Live from New York it’s Microsoft Secure

7 snips

Mar 27, 2024

Guest

Torrell Funderburk

Reflecting on experiences with L0pht, Chris discusses bug bounty programs in cybersecurity. Chip explains Copilot for Security's role in threat hunting and script analysis. Torrell discusses advancements in their security program and transitioning to cybersecurity.

Ask episode

Chapters

Transcript

Episode notes

Introduction

00:00 • 2min

Exploring Flight Simulator Popularity and Being a 'Think Tank'

01:33 • 2min

Evolution of Vulnerability Disclosure and Open Source Security

03:21 • 14min

Understanding the Divergence Between Developer and Security Personas

16:55 • 2min

AI in Daily Life and Security Enhancement

19:02 • 9min

Securing Industrial Systems and Transitioning to Cybersecurity Roles

28:10 • 11min

Empowering Security Programs with Co-Pilot AI

39:34 • 7min

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is Live from Times Square at Microsoft Secure and is joined by Chris Wysopal, Chip Calhoun, and Torrell Funderburk. Chris (aka Weld Pond) reflects on his experiences with L0pht, the evolution of bug bounty programs and their dominance in the cybersecurity space, highlighting both the benefits and drawbacks. Chip explains how Copilot for Security assists with threat hunting and script analysis, enhancing analysts' capabilities in identifying threats and malicious activities. He also touches on the prevalent threat actor profiles, highlighting the prevalence of e-crime and the potential impact of nation-state actors. Terrell expresses excitement about the advancements in their security program and the ability to detect and respond at scale. He also discusses his transition from software engineering to cybersecurity and encourages others to consider the move due to the foundational similarities between the fields.

In this episode you’ll learn:

Complications from vulnerabilities discovered in open-source software
Practical applications of Copilot in incident response and threat intelligence
The importance of curiosity and problem-solving skills when building a security team.

Some questions we ask:

How do you view the role of AI and machine learning in security, and bug bounties?
What do you think is unique about securing critical infrastructure targets?
Will AI influence security practices in organizations and industries going forward?

Resources:

View Chris Wysopal on LinkedIn

View Chip Calhoun on LinkedIn

View Torrell Funderburk on LinkedIn

View Sherrod DeGrippo on LinkedIn

Related Microsoft Podcasts:

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Get the latest threat intelligence insights and guidance at Microsoft Security Insider

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.