Down the Security Rabbithole Podcast (DtSR)

<p>The DtSR Podcast is dedicated to the cyber security profession - with news, personalities, topics of interest, and discussion you won't find elsewhere. Running since 2011 - founded by Rafal Los (aka "@Wh1t3Rabbit"), and co-hosted by James Jardine - the weekly show will entertain you while you're learning something.<br><br>On Twitter/X: https://twitter.com/@DtSR_Podcast<br>On YouTube: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq<br>On LinkedIn: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/<br><br><br></p>

DtSR Episode 628 - Rob Allen Endpoint Security Does Not Have to Suck

Send the hosts a message - try it now!TL;DR: Join us on an adventurous conversation in the wild and wacky world of endpoint security. At a time where evolution seems to have come to a standstill, there are things going on you may not be aware of. Endpoint security doesn't have to suck - this conversation with Rob Allen (Chief Product Officer at ThreatLocker) may give you some new hope, or at least make you chuckle at Rob's "emotional support microphone".YouTube video: https://youtube.com/live...

11-19
39:45

DtSR Episode 627 - Talent Gap Lies and Truths

Send the hosts a message - try it now!TL;DR: On this spicy episode where returning guest Erik Bloch joins us, we host Lee Kushner to talk about the talent gap. Is there a talent gap? Who's to blame for the mess we're in right now? And of course, what to do next? For anyone who's job hunting, trying to understand the cyber job market, or trying to hire... this episode and conversation is for you.Sorry about the intermittent audio issue, I think it was a weird echo I couldn't quite pin down.You...

11-12
01:01:32

DtSR Episode 626 - Patrick Dennis Investing in CyberSecurity is Hard

Send the hosts a message - try it now!TL;DR: Today, the podcast takes a meeting in the finance department with Patrick Dennis - current CEO of Avaya and friend of the podcast. Patrick has extensive experience in investments in both tech and beyond, and he's here to dispense some wisdom, caution, and insights. --> This podcast is packed with information that you can't afford to miss.YouTube Video: https://youtube.com/live/J3FQrTuY7KU?feature=shareCozen O’Connor Public Strategies -...

11-05
01:00:40

DtSR Episode 625 - Cyber Ghost Stories to Tell in the Dark

Send the hosts a message - try it now!TL;DR: On this week's episode, Jim, James, and I sit down to a Halloween "scary story" episode. You know the feeling... that sinking feeling of dread when you can't quite put your finger on what's wrong but something is definitely wrong. Something scary, and nefarious is happening... and usually it's coming from inside the house!YouTube Video: https://youtube.com/live/BHRX0hi5CHQ?feature=shareCozen O’Connor Public Strategies - The Beltway BriefingLis...

10-29
40:50

DtSR Episode 624 - Kevin Clark One Month A Year That Security Matters

Send the hosts a message - try it now!TL;DR: This week on the pod, Kevin Clark joins James and I to talk about his career, how his walked his journey to a successful security leader (spoiler alert, it's another roundabout path), and what we generally think of "security awareness month". Great conversation and I think you'll agree, we need Kevin back again soon.YouTube Video: https://youtube.com/live/0KiUwC0RzRQCozen O’Connor Public Strategies - The Beltway BriefingListen for of-the-momen...

10-22
46:42

DtSR Episode 623 - SOC Metrics Suck

Send the hosts a message - try it now!TL;DR: Erik Bloch and Anton Chuvakin join James, Jim, and myself to talk about why security metrics in the SOC ....suck. It's an interesting predicament, and one I'm sure Anton has been ranting about since he first got his 486/DX2 66. Or maybe not. It's an interesting topic because if we're measuring crap, that means something. Or does it even matter?Link to Erik's epic post: https://www.linkedin.com/posts/erikbloch_tinkertribe-secops-soc-activity-72...

