55 avsnitt • Längd: 30 min • Månadsvis
The Detection at Scale Podcast is dedicated to helping security practitioners and their teams succeed at managing and responding to threats at a modern, cloud scale.
Every episode is focused on actionable takeaways to help you get ahead of the curve and prepare for the trends and technologies shaping the future.
The podcast Detection at Scale is created by Panther Labs. The podcast and the artwork on this page are embedded on this page using the public podcast feed (RSS).
In this episode of Detection at Scale, Jack speaks to Brandon Kovitz, Senior Manager of Detection & Response at Outreach, shares his insights on the evolving landscape of cybersecurity. He discusses the critical role of generative AI in enhancing detection and response capabilities, emphasizing the importance of understanding data to maximize security tools' effectiveness.
Brandon also highlights the balance between human intuition and AI, noting that while AI can analyze vast amounts of data, it lacks the nuanced understanding of intent that only humans can provide. Tune in to learn how organizations can leverage AI while maintaining essential human oversight in their security strategies!
Topics discussed:
Resources Mentioned:
In this episode of Detection at Scale, Jack speaks to JJ Tang, CEO and Co-founder of Rootly, about revolutionizing incident management in tech organizations. JJ shares his journey from practitioner to founder and emphasizes the importance of viewing incident management as a cultural and collaborative effort rather than just a tooling issue.
JJ touches on breaking down silos between security and other teams to enhance communication and reliability, and empowering security practitioners to take on educator roles within their organizations. He also offers actionable insights on creating a culture of reliability and improving incident response strategies!
Topics discussed:
Resources Mentioned:
In this episode of Detection at Scale, Jack speaks to Thijn Bukkems, Threat Hunting Lead at Grammarly. Thijn shares his expertise on building a robust security intelligence program, emphasizing the importance of leveraging existing resources and adapting current tools to enhance threat detection.
Thijn discusses the value of working backwards from response strategies to design effective detection mechanisms. He also highlights the necessity of collaboration across teams, urging listeners to avoid silos in decision-making to uncover unexpected insights.
Topics discussed:
Resources Mentioned:
In this episode of Detection at Scale, Jack speaks with Saksham Tushar, Head of Security Operations & Threat Detection Engineering at CRED, about the challenges of compliance in a high-growth environment. Saksham shares their strategy for automating security processes and enriching data to enhance threat detection.
He emphasizes the importance of verifying automated outcomes to ensure accuracy. Saksham also covers how CRED uses Python libraries for efficient incident response and the significance of contextual understanding in security incidents. With a focus on streamlining compliance and leveraging intelligence, Saksham provides valuable insights into building a robust security operations framework in a rapidly evolving landscape.
Topics discussed:
Resources Mentioned:
In this special episode of Detection at Scale, Jack welcomes security experts Dan Cao, Engineering Manager of Security Incident and Response at Netflix, and returning guest Josh Liburdi, Staff Security Engineer at Brex. They discuss the rise of developer-centric security solutions and the ongoing balance between utilizing big platforms like CrowdStrike and bespoke tools — the build versus buy dilemma.
They highlight the importance of fundamental skills and critical thinking in security engineering, emphasizing the need for continual learning and adaptability. Dan and Josh also share insights on building effective security teams and the significance of mentorship and team culture in fostering innovation and resilience in an evolving tech landscape.
Topics discussed:
Resources Mentioned:
In this episode of Detection at Scale, Jack speaks to Alessio Faiella, Director of Security Engineering & Security Operations at ThoughtSpot, to discuss building forward-looking security programs for 2024.
Alessio dives into the dynamic and ephemeral nature of modern security environments and the importance of understanding the nuances of the product and user base. He also highlights how ThoughtSpot leverages AI to enhance detection and response capabilities. Additionally, Alessio shares insights on codifying playbooks and prioritizing core focuses to ensure a robust cybersecurity posture.
Topics discussed:
In this episode of Detection at Scale, Jack speaks to Roger Allen, Senior Director, Global Head of Detection and Response at Sprinklr, to explore the complexities of running a modern SOC. Roger shares his expertise on prioritizing alerts with contextual understanding, the importance of crafting a robust data strategy, and preventing team burnout.
From integrating adversary testing to ensuring team alignment with organizational goals, Roger also offers actionable insights and practical advice for enhancing cybersecurity defenses.
Topics discussed:
In this episode of Detection at Scale, Jack welcomes Christopher Watkins, Senior Staff Cloud Security Engineer at WP Engine, to discuss innovative logging solutions and efficient data management across multiple cloud platforms. Chris reveals how WP Engine leverages native tools and robust API gateways to streamline logging processes.
He shares strategies for cost-effective threat hunting, such as optimizing large-scale queries through table partitioning. Chris also emphasizes the importance of mental and physical well-being, and the role of community support in maintaining a sustainable career in cybersecurity.
Topics discussed:
Resources Mentioned:
In this episode of Detection at Scale, Jack Naglieri chats with Darren LaCasse, Director of Threat Intelligence, Incident Response, & Threat Detection at Elastic. Darren offers insights into the innovative project around detection as code, shedding light on the methodologies Elastic employs to enhance security operations.
Darren touches on the challenges of managing massive amounts of data, the importance of prioritization in security tasks, and how automation has revolutionized their response strategies. He also shares practical advice on conducting gap analyses to focus on what truly matters.
Topics discussed:
Resources Mentioned:
In this episode of the Detection at Scale podcast, Jack speaks to Daniel Wiley, Head of Threat Management and Chief Security Advisor at Check Point Software, to discuss the intricacies of balancing technology and human analytics in cybersecurity.
Daniel shares his experiences in building three successful internal startups at Check Point and emphasizes the importance of continuous learning throughout one’s career. He also touches on effective incident response strategies for small- to medium-sized businesses, and the vital role of adaptable data schemas in managing large-scale security operations.
Topics discussed:
Resources Mentioned:
In our latest episode of Detection at Scale, Jason Waits, CISO at Inductive Automation, shares insights learned in his journey from network administration to cybersecurity and the importance of SCADA systems.
He dives into the value of automation, ML, and AI in security operations, highlighting the need for asking the right questions for efficient data analysis. Jason also discusses building a security team with a focus on detection and response, leveraging automation for faster investigations.
Topics discussed:
Resources Mentioned:
In our recent special Hot Ones-style episode of Detection at Scale, Panther CEO Will Lowe and Founder & CTO Jack Naglieri sit down to taste hot sauces and talk hot topics in the field of cybersecurity. Jack shares his evolution from security professionals to founders, emphasizing the importance of experience and understanding attacker profiles.
Jack also gives his insights on the foundational skills to becoming a detection engineer, including building detection engineering functions and having war room experience. He also discusses the evolving role of AI in the security field, such as its usefulness in generating code for detection programs.
Topics discussed:
Resources Mentioned: Jack Naglieri’s Substack
In a recent episode of the Detection at Scale podcast recorded at the RSA conference, Jack chats with Corey Quinn, Chief Cloud Economist at The Duckbill Group, an AWS cost-management agency. They talked about the intersection of security and billing in the context of AWS environments, highlighting the significance of observability through billing data to enhance security measures.
Corey also discussed key offenders in AWS services for security and highlighted the challenges companies face in determining optimal investments in security services. Throughout our discussion, Corey offers valuable takeaways on navigating the evolving landscape of AWS security practices and optimizing billing strategies for enhanced cloud security.
Topics discussed:
Resources Mentioned:
In this episode, Jack Naglieri speaks to Jeff Bollinger, Director of Incident Response and Detection Engineering at LinkedIn, who shares valuable insights on his journey in security, key technological shifts he's witnessed, and his approach to threat intelligence, incident response, and monitoring.
Jeff highlights the importance of contextual understanding in security operations and emphasized the critical role of human intuition, adaptability, and creativity in addressing security challenges. He also discussed the need for a balanced team with diverse skill sets and his views on the evolving role of AI in security operations.
