7 Minute Security
Hey friends! Fair warning: today’s episode is a bit of an emotional rollercoaster — we’ve got a big security win, some honest lab feedback, and a very personal share about my dad’s funeral. Buckle up. certified, baby! — I’m officially a , courtesy of the folks at . It’s been a long time coming (I originally signed up for the live version and fell off after missing a couple Saturdays), but I came back for the self-paced 30-day version and finally finished the job. The lab experience — the good: — ~25 objectives, a solid lab guide, and a really fun...
info_outline7 Minute Security
Hey friends! Still your grieving pal over here, but also your swarming friend and Protecting My Network Edge host — because this week I’ve been tinkering with something called and I’ve got my diapers on regarding it, but I really, really like what I see so far. Then, fair warning, I flip on the tangent light and verbally barf up some personal stuff at the end. I’ll make the hand-off super clear, so if you want your free security podcast to do exactly what you want and nothing else — totally fair, and you won’t offend me by hopping off. Here’s what we cover: ...
info_outline7 Minute Security
Hey friends! Still your grieving pal over here, but also your happy hacking host — because today we’re diving into baby’s first ! (Yes, I’m probably pronouncing that wrong. Yes, I’m going to keep saying it anyway.) Quick housekeeping: A few days ago I published a mini-series episode from our series, where I shared the news that my dad passed away last Friday. So many of you reached out with condolences — thank you from the bottom of my heart. I’ll share a little life update at the end of this episode. But first — Dracarys! I didn’t know it existed until...
info_outline7 Minute Security
Hey friends! This is a tough one to write. My dad passed away on Friday, and instead of the hacker-y tech episode I had planned, I pivoted to something more personal — another installment of our “Securing Your Family During and After a Disaster” series. I talk pretty raw and transparently today about loss, grief, and the practical stuff that makes a hard situation just a little less hard. Fair warning: it’s about death and dying, so if that’s not where your head is today, it’s totally okay to duck out – we’ll catch you next week. Here’s what I cover: My dad’s last...
info_outline7 Minute Security
Hello friends! It’s been over a year since we did a dedicated mental health episode, so today I’m doing a big catch-up and running through my 7-point plan for being a more mentally secure me. None of this is professional medical advice (I am most definitely not a doctor or therapist — well, actually, I am in therapy, but that’s tip #5), so take what’s useful and leave what isn’t. Terms and conditions apply. Here’s my current mental health toolkit: Drink a ton of water — I try to chug a full Yeti thermos before my morning mint hot cocoa, then keep it going...
info_outline7 Minute Security
Hello friends! I’ve been on a bit of an AI agent journey lately, and today I’m sharing my experience ditching OpenClaw and going all-in on — a self-hosted AI agent built by . A sold me on it, I wiped my Mac Mini (again), and baby’s first Hermes adventure began! Here’s what we get into today: Why I left OpenClaw — After getting the Mac Mini set up, OpenClaw left me feeling pretty meh: burning through API requests, random mid-conversation shutdowns, and a marketplace where the top listings were flagged as “potentially malicious.” Hard pass....
info_outline7 Minute Security
Hey friends! Backups are not as cool as pentesting, but boy do they matter when things go sideways. This week I’m sharing how a Proxmox backup disk space meltdown led me to a completely overhauled — and honestly pretty bulletproof — backup setup for both home and work. Claude played a big role in helping me sort it all out. Here’s what we get into: The backup history tour — I’ve been through CrashPlan, Dropbox, Backblaze (which saved my bacon after my in 2019!), and a mystery one that may or may not have had “Panda” in the name. These days I’m settled...
info_outline7 Minute Security
Hey friends! Today we’re going deep on external network pentesting — something I realize we’ve barely touched in however many episodes we’ve done. I’m currently in a long stretch of back-to-back external assessments, so it felt like a good time to talk about it. Here’s what we get into: Scoping headaches — why the old “count your public IPs and multiply by a big hourly rate” approach drives me crazy, and how we actually scope external tests to be fair to everyone Web apps in scope or not? — this needs its own conversation before the test starts, and skipping...
info_outline7 Minute Security
Hello friends! Today’s a hybrid episode — some security content up top about a new certification I’ve kicked off, followed by an aggressively quick trip to Tangent Town. Feel free to bail after the security stuff if tangents aren’t your thing! The security part: starting CARTP I’ve started the Certified Azure Red Team Professional course from Altered Security (). It’s the Azure follow-up to , which I took a few years back. Quick notes: Why now: Active Directory and internal pentests will always be my first love, but more and more of our customers are...
info_outline7 Minute Security
Hey friends! Quasi-vacation week over here, so today’s episode is lighter and more personal: just a story about how I turned my phone into a “” (kind of) and what that’s done for my mental health over the past week. The product is called Brick (). Not sponsored, no discount code — just something I’ve genuinely been enjoying. It’s a $50 NFC dongle + app that lets you “brick” your time-waster apps until you physically tap the brick again. Here’s what stood out: The physical separation is the magic. Other digital-wellbeing apps just need a code to unlock —...
info_outlineHey friends! Backups are not as cool as pentesting, but boy do they matter when things go sideways. This week I’m sharing how a Proxmox backup disk space meltdown led me to a completely overhauled — and honestly pretty bulletproof — backup setup for both home and work. Claude played a big role in helping me sort it all out.
Here’s what we get into:
- The backup history tour — I’ve been through CrashPlan, Dropbox, Backblaze (which saved my bacon after my house fire in 2019!), and a mystery one that may or may not have had “Panda” in the name. These days I’m settled on ARQ for personal backups — dead simple, backs up to just about everything (Dropbox, OneDrive, Google Drive, even their own ARQ Cloud for ~$80/year), and all data is encrypted at rest. Not a sponsor, but they should be.
- The 3-2-1 rule — I actually asked Siri mid-episode, and she initially thought it was a grounding/anxiety technique. (Valid, I guess?) The real answer: three copies, two different media, one offline. I’ve got a local copy plus OneDrive, Google Drive, and Dropbox — so I think I’m covered.
- The work side: Proxmox + PBS — My “data center” is a beefy Hetzner Proxmox box with about a dozen VMs. I had Proxmox Backup Server (PBS) set up on a secondary Hetzner box, happily cranking away… until it ran out of disk space and started yelling at me every night.
- Claude to the rescue — I spun up a Claude project, fed it terminal output and retention configs, and it gave me a straight-up honest assessment: either gut your retention policy (risky) or get more disk. It then walked me through Hetzner’s auctions page — which I didn’t even know existed — to find a storage-heavy, low-horsepower box. Ended up with two mirrored 8TB drives plus a 14TB drive for around $40/month. Not cheap, but totally worth it as a business expense.
- The new setup — PBS is now on its own dedicated Hetzner box. VMs from both my data center and my home NUC Proxmox box back up there nightly. Claude also suggested using that 14TB drive as an SFTP target for ARQ, giving me yet another redundant copy of all my personal data. It’ll take a few weeks to fully sync, but I’m running some flavor of the 4-3-2-1 rule now (I made that up).
- Proxmox forever — Someone wrote in asking if I’d go back to ESXi now that Broadcom brought back the free version. Hard no. I’ve fallen in love with Proxmox and I’m not going back.
- 7MinSec wiki scripts repo — Head over to 7MinSec.wiki and click the Scripts button to find a new GitHub repo where I’m publishing pentesting scripts. First one up: a push-button Exegol installer. More to come — and I’ll probably tease new scripts first over at 7MinSec.club on TuesdayTOOLSday!
Have a backup horror story — or a setup you’re proud of? Hit us up! And if you need assessments, pentesting, training, or other security goodness, find us at 7MinSec.com.