10-15
01:01:47

DtSR Episode 622 - Doug Burks Building the Security Onion

Send the hosts a message - try it now!TL;DR: This week's episode is a special one. I've been a fan of Security Onion for a long, long time and this week Jim Tiller and I welcome Doug Burks its creator to the show. Doug gives us his story of how he started the iconic security platform and where it's going next. Don't miss this sit-down that's been far overdue. Congrats to Doug and his team on the longevity and continuing to push the envelope.YouTube video: https://youtube.com/live/25ahe0k58N4C...

10-08
44:01

DtSR Episode 621 - Cyber Security Has a Data Problem Part 2

Send the hosts a message - try it now!TL;DR: This is part 2 of the two-part episode with Jason Clark and Nathan Smolenski on data protection. In this episode we tackle the options and solutions to the problem we face - and why (just this one time) AI may be the only way forward. Interesting possibilities, and some real solutions. Don't miss our thee for episode 2 - "Hawaiian shirt day", on the video stream.Jim Tiller and I host this one, we hope you enjoy it.YouTube Video: https://youtub...

10-01
43:28

DtSR Episode 620 - Cyber Security Has a Data Problem Part 1

Send the hosts a message - try it now!TL;DR: This week Jason Clark and Nathan Smolenski join Jim Tiller and I on part 1 of a 2-part series on data security. It's a topic whose time has come, and we're going to start in part 1 with fully analyzing the problem, how we got here, and just how ugly the beast is.YouTube vide: https://youtube.com/live/Qps-4NSEI-4Cozen O’Connor Public Strategies - The Beltway BriefingListen for of-the-moment insider insights, framed by the rapidly changing social and...

09-24
40:43

DtSR Episode 619 - Aaron Bray The Complete Novice Guide to SBOM

Send the hosts a message - try it now!TL;DR: This week's episode features Aaron Bray, CEO of Phylum. We use this episode as a complete primer on SBOM (Software Bill of Materials). We cover the typical "lot of ground" but try to answer the question of what SBOMs are, how they're useful, and what you as practitioners can do now that you have them.YouTube video: https://youtube.com/live/KHiDJt8SnZ0Cozen O’Connor Public Strategies - The Beltway BriefingListen for of-the-moment insider insigh...

09-17
43:13

DtSR Episode 618 - Jeff Collins Microservices Killed the Vulnerability Scan

Send the hosts a message - try it now!TL;DR: This week's episode sees the return of Mr Jeff Collins (of WanAware fame) as we talk over the long-prophesied death of vulnerability scanning. Maybe. What does the cloud have to do with the demise of vulnerability scanning? Listen and find out... I think you may find this relevant.This time, YouTube Video, is required viewing...trust me on this.YouTube Video: https://youtube.com/live/U3BsGXRV0L4Cozen O’Connor Public Strategies - The Beltway Br...

09-10
41:35

DtSR Episode 617 - Defending Forgotten but Business Critical Systems (SAP) Part 2

Send the hosts a message - try it now!TL;DR: This week, part 2 of the SAP ("Critical Enterprise Apps") discussion where Tom Venables & Jay Thoden van Velzen get a little more in-depth on what it takes to secure SAP and ensure that there's more than just a firewall between imminent disaster and your business. Jim TIller guest-hosts this in-depth episode, and we invite you to grab a notepad, and take some notes!Part 1 is here, listen to it first.YouTube Video: https://youtube.com/live/...

09-03
49:45

DtSR Episode 616 - A Wh1t3 Rabbit at Black Hat 2024

Send the hosts a message - try it now!TL;DR: This episode is a "walk-around" episode, where I walked around Black Hat 2024 and ran into some friends to talk about what we're seeing, anything that caught their attention, and some other interesting insights in short-form recordings. I hope you enjoy listening to Lamont Orange, Aaron Bray, Alex Humphrey, and Rick Holland as much as I enjoyed the conversations.No video for this episode.Cozen O’Connor Public Strategies - The Beltway BriefingListen...

08-27
51:39

DtSR Episode 615 - Doug Cavit Defending a Whole County

Send the hosts a message - try it now!TL;DR: Have you ever wondered what it would be like to be responsible for security for an entire county? That job encompasses a massive amount of responsibility - but I'll let Doug Cavit, the CISO of Snohomish County, Washington tell us about it. What a resume, and what an incredible job Doug has.YouTube Video: https://youtube.com/live/selNfh5gQAUCozen O’Connor Public Strategies - The Beltway BriefingListen for of-the-moment insider insights, framed ...

08-20
40:04

DtSR Episode 614 - James Robinson Don't Worry SaaS is Probably Secure

Send the hosts a message - try it now!TL;DR: This episode was one of our awesome LinkedIn Live episodes - if you missed it, join us on LinkedIn and never miss another! On this one, James Robinson (CISO at Netskope) talks with Rafal and James with guest-host Jim TIller about the possibilities we have with SaaS, data protection, and the whole mess we've made over the last 20+ years of "data everywhere". Big thanks to Netskope for providing the excellent James Robinson onto the show!YouTube...

08-13
37:04

DtSR Episode 613 - Tim Miller A Frank Conversation on Software Manifests

Send the hosts a message - try it now!TL;DR: Today's episode is all about how we can build better software and systems - from a supply chain perspective. Tim Miller joins us, and it starts as a general conversation but we quickly dive into the world of software development. There's a lot to talk about here, starting with this XKCD that explains it perfectly: https://xkcd.com/2347/YouTube video: https://youtube.com/live/XOMl_Hp8q_QCozen O’Connor Public Strategies - The Beltway BriefingListen f...

08-06
39:43

DtSR Episode 612 - Defending Forgotten but Business Critical Systems

Send the hosts a message - try it now!TL;DR: I bet you don't generally think about the software that actually runs the business when you're thinking security. In this episode, we tackle the security of SAP systems - the most popular business software on the planet - from some experts who tell us what we're missing. There's a lot to unpack here, and I bet you're not thinking about much of this, if any... I know my team wasn't. This is vital information.YouTube video: https://youtube.com/l...

07-30
33:49

DtSR Episode 611 - Bob Bragdon Writing the CISO Story

Send the hosts a message - try it now!TL;DR: This week's episode features someone you've probably known for a while, without actually knowing him. Bob Brandon talks about his journey through publishing the wildly successful CSO Magazine (now an online publication) and being close the the CISO world for a long time. He has a great story to tell, so listen in, and enjoy.YouTube video: https://youtube.com/live/WafXp6xPpBYCozen O’Connor Public Strategies - The Beltway BriefingListen for of-the-mo...

07-23
33:37

DtSR Episode 610 - Rob Allen Zero Trust Without Breaking Stuff

Send the hosts a message - try it now!TL;DR: This week's guest is here to talk about Zero Trust... in a practical way. We're talking with Rob Allen of ThreatLocker about zero trust from a way you may have not thought about before. It's an interesting conversation and a piece of a much larger puzzle ... but from a practical standpoint, this may be the best actual place to start. Do you agree?YouTube Video: https://youtube.com/live/cgADamn2oQQCozen O’Connor Public Strategies - The Beltway Brief...

07-16
39:53

DtSR Episode 609 - Jonathan Rau Ruins SIEM

Send the hosts a message - try it now!TL;DR: This week on the pod, Jonathan Rau joins to talk about SIEM. The thing we all lover to hate on, that thing that's been declared dead, and yet it's on its umpteenth incarnation. What does the future hold? Why is it still an investment organizations make? What makes it a good versus bad use-case? Tune in, find out.YouTube video: https://youtube.com/live/FtCjMo_gDDcCozen O’Connor Public Strategies - The Beltway BriefingListen for of-the-moment insider...

07-09
35:39

David Hortsch

Worst episode ever... (Okay I haven't listened to all 400), but..

07-14 Reply

mrmr

You're talking about "hacker summer camp" but you don't go. That feels off.

08-06 Reply

mrmr

wow you guys need to visit defcon again. Your impressions are off

08-06 Reply

Recommend Channels