{"id":2805,"date":"2022-09-13T06:19:00","date_gmt":"2022-09-13T06:19:00","guid":{"rendered":"\/cybersecurity-blog\/?p=2805"},"modified":"2022-12-21T06:44:33","modified_gmt":"2022-12-21T06:44:33","slug":"expert-qa-john-hammond","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/","title":{"rendered":"Expert Q&A: John Hammond, 19 Questions to the YouTube Blogger"},"content":{"rendered":"\n

Our team at ANY.RUN<\/a> is very excited to introduce a new guest for our Q&A \u2013John Hammond<\/a>, a popular YouTube blogger, cybersecurity specialist from Huntress and just an amazing human being. We will ask 19 cybersecurity questions and discuss his blogging experience, CTF, certificates and top lifehacks for beginners in cybersecurity.<\/p>\n\n\n\n

Hello John, thank you for joining our expert Q&A series! It\u2019s a pleasure for us to have you as a guest. Can you tell our readers what you do?<\/strong><\/h4>\n\n\n\n

John Hammond:<\/strong> Thank you so much for letting me join you! This is a real treat, and I am flattered to be included in the series. Currently, I work as a Senior Security Researcher at Huntress. When I can squeeze in some extra time, I produce educational cybersecurity content on an online YouTube channel<\/a> and host Capture the Flag training.
<\/p>\n\n\n\n

Your experience is inspiring. And I believe many beginner specialists are eager to become a cybersecurity rock star like you. There are 456k subscribers on your <\/strong>YouTube channel right now. How did you become a blogger?<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>I super appreciate all the kind words! To be honest, I grew up like most kids that wanted to \u201cmake video games\u201d or \u201cbecome a hacker\u201d without knowing really anything about what all that entails. Many years ago, from just Googling a cheesy \u201chow-to\u201d for those aspirations, I stumbled across Eric S. Raymond\u2019s article<\/a> that explained: if you really want to become a hacker, you need to learn how to program. The text suggested learning Python as an introductory programming language, so I searched for tutorials on YouTube. Back in that time, \u201cthenewboston\u201d channel produced tons of educational series, and I learned the very beginnings from following those videos.<\/p>\n\n\n\n

At some point, I had the thought, \u201cI could try and make videos to teach people just how I learned!\u201d I think there is a known saying, if you really want to become a master at something, try and teach it<\/em>\u2026 so I started chipping away releasing videos, and it slowly grew over time.<\/p>\n\n\n\n

You mentioned that \u201cthenewboston\u201dchannel was useful for you at some point. What YouTubers do you watch right now and why?<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>These days, I watch LiveOverflow, NahamSec, IppSec, Grant Collins, and lots of other security creators. I love to see what they are up to and to learn from them. I think it is a really cool kind of family, where we bounce ideas off of each other or get inspiration to create new content.
<\/p>\n\n\n\n

Do you remember the moment when you realized: \u201cMy life has changed, <\/strong>
I\u2019m a famous person now\u201d?<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>I try to avoid the notion that \u201cI\u2019m famous\u201d or some silly ego-stroking stuff, but I do remember when it became very surreal, and I could really see the impact of my content. A lot of my channel growth and notoriety came during the beginning year of the pandemic, so it was tough to gauge its value from just seeing numbers on the screen. <\/p>\n\n\n\n

But when I attended DEFCON<\/a> when things started to return to normal, there were a few kind folks that were willing to come up and say hi and offer thanks for all the videos. Being able to see people face-to-face, see how happy they were, and how they expressed I had helped them in their own growth was so fulfilling. It means the world to me when someone stops to say hello.
<\/p>\n\n\n\n

Cybersecurity is quite a unique niche. What is it like to be an influencer, a content creator <\/strong>
in this field?<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>That is a super interesting question\u2026 sometimes I compare myself to other \u201cinfluencers\u201d in different spaces, whether it is exercise or health or gaming, or anything \u2013 and it is strange to see what aligns and what doesn\u2019t. Something that I try to keep constant throughout all my content is humility and a resounding reminder that I\u2019m not an expert. <\/em>I don\u2019t think there really are any experts in cybersecurity. I want to show an authentic and genuine portrayal of cybersecurity, with all the mistakes and the rabbit holes and the bang-your-head-against-the-wall problem-solving.
<\/p>\n\n\n\n

You also have a day job as a senior security researcher. How do you manage to combine a full-time job with <\/strong>YouTube, conferences, and your other projects? Do you have a secret?:-)<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>Well, truthfully, I really struggle to balance it all. Unfortunately, some things fall to the side, and I\u2019ll end up re-prioritizing some obligations more or less, and honestly, things completely slip off my radar sometimes. On days that I have the energy and drive, I will stay up late and \u201cpostpone<\/em>\u201d sleep to try and juggle the efforts between my actual day job, YouTube, hosting CTFs, and more. Oftentimes it feels like an unmaintainable lifestyle, but I either lean into it or lean away from it in a sort of ebb and flow. Somehow, it works. I hope, anyway.  
<\/p>\n\n\n\n

Your channel has existed for more than 10 years, and still, you post a bunch of content. 7 videos in June and 16! in May. How much time does it take you to produce videos? How do you get ready for filming?<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>Video production time really varies between the kinds of videos, and how much I am willing to edit. A large majority of my content is a raw, uncut, screencast, where I purposely don\u2019t<\/em> edit the footage, so all the rabbit holes and mistakes are included. That ultimately takes as much time as it does to record the actual content \u2013 it could be 8 minutes, it could be 20 minutes, or it might be a whole hour. <\/p>\n\n\n\n

I still create my own thumbnails, so then tends to add in another hour or maybe less \u2013 and when I do<\/em> edit footage, it takes way more time than it should. Rendering and uploading also add to the time, so maybe 3-5 hours is a decent timeframe for fully producing a video? It is fuzzy, but it always<\/em> ends up taking more time than I expect.<\/p>\n\n\n\n

 As for how I prepare for filming, I try to put myself under some weird sort of spell and just convince myself I am ready to roll. It takes a little bit of time to get myself in the right headspace, so I might honestly start and stop the beginning of recording over and over again until I feel like I found the right groove. You would think, after a decade of doing this and presenting to people, the nerves would go away \u2013 but no, they never leave. I still get anxious!
<\/p>\n\n\n\n

I know that you hate thumbnails, the editing process, and all this annoying side of content creation. Why are you still doing it by yourself? <\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>I really struggle with \u201ccreative control.\u201d Thankfully, I do have some colleagues and friends that are willing to help with the process \u2013 and trust me, I have tried<\/em> to let them build out thumbnails or the small minutia of production\u2026 but it doesn\u2019t often match what I envisioned or what I like. I try to go back and forth on some suggestions or changes, but I don\u2019t want to annoy them or trivialize their work \u2013 so sometimes I think it might just be easier if I do it myself.  That really adds to the time sink, but I just haven\u2019t found the sweet spot yet for letting another individual create the work that I want to put out.<\/p>\n\n\n\n

Fortunately, I like to think I at least acknowledge <\/em>the fact that I do that, and I am trying to be better about it. I am still slowly trying to find the right extra hands to help with content creation.  
<\/p>\n\n\n\n

There is a constant rivalry between cybercriminals and cybersecurity specialists. Have you ever been hacked? Did you get any threats or anything like this?<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>Surprisingly, I can\u2019t think of a time where I\u2019ve ever been legitimately \u201chacked\u201d (which probably means I have been and I just don\u2019t know it, to be honest). Given my role, I know to take the barebone basics of cybersecurity hygiene seriously \u2013 I use a password manager, multi-factor authentication, and I\u2019m super cautious about inbound emails. <\/p>\n\n\n\n

I do get an extreme amount of fake advertising or sponsorship offers in emails, but my eye is trained a bit to spot these easily enough. I have never gotten any threats or seen much malicious intent towards me online, but I suppose we will see if any come up in the future.
<\/p>\n\n\n\n

Could you share some key steps to cybersecurity hygiene in your opinion? <\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>I hate to have such a boring and trite answer, the same thing everyone else says  — but honestly, that’s the right answer. Use a digital password manager so you can generate long, random and complex passwords unique to every site or service, be extremely cautious when opening unknown files, emails, or links, and just generally know what kind of threats are out there. The best thing you can arm yourself with is just the knowledge and education and then be just cognizant of everything you do on your devices. <\/p>\n\n\n\n

Your <\/strong>YouTube channel has a lot of content for education. How many hours of videos should one watch to become a malware analyst? Are certificates or a degree still important?<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>Videos are just one resource to help someone learn \u2013 it is nice to see the process and get engaged with something that shows the real effort, but it can\u2019t compare to hands-on practice and doing the real thing. Gauging \u201chow many hours of videos\u201d one should watch isn\u2019t the best metric, in my opinion, it should just be a supplement to your own learning and playtime. <\/p>\n\n\n\n

I would certainly say a degree and certificates can help get your foot in the door, but they are not a necessity. If you put in the hard work and build up your skillset<\/a> enough you can prove your merit, you don\u2019t always need the stamp of approval from a degree or certification.
<\/p>\n\n\n\n

You have more than 14 certificates. What was the most challenging? Is there a set of certificates that each malware analyst needs?<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>Truthfully, a lot of the certificates that I have worked through lean more towards emulating the adversary or understanding the threat actor \u2013 they are more focused on offensive security. Considering I don\u2019t do penetration testing for my own occupation, I sort of translate these to the realm of incident response<\/a> and malware analysis<\/a>. <\/p>\n\n\n\n

With that said, one of the most challenging (but rewarding) certifications for me personally was the Offensive Security Experienced Penetration Tester <\/strong>(OSEP) because it did showcase a lot of evasion techniques that attackers (cybercriminals as well) use to slip past antivirus, EDR, or other preventative security mechanisms. <\/p>\n\n\n\n

I remember learning about how managed executables and .NET assemblies can be compiled and run on the fly with LOLbins (living-off-the-land binaries) but how they could leave behind some artifacts depending on how the process is invoked. The very next day at work, I found some of those artifacts while investigating a malware sample \u2013 and seeing that \u201cin the field\u201d was a really cool moment for me.<\/p>\n\n\n\n

If I could shoutout one training that malware analysts might get a ton of value from, it is certainly the Zero2Auto course<\/a> from Vitali Kremez, Daniel Bunce, and Jason Reaves. It is a phenomenal lesson in all the ins-and-outs of common malware families and offers a ton of hands-on and practical real-world case studies.<\/p>\n\n\n\n

 Another love of mine would certainly be some of the SEKTOR7 training<\/strong> that showcases the other end of things\u2026 that does present itself as more of a \u201cred team operator\u201d class, but change your perspective while you go through it. It showcases how one can build<\/em> and develop malware, and you really see where defensive gaps are and how attackers do what they do \u2013 so you can better defend against them.<\/p>\n\n\n\n

What is a typical career path for a malware analyst?<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>You aren\u2019t going to like my answer, but honestly I don\u2019t have a good step-by-step path to offer. There isn\u2019t a \u201cladder\u201d or a laid out and guided way into the work. Finding your way into an industry you love is not always a straight line \u2013 it is squiggly and curved with random detours or unexpected turns\u2026 but it is all part of the process.<\/p>\n\n\n\n

Whether you are a system administrator, a programmer, a help desk technician, or a security professional in whatever niche, you can still take the jump into malware analysis if that is what you want to pursue. The best I can offer is a gentle reminder that your career isn\u2019t on railroad tracks\u2026 you are in control, and you can dive into malware analysis to help find the vocation you love.<\/p>\n\n\n\n

What is the best lifehack for beginners in malware analysis based on your experience? <\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>Here is another bad answer that might not be what everyone hoped for, but it is the real truth: have fun<\/strong>. My best advice is to enjoy doing what you do, and if you don\u2019t, then pivot to something that you really find joy and fulfillment in. I think a lot of folks would agree that passion in this field can help you tremendously\u2014and if that passion starts to fade, bounce to something new that you find fascinating. <\/p>\n\n\n\n

