offered soon once the calendar firms up!
- External pentest wrapper scripts: Finally automated the boring auxiliary testing stuff – nmap, Shodan API, Nessus queuing, subdomain hijacking checks, metadata searches, cred spraying against M365, sysleaks lookups – all correlated and deduplicated into one push-button menu.
- SysReptor automation: If you’re not using SysReptor for reporting, check it out. Piping JSON findings straight into reports via API as I test has been a game-changer. A webinar on this might be in 7MinSec’s future.
Got cool ways you’re using AI for IT/security work? We’d love to hear them!