Everyday Cyber

Everyday Cyber

Alex Reid
Country USA
Genres Technology
Language EN
Episodes 11
Latest 16.07.2025

Everyday Cyber is a weekly podcast hosted by cybersecurity analyst Alex Reid that provides clear, actionable insights for staying safe online and breaking into the cyber industry. Each episode covers real-world threats like phishing and ransomware, blue team strategies, and career growth tips. The show is designed for beginners exploring the field, those preparing for certifications such as Security+ or SC-200, and anyone aiming to land their first SOC analyst role.

Episodes

  • Episode 9: Blue Team Field Manual Breakdown - Incident Response & System Hardening Toolkit | Everyday Cyber 16.07.2025 22m
    Join us for Episode 9 of Everyday Cyber as we dive deep into the Blue Team Field Manual by Alan White and Ben Clark - the ultimate practical guide for cybersecurity defenders. Discover essential command-line tools and techniques for Windows and Linux environments, structured around the NIST Cybersecurity Framework. Learn hands-on approaches to system hardening, network monitoring, malware analysis, and incident response. From vulnerability scanning with NMAP and Nessus to configuring firewalls and AppLocker policies, we cover the complete defensive toolkit. Whether you're a SOC analyst, system administrator, or cybersecurity professional, this episode provides actionable commands and methodologies for protecting, detecting, responding to, and recovering from cyber threats. Master the art of defensive cybersecurity operations with real-world commands you can use immediately.Blue team field manualCybersecurity defense commandsIncident response toolkitSystem hardening techniquesNetwork security monitoringWindows Linux security commandsSOC analyst guideDefensive cybersecurity operationsNIST cybersecurity framework implementationPractical incident response
  • Episode 9: The Complete Guide to Data Privacy Laws - From GDPR to PIPL Explained | Everyday Cyber 15.07.2025 1h 1m
    Join us for Episode 9 of Everyday Cyber as we decode the complex world of data privacy and protection laws. From GDPR and CCPA to China's PIPL and Canada's PIPEDA, we break down what these regulations mean for businesses and individuals. Learn about Privacy by Design principles, data subject rights, cross-border data transfers, and how to build a robust privacy program. Whether you're a business owner, privacy professional, or simply want to understand your digital rights, this episode provides practical insights into navigating today's privacy landscape. Discover the evolution of privacy laws, key compliance requirements, and real-world case studies that shaped modern data protection.Data PrivacyGDPRCCPAPrivacy LawsData ProtectionCybersecurityPrivacy by DesignData Subject Rights
  • Network Security Monitoring Explained (Part 1): NSM, Security Onion & Real-World Detection | Ep. 8 14.07.2025 23m
    🚨 Episode 8 – Part 1 of 2 | Everyday Cyber PodcastIn this first part of a two-part deep dive, host Alex Reid breaks down the essentials of Network Security Monitoring (NSM) — how it works, why it matters, and the open-source tools that power real-time detection and response.From understanding the Intrusion Kill Chain to deploying tools like Security Onion, Zeek, and Suricata, this episode helps you build foundational knowledge in modern network defense.🔍 In this episode (Part 1):What is NSM and how it differs from continuous monitoringWhy prevention fails — and how NSM fills the gapData types in NSM: full content, session, alerts, and metadataChallenges with proxies, NAT, and the X-Forwarded-For headerOverview of open-source NSM tools (Security Onion, Bro/Zeek, Suricata, Sguil)🧠 This episode is ideal for SOC analysts, blue teamers, cybersecurity students, and anyone learning how defenders really detect threats.🎧 Part 2 coming next week.network security monitoringNSM podcastsecurity onion tutorialzeek bro network analysissuricata idssguil security onionintrusion kill chain explainednetwork visibility toolsincident response podcastfull packet capture analysisnetwork forensics toolsx-forwarded-for proxy logsnsm data types explainedcybersecurity detection stackvirus total analysisnetworkminer pcap analysisclient-side compromiseserver-side compromiseioc detection processblue team workflowseveryday cyber podcast
