Microsoft Threat Intelligence Podcast

Live from New York it’s Microsoft Secure

Mar 27, 2024

Reflecting on experiences with L0pht, Chris discusses bug bounty programs in cybersecurity. Chip explains Copilot for Security's role in threat hunting and script analysis. Torrell discusses advancements in their security program and transitioning to cybersecurity.

47:48

Creator website

Episode guests

Torrell Funderburk

Chip Calhoun

Chris Wysopal

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Bug bounty programs dominate cybersecurity but have both benefits and drawbacks

Copilot for Security enhances threat hunting and script analysis capabilities

Transitioning from software engineering to cybersecurity requires curiosity and problem-solving skills

Deep dives

AI and Security Program Improvement

Leveraging AI like Security Co-Pilot to enhance overall security programs by analyzing alerts and incidents to identify program-level issues. This approach allows for insightful feedback loops and improved program effectiveness.

Introduction

2min

Exploring Flight Simulator Popularity and Being a 'Think Tank'

2min

Evolution of Vulnerability Disclosure and Open Source Security

14min

Understanding the Divergence Between Developer and Security Personas

2min

AI in Daily Life and Security Enhancement

9min

Securing Industrial Systems and Transitioning to Cybersecurity Roles

11min

Empowering Security Programs with Co-Pilot AI

7min

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is Live from Times Square at Microsoft Secure and is joined by Chris Wysopal, Chip Calhoun, and Torrell Funderburk. Chris (aka Weld Pond) reflects on his experiences with L0pht, the evolution of bug bounty programs and their dominance in the cybersecurity space, highlighting both the benefits and drawbacks. Chip explains how Copilot for Security assists with threat hunting and script analysis, enhancing analysts' capabilities in identifying threats and malicious activities. He also touches on the prevalent threat actor profiles, highlighting the prevalence of e-crime and the potential impact of nation-state actors. Terrell expresses excitement about the advancements in their security program and the ability to detect and respond at scale. He also discusses his transition from software engineering to cybersecurity and encourages others to consider the move due to the foundational similarities between the fields.

In this episode you’ll learn:

Complications from vulnerabilities discovered in open-source software
Practical applications of Copilot in incident response and threat intelligence
The importance of curiosity and problem-solving skills when building a security team.

Some questions we ask:

How do you view the role of AI and machine learning in security, and bug bounties?
What do you think is unique about securing critical infrastructure targets?
Will AI influence security practices in organizations and industries going forward?

Resources:

View Chris Wysopal on LinkedIn

View Chip Calhoun on LinkedIn

View Torrell Funderburk on LinkedIn

View Sherrod DeGrippo on LinkedIn

Related Microsoft Podcasts:

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Get the latest threat intelligence insights and guidance at Microsoft Security Insider

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Microsoft Threat Intelligence Podcast

Live from New York it’s Microsoft Secure

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

AI and Security Program Improvement

Scaling in InfoSec

Co-Pilot Empowering Analysts

Gradual AI Adoption

Value of Curiosity in Security Professionals

Future of AI in Security

In this episode you’ll learn:

Some questions we ask:

Resources:

Related Microsoft Podcasts:

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

Microsoft Threat Intelligence Podcast

Live from New York it’s Microsoft Secure

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

AI and Security Program Improvement

Scaling in InfoSec

Co-Pilot Empowering Analysts

Gradual AI Adoption

Value of Curiosity in Security Professionals

Future of AI in Security

In this episode you’ll learn:

Some questions we ask:

Resources:

Related Microsoft Podcasts:

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights