Security Chipmunks
Security Chipmunks
From Abacus to Agentic AI: How Technology is Transforming Our Security Landscape with FedX
Ever wonder how cutting-edge AI is transforming cybersecurity from the inside out? Security analyst Federico "FedEx" Castro pulls back the curtain on how innovative professionals are leveraging artificial intelligence to revolutionize threat detection and response.
FedEx takes us into the fascinating world of custom GPT agents, showing how he's created specialized tools that instantly process vulnerability information and generate tailored reports for different stakeholders. Far from theoretical discussions, this conversation delivers practical insights about implementing AI within security frameworks while navigating organizational data policies. "AI is a tool," FedEx emphasizes. "If you don't type the right input, you get a bad output."
The discussion ventures beyond technology into the human elements of cybersecurity. FedEx candidly shares how his neurodivergent thinking patterns create both unique challenges and remarkable advantages in security work. "It's a struggle, but it's a superpower at the same time," he explains, describing how ADHD traits like hyperfocus and pattern recognition help him excel at threat hunting and anomaly detection. His perspective offers a refreshing reminder that diversity in thinking styles strengthens our collective security posture.
With phishing attacks becoming increasingly sophisticated through AI assistance, security professionals must continuously evolve their skills and knowledge. FedEx shares valuable insights from cybersecurity conferences and technical workshops, emphasizing the importance of community connections for staying ahead of emerging threats.
Ready to enhance your security toolkit with AI capabilities? Want to better understand how diverse thinking styles contribute to stronger security teams? Listen now for practical guidance from someone who's walking the talk at the intersection of AI and cybersecurity.
Socials
- Join our Chipmunk community Discord server: https://discord.gg/9yfWP6evYQ
- Follow us on Twitter: https://twitter.com/SecChipmunk
- You can find us online at: https://securitychipmunks.com
is from a cooperative project for acquiring skills essential to learning.
Speaker 2:Welcome to the Security Chipmunks podcast, where we keep chipping away at it. I'm Edna Johnson. I'm here with my co-host, neil Smalley, hello. And today we have our guest, hello, hello, welcome, fedex. We're so glad to have you.
Speaker 1:Glad to be here.
Speaker 2:Yeah, would you like to say a couple of words about yourself?
Speaker 1:Sure thing, my name is Federico Castro, but I actually known and go by FedEx everywhere on socials and you'll find me anywhere. That's FedEx, that's kind of my nickname and I made it into my brand. So yeah, I'm a security analyst for a company right now, but in reality I'm just a technology networking, cybersecurity enthusiast that is always, always trying to stay ahead and like what's new, what can I learn? And always learning.
Speaker 2:It's a non-stop and learning journey I know I always see any conference I go to, doesn't matter if it's local or if I'm playing. You know, out of state I run into you.
Speaker 1:You're everywhere now so I've been told, I've been told that I'm everywhere. And yeah, I, I mean I'm. I've been told, I've been told that I'm everywhere. And yeah, I mean, I've been lucky enough to be able to participate in several conferences recently. But yeah, I, just I think this is a great way to actually learn it, at the same time networking, you meet individuals from all kinds of backgrounds and all kinds of history. So I do enjoy, when possible, going to a conference.
Speaker 2:Yeah, that's great. So I wanted to ask you about. You know, there's a lot of emerging technologies in our field and lately it's been particularly AI field and lately it's been particularly AI. So speaking of, like artificial intelligence and maybe machine learning, how do you think that like influences cybersecurity strategies nowadays?
Speaker 1:Well, so AI is not something new. I mean, we've been dealing in cybersecurity way I back in the 70s and so the what is actually new is the agentic AI, the this AI that is actually reasonable, that the people can actually type in and and now get a response back, and that's what's actually was changing. So I it is really changing a lot because I mean, think about it, when I was actually growing up, I think I did math doing with an abacus and you know, you kind of little fills to one side and now kids uses calculators, I use a typewriter, now my kids use computers, and so it is changing. You know, I think that the AI technology is going to change the way we do our day-to-daily tasks.
Speaker 1:I've been actually recently taking a couple of courses from Jason Haddix in Arcana Security and you know if I think that I've been doing something with AI, the guys that are there taking those classes and the quality of teaching on those classes are just way beyond my time. There's a lot of technology. I think it's just going to revolutionize the way we do our things. Now it's not going to replace the human being, but it is definitely going to make us more productive if we know how to use the tool because, at the end of the day, ai is a tool tool because, at the end of the day, ai is a tool.
Speaker 2:That's very true. How is the class with Jason Haddix? I've heard great things.
Speaker 1:Well, jason has developed a methodology where he actually goes. I mean, if you ever had the opportunity to sit down with him and see his classes or actually see his talks, you'll know that he's probably one of the persons that, at the last minute, he's making changes, because technology, for instance AI, is so revolutionary that it's happening so quite often that he's making changes as he goes sometimes, and so Jason is trying to keep up with everything that is new. He's bringing new insights, he's bringing in his methodology. He actually does share his methodology with the people in the class, which is something that you don't see a lot of people to do. That, I mean, I've been in classes where you know you're going to learn a curriculum, but with his classes, you're going to learn the curriculum. It's going to be an open conversation. So if you've got a question, please interrupt me. If you've got something to say, please bring it. If I don't know the answer, we're going to search it together, and so it creates a really great environment for you to learn and actually make desires.
Speaker 1:Out of the last class that I just finished last week with him, I decided to start creating my first GPpt agents, which I have played with chat gpt. Here and there I definitely had used it to correct my spanglish, but now I actually created a chatbot or an actual bot that will pull um. It will actually will help me to get informations on CVEs and compile all in one response. So it's just going to make my life more easy when it comes to the Tuesday patches, because I'm just going to dump the CVEs into the chat bot and it just going to give me a lineup and percentile and EPSS score and even it's actually I can give you a demo on it but it will actually drop down a summary for CISOs and a summary for regular users. So it's just going to make my reports faster.
Speaker 2:That sounds really interesting. Faster, that sounds really interesting. I love that you're thinking about also delivering reports to upper level management and making it so that it fits for their needs as well, and that really helps you stand out as a security person when you're able to deliver those reports. Security person when you're able to deliver those reports to your C-level suite yeah, that's brilliant.
Speaker 1:I actually, specifically today. I went back to work today and I started working on integrating that bot into an ecosystem, because every company is going to tell you we can use AI. Some companies will tell you no AI, some companies will tell you, yes, but here's what we can use. Now we know the chat GPT is an open model that you know whatever you put in there is going to stay in. You know open AI is going to see your stuff.
Speaker 1:So you really don't want to put any proprietary information or company information on open search. You want to make sure that you keep that as a secure person. You don't want to reveal the secret sauce or actually spill the beans or get fired because you just, you know, put the improper information on that open source. And so, um, we do have a co-pilot integration, we do have co-pilot and microsoft that stated that they're going to keep all your data secure under the micropilot environment.
Speaker 1:So I actually went and create an agent because that's how they call it in Copilot, they call it agents, but that's the same thing and test it out. And when I presented it to my boss he was like whoa. He was kind of like, okay, I like this, what else can we do so? He was already asking for more, and the reason why he asked for more is because he said okay, so how can we integrate some of the tasks that we do to do manually, to get these agents to work, and if you actually have been keeping up with the AI technology, last week something new came out. It's called MCPs and that is going to make AI and the agentic AI go to the next level.
Speaker 3:Absolutely. There's already a Gidra plugin for it. I believe Somebody made it.
Speaker 1:Well, and I've seen a couple of videos. I mean, all the influencers and people started creating the videos about NCP, ncp, ncp, and people started creating the videos about NCP, ncp, ncp, but it's not something that I've seen someone pull it out together yet and working, so we're still testing those waters. However, daniel Missler, the creator of Fabric, has been talking about this concept since 2016. It might not call it NCPPs, but he called it the I think in his work when his white paper. It was the demons and it's basically how it's all API connected, how your agent or your demon or your MCP server is going to talk to another MCP server that's going to do X, y and Z, and so it's going to come to the point where you're going to need a task and let's just say that I'm going to say, well, I'm going to need gas tomorrow. So my NCP already know hey, fedex is going to need gas tomorrow. Let's pull out what is the prices on gases and what's the desirable route, and he's going to go to work on this route. So I'm gonna tell him this and and so he's gonna immediately go and act out and ask to the other mcps and it's gonna be automatically. That's gonna make our life more interesting. That's gonna make our life more uh, we're gonna become a little bit more, um, efficient.
Speaker 1:You know, I just think that the technology is amazing. At the end of the day, it is still a tool and just like a tool, we need somebody that operates it, somebody that learns it, and if you don't type the right input, you get a bad output. Same thing as using a calculator. You can have the most expensive calculator in the world, but if you don't know what kind of formula you enter, you will not get the right results. And that's the same thing. I see AI. You have to be able to use the tools in order to get the results.
Speaker 2:Exactly. Well, that's brilliant.
Speaker 3:Certainly.
Speaker 1:Now have you actually worked?
Speaker 2:or experimented with AI. I haven't done much myself. I've ran some queries on ChatGPT and I've done some work with the AI honey bots. But putting together custom prompts like that, not really you know, and that's the thing I like.
Speaker 1:I say I thought I actually knew something and I was doing the same thing, and then it's when you get to these classes that you realize, wow, there's, there's so much potential to tap in that we are barely barely touching the first layer of what the systems can do for us. And yet it's not a new technology, it's a really old technology. We just started exploring it more and more, and now the computational capacity or computers are becoming more powerful so it can run this type of models and stuff. So I just I'm fascinated, fascinated by the possibilities in here.
Speaker 2:Awesome. Glad to hear it.
Speaker 3:Very cool, so I had originally come across you. I think you had done an interview with Carla over at Greylog. I think it was like DeathCon or something, so that's how I originally found out about you, that's awesome.
Speaker 1:So you probably saw it in my YouTube channel. Yes, yes, I have a small YouTube channel that I post videos here and there. As Enda mentioned, I do go to some conferences and when I go to the conference I take the advantage and just talk to the people. I guess I'm a little bit I'm an introvert on an extrovert when it when it comes to uh, uh, those things, because I mean I do need my time for myself. But, um, yes, that that con detection, threat hunting engineering conference is one of the best conference I ever gone for technical workshop. So this was not much of one of those conferences that there was a lot of networking, even though there was networking involved. This was a technical 100% beautiful. I mean I can't wait for the tickets to come out to 2025, so I can immediately pay for it. Because, talking about stuff that you learn, I mean I can't wait for the tickets to come out to 2025 so I can immediately pay for it. Because, talking about stuff that you learn, I mean it was red, blue, purple People put in the workshops and Carla was one of those persons that had a workshop on Greylock and had to set up a Greylock store and had to actually get logs, and so she did.
Speaker 1:She created a whole workshop and she was there present and I mean I'm telling you that was the first, actually, time that I experienced with Rayla and I had some issues setting up the box, but she was right there, they were there with you and so she was like, oh, you know what, let's just fix this, this and let's try this and make sure you got this one to a distro, and it's just nice. I mean it was a learning experience for sure. It was super packed. I mean I got to tell you two days it was not enough for all the type of material that was there. Now there is one of those things about that conference. It was that they actually left the workshops open longer than the two days only so you can, if you are a disciplined person and you had the time, you can go back and, you know, take more time and follow the instructions. And even the workshop leaders were still available on the Discord to answer any type of questions that you might have or come across.
Speaker 3:Yes, my favorite capture the flags are the ones that leave the challenges up even after it's over, so you can go back and work on the ones you didn't have time for.
Speaker 1:Yeah, et and I recently participated on a vision competition CTF and while I did not get all the flags, it was something that I wished they would have left it open to go and keep trying, because I think it's the first time I've seen it. It's a vision competition, so it's AI. You're attacking the AI, but it's a CTF competition voice prompted. So there was no, all hacking was done through your voice. All hacking is, you know, you actually doing like human hacking, but I guess it's an AI right now. It's a machine, but yeah, it's just different.
Speaker 2:Yeah, that was a fun competition. Yeah, the guys at Red Sea, it was awesome, they did a great job with that, yeah, so that kind of brings me to my next question. So what's the next conference that you're going to go to?