If I can offer one sort of lesson: eventually, once you turn what you love into your job, there will <\/em>come a time that what you once loved will start to feel like \u201cwork\u201d. It might turn mundane or feel like drudgery, and you just aren\u2019t all that excited about it anymore because it got twisted into something else. That might happen in a year, that might happen in 5 years, maybe 10 years\u2026 it is different for everyone. But the thing to aim for is to delay that the best you can or fight against it, so it never happens at all. 
<\/p>\n\n\n\n

When you are cutting through malware, or just getting your feet wet, make it fun. Play. Explore and love the process.<\/strong><\/p><\/blockquote>\n\n\n\n

Hacking, pentesting is something you are known for. How to choose a side? Blue team or red team?<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>Again, this ultimately falls to your own personal interests, but I\u2019ve found the best approach is a sort of mix between both red and blue<\/a>. I do love ethical hacking, red teaming, penetration testing \u2013 but I want to make the security landscape better<\/em>. It is one thing to break things, but it is another to fix<\/em> those things and work to prevent or better detect them in the future. My best advice is to find the niche that you love, whether it be offensive or defensive, and work with others to bolster the community.<\/p>\n\n\n\n

Having this impressive CTF background, could you share the best strategy to win the game? Or an interesting case that you had?<\/strong><\/h4>\n\n\n\n

John Hammond:<\/strong> Joking a bit here, but if I could make a certain callback to the 1983 film WarGames, \u201cthe only winning move is not to play.\u201d And I don\u2019t mean that literally, I\u2019m not saying don\u2019t play CTFs\u2026 but don\u2019t play to win, play to learn. 
<\/p>\n\n\n\n

When I participate in a CTF, I don\u2019t really care where I am on the leaderboard, or if I come in 1st<\/sup> place or whatever \u2013 I want to absorb as much information as I can and come away with new tricks, new tools, or new techniques. If you learn something new in the process, you have already won. Now you are better armed against the next malware sample you analyze, the next investigation you are on, or the next engagement or next pentest or CTF or anything.
<\/p>\n\n\n\n

I can share one fun story of a different style of Capture the Flag that I participated in the past.<\/strong><\/h5>\n\n\n\n

It was more of a social-engineering competition mixed in with hands-on-keyboard technical know-how. This was an in-person event where teams were tasked to dig up intel and compromise a simulated company, where we could find employees online through social media and their public web presence. There were people designated to play the parts of these employees, so we as participants would create sockpuppet accounts and message them through LinkedIn or Facebook or craft phishing emails to get them to run on our own malware. 
<\/p>\n\n\n\n

One element of the game was literally walking into another building under the guise of some maintenance staff and sneaking through rooms to rummage through file cabinets or place a Raspberry Pi for later remote access\u2026 it was very cool. One task I vividly remember was setting up a credential harvesting website, cloned to look just like an online email provider that this \u201ccompany\u201d used in their day-to-day, and calling one of the \u201cemployees\u201d on the phone to fool them into \u201cresetting their password\u201d so we can gain their credentials. 
<\/p>\n\n\n\n

This was during the very last few minutes of the competition, so we were rushed and trying to balance pushing the person to move more quickly, while still keeping up the charade. In the last few seconds, we had the adrenaline rush and energy that came from being so close, and we did finally see their password come through across our listeners. We were jumping up and down, high-fives and fist-bumps and cheering, and we could submit it for points just literally seconds before the end of the game. After those points were in, we took second place in the competition.
<\/p>\n\n\n\n

Great takeaways of CTFs are the fun and fulfillment of not even \u201cwinning\u201d the competition but just doing something new<\/strong>
<\/p><\/blockquote>\n\n\n\n

