Down the Security Rabbithole Podcast

TL;DR It's been said that the road to hell is paved with good intentions. I feel like this applies to SBOM so much it's scary. All the good intentions in the world seemed to have led us to a place where we have tools that produce inconsistent results, tool sets that aren't necessarily integrated or mission-focused to deliver results, and a lot of confusion. Varun joins us with a boatload of entrepreneurial expertise and an eye for problem-solving so it's an interesting conversation. Join Rafal & James in a conversation that you'll want to listen to a few times, and take notes. Link to YouTube video https://youtube.com/live/pZgiiRQeou0?feature=share  Guest Varun Badhwar LinkedIn: https://www.linkedin.com/in/vbadhwar/ 

TL;DR: This DtSR podcast brings back a good friend of the show, and one of the most experienced leaders I know - Mr. Jim Tiller. We talk about an interesting topic - the "virtual CISO". vCISO is interesting because as markets tighten, and it becomes more difficult to find and afford good CISOs and security leaders in this market. So how can a company best utilize this part-time resource? We discuss... What are the best ways to utilize vCISO? What questions should you be asking? What are things to look out for? YouTube video https://youtube.com/live/OaYS0yEajQw?feature=share  Guest Jim Tiller LinkedIn: https://www.linkedin.com/in/jimtillersecurity/  Jim's Security Bytes newsletter: https://www.linkedin.com/newsletters/security-bytes-6943286067194187776/ 

TL;DR: I'm extremely excited to present to you, dear listeners and friends, a wonderful conversation with Sergio Caltagirone, who is quite the authority on 'threat intelligence' - where others talk tools and limited knowledge, Sergio literally was there at the birth of the cyber dawn of the threat intelligence operations we know (or don't know) today. Sergio has been at an agency, at Microsoft, at Dragos - and he knows threat intelilgence from theory to applications. Listen in, learn a bit, and laugh along as the Chinese spy baloon (that's my story and I'm sticking to it) disrupts our communications with our pal, Sergio. Video Link (unedited, and hilarious): https://youtube.com/live/SuH4uxBiX3E  Guest Sergio Caltagirone LinkedIn: https://www.linkedin.com/in/sergiocaltagirone/ 

Tl;DR: Automation. It's a precarious thing in cyber security. Whether you're thinking about SOAR, or incident investigation, or maybe SIEM (I'm sorry) - this conversation will be worth your time. Anton and Jonathan join us to talk about how "automation" has evolved over the last decade or so, and where it's largely failed. We also start to explore the future and requirements for how things can collectively improve. We think you'll enjoy the podcast... share it and we'd love to hear from you.   Guests Anton Goncharov LinkedIn: https://www.linkedin.com/in/cybernode/  Jonathan Cran LinkedIn: https://www.linkedin.com/in/jcran/ 

TL;DR A few days ago, my pal Kevin asked me if I had seen the LinkedIn post by Helen Patton that asked an interesting question of the podcast space... Her post made me think - why the heck not? So, I did. Thanks to Helen, whose idea this was - I hope you get a chance to watch and enjoy the outcome of your request ... we had far too much fun recording it. Here on this episode - which I promise you is 100x better on video, we have Anton Chuvakin, Kevin Thompson, and Jeff Collins joining Rafal & James on the podcast to have a little fun and ask "ChatGPT" some questions. Anton drove the screen share, and we had a lot of fun. I have to wonder - how did some of those answers (you'll know when you see/hear them) make it on there. Holy cow... wow. LinkedIn video replay - https://www.linkedin.com/video/event/urn:li:ugcPost:7021885147977314304/  Guests Anton Chuvakin LinkedIn: https://www.linkedin.com/in/chuvakin/  Jeff Collins LinkedIn: https://www.linkedin.com/in/jmcollins/  Kevin Thompson LinkedIn: https://www.linkedin.com/in/blackfist/ 

TL;DR On this episode, we welcome Josh Grossman - who has a pretty interesting perspective on AppSec, or Software Security, or (cringe) "DevSecOps". Josh has a bit of an edge on the subject, so he fits in with myself & James perfectly. We talk about where things stand from the vendor perspective, building programs, and why it takes to make a real impact, versus continuing to push a very large boulder up a very steep hill. Oh, hey, want to be on the show? Let us know a topic and your background and let's talk. Guest Josh Grossman LinkedIn: https://www.linkedin.com/in/joshcgrossman/  Twitter: https://twitter.com/JoshCGrossman 

