From Pre-Law to FLARE: How Josh Stroschein Became Google's Malware Analyst
Mon Dec 01 2025
In this episode of Simply Defensive, Josh Mason and Wade Wells sit down with Josh Stroschein β aka The Cyber Yeti β a former professor turned reverse engineer now working on one of the largest malware analysis teams in the world.
Josh shares his unconventional path through .NET development, credit card processing security, and academia before landing at Google. He opens up about teaching reverse engineering while learning it himself, building educational CTFs, and the realities of making it as a full-time reverse engineer in an industry where those roles are rare.
What you'll hear:
πΉ From pre-law to pilot training to PhD in cybersecurity
πΉ How teaching RE forced him to truly master it
πΉ Life inside Google's FLARE team (via Chronicle β Mandiant)
πΉ Flareon CTF β the RE challenge that's run for 12 years
πΉ A wild Black Hat NOC story involving an infected Mac and Atomic Stealer
πΉ Using AI to build malware samples for training labs
πΉ Why going low-level is the best advice for blue teamers
Chapters:
00:00 Introduction and Welcome
00:50 Josh's Connection to Dr. Gerald Auger
02:00 The Non-Traditional Path: Pre-Law, Pilot Training & .NET Dev
05:00 Getting Into Security at a Credit Card Processor
07:00 Teaching Reverse Engineering at Dakota State
10:00 Flareon CTF and Educational CTF Design
14:00 Is Reverse Engineering Offensive or Defensive?
17:00 How Rare Are Full-Time RE Roles?
21:00 The Path to Google: Chronicle, Mandiant & FLARE
25:00 Learning Through Teaching and YouTube Content
28:00 Black Hat NOC Story: Catching Atomic Stealer Live
33:00 Using AI to Create Malware Training Samples
37:00 Building a Defang Tool (and .NET Nightmares)
40:00 Advice for Blue Teamers: Go Low-Level
π§ Find Josh Stroschein:
β Website: https://www.thecyberyeti.com
β YouTube: The Cyber Yeti
β Podcast: The Cyber Yeti Podcast
π₯ Connect with the Hosts:β Josh Mason: https://www.linkedin.com/in/joshuacmason/β Wade Wells: https://www.linkedin.com/in/wadingthrulogs/β Swimlane: https://www.linkedin.com/company/swimlane
ποΈ Listen on Your Favorite Platform:β Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4β Apple Podcasts: https://podcasts.apple.com/us/podcast/simply-defensive/id1773806182β Full Playlist: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4
π If you enjoyed this episode, don't forget to like, subscribe, and share with your fellow defenders. Every week, Josh Mason and Wade Wells bring you practical, no-fluff conversations with cybersecurity professionals who are doing the work.
=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group
More
In this episode of Simply Defensive, Josh Mason and Wade Wells sit down with Josh Stroschein β aka The Cyber Yeti β a former professor turned reverse engineer now working on one of the largest malware analysis teams in the world. Josh shares his unconventional path through .NET development, credit card processing security, and academia before landing at Google. He opens up about teaching reverse engineering while learning it himself, building educational CTFs, and the realities of making it as a full-time reverse engineer in an industry where those roles are rare. What you'll hear: πΉ From pre-law to pilot training to PhD in cybersecurity πΉ How teaching RE forced him to truly master it πΉ Life inside Google's FLARE team (via Chronicle β Mandiant) πΉ Flareon CTF β the RE challenge that's run for 12 years πΉ A wild Black Hat NOC story involving an infected Mac and Atomic Stealer πΉ Using AI to build malware samples for training labs πΉ Why going low-level is the best advice for blue teamers Chapters: 00:00 Introduction and Welcome 00:50 Josh's Connection to Dr. Gerald Auger 02:00 The Non-Traditional Path: Pre-Law, Pilot Training & .NET Dev 05:00 Getting Into Security at a Credit Card Processor 07:00 Teaching Reverse Engineering at Dakota State 10:00 Flareon CTF and Educational CTF Design 14:00 Is Reverse Engineering Offensive or Defensive? 17:00 How Rare Are Full-Time RE Roles? 21:00 The Path to Google: Chronicle, Mandiant & FLARE 25:00 Learning Through Teaching and YouTube Content 28:00 Black Hat NOC Story: Catching Atomic Stealer Live 33:00 Using AI to Create Malware Training Samples 37:00 Building a Defang Tool (and .NET Nightmares) 40:00 Advice for Blue Teamers: Go Low-Level π§ Find Josh Stroschein: β Website: https://www.thecyberyeti.com β YouTube: The Cyber Yeti β Podcast: The Cyber Yeti Podcast π₯ Connect with the Hosts:β Josh Mason: https://www.linkedin.com/in/joshuacmason/β Wade Wells: https://www.linkedin.com/in/wadingthrulogs/β Swimlane: https://www.linkedin.com/company/swimlane ποΈ Listen on Your Favorite Platform:β Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4β Apple Podcasts: https://podcasts.apple.com/us/podcast/simply-defensive/id1773806182β Full Playlist: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4 π If you enjoyed this episode, don't forget to like, subscribe, and share with your fellow defenders. Every week, Josh Mason and Wade Wells bring you practical, no-fluff conversations with cybersecurity professionals who are doing the work. =========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================This podcast is presented by Simply Cyber Media Group