Detection at Scale

Remitly’s Jason Craig on Building Better Strategies for Identity, Logging, and Threat Modeling

Jan 9, 2024

In this discussion, Jason Craig, the Director of Threat Detection & Response at Remitly, dives into the TTPs of threat actors like Lapsus$. He advocates for hardware-backed authentication over SMS MFA for stronger identity management. Craig emphasizes the importance of a solid asset inventory and understanding organizational threats before crafting effective threat models. He also offers valuable insights on risk-based approaches to protecting sensitive data and the necessity for behavioral profiling to filter out irrelevant noise in security.

40:01

Creator website

Episode guests

Jason Craig

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Establishing a comprehensive asset inventory is essential for effective cybersecurity, enabling organizations to understand and prioritize what needs protection.

Adopting hardware-backed authentication and behavioral profiling significantly enhances threat detection capabilities while reducing false positives in security alerts.

Deep dives

The Importance of Asset Inventory

Having an accurate asset inventory is crucial for effective situational awareness in security. Without understanding what needs protection—systems, data, and infrastructure—organizations can misjudge their security posture and fail to recognize interconnected vulnerabilities. For instance, if an asset gets compromised, the ramifications might reach critical systems that teams may not have identified as high-risk. Thus, maintaining a comprehensive inventory is foundational for prevention, detection, and response strategies.

Intro

2min

Navigating a Security Career

4min

Unmasking the Lapsis Threat Group

22min

Understanding Threat Modeling in Business Context

3min

Strategies for Safeguarding Sensitive Data in Cloud Environments

3min

Understanding Your Cybersecurity Environment for Effective Response

7min

On this week's episode of the Detection at Scale podcast, Jack talks with Jason Craig, Director - Threat Detection & Response at Remitly. They discuss the common TTPs of threat actors and how organizations can better protect against them by adopting hardware-backed authentication, a risk-based approach to logging, and building their threat modeling. They also talk about why organizations should move away from cellular MFA, the need for more behavioral profiling, and advice for security professionals.

Topics discussed:

The common TTPs of threat actors and conglomerates like Lapsus$ and what organizations need to know to protect themselves against them.
Why enterprises should rely on hardware-backed authentication rather than SMS MFA on cellular.
How to take a better approach to identity management by using hardware-backed authentication and behavioral profiling that eliminates background noise.
Why threat modeling begins with knowing what you do as an organization and what you have that's valuable to an attacker.
How to take a risk-based approach to understanding which user data or sensitive information to protect first.
Why an accurate asset inventory is a precursor to detection and response.
Advice to security professionals and organizations on "knowing thyself" and codifying adversary tracking.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Detection at Scale

Remitly’s Jason Craig on Building Better Strategies for Identity, Logging, and Threat Modeling

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Importance of Asset Inventory

The Evolving Threat Landscape

Building a Proactive Detection Program

The Role of Networking in Security

Remember Everything You Learn from Podcasts