Send the hosts a message - try it now!TL;DR:This week on the podcast, my buddy Adam Meyers graciously joins the show from his "undisclosed location" deep under the Meyers compound to break apart the latest threat report. I'm sure you've read it, but if you haven't you can get it at the link below. On this show, Adam and Rafal talk about what's in the report, what's not in the report, and the delta which brings up some interesting things in the evolution of threat actors and "bad guys". It's a podcast you don't want to miss because it feels like it's both a bellwether of what you'll be experiencing in your environments shortly, if you aren't already.Check out the show on our new podcast distribution site (BuzzSprout) and update your RSS feeds if you haven't already. Go check out the video (link below), and don't forget to catch it on LinkedIn, and Twitter!CrowdStrike Report: https://www.crowdstrike.com/global-threat-report/YouTube Video Replay: https://youtube.com/live/HN9Qg42HCks?feature=shareGuestAdam MeyersLinkedIn: https://www.linkedin.com/in/adam-meyers-7a58481/Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DRThis week, on the podcast, Rafal and James host Brian Chidester and Jordan Burris to talk about the latest National Cyber Security Strategy from the Biden White House. It's an interesting piece of national policy that outlines our cyber security priorities as a nation - and you'll have to forgive me for calling it "aspirational".The four of us discuss the likelyhood of this strategy ever being fully implemented, which pieces are most likely to work and which ones will struggle, and ultimately what will be the result here.This is an important document - and if you're a defender or serious about cyber security at a national level - you should listen in.YouTube video replay: https://youtube.com/live/O8lePu4ings?feature=shareLinks:White house release: https://www.whitehouse.gov/briefing-room/statements-releases/2023/03/02/fact-sheet-biden-harris-administration-announces-national-cybersecurity-strategy/Guests:Brian ChidesterLinked: https://www.linkedin.com/in/abchidester/Jordan BurrisLinkedIn: https://www.linkedin.com/in/jordan-burris-60588a70/Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR: On this week's episode of the podcast, James joins me to co-host a great episode with an old friend - Ray Emerly. Ray is a long-time veteran of the CISO chair, and no stranger to working at all aspects of the security leadership role. We talk through a number of important topics, ask him what's changed (and what hasn't) and of course we have a stumper at the end. Listen to the end, or you'll miss a golden nugget.   Guest Raymond Umerly LinkedIn: https://www.linkedin.com/in/rumerley/    Watch the Video on our YouTube channel https://youtube.com/live/x1trGIgZSF0 Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!** This episode is being re-published due to an issue with the RSS feed/provider ** TL;DR: We've talked about cyber insurance a lot here on this podcast, and this episode is yet another angle on the topic. Nate Smolenski joins us to discuss his view, from the perspective of a CISO. This is a great conversation for those who are still investigating Cyber Insurance, or realizing that their policies are astronomical, or trying to right-size their security program along with insurance. Video link: https://youtube.com/live/O0gpapA_r08?feature=share Guest: Nate Smolenski LinkedIn: https://www.linkedin.com/in/nathansmolenski/  Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!** This episode is being re-published due to an issue with the RSS feed/provider ** TL;DR: This week I brought on David Barton the CTO of HighWire Networks - who knows a few things about a few things. We discuss the complex nature of our business, where things get weird, and how we can work to make them better. We talk about complexity, specifically, and what makes this such a difficult thing for our industry where simple is the arch-enemy of secure. Join us, and catch the video on the YouTube page (smash that subscribe button), or on LinkedIn.   Video Stream (replay): https://youtube.com/live/_rykxVh_VBw?feature=share    Guest: David Barton LinkedIn: https://www.linkedin.com/in/davidbarton1/  Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR It's been said that the road to hell is paved with good intentions. I feel like this applies to SBOM so much it's scary. All the good intentions in the world seemed to have led us to a place where we have tools that produce inconsistent results, tool sets that aren't necessarily integrated or mission-focused to deliver results, and a lot of confusion. Varun joins us with a boatload of entrepreneurial expertise and an eye for problem-solving so it's an interesting conversation. Join Rafal & James in a conversation that you'll want to listen to a few times, and take notes. Link to YouTube video https://youtube.com/live/pZgiiRQeou0?feature=share  Guest Varun Badhwar LinkedIn: https://www.linkedin.com/in/vbadhwar/  Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR: This DtSR podcast brings back a good friend of the show, and one of the most experienced leaders I know - Mr. Jim Tiller. We talk about an interesting topic - the "virtual CISO". vCISO is interesting because as markets tighten, and it becomes more difficult to find and afford good CISOs and security leaders in this market. So how can a company best utilize this part-time resource? We discuss... What are the best ways to utilize vCISO? What questions should you be asking? What are things to look out for? YouTube video https://youtube.com/live/OaYS0yEajQw?feature=share  Guest Jim Tiller LinkedIn: https://www.linkedin.com/in/jimtillersecurity/  Jim's Security Bytes newsletter: https://www.linkedin.com/newsletters/security-bytes-6943286067194187776/  Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR: I'm extremely excited to present to you, dear listeners and friends, a wonderful conversation with Sergio Caltagirone, who is quite the authority on 'threat intelligence' - where others talk tools and limited knowledge, Sergio literally was there at the birth of the cyber dawn of the threat intelligence operations we know (or don't know) today. Sergio has been at an agency, at Microsoft, at Dragos - and he knows threat intelilgence from theory to applications. Listen in, learn a bit, and laugh along as the Chinese spy baloon (that's my story and I'm sticking to it) disrupts our communications with our pal, Sergio. Video Link (unedited, and hilarious): https://youtube.com/live/SuH4uxBiX3E  Guest Sergio Caltagirone LinkedIn: https://www.linkedin.com/in/sergiocaltagirone/  Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

The podcast discusses the evolution and challenges of incident response automation, the merging of software systems for improved security, the importance of data correlation and XDR in cybersecurity incidents, the Defend ontology in cybersecurity defense strategies, and concludes with casual conversations and farewells.

Send the hosts a message - try it now!TL;DR A few days ago, my pal Kevin asked me if I had seen the LinkedIn post by Helen Patton that asked an interesting question of the podcast space... Her post made me think - why the heck not? So, I did. Thanks to Helen, whose idea this was - I hope you get a chance to watch and enjoy the outcome of your request ... we had far too much fun recording it. Here on this episode - which I promise you is 100x better on video, we have Anton Chuvakin, Kevin Thompson, and Jeff Collins joining Rafal & James on the podcast to have a little fun and ask "ChatGPT" some questions. Anton drove the screen share, and we had a lot of fun. I have to wonder - how did some of those answers (you'll know when you see/hear them) make it on there. Holy cow... wow. LinkedIn video replay - https://www.linkedin.com/video/event/urn:li:ugcPost:7021885147977314304/  Guests Anton Chuvakin LinkedIn: https://www.linkedin.com/in/chuvakin/  Jeff Collins LinkedIn: https://www.linkedin.com/in/jmcollins/  Kevin Thompson LinkedIn: https://www.linkedin.com/in/blackfist/  Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast