Good News York by Growth Mode Content - GNY EP.59 | Feat. Arel Moodie + Graham O'Donnell
Episode Date: June 25, 2025In-Depth Conversations with Arel Moodie and Graham O'Donnell In this episode of Good News York, host Matt Masur is joined by Arel Moodie, a renowned public speaker and media personality, who discusses... his career and co-founding of 'Profound.' Moodie also introduces his startup, 'Talk Dot,' an AI-driven platform improving connections between event planners and speakers. Additionally, Matt chats with Graham O'Donnell of Mal Tech Solutions, diving into the world of IT security and hacking. Graham explains the intricacies of penetration testing and discusses the motivations behind hackers. The episode also features a light-hearted bonus segment with Matt's son, Parker, sharing his love for baseball and WWE. 00:00 Introduction and Guest Welcome 01:18 Profound and Its Impact 02:28 Professional Speaking Career 03:42 Talk Dot: Revolutionizing Speaker Engagement 06:08 Challenges of Running a Tech Company 10:16 Expanding Talk Dot's Potential 13:05 Media Ventures and Hosting Opportunities 15:11 Insights on Consistency and Content Creation 16:59 Future Plans and Event Industry Innovations 23:18 Introduction to Mal Tech Solutions 25:13 Introduction to Penetration Testing 27:24 Red Team vs Blue Team 30:11 Challenges and Learning in Cybersecurity 37:22 Motivations Behind Hacking 40:50 Hack Dissection Podcast 43:40 Bonus Segment with Parker Brindisi
Transcript
Discussion (0)
I earned my degree online at Arizona State University.
I chose to get my degree at ASU because I knew that I'd get a quality education.
They were recognized for excellence and that I would be prepared for the workforce upon graduating.
To be associated with ASU, both as a student and alum, it makes me extremely proud.
And having experienced the program, I know now that I'm set up for success.
Learn more at ASUonline.asu.edu.
You're listening to a podcast right now.
Driving, working out, walking the dog.
If you're into podcasts, chances are you have something to say too.
With RSS.com, starting your own is free and easy.
Upload an episode, and we distribute it to Apple Podcasts, Spotify, Amazon Music, and hundreds more.
Track your listeners, see where they're from, and start earning from ads like this.
Even with just 10 listeners a month.
If you've been thinking about starting a podcast, this is your podcast.
sign. Start free at RSS.com.
Hey guys, Matt Major from Growth Mode content. Welcome to another awesome episode of
Good News, York. I am joined by the bet. This is like our best get so far, I feel like.
This is, this guy is a legit public speaker, media star startup entrepreneur. I don't know.
I'm not going to read your whole resume. Arell Moody is in the studio. This is, this is really,
You've been up for Matt doing the introduction and make me feel very awkward.
Thank you.
That's where the applause come in.
How are you, man?
I'm good, man.
I'm very, very excited.
I love this, man.
You know, I've always, I've seen your videos, but to be in the studio with this is really, it's really sweet.
I appreciate that.
We've worked hard on it.
And we've actually got this time next week, we will have our second studio finished.
That one's going to be more of a kind of that typical podcast living room set with a couple of armchairs set of deal.
So we'll have a couple different options.
But yeah, I'm glad.
We're very happy to have you.
One of the other things, and I'm going to let Arel talk about a little more,
but one of the ways that I know this gentleman is from Profound.
And if you're a follower of the show,
you've seen that many of our incredible guests have come from that great organization.
This gentleman's one of the co-founders.
So we have him to thank really for everything that's happening here.
To be completely honest.
You're how I know Danny.
This is just, I appreciate you for that.
Before anything else, I want you to know.
How much that means to us?
I think there's a beautiful mixture of when you take really, really talented, hardworking people
and put them in the room and just kind of let what naturally occurs occurs.
And I think profound is a great example of that in real time.
Yeah.
Spectacular organization, spectacular people.
And one of the things that was great in this organization is we would have all these events for folks that don't know.
And we'd get together, we'd go places, we'd have these events.
And then in many cases, they were led by this gentleman.
who would inspire is not even the word.
It's just thought-provoking conversation,
which is what you do, I would say, for a living, right?
That's kind of your main gig.
You talk about that a little bit?
Yeah, so I've been a professional speaker for 18 years.
So I've been, it's always an interesting profession
when you think about professional speaking,
because people say, well, you just speak for a living,
and I'm like, yeah, yeah, I guess so, right?
So, you know, typically I get invited to conferences,
to associations, annual,
events, company, all staff meetings, and I'm a kickoff speaker or a closing speaker or a
workshop presenter. And I've been doing that for closer two decades. And when Profound came about,
Jeff Kanaas, who was an incredibly smart guy, Adam Whiteman, incredibly smart guy, they said,
like, there's nothing like what profound would be in Central New York. And we should do something
about it. And it all made all the sense. You know, nothing was wild about it. So I said, let's do it.
You know, so it was, it was an honor to get that started.
And honestly, the people I've met, if all goes well, will be, you know,
they say there's people you know for a reason, a season, or lifetime.
So I'm hoping there's a lot of lifetime folks from Profound.
I love that.
I love, he's got the great quotes.
This is why I love this guy.
Arell, you've also got, I mentioned briefly a startup.
Yeah.
And your startup also gets into the world of professional speaking.
Can you talk about talk a dot a little bit?
Yeah.
Yeah.
So I'm the co-founder of a company called Talkedat.
So what Talkedat came about is in the professional speaking world, how do you know if someone's good?
How do you know who should bring in?
Sure.
You know, you really don't.
So in a very short way to describe it is we wanted to build like the trust pilot of speakers.
So, well, how do you do that?
It's really complex.
So we first built a tool for speakers to get feedback and leads.
A speaker goes up.
They put up a QR code.
They get some feedback.
And two things happen.
one, we automatically create this really great report for them that shows their quantitative data, qualitative data.
We also pull out anyone in the audience that's interested in potentially hiring them so they can get spin-off business.
And now we have about 10,000 speakers that are using the tool.
Oh, wow.
So we now have the largest database of speakers who they've spoken to, how well they've done, how effective they've been, the content that they've done, who they've resonated with.
So now we have a really great opportunity to match speakers with event planners for their event.
So if I'm an event planner, I have an event, we now can say, well, what exactly you're looking for?
And instead of us going by gut, we can go by data and help match them.
So it's a tool that speakers can either use individually or they can use and will allow them to book more speaking engagements through our platform as well.
I didn't know you had that kind of second part.
That's, that's a new, is that a new piece?
You know, that's kind of always been True North for us.
And the feedback tool has always been a crucial step to that true work.
So it's always been there.
But you can't launch.
So there's a marketplace, if you think about Airbnb, Fiverr, any kind of marketplace, you've got supply and demand.
Yeah.
You've got to build one of the sides up first or else the other side won't care.
100%.
So that's the challenge of any marketplace.
Anyone who just goes straight to marketplace typically fails.
So our goal was to, all right, well, let's build up the supply side first.
which is the speakers, and we have to build the tool that they would use.
Now we have the demand side, and luckily, you know, speaking for 18 years, I know a lot of people
who work speakers, so we start there, we expand out.
And luckily, event planners have told us, you know, it takes us like six months to find a speaker,
but with our tool, they can do it in like six minutes.
Wow.
So it's a huge time saver and it's database.
So we're super excited about it.
It is the hardest thing I have ever done in my entire running attack company is.
What's the single hardest piece of it?
You normally, as a service provider, I am an expert and I get to share my expertise with people.
So you kind of know what you're doing.
Sure.
And you share it with people.
In a tech company, you're constantly iterating.
Meaning, you launch something.
You spend, you know, six weeks building it.
And then you go, oh, that didn't land exactly the way we should.
So now we have to figure out how to build more efficiently.
We have to figure out how to launch.
And then you create features that people don't like or they don't want or they don't need.
And then or people say, oh, you know what?
Could you create this feature?
And it's like completely off of nobody else wants that.
What you're going to do.
And it's like that's really amazing for your single.
So you have to manage constant iteration.
You have to manage getting the word out when things change and evolve.
And you have to manage when you have 10,000 opinions.
They all might want a different thing.
and you've got to figure out how to make the best decision for everyone.
And it's a lot of input management, iteration.
And that's really hard.
Because normally, you know, as a professional speaker, I might speak, I don't know, 50, 40 times a year.
But when you're dealing with like 10,000 people who have ideas and inputs and needs and wants,
you've got to, you know, then hire the right people, create the right system.
So it's a huge undertaking.
And by definition, the harder the thing to do, the more.
beautiful the reward or at least the learning yeah at least the learning yeah
that's incredible man I you know I've seen the platform it's a very nice tool and
you know I've mentioned this to you in the past is yeah a lot of thought went into
that you see all kinds of apps and platforms and things of this nature and many of them
are very cumbersome yours seems to be very clean straight to the point in the
features that I saw were actually useful features you know I know you implemented some
AI not long ago. And you know, everybody, that's the thing you got to do. You got to AI up everything in the world.
But it seems that you actually found useful places to implement that AI, not just to check that box.
Well, that's what's really hard because there's a couple of ways to approach technology. You can do what a lot of people do is let's just build something for like, you know, six months and then try to get as many people in.
And then what happens is you are like a shooting star.
You're hot for six months.
But then when people actually start using it, it's a little clunky.
We have very, very specifically chosen a longer, more, I don't know what the right word is.
It's an iteration process that says, hey, we're going to build fast and we're going to change.
But we know we're not going to get it perfect.
Sure.
And it's been, you know, three years now.
And, you know, luckily we have an incredible team.
I have co-founders who are incredibly intelligent in design.
and user experience and technology.
So we are taking a longer approach,
but the goal is when you win,
you've created such a moat around what you're doing
because what a lot of people who go in tech don't realize
is when we think about the Google Maps, the Instagrams,
those are the apps that won.
Yeah.
They won.
So we believe everything should flow and be as easy as those apps.
But for every Google Maps and Instagram,
there's a billion other people that came in and flashed in the pan and destroyed their business potential.
So taking the longer approach, I think, is counterintuitive.
But then ideally, you build something that when we say a moat, it's eventually someone's going to be like, oh, they're doing a pretty good job.
Let me come in and come.
That's eventually going to happen.
But I don't think people will take the same care that we will.
So we feel very confident that our user approach will ideally build a moat.
And, you know, our goal is to keep iterating and getting better and better and better.
It's like we were talking about, like, technology stuff.
Like, it's always, it's never done.
It's never baked.
So I think as long as we stay hungry like that, it'll be great for our users.
That's great.
That's great.
Now, listen, I've mentioned this to you in the past, and I've just got to lobby you a little bit on that.
Yeah, yeah.
everything that is spectacular about talkadot for speakers would be equally awesome for podcasters.
And I think, and obviously, you got to nail one market at time, right?
I can't blame you for that at all.
But when you're ready, I think that you could absolutely explode in that niche as well.
For, like I said, the exact same sales pitch.
And honestly, we think that's on the table, right?
And you're 100% right.
You know, any business, your biggest challenge is saying no.
That's the biggest challenge because you want to say yes to everything.
But we've learned early the more we said yes, the more we, you know.
But for a podcaster, you know, it's like, hey, someone's listening, but I don't know who they are.
I don't know which particular episodes are resonating.
I don't know.
So to be able to get that really quick feedback and to turn it into visualize data and to be able to make decisions from it, to me, it makes all the sense in the world.
And at some point, if the mood is right, we hope to do so, but we really want to.
do the event industry right now.
I completely understand that.
Like I said, I just got to lobby for our folks a little bit because we need something this awesome
in this industry.
Even when it comes to like ad sales.
Now, there's a lot of things that are happening where it's become, there's now actually
certified podcast statistics that if you want to go out in the world and sell ads, people
can actually trust these numbers.
But any type of feedback that somebody who wants to go out in the market and get a sponsor
or something like that is just nothing but a benefit will help their case.
So that's, again, that's just why I lobby for that.
We need good tools, man.
We hear you.
We hear you.
You know, podcast isn't interesting, too, because I think about how many people.
You're listening to a podcast right now, driving, working out, walking the dog.
If you're into podcasts, chances are you have something to say too.
With RSS.com, starting your own podcast is free and easy.
Upload an episode and we distribute it to Apple Podcasts, Spotify, Amazon Music, and more.
Track your listeners, see where they're from, and start earning from ads.
just like this.
If you've been thinking about starting a podcast,
this is your sign.
Start your new podcast for free today at RSS.com.
Taxes was feeling so stuck.
Sitting in traffic, squeezing into a parking spot,
all to squeeze in getting tax help during your lunch break.
Now Taxes is a TurboTax expert who does your taxes for you,
while you go about your day getting real-time notifications
about their progress and the most money-back guaranteed.
Now this is taxes.
Intuit TurboTax.
See guaranteed details at turbotax.com
slash guarantees only available with TurboTax experts.
Real-time updates only in iOS mobile app.
People create podcasts and how many people are kind of like,
I think we're doing okay, right?
And they say like, oh, here's some download numbers.
And I think, I guess we got some people in Texas listening.
Right.
But to actually, I think any podcast are listening to this,
building your list is probably a hugely important
to actually turn those listeners.
into email addresses.
Yeah.
Turn those listeners because then there are people you can directly communicate with.
Right.
So when you say, hey, I'm going to be in Austin, Texas, doing a live event, you could get a whole
bunch of people to show up.
100%.
It's kind of like that Mr. Beast effect where if he goes, I'm going to be at the mall in New Jersey
and the whole city shuts down.
Yeah.
We're probably all not shutting down cities.
But if we can add more people, it's a value add.
And it's a no-brainer.
That's it, man.
That's it.
A real, a couple more things.
and we'll let you out of this sweatbox.
Just for a little programming note,
for anybody who hasn't figured it out,
our AC hasn't worked,
and as you're probably watching this,
currently you know this is like the hottest day of the year.
It is the hot, I think it is like the heat wave hottest.
Literally.
That would always work.
You know, what are you going to do?
Orell, you've also been the star of a lot of other media, right?
I've seen you in commercials.
You even did some Disney Plus stuff, right?
You want to just talk a little bit
about your career on that side?
As a speaker, you know, that's always been kind of my primary love.
But when you do speaking, it also can expose you to new people and new opportunities
because either they've seen one of your videos or they've seen you speak.
So the quick, funny story is someone saw one of my speaking videos.
I speak on a subject called Adult Development Theory that helps people build their people power.
It understands how do people make the decisions that they make based on this 60-year
body of research. So I've been speaking on that and really I've been speaking on what makes people
tick and I've been always interested in that modality. So an executive producer saw one of my
videos and was like, hey, have you ever thought about hosting a show? And I was like, what do you mean?
Like, you know, like Montel Williams. Yeah, yeah. Like host a show. And I was like, uh, I wouldn't be
opposed to it, you know? Sure. You know, so we actually went down this rabbit hole of pitching me to
host a talk show. Oh, wow. And it actually got so far
that I shot a pilot for Fox to host a show.
Wow.
Now, what happened as the pilot was completely finished and done and, you know, things were
looking pretty up, Disney bought Fox.
So a lot of times when someone buys something, mergers and acquisitions, projects get shelved.
Absolutely.
And that project, it got shelved.
But because I was in the world now, there was tape in the, you know, an opportunity
presented itself to host a show on Disney.
Plus called Family Reboot, which was produced by Kelly Ripa.
So it's one of those things where you never know what's going to happen.
And the funny thing, and I don't know if this is helpful for anyone, the video that that executive
producer saw that eventually led to the pilot, which eventually led to the show that was on Disney
Plus, maybe had like 2,000 views.
Wow.
Right.
So it's not like I came in as a viral sensation.
It was just the right content, right person, right time.
So that's why I put in, you know, I encourage.
people want to create. You don't know who's going to see it. And one conversation could change anything.
And that's how the show came about. I love that. I absolutely love that message. You know, that's
something very similar that we've tried to reiterate. Our man Dakota has tried to drill that message into
our head. Dakota, that boy, that's a content machine right there. He is, man. He is. And he knows
how to do it for his niche, you know, and he'll be the one that tells you. That same exact message.
You know, he doesn't need to go viral for, you know, for him, there aren't millions of people that
care about community solar.
But the people that do, are the ones to see it.
And that's helpful when you have, like, for example, if you're a professional speaker and
you get high fees, well, what's one speaking engagement worth?
Or, you know, if you provide a service and you get one long term, what's the LTV,
lifetime value of a client?
So if you actually look at it through the lens of what's one worth to me, I could, and like
Dakota, like, he's such an incredible guy because he's a great heart, great dude, but he's so
consistent.
And that's why I think he's going to win is because where other people go, oh, I put something
now it didn't get that much views. This was a lot of time and effort. Like, I'm going to stop.
The person who just keeps banging the drum eventually are going to have people listening.
And it's such as, it's so accessible to every human, but yet so few people actually are willing to just keep beating the drum.
Yeah. No, you're, you're absolutely right. I mean, this dude gets it.
It's, you know, we keep repeating the stat that something like 98% of podcasts don't make it to episode 20.
And the ones that do don't make it to episode 100 by the same percentage.
And it's that consistent.
You're absolutely right.
And so I'm just the more and more people say that, I'm more than happy to echo that message.
I appreciate that very much.
Arel, what's on deck for you in the future?
We've been talking everything you're doing.
What can we look forward to?
You know, I'm super excited about what we're doing on the speaking side.
You know, so my speaking company is really interacting with a lot of organizations.
So continue to speak, continue to do that.
Like, that's like, if you will, if you imagine a guitar player playing the guitar, they just want to play the guitar.
Sure.
So that's keep going.
But TalkaDat is really going in a really big way.
We're really excited about being able to take event planners who are like, I have a really specific need, search, budget, you know, with as many people as we have, being able to actually connect them.
And for speakers, to be able to have speaking engagements come to them and to be able to, you know, keep getting data so that they get more and more accuracy.
you know, we're really hoping to elevate the entire event industry.
If you think about how many events happen per day in this country
and how many speakers are hired per day,
considering how clunky and how difficult it is,
we really hope to elevate the entire speaking industry,
the entire events industry,
to make it a more up-to-date, more valuable,
using AI to summarize, to match, to find people.
I think there's just a huge opportunity in the event space.
And for us as individuals, imagine going to an event where every event has the right speaker.
Every event has content you look forward to versus like, oh, I got to like drudge through it.
Well, that's the main selling point in most of those events is the speaker.
It's speakers, it's connection.
Right?
That's why people go to conferences.
You go for networking, connection, and for content speakers.
And we think that the connection and networking is really solid in most events.
But the speakers, they're hit and a miss.
And if you don't have a good speaker, you know, we've had experiences with, you know, we're profound before, you know, talking about it was really, you know, where we would bring in a speaker.
Maybe they didn't land.
And then our members are like, you guys are falling off the boat, man.
This is not the quality we expect.
And you're like, oh, don't like, no, like, you know.
So like an event could either make or break an organization.
We know how much content and speakers are a part of that.
So we're super excited about that.
And we think that it's going to be, hopefully what everyone will say is extremely obvious.
once it continues to grow into what we hope it will be.
That's awesome, man.
I love it.
Arel Moody, hit the plugs, buddy.
Where can people find you?
Luckily, I'm only a Relo Moody in the whole world.
Nice.
So if you put Arel Moody, the Google will auto-correct you and help find me.
But LinkedIn is probably where I spend most of my time now.
So, Arrel Moody on LinkedIn.
My website is Arelmoody.com.
And our website is TalkaDot.com.
If anyone is a professional speaker, you can go to TalkaDot.com, get a free version of our tool.
We have a premium model so you can get it for free.
Start using it, getting feedback.
If you're an event planner and you are planning a conference,
are you a part of a committee and you're part of the planning committee
and you're like, oh my gosh, we've got to find a speaker.
We have specific needs.
Reach out to talkabout.com.
We 99.9% of the chance can find someone exactly for what you're looking for.
That's awesome.
That's awesome.
Orell, it's been a pleasure.
It's really awesome to have you here.
I love this for you, man.
I just want a quick, quick, Matt.
Please.
I love this for you, man.
I love this for you.
I think that you are.
You are creating a level of value and a level of consistency that is extremely important for our area and for our business community.
And keep being that drum.
There's few people who have the strength.
And what I realize is it's so much easier for people to talk about what they could do or talk crap in the comments than it is to do the work.
And you do the work.
And I just want to acknowledge you and see you for that.
That means the world, man.
I really appreciate that.
anytime you want to come back to Good News York,
even just to shoot the breeze.
But if you got something cool to talk about,
you are more than welcome.
We would love to have you.
I'd love to watch out what you ask for.
You might just get it.
Hey, anytime, my friend.
With that, we'll be back with more Good News York in a little bit.
Wow.
Welcome back to Good News York, sponsored by Ads on the Go.
Get Ads on the Go.com.
Mike Brindisi here,
the second segment of this week or this day's episode.
normally Matt is with me
he's passed out because we have no AC
we are doing this with no air conditioning
it is 86 degrees in here
and I thought what
what better thing to do when it's 86 degrees
than extend the episode and have a second interview
but I wouldn't want to do it with anyone else
than this gentleman to my left now
for people who know me no I've said on record
funny people are funny
I love funny people but the funniest
people to me are people that are funny without trying. And that is this man right here.
My favorite people in the world are the people that you can't describe where you go, you just
got to meet him. Graham, you got to meet him. I can't explain him. And that is this man, Mr. Graham O'Donnell
from Mel Tech Solutions. Oh, thank you. That was a little weak. It's only one of me clapping.
No, yeah, yeah. But the sentiment's there. Now, you've set a precedent that I like, have to be like,
no. No, that's what I mean. If you're just you, effortlessly. You don't have to try. You're just a very,
And I'm being sincere.
You know what I mean?
You're a very unique person.
You're very intelligent.
Obviously, you work for Maltech Solutions.
Mail tech solutions also being one of our clients here at Growth Mode.
You guys, you and Mike Lisey have a podcast called Hack Dysection, which we're going to be shooting after this.
And that's kind of how I got to know you.
Was you obviously coming on the podcast, which I think, are you a permanent co-host now?
Did you hack your way in?
Mike's not in yet.
Did I put you on the spot?
I guess I'm in.
Did we just make it?
Did we break news?
Well, your podcast hack dissection is, it's mind-blowing to me because the things you guys talk about,
you know, when we think when the normal people like myself think of IT security and hacking.
Sure, yeah.
We think of like the, we got a hack into the mainframe and, you know, and I know I'm going to go to DOS slashbacks.
You know, we don't know what the hell.
I need more time.
Yeah, I need more time.
What's that movie?
Spearfish, Kingfisher?
I don't know.
Well, either way.
But when I hear you and Mike talk about what you guys do
and Red Team and what is it testing,
penetration testing, and no, it's not sexual,
it's fascinating.
So talk to me a little bit about what is Maltax Solutions.
Talk about the company and how you got started.
Yeah, so that's funny.
Maltax Solutions is a lot of things.
it's a it's a consulting firm it so mike uh started it to kind of do his own thing and then he just
kind of uh he keeps tying on uh people and and so we we continue to kind of expand this the service
offerings as a result um so we do penetration you're listening to a podcast right now driving working
out walking the dog if you're in a podcast
chances are you have something to say too.
With RSS.com, starting your own podcast is free and easy.
Upload an episode and we distribute it to Apple Podcasts, Spotify, Amazon Music, and more.
Track your listeners, see where they're from, and start earning from ads just like this.
If you've been thinking about starting a podcast, this is your sign.
Start your new podcast for free today at RSS.com.
tests. Mike does a lot of web app and API testing. That was his big thing, right? Yeah, when you worked
at the, he's in the back. So I asked him to, you know, to stand in the back to give me some help here.
But so he does a lot of web app and API stuff. I do pretty much all the network testing, the internal
external network testing. We did an episode about physical security testing. We've got all the tools for
that. But there's also
like a development
arm of the company.
So, AppiSec,
you, it's the
API Security Education
and Certification Program. Okay, I thought you
just swore at me in Russian. I didn't
know what you just said. I'm glad you
clear that up. We
helped a lot with the
development of that course platform.
But that
wasn't me. That was Mike and this
other guy, Brody, right? He's
Right, Mike? That's his name, Brody.
Okay.
Is that correct?
So, you know, we do a lot of stuff like that.
A lot of CTFs for DefCon, the Red Team Village.
Mike is the president of Red Team Village.
Mike, you should be here.
No, no.
Come on.
You're here, buddy.
Sweating in front of the mic.
So let's tag out.
Let's go back real quick.
For those of you, because I mentioned it in the beginning, too, you said you do a lot of the penetration testing.
Yes.
Talk about that a little bit.
This is fascinating.
What exactly does that?
mean okay so pen tests are the their security audits and they essentially you have
some infrastructure it can be your building it can be your your cloud stack it could
be an API that you've built it could be your internal network environment pretty
much anything it be a wireless environment networks that you've provisioned
you know to have Wi-Fi around
office or something and you have some sweaty basement dweller like me or mike we're all sweaty
basement dwellers today we got no AC you they come in uh and they pull out all these esoteric tools
um and essentially you are trying to assess um the the scope the scoped environment you're
trying to assess it for for security gaps and then you see if those those
perceived gaps are exploitable.
If you can exploit them,
then you leverage that into whatever access
you can get from there
as kind of a proof of concept
to show the severity of the vulnerability.
And then you throw it all into a word document
and kind of, that's the deliverable.
So in layman's terms,
penetration testing is a way for you
just to find the holes in your security.
before you guys will help fill those holes, so to speak.
Well, hey, that's, you know.
No, actually, that's technically, our job is to find the problems.
Okay.
But we don't have necessarily the insight to remediate those findings.
We can advise on what we think you should do.
But at the end of the day, we hand our findings over to a blue team.
Okay. So right, like Mike, we talk about how we are like red teaming. So that's offensive. And then the blue team would be like the guys who actually, their full time job.
The offense and the defense. Yes. Their full time job is to monitor the network, monitor whatever environment, you know, security guards, you know, that walk around the mall, those are technically blue teamers. They're physical blue teamers, right? They're supposed to stop, you know, threat actors from coming in and, you know, stealing or.
Red team is the more fun.
The more fun, right?
You get to try to break in.
Maybe.
Yeah, it's definitely, it definitely gets a lot of hype
because it's like a very, like, glamorous,
sorry, Dan's, like, fanning himself.
I know, he looks like a super model.
He does it all.
He does this, and then when he does this thing right here,
where he goes.
Weird hair.
Oh, yeah.
Oh, it just gets me every time.
The Fabio Corp.
Yeah, please stop doing that.
Can you take another button down, actually?
It really helped me.
more comfortable.
There it is.
Oh, yes.
God, that's good.
That's good.
The chest of a bison.
All right.
Anyway.
It's, it's definitely more, it gets a lot more attention.
Red teaming gets a lot more attention because it's like, you know, it's like super hacker.
Yeah.
Like, oh, have you seen Mr. Robot?
Yeah.
So we all, all the idiots like us are like, I would love to try to break it.
Because Mike has shared some amazing stories about, I mean, the penetration testing isn't,
always just through like, you know, sitting at a computer.
Like he told a story about a guy that, and I'm probably, I'm paraphrasing Mike,
but basically a bank hired them to, to break into the safe.
They didn't, you know, and like leave with actual gold bars in their backpack.
So it can get insane.
What's the most fun you've had doing a pen test?
Oh, man.
I know you have fun every time, but.
Yeah.
I mean, we've already told this story, but I think my first.
Not on here, though.
Um, my first, like, big, uh, like big win was still the most exciting thing that I've done.
Because, like, I've gotten wins on, um, like other networks for, and I say win, it's never a competition.
Mm.
But it, like, it helps to get into that mindset when you are doing the work.
You want to be competitive.
You want to be aggressive.
You want to win.
Of course.
But then at the end of the day, you come.
into the room and you definitely don't want to have the attitude of like we beat you.
No.
Because like you're on their side.
Yeah, exactly.
Yeah, you're on their side.
You're doing, but that's what that's the best part though is even though if you're
successful and you're like, yeah, you're, I would say you're cheering a victory in that,
hey, we figured out where the hole is and now we're going to, we're going to fix it for you.
Yeah.
But my, so I think my first big, so I should I should preface this by saying like I didn't
study computer science in college.
So coming into this field, and this is like, I feel like this is a big problem, not necessarily
problem, but just like a big challenge of being in this field is that like the breadth of knowledge
that you can acquire is so wide.
Yeah.
Like the breadth of subjects in this field are so wide and each one goes so intensely deep into
like detail that you will never know everything about everything.
And so, like, you can be working in this field for literally decades.
Go to, like, a work convention and meet someone.
And you're just, like, blown out of the water.
Yeah.
Because you're, and you're just like, oh, okay.
Like, because, like, I am just forever going to be an idiot.
No, you're not.
Because there's so much, there's just so much to learn.
No, no, but you know what it is?
I'm so glad you said that because between how,
fast technology evolves and changes.
Sure.
Mixed with just the nature of this industry, I feel like every day, and it's a
cliche, but I feel like you're learning every day and every pen test, every job,
you're learning something new.
Am I, am I right?
Yeah, that's totally correct.
Yeah.
Yeah.
I mean, it's exciting.
There's never one same call or same job, I guess.
It is exciting.
Some days it's exhausting.
I'm going to be completely honest, because it's just like, some days if you're,
In a bad headspace, I'm just like, oh, man, I'm just always going to just, like, just barely have my head above water.
Yeah.
You know.
But then other days, it's like, I mean, you have to, you really have to be in love with learning.
Yeah, man.
To survive in this field and not burn out.
So, yeah, you have to fall in love with the process.
Yeah.
It's every day.
Graham O'Donnell, Meltech Solutions, he's got a podcast with us, hack dissection.
Yes.
I'm in love with that.
In fact, we're going to shoot an episode after this.
So growth mode content, that is one of our favorite clients.
Let's talk about the-
I thought it was like, are we at time?
No, no, no, no, no.
I just a little plug in the middle.
Sure.
So you're talking about all the testing and things like that.
One thing I did pick up on the podcast that I thought was a really great advice.
So I think the question was something to the effect of.
What would you give advice to people that are kind of in this field?
And you were like, if you're an IT person, learn about hacking.
If you're hacking, learn about IT, like, because it all helps each other.
Did I retain that correctly?
Sure.
I mean, I don't know if I said that.
I'm, dude, I'm leaking.
I know, bud, listen.
I know.
Can we get, can we get, can we get a book on that?
I guess you could hack the HVAC system.
We actually said that when you guys were coming.
We're like, if we decided to go forward with the shoot today, maybe they can hack the
HVAC system.
Because we're like, Graham's the kind of guy that'll be like, I'll be right back and go up on the roof.
But we'll see.
Don't do that.
No, HVAC tech.
Yeah.
I feel like you can do anything.
Yeah.
But anyway,
what were we?
We were talking about just when you're involved in IT at all,
you and Mike always said,
learn as much as you can about not just what you're doing.
Learn about the hacking.
Learn about, you know, blue team, red team, all that stuff.
Yeah.
Yeah.
And I think,
yeah, you can't break something unless you know how it works.
Exactly.
So it's like you, yeah, you do.
You have to, you're not going to be able to,
test and network. I think like learning about hacking, hacking is like a, hacking is not necessarily a,
a lot of people say like hacking is a mindset, right? Hacking is the like the attitude that you carry
with you into a challenge of like how do I break this system down and analyze the pieces and then like
how can I get the pieces of this system to behave in a way that suits my needs.
irrespective of the purpose that that system was built for, right?
And so, like, I think, like, you have to learn IT to become a hacker.
You can't provision a network penthouse if you don't know how network protocols work.
