Detection: Challenging Paradigms

Follow Detection: Challenging Paradigms
Share on
Copy link to clipboard

Have you ever wondered why something is done the way it is, only to find out that this is "just the way it has always been done"? Sometimes it is necessary to challenge the paradigm in which we find ourselves operating to discover a more true understanding of the problem, this change of thinking is referred to as a "paradigm shift". In this podcast, we explore detection and response to define the presuppositions that describe the craft, while also engaging in long form discussion with some of the industry's leading experts to challenge the convention we find ourselves operating within.

DCP Podcast


    • Sep 3, 2024 LATEST EPISODE
    • infrequent NEW EPISODES
    • 1h 16m AVG DURATION
    • 39 EPISODES


    Search for episodes from Detection: Challenging Paradigms with a specific topic:

    Latest episodes from Detection: Challenging Paradigms

    Special Episode: Jared Atkinson and Justin Kohler at BHUSA 2024

    Play Episode Listen Later Sep 3, 2024 23:37


    Justin Kohler joins Jared in this special episode to talk about the Hybrid Attack Paths feature update to Bloodhound Enterprise and Bloodhound CE. This is a valuable tool for defenders to understand the hygiene of their identity and access management deployment in a Windows-based enterprise. Links: https://github.com/SpecterOps/BloodHound

    Episode 37: Steve Luke and Roman Daszczyszak

    Play Episode Listen Later Dec 22, 2023 72:10


    The Summiting the Pyramid project by MITRE's Center for Threat Informed Defense (CTID) released in September 2023, allowing for a unified method of "grading" detections for efficacy. Two of the pivotal members of that project join Jared and Luke to talk about how it came to be, and how it can be used to further the detection program of any organization! Project Links: Initial Release Blog Post Summiting the Pyramid Documentation Get Involved

    Episode 36: Chris Thompson

    Play Episode Listen Later Dec 4, 2023 54:11


    Chris Thompson (@_Mayyhem on X) joins Jared and Luke on this episode of DCP! Chris has led the charge on offensive research into System Center Configuration Manager (SCCM), and shares his insight into this often overlooked aspect of the threat landscape! Resources: #sccm on the BloodHoundGang slack workspace: https://bloodhoundgang.herokuapp.com/ https://medium.com/@Mayyhem

    Episode 35: Luke Jennings

    Play Episode Listen Later Nov 13, 2023 59:04


    DCP is back! New intro, new cover, new host! With Jonny stepping away from the podcast, Luke has moved into the co-host position with Jared. On this first episode, we are joined by Luke Jennings of Push Security to talk all things SaaS. Links: https://github.com/pushsecurity/saas-attackshttps://pushsecurity.com/blog/saas-attack-techniques/https://pushsecurity.com/blog/samljacking-a-poisoned-tenant/https://pushsecurity.com/blog/nearly-invisible-attack-chain/https://pushsecurity.com/blog/slack-phishing-for-initial-access/https://pushsecurity.com/blog/phishing-slack-persistence/

    Episode 34: Ryan Hausknecht (Again)

    Play Episode Listen Later Jun 27, 2023 91:27


    In this captivating episode, we delve into the world of Azure security with Ryan Hausknecht, Senior Security Researcher at Microsoft. Learn about his groundbreaking projects, the Azure Threat Research Matrix and the AzDetectSuite, and how they assist researchers and defenders in protecting against various attack techniques. We also discuss the complexities of Azure permissions and access control, and explore the nuances of the REST API, PowerShell, Azure CLI, and the Azure Portal. Don't miss this opportunity to learn from an expert and take your Azure security skills to new heights!

    Episode 33: Casey Smith (Part 2)

    Play Episode Listen Later May 22, 2023 47:16


    Discover the power of canaries in cybersecurity and learn how to implement them the right way with our special guest, Casey Smith from Thinkst Canary. Casey shares his extensive background in pentesting and defending, as well as the inspiration behind his current projects. This episode is jam-packed with insights on using various security methods, understanding the limitations of InfoSec tools, and exploring telemetry.

    Episode 32: Casey Smith (Part 1)

    Play Episode Listen Later May 9, 2023 44:21


    Discover the power of canaries in cybersecurity and learn how to implement them the right way with our special guest, Casey Smith from Thinkst Canary. Casey shares his extensive background in pentesting and defending, as well as the inspiration behind his current projects. This episode is jam-packed with insights on using various security methods, understanding the limitations of InfoSec tools, and exploring telemetry.

    Episode 31: Maxime Lamothe-Brassard (Part 2)

    Play Episode Listen Later Mar 20, 2023 45:11


    Maxime Lamothe-Brassard, co-founder of Lima Charlie stops in to talk with Jared and Jonny, and explain how Lima Charlie identified a problem in the industry and seeks to solve it. This is the second half of a full 1h 30m interview.

    Episode 30: Maxime Lamothe-Brassard (Part 1)

    Play Episode Listen Later Mar 6, 2023 45:35


    Maxime Lamothe-Brassard, co-founder of Lima Charlie stops in to talk with Jared and Jonny, and explain how Lima Charlie identified a problem in the industry and seeks to solve it. This is the first half of a full 1h 30m interview.

    Episode 29: Olaf Hartong (pt. 2)

    Play Episode Listen Later Feb 21, 2023 84:51


    Two years and 28 episodes later, our first guest: Olaf Hartong of FalconForce rejoins Jared and Jonny in the studio. Olaf, as well as Jared, Jonny, and Luke will all be Blackhat instructors this year - and our collective opinions on Threat Hunting and Detection Engineering have evolved enough over the years to warrant further discussion. We hope you join us!

    Episode 28: Hosts

    Play Episode Listen Later Jan 27, 2023 62:43


    In our first episode of the new year, Jared, Jonny, and Luke discuss the plans for the year, the new DCP: Live project, and some of Jared's latest detection wisdom.

    Episode 27: Roberto Rodriguez

    Play Episode Listen Later Nov 7, 2022 112:22


    Roberto Rodriguez (Microsoft Security Intelligence) joins us to talk Threat Hunting and detection. Roberto is a former coworker of Jonny, Jared, and Luke - so it's bound to be a good time!

    Episode 26: Jamie Williams (Pt. 2)

    Play Episode Listen Later Aug 16, 2022 114:24


    We couldn't get enough of our conversation with Jamie Williams, so we brought him back! We re-ATT&CK the Mitre Evaluation topic and much more. Episode Guide

    Episode 25: Mehmet Ergene

    Play Episode Listen Later Aug 1, 2022 93:17


    In Episode 25 - Mehmet (@Cyb3rMonk on Twitter) chats with Jared and Jonny about several topics, including Process Mining! Episode Guide

    Episode 24: Jamie Williams

    Play Episode Listen Later May 30, 2022 89:46


    Jamie Williams of MITRE stops in to chat about the ATT&CK Framework and the MITRE Evals! Episode Guide:

    Episode 23: Gabriel Basset

    Play Episode Listen Later May 9, 2022 90:05


    Gabriel Basset is in the house to talk detection! Episode Guide

    Episode 22: Nasreddine Bencherchali

    Play Episode Listen Later Apr 11, 2022 88:07


    Nasreddine Bencherchali joins us all the way from Algeria to discuss the Detection Engineering process. Episode Guide

    Episode 21: Anton Ovrutsky

    Play Episode Listen Later Mar 21, 2022 106:50


    Anton stops in to talk to the DCP crew about lateral movement, and other detection topics! Episode Guide

    Episode 20: Andy Robbins

    Play Episode Listen Later Mar 7, 2022 92:40


    Andry Robbins stops by to talk with Jared and Jonny, to continue the discussion of detection vs. prevention in the infosec realm - and the accountability that comes with it. Episode Guide (featuring new episode transcripts!)

    S2 - Episode 9: Robby Winchester

    Play Episode Listen Later Feb 14, 2022 69:28


    In Episode 9, Robby Winchester of SpecterOps stops by to talk on Jared's favorite topic - Detectionomics (trademark pending). This was our second in-person episode and was a blast to make, we hope you enjoy!

    S2 - Episode 8: Ryan Hausknecht

    Play Episode Listen Later Feb 3, 2022 54:40


    In the first ever in-person episode of Detection: Challenging Paradigms, Ryan stops by to talk to Jared and Jonny about Azure security, abstraction, and research.

    S2 - Episode 7: Steve Miller

    Play Episode Listen Later Jan 18, 2022 89:28


    In Episode 7, Steve Miller stops in to talk with Jared and Jonny about a variety of detection topics!

    S2 - Episode 6: Tweet Extravaganza

    Play Episode Listen Later Nov 15, 2021 70:15


    In this episode, Jared and Jonny take some hot tweets from the infosec Twitterverse and talk about them. Episode Guide: www.dcppodcast.com/season-2/episode-6-twitter

    S2 - Episode 5: Mathieu Saulnier

    Play Episode Listen Later Oct 26, 2021 76:37


    In this episode, Jared and Jonny talk to Mathieu about detection and response! Episode Guide

    S2 - Episode 4: Cedric Owens and Justin Bui

    Play Episode Listen Later Oct 11, 2021 95:36


    In this episode, Jared and Jonny talk to Cedric and Justin about MacOS detection, red teaming, and more! Episode Guide

    S2 - Episode 3: Jared, Jonathan, and Luke

    Play Episode Listen Later Sep 20, 2021 91:02


    In this host-only episode, Jared and Jonny talk with Luke about some Axioms of Detection that Jared is putting together. It is a fast paced and really fun episode! Episode Guide

    S2 - Episode 2: Anton Chuvakin

    Play Episode Listen Later Sep 6, 2021 51:13


    Dr. Anton Chuvakin of the Cloud Security Podcast by Google stops by to talk all things detection with Jared and Jonny. Episode Guide

    S2 - Episode 1: Grant Ho and Devdatta Akhawe

    Play Episode Listen Later Aug 23, 2021 79:10


    In this episode, Jared and Jonny talk to Grant and Dev - creators of a research project covering machine learning and lateral movement detection. Episode Guide

    Episode 10: Season 1 Finale

    Play Episode Listen Later Jun 8, 2021 57:56


    In Episode 10, Jonny and Jared recap their favorite moments and discussions from Season 1. Episode Guide

    Episode 9: Andy Robbins

    Play Episode Listen Later May 24, 2021 92:29


    In Episode 9, Andy Robbins of Bloodhound joins us to talk about Prevention vs. Detection, and why prevention may not be getting the attention it deserves. Episode Guide

    Episode 8: Matt Hand

    Play Episode Listen Later Apr 26, 2021 95:42


    In Episode 8, Matt Hand is in the house to discuss weightlifting, vulnerability research, and paying knowledge forward in the security industry - and much more! Episode Guide: https://dcppodcast.com/episodes/episode-8-matt-hand

    Episode 7: Thomas Kinsella

    Play Episode Listen Later Apr 12, 2021 89:36


    In Episode 7, Thomas Kinsella of tines.io joins Jared and Jonny all the way from Ireland to talk about security automation. This is an episode you won't want to miss! Episode Guide: https://www.dcppodcast.com/episodes/episode-7-thomas-kinsella

    Episode 6: Matt Graeber

    Play Episode Listen Later Mar 29, 2021 93:30


    In Episode 6, Matt Graeber stops by to talk about the offensive open source tooling debate, defensive open source releases, getting back to the fundamentals of detection engineering, and more! Episode Guide: https://www.dcppodcast.com/episodes/episode-6-matt-graeber

    Episode 5: Andrew Morris

    Play Episode Listen Later Mar 15, 2021 96:54


    In Episode 5, Andrew Morris of GreyNoise.io joins us to talk about smuggling submarines, scanning the internet, threat intelligence, and more! Episode Guide: https://www.dcppodcast.com/episodes/episode-5-andrew-morris

    Episode 4: Joe Vest

    Play Episode Listen Later Mar 1, 2021 90:35


    In Episode 4, we talk to Joe Vest from AWS. Joe's extensive background in both detection and red teaming provides a valuable perspective on detection engineering. Episode Guide: www.dcppodcast.com/episodes/episode-4-joe-vest

    aws joe vest
    Episode 3: Chris Long

    Play Episode Listen Later Feb 15, 2021 90:56


    In Episode 3, Chris Long stops by to talk about Detection Lab, potential harm to small business from open source offensive security, and how valuable third-party telemetry can be for detection. Episode Guide: www.dcppodcast.com/episodes/episode-3-chris-long

    Episode 2: Dane Stuckey

    Play Episode Listen Later Feb 1, 2021 88:44


    In Episode 2, Jared and Jonny chat with Dane Stuckey, CISO of Palantir. A lot of topics are covered, ranging from the importance of open sourcing defensive technology to.....cross country skiing?

    Episode 1: Olaf Hartong

    Play Episode Listen Later Jan 18, 2021 91:12


    In Episode 1, Jared and Jonny chat with Olaf Hartong. Olaf is a longtime member of the security community, and recently founded his own consulting firm: FalconForce.

    Episode 0: Introduction

    Play Episode Listen Later Jan 2, 2021 16:24


    In this episode, Jared and Jonny introduce the podcast, detail their backgrounds, and explain the goals and vision behind the podcast.

    Claim Detection: Challenging Paradigms

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel