Down the Security Rabbithole Podcast (DtSR)

Send the hosts a message - try it now!Prologue We start Cyber Security Awareness Month - the 30-day window where corporate law requires you to check the box and take boring security 'awareness' training, then forget it November 1st. Not my favorite month... so what about scammers, criminals, and bad people who prey upon those who aren't covered by corporate mandated training? Join us, let's talk about it.   Guest Michael Magrath LinkedIn: https://www.linkedin.com/in/michaelmagrath/  Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!Prologue This week, Rafal takes the show on the road (literally) to Las Vegas for Fal.Con '22 -- this is CrowdStrike's premier global get-together of customers, partners, and industry experts to showcase some innovation and share ideas and insights. I wanted to say a big thank you to CrowdStrike -- all the folks who helped make this happen and continue to support this podcast and provide access to these fantastic guests. Thank you to Nick Lowe, Geeta Schmidt, Kapil Raina, and Bryan Lee for taking the time to share their unique insights. Guests Nick Lowe LinkedIn: https://www.linkedin.com/in/nick-lowe-cissp-7751a05b/  Geeta Schmidt LinkedIn: https://www.linkedin.com/in/geetaschmidt/  Kapil Raina LinkedIn: https://www.linkedin.com/in/kapilraina/  Bryan Lee LinkedIn: https://www.linkedin.com/in/obiwanblee/  Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!Prologue Solving problems is a challenge not everyone is up for. The industry is littered with people and companies that bring small-time solutions to an industry begging and pleading for actual solutions. Jason Clark of Netskope, and long-time friend, joins James and Rafal to talk about the mindset and approach needed to solve BIG problems that change the game, change the landscape, and change our lives. Guest Jason Clark LinkedIn: https://www.linkedin.com/in/jasonclarkfl/    Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!For those of you paying attention - DtSR is officially 11 years old. This episode is the first episode of year (season) 12. WOW. Thank you for listening, sharing, commenting, and watching us live! Prologue We work in a weird industry where marketing has to make ever-more outrageous claims that product and service teams then have to attempt to live up to, but it's a way of life. Now, I'm not strictly speaking blaming product marketing people, but they do have some blame in this insane climate we find ourselves in. On this episode, two good friends - and professional snark'ists - join James and I to talk about where our industry has over-marketed, over-hyped, and simply failed to deliver ...and where it may actually be meeting expectations. It's a fun conversation, and I bet you won't see the ending coming. Guests Jeff Collins LinkedIn: https://www.linkedin.com/in/jmcollins/  Anton Chuvakin LinkedIn: https://www.linkedin.com/in/chuvakin/  Twitter: https://twitter.com/anton_chuvakin Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!Prologue Fresh off his presentation at Defcon 2022, Ken Pyle joins Rafal to talk about the Emergency Alert System (EAS) he's been hacking since 2019 and discusses findings, challenges, and the work left to do. It's a fascinating conversation that will leave you wondering - how do we fix this clear and present problem, and more importantly...where else should we be looking? Guest Ken Pyle LinkedIn: https://www.linkedin.com/in/ken-pyle/ LinkedIn Stream (recorded): https://www.linkedin.com/video/event/urn:li:ugcPost:6971199601311694848/  Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!Prologue This week's guest is always a great interview. Gadi Evron has been around the industry longer than it's been an officially named discipline. In this episode, he talks about post-breach standards and the apparent but not previously discussed need. He also breaks your brain with disinformation, which we only lightly touch on before realizing we need at least one more podcast to go deeper into the topic. Join us, and share this one, it's awesome.   Guest Gadi Evron LinkedIn: https://www.linkedin.com/in/gadievron/  Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!Prologue We've covered "threat intelligence" on the show a few times now, but the evolving nature of what threat data is, how it's useful, and how it enables defenders of a specific type identify malicious activity keep it interesting. This time around Adam Meyers of CrowdStrike joins Rafal to discuss threat intelligence, threat hunting, and clarifies some of the mis-conceptions and utilities around the topic. A good conversation for those defending their infrastructure and useful data points from someone who is a recognized expert. Adam joins us from his bunker, with all the elements you'd expect from Adam, so it's definitely worth your time to listen closely. Check out Fal.Con, where you can catch the cutting-edge on CrowdStrike kit, industry knowledge, and hear some great industry speakers. Rafal will be there speaking on the topic of operationalizing and making the SOC more effective and efficient at small scale, check it out (link below). Guest Adam Meyers LinkedIn: https://www.linkedin.com/in/adam-meyers-7a58481/  CrowdStrike: https://www.crowdstrike.com Fal.Con: https://www.crowdstrike.com/events/fal-con/  Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!Prologue "Just do the basics!" "Remember the security fundamentals." ...sick of hearing those catch phrases without anything to actually get it DONE? Yeah, us too. This week we're joined by John Scimone of Dell Technologies to talk about his take on fundamentals both security and IT. His approach is not unique, per se, but it's one that works and it's repeatable. More importantly, he's willing to share his expertise and what he's done to be successful in raising the bar to his level of "good enough" -- so unless you've gotten where YOU want to be in those security fundamentals, it's time to listen to John's podcast and take notes. Take lots of notes. By the way, if you want the video on LinkedIn Live where you can post questions too, click here: https://www.linkedin.com/video/event/urn:li:ugcPost:6953043382164209664/ Guest John Scimone - President, Chief Security Officer at Dell Technologies LinkedIn: https://www.linkedin.com/in/john-scimone-0b2041a1/ Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!Prologue This week, long-time friend and well-known industry personality, Jessica Hebenstreit joins Rafal to talk about her journey in consulting to very large security programs and why maturity is elusive in many of those programs. As it turns out, maturity is influenced by many factors but highly dependent on actually solving problems and being able to show progress. This is an interesting conversation for anyone who wants to understand what's inside the head of a former practitioner who has ventured into the field to help others solve large-scale, complex, problems. Guest Jessica Hebenstreit LinkedIn: https://www.linkedin.com/in/jessicahebenstreit/  LinkedIn Live stream: (video!) https://www.linkedin.com/video/event/urn:li:ugcPost:6960010458405756928/  Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!Prologue This week on the podcast, the one and only Tom Eston joins Rafal & James to talk about managing teams. Tom is a well-known personality who runs the "Shared Security Show" podcast -- which has been running even longer than we have, give them a listen if you don't already. Tom talks about the difficulties of managing, coping with various types of personalities, and helping employees thrive while finding the right balance between in-office and remote. Great show if you're in a leadership position, or hoping to be, managing technical teams. Guest Tom Eston https://www.linkedin.com/in/tomeston/ The Shared Security Show https://sharedsecurity.net/  Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast