Down the Security Rabbithole Podcast (DtSR)

Prologue OK, say it with me, defender tools suck. They all have their own dashboards, data formats, ways to look at what's going on...and that wouldn't be bad if they even remotely worked together. OSQuery isn't the end-all for endpoint tools, but it surely can tell you a whole lot about what's going on out there - and then you can actually intelligently do something. But it needs a front-end...so enter Fleet. This episode is all about defending the endpoint using open source, and Fleet/OSQuery specifically.   Guest Zach Wasserman LinkedIn: https://www.linkedin.com/in/zacharywasserman/ Twitter: https://twitter.com/thezachw  Fleet Open Source Device Management: https://fleetdm.com/  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue This week on a very cool conversation, Rafal snags a chance to do a virtual sit-down with Yuri all the way from the Netherlands. Yuri is one of the quintessential experts on Zero Trust (not the commercial tools stuff, but principles and foundations) and you need to hear his take on how we get it implemented, where, and why.   Guest Yuri Bobbert LinkedIn: https://www.linkedin.com/in/yuribobbert/ His book "Leading Digital Security": https://www.linkedin.com/pulse/new-book-leading-digital-security-yuri-bobbert-1f/?trackingId=%2Fwm4S897TnSMTgkDszCDJQ%3D%3D  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue This week, DJ McArthur joins James and Rafal to talk shop about his career in defending healthcare IT. The Cliff's Notes version is that it's more complex, more under siege, and more critical than ever. No problem, right? This episode has been a long-time coming, and DJ is an honest-to-goodness expert in the field. He teaches classes on this topic which you may just want to go and look up if this is your thing.   Guest DJ McArthur LinkedIn: https://www.linkedin.com/in/dj-mcarthur-74364b24/ Twitter: https://twitter.com/djmca5280 Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue Continuing what accidentally became a series of AppSec or Software Security focused episodes, #436 takes it from yet another direction. Rey joins us to talk about AppSec from his perspective - that of a life-long developer that's moved into software security. It's been an interesting journey, and while some of the things we discuss aren't necessarily revelations - listen for the subtle clues about what software security teams are doing wrong in the corporate enterprise... you'll hear it. Guest Rey Bango LinkedIn: https://www.linkedin.com/in/reybango/ Twitter: @ReyBango Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue Episode 435 is packed with OpenSource goodness, talking about WordPress and WPScan with Ryan Dewhurst. Ryan started WPScan (a tool you probably use as a security practitioner) and has now made a business out of it. He spends a half-hour discussing the product, his road, and Wordpress/security in general and includes some plans for the future. Guest Ryan Dewhurst LinkedIn: https://www.linkedin.com/in/ryandewhurst/ Twitter: https://twitter.com/ethicalhack3r Website: https://wpvulndb.com/ Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue This week, Jennifer Fernick of NCC Group joins me to talk about her work with open source software and security. With a storied career, Jennifer is well-qualified to talk about some really interesting topics, but finding bugs in open source software, at the scale we need it to be done, is a monumental task.  If you're a developer and keen on innovation and open-source, and know security or are interested in learning more - I encourage you to go check out the Open Source Security Foundation here: https://openssf.org/  Guest Jennifer Fernick LinkedIn: https://www.linkedin.com/in/jenniferfernick/ Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue: This week, Gary Latham joins the podcast to talk about taking the reigns of the Security Advisor Alliance, at a pivotal time for the organization. If you don't know about the SAA, I highly encourage you to check it out here: https://www.securityadvisoralliance.org/    Guest Gary Latham LinkedIn: https://www.linkedin.com/in/gary-latham-8bb62925/  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue On this week's episode of the podcast, boomerang guest Robb Rock joins Rafal to talk identity, trust, and what's happened since the last time Robb was on the show (which was in 2016!). Of course they talk about the "big hack", and retreat into identity, Zero Trust, and the challenges of mid-market companies trying to do their own security. The lesson here? "The more we learn, the more we recognize we know very little." Guest Robb Reck LinkedIn: https://www.linkedin.com/in/robbreck/ Twitter: @RobbReck Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue This week on DtSR, an old friend Jamison Utter joins Rafal to talk about medical IoT devices, and what makes them different -- and of course, how we can better protect them. Jamison's company, Medigate, is a healthcare security and medical analytics company - and it's an interesting discussion on how this type of IoT differs from others with security implications. You'll want to listen in, since the "Internet of Things" discussion is getting very varied, and you need to keep up. Guest Jamison Utter LinkedIn: https://www.linkedin.com/in/jamisonutter/ Twitter: https://twitter.com/jamison_utter Company website: https://medigate.io   Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Prologue David was a guest on the podcast many years ago, back in episode 7. We had a great conversation and it's interesting to see how so many of the topics have evolved in the last nearly a decade. Or not. Guest David Elfering LinkedIn: https://www.linkedin.com/in/aroundomaha/ Twitter: https://twitter.com/icxc  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast