Down the Security Rabbithole Podcast (DtSR)

Prologue

"Just do the basics!"

"Remember the security fundamentals."

...sick of hearing those catch phrases without anything to actually get it DONE? Yeah, us too. This week we're joined by John Scim…

Prologue

This week, long-time friend and well-known industry personality, Jessica Hebenstreit joins Rafal to talk about her journey in consulting to very large security programs and why maturity is e…

Prologue

This week on the podcast, the one and only Tom Eston joins Rafal & James to talk about managing teams. Tom is a well-known personality who runs the "Shared Security Show" podcast -- which ha…

Prologue

It's always a pleasure to have someone on the show who is an expert in their trade, someone who has experience, expertise, and depth of understanding like few others. In this case, James and…

Prologue

James has been talking about "shift left" for a while so when Jeff Williams posted interesting research on LinkedIn - we jumped on an opportunity to have him on the show to talk about the su…

Prologue

DNS is a big topic, and you may be asking yourself why. Well, as we noted in a recent show ( https://ftwr.libsyn.com/dtsr-episode-504-dns-turns-40 ) DNS is officially middle-aged. And with t…

Prologue

Let's start with NDR - Network Detection and Response - because it's not new, but the discussions lately have been very interesting. Is it still relevant? Does it have a place in today's hyb…

Prologue

As some of you know, I've been either in the AppSec space, or adjacent, since the fairly early days. I built a program at GE a million years ago, and worked selling dynamic web app testing s…

Prologue

RSA Conference 2022 has come and gone. Rafal was there for all the circus and madness, and sits down with James to discuss what was seen and heard.

Also, you'll get some clips in here from s…

Prologue

In this RSA conference-themed episode, I bring on Jonathan Barnett from OpenText Security Solutions to discuss DNS turning 40 years old. Yeah, it was originally invented in 1983 y'all. As DN…

Prologue

This is a bonus episode for the Episode 500 live-stream we did. I brought together Crowdstrike, OpenText, and Netskope technologists to talk about the technology they've worked with over the…

Prologue

This week, we talk about the cloud in a different way than we have previously. We discuss "blast radius" with regard to vast numbers of roles and permissions inside of a public cloud infrast…

Prologue

CMMC may be something you know nothing of, but if you're a government contractor, or work with government contractors of the DIB - you're probaby alll too familiar.

For some, it's hell. For …

Prologue

This week, on the first post-500 episode, we welcome Netskope's Ray Canzanese to talk about the Cloud & Threat Report they just published ( https://www.netskope.com/netskope-threat-labs/clo…

First - thank you to everyone who listens to this show, shares it, and has left us a review. You all are the reason these past 500 episodes got published, and why this show wil…

Prologue - Part 1 of 2

First - thank you to everyone who listens to this show, shares it, and has left us a review. You all are the reason these past 500 episodes got published, and why this show wil…

Prologue

Friends and colleagues - I want to thank you from the bottom of my heart. It almost brings me to tears that over the last 11 years you've been sharing, downloading, and talking about this li…

Prologue

Super pumped this week to have James Azar on the show. James hosts a collection of podcasts including one I try to catch as often as possible - https://www.linkedin.com/company/cyberhubpodca…

Prologue

This week, as we approach episode 500 and the extravaganza that it will be, James and I welcome my personal friend and all-around wonderful marketing dude, Russell Wurth. We joke about what'…

Have you noticed that the relationship between buyer and seller, or more precisely, between CISO and seller is... eh ... tenuous lately? OK, maybe it's a lot worse than that in some cases. W…