Speaker 1:To tell you the truth, I just looked at my calendar and I believe I'm actually going to be in a conference next week Next week Already. Yeah, I just realized that today. I need to verify it and make sure, but I think I'll be next week on Novi4Con.
Speaker 2:Oh nice.
Speaker 1:Yes, that should be good. So, as you know, knowbe4 is a company that is one of the biggest companies for user training, user behavior training and phishing training. I think a lot of the companies use them. I mean there's still other competitors there too, but it's either I think it's Proofpoint or I think that's the other company and then Novi4, I think that's the two biggest ones that does this kind of training. There's other companies in between, but they'll put in their conference soon and since we are a shop that used Novi4, then we'll be going in there to learn and see what's new. Going in there to learn and see what's new. 90% I mean all the reports that's coming out recently on cybersecurity. They all agreed that almost 90% of the attacks and breaches in cybersecurity are done because of phishing. So it's always good to try to stay ahead of the curve and I got to tell you with AI you're not finding that misspelling. You know Kino, nigeria, sending you the emails anymore. They're really getting crafty.
Speaker 2:Yeah, and those that are doing phishing. They now have access to chat GPT. So if they had language barriers writing those emails, they now have the tools to make them better.
Speaker 1:So all the emails are leveling up.
Speaker 1:Yeah, and even creating code. I mean, if you struggle writing in Python or JavaScript or even PowerShell, you can use the AI language model and say, hey, I'm looking for a script that does this and this and I wanted to read it in this language and it will write it down for you. Then you can test it out and you can make corrections. So I mean it's leveraging the tool to make yourself more better. I believe 4.0,. I think 4.0, what is it? 4.0. The ChatGPT 4.0 model actually does better for coding and everything. It can check your code. It can tell you where you have any issues. There's other companies right now that actually in doing code revision and implementing ai, so now the ai will tell you where your script is failing. As you're writing the code, I'm telling you it's revolutionizing the way we work.
Speaker 1:It's revolutionizing the way we work. But if it's not, this is a vendor conference, so the next one, really, I think it's going to be Hackspace Car. Oh nice, I'll be there too. Yes, I submitted for volunteering this time, so hopefully you get me accepted and I'll be there volunteering, so maybe you see me there telling you it's this way.
Speaker 2:Yes, that'd be great.
Speaker 3:Definitely seems very popular. I heard lots of people talking about that one.
Speaker 1:I've never been there. They said it's amazing, and especially the fact that it's the only conference that you actually get to go one day at NASA, like the first day it is actually done in NASA. It's just amazing.
Speaker 3:So cool.
Speaker 1:Yeah, it is cool. It does get the geeky out of me.
Speaker 3:So I noticed on your profile you have a neurodiverse. How's that been a part of your journey and where does that fit in?
Speaker 1:That is the struggle and a superpower all combined at the same time. Um, when I was dating, my wife actually, yeah, dating. And when we got married, my wife actually has a master's in mental health, counseling and psychology and all this other stuff. So, you know, it's just like man, you need to actually get diagnosed, you need to get help because you're all over the place. And so, yeah, I got diagnosed and they're like, oh yeah, you have ADHD man. And so, yeah, I got diagnosed and they're like, oh yeah, you have ADHD, man, you need medication, you need to be able to do this thing.
Speaker 1:And I was like you know what A lot of the things make sense now, why I struggle so much, but at the same time, how other things came so easy for me. You know how can I learn things faster or how can I actually pay attention to two or three things at the same time? And one thing that I have learned in here in cybersecurity is that a lot of people that I know are either neurodivergent or there's some sort of a spectrum, and the reason why we excel in cybersecurity is because we have that brain that takes a little bit different. We have that ability to actually being able to pay attention to a dashboard while doing something else at the same time and something caught my the corner of my eye and I'm like, okay, let me look at this thing, or we have that investigative eye or that desire to go and dig, dig deeper in that rabbit hole and then we go into those maze and look for those needles on the haystack, and that's what makes us really good at bluthing, at defending or at learning a new skill.
Speaker 1:At the same time, it can be a curse. Why? Because I can spend hours on the computer and then realize that I haven't sit and stand up for just to give my body a break or to drink water or to even go to the bathroom, and that's kind of one of those things. It can be addictive, it can be. We can get super hyper focused, but it is definitely one of those things that I think it comes hand to hand, and I've seen a lot of people in cybersecurity mention things like that. I mean, for me, like I said, it's a struggle, but it's a superpower at the same time.
