Down the Security Rabbithole Podcast (DtSR)

The podcast discusses the evolution and challenges of incident response automation, the merging of software systems for improved security, the importance of data correlation and XDR in cybersecurity incidents, the Defend ontology in cybersecurity defense strategies, and concludes with casual conversations and farewells.

TL;DR A few days ago, my pal Kevin asked me if I had seen the LinkedIn post by Helen Patton that asked an interesting question of the podcast space... Her post made me think - why the heck not? So, I did. Thanks to Helen, whose idea this was - I hope you get a chance to watch and enjoy the outcome of your request ... we had far too much fun recording it. Here on this episode - which I promise you is 100x better on video, we have Anton Chuvakin, Kevin Thompson, and Jeff Collins joining Rafal & James on the podcast to have a little fun and ask "ChatGPT" some questions. Anton drove the screen share, and we had a lot of fun. I have to wonder - how did some of those answers (you'll know when you see/hear them) make it on there. Holy cow... wow. LinkedIn video replay - https://www.linkedin.com/video/event/urn:li:ugcPost:7021885147977314304/  Guests Anton Chuvakin LinkedIn: https://www.linkedin.com/in/chuvakin/  Jeff Collins LinkedIn: https://www.linkedin.com/in/jmcollins/  Kevin Thompson LinkedIn: https://www.linkedin.com/in/blackfist/  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR On this episode, we welcome Josh Grossman - who has a pretty interesting perspective on AppSec, or Software Security, or (cringe) "DevSecOps". Josh has a bit of an edge on the subject, so he fits in with myself & James perfectly. We talk about where things stand from the vendor perspective, building programs, and why it takes to make a real impact, versus continuing to push a very large boulder up a very steep hill. Oh, hey, want to be on the show? Let us know a topic and your background and let's talk. Guest Josh Grossman LinkedIn: https://www.linkedin.com/in/joshcgrossman/  Twitter: https://twitter.com/JoshCGrossman  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR This week on 2023's first live-streamed episode (technical our first recorded in '23) our friend Larry Whiteside, Jr. joins us to talk about the prospects for 2023 and beyond. We discuss trends, make some rather sad predictions, and attempt to be hopeful about what the new year could bring us - if we don't find a way to walk ourselves off a cliff, first. It's a light discussion, that dives into some deep topics, and ultimately ends with some hope... 'ish. Join us! Oh, hey, since some of you are looking for a new opportunity in the new year, Larry's hiring (check out his LinkedIn page). Guest Larry Whiteside, Jr. LinkedIn: https://www.linkedin.com/in/larrywhitesidejr/ Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR Shawn Tuma, our favorite cyber legal eagle, joins Rafal & James to talk about the sorts of things we learned about 2022, in what could be confused for a year-in-review episode. We saw ransomware, big incidents, but overall ... things weren't the worst out there. If you missed our live-stream on LInkedIn (link below) you can replay that any time, or listen to this episode as a podcast. For 2023, I'm going to be tweaking some things to get us talking, sharing, and hopefully an even better experience of the podcast you already love. LinkedIn Live-stream re-play: https://www.linkedin.com/video/event/urn:li:ugcPost:7013670254237163520/  Guest Shawn Tuma LinkedIn: https://www.linkedin.com/in/shawnetuma/ Twitter: https://twitter.com/shawnetuma/ Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue This week James and I are joined by my good friend and many-timer on the podcast Brandon Dunlap, and our mad genius and serial entrepreneur pal Paul Calatayud to talk about all of these guarantees, warranties, and insurance. It's a strange discussion but quite necessary as the industry is littered with some of these offerings by providers and various software (security) vendors. These guarantees and warranties are made to make you feel better, but rest assured lawyers wrote these and there's always a catch. The insurance conversation, that's a little different (way different) and Paul's got some interesting things to say here. Don't miss a great episode!   Guests Paul Calatayud LinkedIn: https://www.linkedin.com/in/whitehat/ Brandon Dunlap LinkedIn: https://www.linkedin.com/in/bsdunlap/  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue Karim Hijazi joins Rafal & James this week on the podcast to talk about some interesting trends and developments in the world of bad actors. It's an interesting update including some things I wasn't expecting to hear about how threat actors "hit back at" incident responders and threat hunters. This is a good conversation about the current threat landscape with an eye on the Russian hackers out there, and pretty good listening for anyone who wants an added dose of situational awareness. Links: Sneaky Hackers Reverse Defense Mitigations When Detected - https://www.bleepingcomputer.com/news/security/sneaky-hackers-reverse-defense-mitigations-when-detected/  https://cybernews.com/editorial/russian-hacktivist-real-dangers/ Guest Karim Hijazi LinkedIn: https://www.linkedin.com/in/karimhijazi/  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue This is a very interesting episode... Gadi Evron joins James and me on this slightly technically difficult (the IPoCP - IP over Carrier Pigeon - was awful at times) episode to talk about the CISO role and the potential liabilities that lie within. Whether we're talking about the Joe Sullivan case (and we're not, or we try not to), or we're generalizing about employment and legal culpability - this show traverses a lot of land and it's all worth your time. Hopefully if I did an OK job, you won't notice all the edits :) Pre-reading Blog post from Gadi & Team 8: https://team8.vc/rethink/cyber/cisos-guide-to-legal-risks-and-liabilities/  The CISO guide: https://lp.team8.vc/cisosguide  Guest Gadi Evron LinkedIn: https://www.linkedin.com/in/gadievron/  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue It's always a pleasure when I can get some friends together and banter on about a topic we all find interesting. This week's topic was supposed to be released a bit later, but it couldn't wait. We had so much fun that I thought it needed publication right now. The premise is simple - have you looked around at how many security vendors there are and just asked yourself ... "Are we solving anything, or just adding to the mess?" That's what we did on this podcast. And yeah, we'd know because we have some life experience in this industry. Required Reading: https://www.linkedin.com/pulse/security-tools-crash-coming-mark-curphey/  Guests Mark Curphey LinkedIn: https://www.linkedin.com/in/curphey/  Jim Tiller LinkedIn: https://www.linkedin.com/in/jitiller/  Anton Chuvakin LinkedIn: https://www.linkedin.com/in/chuvakin/  Vikas Bhatia LinkedIn: https://www.linkedin.com/in/vikasbhatiauk/  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue On this episode Rafal & James re-visit the concepts of machine learning, "artificial intelligence", and applicability to cyber security from Sven Krasser, Chief Scientist at CrowdStrike. Dr Krasser has been working on algorithms and computers analyzing massive amounts of data since the early 2000's so his analysis of today's "state of the art" and projections for the future are likely spot on. We have a little fun poking at industry buzzwords and make some real projections for where things are moving. If you're trying to sift through the hype and asking yourself is any of the "AI + ML" hype is real, right now, listen to this podcast. Some of your questions are likely answered here.   Guest Sven Krasser, Ph. D. - SVP & Chief Data Scientist at Crowdstrike LinkedIn: https://www.linkedin.com/in/svenkrasser/ Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast