Detection: Challenging Paradigms
DCP Podcast
Have you ever wondered why something is done the way it is, only to find out that this is "just the way it has always been done"? Sometimes it is necessary to challenge the paradigm in which we find ourselves operating to discover a more true understanding of the problem, this change of thinking is referred to as a "paradigm shift". In this podcast, we explore detection and response to define the presuppositions that describe the craft, while also engaging in long form discussion with some of the industry's leading experts to challenge the convention we find ourselves operating within.
Episodes
Mentioned books
Sep 3, 2024 • 24min
Special Episode: Jared Atkinson and Justin Kohler at BHUSA 2024
Justin Kohler joins Jared in this special episode to talk about the Hybrid Attack Paths feature update to Bloodhound Enterprise and Bloodhound CE. This is a valuable tool for defenders to understand the hygiene of their identity and access management deployment in a Windows-based enterprise.
Links:
https://github.com/SpecterOps/BloodHound
9 snips
Dec 22, 2023 • 1h 12min
Episode 37: Steve Luke and Roman Daszczyszak
MITRE's Center for Threat Informed Defense (CTID) members discuss Summiting the Pyramid project, analyzing adversary behaviors in cyber, trade-offs in attack analysis, making analytics robust, evasion and false positives in detection, balance between precision and recall, and encouraging user feedback.
Dec 4, 2023 • 54min
Episode 36: Chris Thompson
Chris Thompson (@_Mayyhem on X) joins Jared and Luke on this episode of DCP! Chris has led the charge on offensive research into System Center Configuration Manager (SCCM), and shares his insight into this often overlooked aspect of the threat landscape!
Resources:
#sccm on the BloodHoundGang slack workspace: https://bloodhoundgang.herokuapp.com/
https://medium.com/@Mayyhem
Nov 13, 2023 • 59min
Episode 35: Luke Jennings
Luke Jennings from Push Security joins co-host Jared to talk all things SaaS, including SAS attacks, vulnerabilities in SaaS products, lateral movement, managing unauthorized apps, creating Incognito, persistence in SaaS applications, and future plans for the show.
Jun 27, 2023 • 1h 31min
Episode 34: Ryan Hausknecht (Again)
In this captivating episode, we delve into the world of Azure security with Ryan Hausknecht, Senior Security Researcher at Microsoft. Learn about his groundbreaking projects, the Azure Threat Research Matrix and the AzDetectSuite, and how they assist researchers and defenders in protecting against various attack techniques. We also discuss the complexities of Azure permissions and access control, and explore the nuances of the REST API, PowerShell, Azure CLI, and the Azure Portal. Don't miss this opportunity to learn from an expert and take your Azure security skills to new heights!
May 22, 2023 • 47min
Episode 33: Casey Smith (Part 2)
Discover the power of canaries in cybersecurity and learn how to implement them the right way with our special guest, Casey Smith from Thinkst Canary. Casey shares his extensive background in pentesting and defending, as well as the inspiration behind his current projects. This episode is jam-packed with insights on using various security methods, understanding the limitations of InfoSec tools, and exploring telemetry.
May 9, 2023 • 44min
Episode 32: Casey Smith (Part 1)
Discover the power of canaries in cybersecurity and learn how to implement them the right way with our special guest, Casey Smith from Thinkst Canary. Casey shares his extensive background in pentesting and defending, as well as the inspiration behind his current projects. This episode is jam-packed with insights on using various security methods, understanding the limitations of InfoSec tools, and exploring telemetry.
Mar 20, 2023 • 45min
Episode 31: Maxime Lamothe-Brassard (Part 2)
Maxime Lamothe-Brassard, co-founder of Lima Charlie stops in to talk with Jared and Jonny, and explain how Lima Charlie identified a problem in the industry and seeks to solve it. This is the second half of a full 1h 30m interview.
Mar 6, 2023 • 46min
Episode 30: Maxime Lamothe-Brassard (Part 1)
Maxime Lamothe-Brassard, co-founder of Lima Charlie stops in to talk with Jared and Jonny, and explain how Lima Charlie identified a problem in the industry and seeks to solve it. This is the first half of a full 1h 30m interview.
Feb 21, 2023 • 1h 25min
Episode 29: Olaf Hartong (pt. 2)
Two years and 28 episodes later, our first guest: Olaf Hartong of FalconForce rejoins Jared and Jonny in the studio. Olaf, as well as Jared, Jonny, and Luke will all be Blackhat instructors this year - and our collective opinions on Threat Hunting and Detection Engineering have evolved enough over the years to warrant further discussion. We hope you join us!
