Listen to Talos security experts as they bring their hot takes on current security topics and Talos research to the table. Along the way Mitch, Liz, Matt and a rotating chair of special guests will talk about anything (and we mean anything) that's on their minds, from the latest YouTube trends to Olympic curling etiquette. New episodes every other Thursday.
Recorded 3/02/20 - We open up the show with a sugary sweet poem before talking about RSA and our annual trip through the startup hall. Matt expertly segues the crew into talking about the impact the security industry can have on public-interest technologies and civil society - both in the industry sense as well as in the interpersonal sense. FInally, we take a look at opposing mindsets and approaches, discussing how partnering with an adversarial approach is not near the oxymoron it seems.Full show notes on the Talos blog
Recorded 2/19/20 - Craig made an oopsie. He sends his apologies for the echo-chamber reverb. We had no idea until he sent in his audio for mixing, we would never do this to you intentionally. This is a shorter ep focusing on software licencing and features as well as vulnerability disclosure. Join us to talk about vendors abilities to disable feature sets and owning versus using products. We further chat about vulnerabilities and how a vendor with no security advisories is often seen as a “more secure” option, when in fact, that can mean the exact opposite.
Full show notes on the Talos blog
Recorded 1/31/20 - When a vulnerability is released, regardless if it has a website and logo or not, we need to understand the risk to the network and what defense options are possible before the patch is ready for production. Can you defend against the vulnerability or do you go straight for known exploits? What happens if an exploit occurs? Also discussed: Talos begins releasing Threat Assessment Reports based on IR engagement data and known prevalent threats. Snort has a new series of training and lab videos available for Snort 2 and Snort3.Full show notes on the Talos blog
Recorded 1/20/20 - Powershell is a frequent flyer in security headlines - a powerful and oft wielded tool for attackers and defenders alike. This ep takes a look at Powershell and how to help ensure its security posture as an effective management tool. We also look at the missing-the-forrest-for-the-trees concept of behind being concerned about the latest shiny ATP before all else.Full show notes on the Talos blog
Recorded 1/6/20 - There is a looming cyber conflict on the horizon between the US and Iran. We use all our time this week to discuss the situation at hand and take a hard look at what you should have already done foundationally. The crew offers insight and analysis of what nation-state cyber conflict looks like and what you can do to elevate your security strategy to the next level in an uncertain time of increased suspicion.
Full show notes on the Talos blog
Recorded 12/20/19 - In a shorter year-end EP, we take a look back and a look forward. It seems everyone else wants to break out the crystal ball this time of year and prognosticate the coming year’s threat landscape. We don’t have one of those, so we used a Magic 8-ball, but we’re pretty confident the results are as-good or better. However, most of the EP is dedicated to going through the notable security events of the past year. We take a look at the lasting effects and lessons learned from 2019’s biggest threats.
Full show notes on the Talos blog
Recorded 12/9/19 - We have a big announcement to make today! Check your feed for a few Ep’s of a new podcast from Talos - “Talos Takes”. On this Ep of BWT, we welcome Joe Marshall to the table - Joe is a Talos ICS/IoT tech lead and he stops by to discuss issues in the IoT space - macro and micro, from both the vendor and user perspectives. Check out the crew’s advice on staying secure in this IoT gift giving season.We will see you in the new year, and thanks for listening in 2019. Merry Christmas and Happy Holidays to all!!!
Full show notes on the Talos blog
Craig is out sick/injured/fighting robots (actually all three), so we brought in Sean Mason from Talos IR to talk shop today and give you the inside scoop on IR (and Sean’s next-level beard care regimen). How do incidents affect the enterprise and consumers? How has the advent of widespread ransomware fundamentally shifted the burden of responsibility in the c-suite and what have been the outcomes? What does a responder have in the bag when they arrive on-site?Full show notes on the Talos blog
Recorded 11/8/19 - Joel is out on PTO, so Mitch, Matt, Nigel, and Craig carry the banner this EP discussing how attackers approach targets like investors looks at portfolio. We also talk about how the most recent off-cycle elections in the US give us a glimpse of improvements and changes in election security. Finally, we take a quick look at popular scams and how attackers use seasonality to increase the relevance of their scam for emotional response.Full notes on the Talos Blog
Recorded 10/25/19 - Today is a bit different. We normally keep things pretty neutral on this show (not really), but today is all about the new service Talos is launching - say hello to Talos Incident Response. Amy Henderson from the Talos Intel and Interdiction group joins us as we discuss the full circle of threat intelligence - from global visibility to hyper local context, and how IR allows those feed each other to the improvement of both. Listen to the announcement as we discuss what IR is, what it means in general, and what Talos brings to that equation. We hope you are half as excited as we are, because that is still pretty dang excited. Lastly, Craig isn’t with us today, but you get to decide his fate for being dishonest with you, dear listeners. We will deliver you justice.
Full show notes - and more in-depth info on the Talos blog