TL;DR This week on 2023's first live-streamed episode (technical our first recorded in '23) our friend Larry Whiteside, Jr. joins us to talk about the prospects for 2023 and beyond. We discuss trends, make some rather sad predictions, and attempt to be hopeful about what the new year could bring us - if we don't find a way to walk ourselves off a cliff, first. It's a light discussion, that dives into some deep topics, and ultimately ends with some hope... 'ish. Join us! Oh, hey, since some of you are looking for a new opportunity in the new year, Larry's hiring (check out his LinkedIn page). Guest Larry Whiteside, Jr. LinkedIn: https://www.linkedin.com/in/larrywhitesidejr/

TL;DR Shawn Tuma, our favorite cyber legal eagle, joins Rafal & James to talk about the sorts of things we learned about 2022, in what could be confused for a year-in-review episode. We saw ransomware, big incidents, but overall ... things weren't the worst out there. If you missed our live-stream on LInkedIn (link below) you can replay that any time, or listen to this episode as a podcast. For 2023, I'm going to be tweaking some things to get us talking, sharing, and hopefully an even better experience of the podcast you already love. LinkedIn Live-stream re-play: https://www.linkedin.com/video/event/urn:li:ugcPost:7013670254237163520/  Guest Shawn Tuma LinkedIn: https://www.linkedin.com/in/shawnetuma/ Twitter: https://twitter.com/shawnetuma/

Prologue This week James and I are joined by my good friend and many-timer on the podcast Brandon Dunlap, and our mad genius and serial entrepreneur pal Paul Calatayud to talk about all of these guarantees, warranties, and insurance. It's a strange discussion but quite necessary as the industry is littered with some of these offerings by providers and various software (security) vendors. These guarantees and warranties are made to make you feel better, but rest assured lawyers wrote these and there's always a catch. The insurance conversation, that's a little different (way different) and Paul's got some interesting things to say here. Don't miss a great episode!   Guests Paul Calatayud LinkedIn: https://www.linkedin.com/in/whitehat/ Brandon Dunlap LinkedIn: https://www.linkedin.com/in/bsdunlap/ 

Prologue Karim Hijazi joins Rafal & James this week on the podcast to talk about some interesting trends and developments in the world of bad actors. It's an interesting update including some things I wasn't expecting to hear about how threat actors "hit back at" incident responders and threat hunters. This is a good conversation about the current threat landscape with an eye on the Russian hackers out there, and pretty good listening for anyone who wants an added dose of situational awareness. Links: Sneaky Hackers Reverse Defense Mitigations When Detected - https://www.bleepingcomputer.com/news/security/sneaky-hackers-reverse-defense-mitigations-when-detected/  https://cybernews.com/editorial/russian-hacktivist-real-dangers/ Guest Karim Hijazi LinkedIn: https://www.linkedin.com/in/karimhijazi/ 

Prologue This is a very interesting episode... Gadi Evron joins James and me on this slightly technically difficult (the IPoCP - IP over Carrier Pigeon - was awful at times) episode to talk about the CISO role and the potential liabilities that lie within. Whether we're talking about the Joe Sullivan case (and we're not, or we try not to), or we're generalizing about employment and legal culpability - this show traverses a lot of land and it's all worth your time. Hopefully if I did an OK job, you won't notice all the edits :) Pre-reading Blog post from Gadi & Team 8: https://team8.vc/rethink/cyber/cisos-guide-to-legal-risks-and-liabilities/  The CISO guide: https://lp.team8.vc/cisosguide  Guest Gadi Evron LinkedIn: https://www.linkedin.com/in/gadievron/ 

Prologue It's always a pleasure when I can get some friends together and banter on about a topic we all find interesting. This week's topic was supposed to be released a bit later, but it couldn't wait. We had so much fun that I thought it needed publication right now. The premise is simple - have you looked around at how many security vendors there are and just asked yourself ... "Are we solving anything, or just adding to the mess?" That's what we did on this podcast. And yeah, we'd know because we have some life experience in this industry. Required Reading: https://www.linkedin.com/pulse/security-tools-crash-coming-mark-curphey/  Guests Mark Curphey LinkedIn: https://www.linkedin.com/in/curphey/  Jim Tiller LinkedIn: https://www.linkedin.com/in/jitiller/  Anton Chuvakin LinkedIn: https://www.linkedin.com/in/chuvakin/  Vikas Bhatia LinkedIn: https://www.linkedin.com/in/vikasbhatiauk/ 

Prologue On this episode Rafal & James re-visit the concepts of machine learning, "artificial intelligence", and applicability to cyber security from Sven Krasser, Chief Scientist at CrowdStrike. Dr Krasser has been working on algorithms and computers analyzing massive amounts of data since the early 2000's so his analysis of today's "state of the art" and projections for the future are likely spot on. We have a little fun poking at industry buzzwords and make some real projections for where things are moving. If you're trying to sift through the hype and asking yourself is any of the "AI + ML" hype is real, right now, listen to this podcast. Some of your questions are likely answered here.   Guest Sven Krasser, Ph. D. - SVP & Chief Data Scientist at Crowdstrike LinkedIn: https://www.linkedin.com/in/svenkrasser/

Prologue This podcast has attempted to go down-market a few times, with some success in discussing the important issues that service providers and security vendors oddly ignore. If you're not in the enterprise, you get ignored by 90%+ of the security vendor space, that's just fact, and that means that you're left to fend for yourself at the worst scale possible. That's unfortunate, in the long run, because as all the vendors chase enterprise vendors, they at the same time lament the poor state of downmarket security. This podcast addresses something that may be able to help. A long-time colleague and friend has started a company and has a philosophy that we think y'all should hear about. I'm going to encourage you to give ContraForce a look -- not just because they're named after one of my favorite video games of all time -- but because they are working hard to solve a fundamental problem that we have in the security space...small companies have big problems too. Guest Stanislav Golubchik LinkedIn: https://www.linkedin.com/in/stan-golubchik/ Company LinkedIn: https://www.linkedin.com/company/contraforce/ Company website: https://www.contraforce.com/ 

Prologue Are you sick of hearing "Zero Trust"? Do you, like us, also feel like it's a marketing buzzword, and then a cute concept that has a very difficult time in reality? Yeah, this episode is for you. David Fairman and Jason Clark, join Rafal to talk about what is essentially continuous signals evaluation, least privilege, and default deny with segmentation. All those things we love, and haven't done right. Guests Jason Clark LinkedIn: https://www.linkedin.com/in/jasonclarkfl/  David Fairman LinkedIn: https://www.linkedin.com/in/dfairman/ 

Prologue This week, we take it back to the basics, that's right, the basics, as we talk to Huxley Barbee about the need to identify and understand the assets on your network and in your various environments. A fascinating conversation with some history, some laughs, and some honest discussion a topic that's absolutely critical to cyber security. If you've not done so, go check out the conversation with Dell Technologies' John Scimone -- a CSO's perspective on fundamentals: https://ftwr.libsyn.com/dtsr-episode-513-cso-perspective-on-security-fundamentals which will give you some additional perspective on this issue. Guest Huxley Barbee LinkedIn: https://www.linkedin.com/in/jhbarbee/ 

Prologue Today's guest helps James and Rafal attempt to unravel the completely confusing space of "modern remote access". Some call it SASE, some SSE, some ZTE and some are completely mad and still use the term VPN. Who knows who's right, or why any one is preferred over the other ...except Carlos Sales from NordLayer. Listen in, and give it some thought. Maybe you'll understand this big mess a little better by the end of the episode. Guest Carlos Salas, Engineering Manager, NordLayer LinkedIn: https://www.linkedin.com/in/carlos-salas-b89480187/ Get a special offer from NordLayer, because you're a listener of DtSR: https://nordlayer.com/dtsr 

Prologue It's been a while since we have done an episode on cyber insurance, in fact, the last episode was https://ftwr.libsyn.com/dtsr-episode-454-tpa-cyber-insurance-fact-vs-fiction back in July of 2021. So we revisit with the two experts plus a bonus guest for you. We look at the issues from the perspective of the broker, buyer, and lawyer -- a complete picture if I do say so myself! Story link in FastCompany: https://www.fastcompany.com/90781786/cyber-insurance-price-hikes-have-left-local-governments-reeling  LinkedIn Live video stream (on-demand): https://www.linkedin.com/video/event/urn:li:ugcPost:6980210814192402434/  Guests Shawn Tuma LinkedIn: https://www.linkedin.com/in/shawnetuma/  Sean Scranton LinkedIn: https://www.linkedin.com/in/sean-scranton-2b24948/  Sebastian Avarvarei LinkedIn: https://www.linkedin.com/in/sebastianavarvarei/ 

Prologue Our industry has been talking about XDR for a while now. Some people think it's the savior, some people think it's marketing garbage - and neither of them really understands what this "thing" named XDR is. Well, I figure we'll get some smart people on the podcast, people who live in this field and use this word a lot, and giddy up. This episode is slightly PG-13'ish ... because Anton has a potty mouth and I don't want to edit. Guests: Anton Chuvakin (Google) LinkedIn: https://www.linkedin.com/in/chuvakin/  Jamie Moles (ExtraHop) LinkedIn: https://www.linkedin.com/in/jamiemoles/  Bryan Lee (CrowdStrike) LinkedIn: https://www.linkedin.com/in/obiwanblee/ 

Prologue We start Cyber Security Awareness Month - the 30-day window where corporate law requires you to check the box and take boring security 'awareness' training, then forget it November 1st. Not my favorite month... so what about scammers, criminals, and bad people who prey upon those who aren't covered by corporate mandated training? Join us, let's talk about it.   Guest Michael Magrath LinkedIn: https://www.linkedin.com/in/michaelmagrath/ 

Prologue This week, Rafal takes the show on the road (literally) to Las Vegas for Fal.Con '22 -- this is CrowdStrike's premier global get-together of customers, partners, and industry experts to showcase some innovation and share ideas and insights. I wanted to say a big thank you to CrowdStrike -- all the folks who helped make this happen and continue to support this podcast and provide access to these fantastic guests. Thank you to Nick Lowe, Geeta Schmidt, Kapil Raina, and Bryan Lee for taking the time to share their unique insights. Guests Nick Lowe LinkedIn: https://www.linkedin.com/in/nick-lowe-cissp-7751a05b/  Geeta Schmidt LinkedIn: https://www.linkedin.com/in/geetaschmidt/  Kapil Raina LinkedIn: https://www.linkedin.com/in/kapilraina/  Bryan Lee LinkedIn: https://www.linkedin.com/in/obiwanblee/ 

Prologue Solving problems is a challenge not everyone is up for. The industry is littered with people and companies that bring small-time solutions to an industry begging and pleading for actual solutions. Jason Clark of Netskope, and long-time friend, joins James and Rafal to talk about the mindset and approach needed to solve BIG problems that change the game, change the landscape, and change our lives. Guest Jason Clark LinkedIn: https://www.linkedin.com/in/jasonclarkfl/   

For those of you paying attention - DtSR is officially 11 years old. This episode is the first episode of year (season) 12. WOW. Thank you for listening, sharing, commenting, and watching us live! Prologue We work in a weird industry where marketing has to make ever-more outrageous claims that product and service teams then have to attempt to live up to, but it's a way of life. Now, I'm not strictly speaking blaming product marketing people, but they do have some blame in this insane climate we find ourselves in. On this episode, two good friends - and professional snark'ists - join James and I to talk about where our industry has over-marketed, over-hyped, and simply failed to deliver ...and where it may actually be meeting expectations. It's a fun conversation, and I bet you won't see the ending coming. Guests Jeff Collins LinkedIn: https://www.linkedin.com/in/jmcollins/  Anton Chuvakin LinkedIn: https://www.linkedin.com/in/chuvakin/  Twitter: https://twitter.com/anton_chuvakin

Prologue Fresh off his presentation at Defcon 2022, Ken Pyle joins Rafal to talk about the Emergency Alert System (EAS) he's been hacking since 2019 and discusses findings, challenges, and the work left to do. It's a fascinating conversation that will leave you wondering - how do we fix this clear and present problem, and more importantly...where else should we be looking? Guest Ken Pyle LinkedIn: https://www.linkedin.com/in/ken-pyle/ LinkedIn Stream (recorded): https://www.linkedin.com/video/event/urn:li:ugcPost:6971199601311694848/ 

Prologue This week's guest is always a great interview. Gadi Evron has been around the industry longer than it's been an officially named discipline. In this episode, he talks about post-breach standards and the apparent but not previously discussed need. He also breaks your brain with disinformation, which we only lightly touch on before realizing we need at least one more podcast to go deeper into the topic. Join us, and share this one, it's awesome.   Guest Gadi Evron LinkedIn: https://www.linkedin.com/in/gadievron/ 

Prologue We've covered "threat intelligence" on the show a few times now, but the evolving nature of what threat data is, how it's useful, and how it enables defenders of a specific type identify malicious activity keep it interesting. This time around Adam Meyers of CrowdStrike joins Rafal to discuss threat intelligence, threat hunting, and clarifies some of the mis-conceptions and utilities around the topic. A good conversation for those defending their infrastructure and useful data points from someone who is a recognized expert. Adam joins us from his bunker, with all the elements you'd expect from Adam, so it's definitely worth your time to listen closely. Check out Fal.Con, where you can catch the cutting-edge on CrowdStrike kit, industry knowledge, and hear some great industry speakers. Rafal will be there speaking on the topic of operationalizing and making the SOC more effective and efficient at small scale, check it out (link below). Guest Adam Meyers LinkedIn: https://www.linkedin.com/in/adam-meyers-7a58481/  CrowdStrike: https://www.crowdstrike.com Fal.Con: https://www.crowdstrike.com/events/fal-con/ 

Prologue "Just do the basics!" "Remember the security fundamentals." ...sick of hearing those catch phrases without anything to actually get it DONE? Yeah, us too. This week we're joined by John Scimone of Dell Technologies to talk about his take on fundamentals both security and IT. His approach is not unique, per se, but it's one that works and it's repeatable. More importantly, he's willing to share his expertise and what he's done to be successful in raising the bar to his level of "good enough" -- so unless you've gotten where YOU want to be in those security fundamentals, it's time to listen to John's podcast and take notes. Take lots of notes. By the way, if you want the video on LinkedIn Live where you can post questions too, click here: https://www.linkedin.com/video/event/urn:li:ugcPost:6953043382164209664/ Guest John Scimone - President, Chief Security Officer at Dell Technologies LinkedIn: https://www.linkedin.com/in/john-scimone-0b2041a1/

Prologue This week, long-time friend and well-known industry personality, Jessica Hebenstreit joins Rafal to talk about her journey in consulting to very large security programs and why maturity is elusive in many of those programs. As it turns out, maturity is influenced by many factors but highly dependent on actually solving problems and being able to show progress. This is an interesting conversation for anyone who wants to understand what's inside the head of a former practitioner who has ventured into the field to help others solve large-scale, complex, problems. Guest Jessica Hebenstreit LinkedIn: https://www.linkedin.com/in/jessicahebenstreit/  LinkedIn Live stream: (video!) https://www.linkedin.com/video/event/urn:li:ugcPost:6960010458405756928/ 

Prologue This week on the podcast, the one and only Tom Eston joins Rafal & James to talk about managing teams. Tom is a well-known personality who runs the "Shared Security Show" podcast -- which has been running even longer than we have, give them a listen if you don't already. Tom talks about the difficulties of managing, coping with various types of personalities, and helping employees thrive while finding the right balance between in-office and remote. Great show if you're in a leadership position, or hoping to be, managing technical teams. Guest Tom Eston https://www.linkedin.com/in/tomeston/ The Shared Security Show https://sharedsecurity.net/ 

Prologue It's always a pleasure to have someone on the show who is an expert in their trade, someone who has experience, expertise, and depth of understanding like few others. In this case, James and I host Jim tiller - one of the people I consider a mentor and long-time friend, who is all of those things and more. Jim is a quintessential expert on cybersecurity services - and in this discussion we push some of the buttons that really get him talking, passionate, and dispensing wisdom. I hope you brought a notepad, because you'll want to be taking notes. This episode is for those out there who work in, or manage, services organizations. Truckloads of information here... Guest Jim Tiller https://www.linkedin.com/in/jitiller/  Subscribe to Security Bytes: https://www.linkedin.com/newsletters/security-bytes-6943286067194187776/ 

Prologue James has been talking about "shift left" for a while so when Jeff Williams posted interesting research on LinkedIn - we jumped on an opportunity to have him on the show to talk about the subject. Let's face it, everyone is shifting left, and most of this is just marketing nonsense, but some of it is actually an attempt to push security "earlier" into the cycles - but is that good? Does it even make sense? Jeff kills one of my favorite, go-to, security myths about software security...and a fun discussion ensues. Join us, and maybe add to the conversation! Guest Jeff Williams LinkedIn: https://www.linkedin.com/in/planetlevel/ The post that started the discussion: https://www.linkedin.com/feed/update/urn:li:activity:6948662117398962177?updateEntityUrn=urn%3Ali%3Afs_feedUpdate%3A%28V2%2Curn%3Ali%3Aactivity%3A6948662117398962177%29 

Prologue DNS is a big topic, and you may be asking yourself why. Well, as we noted in a recent show ( https://ftwr.libsyn.com/dtsr-episode-504-dns-turns-40 ) DNS is officially middle-aged. And with that middle-age comes some more problems. These issues have caused a situation where it's increasingly evident that DNS needs to evolve, mature, or simply revise (2.0?) itself ... but into what? And why? Listen to Ken Carnesi from DNSFilter who joins James & Rafal to talk about the challenges and the future, and why it's still such a sh*tshow today. Guest Ken Carnesi LinkedIn: https://www.linkedin.com/in/kencarnesi/

Prologue Let's start with NDR - Network Detection and Response - because it's not new, but the discussions lately have been very interesting. Is it still relevant? Does it have a place in today's hybrid and cloud world? Well, in this conversation with Raja Mukerji, co-founder of ExtraHop, Rafal tackles these questions and gets some interesting answers. For those of you who have followed for a while - I have a surprise reveal for you at the end.

Prologue As some of you know, I've been either in the AppSec space, or adjacent, since the fairly early days. I built a program at GE a million years ago, and worked selling dynamic web app testing software for many years. If you've been in the space, you can feel a little bit hopeless with all the different options, tools, and advice only to look at the stale OWASP Top 10 and wonder ...why aren't things improving? Matt Rose joins me in a post-RSA conversation about ASPM (Application Security Posture Management), and before you dismiss it as another analyst buzzword, let's talk about why this may actually (and finally) start to solve some of the complex issues around developing, releasing, and maintaining reasonably secure software. This is a space I've been passionate about for a long time, and I feel like everyone should listen to this. Guest Matt Rose LinkedIn: https://www.linkedin.com/in/mattarose/ 

Prologue RSA Conference 2022 has come and gone. Rafal was there for all the circus and madness, and sits down with James to discuss what was seen and heard. Also, you'll get some clips in here from some of the interviews from the show as Rafal caught up with some interesting vendors, old friends, and even some poetry. Guests Tyler Moffitt LinkedIn: https://www.linkedin.com/in/tyler-moffitt-29752050/  Rock Lambros LinkedIn: https://www.linkedin.com/in/rocklambros/  Matt Rose LinkedIn: https://www.linkedin.com/in/mattarose/  Dr. Khawaja Saeed LinkedIn: https://www.linkedin.com/in/khawaja-asjad-saeed-29b2a6a/  Ray Canzanese LinkedIn: https://www.linkedin.com/in/raymond-canzanese-jr-178a846/  Deidre Diamond LinkedIn: https://www.linkedin.com/in/deidrediamond/ 

Prologue In this RSA conference-themed episode, I bring on Jonathan Barnett from OpenText to discuss DNS turning 40 years old. Yeah, it was originally invented in 1983 y'all. As DNS turns 40, some of the lingering problems are getting worse, some of the new solutions open up other problems, and we're all about solutions here so we tackle some of the things Jonathan is doing to address the issues. Interesting episode to ponder, and reflect on, as DNS turns 40 years old next year and we try and figure out "now what?" Guest Jonathan Barnett LinkedIn: https://www.linkedin.com/in/jonathan-barnett-61417313/ OpenText: https://security.opentext.com/?_ga=2.120496974.732014807.1654199211-1391672637.1654199211 

Prologue This is a bonus episode for the Episode 500 live-stream we did. I brought together Crowdstrike, OpenText, and Netskope technologists to talk about the technology they've worked with over the last 10 years, where it stands today, and what the future outlook looks like. It's a fascinating conversation from some of the most common vendors out there in security - and you're probably using or relying on their platforms -- so it makes sense to get their take on the past, present, and future of technology in our industry. Special thanks to Adam, Grayson, and Mark for taking the time out and sharing their expertise! Guests Adam Meyers (Crowdstrike) - https://www.linkedin.com/in/adam-meyers-7a58481/ Grayson Milbourne (OpenText) - https://www.linkedin.com/in/themilbourne/ Mark Day (Netskope) - https://www.linkedin.com/in/markstuartday/  

Prologue This week, we talk about the cloud in a different way than we have previously. We discuss "blast radius" with regard to vast numbers of roles and permissions inside of a public cloud infrastructure. The numbers are staggering and you'll likely find yourself asking the obvious question -- "How does anyone manage all of this, with any hope of getting it right?" The beginnings of that answer lie in this show.   Guest: Arick Goomanovsky LinkedIn: https://www.linkedin.com/in/arick-goomanovsky/ Twitter: https://twitter.com/g00manoid/ Ermetic: https://ermetic.com/ 

Prologue CMMC may be something you know nothing of, but if you're a government contractor, or work with government contractors of the DIB - you're probaby alll too familiar. For some, it's hell. For the rest, it's mostly insane. Jacob joins Rafal & James to educate us, and give us the reality of this set of standards. Guest Jacob Horne LinkedIn: https://www.linkedin.com/in/jacob-horne-cissp/ 

Prologue This week, on the first post-500 episode, we welcome Netskope's Ray Canzanese to talk about the Cloud & Threat Report they just published ( https://www.netskope.com/netskope-threat-labs/cloud-threat-report ) which has some interesting bits in it. Ray discusses the details and some of the things that you won't find in the text of the report. Good conversation as Rafal & James break down the headlines.

Prologue - Part 2 of 2 First - thank you to everyone who listens to this show, shares it, and has left us a review. You all are the reason these past 500 episodes got published, and why this show will keep going into the forseeable future! Link to video: https://www.linkedin.com/video/event/urn:li:ugcPost:6917850703235321856/ This episode features some of my favorite guests from the last 500 episodes, with something to say. We cover a lot of ground, totally unscripted, and we have opinions.  Guests Jim Tiller LinkedIn: https://www.linkedin.com/in/jitiller/ Will Gragido LinkedIn: https://www.linkedin.com/in/gragido/  Diana Kelley LinkedIn: https://www.linkedin.com/in/dianakelleysecuritycurve/  Rob Hansen LinkedIn: https://www.linkedin.com/in/roberthansen3/  Anton Chuvakin LinkedIn: https://www.linkedin.com/in/chuvakin/  Jeff Moss LinkedIn: https://www.linkedin.com/in/jeffmoss/ 

Prologue - Part 1 of 2 First - thank you to everyone who listens to this show, shares it, and has left us a review. You all are the reason these past 500 episodes got published, and why this show will keep going into the forseeable future! Link to video: https://www.linkedin.com/video/event/urn:li:ugcPost:6917850703235321856/ This episode features some of my favorite guests from the last 500 episodes, with something to say. We cover a lot of ground, totally unscripted, and we have opinions.  Guests Jim Tiller LinkedIn: https://www.linkedin.com/in/jitiller/ Will Gragido LinkedIn: https://www.linkedin.com/in/gragido/  Diana Kelley LinkedIn: https://www.linkedin.com/in/dianakelleysecuritycurve/  Rob Hansen LinkedIn: https://www.linkedin.com/in/roberthansen3/  Anton Chuvakin LinkedIn: https://www.linkedin.com/in/chuvakin/  Jeff Moss LinkedIn: https://www.linkedin.com/in/jeffmoss/ 

Prologue Friends and colleagues - I want to thank you from the bottom of my heart. It almost brings me to tears that over the last 11 years you've been sharing, downloading, and talking about this little thing I started back in 2011. Incredible doesn't even begin to describe the ride so far. And to top it off, we've hit almost 32,000 downloads this month - the most we've ever gotten by almost 2,000 more. I'm flabbergasted. So this episode, it's just James and I - just us doing what we do.   Thank you. We love you. Keep listening!

Prologue Super pumped this week to have James Azar on the show. James hosts a collection of podcasts including one I try to catch as often as possible - https://www.linkedin.com/company/cyberhubpodcast/. We cover a lot of ground, but you'll walk away with James' words ringing in your head, I can almost promise you that. Guest James Azar LinkedIn: https://www.linkedin.com/in/james-j-azar/ 

Prologue This week, as we approach episode 500 and the extravaganza that it will be, James and I welcome my personal friend and all-around wonderful marketing dude, Russell Wurth. We joke about what's wrong with cyber-security, and why it's mostly marketing's fault. Join us, prep your buzzword bingo card, and have a drink in hand (unless you're driving, then please don't). Guest: Russell Wurth LinkedIn: https://www.linkedin.com/in/russellwurth/  Twitter: https://twitter.com/rswurth 

Prologue Have you noticed that the relationship between buyer and seller, or more precisely, between CISO and seller is... eh ... tenuous lately? OK, maybe it's a lot worse than that in some cases. Why is that? How did we get here? And how do we fix a relationship that is quite clearly necessary, but just so broken? Yaron Levi, long-time industry veteran joins Rafal to discuss the challenges and opportunities of the CISO - vendor relationship.   Guest Yaron Levi LinkedIn: https://www.linkedin.com/in/yaronrl/ 

Prologue This week, as Vladimir Putin's Russia continues to commit war crimes and genocide against the people of Ukraine, DtSR gathered a panel of experts to discuss and dissect the threat of a Russian-based cyber offensive against the west. Our panelists helped separate fact from fiction, and gave us some take-aways that we can use to rationally and realistically protect ourselves from this and other related threats. LinkedIn Livestream video recording: https://www.linkedin.com/video/event/urn:li:ugcPost:6915354239766568960/  Guests Karim Hijazi LinkedIn: https://www.linkedin.com/in/karimhijazi/  Joe Slowik LinkedIn: https://www.linkedin.com/in/joe-slowik/  Mattias Wåhlén https://www.linkedin.com/in/mattias-w%C3%A5hl%C3%A9n-9b3b58201/ 

Prologue Special thanks on this episode to OpenText for bringing Mike to us on this show. What a fantastic conversation about the state of forensics and a little bit of reminiscing too! This episode we talk forensics, and the art and science, plus how to build that back-fill of talent this entire industry is short on. Michael has decades of knowledge and experience, and it's a joy of a conversation. Also, if you're into nothing else on this episode, check out the world's cutest kitten. Come for the kitten, stay for the forensics goodness. Guest Michael Hill -- You'll have to go look him up yourself :)

Prologue A big Texas welcome back to the podcast to our friend Shawn Tuma, our legal-eagle in residence. This week Shawn talks to us about the cases he's involved in, and the types of trends he's seeing in his client base when being their breach coach, and fire-fighter guide. With all these breaches, and all this money and productivity lost - is anyone paying attention? Is anyone learning anything? Join us, Shawn will tell you.   Guest Shawn Tuma LinkedIn: https://www.linkedin.com/in/shawnetuma/  Shawn's recent appearence on The Above Board Show: https://www.linkedin.com/feed/update/urn:li:activity:6909959787845730304/ 

Prologue This week, the guy with the best vendor hoodies ever is back! Philippe Humeau of Crowdsec joins us again to talk about some of the data his team have gathered, analyzed, and are using to crowd-source protection in the form of block lists. Anton Chuvakin joins us to bring his useful manner of snarkasm, just to keep us honest. Guests Philippe Humeau LinkedIn: https://www.linkedin.com/in/philippehumeau/  Anton Chuvakin LinkedIn: https://www.linkedin.com/in/chuvakin/

Prologue I read an article the other day that got me thinking, and inspired me to get Wesley onto the podcast to talk about SOAR. Yes, SOAR is absolutely boring -  but that's OK, isn't it? What's the actual purpose of SOAR technology, and where is it being utilized today? Are we getting the most of this, or is it just a boring fad? All this and more on today's show. Guest Wesley Belleman LinkedIn: https://www.linkedin.com/in/cyberwes/