Send the hosts a message - try it now!TL;DRThis week's episode goes down the AppSec rabbit hole with Francesco Cipollone (call him "Frank") as we discuss some of the ins and outs of the modern software security challenge.  We're all over the place on topics, but the message, in the end, is sane.YouTube video replay: https://youtube.com/live/tJ6pvV3f0uA  Guest:Francesco CipolloneLinkedIn: https://www.linkedin.com/in/fracipo/Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR:In case you missed the epic LinkedIn Live livestream, here's the podcast version of the conversation with Chris Scanlan (President and Chief Commercial Officer at ExtraHop). James and I talk to Chris about his career, how he picks his next job, his team, and his thoughts on high-performance organizations. Sales is a topic many of our competitive podcasts in this space don't cover much - but I think it's worth the conversation to understand the seller-buyer relationship better because it's SO necessary to your work lives. Besides, Chris is a fantastic interview... enjoy it!LinkedIn Live replay: https://www.linkedin.com/events/dtsrepisode553-sellingcybersecu7062465900553146368/about/Guest:Chris ScanlanLinkedIn: https://www.linkedin.com/in/cscanlan/Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR:On this week's episode of Down the Security Rabbithole Podcast - Steve Riley visits to talk tall tales of VPN and other connectivity of yore, what it's evolving to, and why it's a generational leap.The conversation with Steve is always a good one, and catch Steve here before you catch him on the Cloud Security Podcast (beat you to it guys!)GuestSteve RileyLinkedIn: https://www.linkedin.com/in/steverileysea/Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR:On this week's show, Grant joins us to discuss an episode that draws inspiration from a LinkedIn discussion with Patrick Garrity [original post] (whom could not make our recording, sorry Patrick). The gist of it is this - patching is hard, there are now 925 KEVs (known exploited vulnerabilities) on CISAs list, and that's a truck-ton. The discussion threads the needle between whether prioritization matters at that scale, alternatives, and some reasons to give up hope altogether.Buckle up, this one's a rough one to be a passenger on.Join (or start?) the discussion on the podcast's LinkedIn Page, here.Video stream replay here: https://youtube.com/live/0L2aKUqjmQEGuestGrant SewellLinkedIn: https://www.linkedin.com/in/grantsewell/Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR:On this week's episode, the one and only Jeff Collins joins Rafal & James to talk about the shift to the cloud and what's gone wrong in the years since the collective "we" announced that the cloud was the answer. Feels like a decade has passed, and I think it has, since the start and we're observing increased complexity and varying degrees of security increase/decrease. What's next? Where are we right now? And what does it mean for security?Tune in, find out.YouTube video stream: https://youtube.com/live/Vdx73wpKzGAGuest:Jeff CollinsLinkedIn: https://www.linkedin.com/in/jmcollins/Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR:This episode is a bit of a rant, a bit of an analysis, and an interview with returning podcast guest Ray Canzanese, Jr. from RSA Conference 2023. Yep, I went so you didn't have to... so in this show you'll get a few impressions, and maybe you'll agree or disagree on the themes and things we're seeing.Maybe you'll even be compelled to write something up or leave a comment back?GuestRay Canzanese, Jr (Cloud Threat Research, @ Netskope)LinkedIn: https://www.linkedin.com/in/raymond-canzanese-jr-178a846/Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR:Cyber Security seems to always be a technical topic. This week, we're taking it down a different lane as we discuss HR (right, Human Resources, remember those folks?) with Tom Venables. Tom's got seat time in the space, consulting with HR partners for various clients so he knows a thing or two about the processes and where they break down.Listen in, and then go take a look at your own processes. Maybe you've learned something?GuestTom VenablesLinkedIn: https://www.linkedin.com/in/tom-venables-1346592/Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR:This week on the podcast we have Nathan Hamiel, Senior Director of Research at Kudelski Security on the podcast to talk about HYPE. It's a conversation rooted in skepticism, but also optimism in a strange mix that only Nathan can bring from his extensive experience and well-thought-out talking points.YouTube Recorded LiveStream: https://youtube.com/live/ayPrWr-VWv0GuestNathan HamielLinkedIn: https://www.linkedin.com/in/nathanhamiel/Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR:Mark Simos of Microsoft joins Rafal & James this week to talk about why the 'tools-centric' security operations (SecOps) approach is failing us, and what an 'outcome centric' approach means and more importantly, how we get there. We discuss "vision versus execution", the history of "how we got here" and answer some questions we didn't know we had in the process. Mark's a wealth-spring of information on the topic, and his experience and time with the Open Group is huge for the work he's doing now to make tomorrow better for you all. Check out the podcast, and let us know what you think!Article Link (the one we discuss)https://www.linkedin.com/pulse/secops-tools-strategy-2023-part-1-mark-simos/GuestMark Simoshttps://www.linkedin.com/in/marksimos/Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!TL;DR:This week's guest is Will Gragido, who has some significant experience developing security products. Will and I (Rafal) have a sit-down for a conversation about security products, their complexity then, now, and in the future. Point solutions, platforms, and portfolios - we discuss all the options you're faced with as a buyer - and attempt to suggest some solutions to the madness.GuestWill GragidoLinkedIn: https://www.linkedin.com/in/gragido/Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast