
Addressing cyber risk within the business is a challenging task for any security team to manage on their own. This places a premium on the Paranoids' relationship with engineering teams. An especially necessary one when conducting an expedited patch across the organization for an internet-wide weakness. Namely, Log4Shell. In this episode of the podcast, join Yahoo CTO Aengus McClean and Chief Paranoid Sean Zadig in conversation about: The Working Relationship (1:00) Security Culture (3:10)Communicating Priorities: Log4Shell (12:00)"Slow is Smooth and Smooth is Fast" (20:20)Building Security Into the Process (26:27)Hosts: Shawn Thomas (FIRE Chief) and Steven Asifo (Technical Security Manager, Governance, Risk, and Compliance)Guests: Aengus McClean (Chief Technology Officer) and Sean Zadig (Chief Information Security Officer)This is our final episode in a series about Log4Shell. You can find episodes One and Two on the Paranoids' landing page.
Apr 29, 2022
30 min

In our second podcast covering the Paranoids’ approach to remediating the Log4Shell vulnerability, Steven Asifo talks to Sadiah Choudhry and Lisa Hulen — who work inside Yahoo’s Vulnerability Management team responsible for handling newly disclosed security vulnerabilities. They discuss: The Elements of Vulnerability Management (2:46)Defining a NewVuln (4:40)What’s an S-Bug?! (12:15)Responding to an Unprecedented Event (15:31)A Companywide Culture of Collaboration (19:03)Big Takeaways (26:28)Host: Steven Asifo (Technical Security Manager, Governance, Risk, and Compliance)Guests: Sadiah Choudhry (Technical Security Manager, Vulnerability and Control Operations Team) and Lisa Hulen (Vulnerability Management Lead)
Mar 31, 2022
29 min

Arguably among the most consequential – and widespread – security vulnerabilities of the past decade, Log4Shell impacted nearly every company doing business on the Internet Yahoo was no different. Listen to this episode, as the Paranoids explore how FIRE (the Forensics, Incident Response, Engineering Team) responded to a widespread vulnerability at scale: The Role of Incident Response (2:20)Hunting for Log4Shell… with Arkime (6:37) Trust in Running Large-Scale Investigations (11:50)Incident Response Planning (15:25)Post-Mortem: Takeaways (20:50)Hosts: Shawn Thomas (FIRE Chief) and Steven Asifo (Technical Security Manager, Governance, Risk, and Compliance)Guests: Georgios Kapoglis (Sr. Technical Security Engineer) and Art Maddalena (FIRE Specialist Lead)
Feb 5, 2022
26 min

Have you ever just wondered why so many security teams are shrouded in opacity?! Us, too. That’s why we’re launching a podcast. So you can get the opportunity to know the Paranoids more deeply. And learn what we’re about, what our mission is, and why we love doing what we do.Listen in to this inaugural episode to: Meet our CISO, Sean Zadig: 1:22 Hear about our seven operating, principles: 6:27 Learn more about the Paranoids history and our organizational pillars: 13:42Discover why you should come join us (cough: theparanoids.com): 25.20Hosts: Shawn Thomas (FIRE Chief) and Steven Asifo (Technical Security Manager, Governance, Risk, and Compliance)Guest: Sean Zadig (Chief Information Security Officer)
Jan 10, 2022
31 min

Security teams tend to be black boxes. From the outside-in, it isn't easy to discern their culture. Or what makes them unique. So, to ensure the Paranoids can be more transparent, both to the security industry community — and those thinking about joining us in our mission! — we're launching a podcast. Throughout our episodes, we plan on surfacing the expertise of our team by introducing our colleagues. Mostly, so you can hear what makes them Paranoid. We'll publish our first episode will in the New Year. But, for now, take a listen to this trailer!Hosts: Shawn Thomas (FIRE Chief) and Steven Asifo (Technical Security Manager, Governance, Risk, and Compliance)
Dec 16, 2021
1 min
