Episode 5

full
Published on:

16th Jul 2025

Understanding Identity Threats in Cybersecurity with Filipi Pires

In this episode of the Security by Default podcast, host Joe Carson speaks with Filipi Pires, a cybersecurity expert with a diverse background in both technical and sales roles. They discuss Filipi's journey into cybersecurity, the importance of identity in security, and the challenges organizations face with misconfiguration. The conversation also covers tools and techniques used in cybersecurity research, the significance of observability, and the need for continuous learning in the field. Filipi shares insights on community engagement and the importance of respecting the journey in one's cybersecurity career.

Takeaways

  • Identity is a central theme in cybersecurity.
  • Misconfiguration is a leading cause of security issues.
  • Continuous learning is essential in the cybersecurity field.
  • Tools should be used to understand techniques, not just for their own sake.
  • Community engagement is vital for knowledge sharing.
  • Phishing remains a simple yet effective attack method.
  • Legacy software poses significant risks to organizations.
  • Observability is crucial for effective security management.
  • Respecting the journey in cybersecurity is important for growth.

Chapters

  • 00:00 Introduction to Cybersecurity Journey
  • 02:49 Exploring Cybersecurity Research and Trends
  • 05:32 Tools and Techniques in Cybersecurity Research
  • 08:34 Learning Through Capture The Flag Events
  • 11:28 Identity Threats and Misconfigurations
  • 14:16 Legacy Systems and Their Impact on Security
  • 25:40 Understanding Use Cases in Security Permissions
  • 27:36 The Principle of Least Privilege
  • 29:31 The Complexity of Identity Management
  • 30:28 Challenges in Observability and Access Control
  • 32:16 Navigating Multi-Cloud Permissions
  • 34:07 Tools for Enhancing Security Visibility
  • 36:14 Continuous Learning in Cybersecurity
  • 41:53 Community Engagement and Knowledge Sharing
  • 45:32 Respecting the Journey in Cybersecurity
Next Episode All Episodes Previous Episode

Listen for free

Show artwork for Security by Default

About the Podcast

Security by Default
Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends.
Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends, real-world threats, and practical advice for staying safe in the digital world. With insightful interviews and clear explanations, Joseph makes complex topics accessible for both IT professionals and curious listeners alike.

About your host

Profile picture for Joseph Carson

Joseph Carson

I am a distinguished cybersecurity professional with over 30 years of experience in enterprise security and infrastructure.

Throughout my career, I have been an active contributor to the cybersecurity community, serving as an educator, ethical hacker, and speaker at global conferences. I hold both the Certified Information Systems Security Professional (CISSP) and Offensive Security Certified Professional (OSCP) certifications as well as advise various governments, critical infrastructure organizations, and industries such as finance and transportation on cybersecurity matters.
I am the author of "Cybersecurity for Dummies," a book that has gained global recognition for helping companies integrate people, processes, and technology to strengthen their defense against cyberattacks. The book has over 50,000 readers worldwide and provides a straightforward approach to understanding cybersecurity.

In addition to my writing, I have authored numerous articles and research papers, contributing to publications such as The Wall Street Journal, USA Today, Dark Reading, and CSO Magazine. I also host the bi-weekly podcast "Security by Default" which offers insights from leading cybersecurity experts and discusses best practices for navigating security challenges.
I am dedicated to educating the next generation of cybersecurity leaders and his commitment to building a safer internet have made him a respected figure in the cybersecurity community.