Cathy Ullman: The Power of Active Defense

Download MP3

About the Guest:

Cathy Ullman, known in the cybersecurity community as Investigator Chick, boasts an impressive 24-year tenure at the University of Buffalo where her expertise spans across digital forensics and incident response. She has not only made a mark with her significant work in tech support but also holds a leadership position in organizing significant conference events such as summer camp. A celebrated author, Ullman recently published a thought-provoking book that delves into the intersection of offensive and defensive cybersecurity strategies.

Episode Summary:

In this episode of the Phillip Wylie show, listeners are treated to an intimate conversation with cybersecurity expert Cathy Ullman. The talk traverses Ullman's storied path which veers from a unique childhood surrounded by pioneering computing to her two-decade-plus stint in university cyber security. Along the way, Ullman offers a peek into the heart of her recent book, which urges a mindset shift in cybersecurity defense by taking cues from offensive tactics.

Ullman reflects on her early days in tech support, leading to her current specialization in digital forensics and incident response at the University of Buffalo. She discusses the value and rigorous nature of certifications such as the IAsis and the doors they've opened within her field. The conversation turns to Ullman's enlightening journey into the offensive side of cybersecurity, captured in her new book "The Active Defender." Ullman makes a compelling case for why understanding offensive strategies can fortify defense mechanisms within the cybersecurity realm.

Key Takeaways:

Cathy Ullman's Emergence: From a childhood surrounded by computing, Cathy's journey is emblematic of the organic evolution into the cybersecurity niche.

Higher Education in Cybersecurity: Ullman underscores the benefits and stability offered by her long-standing role at the University of Buffalo and the profound learning and growth it has facilitated.

Digital Forensics Certification: Cathy shares insights into the invaluable expertise and depth gained from the digital forensics and incident response training with IAsis.

Cybersecurity Community Engagement: The significance of attending and participating in events like B sides for professional development and networking is emphasized.

Understanding Offensive Security: Ullman explores the perspective that comprehending offensive techniques enhances defensive strategies, a central theme in her latest book.

Notable Quotes:

"And I took SANS classes on forensics before I had the IACIS background, and it did not go well."

"Understanding how offensive security folks think, because if you understand what they do and how they think, then you can be better as a defender in terms of your own defenses."

"I've been there 24 years, and I've had the opportunity to kind of grow into different spaces within that without having to jump ship."

"It was a matrix moment, you know, the blue pill, red pill thing, where I suddenly realized, hey, there's this whole other world that I was missing out on."

"Everybody wants to share all the cool things with you. The excitement is palpable when you go to these conferences."


Cathys Twitter: @investigatorchic

Cathy's LinkedIn:

Cathy's book: The Active Defender: Immersion in the Offensive Security Mindset

Cathy Ullman: The Power of Active Defense
Free Podcast Website provided by