Down the Security Rabbithole Podcast (DtSR)

TL;DR: On this "live on the scene" episode from Zero Trust World 2025 sponsored by Threat Locker - I have the distinct pleasure to speak with Rich Latayan about his career leading big-company security programs as CISO and his current endeavor.YouTube: <coming soon>Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: As per the usual, this year's RSA Conference 2025 wrap-up is with my friend Ray Canzanese, Jr. We sit in the beautiful sunshine atop the Moscone Center (gardens) and have an interesting, conversation about a number of interesting topics not the least of which is the puppies and baby goats at this year's event (well played, vendors, well played).YouTube Video: https://youtu.be/LSdEMlKRZmwHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: Sometimes LinkedIn gives us an opportunity to record something meaningful - and in this episode we find a conversation with Ross Hosman's perspective on how to address the strained relationship between buyer and seller, CISO and vendor - in a meaningful way that you'll hopefully benefit from.Sales people, take notes. CISOs ... you too.YouTube video: https://youtube.com/live/e_SbcB2ZsD8Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: This episode is a follow-up on two episodes, building up to this conversation. On episode 629 Hed Kovetz introduced us to "Identity Security" (https://dtsr.buzzsprout.com/2153215/episodes/16174464-dtsr-episode-629-what-the-hell-is-identity-security) and then on episode 646 Ward Pyles started the conversation about how security tools really aren't set up to protect from the identity perspective (https://dtsr.buzzsprout.com/2153215/episodes/16854549-dtsr-episode-646-ward-pyles-on-human-centric-security-for-real). Well - now we invited them both onto the show to talk it through and solve the problem Ward identified with the tech Hed spoke of.The result was better than we expected.YouTube video: https://youtube.com/live/N7cyIOdChtwHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: This week's guest is BugCrowd's founder Casey Ellis. Casey's a pioneer in the security space and has some tremendous insights on how he started his business and what the future holds. Casey explains why it's important to think like a criminal, and why the 'locksmith' version of a hacker (versus 'burglar') is so important to today's security programs.YouTube video: https://youtube.com/live/8BLGfUqbOKQHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: This week we're joined by the one and only Mike Privette - to talk about the market forces pushing and pulling cyber security's momentum. Whether you're into startups a la VC funding, or looking to refurbish companies a la Private Equity - this conversation is an analysis of the market from someone who knows a thing or two about the whole game. Oh yeah, and Mike writes this Return on Security newsletter you need to subscribe to.YouTube video: https://youtube.com/live/wq0KlteA1bUHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: If you're deciding whether to listen to this episode - let me help you - YES. This episode is about the application of AI to one of the most difficult problems facing security teams - what and where is my most sensitive information? Face it, you have no idea - and maybe, just maybe, AI is part of the answer. Shiran Bareli joins Jim and Rafal to talk it over, and it's a doozy.YouTube Video: https://youtube.com/live/nhn6Q75syjkDon't forget to check out the after-show segment, only on our YouTube page!Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: This week Ward Pyles joins Jim Tiller and myself to talk about a relatively unremarkable topic - people-centric security. We've talked about it a bunch but it's not until this episode that something finally clicked in my brain. When Ward talks about the data that security needs - see if you can pick it up too.Also - I'm trying some new bonus content - the "After Show" which is a 2-5 minute post-show bit where we post what's said after the recording (usually) stops. I hope you enjoy it - check that out exclusively on our YouTube channel.YouTube video: https://youtube.com/live/LWzA2czvocQHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: This week's episode is a sit-down in person at Zero Trust World 2025 (sponsored by ThreatLocker) with Ryan Benner. Ryan's the caretaker of "anything that powers up", as he puts it, which means this small organization's security is also his responsibility. So how do you do it with next to no staff, and on a small budget? And how do you even begin to "Zero Trust" your network? Listen in.YouTube Video: https://youtu.be/JUMcWFNsVaAHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: This week's episode shifts the focus from leadership in the enterprise, to leadership in the vendor space. Building security products that innovate, inspire, and meet market and customer demand is far from trivial. Meet two of the best in the business - Arash Marzban and Bryan Lares - and hear what makes the job exciting, and how they make it great.YouTube video: https://youtube.com/live/wA9-vgusyI0Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast