Podcasts

Threat Actors and Making DNS Fail Harder and at Greater Scale than Ever Before

Everything defenders do is public, which means threat actors can look us up in how we’re detecting them and adapt their techniques. The bad news is that they learn how to evade us.

The good news is that since I’m a former latchkey kid who grew up in the 80s with a short attention span, there is always something new to research. Donald “Mac” MacCarthy from Open Source Context joins us to talk about how he sees threat actors changing using passive DNS and what we can do about it.

Listen

25 years of SIEM: The Rocky Journey to Autonomic Security Operations

In this episode, we are joined by Dr. Anton Chuvakin, Office of the CISO, at Google Cloud Security, where we discuss the evolution of SIEM from on-premise to the Cloud, and to autonomic security operations. Can our industry innovate to move beyond current SIEM limitations to reach “ops nirvana” to a data analytics-fueled security operations?

Listen

Toil Reduction as a Service - Improving Automation in Threat Detection and Analytics

We are joined this week by John Giglio, director of cloud security for SADA, with tales from the trenches on how automation has helped threat hunting and threat analytics to improve the lives of security organizations.

Listen

Data Dumpster Fires: How to Make Your SIEM Not Suck

Guest Merys Raymer is a Partner Engineer at Google Cloud Security.

John and Merys chat about her personal journey as a former threat and security analyst, fighting fires in the SOC trenches. She provides real-world insights on the need for advanced SIEMs, data analytics, and automation to optimize security operations.

Listen