Listen to Talos security experts as they bring their hot takes on current security topics and Talos research to the table. Along the way Lurene, Matt, and Mitch and a rotating chair of special guests will talk about anything (and we mean anything) that's on their minds, from the latest YouTube trends to Olympic curling etiquette. New episodes every other Thursday.
Recorded 3/13/20 - Of course we have to talk about the implications of Coronavirus to the way business and security are getting done. While everything about the COVID-19 pandemic seems to be a fluid situation, a rare constant has been the same rehashed disaster scams. But that could quickly change with the mass shift toward remote work. This episode takes a look at both securing that shift as well as practical advice for those of us finding ourselves as newly remote employees.
Full show notes on the Talos blog
Recorded 3/02/20 - We open up the show with a sugary sweet poem before talking about RSA and our annual trip through the startup hall. Matt expertly segues the crew into talking about the impact the security industry can have on public-interest technologies and civil society - both in the industry sense as well as in the interpersonal sense. FInally, we take a look at opposing mindsets and approaches, discussing how partnering with an adversarial approach is not near the oxymoron it seems.Full show notes on the Talos blog
Recorded 2/19/20 - Craig made an oopsie. He sends his apologies for the echo-chamber reverb. We had no idea until he sent in his audio for mixing, we would never do this to you intentionally. This is a shorter ep focusing on software licencing and features as well as vulnerability disclosure. Join us to talk about vendors abilities to disable feature sets and owning versus using products. We further chat about vulnerabilities and how a vendor with no security advisories is often seen as a “more secure” option, when in fact, that can mean the exact opposite.
Full show notes on the Talos blog
Recorded 1/31/20 - When a vulnerability is released, regardless if it has a website and logo or not, we need to understand the risk to the network and what defense options are possible before the patch is ready for production. Can you defend against the vulnerability or do you go straight for known exploits? What happens if an exploit occurs? Also discussed: Talos begins releasing Threat Assessment Reports based on IR engagement data and known prevalent threats. Snort has a new series of training and lab videos available for Snort 2 and Snort3.Full show notes on the Talos blog
Recorded 1/20/20 - Powershell is a frequent flyer in security headlines - a powerful and oft wielded tool for attackers and defenders alike. This ep takes a look at Powershell and how to help ensure its security posture as an effective management tool. We also look at the missing-the-forrest-for-the-trees concept of behind being concerned about the latest shiny ATP before all else.Full show notes on the Talos blog
Recorded 1/6/20 - There is a looming cyber conflict on the horizon between the US and Iran. We use all our time this week to discuss the situation at hand and take a hard look at what you should have already done foundationally. The crew offers insight and analysis of what nation-state cyber conflict looks like and what you can do to elevate your security strategy to the next level in an uncertain time of increased suspicion.
Full show notes on the Talos blog
Recorded 12/20/19 - In a shorter year-end EP, we take a look back and a look forward. It seems everyone else wants to break out the crystal ball this time of year and prognosticate the coming year’s threat landscape. We don’t have one of those, so we used a Magic 8-ball, but we’re pretty confident the results are as-good or better. However, most of the EP is dedicated to going through the notable security events of the past year. We take a look at the lasting effects and lessons learned from 2019’s biggest threats.
Full show notes on the Talos blog
Recorded 12/9/19 - We have a big announcement to make today! Check your feed for a few Ep’s of a new podcast from Talos - “Talos Takes”. On this Ep of BWT, we welcome Joe Marshall to the table - Joe is a Talos ICS/IoT tech lead and he stops by to discuss issues in the IoT space - macro and micro, from both the vendor and user perspectives. Check out the crew’s advice on staying secure in this IoT gift giving season.We will see you in the new year, and thanks for listening in 2019. Merry Christmas and Happy Holidays to all!!!
Full show notes on the Talos blog
Craig is out sick/injured/fighting robots (actually all three), so we brought in Sean Mason from Talos IR to talk shop today and give you the inside scoop on IR (and Sean’s next-level beard care regimen). How do incidents affect the enterprise and consumers? How has the advent of widespread ransomware fundamentally shifted the burden of responsibility in the c-suite and what have been the outcomes? What does a responder have in the bag when they arrive on-site?Full show notes on the Talos blog
Recorded 11/8/19 - Joel is out on PTO, so Mitch, Matt, Nigel, and Craig carry the banner this EP discussing how attackers approach targets like investors looks at portfolio. We also talk about how the most recent off-cycle elections in the US give us a glimpse of improvements and changes in election security. Finally, we take a quick look at popular scams and how attackers use seasonality to increase the relevance of their scam for emotional response.Full notes on the Talos Blog