Down the Security Rabbithole Podcast (DtSR)-logo

Down the Security Rabbithole Podcast (DtSR)

Technology Podcasts

The DtSR Podcast is dedicated to the cyber security profession - with news, personalities, topics of interest, and discussion you won't find elsewhere. Running since 2011 - founded by Rafal Los (aka "@Wh1t3Rabbit"), and co-hosted by James Jardine - the weekly show will entertain you while you're learning something. On Twitter/X: https://twitter.com/@DtSR_Podcast On YouTube: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq On LinkedIn: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/

Location:

United States

Description:

The DtSR Podcast is dedicated to the cyber security profession - with news, personalities, topics of interest, and discussion you won't find elsewhere. Running since 2011 - founded by Rafal Los (aka "@Wh1t3Rabbit"), and co-hosted by James Jardine - the weekly show will entertain you while you're learning something. On Twitter/X: https://twitter.com/@DtSR_Podcast On YouTube: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq On LinkedIn: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/

Language:

English


Episodes
Ask host to enable sharing for playback control

DtSR Episode 623 - SOC Metrics Suck

10/15/2024
Send the hosts a message - try it now! TL;DR: Erik Bloch and Anton Chuvakin join James, Jim, and myself to talk about why security metrics in the SOC ....suck. It's an interesting predicament, and one I'm sure Anton has been ranting about since he first got his 486/DX2 66. Or maybe not. It's an interesting topic because if we're measuring crap, that means something. Or does it even matter? Link to Erik's epic post: https://www.linkedin.com/posts/erikbloch_tinkertribe-secops-soc-activity-7245132473355919360-5v_B?lipi=urn%3Ali%3Apage%3Aorganization_admin_admin_page_posts_published%3B8719005b-91f9-4fdd-9cbc-4c75b2b70b00 Does anyone read these show notes? Should I bother still writing them up? YouTube Video: https://youtube.com/live/0O6XzDqbGUI Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:01:00:24

Ask host to enable sharing for playback control

DtSR Episode 622 - Doug Burks Building the Security Onion

10/8/2024
Send the hosts a message - try it now! TL;DR: This week's episode is a special one. I've been a fan of Security Onion for a long, long time and this week Jim Tiller and I welcome Doug Burks its creator to the show. Doug gives us his story of how he started the iconic security platform and where it's going next. Don't miss this sit-down that's been far overdue. Congrats to Doug and his team on the longevity and continuing to push the envelope. YouTube video: https://youtube.com/live/25ahe0k58N4 Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:42:38

Ask host to enable sharing for playback control

DtSR Episode 621 - Cyber Security Has a Data Problem Part 2

10/1/2024
Send the hosts a message - try it now! TL;DR: This is part 2 of the two-part episode with Jason Clark and Nathan Smolenski on data protection. In this episode we tackle the options and solutions to the problem we face - and why (just this one time) AI may be the only way forward. Interesting possibilities, and some real solutions. Don't miss our thee for episode 2 - "Hawaiian shirt day", on the video stream. Jim Tiller and I host this one, we hope you enjoy it. YouTube Video: https://youtube.com/live/SA53S0OpnZ4 Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:42:05

Ask host to enable sharing for playback control

DtSR Episode 620 - Cyber Security Has a Data Problem Part 1

9/24/2024
Send the hosts a message - try it now! TL;DR: This week Jason Clark and Nathan Smolenski join Jim Tiller and I on part 1 of a 2-part series on data security. It's a topic whose time has come, and we're going to start in part 1 with fully analyzing the problem, how we got here, and just how ugly the beast is. YouTube vide: https://youtube.com/live/Qps-4NSEI-4 Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:39:20

Ask host to enable sharing for playback control

DtSR Episode 619 - Aaron Bray The Complete Novice Guide to SBOM

9/17/2024
Send the hosts a message - try it now! TL;DR: This week's episode features Aaron Bray, CEO of Phylum. We use this episode as a complete primer on SBOM (Software Bill of Materials). We cover the typical "lot of ground" but try to answer the question of what SBOMs are, how they're useful, and what you as practitioners can do now that you have them. YouTube video: https://youtube.com/live/KHiDJt8SnZ0 Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:41:50

Ask host to enable sharing for playback control

DtSR Episode 618 - Jeff Collins Microservices Killed the Vulnerability Scan

9/10/2024
Send the hosts a message - try it now! TL;DR: This week's episode sees the return of Mr Jeff Collins (of WanAware fame) as we talk over the long-prophesied death of vulnerability scanning. Maybe. What does the cloud have to do with the demise of vulnerability scanning? Listen and find out... I think you may find this relevant. This time, YouTube Video, is required viewing...trust me on this. YouTube Video: https://youtube.com/live/U3BsGXRV0L4 Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:40:12

Ask host to enable sharing for playback control

DtSR Episode 617 - Defending Forgotten but Business Critical Systems (SAP) Part 2

9/3/2024
Send the hosts a message - try it now! TL;DR: This week, part 2 of the SAP ("Critical Enterprise Apps") discussion where Tom Venables & Jay Thoden van Velzen get a little more in-depth on what it takes to secure SAP and ensure that there's more than just a firewall between imminent disaster and your business. Jim TIller guest-hosts this in-depth episode, and we invite you to grab a notepad, and take some notes! Part 1 is here, listen to it first. YouTube Video: https://youtube.com/live/iH_mg4Hu0tc Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:48:23

Ask host to enable sharing for playback control

DtSR Episode 616 - A Wh1t3 Rabbit at Black Hat 2024

8/27/2024
Send the hosts a message - try it now! TL;DR: This episode is a "walk-around" episode, where I walked around Black Hat 2024 and ran into some friends to talk about what we're seeing, anything that caught their attention, and some other interesting insights in short-form recordings. I hope you enjoy listening to Lamont Orange, Aaron Bray, Alex Humphrey, and Rick Holland as much as I enjoyed the conversations. No video for this episode. Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:50:17

Ask host to enable sharing for playback control

DtSR Episode 615 - Doug Cavit Defending a Whole County

8/20/2024
Send the hosts a message - try it now! TL;DR: Have you ever wondered what it would be like to be responsible for security for an entire county? That job encompasses a massive amount of responsibility - but I'll let Doug Cavit, the CISO of Snohomish County, Washington tell us about it. What a resume, and what an incredible job Doug has. YouTube Video: https://youtube.com/live/selNfh5gQAU Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:38:41

Ask host to enable sharing for playback control

DtSR Episode 614 - James Robinson Don't Worry SaaS is Probably Secure

8/13/2024
Send the hosts a message - try it now! TL;DR: This episode was one of our awesome LinkedIn Live episodes - if you missed it, join us on LinkedIn and never miss another! On this one, James Robinson (CISO at Netskope) talks with Rafal and James with guest-host Jim TIller about the possibilities we have with SaaS, data protection, and the whole mess we've made over the last 20+ years of "data everywhere". Big thanks to Netskope for providing the excellent James Robinson onto the show! YouTube Video (if you prefer YouTube): https://youtube.com/live/8MnpK0H9az0 Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:36:27

Ask host to enable sharing for playback control

DtSR Episode 613 - Tim Miller A Frank Conversation on Software Manifests

8/6/2024
Send the hosts a message - try it now! TL;DR: Today's episode is all about how we can build better software and systems - from a supply chain perspective. Tim Miller joins us, and it starts as a general conversation but we quickly dive into the world of software development. There's a lot to talk about here, starting with this XKCD that explains it perfectly: https://xkcd.com/2347/ YouTube video: https://youtube.com/live/XOMl_Hp8q_Q Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:38:20

Ask host to enable sharing for playback control

DtSR Episode 612 - Defending Forgotten but Business Critical Systems

7/30/2024
Send the hosts a message - try it now! TL;DR: I bet you don't generally think about the software that actually runs the business when you're thinking security. In this episode, we tackle the security of SAP systems - the most popular business software on the planet - from some experts who tell us what we're missing. There's a lot to unpack here, and I bet you're not thinking about much of this, if any... I know my team wasn't. This is vital information. YouTube video: https://youtube.com/live/q8j6pkFXxeM Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:33:12

Ask host to enable sharing for playback control

DtSR Episode 611 - Bob Bragdon Writing the CISO Story

7/23/2024
Send the hosts a message - try it now! TL;DR: This week's episode features someone you've probably known for a while, without actually knowing him. Bob Brandon talks about his journey through publishing the wildly successful CSO Magazine (now an online publication) and being close the the CISO world for a long time. He has a great story to tell, so listen in, and enjoy. YouTube video: https://youtube.com/live/WafXp6xPpBY Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:33:00

Ask host to enable sharing for playback control

DtSR Episode 610 - Rob Allen Zero Trust Without Breaking Stuff

7/16/2024
Send the hosts a message - try it now! TL;DR: This week's guest is here to talk about Zero Trust... in a practical way. We're talking with Rob Allen of ThreatLocker about zero trust from a way you may have not thought about before. It's an interesting conversation and a piece of a much larger puzzle ... but from a practical standpoint, this may be the best actual place to start. Do you agree? YouTube Video: https://youtube.com/live/cgADamn2oQQ Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:38:30

Ask host to enable sharing for playback control

DtSR Episode 609 - Jonathan Rau Ruins SIEM

7/9/2024
Send the hosts a message - try it now! TL;DR: This week on the pod, Jonathan Rau joins to talk about SIEM. The thing we all lover to hate on, that thing that's been declared dead, and yet it's on its umpteenth incarnation. What does the future hold? Why is it still an investment organizations make? What makes it a good versus bad use-case? Tune in, find out. YouTube video: https://youtube.com/live/FtCjMo_gDDc Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:35:01

Ask host to enable sharing for playback control

DtSR Episode 608 - Karim Hijazi Ransomware Gets Nastier Still

7/2/2024
Send the hosts a message - try it now! TL;DR: Friend of the pod, Karim Hijazi of Vigilocity, joins Rafal this week to talk about the state of ransomware, its "families", proliferation and motivations. It's a dark picture that's getting darker as it all evolves. Karim also provides some data-driven insights you can even investigate for yourself, check this show out on the video stream for more complete insights. YouTube Video: https://youtube.com/live/wgUzYp-bl90 Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:33:44

Ask host to enable sharing for playback control

DtSR Episode 607 - Outsourcing Your Security Part 2

6/25/2024
Send the hosts a message - try it now! TL;DR: This week is part 2 of the 2-part series on "Outsourcing your security" with Paul Farley. Paul's expertise in this space means you should be taking notes! On this second part, we dive into how you can pick an effective model for your use-case (we talk through a few of the available models out there), how to effectively implement an MSSP, and then how to measure success. Guest host Jim TIller joins us again, too. YouTube video: https://youtube.com/live/FkyJPmZikmc Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:31:56

Ask host to enable sharing for playback control

DtSR Episode 606 - An Unsurprisingly Awful GAO Report

6/18/2024
Send the hosts a message - try it now! TL;DR: James and I spent a few minutes dissecting the high-level of a GAO report (Government Accountability Office) ...perhaps ironically named... that is awful in so, so many ways it's ridiculous. Listen in, comment with your thoughts. YouTube Video: (TBD) Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:33:33

Ask host to enable sharing for playback control

DtSR Episode 605 - Outsourcing Your Security Part 1

6/11/2024
Send the hosts a message - try it now! TL;DR: This week Paul Farley, Deputy CISO of NCR Voyix joins myself, James, and Jim TIller to discuss outsourcing security in a modern company. We talk through a bit of history, some requirements for a good MSP, and the good and bad of the last couple of decades of MSPs. YouTube video: https://youtube.com/live/QzQFXyVcDSo Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:33:42

Ask host to enable sharing for playback control

DtSR Episode 604 - Justin Foster Deeper Dive on Access Control Part 2

6/4/2024
Send the hosts a message - try it now! TL;DR: Justin Foster is back (and James is out) with guest co-host Jim Tiller as we talk through network-based access control from the "old days" through today's modern approaches. What worked, what didn't, what we tried, and how far we've come. Give it a listen! Also ... if there's any episode you watch the video of - it has to be this show for that beginning piece...wow Jim really nailed it. YouTube video (a must-see): https://youtube.com/live/EuUUeOzH_nE Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ X/Twitter: https://twitter.com/dtsr_podcast

Duration:00:33:53