  • Digital Forensics & Anti-Forensics Explained: NTFS Artifacts, ADS, File Carving & Timestomping | Ep. 7 12.07.2025 24m
    🧠 Episode 7 – Everyday Cyber PodcastIn this episode, host Alex Reid explores the battlefield between digital forensics and anti-forensics — revealing how investigators extract hidden truths from NTFS volumes, and how attackers attempt to cover their tracks.From Alternate Data Streams (ADS) and Volume Shadow Copies, to timestomping and file wiping, this episode dives into the structures and techniques that define modern forensic investigations — and the countermeasures used to evade them.🔍 What You'll Learn in This Episode:Key forensic artifacts in NTFS: $MFT, $I30, $LogFile, $UsnJrnlHow Alternate Data Streams (ADS) are used to hide dataTimestomping, file wiping, and registry key deletion as anti-forensicsTools like MFTECmd, Bulk Extractor, PhotoRec, and vss_carver.pyHow forensic analysts perform file carving, super timelines, and triage collectionThe role of Zone.Identifier ADS, VSS, and SDelete in investigationsTechniques attackers use to stay hidden in plain sight — and how to find themWhether you're learning digital forensics or defending against sophisticated attackers, this episode gives you a detailed breakdown of how investigations work at the file system level.digital forensicsanti-forensicsalternate data streamsNTFS forensicsvolume shadow copy forensicsfile carvingtimestomping detectionmftecmd tutorialfile wipingphotoRec recoveryzone.identifier ADSNTFS metadataADS malware hidingsuper timeline forensicstriage collectionbulk extractor forensicregistry key wipingforensic tools podcastNTFS MFT analysisdigital forensic investigationeveryday cyber podcast
  • Malware Hunting at Scale: Timelines, YARA Rules & the Tools Pros Use | Ep. 6 11.07.2025 50m
    🧠 Episode 6 – Everyday Cyber PodcastIn this episode, Alex Reid explores how cybersecurity analysts use timeline analysis to investigate intrusions, uncover malware, and detect threats at scale. This hands-on walkthrough reveals how modern blue teams reconstruct attacks across hundreds of endpoints using tools like log2timeline, YARA, capa, and more.You’ll learn the full process from enterprise threat hunting to deep-dive forensic timeline building — including malware detection, IOC stacking, and how to pivot around suspicious activity.🔍 Key topics covered:The 3-phase model: Threat Hunting → Triage → Deep-Dive ForensicsOccurrence stacking, outlier detection, and IOC huntingDetecting malware using tools like Sigcheck, maldump, and capaWriting YARA rules and matching malware capabilities to MITRE ATT&CKFilesystem timelines vs. super timelines — when to use eachUsing log2timeline, Plaso, Timeline Explorer, and TimesketchHow to scale timeline analysis across multiple compromised systemsPractical insights for analysts, DFIR teams, and blue teamerstimeline analysisthreat huntingmalware detectionYARA ruleslog2timelineplaso forensic toolcapa malware analysisdigital forensics podcastDFIR workflowioc huntingsigcheck malware scantimeline explorertimesketch tutorialfileless malware detectionendpoint forensicsblue team tacticsincident response timelinecybersecurity toolsforensic timeline buildingeveryday cyber podcast
  • Memory Forensics in Incident Response & Threat Hunting | Detecting Malware, Rootkits & Fileless Attacks | Ep. 6 10.07.2025 27m
    🧠 In Episode 6 of the Everyday Cyber Podcast, host Alex Reid explores the powerful role of memory forensics in both incident response and threat hunting. This episode breaks down the techniques and tools used to uncover hidden malware, detect rootkits, and investigate in-memory attack activity across compromised systems.Whether you're working with live RAM captures or analyzing memory dumps post-incident, understanding these methods is essential for uncovering advanced adversaries and fileless threats.🔍 What You’ll Learn in This Episode:Core memory forensics concepts for incident respondersUsing tools like Volatility, Velociraptor, and Memory BaselinerIdentifying code injection, process hollowing, DLL injection, and reflective loadingDetecting BYOVD attacks, rootkits (DKOM, SSDT, IDT hooks), and thread hijackingInvestigating suspicious memory regions, handles, VAD trees, and PE headersWorking with hiberfil.sys, pagefile.sys, .vmem, and .vmsn filesUnderstanding fileless malware and “living off the land” techniquesUsing memory to trace attacker tools like Cobalt Strike, Emotet, and Poison IvyCrafting detection rules using YARA, and parsing strings with bstringsIf you're in digital forensics, blue teaming, or threat detection, this episode gives you actionable knowledge for using memory artifacts to expose what attackers try hardest to hide.memory forensicsincident response podcastthreat huntingcybersecurity podcastcode injection detectionvolatility memory analysisprocess hollowingdll injectionBYOVD malwarerootkit analysisfileless malware detectionDFIR podcastmalware investigationadvanced threat huntingVelociraptor forensic toolmemory dump analysisendpoint forensicscobalt strike detectionmemory artifacts analysisdigital forensics podcast
  • Windows Forensics & Intrusion Detection: Detecting Threats with Logs, PowerShell & Sysmon | Ep. 5 09.07.2025 32m
    🔍 In this episode of the Everyday Cyber Podcast, host Alex Reid takes you deep into the world of Windows forensics and intrusion detection — revealing how defenders can track advanced attacks using native event logs, system artifacts, and modern blue team tools.You’ll learn how to detect lateral movement, uncover PowerShell abuse, and investigate attacker activity using Prefetch, AppCompatCache, Amcache.hve, and Event ID correlation. We also cover how Sysmon dramatically improves visibility for detecting real-world threats.🔐 Topics covered in this episode:Prefetch, AppCompatCache, and Amcache forensic analysisTracking attacker movement with Event IDs 4648, 4688, and 7045How to detect PsExec, WMI, and PowerShell RemotingPowerShell logging: Script Block Logging, Downgrade Attacks, and DefenseWhy Sysmon is a game-changer for endpoint intrusion detectionReal-world examples of "living off the land" attacks and how to catch themUsing event log artifacts to build a timeline of attacker behaviorWhether you're a SOC analyst, threat hunter, or just starting your cybersecurity career, this episode helps you level up your understanding of endpoint detection and response using only what’s built into the operating system.Windows forensicsIntrusion detectionCybersecurity podcastSOC analyst toolsThreat detectionEvent log analysisPowerShell loggingSysmon for securityLateral movement detectionAmcache analysisAppCompatCachePrefetch forensic evidencePsExec detectionWMI attack investigationEDR strategiesWindows endpoint visibilitySecurity operations centerDetecting attacker behaviorDigital forensics podcastCybersecurity incident response
  • Advanced Incident Response & Threat Hunting | Cyber Kill Chain, MITRE ATT&CK & Real-World Defense | Ep. 4 08.07.2025 55m
    🚨 Welcome to Episode 4 of the Everyday Cyber Podcast, where we break down the critical strategies behind advanced incident response and proactive threat hunting — skills every modern security team needs to stay ahead of today’s fast-moving adversaries.In this episode, host Alex Reid walks you through real-world detection and response tactics used by security operations teams to reduce attacker dwell time, detect lateral movement, and disrupt advanced threats before they succeed.🔐 What You’ll Learn in This Episode:The evolving threat landscape and the growing speed of intrusionsThe full 6-step incident response process and how to do it rightWhy premature eradication is dangerous — and what to do insteadHow to leverage containment and intelligence development in real timeBuilding a repeatable loop of scoping, analyzing, and expanding IOCsKey principles of the Cyber Kill Chain® and MITRE ATT&CK™How to use TTPs, behavioral indicators, and campaign reconstructionAtomic, computed, and behavioral IOCs — and how to use them effectivelyLessons from real-world response failures and successesThis episode is packed with field-proven frameworks and tactical strategies that help defenders identify threats, contain them smartly, and strengthen long-term cyber resilience.🎧 Listen to all episodes:https://open.spotify.com/show/1g19uYLancJsweZODur80H🔁 New episodes weekly on:Incident response workflowsThreat hunting techniquesCyber threat intelligenceMITRE ATT&CK strategiesSOC tools and blue team opsEntry-level cybersecurity career tips
  • Mastering Alert Triage, Email Threats, and Sigma Rules | Everyday Cyber Podcast Ep. 3 07.07.2025 35m
    🚨 Welcome to Episode 2 of the Everyday Cyber Podcast with your host Alex Reid – where we go deep into real-world defensive security practices and the essential skills needed in a modern Security Operations Center (SOC).In this episode, we break down efficient alert triage, the science of email-based threat detection, and how structured analytics like Sigma rules, deny lists, allow lists, and new term rules can dramatically improve your ability to detect and respond to cyber threats.🔍 What you'll learn in this episode:How data enrichment increases alert fidelityThe role of "features" in building security analyticsAlert tuning using the Pareto Principle (80/20 rule)Deny lists vs. allow lists — strengths and weaknessesFirst-contact rules (New Term Rules) and how they workOverview of Sigma and how it helps standardize SIEM analyticsAnatomy of a Sigma rule: metadata, log source, detection, conditionHow to improve SOC morale and reduce burnoutNetwork layer disruption strategies: Layer 3, 4, and 7 blockingWhy a home lab is your secret weapon for mastering company-scale monitoringWhether you’re a SOC analyst, blue teamer, or aspiring cybersecurity pro, this episode gives you advanced yet accessible insights to level up your detection engineering, automation mindset, and operational efficiency.
  • Efficient Alert Triage & Email Threats: Mastering Cyber Defense Tactics 06.07.2025 33m
    In this episode of the Everyday Cyber cybersecurity podcast, host Alex Reid explores one of the most critical skills in modern security operations: alert triage and email threat analysis.You'll learn how structured analytical techniques like Hypothesis Generation, Link Analysis, and Analysis of Competing Hypotheses (ACH) can help you cut through alert fatigue, sharpen your decision-making, and avoid cognitive biases during complex investigations.We also break down OPSEC best practices — essential when gathering threat intel or investigating targeted attacks — so you don’t inadvertently tip off adversaries.Then we dive into the core of email security, including:How SPF, DKIM, DMARC, and ARC really workHow attackers spoof emails and bypass protectionsReal-world examples of Business Email Compromise (BEC), malicious attachments, and phishing linksProven email threat detection strategies every Blue Teamer should knowIf you're pursuing a career in cybersecurity or already working in a SOC, this episode will elevate your alert triage skills and email analysis confidence.
  • Inside the SOC: Foundations of Blue Team Operations 06.07.2025 45m
    Welcome to the first episode of Everyday Cyber! In this foundational deep dive, host Alex Reid walks you through the core mission, structure, and daily reality of a modern Security Operations Center (SOC).You'll learn how security teams are organized, what tools they use, and how they handle vast amounts of data to detect and respond to cyber threats. We’ll break down:The mission and mindset of a Blue TeamSOC structure and key functionsData sources: logs, network traffic, and endpointsFundamentals of DNS and HTTP analysisHow Windows and Linux systems log activityHow analysts identify malware, suspicious files, and triage alertsThe role of continuous improvement, enrichment, and automation in modern SOCsWhether you're just starting your cybersecurity journey or brushing up your skills, this episode gives you a clear, structured look into the frontline of cyber defense.

Popular in

The podcast also appears in the podcast charts of these countries.