So I don't know if it's like learning hacking is not something that you really, like, a lot of people like to fixate on, like, the practice of, like,
provisioning a penetration test or exploiting things.
And that comes, those skills are actually quite simple.
I'm not, they can get really technical.
Sure.
But like at the end of the day, it's just bookwork.
Sure.
I think like a big part of being a, like a lot of blue teamers are hackers.
You know?
Right, right.
They're not running like offensive engagements for,
living, but like blue teamers come up with CVEs, like exploits that, that push the field
further because they are like, they are working with the defensive equipment and they're
steeped in their own network for such a long time that they get a much better view of, of, the
environment and the technologies. And so then on their off hours, you know, they've been like,
well, I've been staring at this monitor for, you know, a hundred,
hundred hours this week and I noticed something weird and that that's what it takes.
It's just like that kind of time.
To make a sports analogy, it would be like, you know, you're at training camp and you're
an offensive player.
You still know how to play defense.
Yeah, you still know how to defend a pass.
And in fact, because you know how to catch a pass helps you learn how to defend that
pass.
Yeah.
You know what I mean?
It's kind of that same mentality.
You have to have one.
You can't have one with the other.
And I think this ties back into what I was trying to say with the red teaming, blue teaming
thing is that like red teaming is gliming.
And so a lot of people think it's like the cool field.
Yeah.
Like when you go, when I go to DefCon, I tell people that I'm a pen test, they're like, oh, wow.
But it's like blue teaming is just as exciting and just as necessary, if not more.
Blue team jobs like network maintenance and network security, like defense, sim operators
and stuff like that, those jobs outnumber red teamers 10 to 1 in the industry.
Absolutely.
So they are, they're critically important.
And I'm not really that great at it, which is why I'm on the offensive side, but that is like the zone of genius for many people in this field.
And I think that it has the potential to be just as exciting, the forensics and like the digging around.
Like if you love the chase, that's what you're doing all day.
You're the cat and the cat and mouse game.
This is awesome.
You know?
See, this is so great.
And I feel like this is a hack question.
and it was like the first thing I asked Mike,
but you guys have not been on Good News York yet.
Well, actually Mike has, but you have not.
And I feel like the viewers are at home thinking this.
This is the question.
What, so the guys that are out there that are actual hackers
and that cause all these issues that we hear about?
Sure.
What is the motivation for it?
Is it pride?
Is it a financial thing?
Is it a mixture of both?
What makes someone get up and go,
I'm going to mess with everybody today and ruin some lives?
I think threat actors are motivated by,
a lot of different causes.
That's a very,
that's a very case-by-case thing.
Excuse me.
A lot of times it's financial.
People need to make money.
Ransomware gangs.
We now have seen ransomware gangs
that operate the same way
as like a modern office.
They have a building,
they go in,
they have like quarterly bonuses,
you know?
Wow.
They run it like a company.
Yeah, is that literally like a company?
I always thought it was more of a freelance gig
where it's like, I'm going to fuck with this person today.
I mean, yeah, you would think that, but you would think that because like,
hackers in popular culture are portrayed as like one guy in a hoodie.
Sure.
Off somewhere.
But like, it takes a lot of man hours to, I mean, if you think about Google or meta,
any sort of like software development company, they build products.
And like, software development is like difficult.
It is labor intensive. It's not labor intensive the same way that like building an apartment complex is, but it's like it's mental work. And you have to have like a conglomeration of minds to be able to build an effective product. And so like flying solo is it makes it very difficult to take down big targets. Especially hacking is like it is a humans are persistence hunters.
Right?
Like you follow the mammoth until it gets tired.
It lays down.
You poke it to death.
Everybody eats.
Hacking is just as much like a persistence hunt as like hunter-gatherer kind of.
Wow.
You know, it takes a lot of observing.
It takes time.
There's a lot of waiting.
You're stalking prey.
You're waiting for an opportunity.
You're sending, you're doing all of this research.
to find exactly who to send this email to how to format it.
When?
Exactly.
So that it doesn't get blocked.
What's going to give you the highest chance of a click and then you get in?
And if you, if you, once you get a foothold onto the network, again, you have a bunch of
defensive guys, right?
Their whole job is to look for anomalous behavior.
And so everything, the more complex in operation gets, the slower you need to move.
Interesting.
Because if you have, if you're a ransomware gang and you're in a Fortune 500 and you're, you're getting in off one email, right?
You have one workstation that you've compromised.
You need dwell time.
That's what it's called.
That statistic of how long a threat actor is able to persist within a network before discovery, that's dwell time.
And the longer you have that, the greater access you're going to be able to get, the more damage you're going to be able to do.
Dude, this is awesome.
That's amazing.
That's what a great explanation.
That's fascinating.
Yeah.
So Graham O'Donnell, we're here.
Maltek Solutions is the company.
Let's talk about the podcast before we go.
So you guys shoot a podcast with us called Hack Dysection.
It's absolutely, it's one of my, I got to say one of my favorite.
It's fun.
It's awesome.
Let's talk, tell the folks, what can we expect with Hack Dysection?
What kind of topics do you guys discuss?
What do you got coming up?
I don't know.
Well, that's a lie.
I do know.
I'm on it.
Dwell time.
He's got to figure it out.
Yeah, exactly.
Persistent.
I sound so smart.
Yeah, that was very good.
That was very good, right?
Yeah, yeah.
We talk about IT topics, security IT topics.
