The BlueHat Podcast

Cyber Security Content Creator, Speaker & Ethical Hacker, Katie Paxton-Fear, joins Nic Fillingham on this week's episode of The BlueHat Podcast. Katie holds a PhD in defense and security AI plus cybersecurity and works as an academic, teaching undergraduate students cybersecurity topics. She also runs a popular YouTube channel focused on bug bounty hunting, hacking, and pen testing. Katie shares her journey into cybersecurity, reflects on her initial interest in undeciphered languages and how it parallels her approach to cybersecurity, both involving a fascination with solving mysteries and uncovering hidden meanings. In This Episode You Will Learn: Some Questions We Ask: Resources: View Katie Paxton-Fear on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence PodcastAfternoon Cyber Tea with Ann JohnsonUncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Luke Jennings, VP of Research & Development at Push Security joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Luke explains his recent presentation on a new SaaS cyber kill chain, exploring how attackers might target modern organizations heavily reliant on cloud and SaaS services, even when traditional infrastructure is minimal. The latest kill chain involves developing attack techniques specific to this environment, covering topics like lateral movement without conventional network infrastructure and adapting known techniques such as password guessing attacks to the SaaS landscape. Luke, Wendy, and Nic discuss the complexities of SaaS security, the intricacies of evil twin integrations, detection challenges, mitigation strategies, and the overall impact of these security issues on organizations. In This Episode You Will Learn: Some Questions We Ask: Resources: View Luke Jennings on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence PodcastAfternoon Cyber Tea with Ann JohnsonUncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Lea Snyder, Principal Security Engineer at Microsoft joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Lea is a security leader focused on security strategy and helping organizations mature their security posture and security programs, focusing on areas including IAM, product security, and risk management. Lea explains her unique role as a security architect, highlighting problem-solving across various domains within Microsoft. She shares her unconventional path to cybersecurity, starting with a background in economics and an MBA, and how she transitioned from IT roles to security. Lea, Wendy, and Nic discuss the importance of diverse backgrounds in the industry and offer advice on entering the cybersecurity field. Lea also discusses her involvement in community-driven conferences, particularly B-sides, highlighting their diverse and unique content. In This Episode You Will Learn: Some Questions We Ask: Resources: View Lea Snyder on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence PodcastAfternoon Cyber Tea with Ann JohnsonUncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Dustin Heywood, Hacker, Researcher, and Senior Leader at IBM, joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Dustin provided a live demonstration of cracking NTLM version 1 during his BlueHat presentation, showcasing the process of responding to challenges, using coercion techniques, and ultimately extracting and cracking the NTLM hash. Dustin, Nic, and Wendy discuss checking group policies, auditing every object, ensuring relevant systems, and managing IT assets effectively. They emphasize the importance of IT asset management and recommend quarantining legacy systems with restricted access. In This Episode You Will Learn: Some Questions We Ask: Resources: View Dustin Heywood on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence PodcastAfternoon Cyber Tea with Ann JohnsonUncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Microsoft Principal Security Engineering, Tera Joyce and Senior Security Program Manager at Microsoft, Tina Zhang-Powell join Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. As we celebrate International Women's Day and Women's History Month, Tina and Tera join the show to discuss the importance of allies in promoting inclusivity and diversity within the industry. They both provide valuable perspectives on assumptions made about women in cybersecurity and offer guidance on fostering an inclusive environment. They highlight the importance of leaders being aware of representation and ensuring diverse perspectives are considered in the decision-making processes and share internal resources like mentoring programs and external opportunities such as conferences to support women in the field. Tina and Tera also offer advice to allies, encouraging them to actively include diverse voices and how they can contribute to creating a more inclusive cybersecurity community. In This Episode You Will Learn: Some Questions We Ask: Resources: View Tera Joyce on LinkedIn View Tina Zhang-Powell on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence PodcastAfternoon Cyber Tea with Ann JohnsonUncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Microsoft Security Technical Program Manager Devin Price and Sr. Program Manager Derrick Love join Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. The discussion delves into the experience of being Black in the cybersecurity field. Derrick and Devin share their thoughts on the representation of Black individuals in tech, noting the underrepresentation in the field. The significance of representation and allyship is also discussed while emphasizing the importance of paying it forward, mentoring others, and highlighting the responsibility to support those coming up in the field. Devin and Derrick share the importance of involvement with events that promote the black community, black businesses, and black-led nonprofits. These events aim to create a supportive network within the community, particularly for those working in the technology sector. It underlines the significance of adopting a growth mindset, fostering a sense of community, and actively contributing to the empowerment of individuals within the cybersecurity landscape. In This Episode You Will Learn: Some Questions We Ask: Resources: View Devin Price on LinkedIn View Derrick Love on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Beam Foundation Sync Seattle The Talking Tech Podcast BAM Scholarship Related Microsoft Podcasts: Microsoft Threat Intelligence PodcastAfternoon Cyber Tea with Ann JohnsonUncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Katelyn Falk, Principal Security TPM at Zoom, joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Katelyn is a security technical program manager with 11+ years of experience across IT and security, both cyber and physical, and is also co-founder of Zoom's Women in Security group. Katelyn, Wendy, and Nic discuss the growth of Zoom, the challenges of fostering a sense of community in a rapidly expanding organization, and the importance of diversity and representation in the cybersecurity industry. Katelyn explains the inspiration behind her Blue Hat conference lightning talk, "No Women in Security Group, No Problem," and her role in creating the Women in Security Group. In This Episode You Will Learn: Some Questions We Ask: Resources: View Katelyn Falk on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn katelynfalk.com Related Microsoft Podcasts: Microsoft Threat Intelligence PodcastAfternoon Cyber Tea with Ann JohnsonUncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Katelyn Falk, Principal Security TPM at Zoom, joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Katelyn is a security technical program manager with 11+ years of experience across IT and security, both cyber and physical, and is also co-founder of Zoom's Women in Security group. Katelyn, Wendy, and Nic discuss the growth of Zoom, the challenges of fostering a sense of community in a rapidly expanding organization, and the importance of diversity and representation in the cybersecurity industry. Katelyn explains the inspiration behind her Blue Hat conference lightning talk, "No Women in Security Group, No Problem," and her role in creating the Women in Security Group. In This Episode You Will Learn: Some Questions We Ask: Resources: View Katelyn Falk on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn katelynfalk.com Related Microsoft Podcasts: Microsoft Threat Intelligence PodcastAfternoon Cyber Tea with Ann JohnsonUncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Leading Threat Intelligence at InQuest, Darren Spurell, joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Darren explains Inquest's focus on deep file inspection technology to identify malicious traits in files and talks about their role in serving public and private sector companies. Darren shares his cybersecurity journey, passion for combating malware and criminal activities, and his presentation at BlueHat. Wendy, Nic, and Darren highlight the evolution of threat information sharing over the years and the value of intelligence advantage over adversaries. The conversation delves into the significance of threat indicators such as IP addresses, file hashes, domain names, and much more! In This Episode You Will Learn: Some Questions We Ask: Resources: View Darren Spruell on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence PodcastAfternoon Cyber Tea with Ann JohnsonUncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Leading Threat Intelligence at InQuest, Darren Spruell joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Darren explains InQuest's focus on Deep File Inspection® technology to identify malicious traits in files and talks about their role in serving public and private sector companies. Darren shares his cybersecurity journey, passion for combating malware and criminal activities, and his presentation at BlueHat. Wendy, Nic, and Darren highlight the evolution of threat information sharing over the years and the value of intelligence advantage over adversaries. The conversation delves into the significance of threat indicators such as IP addresses, file hashes, domain names, and much more! In This Episode You Will Learn: Some Questions We Ask: Resources: View Darren Spruell on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence PodcastAfternoon Cyber Tea with Ann JohnsonUncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Thinkst Canary, Cyber Security Researcher Casey Smith joins Nic Fillingham on this week's episode of The BlueHat Podcast. Nic and Casey discuss his background in security, his experience presenting at Blue Hat, and his session on building a Canary token to monitor Windows process execution. The Canary token project is an open-source initiative that creates artifacts on a network to alert defenders when an attacker interacts with them. The tokens can take various forms, such as documents, cloud credentials, QR codes, or executables, providing an early warning system for potential breaches. They also cover the importance of failure in the research process and the evolution of the canary token project to adapt to new attack techniques. In This Episode You Will Learn: Some Questions We Ask: Resources: View Casey Smith on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann JohnsonUncovering Hidden RisksThe Microsoft Threat Intelligence Podcast Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Senior Principal Security Researcher Nestori Syynimaa joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Nestori is an ICT professional with a strong practical and academic background. Since April 2021, Nestori has worked as a Senior Principal Security Researcher at Secureworks' Counter Threat Unit. Before joining Secureworks, he worked as a joint CIO for eight cities and municipalities surrounding Tampere, the largest inland city in Scandinavia. Nestori, Wendy, and Nic discuss the importance of understanding the dynamics between researchers and organizations in addressing security concerns, Nestori's journey as a researcher, his academic background, and his experiences speaking at various conferences worldwide. In This Episode You Will Learn: Some Questions We Ask: Resources: View Nestori Syynimaa on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann JohnsonUncovering Hidden RisksThe Microsoft Threat Intelligence Podcast Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Senior Data Scientist Emily Yale and Senior Threat Hunt Analyst at Microsoft Chris Bukavich join Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Chris focuses on incident response, investigation, and detection of major incidents, while Emily works on developing and improving detections for Microsoft's internal security. Emily and Chris were co-presenters at this year's BlueHat conference. They discussed unmasking Azure-based adversaries with an emphasis on monitoring service principles, how their respective expertise in data science and cybersecurity contributed to the session, and the challenges of monitoring service principles in Azure. This concept has evolved from traditional service accounts. In This Episode You Will Learn: Some Questions We Ask: Resources: View Emily Yale on LinkedIn View Chris Bukavich on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence PodcastAfternoon Cyber Tea with Ann JohnsonUncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Kaileigh McCrea, Lead Privacy Engineer at Confiant, joins Wendy Zenone on this week's episode of The BlueHat Podcast. Kaileigh explains her journey into privacy engineering, the ever-evolving nature of privacy regulations, and the challenges of defining protected data. Wendy and Kaileigh also delve into Yandex's extensive reach, connections to the Netherlands, and the complexities surrounding its ownership and compliance in the face of global sanctions. Overall, the discussion emphasizes the importance of protecting personal data and being aware of potential risks, even if one believes they have nothing to hide. In This Episode You Will Learn: Some Questions We Ask: Resources: View Kaileigh McCrea on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann JohnsonUncovering Hidden RisksSecurity UnlockedSecurity Unlocked: CISO Series with Bret ArsenaultSecure the Job: Breaking into SecurityThe Microsoft Threat Intelligence Podcast Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Steve Syfuhs, Principal Software Engineer at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Steve has spent the last decade building secure systems and is working at Microsoft as a Principal Developer. In this episode, Steve, Nic, and Wendy discuss how continually improving hardware allows for faster brute-force attacks, the technical and security aspects of password-based authentication protocols, and why the longevity of password security can be extended through incremental improvements. In This Episode You Will Learn: Some Questions We Ask: Resources: View Steve Syfuhs on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann JohnsonUncovering Hidden RisksSecurity UnlockedSecurity Unlocked: CISO Series with Bret ArsenaultSecure the Job: Breaking into SecurityThe Microsoft Threat Intelligence Podcast Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

In this week’s special episode, we bring you the BlueHat Oct 23, day 1 keynote delivered by John Lambert, Microsoft Corporate Vice President and Security Fellow. In his BlueHat Oct day 1 keynote, John discusses the importance of incidents in the security field, strategies for finding security incidents, and the importance of looking beyond traditional defense measures to discover attackers and traces outside of one's network. John introduces the idea of "hunting until closure," which involves systematically investigating various attacker actions to learn more about their activities. He also mentions the concept of "time travel breach detection," which uses historical logs to trace and identify previous attacker actions. In This Episode You Will Learn: Some Questions We Ask: Resources: View John Lambert on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann JohnsonUncovering Hidden RisksSecurity UnlockedSecurity Unlocked: CISO Series with Bret ArsenaultSecure the Job: Breaking into Security Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Microsoft Threat Intelligence Analyst Jessica Payne joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Nic, Wendy, and Jessica discuss Jessica's background in cybersecurity, her journey to Microsoft, her passion for making security more accessible, and the importance of diversity in the field. Jessica also emphasizes the need to focus on actionable threat intelligence and how ransomware has changed the security landscape while also providing insights into the process of submitting a presentation for The BlueHat Conference. In This Episode You Will Learn: Some Questions We Ask: Resources: View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft and Host of The Microsoft Threat Intelligence Podcast, joins Nic Fillingham on this week's episode of The BlueHat Podcast. Sherrod is a frequently cited threat intelligence expert in media, including televised appearances on the BBC news and commentary in the Wall Street Journal, CNN, New York Times, and more. She is a well-known public speaker, having presented at Black Hat, RSA Conference, RMISC, BrunchCon, and others. Sherrod and Nic discuss various topics, including different types of threat actors, the overlap between nation-state actors and cybercrime, and Sherrod's fascination with cybercrime, emphasizing cybercriminals' creativity and ingenuity, particularly those who use social engineering techniques. In This Episode You Will Learn: Some Questions We Ask: Resources: View Sherrod DeGrippo on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Giovanni Cherubin and Ahmed Salem join Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Giovanni is a Senior Researcher in Machine Learning and Security at Microsoft Research Cambridge, and Ahmed is a researcher in Confidential Computing at the Microsoft Research lab in Cambridge, UK. They're both interested in artificial intelligence and are researching the privacy, security, fairness, and accountability risks of the different machine learning settings. In this episode, they discuss how to identify and address privacy threats in machine learning models, the connection between privacy and information leakage, and how privacy is perceived in academia and industry. In This Episode You Will Learn: Some Questions We Ask: Resources: View Giovanni Cherubin on LinkedIn View Ahmed Salem on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Hyrum Anderson and Ram Shankar join Nic Fillingham and Wendy Zenone on this week’s episode of The BlueHat Podcast. Hyrum Anderson is a distinguished ML Engineer at Robust Intelligence. He received his Ph.D. in Electrical Engineering from the University of Washington, emphasizing signal processing and machine learning. Much of his technical career has focused on security, and he has directed research projects at MIT Lincoln Laboratory and Sandia National Laboratories. Ram Shankar works on the intersection of machine learning and security at Microsoft and founded the AI Red Team, bringing together an interdisciplinary group of researchers and engineers to proactively attack AI systems and defend them from attacks. In This Episode You Will Learn: Some Questions We Ask: Resources: View Hyrum Anderson on LinkedIn View Ram Shankar on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Not with a Bug, But with a Sticker is available here Follow Hyrum on Twitter Follow Ram on Twitter Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.