Topics discussed:
In this episode, Jack Naglieri speaks to Josh Liburdi, Staff Security Engineer at Brex. Josh explains the process of developing their new security data pipeline toolkit, Substation and how it has been working. He also discusses the importance of quality data, highlighting the impact of data transformation.
Josh also shares his insights on the value of human analysis in SecOps and modern incident response strategies, from handling alerts to understanding program gaps.
Topics discussed:
On this week's episode of the Detection at Scale podcast, Jack talks with Matthew Valites, Director of Threat Detection & Operational Strategy at SAP. They discuss which threat detection approach works the best, what metrics Matthew uses to gauge his programs, and why Matthew is a proponent of using detection as code.
Matthew also looks to the future and gives his prediction on what role technology such as GenAI will play in the security landscape. They close out their conversation with some actionable lessons from Matthew's book, Crafting the Infosec Playbook.
Topics discussed:
On this week's episode of the Detection at Scale podcast, Jack talks with Justin Anderson, Security Engineering Manager, Detection & Response at Meta. They discuss how Meta has built its detection engineering program, how it treats detection-as-code like software, and how it gauges risk by assessing the TTPs applicable to the environment. They also talk about where AI is able to help out in development, the greater need for engineering and investigation skills, and three things to remember when building a security program.
Topics discussed:
On this week's episode of the Detection at Scale podcast, Jack talks with Charles Anderson, Director, Global SOC at Sony. They discuss better approaches to risk-based alerting that leverage metadata, how they fine tune detections across a global organization, and what factors to use when determining thresholds. They also talk about how to use Time to Detect to improve your strategies, how LLMs can help with baseline detection, and why it's key to not lose sight of risk in pursuit of threat.
Topics discussed:
On this week's episode of the Detection at Scale podcast, Jack talks with Jason Craig, Director - Threat Detection & Response at Remitly. They discuss the common TTPs of threat actors and how organizations can better protect against them by adopting hardware-backed authentication, a risk-based approach to logging, and building their threat modeling. They also talk about why organizations should move away from cellular MFA, the need for more behavioral profiling, and advice for security professionals.
Topics discussed:
On this week's episode of the Detection at Scale podcast, Jack talks with Drew Gatchell, Director, Detection Engineering at AppOmni. They discuss how to overcome the challenges to detection on SaaS platforms and how they're building strategies upon alerting and detection frameworks. They also talk about how generative AI can help with normalizing inputs, the benefits of data lakes for D&R, and why it's key to have a measurable plan for detection.
Topics discussed:
On this week's episode of the Detection at Scale podcast, Jack talks with Emanueal Mulatu, Senior Engineering Manager - Detection & Response at Block. Together, they discuss what success means in security, the most rewarding things about security, and how to address and prevent one of the biggest challenges today: burnout. They also talk about ways to increase productivity through automation, the potential for AI and large language models, and why creating a great workplace starts with a healthy work-life balance.
Topics discussed:
On this week's episode of the Detection at Scale podcast, Jack talks with Dr. Anton Chuvakin, Senior Security Staff at the Office of the CISO at Google Cloud. They dig deeper into the conversation taking place online around decoupled SIEMs, which both Jack and Anton wrote about. They discuss what a decoupled SIEM is, the evolution of data platforms and security capabilities, if decoupled SIEMs will work broadly with current customer demands, and if having backend data lakes is the best solution for fast, real-time querying.
Topics discussed:
Resources Mention:
On this week's episode of the Detection at Scale podcast, Jack talks with Dhruv Majumdar, Director, Cyber Risk & Advisory at Deloitte. They discuss common challenges when transitioning from a traditional SOC to a detection and response program, what questions to ask when building a threat modeling strategy, and the benefits data lakes can unlock for D&R. They also talk about how LLMs are helping detect exfiltration and –the need for security controls, policies, and good partnerships.
