Down the Security Rabbithole Podcast (DtSR)

Prologue This week's episode is one of my favorite topics - marketing buzzwords. You've all heard the term "XDR" and wondered (probably like me) what the heck it is and how it's different than EDR or MDR. Do we really need more buzzwords? Mark Alba from Anomali joins me this week to discuss this, and I think it'll help sort things out for you, it sure did for me. I'm still not a big fan of new buzzwords, but at least I get it now. Guest Mark Alba LinkedIn: https://www.linkedin.com/in/markalba/ Anomali XDR Info: https://www.anomali.com/learn/the-impact-of-xdr-in-the-modern-soc-v2  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue Welcome to the last month of 2021 - December. This month we have a few bonus episodes, starting with this gem on identity. We've got a great guest and Mike Kiser has some interesting opinions he's definitely not holding back on. Thanks for listening - we hope you enjoy this episode. And special thanks to SailPoint for bringing Mike to the mic. Guest Mike Kiser LinkedIn: https://www.linkedin.com/in/mike-kiser/  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue Folks, the video of this episode which was live-streamed to our YouTube channel is here: https://youtu.be/IYVB_LNhURQ - and if you can, watch it. Huge mega-thanks to Microsoft and Lightstream for bringing together Jeff and Mark on this one to deliver some truly phenomenal content. This week is Azure Security Benchmark (not baseline, oops) version 3.0 hot off the presses. We talk about what it is, how to apply it, and where and why it's so useful for keeping not just your Azure public cloud safe, but also the "other" public clouds you use too. Guests Mark Simos LinkedIn: https://www.linkedin.com/in/marksimos/  Twitter: https://twitter.com/marksimos Jeff Collins LinkedIn: https://www.linkedin.com/in/jmcollins/  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue Fair warning y'all, this episode may have been just slightly more fun than the Surgeon General allows. That said, on this one we not only made up some new terms ("Threat Instructions", Anton) but also had some fun describing what a well-functioning system of highly automate-able threat data would look like. And as it turns out, it's CrowdSec's "Fire" data set. Fascinating conversation, and most fascinating of all is that as Philippe described how it functions, Anton could find nothing wrong with it. Call me gobsmacked. If you're interested in participating in the Crowd, click this link - because a typo will put you in a very weird and very different sort of crowd. Guests Philippe Humeau, CEO at CrowdSec LinkedIn: https://www.linkedin.com/in/philippehumeau/  Twitter: @Crowd_Security Website: https://crowdsec.net/  Anton Chuvakin LinkedIn: https://www.linkedin.com/in/chuvakin/  Twitter: @Anton_Chuvakin Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue Hey! Are you attending OpenText World Enfuse? If not, click here and check it out - it's virtual! Straight from Enfuse Chuck Dodson joins Rafal & James to talk about digital evidence collection, management, and processing in the realm of law enforcement. A fascinating look at the law enforcement side of things, and a topic perspective most of us never have occasion to think about, unless you're in the fight. Guest Chuck Dodson https://www.linkedin.com/in/chuckdodson/  OpenText World - Enfuse  https://www.opentextworld.com/event/7653eae4-3cf3-4dfc-89f2-7c41e260aa89/websitePage:4b6071b8-edc1-4efc-888b-520c728292ff  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue In this episode, we host a lady who only needs one name, like a movie or rock star. But "Jax" deals with topics we normal people don't have the stomach for, like CMMC and government security. In this episode, she joins us to talk about the current Executive Order on Cybersecurity ( Executive Order 14028, May 12, 2021 - https://www.federalregister.gov/documents/2021/05/17/2021-10460/improving-the-nations-cybersecurity ) and the implications and impact it will, might, and could have. A fascinating discussion that's worth listening to, whether you spend time in FedGov, or not. Guest Jaclyn “Jax” Scott LinkedIn: https://www.linkedin.com/in/iamjax/  Company site: Outpostgray.com Blog: http://www.beansandbytesblog.com/  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue Let me start by saying how much I enjoy chatting with Rick Howard, today's podcast guest. Rick's been on before, and we always go long (especially on this one, sorry not sorry), but the content is well worth your time. On today's episode, we chat about "Zero Trust" and where technology meets concept, what's missing, and what's next. If you think you know all these is to know about Zero Trust, I promise you, you'll learn something new. Guest Rick Howard LinkedIn: https://www.linkedin.com/in/rickhoward/  Twitter: https://twitter.com/racebannon99  Rick's Show on CyberWire (Pro, subscription required): https://thecyberwire.com/podcasts/cso-perspectives  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue On Episode 471, as we rapidly hurl towards our 500th episode, we bring back Chris Romeo to talk about threat modeling. Specifically, we discuss threat modeling of software - with developers, methodologies, silos, incentives, and outcomes all in play for discussion. Chris has been doing this a while, and has some deep insights into what it takes to make things work - and he we welcome your feedback on how you do it. Guest Chris Romeo  LinkedIn: https://www.linkedin.com/in/securityjourney/ Twitter: https://twitter.com/edgeroute  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue On this episode of the DtSR Podcast - Ann Johnson joins special guest-host Ken Fishkin of NJ ISC2 chapter, along with James & Rafal to talk about leadership, and sports apparently. Thanks to the NJ Chapter of ISC2 ( https://www.linkedin.com/groups/4425593/ )for submitting questions and Ken for joining us to guest-host. On this episodes, we ask Ann to talk to us about leadership challenges, and what's in store for the future. Also, we briefly talk sports teams and discover Ann is a Cowboys fan. Guests Ann Johnson LinkedIn: https://www.linkedin.com/in/ann-johnsons/  Twitter: https://twitter.com/ajohnsocyber  Ken Fishkin LinkedIn: https://www.linkedin.com/in/kfishkin/  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue This week on a ridiculously awesome episode of the DtSR Podcast the one and only Mr. Steve Perkins of Nubeva joins Rafal & James to talk about something worth shouting about. They've figured out how to beat ransomware... yes, there are a few 'catch' things, but the tech seems solid and the possibilities endless. Give this episode a listen, then scroll below to click the links, and give this a look for yourself! Guest Steve Perkins LinkedIn: https://www.linkedin.com/in/steve-perkins-1604b31/  Relevant Links Webinar coming up on session key intercept: https://info.nubeva.com/fall_2021 Email info@nubeva.com if you want to hear more, or partner with them to deliver their tech to YOUR customers Learn about the tech: https://info.nubeva.com/ransomless_decryption Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast