Detection: Challenging Paradigms
Technology Podcasts
Have you ever wondered why something is done the way it is, only to find out that this is "just the way it has always been done"? Sometimes it is necessary to challenge the paradigm in which we find ourselves operating to discover a more true understanding of the problem, this change of thinking is referred to as a "paradigm shift". In this podcast, we explore detection and response to define the presuppositions that describe the craft, while also engaging in long form discussion with some of the industry's leading experts to challenge the convention we find ourselves operating within.
Location:
United States
Genres:
Technology Podcasts
Description:
Have you ever wondered why something is done the way it is, only to find out that this is "just the way it has always been done"? Sometimes it is necessary to challenge the paradigm in which we find ourselves operating to discover a more true understanding of the problem, this change of thinking is referred to as a "paradigm shift". In this podcast, we explore detection and response to define the presuppositions that describe the craft, while also engaging in long form discussion with some of the industry's leading experts to challenge the convention we find ourselves operating within.
Language:
English
Website:
https://dcppodcast.com
Episodes
Episode 37: Steve Luke and Roman Daszczyszak
12/22/2023
The Summiting the Pyramid project by MITRE's Center for Threat Informed Defense (CTID) released in September 2023, allowing for a unified method of "grading" detections for efficacy. Two of the pivotal members of that project join Jared and Luke to talk about how it came to be, and how it can be used to further the detection program of any organization!
Project Links:
Initial Release Blog PostSummiting the Pyramid DocumentationGet Involved
Duration:01:12:10
Episode 36: Chris Thompson
12/4/2023
Chris Thompson (@_Mayyhem on X) joins Jared and Luke on this episode of DCP! Chris has led the charge on offensive research into System Center Configuration Manager (SCCM), and shares his insight into this often overlooked aspect of the threat landscape!
Resources:
#sccm on the BloodHoundGang slack workspace: https://bloodhoundgang.herokuapp.com/
https://medium.com/@Mayyhem
Duration:00:54:11
Episode 35: Luke Jennings
11/13/2023
DCP is back! New intro, new cover, new host! With Jonny stepping away from the podcast, Luke has moved into the co-host position with Jared. On this first episode, we are joined by Luke Jennings of Push Security to talk all things SaaS.
Links:
https://github.com/pushsecurity/saas-attacks
https://pushsecurity.com/blog/saas-attack-techniques/
https://pushsecurity.com/blog/samljacking-a-poisoned-tenant/
https://pushsecurity.com/blog/nearly-invisible-attack-chain/
https://pushsecurity.com/blog/slack-phishing-for-initial-access/
https://pushsecurity.com/blog/phishing-slack-persistence/
Duration:00:59:04
Episode 34: Ryan Hausknecht (Again)
6/27/2023
In this captivating episode, we delve into the world of Azure security with Ryan Hausknecht, Senior Security Researcher at Microsoft. Learn about his groundbreaking projects, the Azure Threat Research Matrix and the AzDetectSuite, and how they assist researchers and defenders in protecting against various attack techniques. We also discuss the complexities of Azure permissions and access control, and explore the nuances of the REST API, PowerShell, Azure CLI, and the Azure Portal. Don't miss this opportunity to learn from an expert and take your Azure security skills to new heights!
Duration:01:31:27
Episode 33: Casey Smith (Part 2)
5/22/2023
Discover the power of canaries in cybersecurity and learn how to implement them the right way with our special guest, Casey Smith from Thinkst Canary. Casey shares his extensive background in pentesting and defending, as well as the inspiration behind his current projects. This episode is jam-packed with insights on using various security methods, understanding the limitations of InfoSec tools, and exploring telemetry.
Duration:00:47:16
Episode 32: Casey Smith (Part 1)
5/9/2023
Discover the power of canaries in cybersecurity and learn how to implement them the right way with our special guest, Casey Smith from Thinkst Canary. Casey shares his extensive background in pentesting and defending, as well as the inspiration behind his current projects. This episode is jam-packed with insights on using various security methods, understanding the limitations of InfoSec tools, and exploring telemetry.
Duration:00:44:21
Episode 31: Maxime Lamothe-Brassard (Part 2)
3/20/2023
Maxime Lamothe-Brassard, co-founder of Lima Charlie stops in to talk with Jared and Jonny, and explain how Lima Charlie identified a problem in the industry and seeks to solve it. This is the second half of a full 1h 30m interview.
Duration:00:45:11
Episode 30: Maxime Lamothe-Brassard (Part 1)
3/6/2023
Maxime Lamothe-Brassard, co-founder of Lima Charlie stops in to talk with Jared and Jonny, and explain how Lima Charlie identified a problem in the industry and seeks to solve it. This is the first half of a full 1h 30m interview.
Duration:00:45:35
Episode 29: Olaf Hartong (pt. 2)
2/21/2023
Two years and 28 episodes later, our first guest: Olaf Hartong of FalconForce rejoins Jared and Jonny in the studio. Olaf, as well as Jared, Jonny, and Luke will all be Blackhat instructors this year - and our collective opinions on Threat Hunting and Detection Engineering have evolved enough over the years to warrant further discussion. We hope you join us!
Duration:01:24:51
Episode 28: Hosts
1/28/2023
In our first episode of the new year, Jared, Jonny, and Luke discuss the plans for the year, the new DCP: Live project, and some of Jared's latest detection wisdom.
Duration:01:02:43
Episode 27: Roberto Rodriguez
11/7/2022
Roberto Rodriguez (Microsoft Security Intelligence) joins us to talk Threat Hunting and detection. Roberto is a former coworker of Jonny, Jared, and Luke - so it's bound to be a good time!
Duration:01:52:22
Episode 26: Jamie Williams (Pt. 2)
8/16/2022
We couldn't get enough of our conversation with Jamie Williams, so we brought him back! We re-ATT&CK the Mitre Evaluation topic and much more. Episode Guide
Duration:01:54:18
Episode 25: Mehmet Ergene
8/1/2022
In Episode 25 - Mehmet (@Cyb3rMonk on Twitter) chats with Jared and Jonny about several topics, including Process Mining! Episode Guide
Duration:01:33:04
Episode 24: Jamie Williams
5/30/2022
Jamie Williams of MITRE stops in to chat about the ATT&CK Framework and the MITRE Evals! Episode Guide:
Duration:01:29:41
Episode 23: Gabriel Basset
5/9/2022
Gabriel Basset is in the house to talk detection! Episode Guide
Duration:01:29:58
Episode 22: Nasreddine Bencherchali
4/11/2022
Nasreddine Bencherchali joins us all the way from Algeria to discuss the Detection Engineering process. Episode Guide
Duration:01:28:01
Episode 21: Anton Ovrutsky
3/21/2022
Anton stops in to talk to the DCP crew about lateral movement, and other detection topics! Episode Guide
Duration:01:45:56
Episode 20: Andy Robbins
3/7/2022
Andry Robbins stops by to talk with Jared and Jonny, to continue the discussion of detection vs. prevention in the infosec realm - and the accountability that comes with it. Episode Guide (featuring new episode transcripts!)
Duration:01:32:33
Episode 19: Robby Winchester
2/14/2022
In Episode 9, Robby Winchester of SpecterOps stops by to talk on Jared's favorite topic - Detectionomics (trademark pending). This was our second in-person episode and was a blast to make, we hope you enjoy! Episode Guide
Duration:01:09:23
Episode 18: Ryan Hausknecht
2/3/2022
In the first ever in-person episode of Detection: Challenging Paradigms, Ryan stops by to talk to Jared and Jonny about Azure security, abstraction, and research. Episode Guide
Duration:00:54:36