December 11, 2019
This week, on a very special show recorded from his home studio in Atlanta, Rafal welcomes Mike Daugherty back onto the show to tell the story of his crazy journey and battle with the FTC. Highlights from this week's episode include... Mike gives a recap of the road to where he got Rafal and Mike discuss the last few years since episode 171: "When the FTC Attacks" Rafal & Mike discuss the New Yorker article: Guest Mike Daugherty - ( @daughertymj ) -
December 3, 2019
Welcome back for another great episode. This week we have a boomerang guest, Amber Schroader, recorded live in Las Vegas at Enfuse 2019. Highlights from this week's episode include... Amber wants a rockstar moment, but no confetti canons Amber dissects Apple, Android, and "other" mobile OSes We discuss machine-to-machine interactions much more to discuss here! Guest: Amber Schroader ( @GingerWonderMom ) -
November 26, 2019
This week on #DtSR (live from Las Vegas, Enfuse 2019 Conference) Rafal chats with Nick Patience of 451 Group. Nick has some expertise in ML and provides context and content that is badly needed to dispel the crazy marketing hype out there. Highlights from this week's episode include... Nick answers the "What is ML/AI, and what is it not?" We think Nick insulted machines by calling their learning potentially "shallow" (haha) Nick gives us the retail applications of machine learning - grocery stores and similar things Nick talks about "automating the mundane vs automating the complex" as problem spaces where ML is applicable Nick explains ML is just software - but it's different from other software Guest Nick Patience ( @NickPatience ) -
November 19, 2019
First, and foremost, thank you to OpenText for having the #DtSR Podcast live and in-person in Las Vegas. Enfuse is a fantastic conference bringing together security operations professionals (forensics, threat hunters, SOC analysts), privacy, and legal professionals under one banner. It's a fantastic opportunity to hear some very involved talks, hear about the state-of-the-art, and join the conversation. Also ... the people you will meet there are amazing - guests and staff. Highlights from this week's episode include... Kevin gives us an educated, experience-based opinion on threat intelligence, threat hunting, and other various key terms Rafal make some snarky comments about "your mess for less" MSSPs Rafal and Kevin attempt to discuss the analyst shortage - do we solve it with tech or people? Guest Kevin Golas, Director of Worldwide Security Services at OpenText -
November 13, 2019
Dropping in for a quick announcement - you heard it here first! This week a few different announcements went out from OpenText, but this one caught my attention because it could honestly and truly be a game-changer for security and legal teams when it comes to breaches. Going beyond the typical EDR solution, this announcement may be able to shine light into the questions security and legal professionals need answered in the case of a breach. Check it out.   Official Name: OpenText™ Content Security for EnCase™ by Reveille. Press release: Guests: Paul Shomo, Senior Security Architect, OpenText   Brian Dewyer, CTO, Reveille Software
November 12, 2019
Down the Security Rabbithole is back for Episode 370, and this week's podcast focuses on gamification, and it's applications to InfoSec. Big thanks to Chloé for joining us and sharing her knowledge. She's a legitimate expert in the field, so give this a listen.   Highlights from this week's episode include... Chloé explains gamification Rafal and James ask some tough questions Chloé explains how games help us learn Much more, tune in!   Guest Chloé Messdaghi ( @ChloeMessdaghi ) - VP of Strategy at Point3 Security. She is a security researcher advocate who supports safe harbor and strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to change the statistics of women in InfoSec. She co-founded Women of Security (WoSEC) and heads the SF Bay Area chapter. As well, she created WomenHackerz, a global online community that provides support and resources for hundreds of women hackers at all levels
November 5, 2019
Welcome to episode 369! This week Rafal talks ransomware and welcomes Oussama El-Hilali, Chief Technology Officer at Arcserve, and Chester Wisniewski, Principal Research Scientist at Sophos to the podcast. Highlights from this week's episode include... Chester hits us with some staggering facts and figures about ransomware Rafal asks if companies should pay the ransom …and ducks Oussama explains why backup companies and anti-malware companies should be besties Guests Oussama El-Hilali - Chester Wisniewski - Links Arcserve landing page for more information - Sophos press release on the alliance -
October 30, 2019
Welcome to another edition of the DtSR Podcast! This week Liz Rice joins us all the way from the (still) UK, and James is back too! What a treat... join us and read the show notes! Highlights from this week's episode include... Liz explains containers, security, and gives us a foundation Liz explains the fundamental stages of securing containers Liz explains the model of different types of containers and the things you need to worry about Rafal asks "where do you install the agent?"   Guest Liz Rice - ( @LizRice ) - Liz Rice leads Aqua’s technology evangelism activities in the cloud-native ecosystem. She is an active member of the open source community, and an award-winning speaker known for her live-coding demos. She is currently co-chair of KubeCon & CloudNativeCon. Prior to getting immersed in containers she built up a wealth of software development, team, and product management experience working on network protocols and distributed systems, and in digital technology sectors such as VOD, music, and VoIP with companies including Skype, and Metaswitch Networks. When not writing code, or talking about it, Liz loves riding bikes in places with better weather than her native London, and competing in virtual races on Zwift. Find her on LinkedIn:
October 22, 2019
This week, #DtSR Podcast is recorded live from Dallas at the Armor SecureCon inaugural user conference. Rafal had the occasion (and good fortune) to get a few minutes to sit down with Jeff Collins (CSO, Lightstream) and Kristopher Russo (Security Architect, Herman Miller) and chat cloud. P.S. - We love in-person conversations! Highlights from this week's episode include... Jeff talks about Lightstream's cloud foundational framework and why it's a must-do if you're thinking cloud Kristopher some inner wisdom on architecture and business alignment Rafal makes a snarky comment about frameworks Guests Jeff Collins, CSO Lighstream - Kristopher Russo, Architect, Herman Miller -
October 15, 2019
Welcome Down the Security Rabbithole, to the DtSR Podcast. This week, Zac Rosenbauer joins us to talk about what it's like to be "the IT guy" who also has to be vigilant of security in a fast-paced startup...based on Google's cloud platform. It's a riveting episode that will give you some good guideposts if you're about to DIY. Highlights from this week's episode include... Zac introduces what it's like to work in a rapidly evolving startup We discuss some of the DIY that Zac has had to work with Wait ... compliance...   Guest Zac Rosenbauer - VP of Technology at Precognative -
October 8, 2019
Welcome back to another episode ... this one sets up DtSRs appearance at the Enfuse Conference 2019 in Las Vegas in November. Give this topic a listen, as it doesn't matter whether you're in legal, compliance, or security - you need to understand this topic well. We want to thank Opentext for sponsoring DtSR's trip out to Las Vegas for the conference, and of course we encourage you to join us out in the desert for another really well-done conference on the intersection of law, compliance, privacy, and security.   Highlights from this week's show include... Anthony uses the phrase "data exhaust" We get a peek into the intersection of big data, and big forensics Anthony, James, and Rafal discuss 'real time identification' that's way beyond what your IPS can do Anthony gives an insider peek into Enfuse 2019 including a keynote by James Clapper Guest Anthony Di Bello - Vice President, Strategic Development at Opentext:
October 1, 2019
Welcome! This episode of Down the Security Rabbithole Podcast was recorded live from Dallas, TX where the Security Advisor Alliance Summit 2019 was happening. One of the hardest working men in the business, Mr. Jerry Archer, stopped by and took a few minutes off his schedule to let Rafal interview him and get some of those amazing nuggets of wisdom and experience into your ears. Feedback, as always, is welcome! Highlights from this week's show include... Jerry sets the background for his knowledge by dropping his 40+ years experience Jerry talks about risk management and reporting to the board Jerry goes a little crazy talking about his budget much more! Big thanks to Sidney, AJ, Jerry and the rest of the SAA crew for having me aboard and letting me add some value to this very worthy cause. Folks, if you aren't a part of this thing, go to and find your cause. Guest Jerry Archer - SVP/Chief Security Officer at Sallie Mae; you can read more about Jerry's career here:
September 25, 2019
This episode was recorded live from the Security Advisor Alliance Summit, 2019 in blistering hot Dallas, TX. If you don't know what the Alliance is, or are asking yourself why you should bother, click here and find out why this is one of those organizations that you must be part of if you're serious about cybersecurity.   Highlights from this week's episode include... Graeme introduces himself Rafal & Graeme talk about security at scale Graeme discusses some of the insights of the Equifax breach Graeme dispenses knowledge and experience by the truckload Guest Graeme Payne ( @Cybersecurity4E ) - Shelve whatever you think you know about him. Graeme was the CIO of the business unit that had that catastrophic breach over at Equifax a few years ago. He's on LinkedIn here:
September 17, 2019
Friends & Colleagues, this week I have the pleasure of being joined by one of my good friends and industry veteran - the one and only Jim Tiller. We revisit the things we talked about in Episode 102 and get an update on the state of security from a guy who would know. Pre-requisite listening: Episode 102 -   Highlights from this week's show include... Jim & Rafal talk about the "feature economy" that is the security vendor marketplace today Jim explains the statement "Complexity is the camouflage for bad guys" Jim explains what he believes security organizations have accomplished in the last 5 years Rafal & Jim lament the 'fundamentals' Guest Jim Tiller ( @Real_Security ) -
September 11, 2019
This week Adam Meyers joins James & Rafal to talk about the Crowdstrike Mobile Threat Landscape Report 2019 - and the learnings and lessons therein.   Highlights from this week's episode include... Adam gives us the lowdown on adversaries, in 2019 Adam bakes some bread Rafal asks who the biggest and baddest attackers are So much more... check out the link above, read the report! Guest: Adam Meyers - - VP, Intelligence at Crowdstrike. We'll let him explain the rest...
August 27, 2019
This week, Rafal sits down in person with Sam Bouso of Precognitive, in Chicago headquarters to talk about some very cool tech that's probably only on the periphery of security. Give it a listen! Highlights from this week's show include... Sam discusses the problem that bots and fraud pose to not only digital commerce but overall digital interaction Sam and Rafal talk through the various buzzwords (machine learning, AI, etc) and their real applications here Sam talks through how algorithms and massive data sets can identify human from non-human So much more
August 20, 2019
This week, in the 2nd of two installments recorded live at Black Hat 2019, Alyssa Miller joins Rafal live to talk about some of the talks she's giving, and takes us back in time. Highlights from this week's show include... Rafal and Alyssa discuss the very real problems the lack of diversity in technology creates A jab is taken at the TSA ...because it's just too easy  Alyssa revisits the 'castle analogy' for InfoSec and why it's so tough to get right Much more fun... you'll have to listen in! Guest Alyssa Miller ( @AlyssaM_Infosec ) - Alyssa's bio and website is here:
August 15, 2019
This week on another jammed-packed episode, Rafal takes to Black Hat 2019 to interview some interesting guests that have something unique to tell you. We start with Deidre Diamond, the lady behind CyberSN - and why she's reinventing the way you get your next InfoSec job.   Highlights from this week's show include... Deidre tells us a little bit about what's new at CyberSN Rafal & Deidre discuss the insane InfoSec job market Deidre explains why how she's planning on eliminating hiring bias in the InfoSec workforce The last time Deidre joined us was episode 337 -  For more, go to and click the "Know More" icon in the top-right corner and get started!   Guest Deidre Diamond ( @Cyber_SN ) - With over 20 years spent leading technology and cybersecurity organizations, Deidre Diamond offers a great perspective on the issues that matter most in our industry. Her vision, “to transform employment searching” has remained constant since she founded CyberSN in 2014. Find her on LinkedIn: 
August 5, 2019
This week, James and I sit down to think (and talk) through Black Hat (and Defcon) 2019. "Hacker Summer Camp" as it's affectionately known in the industry, is a rite of every summer...but is it delivering value to attendees, do we have the right audience, and is the content worthwhile? This and more...   Highlights from this week's show include... Raf and James reminisce about summer camp days gone by Rafal addresses Dino's excellent-sounding keynote (abstract) Raf & James discuss the hype (or more precisely, the lack thereof) of this year's conference and why it's nice for a change All this and tune in!
July 30, 2019
Welcome down the security rabbithole friends! This week, Andy Kalat takes a few minutes off from recovering to chat and comment on the state of security, and what's different since we first met back in... 2003? Fun episode... It's been a while, Andy! Highlights from this week's show include... Andy and Rafal try and figure out when they first real life Andy points out the problem vendors suffer from "problem-scope-limiting" (this is an interesting one...) Are things getting better? The guys discuss...snark ensues Rafal asks Andy to predict what will change in the next ~5yrs   Guest Andrew Kalat ( @LERG ) - Andy is an IT Security Executive, Co-Host of the Defensive Security Podcast, Speaker, Writer...according to his LinkedIn profile, here.
July 23, 2019
My dear listeners - we have John Steven back on this episode! If you don't remember his first appearance, it's OK, it was a little while ago back on episode 42 ... so it's been a while! Highlights from this week's show include... John gives us a run-down on the new things since the last episode James & John talk OWASP Top 10 The guys try to understand what happened to Threat Modeling, and security overall, over the last decade So much more, you'll have to listen
July 18, 2019
Fans & Listeners! This week we have a treat for you... as this episode is recorded LIVE from Microsoft's Inspire 2019 in Las Vegas (where it was 117F) but the conversation here is way hotter. Highlights from this week's show include... What is Microsoft releasing to help guide secure Azure deployment? Mark and Jeff debate "What exactly is the value of "best practices"?" So much more packed into this extended episode! Links to things you need: Azure security guidance & best practices: Microsoft cybersecurity reference strategies: Things Mark thinks you should have handy:   Guests: Mark Simos ( @MarkSimos ) - Lead Architect, Cybersecurity Solutions Group, Microsoft Jeff Collins - Chief Strategy Officer, Lightstream
July 9, 2019
Yes, DtSR took a week off ... we were due. This week, Ira Winkler joins Rafal to go down the rabbithole and talk about his career, opinions on our profession, and other important stuff. Sit back, take notes, and enjoy. Highlights from this week's show include... Ira gives a run-through on his career and what's gotten him "here" Ira and Rafal discuss "breaking into security" and how it's being sold now, versus what reality should be Ira gives us his take on training, certifications, career paths and the like Yeah, so much more... Guest Ira Winkler ( @IraWinkler ) - This guy:
June 24, 2019
This week, ahead of AWS RE:INFORCE 2019 (the first one) Rafal gets a conversation with buddy Mark for a candid talk about the top 3 public cloud providers, and a little insight into the evolution of the industry ... or not... Highlights from this week's show include... What are we expecting from AWS RE:INFORCE this inaugural year? Mark gives us his take on the security in the three major public cloud providers Rafal and Mark reminisce about how things were...and where they are in terms of cloud, and security Mark and Rafal laugh about the opportunity security teams have right now...or may be missing Guest: Mark Nunnikhoven ( @marknca ) - Mark's awesome. He's also the Vice President of Cloud Research at Trend Micro. Other stuff he does here: 
June 19, 2019
Thank you to Microsoft for sponsoring this show, and our podcast over the years...   Highlights from this week's show include... Rob discusses what "Microsoft Threat Protection" is, isn't, and why it's relevant today Rob gives us some context to "trillions of signals" - what does that mean? Rob provides perspective on the pillars of operational excellence required to make Microsoft's vision a reality in damn-near-real-time Rafal and Rob discuss what the ecosystem looks like, and how it's being released into production Rob answers whether Microsoft consumes its own tools… the answer may surprise you Guest: Rob Lefferts - @rob_lefferts - Microsoft Responsibilities/Contributions – As corporate vice president for M365 Security within Experiences and Devices, Rob Lefferts is responsible for ensuring that Microsoft 365 provides a comprehensive and cohesive security experience for our all of our customers. Prior to this role, he led the Windows Enterprise & Security team, where he was responsible for hardening the Windows platform, building intelligent security agents, and driving commercial adoption of Windows 10. Since joining Microsoft in 1997, Lefferts has been instrumental in shaping key products and technologies, from helping develop the original SharePoint Portal Server to leading extensibility efforts for the Office platform to championing the vision for Microsoft 365.  Pre-Microsoft Work Experience – Rob began his career at Claritech, a startup that was born from a Carnegie Mellon research project. He then consulted with the Government of Namibia, Africa. Education – He earned a bachelor’s degree in logic and computation, as well as a master’s degree in computation linguistics, from Carnegie Mellon University. Family/Other Interests – Rob and his wife have two children and live in the Seattle area.
June 11, 2019
Show Note: As most of you know, this show has long refused to use advertisements, or ad revenue to keep itself going. That said, I openly welcome organizations who have something interesting to say and some extra marketing dollars to give, to sponsor an episode while still going through the same vetting process as everyone else. This is one of those shows. This week James and Rafal are joined by Saumitra Das, the Chief Technology Officer for an interesting little start-up called Blue Hexagon. If you find yourself nodding along and interested in hearing more, we encourage you to go check out their website and let them know you hear of them on this show. Highlights from this week's show include... Saumitra shares his insights on AI, machine learning, and the limitations and mis-uses of them We discuss the challenges of finding 'malice' at extremely high volumes, at extremely high rates of speed, and in extremely diverse environments Saumitra previews the methods Blue Hexagon use to approach this problem and potentially start to draw a viable approach Guest Saumitra Das - CTO at Blue Hexagon - Fun fact, Saumitra has over 330 granted many you got?
June 4, 2019
Friends & listeners - welcome to the 2nd half of the 2019 Verizon DBIR 2-part extravaganza. Gabe Bassett, one of the authors of the DBIR, joins Rafal & James to talk stats and lessons we can take away from the report. Highlights from this week's show include... We all talk patching... why it's hard, what we can do about it, and realities of patching Gabe does more live data analysis We get an insight into how long and how hard this report is to produce Guest Gabriel Bassett ( @gdbassett ) - Gabe is one of the writers and data scientists behind the Verizon DBIR. His LinkedIn is here:
May 29, 2019
Friends & listeners - welcome to the 2019 Verizon DBIR 2-part extravaganza. Gabe Bassett, one of the authors of the DBIR, joins Rafal & James to talk stats and lessons we can take away from the report. Highlights from this week's show include... Gabe distinguishes between an incident and a breach - for those of you who need the refresher Gabe dives into the stats to talk about small businesses, and the impact of breaches on them Gabs does some live data science for us, pulling in stats on-the-fly We avoid the 'patching' discussion (that's for the 2nd half) Guest Gabriel Bassett ( @gdbassett ) - Gabe is one of the writers and data scientists behind the Verizon DBIR. His LinkedIn is here:
May 21, 2019
This week, Tommy McDowell who is the Vice President at the Retail and Hospitality Information Sharing and Analysis Center, joins Rafal in person, in Dallas. Highlights from this week's show include... Tommy gives us a background on himself, and the RH-ISAC (and it's mission statement, and such) Tommy & Rafal discuss the difficulty in setting up an information sharing center Tommy gives us insights into why retail and hospitality need their own unique threat sharing network   Guest: Tommy McDowell - - It's easier to just let you go look at Tommy's page on LinkedIn. He's got a storied, and very interesting, career that we could not possibly do justice to here.
May 14, 2019
This week, Rafal gets the rare occasion of sitting down face-to-face with someone and do an interview in person. Andy Green is a great if not sharky fellow, who helped me get over my PG rating for this podcast. So ... it's probably PG-13.   Highlights from this week's show include... Andy talks about BSides Atlanta and the labor of love that is getting a conference stood up We talk about conference drama - because we all need more of that in our lives Andy discusses academic programs, shaping young minds, and being a universally beloved professor (not) Guest: Mr. Andy Green ( @SecProfGreen ) - Andy is a lecturer of Information Security at Georgia's Kennesaw State University. When he's not running Atlanta's BSides ATL he teaches classes in the Information Security and Assurance degree program, in the Information Systems department of the Michael J. Coles College of Business at Kennesaw State University.
May 7, 2019
This week on the podcast, Rafal gets some one on one time with Raffael Marty ... and it's #RaffCon.   Highlights from this week's show include... Raf & Raffy discuss the origins of #RaffCon Raffy talks through Artificial security Raf and Raffy dive into "risk management"   Guest: Raffael Marty - ( @raffaelmarty ) - Data analytics and visualization enthusiast. Interested in large-scale big data and cloud infrastructures to support cyber security use-cases. "How can we assist users to gain deep insight into large amounts of data?" I have spent a lot of time building and defining the security visualization space through open. I oversee Forcepoint's X-Labs, a specialized department within Forcepoint that is responsible for behavior-based security research and the development of predictive intelligence. In addition to traditional threat and security intelligence, we are the home of data science, machine learning, and artificial intelligence within Forcepoint.
May 1, 2019
This week, Rafal is joined by the man, the myth, the Aussie legend - Troy Hunt. We basically talk about whatever is on his mind - which, as it turns out is a lot. Take a listen, we may publish an English translation later (joking, Troy!).   Highlights from this week's show include... Troy gives a run-down on HaveIBeenPwned We talk through some of the interesting use-cases for HaveIBeenPwned data Troy gives perspective on usernames, passwords, and other important things technology/security related Guest Troy Hunt ( @TroyHunt ) - Troy is a Microsoft Regional Director and Most Valuable Professionalawardee for Developer Security, blogger at, international speaker on web security and the author of many top-rating security courses for web developers on Pluralsight. I created HIBP as a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach. I wanted to keep it dead simple to use and entirely free so that it could be of maximum benefit to the community. Short of the odd donation, all costs for building, running and keeping the service currently come directly out of my own pocket. Fortunately, today's modern cloud services like Microsoft Azure make it possible to do this without breaking the bank!
April 23, 2019
This week, on a riveting edition of Down the Security Rabbithole Podcast Raf sits down with Richie Etwaru, a human data ethicist and Founder and CEO of What's a human data ethicist, you ask? Listen to the podcast, and find out. Highlights from this week's show include... Richie walks us through data ownership as a fundamental human right, including why now is the right time in history Raf and Richie discuss the principles of data ownership and how they're different from privacy or security Richie discusses data ownership as a great leveling factor for society SO much more... Guest Richie Etwaru - Richie Etwaru is a human data ethicist and the Founder & CEO at where he is responsible for vision, strategy and execution focus for the company. He is driven to reshape the world by creating a new data economy, where inherent human data is legally human property. He has held c-level roles at Fortune 500 companies for two decades, and serves as advisor to venture capitalists, startups, governments, academia, and large organizations on transitioning to Trust Companies. Richie’s book Blockchain Trust Companies, Every Company is at Risk of Being Disrupted by a Trusted Version of Itself (2017) is used by universities, consulting organizations, and governments, and his TEDx talk Blockchain Massively Simplified has been viewed almost 1 million times.
April 16, 2019
This week on episode 342, Michael Coates joins Rafal & James for the 2nd time. Michael's first episode was way, way back in 2015 on episode 134 titled "Fundamental Security". Looks like things haven't changed much. We highly recommend you check out episode 134 first, then listen to this one. Trust us, you want the context.   Highlights from this week's show include... Michael gives us an opinion on "what's changed" in the last decade or so Michael discusses "risk", "technical risk", and the Enigo Montoya problem in security Michael gives an overview of what he thinks the profile of the CISO should be Michael gives his take on why he thinks low false-positive rates are important and automation is the future Guest Michael Coates: ( @_mwc ) All you need to know is here, on his LinkedIn page:
April 9, 2019
This week, in the final installment of "Live from RSA Conference 2019" Rafal interviews Mark Simos, who is the definitive source for reference architectures at Microsoft. He's the Lead Architect in the Enterprise Security Group and he's doing some amazing things for the community with regards to the Azure cloud and other Microsoft-related security things. Give this episode a listen and share it ...maybe listen again and take good notes! Highlights from this week's show include... Mark discusses security reference architectures (in general) Mark and Raf rap on the shared responsibility model for the cloud...again Mark answers "What's different about security in the cloud?" Mark raises the concept of "raising the cost to the adversary" for defenders... Guest Mark Simos - ( @MarkSimos ) - Mark is Lead Architect in Microsoft’s Enterprise Cybersecurity Group where he is part of a group of cybersecurity experts who create and deliver unique cybersecurity services and solutions to Microsoft’s customers. Mark has contributed to a significant amount of Microsoft cybersecurity guidance - most of which can be found on Mark's List ( Mark focuses on cybersecurity guidance to help customers manage cybersecurity threats with Microsoft technology and our partner solutions. Mark's current focus is on security assessments and roadmaps that span the spectrum of security topics including privileged access, high value asset protection, security strategies and operations, datacenter security, and information worker protection.