Topics discussed:
On this week's episode of the Detection at Scale podcast, Jack talks with Anton Chuvakin, Security Advisor at the Office of the CISO at Google Cloud, and Timothy Peacock, Senior Product Manager at Google. Together, they discuss some of the needs and trends in cybersecurity today, including how to know what level of D&R your organization needs, the use cases for AI today, and how LLMs and SIEMs will handle data at scale. They also talk about the need for more creative solutions to misconfiguration management, three things security practitioners can do to improve cloud security, and why cybersecurity is the "most intellectually stimulating profession on the planet."
Topics discussed:
In this episode, Jack speaks with David Seidman, Head of Detection and Response at Robinhood. David has worked for large tech companies like Google, Microsoft, and Salesforce in a variety of D&R roles.
During this episode, David shares his tactical advice on how his team is building the pipes and engines of security at Robinhood, his top tools to improve fidelity of detections, and what he’s learned in his career that’s made him a better practitioner and leader.
Topics discussed:
In this episode, Jack chats with Christopher Witter (aka Witter), Engineering Manager, Detection & Response at Spotify and a founding member and former lead for Crowdstrike’s Falcon OverWatch managed hunting service.
Witter has nearly two decades of experience in incident response and information security, holding leadership roles on computer security and incident response teams (CSIRT) with both a top five global bank and a top ten defense contractor.
During this episode, Witter shares his behind the scenes experiences helping build the Falcon Overwatch Team at Crowdstrike, why it’s critical to measure queries in seconds, not minutes, his tips on running highly effective D&R teams at scale, and more!
Topics discussed:
In this episode, Jack Naglieri speaks to Kelly Jackson Higgins, Editor-in-Chief at Dark Reading. During the episode, they share their thoughts about how cyber threats have changed over the years.
Topics discussed:
In this episode of the Detection at Scale, Jack speaks with Michael Hanley, Chief Security Officer and SVP of Engineering at GitHub. He also spent five years at Duo Security building their security program, and is passionate about making security easy and accessible for everyone.
Topics include:
Resources:
Adeel Saeed is VP of Technology Strategy and Execution Management at Kyndryl and is a former CISO/CIO at large financial services companies, aviation companies, and more.
Adeel is an experienced technology strategist and digital transformation leader with extensive hands-on technology and information security management experience and has led multiple large-scale complex technology transformation projects.
Topics include:
Resources:
Keep in touch with Adeel on LinkedIn: https://www.linkedin.com/in/adeelsaeed/
Chris Hodson is the CISO at Contentful, which helps digital teams assemble content and deliver experiences, faster. Prior to Contentful, Chris was at Zscaler and Tanium and also busy writing a book called Cyber Risk Management: Prioritize Threat, Identify Vulnerabilities, and Apply Controls.
Chris builds and runs cybersecurity organizations that manage technology risks and helps product teams develop security solutions that work. As comfortable in the server room as the board room, he tailors cybersecurity strategy to organizational risk appetite and business objectives.
Topics include:
Resources:
Thomas Owen is CISO at Grafana and an advisor to startups who helped build the security team at Snyk and is especially excited about fostering conversations around ethics, sustainability, mental health, and inclusivity.
A cloud-native, innovative and strategic security leader with a blend of people, policy and technical experience and a strong product affinity, Thomas and Jack discuss how to build a team from the ground up, the attributes of a modern security team, how to gauge value of security, and his advice for practitioners around basic hygiene.
Topics include:
Keep in touch with Thomas on LinkedIn: https://www.linkedin.com/in/thomas-rhys-owen/?originalSubdomain=uk
Mike Saxton is Technical Director of Defensive Cyber Operations at Booz Allen Hamilton. His primary focus is on implementing technical solutions to protect against vulnerabilities, exploit software or hardware, data threats and other emerging risks that may threaten critical system operations.
Not only an endurance athlete and classically trained musician, Mike is a long time proponent of detections as code and in today's episode he and Jack discuss everything from getting started on your detection journey, to broader cloud security adoption, the use of open source in government, and more!
Topics include:
Keep in touch with Mike on LinkedIn at: https://www.linkedin.com/in/mikesaxton/
JJ Agha is the CISO at Compass, the largest real estate brokerage in the US, and previously spent over four years as VP of InfoSec at WeWork, along with time as a security engineer at Vimeo and Priceline.
Having worked for and advised for multiple startups and Fortune 500 companies he enjoys the challenge of building security teams and maturing programs and disciplines within an organization while embracing and learning new technologies.
In today’s episode, Jack and JJ discuss how he builds his team, buy vs build, what he expects from a modern SIEM, and more!
Topics include:
Keep in touch with JJ on LinkedIn at: https://www.linkedin.com/in/jonathanagha/
Kathy Wang is the CISO at Discord, an internationally-recognized malware expert who has researched, developed, evaluated, and operationalized various solutions for detecting and preventing client-side attacks used by advanced persistent threats (APT).
As a security executive and leader, Kathy has a strong background in project management, research, and business development. She has worked in government, commercial, and technology startup environments, and currently advises security services/products startup companies.
In today’s episode, Jack and Kathy discuss the talent pool in cybersecurity.
Topics discussed in this episode:
Keep in touch with Kathy on LinkedIn at: https://www.linkedin.com/in/kathywang/
Nir Rothenberg is the CISO at Rapyd, managing security and IT for the soaring Fintech company, on a mission to ensure that the future of financial services will be democratized and secure.
Prior to Rapyd, Nir led information security in NSO Group, a well known cyber-intelligence company, where he was charged with protecting a high profile and high risk enterprise. Before NSO Group, Nir worked as a consultant, helping with some of Israel's leading companies to reduce risk and improve information security. Nir is very active in Israel's cyber startup scene, advising and partnering with many of them.
In today’s episode, Nir and Jack discuss lessons learned in transitioning from an on-prem environment to cloud infrastructure, building a modern team, scaling at Rapyd, and tips to help organizations build a modern security team that’s capable of detection and response at scale.
Topics discussed:
Keep in touch with Nir on LinkedIn at: https://www.linkedin.com/in/nir-rothenberg-5a6b48ba/
Joe Uchill is a Senior Reporter at SC Magazine — the leading trade publication for the cybersecurity industry. Prior to joining SC Magazine in 2020, Joe was a cybersecurity reporter at outlets including Axios and The Hill.
Today’s episode is the first in our mini-series dedicated to interviewing leading cybersecurity journalists. Cybersecurity reporting plays an important role for practitioners, leaders, and the general public to understand recent breaches, latest malware trends, and best practices that can help us all stay safe on the internet. Our goal with this series is to help our audience learn more about who these journalists are and what it's like to be a reporter in this fast-changing industry.
Topics discussed:
To keep up with Joe’s latest reporting, join him on twitter at https://twitter.com/JoeUchill
Aaron Zollman is the CISO at Cedar — a patient payment and engagement platform for hospitals, health systems, and medical groups that elevates the patient experience. Prior to Cedar, Aaron spent time in security at companies like Bridgewater, Palantir, and MUFG Bank, Japan’s largest bank.
In today’s episode, Aaron and Jack discuss lessons and tips to help organizations build a modern security team that’s capable of detection and response at scale.
Topics discussed:
Thomas Kinsella is the COO and co-founder of Tines — a no-code security automation platform that frees teams from manual work so they can focus on higher-value strategic work. In today’s episode, Thomas and Jack explore what it's like to transition from a security practitioner to a startup founder and how tools like Tines and Panther can be used to transform the way security teams operate.
Topics discussed:
What does it take to shape an early-stage security project into a product that solves real problems?
Understanding your customers is a key first step. Knowing the personas who can use your product and the leverage they can get out of it, it's what ultimately brings value to security teams and even other teams that can seize their benefits.
We had a great conversation with Joren McReynolds who is the VP of Engineering, IT and Security at Panther Labs. In today's episode he shares the experiences and lessons over the course of his journey at Facebook, Airbnb, and how they shaped his knowledge on what building a great product takes.
Topics discussed:
Clint Gibler is the Head of Security Research for r2c, the company behind SEMGREP, a popular open-source static analysis security scanning tool used by teams all over the world.
He joined r2c to help build and shape the future of AppSec; one that includes secure defaults along with lightweight enforcement of those defaults.
In today's episode, Clint talks about SEMGREP, operationalization of tools for security teams, intersection between AppSec and D&R as well as tips to succeed in AppSec at scale.
More topics discussed in this episode:
Other resources:
tl;dr Sec Newsletter: tldrsec.com
Robin Smith is the Head of Cyber and Information Security at Aston Martin and he brings a fresh and unique voice to the security industry.
He advocates for a lean, progressive security mindset where it's crucial thinking around processes to make sure that organizations are not unnecessarily wasting resources while committing to continuous improvement at the same time.
Tune in to learn more about what lean security is, why Robin has always seen security as an asset, and how you can embed that value into your organization.
Topic discussed in this episode:
If you were building a detection program today, what would be your top resources to start with?
As we head into a cloud-based future, the ability of handling increased data sets becomes crucial, teams need to have processes in place that cover the entire detection lifecycle, and develop skills necessary to help build, grow and improve a successful detection program.
In today's episode, we had an insightful conversation with Snowflake’s Global Threat Intelligence and Detection Engineering Leader, Haider Dost and Senior Security Engineer, Daniel Wyleczuk-Stern where we discovered why data and being able to query that data is a critical first step.
Topics discussed in this episode:
Have you ever thought you could find more assets in your network that you thought you would have? Do you have segments that haven't been scanned yet? Or maybe subnets that you have ignored?
These and much more is what asset discovery brings to the table to any security team, helping to prevent the next big incident.
In today's episode we sat down with Chris Kirsch, CEO and co-founder of Rumble and chatted about why covering the basics, like having a full inventory of your network with all the managed and unmanaged devices, is a best practice to secure any environment.
Topics discussed in this episode:
Why is SIEM an area of unease for so many security officers?
To make detection and response successful, we need tools capable of upscaling the practitioners as well as equipping them to be successful. We need tools we can rely on.
In today's episode, we had an inspiring conversation with J Wolfgang Goerlich, Advisory CISO at Cisco Secure. We discussed how trust is a determinant factor in building the security tools of the future, why so many CISOs lost trust over SIEMs and what we can do to rebuild it.
Topics discussed in this episode:
Securing the environment and scaling operations of the world's leading streaming entertainment service is massive.
Srinath Kuruvadi is the head of cloud infrastructure security at Netflix. Before Netflix, he spent more than 15 years building security solutions and leading teams at Google, Facebook, Snapchat, Lyft, and Mapbox.
In today's episode, he shares how his leadership skills have evolved over time, where he puts his focus when approaching infrastructure security, and what he believes are the key ingredients any security team should have today.
Topics discussed in this episode:
How does anything scale as a leader?
For today's guest, security has always been a puzzle in which the only variable we do get to control is time; specifically, all the decisions that enable us to control how fast we detect threats.
Am I going to be agile with this tool? How fast can I deploy detection if something happens today? How many hours is it going to take me to understand if it happens again or if it's still happening?
These are some of the questions Matt Jezorek likes to ask himself. Matt is the Vice President of Security and Platform Abuse at Dropbox, an Information Security Executive with multinational fortune 50 experience who can think like an attacker and still speak to the business.
Topics discussed in this episode:
Risk management has shifted from a traditional mindset to an integrated view, where engagement of all departments across an enterprise is crucial to address threats properly.
In today's episode we sat down with Miguel Viana from Talkdesk to discuss how security teams provide guidance to identify vulnerabilities and how risk management processes evolve in a fast-paced growing team.
Topics discussed in this episode:
"The people who actually work with me (not for me), do their jobs better"
Gusto is a People Platform and as the Chief Information Security Officer, Fredrick Lee (AKA Lee) knows company value starts with your employees. If you don't take care of your employees, you can't take care of your customers.
Being a great leader is not only about inspiring your team and making them want to do more but also, and more importantly, is about transparency and building trust.
Tune in into today's episode for a master class on how to lead a security organization from the trenches.
Topics discussed in this episode:
Not so long ago security was 'more manual' and therefore, riskier. Important systems would drift in their configuration, people would go on and change things manually.
