The Defender's Advantage Podcast

Charles Carmakal, CTO for Mandiant Consulting, joins host Luke McNamara to discuss the long tail impact of FIN11's compromise of the MOVEit file transfer solution. Charles breaks down some of the differences with this compromise in comparison to FIN11's previous operations, why the impact from this operation may impact organizations for some time, and what this spells for the changing landscape of multifaceted extortion. For more from Mandiant on MOVEit:  https://www.mandiant.com/resources/blog/zero-day-moveit-data-theftIf you enjoyed this episode,  please rate and leave us a review on your platform of choice! 

Dr. Jamie Collier (Senior Threat Intelligence Advisor, Mandiant) joins host Luke McNamara to discuss the recent white paper from Mandiant about developing a requirements-driven approach to intelligence, challenges organizations face in this area, and the importance of recurring stakeholder feedback to a well-functioing CTI team. Follow Jamie at @TheCollierJam on Twitter. For more on A Requirements-Driven Approach to Cyber Threat Intelligence, please see: https://www.mandiant.com/resources/blog/requirements-driven-approach-cti 

Dan Wire from Mandiant joins host Kerry Matre to discuss the ins and outs of crisis communications during a breach as well as what you can do to prepare for a crisis.

Ryan Tomcik, Dan Fenwick, and Tim Martin join host Luke McNamara to discuss how Managed Defense conducts proactive hunting, illustrated by several UNC961 intrusions. For more, please see: https://www.mandiant.com/resources/blog/unc961-multiverse-financially-motivatedFollow Ryan @heferyzan and Tim @Sa1jak on Twitter. 

What role do executives and the board play in cybersecurity and breach management. Hear from Jesse Jordan and Howard Israel of Mandiant discuss their experiences helping executives get the right information from their security leaders and understanding their role during a breach.

The endless battle of threat actors versus cybersecurity professionals may come down to who deploys AI better.  In this interview from RSA, John Hultquist, Senior Manager, Mandiant Intelligence, surmises how the bad guys may use AI in the near future to scale attacks, while Vijay Ganti, Head of Product Management, Threat Intelligence, Detection & Analytics for Google Cloud Security, walks through the AI use cases that will help organizations better defend against those attacks.  Hosted by Dan Lamorena, Head of Mandiant Product Marketing.

Mandiant's Kirstie Failey and Jake Nicastro join host Luke McNamara to break down the findings from the 2023 M-Trends report. Kirstie and Jake cover some of the notable trends gleaned from Mandiant breach investigations over the past year around dwell time, ransomware, top initial intrusion vectors, and more. For more on Mandiant's 14th iteration of M-Trends, check out: https://www.mandiant.com/resources/blog/m-trends-2023Follow Kirstie (@Gigs_Security) and Jake (@nicastronaut) on Twitter. 

Jonathan Cran, Lead for Mandiant Attack Surface Management at Google Cloud, joins host Kerry Matre to discuss the evolution of vulnerability and exposure management and how important comprehensive approaches are to mitigating cyber risk.Jonathan shares his experiences from BugBounty, penetration testing and working with customers to solve the growing problem of too many CVEs, too little prioritization methods. He walks through the importance of an intelligence-led approach to exposure management, how CISOs can think about their organization and how to make informed business decisions. 

With the public release of Mandiant's latest named threat actor--APT43--guests Michael Barnhart and Jenny Town join host Luke McNamara to uncover how this espionage actor targets policy experts to support North Korea's nuclear ambitions. Follow Jenny on Twitter @j3nnyt0wn and 38 North at https://www.38north.org/ Find Mandiant's full report on APT43 here: https://www.mandiant.com/resources/reports/apt43-north-korea-cybercrime-espionage

Jared Semrau (Mandiant) and Maddie Stone (Project Zero) join host Luke McNamara for a look back at the zero-day exploit trends of 2022. Maddie and Jared break down the differences in focus between their teams, and some of the interesting things they each observed last year.  Jared covers some of the threat actors that drove last year's trends in observed zero-days, and Maddie highlights how variants of known vulnerabilities and bugs continue to shape the exploit landscape. They also discuss the challenges and trade-offs for defenders that arise from publishing technical details of exploits. For more on Google's Project Zero, check out: https://googleprojectzero.blogspot.com/ For more on Mandiant's research on zero-days in 2022, please see: https://www.mandiant.com/resources/blog/zero-days-exploited-2022