With that, I think there are a lot of great takeaways \u2013 the value of team-building and comradery that comes from playing CTFs with friends, peers, and colleagues\u2026 the fun and fulfillment of not even \u201cwinning\u201d the competition but just doing something new\u2026 and especially, the lessons learned on how social engineering is always an attack vector. People can be the biggest vulnerability, and it just shines the spotlight on how much we need cybersecurity education and awareness.<\/p>\n\n\n\n

What is the best CTF that you can recommend? Where can junior specialists prove themselves and learn?<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>Capture the Flag competitions tend to lean folks into a more offensive security side, finding and exploiting vulnerabilities, often in a Linux environment\u2026 but the reality is, most everything in the industry is in the Windows realm and deals with more defensive \u201cblue team\u201d work. I think the closest thing I could suggest for budding analysts or junior folks in malware analysis and the incident response would be the \u201cBlue Team Labs Online\u201d<\/a>. That resource has a lot of great free material and is really approachable for anyone jumping into gamified security learning.<\/p>\n\n\n\n

What are you working on right now?<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>Truthfully, I have just made it back from Blackhat and DEFCON, and during Blackhat I was fortunate enough to attend the \u201cAdvanced Windows Exploitation\u201d course from Offensive Security. That dives deep into kernel exploitation, browser sandbox attacks, and virtual machine escapes\u2026 crazy wild stuff. I hope to be studying for that capstone challenge into the new year, and I\u2019ll still be trying to push out YouTube content and develop Capture the Flag challenges for competitions and events that I help host. For my day job, I\u2019ve been tinkering with how we can better assess the attack surface from an external perspective, examining open ports and hunting down the \u201clow hanging fruit\u201d that too many organizations still get compromised by. It all keeps me busy<\/p>\n\n\n\n

And the final question \u2013 what is cybersecurity for you?<\/strong><\/h4>\n\n\n\n

John Hammond: <\/strong>To me, cybersecurity is a certain kind of pulse. It\u2019s a heartbeat. It is active and constant and always on and it is something I feel like we have to earn<\/em> and be with it.<\/em> That is a tough ask because we know the threat landscape moves quick \u2013 but I\u2019m up for the fight. I love being a part of the community and surrounding myself with others that are in the trenches just as well. Stopping threat actors, hunting down adversaries, finding and fixing problems before the attackers do\u2026 it takes a village and everyone playing in concert together. That<\/em> is cybersecurity to me.<\/p>\n\n\n\n

Thank you for taking your time, and good luck!<\/strong><\/h4>\n\n\n\n

Thank you so much for letting me join you and be a part of this! <\/p>\n\n\n\n

Don\u2019t forget to subscribe to John\u2019s YouTube channel<\/a>!  
<\/p>\n","protected":false},"excerpt":{"rendered":"

Our team at ANY.RUN is very excited to introduce a new guest for our Q&A \u2013John Hammond, a popular YouTube blogger, cybersecurity specialist from Huntress and just an amazing human being. We will ask 19 cybersecurity questions and discuss his blogging experience, CTF, certificates and top lifehacks for beginners in cybersecurity. Hello John, thank you […]<\/p>\n","protected":false},"author":2,"featured_media":2987,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[67],"tags":[10,58],"class_list":["post-2805","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-interviews","tag-cybersecurity","tag-cybersecurity-training"],"acf":[],"yoast_head":"\nExpert Q&A John Hammond, Cybersecurity Questions to YouTube Blogger<\/title>\n<meta name=\"description\" content=\"John Hammond answers 19 questions from ANY.RUN: YouTube experience, CTF, certificates, lifehacks in cybersecurity. Check out the interview in our blog.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ANY.RUN\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"17 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/\"},\"author\":{\"name\":\"ANY.RUN\",\"@id\":\"https:\/\/any.run\/\"},\"headline\":\"Expert Q&A: John Hammond, 19 Questions to the YouTube Blogger\",\"datePublished\":\"2022-09-13T06:19:00+00:00\",\"dateModified\":\"2022-12-21T06:44:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/\"},\"wordCount\":3481,\"commentCount\":9,\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"keywords\":[\"cybersecurity\",\"cybersecurity training\"],\"articleSection\":[\"Interviews\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/\",\"name\":\"Expert Q&A John Hammond, Cybersecurity Questions to YouTube Blogger\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/\"},\"datePublished\":\"2022-09-13T06:19:00+00:00\",\"dateModified\":\"2022-12-21T06:44:33+00:00\",\"description\":\"John Hammond answers 19 questions from ANY.RUN: YouTube experience, CTF, certificates, lifehacks in cybersecurity. Check out the interview in our blog.\",\"breadcrumb\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Interviews\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/category\/interviews\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Expert Q&A: John Hammond, 19 Questions to the YouTube Blogger\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN's Cybersecurity Blog\",\"description\":\"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.\",\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/any.run\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN\",\"url\":\"https:\/\/any.run\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"contentUrl\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"width\":1,\"height\":1,\"caption\":\"ANY.RUN\"},\"image\":{\"@id\":\"https:\/\/any.run\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/www.any.run\/\",\"https:\/\/twitter.com\/anyrun_app\",\"https:\/\/www.linkedin.com\/company\/30692044\",\"https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g\",\"caption\":\"ANY.RUN\"},\"url\":\"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Expert Q&A John Hammond, Cybersecurity Questions to YouTube Blogger","description":"John Hammond answers 19 questions from ANY.RUN: YouTube experience, CTF, certificates, lifehacks in cybersecurity. Check out the interview in our blog.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/","twitter_misc":{"Written by":"ANY.RUN","Est. reading time":"17 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/#article","isPartOf":{"@id":"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/"},"author":{"name":"ANY.RUN","@id":"https:\/\/any.run\/"},"headline":"Expert Q&A: John Hammond, 19 Questions to the YouTube Blogger","datePublished":"2022-09-13T06:19:00+00:00","dateModified":"2022-12-21T06:44:33+00:00","mainEntityOfPage":{"@id":"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/"},"wordCount":3481,"commentCount":9,"publisher":{"@id":"https:\/\/any.run\/"},"keywords":["cybersecurity","cybersecurity training"],"articleSection":["Interviews"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/","url":"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/","name":"Expert Q&A John Hammond, Cybersecurity Questions to YouTube Blogger","isPartOf":{"@id":"https:\/\/any.run\/"},"datePublished":"2022-09-13T06:19:00+00:00","dateModified":"2022-12-21T06:44:33+00:00","description":"John Hammond answers 19 questions from ANY.RUN: YouTube experience, CTF, certificates, lifehacks in cybersecurity. Check out the interview in our blog.","breadcrumb":{"@id":"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/any.run\/cybersecurity-blog\/expert-qa-john-hammond\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/any.run\/cybersecurity-blog\/"},{"@type":"ListItem","position":2,"name":"Interviews","item":"https:\/\/any.run\/cybersecurity-blog\/category\/interviews\/"},{"@type":"ListItem","position":3,"name":"Expert Q&A: John Hammond, 19 Questions to the YouTube Blogger"}]},{"@type":"WebSite","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/","name":"ANY.RUN's Cybersecurity Blog","description":"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.","publisher":{"@id":"https:\/\/any.run\/"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/any.run\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/any.run\/","name":"ANY.RUN","url":"https:\/\/any.run\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","contentUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","width":1,"height":1,"caption":"ANY.RUN"},"image":{"@id":"https:\/\/any.run\/"},"sameAs":["https:\/\/www.facebook.com\/www.any.run\/","https:\/\/twitter.com\/anyrun_app","https:\/\/www.linkedin.com\/company\/30692044","https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ"]},{"@type":"Person","@id":"https:\/\/any.run\/","name":"ANY.RUN","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g","caption":"ANY.RUN"},"url":"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/"}]}},"_links":{"self":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/2805"}],"collection":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/comments?post=2805"}],"version-history":[{"count":1,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/2805\/revisions"}],"predecessor-version":[{"id":2974,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/2805\/revisions\/2974"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media\/2987"}],"wp:attachment":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media?parent=2805"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/categories?post=2805"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/tags?post=2805"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}