Over the past decade, there has been a shift from tools that were doing infrastructure as code to immutable infrastructure. Technology now allows you to be updated, gives you the ability to retrain, and have a repeatable process.
Gilbert Martin is the Head of Cloud Security at OutSystems and a big believer in taking a developer first approach to a lot of the things that we do in security. One of those is creating an image pipeline.
In today's episode, Gilbert walks us through the idea of how using the right tools can help you promote better cloud infrastructure security.
Topics discussed in this episode:
Cyber security is difficult. It's asymmetric and the advantage falls on the attacker side.
When Omer Singer realized this, he felt inspired to join the military service in Israel. After what he saw by being on the offensive side, moving to the defense was challenging. How would he reconcile both sides of the same coin?
Omer Singer is now Head of Cyber Security Strategy at Snowflake and in this episode, he shares what was the game changing approach that made him flip into doing detection.
Listen to Omer for great insights and advice on how to break into today's data driven cyber security industry.
Topics discussed in this episode:
Cassio Goldschmidt is the Senior Director and CISO at ServiceTitan. Awarded for his leadership in cyber security, he has over 20 years of experience in various technology companies. He has been a speaker at the most respected international conferences and even helped improve the security integrity of Brazil's voting system.
In today's episode, Cassio shared unique insights on the importance of bringing the right people for your company needs, whether you are a startup or a fortune 500.
Who is best for what? When is the right time for outsourcing? What kind of experts should you bring to your team in the beginning? We asked Cassio these questions and also dove into leadership, decision making, and what the future demands for security teams will be.
Topics discussed in this episode:
'Don't make assumptions. Ask the question.'
That's what today’s guest advises to her team on how to differentiate what's normal from abnormal in an evolving threat environment.
Cynthia Moore is the Senior Director of Information Security at BlackLine but she started out in infrastructure operations building telecoms systems. Coming from a non-traditional security background has given Cynthia a true leverage and the versatility not only to better empathize with clients' needs but also to speak their language.
In today's episode, you will get to understand the mindset of a great security leader and learn her secret recipe on how to encourage teams to turn 'impossible' problems into possible outcomes.
Topics discussed in this episode:
Today's guest shared an eye-opening definition: "Application security is an evolving narrative. It's all about collaborating and interacting with the people building the business."
When Ty Sbano started, application security wasn't really called application security. He was fortunate enough to be one of the early folks that had a formal degree in information technology with a focus on security from Penn State University.
From JP Morgan to Capital One to the startup field, Ty collects over 15 years of experience in security. Today, he is Chief Trust and Security Officer at Sisense and he sat down with us to discuss all things AppSec, how to build early, robust security teams, and how to lead with empathy in an evolving agile environment.
Topics discussed in this episode:
Attackers are always ahead of the game and today you need more than having a lock on your front door. Modern security requires organizations to think outside the box, re-architect their environment, and be able to scale more efficiently and effectively.
In this first episode, we sat down with Brad LaPorte to discuss Endpoint Detection and Response (EDR) in depth.
Brad has spent time in US Cyber Intelligence, large technology companies like IBM, research firm Gartner, and today as partner at High Tide Advisors a firm specializing in go-to-market consulting.
Topics discussed in this episode:
Topics discussed in this episode:
Welcome to the Detection at Scale Podcast! My name is Jack Naglieri, CEO and founder of Panther Labs and more importantly, I'm also a security practitioner.
When I was part of the Airbnb and Yahoo security teams, I experienced firsthand the challenges of high-scale security monitoring. In 2018, I left Airbnb to fully dedicate myself to solving this problem.
In this short episode, I will cover:
- Who we are
- Why we are doing this podcast
- What you can expect on future episodes
We can promise you one thing: this is NOT a podcast about selling you what Panther can do. The #1 reason we are doing this, it's because we want to help demystify a lot of techniques that we use to operate effectively at scale.
Thank you for listening and very excited to start this journey together!
En liten tjänst av I'm With Friends. Finns även på engelska.