Speaker 3:Very true.
Speaker 2:I can relate with that a lot. So yeah, thank you for sharing.
Speaker 1:Oh no, of course. One of the things is I've been open In my company. I'm super open with my boss and they know, especially I think it was a couple of years back there was a shortage of medication and while I did not struggle to do my job, I struggled to stay focused on tasks because I didn't have my medication. You know, and they knew. They're like have you had your medication? I was like, no, I'm like, oh, okay, you just be open and tell your struggles because, at the end of the day, people know you need to be real and tell them hey, this is what I'm struggling with.
Speaker 1:If you see me doing this, please correct me, and that's you know. That's one thing I told my boss. If you see me doing interrupting you, for example, please correct me. I'm not gonna get offended because you're correcting me. If I'm interrupting you because I'm too passionate, too excited, I'm actually guiding the conversation to, you know, to what it doesn't need to be at this moment. I'm not staying focused on track, and so I think it's just it's come with the whole FedEx package, you know, and that's what I tell everybody, that's the whole package.
Speaker 2:Yeah, I like that. I like how you put it. It's the whole FedEx package, I know.
Speaker 1:Sometimes it can be. I do know for a fact that sometimes I can get on my wife's nerves. For that it's just like oh God, go drink your medication, yeah. But yeah, it's just one of those things I don't know. It's a struggle, but at the same time you start learning how to live with the struggle and you keep pushing through.
Speaker 2:Yeah, so do you have your number one tip for something that you think our listeners should know, something they should keep in mind?
Speaker 1:Never give up. Yeah, you know, when I was a kid and I was learning how to walk, I think I fell many times. Now I might not remember, but I'm sure that I fell and I stand out many times. Same thing when I was learning how to drive a bicycle. And same thing when I was doing something for the first time. So I take that mentality to everything I do. You might not be the best at first and you might struggle and you might actually fall, but just don't give up, keep going, because at the end of the day it is you, and only you, that can get you up and continue, and it's you that you desire. That's gonna make the difference. If you just give up, then that's it. But if you keep going, you might realize it's not something that is for you, but at least you didn't give up. And so I applied that to everything in life. And you might realize it's not something that is for you, but at least you didn't give up. And so I applied that to everything in life.
Speaker 1:I am a horrible, horrible tester. I have testing anxiety, I struggle doing that and right now I'm making myself take the studies, guys, guys, and doing testing because I want to go get a certification and I'm pushing myself through. So will I fail? I don't know. We'll see. I'll let you know if I pass my test or no.
Speaker 2:But I know I'm not going to give up. Yeah, I think you're gonna do great I don't know.
Speaker 1:It's a scary, I'm telling you, I I can know the topic. That's one thing with with. Now I don't know if it's an ADHD thing or no, but I, that's one thing that I know. I struggle all my life is I can know a topic and yet when you sit me down on an actual place where I had to do the testing and there's timing involved, I blanked out.
Speaker 2:Okay, that's very inspirational. I'm glad you're going through and doing the hard thing and going to work on getting those certifications.
Speaker 1:All right. That's one thing that I think anybody. When people ask me, how do I get in cybersecurity? And I say, well, everybody has a different path. I get in cybersecurity and I say, well, everybody has a different path. You know, I, I, I started. I started in cybersecurity before I had a degree. There's people that had a degree and then they started in cybersecurity. So everybody's different. But one thing that I do notice for a fact is that a lot of companies do like to see those certifications. You know companies do like to see those certifications. You know I was blessed to have the opportunity that someone gave me the opportunity to get in the field without an actual degree, without a certification. I got into the field, I got my degree, I got my associates, I got my bachelors. Now I'm actually going for my, for my certifications. But everybody's a little bit different and every path is different. You just never give up. Keep going, keep pushing through thank you, that's wonderful.
Speaker 2:all right, this has been an episode of security chipmunks. Please make sure to like, comment and subscribe, and also subscribe to the FedEx channel. Thank you everybody for listening today. Thank you, sir.