April 2, 2019
This week, Down the Security Rabbithole Podcast is publishing episode 3 of 4 which were recorded LIVE at RSA Conference 2019. This episode features Diana Kelley, of Microsoft, talking about the latest security report and other goodies. Highlights from this week's show include... Diana discusses the highlights from the latest Microsoft Security Intelligence Report Raf provides an opinion on how Microsoft could totally own the endpoint space Rafal & Diana dive back into passwords...apparently, we just can't get away from them Diana tells a really interesting story about Microsoft Windows Hello and twins Guest Diana Kelley - @DianaKelley14 - Microsoft Enterprise Cybersecurity Group Leadership team member. Represent Microsoft at global security conferences, author-industry analysis, white papers, and blogs on Microsoft security strategy and response to cyber threats. Contribute to the all up security messaging and provide insight into the strategic vision and direction for the company in close partnership with marketing, business groups, and engineering, as well as working closing with the security PR and AR teams.
March 28, 2019
This week, driven by the news cycle, and an interesting story... Rafal & James invite George and Shawn, as actual experts, onto the show.   Highlights from this week's show include... This news story - George & Shawn discuss the language of cyber policies We discuss language, inclusions, exclusions, and such George brings up Information vs Cyber, security Other links related to this podcast:
March 19, 2019
This week, part 2 of a four-episode set recorded live from RSA Conference 2019. This time, it's Phil Beyer's turn to have a turn at the microphone...  Highlights from this week's show include... Phil talks up "The failure of risk management" We discuss the realities of risk management Raf asks "How do we make more informed risk decisions?" Raf and Phil talk through thread models and why they're relevant ...and so much more   Guest Phil Beyer -
March 12, 2019
This week, in the first of a four-part "Live from RSA Conference 2019" series, Rafal interviews Deidre Diamond. Deidre knows a little something about cybersecurity talent having worked in the field most of her professional career. We discuss all kinds of interesting and relevant topics... Highlights from this week's show include... Deidre presents her new "human model" for hiring, staffing, and retaining excellent talent We discuss the difference between a good leader, and just a good manager and why those aren't the same We discuss the pay gap, why it's still a thing, and what's to be done about it Deidre discusses the challenges women face in cybersecurity, and what's changing   Guest: Deidre Diamond: (@DeidreDiamond) -  in her own words: Combining my 21 years of experience working in technology and staffing, my love for the cybersecurity community, and a genuine enthusiasm for people; I created Cyber Security Network (, a company transforming the way Cyber Security Professionals approach job searches. will remove the frustration from job-hunting, and aid in interpersonal connections and education. Throughout my career, I have built large-scale sales and operations teams that achieved high performances. Creating cultures based on an anything is possible attitude allows people to achieve above and beyond the usual. By establishing an open communication framework throughout an organization; I have created cultures of positive energy, career advancement, and kindness, that enables teams to reach beyond peak performance and have fun at work.
February 26, 2019
This week, Patrick Miller joins Rafal to provide an update on the energy sector, and what's different (or not). Another episode with a returning guest who continues to provide timely and important updates on key "big picture" security issues.   Highlights from this week's show include... Patrick gives us a "state of the union" update on what's going on in the power industry with security Raf asks "are we getting better... or worse?" Patrick discusses IoT, IIoT, and "everything has an IP address" Patrick tells a story about his recent encounter with a 386 & DOS 2.2 (if you know what this is, you're old)
February 19, 2019
This week, in a special episode, Dmitri Alperovitch of Crowdstrike joins Rafal to talk about a brand new report that Crowdstrike is releasing. The Crowdstrike 2019 Global Threat Report is a must-read with some very interesting topics covered. Dmitri joins Rafal to talk specifically about the ranking of threat actors, and what it means to you.   Highlights from this week's show include... Dmitri explains "breakout time" and why it's important Dmitri gives a walk-through of the methodology used to rank your global adversaries Dmitri & Rafal talk through who's on first, and what's up with China Rafal & Dmitri talk about what this report means to you sitting at your desk playing defender
February 12, 2019
This week, on the DtSR Podcast, Rafal is joined by Matt Herring, long time listener, and first-time caller. We talk through Matt's career path, and how he got to head up a global security operations team. It's a pretty interesting story - you should listen.   Highlights from this week's show include... Matt talks us through how he got into being an auditor Matt and Raf compare and contrast compliance and security (yes, really) An uncomfortable discussion on market consolidation ensues Matt gets put on the spot for leading and trailing indicators, provides some insights   Guest: Matthew Herring - @MatthewDHerring - Found on LinkedIn here: 
February 5, 2019
This week James and Rafal talk to Sean Martin, one of the people who have been quietly making a difference in the security industry for almost three decades. Sean is credited with many innovations, ideas, and trends...and he spends some time discussing that with us.   Highlights from this week's show include... We collectively quickly make fun of the SIEM (yesterday, today, and next decade) Sean talks through the "feature companies" that are hitting the market in a recent couple of years Raf brings up the idea that we really don't understand the impact of the technology we create for 10+ years - what does that mean for security?
January 30, 2019
This week, long-time friend and colleague Jenn Black (doer of interesting things) joins James and Rafal on the podcast to talk about the role of security leaders in the digital transformation efforts of enterprise shops. Interesting conversation ensues. Highlights from this week's show include... Jenn, James, and Rafal discuss the role of the security lead in enterprise digital transformation Jenn shares some of her experience in aiding CISOs with building security programs to support 'the business' We make light of the fact that it's a million degrees below zero up north Guest Jenn R. Black ( @JennRBlack ) - With over 18 years of experience within IT and cybersecurity managed services, Jenn helps companies manage their cybersecurity threats, vulnerabilities, and risks to meet regulatory and business needs, while driving process efficiency. As a consultant in a cybersecurity practice, she works closely with clients to define their cyber strategy, create roadmaps and solutions to meet the company’s security objectives. 
January 23, 2019
This week second-timer Jon Hawes is back for another trip to the microphone to talk about his interesting take on risk, response, and the security world we live and breathe. With interesting anecdotes and a firm grasp on real-world risk discussions, Jon and Raf have a pretty enlightening chat you will benefit from. Highlights from this week's show include... Jon discusses the concept of a "counterfactual" Jon discusses feedback loops in how incidents are handled Jon and Raf talk through how security professionals discuss 'risk' and what we can do to better the conversation   Guest: Jon Hawes - 
January 15, 2019
This week, James and I sit down to discuss biometric authentication and some of the FUD around ways it can be broken. This ends pretty much the way you think it does.   Highlights from this week's show include... James & Raf talk about how hackers used a "wax hand" to fool a vein auth system Link: Fingerprint authentication to start your car?! We take this discussion to task Link: James & Raf deconstruct the argument for and against biometric security We ask "Does it matter that biometric auth is hackable?"
January 9, 2019
This week, on the DtSR Podcast recorded way too early on a Monday morning, we talk volunteering in InfoSec with Kathleen Smith. Kathleen is the CMO of and - and she recently ran a volunteerism survey (link: you should probably check out too. Highlights of this week's show include... Kathleen discusses some of the highlights of the survey We discuss some of the things volunteers learn, and why this is critical to our community Several jokes are made We discuss the value of volunteering and its impact on your career and much, much more   Guest Kathleen Smith - @YesItsKathleen - CMO, ClearedJobs.Net/CyberSecJobs.Com, both veteran-owned companies, she spearheads the community-building, and communications outreach initiatives catering to the both organizations’ many audiences including security cleared job seekers, cybersecurity candidates, and military personnel. Kathleen has presented at several security conferences on recruiting and job search within the cybersecurity world to include BSidesLV, BSidesTampa, BSidesDE, FedCyber. Kathleen volunteers in the cybersecurity community; she is the Director, HireGround, BSidesLV’s 2-day career track. Kathleen is well respected within the recruiting community, is the co-founder and current President of recruitDC, the largest community of recruiters in the Washington DC area
January 2, 2019
This week, James and Rafal welcome in 2019 with a look at the fundamentally fatalistic argument that "everyone gets hacked" - with Richard Bird. They discuss whether that's even a valid statement, and if so, what can we do about it? Highlights from this week's show include... Richard addresses the question of whether we've addressed a fundamentally fatalistic attitude towards security The guys discuss whether the real perimeter, as we go into 2019 Richard schools the guys on identity - and what it's not the perimeter, but something else Guest Richard Bird - Chief Customer Information Officer at Ping Identity - Link: (Yes, Richard is the guy with the smashingly handsome bowties!)
December 19, 2018
This week James is back on the microphone with Rafal as they interview 2 industry veterans to talk about the right approach to security leadership, and developing that talent pool. We talk to Yaron and Setu to get a sense of what their thoughts are on where good security leaders come from, and the hallmarks of that experience. Highlights from this week's show include... the curious case of the cyber head who doesn't computer Yaron and Setu give us their thoughts on developing security leaders Yaron shares some of his experience building a security program, across industries Yaron and Setu give us a few pieces of insight for current and future security leaders
December 11, 2018
This week, go down the security rabbit hole with someone who has been working on security in the mid-market (likely the kind of company you work at, statistically) for a long time. Bob has some great lessons learned and is willing to share. Listen in Highlights from this week's show include... Bob gives a quick history of how he "hacked into hacking" A discussion of breaking into security Bob & Raf discuss security in the mid-market, and how it's fundamentally different than other market segments Bob discusses hiring, talent acquisition and "working from home" in today's job market
December 5, 2018
In another episode LIVE'ish from AWS re:Invent 2018 I catch perennial favorite and long-time friend Dustin Wilcox as he wandered the vendor show floor. Highlights from this week's show include... Raf asks Dustin the obvious question - what's a CISO doing at a cloud expo? Dustin discusses some of the cloud transformation challenges for security teams Dustin unveils the three things he is currently concerned most about for security, in the cloud Dustin imparts a final piece of wisdom you won't want to miss...   Rafal's Guest: Dustin Wilcox - Vice President and Chief Information Security Officer at Anthem, Inc. - 
November 28, 2018
At day 2 of re:Invent 2018 I tracked down Arash Marzban, Armor's head of product to talk about his stage session and where the market is going for security - at a developer/builder focused cloud conference. This short conversation is quite interesting...
November 27, 2018
This episode of the Down the Security Rabbithole Podcast is sponsored in part by Armor Cloud Security. Go check us out at!   This week's show is a multi-part release from AWS re:Invent 2018. We sit down with two of Armor's solutions consultants to discuss trends, insights from day 0, and discuss anticipated moves and market shifts. Expect this to be an insightful episode where we dive into cloud security from a development and security perspective.  
November 20, 2018
On episode 323, Richard Rushing (aka the "Security Ninua") joins us to talk about being the CISO of a global organization, and multi-national enterprise.   Highlights from this week's show include... Richard talks to us about his background We discuss the unique challenges of a multinational enterprise Richard gives us some wisdom on how to approach "the business" Richard provides some advice for keeping prioritization and sanity
November 15, 2018
This week #DtSR tackles the topic no one else wants to - ethics in cybersecurity. There are a lot of things to be said, so rather than writing them down here, go listen to the episode. Repeatedly. Highlights from this week's show include... A base platform for the discussion on ethics Moral relativism, applied to cyber Law vs ethics Cultural ethics and relativism "Hacking back" - yes we went there
November 6, 2018
** Go Vote ** Do your civic duty, and go vote. Heck, while you're standing in that long line to vote, listen to the podcast, we're not picky. This week, Rob Graham joins Rafal and James (who's back!) to talk about various topics related to threats. We start with the hacking voting machines, and it go from there. Highlights from this week's show include... We ask Rob to tell us what he knows about the Georgia 'hacking the election' case going on right now We discuss what the real threat to our elections is We ask Rob to tell us what he thinks the biggest threats are, and how we should approach them
November 2, 2018
This week, James Habben joins me in studio for what turns out to be an introspective walk through the evolving world of forensics.   Highlights from this week's show include... James gives us some background on how he got where he is We talk through some nostalgia James answers the "Is APT trying to get me" question, sort of We talk about things companies should be doing to prepare...
October 23, 2018
This week, my good friend and entrepreneur Rock Lambros (of the newly formed Rock Cyber) joins me to talk about getting the itch to go out on your own and actually doing it. Many of us have thought about it, daydreamed, but very few do it. So hear an episode from someone who did... Highlights of this week's show include... What motivates and drives someone to jump the safety net of corporate life and go off on their own? Rock gives us the secret to "How you know it's time" We discuss how you can avoid the failings of the typical "consultant" We talk through some very interesting strategy and advisory questions... (lots of gems in here!) Rock drops his list of things to think about/remember We discuss how to make security more than just a cost center Links: Rock's new company - Rock Cyber "Navigating Security in a Brave New World" (
October 18, 2018
This week the DtSR podcast tackles one of the thornier issues going around in the news. As the accusations of Russsian hacking continue to mount, international leaders are speaking out and making bold statements that impact policy on a global level. This topic needed to be addressed with some folks who have actual expertise in the matter - and with the understanding that what we have here are opinions and interpretations.   Highlights from this week's show include: A lively discussion on the implications of the term "cyber war" Jon and Dennis discuss the tone, and context of the article in question: Rafal, Patrick, and Jon go a few rounds on other cyber matters as it pertains to the term "war" and its implications If you listen to this episode and have a strong opinion - get on Twitter and use the hashtag #DtSR and let's discuss it! There is already a lively discussion started here:  
October 9, 2018
While James is away, Raf will podcast all day ...or something like that.   Highlights from this week's show include: Bill talks about what it's like to jump into a higher education system and try and play defense We discuss the role of governance, centralized policy, and management in higher education environments Bill discusses his view on the appropriate places to work in security, in a college/higher education environment We compare and contrast the experience of security in higher education against very large enterprise (the comparison may shock you) Guest William Reyor - ( @WilliamReyor ) - William is Fairfield University’s first CISO, is a former penetration tester, and has more than a decade of security and network engineering experience. He is also the Security BSides Connecticut co-founder. You can find Bill on LinkedIn here: 
October 3, 2018
So, it's October 2018, and it's National Cyber Security Awareness Month. Again. James and I have a bit of an issue with this, as you'd guess. Why are we still talking about awareness when we need action? Are there really people out there that are saying "If only I was aware that there are bad people trying to do bad things, I'd had done it differently"?   Highlights from this week's show include... We riff on the thing we talk about once a year (and not anymore) James takes a shot at passwords... fish, meet the barrel Raf gets a little upset that we're talking about awareness, since 2004 and nothing really changes Raf & James ask you to take action this year and tell us about it! Hashtag it #DtSR and tell us what you're doing for NCSAM 2018 that's going to make an actual difference
September 25, 2018
On this episode of the Down the Security Rabbithole Podcast, Mary Cheney joins us fresh off her talk to the North Texas ISSA Women in Security group. She has such a colorful background and such great stories to tell - we just had to have her on the show.   Highlights from this week's show include... A walk-through of Mary's colorful and extremely diverse background Mary talks about burnout as we pick up the topic from our conversation with Ann Johnson's episode Mary talks about corporate "tools efficacy" and security's cry for wolves much more!
September 18, 2018
This week, on DtSR Episode 314, the infamous (that's more than famous) John Strand joins us. No, not the male model ...the guy who's been an InfoSec legend since before you could walk.   Highlights from this week's show include... We take a stroll down memory lane We discuss the challenges with more complexity in development John takes us through what he thinks some of the faults are    
September 11, 2018
Friends welcome to yet another edition of the Down the Security Rabbithole Podcast - as we invite perennial favorite, Shawn Tuma onto the show! Shawn has a new office, a new law firm, and is giving us his take on what's new in the world of cyber and law. Listen in!   Highlights from this week's episode include... Shawn brings up "The GDPR" and the self-imposed disaster that it has become We dive into the problem with "all the data" Shawn explains the idea of "necessary and proper" and case-law for data breaches Shawn tells us about cyber insurance and the scariest word in the vernacular ... "negligence"
September 5, 2018
This week Down the Security Rabbithole Podcast welcomes two very cool ladies from the InfoSec realm. First Ann Johnson of Microsoft (if you don't know Ann, you're living under a rock, honestly) is here to discuss a tweet she put out a while ago ( ) on mental health in high-pressure jobs in InfoSec. If that wasn't enough, Jennifer Duman from Armor joins us as a guest-host to provide her experienced perspective as a road warrior.   Highlights from this week's episode include... Ann discusses the big deal with working from the road, in a high-pressure InfoSec job We discuss the impact of being a road warrior has on mental health, families, and career Ann gives us some insight from the teams and companies she's worked with Ann gives us some thoughts on how to mitigate mental health impact for InfoSec professionals Guest Ann Johnson - Corporate VP, Cybersecurity Solutions @ Microsoft Twitter: @ajohnsocyber LinkedIn: Guest Host Jennifer Duman - Director of North American Channels @ Armor LinkedIn:
August 29, 2018
This week we dive into the world of the web browser. A brief history, some discussion about what's wrong and how it's broken - and a few suggestions for what to do next. This is a complicated discussion - so you can bet we'll come back to it with your feedback!   Highlights from this week's show include... A brief walk-through of the history of browsing Solutions that tried, but ultimately failed, to solve the challenges An approach we've seen before - the "remote browser" Discussion on challenges and opportunities of the remote browser concept Discussion on Authentic8's approach and innovations
August 23, 2018
This week, Rafal & James discuss one of the bigger challenges that an enterprise security team faces today - evaluating new/replacement security tools and services. Listen close if you're on the enterprise side, and listen closer if you're selling to them.   Highlights from this week's show include... We address the difficulties of evaluating or replacing technologies or services Rafal takes you into the "better" trap, and how you can avoid it We discuss defining concrete problem statements James & Rafal talk through the challenges of defining good requirements and evaluating We address how to pick a winner - or not
August 14, 2018
This week Nate Smolenski - Director, Cloud Architecture Services - joins us for an insightful discussion on the concept of digital transformation for the enterprise. Many companies are undergoing a digital transformation, or have done so already, and it's up to security to once again, catch up. Nate brings a truckload of experience and evidence into the conversation and as a security professional and practitioner - you should absolutely listen to this episode. Twice.   Highlights from this week's show include... Answering: What in the world is "digital transformation"? Discussion around the seemingly "take 2" we're embarking on, as security professionals Enterprise security's role, or not, in digital transformation
August 8, 2018
Friends, this week's episode is truly unique. We talk to a gentleman whose job it is to think big, and into the future in a big way. Jeremy Nulik is the "Evangelist Prime" at Big Wide Sky - an organization that looks to think big, and solve big problems, in big ways. This is an incredible journey into problem-solving on a grand scale.   Highlights from this week's show include... An overview of futurism, as an abstract tool for problem-solving A discussion on the roots of futurism Overview of how futurism is applied today The four key approaches in applied futurism Applying futurism to problem-solving in information security   Links you need to check out:  
August 1, 2018
On this episode of the Down the Security Rabbithole Podcast, Rafal is in Chicago for a few days and visiting with a long-time friend and colleague, Don Donzal. Don has some great history in the Chicago hacking and security professional scene, so we take a stroll down memory lane, talk about what he's doing now, and take a long look ahead. Join us!   Highlights from this week's show include... Don gives us a little insight into where Ethical Hacker Network got started A history of Chicago Con - anyone been? Life, family, career - and how balancing all of that and still doing what you love is important A look into the future of the new venture!   Catch the Ethical Hacker Network online at, and on Twitter at @EthicalHacker.
July 25, 2018
This week, we tackle a topic that should not have taken 306 episodes to get to - balancing family and work while growing a career in Information Security. Britney hits the high points with us, and takes us down the road of what it's like being a mother and security leader - as we explore the topic for everyone who is in our field. Highlights from this week's show include: Who does this apply to? Are you being asked to choose? Becoming adaptive When you should bend and when you should concede Creating your own space Confidence Benefits of Blending
July 17, 2018
Do you work at a company that's too big to be "small business" but too small to be "large enterprise"? You're probably in that place known as the "mid-market". Many of the large vendors don't pay attention to you, and yet you still have all of the same problems big companies do - just without all the budget. What do you do? Listen to this episode of DtSR and find out what we think.   Highlights from this week's show include... Addressing the "tool" or "staff" conundrum Who's manning all those dashboards? Staff to dashboard ratio How do you prioritize, when you can't multi-thread? Giving up isn't an option, so what do you do?
July 11, 2018
This week, James and I interview a former Optiv colleague and advisor to many Fortune 250 CISOs in his long career, our friend Ron Kurisczak. Ron's long and successful career has included time spent truly transforming the way security functions, and how it's seen in the boardroom. Spend 35 minutes and hear his take on where we've been, and why right now is so crucial to our future. Highlights from this week's show include... Why are we transforming security? Data classification, operation policies Tracking key performance indicators (KPIs)  to the new rules of security Who's getting through, how long did they have, what did you do to eradicate? What are we measuring - how do we define "maturity" in security programs Understanding how we understand and measure long-term losses from security failures Moving into a truly risk-based security program, and away from "how much are my peers spending?"
July 3, 2018
Thanks to my friend Brian Wrozek for joining us this week on Down the Security Rabbithole Podcast. Brian's long career as a CISO has broken several 'typical' molds... so he's a fantastic person to join us to talk about the things CISOs should be thinking about. Highlights from this week's show include... Prioritizing projects as the CISO Getting support from the outside because "we hired you to know this" Refreshing and revisiting completed projects/tools to optimize and see a value Security is additive, we never really take anything away - is this a problem? Red team, blue team, purple team ... what happened to penetration testing? Automation, orchestration, automated response to bad Risk management, and "back to the basics" is still broken Breach after breach after breach - and nothing's changing
June 26, 2018
This week, as DtSR rolls on to Episode 302, we talk with John Svazic who is a Cloud Security Architect for a day job and runs the Purple Squad Security Podcast in his spare time. His perspective on the idea of an "infosec army of one" is one that many of us share, and it needs to be solved. Highlights from this week's show include... Trying to solve everything, on our own... burn out or flame on Working as a lone wolf can be detrimental to your career, and sanity Working as an individual within an enterprise team Perspective for the business requires others Case in point - Application security jobs Purple teams - the ultimate collaboration, not me vs you
June 19, 2018
This week on Episode 301, James is off and I take a one on one conversation with Julie Conroy from Aite group on the topic of global fraud. It's a fascinating conversation that winds through the fringes and often unexplored corners of enterprise security. Check it out, and special thanks to Julie for taking the time out of her busy schedule.   Highlights from this week's show include... A brief glimpse into the impact of enterprise security on global fraud Julie talks through identity, and how enterprise security can positively impact fraud Account takeovers - the thing we all fear but struggle to solve Balancing security and usability, convenience Guest Julie Conroy - ( ): Julie is an experienced product management executive with a proven track record of revenue growth and innovation.
June 14, 2018
Thank you, listeners! Down the Security Rabbithole has reached milestone episode #300. In this episode, James and Rafal sit down with the nothing more than an open mic and talk through topics the podcast has previously covered, and others we still have yet to cover.   Join us. And a personal thank you to all of our guests over the past 300+ episodes... we are looking forward to much more great content to come!
June 5, 2018
Special thanks to Chris for doing this in-person. It was a fun conversation and always a pleasure!   Highlights from this week's show include... Chris and I talk about measuring 'risk' We discuss 'brittle systems' which apparently are still alive and kicking Risk analysis, cloud computing, and your business   Guest Chris Abramson ( @cabramson50 ) - Director, Information Security Delivery & Engineering; Team oriented Enterprise Information Security Management professional seeking to improve the security of organizations through education and practice. Qualifications include a bachelors degree in computer science; CISM, CISA, CEH and ECSA certification. Understanding of Industry, State and Federal regulatory standards. Ten years of experience in the creation and deployment of Information Security solutions for protecting the networks, systems and data assets of a fortune 50 company.
May 29, 2018
Two more episodes until we hit #300...what a crazy ride it's been! Thanks for taking the journey with us, and we're looking forward to having you along for another 300 (maybe).   Highlights from this week's show include... Applications of DoD security in a non-DoD world The meaning and elements of the risk equation Understanding (making sense of) the risk equation Swimming in the swamp of marketing literature AppSec as an area of expertise (again, and again, and again)   Go see Jeff at Circle City Con if you're attending. He's giving a talk ( ) titled "(Re)Thinking Cyber Security Given the Spectre of a Meltdown: (Someone Hold My Beer)"
May 22, 2018
Before you listen to this podcast ... go grab this report: from Kenna Security and the Cyentia Institute. Read it. Think about it. Then listen to this show.   Highlights from this week's show include... A high-level walkthrough of the model that authors developed, and the many interesting insights Why what you're doing now is probably as good as random chance A deeper discussion on cause and effect of patches, and trying to do everything So much more! While you're listening to the show, hit us up on Twitter using the hashtag #DtSR or tweet to @DtSR_Podcast!   Guests Jay Jacobs ( @JayJacobs ) Wade Baker ( @WadeBaker ) Michael Roytman ( @MRoytman )
May 15, 2018
This week, former analyst and security industry veteran Adrian Sanabria joins James & Rafal to talk about some of the hype in our industry. From current events, to learning lessons, to the on-going master-class in bullsh*t we convince ourselves of - this podcast is a riveting (although slightly longer) episode of free-flowing discussion.   Highlights from this week's show include... We discuss #eFail - and the circus maximus of ridiculousness that it currently is Adrian gives us some views on believing our own nonsense We attempt to discuss how we got to this point Much more!
May 9, 2018
This week, Mark Nunnikhoven joins us from the great white North. All the way from Ottawa, Canada - Mark talks with James and Raf about cloud computing, DevOps, and some silly things security folks are doing to undermine themselves in the brave new world. Highlights from this week's show include... A brief discussion on moose and Canada Why none of us believe "DevSecOps" is a thing Deploying security into modern code development practices Much, much, much more   Guest Mark Nunnikhoven ( @MarkNCA ) - Vice President, Cloud Research at Trend Micro. Mark has way too many credentials and accolades to list here, go read his LinkedIn page, or check out "Mornings with Mark" on his Twitter feed daily. [Mark on LinkedIn]
May 2, 2018
* Special thanks to Microsoft for giving DtSR access to fantastic guests, and printing t-shirts & stickers for RSA Conference 2018. Please help us say thank you and check out all of the MS announcements at and if you really want to check out something amazing where IoT and cloud collide, check out On this second special episode of the podcast live from RSA 2018, Raf sits down at RSA Conference 2018 with a gentleman you may not know but you should, Avi Ben-Menahem. We discuss what it's like in terms of effort, scope, and sheer talent, to take on the monumental task of securing the Azure public cloud platform. Avi shares his insights, and drops us some interesting tidbits on the day in the life of someone working at truly hyper scale. Again, special thanks to Jessica and the Microsoft team for some truly unprecedented access.
April 24, 2018
* Special thanks to Microsoft for giving DtSR access to fantastic guests, and printing t-shirts & stickers for RSA Conference 2018. Please help us say thank you and check out all of the MS announcements at and if you really want to check out something amazing where IoT and cloud collide, check out On this very special episode of the podcast, Raf sits down at RSA Conference 2018 with the one and only Diana Kelley to talk data integrity, crisis communication, and fear-based selling in security. Again, special thanks to Jessica and the Microsoft.   Guest Diana Kelley ( @DianaKelley14 ) - Diana is the Cybersecurity Field CTO for Microsoft, a cybersecurity thought leader, practitioner, executive advisor, architect, speaker, author and co-founder of SecurityCurve. More here: 
April 17, 2018
This week, James is back and he and Raf sit down for a discussion on navigating the big industry conferences, as RSA Conference kicks off in San Francisco. We add just the right bit of snark to your day, and provide some much-needed commentary on the industry, conferences, and survival. Highlights from this week's show include... A quick overview of RSA Conference Getting value, learning something, or whatever else Buzzwords, and navigating marketing speak Attendee personas: buyer, attendee, vendor - there is a huge difference in how you experience a conference from these angles Feature, product, or startup (sometimes they're the same thing!) Tips, tricks and ideas for having a successful experience
April 10, 2018
[This week's episode and fantastic discussion on endpoint security is sponsored by Nyotron]. DtSR listeners already know we don't do advertisements or traditional sponsorship - so when we bring in a sponsored guest it's because we believe the topic is interesting and the guests have a genuinely interesting point of view. On that note... The topic this week is the endpoint. Yes, the endpoint - the place where security started, and was subsequently abandoned, and reborn. Whether you're talking about virtual cloud workloads, laptops or other types of endpoints - we can all agree on the fact that there are too many buzz words, too many tools, and too many 'solutions' to the various ailments of the endpoint. This week we dive down the rabbit hole with Rene and Nir, from Nyotron, to hear their unique perspective and get an understanding on why they think their approach to this very difficult problem is worthy of your time. I invite you to give this episode a listen, as it's a bit of a pilot for us. If you all enjoy it, we will do 1-2 of these per quarter ... if the audience votes that these add no value, we will give it more thought. If you're coming out to RSA 2018, come see demos of live attacks (including Rubber Ducky) and learn more about Nyotron's technology at the RSA Conference - South Hall, booth #1639. More information on Nyotron which we invite you to check out are here:  Nyotron's latest OilRig report - Background on Nyotron's technology - Endpoint security assessment - Don't forget the hashtag #DtSR on Twitter and you can find us on LinkedIn as well! Thanks for Rene and Nir of Nyotron for the discussion and recognition of the DtSR audience!
April 3, 2018
This week on the Down the Security Rabbithole Podcast, Tony Perez stops by for an early morning chat about the content management systems we in InfoSec love to hate on. We talk about Drupal, Wordpress and all the other CMSes out there that have similar issues.   Highlights from this week's show include... Why start a company that does CMS security (they're hopeless anyway right?) How many of the most popular CMSes are actually not as bad as you may think, security wise The core, the plug-in infrastructure, and plug-ins Finding, responding to, and fixing bugs in the modern software world Guest Tony Perez ( @Perezbox ) - [Tony has perhaps one of the coolest LinkedIn write-ups, so I'm pasting it here.] Tony is a proven business leader and operator. He is a former US Marine (2000 - 2005), and former CEO of Sucuri (2011 - 2017), a website security platform that was acquired by GoDaddy in April 2017. He has proven experience taking a security product from startup to a global, multi-national, organization.  His core competency revolves around: leadership, management, marketing, product position, product pricing, sales, business institutionalization, revenue and organizational strategy.  He believes that our greatest responsibility in sales and marketing is to bridge the gap between the value a customer expects from your product, and the value you assume you are delivering.  He brings with him an intoxicating level of energy, work ethic and passion. Excelling in high-tempo environments, and executing flawlessly against strategies. He is adamant about self-reflection and self-actualization, placing energy on learning his weaknesses and building on them.  He is horrible at spelling, but amazing at motivating people. He is known for challenging people to be better, to strive for more, to never settle for the cards they've been dealt. He was a leader of Marines, and today he's a leader of people, technology and industry.
March 27, 2018
This week, join DtSR as Rafal sits down across the virtual table with the one and only Robert Hansen. Rob (aka @Rsnake ) discusses his roots of being an almost-bad-guy, to the security of browsers, and privacy. Plus we get to reveal something pretty awesome...   Highlights from this week's show include... Rob's fascination with alien conspiracy theories A back history of browsers you've never heard of, that you benefit from today Google... Security vs. Privacy - why you don't actually get either A secret reveal from Rob about his exciting new venture
March 20, 2018
This week, while James was out on family duty, I sat down on a Saturday morning with my good friend Will Gragido to talk security. Will is an industry old-timer (sorry buddy, we're old) and has some seriously valid opinions on many things. We discuss some interesting topics, and apologize for nothing.   Highlights from this week's show include... It's conference season again... and time for more buzzword bingo Marketing people are the worst...except we're all complicit Threat Intelligence. Again. Still. Yep. Let's go hunting for threats - who should have a threat hunt team, and why Mergers, acquisitions, and the future of our industry   Guest Will Gragido ( @WGragido ) - Will Gragido is a seasoned security professional with over 20 years’ experience in networking and information security. Will’s extensive background is the result of his service as a United States Marine, a consultant with the world renowned International Network Services, Internet Security Systems (now IBM ISS), McAfee, Damballa, Cassandra Security, RSA Netwitness, Carbon Black, Digital Shadows and now Digital Guardian where he leads the organization’s Advanced Threat Protection Product Line as its Director.
March 13, 2018
In case y'all don't read LinkedIn or Twitter - Rafal recently joined Armor (, so what better time to interview the CEO Chris Drake than right now. So this week, Chris Drake joins us in the studio to talk about his background (which is quite interesting, by the way) and how he got to start a fast-paced cloud security-as-a-service company.   Highlights from this week's show include... The road starts with jumping out of airplanes The Butterball story More discussion on challenges with existing security models Security-as-a-Service vs. Managed Security (MSS) - differences and big differences   Guest: Chris Drake, Founder and CEO of Armor ( @ChrisDrake ) - Chris is currently the founder and CEO of Armor, a fast-paced cloud Security-as-a-Service provider. If you want more on Chris, you'll have to listen to the podcast.
March 6, 2018
This week's DtSR Podcast sits down in the offices of Shawn Tuma to discuss an update on the law with regards to data breaches, or incidents - and what the differences between. We talk through current events, past history and look into the future a bit. Highlights from this week's show include... the legal differences in the words we use (breach vs. incident) notification and disclosure in a global economy planning, preparation, and the big day costs - specifically around insurance - when things go badly right to sue for current, and future, damages (did they really happen?) overview of GDPR, and the cornucopia of other local, regional, national, and international laws as they are evolving Guest Shawn Tuma ( @ShawnETuma )
February 27, 2018
We have a treat for you folks this week! On episode 285 of the podcast I'm joined by three well repected, forward thinking, and entrepreneurial-minded security executives to talk about about some of the challenges they see in the industry and what they're doing to solve them. From cloud, to threat intelligence, staffing, and other scaling issues - we address the issues head-on, and provide some insight into what these three are thinking going forward. *The audio quality isn't the usual high-quality I expect to publish, so my apologies for that in advance. Somewhere the recording tool I use had an issue, but I did my best to make sure you could hear the speakers clearly. Apologies for the background noise on this recording.   Guests: Susan Magee Dustin Wilcox Jason Clark   If you've noticed the new logo, it's courtesy of a phenomenal artist, whose name is Peter Czaplarski. Yes, you too can hire him to draw amazing things for you, you can find him here: Peter is also the artist behind Vengence Nevada (found here, for you comic lovers: ) and has been an artist in many other venues. We highly encourage you to give his Facebook page a like!
February 20, 2018
This week on the Down the Security Rabbithole Podcast, Raf and James welcome long-time friend of Rafal's - Scott Stanton - to the microphone. Scott's able to join Raf in person in Atlanta, while James is predictably on the other end of a Howdy Doodie (you'll get this if you listen). This week, we tackle the MSS issue (Managed Security Services providers) again, but with a fresh angle where we aren't just spending the entire time bashing something we all rely on - but rather providing some constructive feedback into MSS providers from an enterprise perspective. And reminiscing a little. A lot. Join us! And spread the word! Guest: Scott Stanton ( @Scott_Stanton ) - Information Security leader with experience in the High Tech, Manufacturing, Engineering, Services, and Energy industries. My technical depth includes application development, IP networking, operating systems, virtualization, and storage systems. Scott is currently the Senior Manager of Infrastructure Security at a medical technology company.   If you've noticed the new logo, it's courtesy of a phenomenal artist, whose name is Peter Czaplarski. Yes, you too can hire him to draw amazing things for you, you can find him here: Peter is also the artist behind Vengence Nevada (found here, for you comic lovers: ) and has been an artist in many other venues. We highly encourage you to give his Facebook page a like!
February 13, 2018
This week an old friend, Vinnie Liu of Bishop Fox, joins Raf and James to talk about the history of App Sec. We started trying to test ourselves secure, and we continue to come back to it - so this episode is a walk down memory lane and a glimpse into the future of application security. Don't forget to like us on iTunes and share with your colleagues!   Guest Vinnie Liu ( @VinnieLiu ) - Vincent Liu (CISSP) is a Partner at Bishop Fox, a security consulting firm providing services to the Fortune 500, global financial institutions, and high-tech startups. With nearly two decades of experience, Vincent is an expert in security strategy, red teaming, and product security; and at Bishop Fox, he oversees firm strategy and client relationships. 
February 6, 2018
Join us this week on Down the Security Rabbithole as Barrett Lyon (who knows a thing or two about DDoS) is our guest to talk about the evolution of the art and science of kicking people off of a network. Barrett is the authority on DDoS, with over 20 years in the field, going back to when angry teenagers flooded each other off of IRC servers. This is a fun episode that walks through DDoS - where it came from, how it evolved, and what we can expect in the future. TLDR; yes ...your fridge may one day DDoS your toaster.   Guest Barrett Lyon ( @BarrettLyon ) - Barrett Lyon is the Vice President of Research and Development for the Neustar Security Solutions’ portfolio. He spearheads the development of innovative new products and solutions for the company’s industry-leading DDoS, DNS and cybersecurity solutions. Mr. Lyon is a serial entrepreneur and a well-respected cybersecurity thought leader with experience building leading edge network services and infrastructure. Prior to Neustar, Mr. Lyon founded and served as its Chief Technology Officer. In 2009, he co-founded XDN, Inc. and served as its CEO. As Chief Technology Officer, he led the strategy and technical operations at BitGravity, a company he co-founded. Previously, Mr. Lyon founded Prolexic Technologies and served as its Chief Technology Officer, where he created the first successfully managed service to defend enterprises from Distributed Denial of Service (DDoS) attacks. His authority and over 20 years of experience in the network security space has led to numerous collaborations with a majority of the tier-one and tier-two carriers in North America and Europe, and at National Security Agencies in Europe and the U.S. Outside of the security field, he has been active proponent in the advancement of the Internet. Mr. Lyon was responsible for the Opte Project, often referred to as the Internet Mapping Project and he formed He has been published in several security and non-security related books. Links
January 30, 2018
This week, go Down the Security Rabbithole with James and Raf as they host Robert Sell. Robert took 3rd place at the Defcon SECTF (Social Engineering Capture-the-Flag) in 2017 and he has some lessons to you in the enterprise. "Social Engineering" (while a ridiculous and non-descriptive term) is a real attack vector. How are you defending your enterprise? Listen in. Then talk back on Twitter at #DtSR or LinkedIn!   Guest: Robert Sell ( @RobertESell & )
January 22, 2018
This week, Chris Rosen from IBM joins us to talk about cloud containers - and the security (or lack thereof) of them. There is a paradigm change coming which significantly impacts security - if we're ready for it. Chris talks us through the dramatic changes (or maybe not) of doing cloud security with containers and the impact to the shared responsibility model. Join us, and let us know what you think by leaving us a comment, either here or on iTunes.   Guest Chris Rosen -
January 16, 2018
This week, Jason Garbis re-joins the podcast to go past the Primer (Episode 257) and dive deeper into SDP (Software Defined Perimeter) with a discussion on cloud and relevance to the re-invention of the data center and related infrastructure.   Related DtSR listening: Zero Trust Model w/ John Kindervag: Software Ate the Perimeter w/Jason Garbis:  
January 9, 2018
Welcome Down the Security Rabbithole. This week we bring Jeff Schilling from Armor to talk about Spectre and Meltdown - the two hottest topics of the security right now and for the foreseeable future.   While you listen to us talk, check out these links: And the obligatory "I patched and things got worse" post:  
January 2, 2018
Happy New Year, 2018. Friends, thanks for listening! I can't believe this podcast is still going strong after all these years and 277 episodes. I started this podcast with an idea - give you something to listen to that was office-friendly, informative, and focused on advancing our trade. Over the years I've gotten some encouraging comments from people ranging from those trying to get into our industry, to those who are leading large organizations' security practices. I'm encouraged by you all, and thank you for supporting us. Now, let's get on with 2018. On this first episode of 2018, James and I welcome Ben Kepes who is a long-time friend of mine and and industry analyst. Ben isn't your typical analyst though, because he has a healthy dose of skepticism, an eye for bullsh**, and he's trusted by vendor and buyer alike. Oh, also, he's a Kiwi so he's got that going for him too. Sit back, enjoy, and leave us a comment if you are so moved.
Loading earlier episodes...
      0:00:00 / 0:00:00