BlueHat Oct 23 Day 1 Keynote: John Lambert

In this week’s special episode, we bring you the BlueHat Oct 23, day 1 keynote delivered by John Lambert, Microsoft Corporate Vice President and Security Fellow. In his BlueHat Oct day 1 keynote, John discusses the importance of incidents in the security field, strategies for finding security incidents, and the importance of looking beyond traditional defense measures to discover attackers and traces outside of one's network. John introduces the idea of "hunting until closure," which involves systematically investigating various attacker actions to learn more about their activities. He also mentions the concept of "time travel breach detection," which uses historical logs to trace and identify previous attacker actions. 

In This Episode You Will Learn:    

• The importance of security incidents in shaping the cybersecurity field 
• Why logs and telemetry data in cybersecurity are essential when tracking attacker actions 
• How valuable mutual respect is in the security community 

Some Questions We Ask:    

• How do escalating conflicts within teams affect productivity? 
• What role did trust and collaboration play in responding to the SolarWinds incident? 
• Why must the security community work together to protect customers? 

Resources:  

View John Lambert on LinkedIn  

View Wendy Zenone on LinkedIn 

View Nic Fillingham on LinkedIn 

Related Microsoft Podcasts:                 

• Afternoon Cyber Tea with Ann Johnson 
• Uncovering Hidden Risks    
• Security Unlocked     
• Security Unlocked: CISO Series with Bret Arsenault 
• Secure the Job: Breaking into Security 

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Hosted on Acast. See acast.com/privacy for more information.