Send the hosts a message - try it now!TL;DR: This week's guest is here to talk about Zero Trust... in a practical way. We're talking with Rob Allen of ThreatLocker about zero trust from a way you may have not thought about before. It's an interesting conversation and a piece of a much larger puzzle ... but from a practical standpoint, this may be the best actual place to start. Do you agree?YouTube Video: https://youtube.com/live/cgADamn2oQQSupport the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Jonathan Rau, a cybersecurity expert, dives into the contentious world of SIEM systems—often labeled as dead yet continually revamped. He discusses the evolution of these tools, highlighting how initial goals were hindered by complexity and a lack of skilled personnel. Rau emphasizes the importance of purposeful data analysis, warning against using data models without clearly defining the problem. The conversation also critiques the influx of cybersecurity tools, urging a return to basics and a focus on genuine business needs.

Send the hosts a message - try it now!TL;DR: Friend of the pod, Karim Hijazi of Vigilocity, joins Rafal this week to talk about the state of ransomware, its "families", proliferation and motivations. It's a dark picture that's getting darker as it all evolves. Karim also provides some data-driven insights you can even investigate for yourself, check this show out on the video stream for more complete insights.YouTube Video: https://youtube.com/live/wgUzYp-bl90Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR:This week is part 2 of the 2-part series on "Outsourcing your security" with Paul Farley. Paul's expertise in this space means you should be taking notes! On this second part, we dive into how you can pick an effective model for your use-case (we talk through a few of the available models out there), how to effectively implement an MSSP, and then how to measure success. Guest host Jim TIller joins us again, too.YouTube video: https://youtube.com/live/FkyJPmZikmcSupport the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR: James and I spent a few minutes dissecting the high-level of a GAO report (Government Accountability Office) ...perhaps ironically named... that is awful in so, so many ways it's ridiculous. Listen in, comment with your thoughts.YouTube Video: (TBD)Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR:  This week Paul Farley, Deputy CISO of NCR Voyix joins myself, James, and Jim TIller to discuss outsourcing security in a modern company. We talk through a bit of history, some requirements for a good MSP, and the good and bad of the last couple of decades of MSPs.YouTube video: https://youtube.com/live/QzQFXyVcDSoSupport the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR: Justin Foster is back (and James is out) with guest co-host Jim Tiller as we talk through network-based access control from the "old days" through today's modern approaches. What worked, what didn't, what we tried, and how far we've come. Give it a listen! Also ... if there's any episode you watch the video of - it has to be this show for that beginning piece...wow Jim really nailed it.YouTube video (a must-see): https://youtube.com/live/EuUUeOzH_nESupport the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR: This week's episode is part 1 of ... (I'm not sure) in a series of conversations about that old, boring, yet remarkably relevant topic of "Access Control". We pull in Justin Foster and guest co-host Jim Tiller to talk through the topic and set up a few follow-up episodes. Maybe more than a few, who knows?YouTube video: https://youtube.com/live/m-4lJHQDaZQSupport the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR: Sitting atop the Moscone Center North, I met up with Mark Simos and we talked through his impressions and our overall analysis of RSA Conference 2024. Some interesting observations, particularly about the "3 conferences" Mark observed. Sorry, no video this time, but you do get the eloquent "caw!" of a crow that sat overhead and yelled at us for about half the show. Enjoy!Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR: This episode is a recap (my recap) of RSA Conference 2024. I wrote up a brief post on LinkedIn on my way out of town (linked here: https://www.linkedin.com/feed/update/urn:li:activity:7194698322790547456/ ), and now I'm doing a full episode of thoughts and interviews from the show. You get some commentary, and then interviews with Adam Cullin, Kristin Demoranville, Ray Canzanese, and Aaron Bray. Enjoy the episode, and cheers!(No video with this one, sorry...maybe next year)Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast