The Defender’s Advantage Podcast explores the world of cyber security and Mandiant through three distinct tracks. Threat Trends: Listen twice a month as host Luke McNamara interviews guests on the latest in cyber security research, the cyber landscape, and the latest news from Mandiant. Frontline Stories: Listen to Kerry Matre monthly as she is joined by notable guests on the frontlines of cyber security, including Mandiant customers, security professionals, and executives. Skills Gap: List ...
…
continue reading
Information security with a whiskey filter.
…
continue reading
The Security Perspectives Podcast is a show that explores the world of information security and provides valuable insights into starting and advancing a career in this exciting field. Hosted by Nikolas Behar, each episode features a guest who shares their unique perspective on the latest trends, challenges, and opportunities in information security. From red team operators to chief information security officers, guests offer valuable advice and practical tips for listeners looking to break i ...
…
continue reading
1
Lessons Learned from Responding to Cloud Compromises
30:16
30:16
Play later
Play later
Lists
Like
Liked
30:16
Mandiant consultants Will Silverstone (Senior Consultant) and Omar ElAhdan (Principal Consultant) discuss their research into cloud compromise trends over 2023. They discuss living off the land techniques in the cloud, the concept of the extended cloud attack surface, how organizations can better secure their identities, third party cloud compromis…
…
continue reading
Michael Raggi (Principal Analyst, Mandiant Intelligence) joins host Luke McNamara to discuss Mandiant's research into China-nexus threat actors using proxy networks known as “ORBs” (operational relay box networks). Michael discusses the anatomy and framework Mandiant developed to map out these proxy networks, how ORB networks like SPACEHOP are leve…
…
continue reading
1
Investigations Into Zero-Day Exploitation of the Ivanti Connect Secure Appliances
27:47
27:47
Play later
Play later
Lists
Like
Liked
27:47
Mandiant Principal Analysts John Wolfram and Tyler McLellan join host Luke McNamara to discuss their research in the "Cutting Edge" blog series, a series of investigations into zero-day exploitation of Ivanti appliances. John and Tyler discuss the process of analyzing the initial exploitation, and the attribution challenges that emerged following t…
…
continue reading
1
M-Trends 2024 with Mandiant Consulting Vice President Jurgen Kutscher
25:53
25:53
Play later
Play later
Lists
Like
Liked
25:53
Jurgen Kutscher, Mandiant Vice President for Consulting, joins host Luke McNamara to discuss the findings of the M-Trends 2024 report. Jurgen shares his perspective on the "By the Numbers" data, the theme of evasion of detection in this year's report, and how Mandiant consultants have been leveraging AI in purple and red teaming operations. For mor…
…
continue reading
1
Assessing the State of Multifaceted Extortion Operations
40:54
40:54
Play later
Play later
Lists
Like
Liked
40:54
Kimberly Goody, Head of Mandiant's Cyber Crime Analysis team and Jeremy Kennelly, Lead Analyst of the same team join host Luke McNamara to breakdown the current state of ransomware and data theft extortion. Kimberly and Jeremy describe how 2023 differed from the activity they witnessed the year prior, and how changes in the makeup of various groups…
…
continue reading
1
Hunting for "Living off the Land" Activity
42:32
42:32
Play later
Play later
Lists
Like
Liked
42:32
Host Luke McNamara is joined by Mandiant consultants Shanmukhanand Naikwade and Dan Nutting to discuss hunting for threat actors utilizing "living off the land" (LotL) techniques. They discuss how LotL techniques differ from traditional malware based attacks, ways to differentiate between normal and malicious use of utilities, Volt Typhoon, and mor…
…
continue reading
1
Director of NSA's Cybersecurity Collaboration Center on Trends in 2024
25:48
25:48
Play later
Play later
Lists
Like
Liked
25:48
Morgan Adamski, Director of the NSA's Cybersecurity Collaboration Center (CCC) joins host Luke McNamara to discuss the threat posed by Volt Typhoon and other threat actors utilizing living off the land (LotL) techniques, zero-day exploitation trends, how the CCC works with private sector organizations, and more.…
…
continue reading
Principal Analyst Michael Barnhart joins host Luke McNamara to discuss Mandiant's research into the threat posed by the Democratic People's Republic of Korea's (DPRK) usage of IT workers to gain access to enterprises. For more on Mandiant's analysis of North Korea's cyber capabilities, please see: https://www.mandiant.com/resources/blog/north-korea…
…
continue reading
1
Prescriptions for a Healthy Cybersecurity Future with Google Cloud's OCISO
44:27
44:27
Play later
Play later
Lists
Like
Liked
44:27
Taylor Lehmann (Director, Google Cloud Office of the CISO) and Bill Reid (Security Architect, Google Cloud Office of the CISO) join host Luke McNamara to discuss their takeaways from the last year of threat activity witnessed by enterprises within healthcare and life sciences. They discuss applying threat intelligence to third-party risk management…
…
continue reading
Mandiant Intelligence Advisor Renze Jongman joins host Luke McNamara to discuss his blog on the CTI Process Hyperloop and applying threat intelligence to the needs of the security organization and larger enterprise. For more on this topic, please see: https://www.mandiant.com/resources/blog/cti-process-hyperloop…
…
continue reading
1
Threat Trends: Hacktivists' Continued Use of DDoS
44:50
44:50
Play later
Play later
Lists
Like
Liked
44:50
For our first episode of 2024, host Luke McNamara is joined by Mandiant Senior Technical Director Jose Nazario and Principal Analysts Alden Wahlstrom and Josh Palatucci, to discuss the hacktivist DDoS activity they tracked over the last year.By Mandiant
…
continue reading
1
Threat Trends: Tales from the 2023 Trenches
37:47
37:47
Play later
Play later
Lists
Like
Liked
37:47
Doug Bienstock and Josh Madelay, Regional Leads for Mandiant Consulting, join host Luke McNamara to walk through some of the trends they have witnessed responding to breaches in 2023. Josh and Doug cover what is happening with business email compromise (BEC), common initial infection vectors, social engineering tactics, and more.…
…
continue reading
1
From Master Mechanic to Master Hacker the Journey of A Principle Security Analyst and Hacker
47:29
47:29
Play later
Play later
Lists
Like
Liked
47:29
Join me as I interview my coworker Matt! We discuss how he went from a Master Mechanic to a Master Hacker, and employed as a Principal Security Analyst and even passing his OSCP in 3.5hrs on his first try! We have a bonus surprise with Matt’s fave hacking YouTuber John Hammond!!
…
continue reading
1
Threat Trends: DHS Secretary Alejandro Mayorkas in Conversation with Kevin Mandia
20:44
20:44
Play later
Play later
Lists
Like
Liked
20:44
Host Luke McNamara is joined for this special episode highlighting October as Cybersecurity Awareness Month by Kevin Mandia and DHS Secretary Alejandro Mayorkas. Secretary Mayorkas and Kevin discuss the threat landscape, collaboration between the private sector and government, improving the talent gap in cyber, and ongoing DHS initiatives to foster…
…
continue reading
1
Threat Trends: Addressing Risk in the Cloud with Wiz
37:05
37:05
Play later
Play later
Lists
Like
Liked
37:05
Host Luke McNamara is joined by Amitai Cohen, Attack Vector Intel Lead at Wiz to discuss trends in cloud security, managing risk, and more. For more on Wiz's research, please see: https://www.wiz.io/blog and https://www.wiz.io/crying-out-cloudBy Mandiant
…
continue reading
1
Threat Trends: Unraveling WyrmSpy and DragonEgg Mobile Malware with Lookout
32:42
32:42
Play later
Play later
Lists
Like
Liked
32:42
Host Luke McNamara is joined by Kristina Balaam, Staff Threat Researcher at Lookout, to discuss her work attributing two new mobile malware families to APT41. For more on Lookout's report on WyrmSpy and DragonEgg: https://www.lookout.com/threat-intelligence/article/wyrmspy-dragonegg-surveillanceware-apt41 Follow Kristina on X @chmodxx_…
…
continue reading
1
Threat Trends: The Implications of the MOVEit Compromise
27:51
27:51
Play later
Play later
Lists
Like
Liked
27:51
Charles Carmakal, CTO for Mandiant Consulting, joins host Luke McNamara to discuss the long tail impact of FIN11's compromise of the MOVEit file transfer solution. Charles breaks down some of the differences with this compromise in comparison to FIN11's previous operations, why the impact from this operation may impact organizations for some time, …
…
continue reading
A conversation with Andrew Barnett, Chief Strategy Officer @ Cymulate https://cymulate.com/ https://www.linkedin.com/in/andrewbarnett1/ https://www.optiv.com/
…
continue reading
1
Threat Trends: A Requirements-Driven Approach to Cyber Threat Intelligence
27:39
27:39
Play later
Play later
Lists
Like
Liked
27:39
Dr. Jamie Collier (Senior Threat Intelligence Advisor, Mandiant) joins host Luke McNamara to discuss the recent white paper from Mandiant about developing a requirements-driven approach to intelligence, challenges organizations face in this area, and the importance of recurring stakeholder feedback to a well-functioing CTI team. Follow Jamie at @Th…
…
continue reading
1
Frontline Stories: Crisis Communications During a Breach
31:26
31:26
Play later
Play later
Lists
Like
Liked
31:26
Dan Wire from Mandiant joins host Kerry Matre to discuss the ins and outs of crisis communications during a breach as well as what you can do to prepare for a crisis.By Mandiant
…
continue reading
1
Threat Trends: UNC961 and How Managed Defense Approaches Threat Hunting
30:20
30:20
Play later
Play later
Lists
Like
Liked
30:20
Ryan Tomcik, Dan Fenwick, and Tim Martin join host Luke McNamara to discuss how Managed Defense conducts proactive hunting, illustrated by several UNC961 intrusions. For more, please see: https://www.mandiant.com/resources/blog/unc961-multiverse-financially-motivated Follow Ryan @heferyzan and Tim @Sa1jak on Twitter.…
…
continue reading
1
Frontline Stories: The Executive's Role in Cybersecurity
33:17
33:17
Play later
Play later
Lists
Like
Liked
33:17
What role do executives and the board play in cybersecurity and breach management. Hear from Jesse Jordan and Howard Israel of Mandiant discuss their experiences helping executives get the right information from their security leaders and understanding their role during a breach.By Mandiant
…
continue reading
1
Threat Trends: Bonus Episode - How Will AI Impact Threat Intelligence?
9:22
9:22
Play later
Play later
Lists
Like
Liked
9:22
The endless battle of threat actors versus cybersecurity professionals may come down to who deploys AI better. In this interview from RSA, John Hultquist, Senior Manager, Mandiant Intelligence, surmises how the bad guys may use AI in the near future to scale attacks, while Vijay Ganti, Head of Product Management, Threat Intelligence, Detection & An…
…
continue reading
Mandiant's Kirstie Failey and Jake Nicastro join host Luke McNamara to break down the findings from the 2023 M-Trends report. Kirstie and Jake cover some of the notable trends gleaned from Mandiant breach investigations over the past year around dwell time, ransomware, top initial intrusion vectors, and more. For more on Mandiant's 14th iteration o…
…
continue reading
1
Brian Cullen - CISO @ Rakuten Kobo Inc.
1:19:11
1:19:11
Play later
Play later
Lists
Like
Liked
1:19:11
Coversation with Brian Cullen - CISO @ Rakuten Kobo Inc. Guest: Brian Cullen - https://www.linkedin.com/in/brian-cullen-57a0b420/ Host: Nikolas Behar - https://www.linkedin.com/in/nikobehar/ Companies Mentioned: NavCanada: https://www.navcanada.ca Kognitiv: https://www.kognitiv.com/ Kobo: https://www.kobo.com/ BlackBerry: https://www.blackberry.com…
…
continue reading
1
Frontline Stories: Exposure Management Beyond Vulnerabilities
25:48
25:48
Play later
Play later
Lists
Like
Liked
25:48
Jonathan Cran, Lead for Mandiant Attack Surface Management at Google Cloud, joins host Kerry Matre to discuss the evolution of vulnerability and exposure management and how important comprehensive approaches are to mitigating cyber risk. Jonathan shares his experiences from BugBounty, penetration testing and working with customers to solve the grow…
…
continue reading
Conversation with Jake Kluka, Principal Red Team Consultant @ Mandiant (Google Cloud) Guest: Jake Kluka - https://www.linkedin.com/in/johnckluka/ Host: Nikolas Behar - https://www.linkedin.com/in/nikobehar/ Tools mentioned: Bloodhound: https://github.com/BloodHoundAD/BloodHound Rebeus: https://github.com/GhostPack/Rubeus Certify: https://github.com…
…
continue reading