The podcast is called hack dissection.
Yeah.
So most of the time, that's what we're doing is we're discussing a hack, breaking it down.
But I think it's more of a general approach.
to offensive security.
I know our upcoming guest
is talking about a book
that he's released. We're probably going to talk about
AI. Nice.
Assisted penetration testing, stuff like that.
We do have a guest coming up
who we're doing a whole
segment on AI vishing
which is like
you build a deep fake of someone
their voice or
maybe their likeness and then you
present that to
a victim.
them and to try to fool them. You know, that's like a new, a big, the hot new theme. Yeah, I've
heard. It's scary. Yeah. People's like kids saying I've been kidnapped. Exactly. I mean, that's
awful, dude. Yeah. So we're going to do a whole segment on that. So it's a lot of, it's just a lot of, like,
cutting edge offensive security breakdowns. Awesome. You know, taking those kinds of topics and bringing
them, just translating them into a more accessible vocabulary. Awesome. I remember there was an
You were like carrot top.
You were pulling out all these devices that could unlock doors and stuff.
So you can look forward to that too.
Hack dissection right here at growth mode content.
It's a phenomenal podcast.
Graham, you are one of a kind.
Before we go, any plugs, anything you want to, websites, events, anything.
Oh, man.
Yourself?
I don't know.
I don't know.
I wasn't prepared for that.
That's okay.
We already did the plug.
I worked from Altech.
That's pretty much all I do.
Well, listen.
Graham O'Donnell, you are.
one of a kind human being and you're a genius
and I thank you for coming on Good News York.
Check Graham out.
He works for mail tech solutions.
You need anything regarding
IT security, Mike Leasy and the crew.
They're the ones you call.
And check out their podcast.
Hack dissection.
Graham, thanks for coming on the show, buddy.
Yeah, thanks for having me.
Yeah, and we'll be back tomorrow here on Good News York.
Sponsored by Ads on the Go, get Ads on the Go.com.
Get Ads on the Go.
Get ads on the go.
Welcome back to a bonus segment on Good News York.
I am joined by my favorite person on the planet other than my daughter.
This is my son, Parker Brindisi.
Parker, welcome to the show.
You are on Good News York.
How do you feel about that?
Presented by Ads on the Go.
How do you feel about that, buddy?
Feel good?
I mean, yeah.
Yeah.
So tell people.
You're really into baseball now.
Yes.
And you just got done with your season.
Talk about your first T-ball season.
How do you think that went?
Great.
Really great?
Yeah.
You were slugging it, man.
You, I have a compilation of all you're at-bats,
and every time you hit a bomb.
And you and I have been working in the yard on your defense, right?
What have we been working on?
Pop flies, grounders.
Yeah.
Pop flies and grounders.
And who's your favorite baseball player?
No, I gotta say it all the time, Aaron Judge.
Yes.
And my father-in-law, fun fact, said when I asked if I could marry his mother,
he said under one condition, if the kids are Mets fans, because I'm a Yankees fan.
Well, they're Mets fans, my daughter and my son.
But my son does like Aaron Judge.
And that's okay.
Because I always said, I'm not going to tell you who you have to like, but I'll tell you who you can't like.
and that's the Red Sox.
Other than that, fair game.
Before we go, what are some other things you're into?
You like WWE, right?
Well, ever since baseball, you're kind of getting out of it.
But who's your favorite wrestler?
Wrestler?
No.
I?
Well, who'd we meet?
We went to wrestling.
We met who?
Oh, yeah, Cody Rhodes.
Cody Rhodes.
That's your guy.
Yeah.
But then there's an old timer that you love.
Who's that?
Hulk and Under.
Hulk and Undertaker, yeah.
They're amazing.
Well, before we go,
will you want to promote anything?
What do you got coming up?
You want to talk about?
We're going to be doing flag football soon.
I got a hard-hitting question, actually.
Who gave you your good looks?
Your mom or your dad?
You know, good looks.
Good looks.
You know, I don't know.
You don't know?
I'll tell you.
Your dad.
I'm kidding.
Your mom's beautiful.
I gave you your...
Yeah.
Your comedy wit.
Yeah.
I think.
All right.
Anything else you want to chat about?
Before we go, we got to get our shoot going here.
Yeah.
Go ahead.
Well, I need to talk about that.
Speed it up because it's 86 degrees in here.
We got no AC.
What you want to talk about, buddy?
I don't know.
Well, you wanted to come on.
Come on.
Now's your chance.
Promote it.
Okay.
All right.
Okay.
Who's your favorite band? Let's do that. We'll end it there. Come on. You and I love them. We watch them every day. Say it. Metallica. Metallica. You have a favorite Metallica song? What is it? Screaming suicide.
Oh, Jesus. Screaming suicide is the one you choose? I look like an awesome parent. That's my cue. All right, Parker, thank you for coming on Good News York. I love you more than anything. And any last words?
No.
All right.
Thanks for tuning into this bonus segment of Good News York brought you by ads on the go.
Parker Brindisi.
Awesome, dude.
You're listening to a podcast right now, driving, working out, walking the dog.
If you're into podcasts, chances are you have something to say too.
With RSS.com, starting your own podcast is free and easy.
Upload an episode and we distribute it to Apple Podcasts, Spotify, Amazon Music, and more.
Track your listeners, see where they're from, and start earning from ads.
just like this. If you've been thinking about starting a podcast, this is your sign. Start your new
podcast for free today at RSS.com.