Let's SOC About It

Francis Odum, a cybersecurity expert and author focused on SOC operations, is joined by David Torres, D3 Security's director of sales engineering. They explore how Morpheus AI revolutionizes SOC functions by generating dynamic playbooks using natural language, drastically cutting down the need for manual tuning. David demonstrates the platform's ability to create context-aware playbooks and enhance analyst workflows while keeping human analysts in control. Francis highlights the significance of AI-driven efficiency in modern cybersecurity.

In this episode of the Let's SOC About It podcast, Amy Tom chats with Sarim Khawaja, a Product Lead at Styx Intelligence, about the dangers of cyber scam mills. They discuss the growing threat of organized, factory-like operations that execute online scams on an industrial scale.In this episode, you'll learn:🏭 What cyber scam mills are and how they operate🌏 Why they are prevalent in Southeast Asia and other regions 🎭 What types of scams and targeting strategies they use💼 What the impact is on individuals and businesses 🛡️ Best practices for organizational cybersecurityRelevant links:Follow Sarim on LinkedIn: https://www.linkedin.com/in/sarimkhawaja/Join the White Hat Security Community: https://www.linkedin.com/company/white-hat-security-community/Join PM Hive: https://www.linkedin.com/company/pmhivevan/Learn about Styx Intelligence: https://styxintel.com/

Threat detection teams are on the frontlines of detecting, inspecting, and publishing findings on new threats. But how do they get there? And what does it take to understand and dissect malware?On this episode of the podcast, we're joined by Randy Pargman, the Senior Director of Threat Detection at Proofpoint, to ask him:🔄 How does reverse malware engineering work?🔎 How do you know what you’re looking for when things evolve so quickly? 🤔 How do you stay on top of evolving tactics from bad actors? Relevant links:💜 Read Proofpoint's threat insights blog: http://proofpoint.com/us/blog/threat-...💜 Follow Randy Pargman on LinkedIn:   / randy-pargman-131b773  💜 Check out DEATHCon: https://deathcon.io/

Online data brokers may seem like a consumer privacy issue –but as our guest explains on this episode of Let's SOC About It, they’re a growing business risk. Paul Mander, General Manager of Optery, joins us to expose the scale of the online data broker ecosystem and how it fuels targeted cyberattacks like phishing, smishing, and impersonation. The line between personal and business identity is blurrier than ever – and it’s putting organizations at risk.In this episode, you'll learn about:🕵️‍♂️ How data brokers harvest and resell your employees’ personal data📲 Why that information is fueling phishing and smishing attacks🧠 The impact of AI on the sophistication and scale of social engineering🛡️ How to proactively protect your people – and reduce alerts in the SOCRelevant Links:Follow Paul on LinkedIn: linkedin.com/in/paulmanderLearn more about Optery: http://optery.com/getting-started-business/

Identity-based attacks aren't slowing down. In fact, as Chip Bircher tells us on this episode of Let's SOC About It, it's not something you can ignore. Chip Bircher, CTO of SOFTwarfare, talks about execution methods and ways to combat identity-centric threats.In this episode, you'll learn about:👮 The military/cybersecurity crossover⚠️ How bad actors execute identity-based attack methods🤨 The use of behavioral analytics and the ethics of privacy⚙️ How AI is fuelling an identity-based attack fireRelevant Links:Follow Chip on LinkedIn:   / chipbircher  Learn more about SOFTwarfare: https://www.softwarfare.com/

Kostas Tsialemis, an independent security consultant behind the DFIR Report and the EDR Telemetry Project, dives deep into the importance of EDR telemetry data. He explains how this data enhances threat detection and investigations. Kostas discusses the project's aim to unify telemetry information across different vendors, addressing the variability in data collection methods and gaps in vendor documentation. He advocates for community collaboration to improve product transparency and shares insights on how cybersecurity practitioners can leverage this crucial information for better incident response.

AI is used in phishing attacks by both bad actors and incident responders alike. So what do phishing attacks look like today, and how do we combat them? On this episode of Let's SOC About It, Amy is joined by Curtis Goddard and Brad Farris from Check Point.In this episode:🎣 What do phishing attacks look like today?😱 How is AI leveraged by bad actors in phishing attacks?⚔️ How can you use AI to protect yourself against advancing email threats?Relevant Links:- Follow Brad Farris on LinkedIn: https://www.linkedin.com/in/tbradleyfarris/- Follow Curtis Goddard on LinkedIn: https://www.linkedin.com/in/curtisgoddard/- Learn more about Avanan, a Check Point company: https://emailsecurity.checkpoint.com/

With RSAC right around the corner, we sat down with Francis Odum to talk about his tips for a good conference.In this episode, we discuss:🔥 The hottest tech to look out for at RSAC🎁 The most useful conference swag💃 The best RSAC parties and eventsDon't forget to visit D3 at Booth N-4400 in the north hall of the Moscone Center in San Francisco 🤗Relevant links:Meet with us at RSAC: https://info.d3security.com/morpheus-...Follow Software Analyst Cybersecurity Research: https://softwareanalyst.substack.com/Follow Francis on LinkedIn:   / francis-odum-0a8673100  

It’s back to basics this week because you can’t successfully automate without the right foundation and an effective automation strategy. Mandy Neely, a Senior Security Engineer at a Healthcare Organization, joins us on the podcast to talk about S.E.C.U.R.E. automation.In this episode, you’ll learn about Mandy’s S.E.C.U.R.E. approach to automation:S – Start with an existing processE – Error handling and alertingC – Continuous process optimizationU – Unified team understandingR – Risk awarenessE – Effective data managementRelevant links:Follow Mandy Neely on LinkedIn: https://www.linkedin.com/in/mandy-neely/Learn about IPO: https://idpro.org/Follow D3 Security on LinkedIn for Let’s SOC About It updates: https://www.linkedin.com/company/d3-security-management-systems/

AI and deepfake technology is getting more and more advanced. We often associate "getting deepfaked" with celebrities and well... anyone but people in our own networks.But CEOs and C-suite executives are amongst the most at risk to deepfake attacks, and they've got a lot to lose. On this episode of Let's SOC About It, Benny Epand – Business Director of iZooLogic – talks about how hackers are using deepfake technology to impersonate CEOs and infiltrate networks, get wire transfers, and more.On this episode, you'll learn:😱 How hackers are infiltrating networks with targeted deepfake attacks👩‍💻 How to protect yourself against deepfake attacks in your environment🙏 What to do if you've fallen victim to a deepfake attackRelevant Links:Follow D3 Security on LinkedIn for regular podcast updates: https://www.linkedin.com/company/d3-security-management-systemsFollow iZooLogic on LinkedIn: https://www.linkedin.com/company/izoologic/