Down the Security Rabbithole Podcast (DtSR)

Send the hosts a message - try it now!In case y'all don't read LinkedIn or Twitter - Rafal recently joined Armor (Armor.com), so what better time to interview the CEO Chris Drake than right now. So this week, Chris Drake joins us in the studio to talk about his background (which is quite interesting, by the way) and how he got to start a fast-paced cloud security-as-a-service company.   Highlights from this week's show include... The road starts with jumping out of airplanes The Butterball story More discussion on challenges with existing security models Security-as-a-Service vs. Managed Security (MSS) - differences and big differences   Guest: Chris Drake, Founder and CEO of Armor ( @ChrisDrake ) - Chris is currently the founder and CEO of Armor, a fast-paced cloud Security-as-a-Service provider. If you want more on Chris, you'll have to listen to the podcast. Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!This week's DtSR Podcast sits down in the offices of Shawn Tuma to discuss an update on the law with regards to data breaches, or incidents - and what the differences between. We talk through current events, past history and look into the future a bit. Highlights from this week's show include... the legal differences in the words we use (breach vs. incident) notification and disclosure in a global economy planning, preparation, and the big day costs - specifically around insurance - when things go badly right to sue for current, and future, damages (did they really happen?) overview of GDPR, and the cornucopia of other local, regional, national, and international laws as they are evolving Guest Shawn Tuma ( @ShawnETuma ) Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!We have a treat for you folks this week! On episode 285 of the podcast I'm joined by three well repected, forward thinking, and entrepreneurial-minded security executives to talk about about some of the challenges they see in the industry and what they're doing to solve them. From cloud, to threat intelligence, staffing, and other scaling issues - we address the issues head-on, and provide some insight into what these three are thinking going forward. *The audio quality isn't the usual high-quality I expect to publish, so my apologies for that in advance. Somewhere the recording tool I use had an issue, but I did my best to make sure you could hear the speakers clearly. Apologies for the background noise on this recording.   Guests: Susan Magee Dustin Wilcox Jason Clark   If you've noticed the new logo, it's courtesy of a phenomenal artist, whose name is Peter Czaplarski. Yes, you too can hire him to draw amazing things for you, you can find him here: http://fb.com/CzaplarskiArt. Peter is also the artist behind Vengence Nevada (found here, for you comic lovers: https://www.comixology.eu/Vengeance-Nevada-1/digital-comic/593731 ) and has been an artist in many other venues. We highly encourage you to give his Facebook page a like!Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!This week on the Down the Security Rabbithole Podcast, Raf and James welcome long-time friend of Rafal's - Scott Stanton - to the microphone. Scott's able to join Raf in person in Atlanta, while James is predictably on the other end of a Howdy Doodie (you'll get this if you listen). This week, we tackle the MSS issue (Managed Security Services providers) again, but with a fresh angle where we aren't just spending the entire time bashing something we all rely on - but rather providing some constructive feedback into MSS providers from an enterprise perspective. And reminiscing a little. A lot. Join us! And spread the word! Guest: Scott Stanton ( @Scott_Stanton ) - Information Security leader with experience in the High Tech, Manufacturing, Engineering, Services, and Energy industries. My technical depth includes application development, IP networking, operating systems, virtualization, and storage systems. Scott is currently the Senior Manager of Infrastructure Security at a medical technology company.   If you've noticed the new logo, it's courtesy of a phenomenal artist, whose name is Peter Czaplarski. Yes, you too can hire him to draw amazing things for you, you can find him here: http://fb.com/CzaplarskiArt. Peter is also the artist behind Vengence Nevada (found here, for you comic lovers: https://www.comixology.eu/Vengeance-Nevada-1/digital-comic/593731 ) and has been an artist in many other venues. We highly encourage you to give his Facebook page a like!Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!This week an old friend, Vinnie Liu of Bishop Fox, joins Raf and James to talk about the history of App Sec. We started trying to test ourselves secure, and we continue to come back to it - so this episode is a walk down memory lane and a glimpse into the future of application security. Don't forget to like us on iTunes and share with your colleagues!   Guest Vinnie Liu ( @VinnieLiu ) - Vincent Liu (CISSP) is a Partner at Bishop Fox, a security consulting firm providing services to the Fortune 500, global financial institutions, and high-tech startups. With nearly two decades of experience, Vincent is an expert in security strategy, red teaming, and product security; and at Bishop Fox, he oversees firm strategy and client relationships.  Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!Join us this week on Down the Security Rabbithole as Barrett Lyon (who knows a thing or two about DDoS) is our guest to talk about the evolution of the art and science of kicking people off of a network. Barrett is the authority on DDoS, with over 20 years in the field, going back to when angry teenagers flooded each other off of IRC servers. This is a fun episode that walks through DDoS - where it came from, how it evolved, and what we can expect in the future. TLDR; yes ...your fridge may one day DDoS your toaster.   Guest Barrett Lyon ( @BarrettLyon ) - Barrett Lyon is the Vice President of Research and Development for the Neustar Security Solutions’ portfolio. He spearheads the development of innovative new products and solutions for the company’s industry-leading DDoS, DNS and cybersecurity solutions. Mr. Lyon is a serial entrepreneur and a well-respected cybersecurity thought leader with experience building leading edge network services and infrastructure. Prior to Neustar, Mr. Lyon founded Defense.net and served as its Chief Technology Officer. In 2009, he co-founded XDN, Inc. and served as its CEO. As Chief Technology Officer, he led the strategy and technical operations at BitGravity, a company he co-founded. Previously, Mr. Lyon founded Prolexic Technologies and served as its Chief Technology Officer, where he created the first successfully managed service to defend enterprises from Distributed Denial of Service (DDoS) attacks. Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!This week, go Down the Security Rabbithole with James and Raf as they host Robert Sell. Robert took 3rd place at the Defcon SECTF (Social Engineering Capture-the-Flag) in 2017 and he has some lessons to you in the enterprise. "Social Engineering" (while a ridiculous and non-descriptive term) is a real attack vector. How are you defending your enterprise? Listen in. Then talk back on Twitter at #DtSR or LinkedIn!   Guest: Robert Sell ( @RobertESell & https://www.linkedin.com/in/robertsell/ ) Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!This week, Chris Rosen from IBM joins us to talk about cloud containers - and the security (or lack thereof) of them. There is a paradigm change coming which significantly impacts security - if we're ready for it. Chris talks us through the dramatic changes (or maybe not) of doing cloud security with containers and the impact to the shared responsibility model. Join us, and let us know what you think by leaving us a comment, either here or on iTunes.   Guest Chris Rosen - https://www.linkedin.com/in/chris-rosen-71790513/ Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!This week, Jason Garbis re-joins the podcast to go past the Primer (Episode 257) and dive deeper into SDP (Software Defined Perimeter) with a discussion on cloud and relevance to the re-invention of the data center and related infrastructure.   Related DtSR listening: Zero Trust Model w/ John Kindervag: http://podcast.wh1t3rabbit.net/dtsr-episode-222-zero-trust-security-model Software Ate the Perimeter w/Jason Garbis: http://podcast.wh1t3rabbit.net/dtsr-episode-257-software-ate-the-perimeter  Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!Welcome Down the Security Rabbithole. This week we bring Jeff Schilling from Armor to talk about Spectre and Meltdown - the two hottest topics of the security right now and for the foreseeable future.   While you listen to us talk, check out these links: http://uproxx.com/technology/what-are-meltdown-spectre-computer-bugs-explained/ http://bgr.com/2018/01/04/intel-chip-security-flaw-how-slow-mac-pc/ https://en.wikipedia.org/wiki/Spectre_(security_vulnerability) And the obligatory "I patched and things got worse" post: https://twitter.com/timgostony/status/948682862844248065  Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast