Log in

goodpods headphones icon

To access all our features

Open the Goodpods app
Close icon
headphones
Down the Security Rabbithole Podcast (DtSR)

Down the Security Rabbithole Podcast (DtSR)

Rafal (Wh1t3Rabbit) Los

The DtSR Podcast is dedicated to the cyber security profession - with timely topics, lively personalities, deep dives, and no fear of the third rail. Running since 2011 - founded by Rafal Los (aka "@Wh1t3Rabbit"), and co-hosted by James Jardine and now featuring Mr. Jim Tiller - the weekly show will entertain you while you're learning something.
On Twitter/X: https://twitter.com/@DtSR_Podcast
On YouTube: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
On LinkedIn: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/

profile image

1 Listener

Share icon

All episodes

Best episodes

Seasons

Top 10 Down the Security Rabbithole Podcast (DtSR) Episodes

Goodpods has curated a list of the 10 best Down the Security Rabbithole Podcast (DtSR) episodes, ranked by the number of listens and likes each episode have garnered from our listeners. If you are listening to Down the Security Rabbithole Podcast (DtSR) for the first time, there's no better place to start than with one of these standout episodes. If you are a fan of the show, vote for your favorite Down the Security Rabbithole Podcast (DtSR) episode by adding your comments to the episode page.

Down the Security Rabbithole Podcast (DtSR) - DtSR Episode 556 - Will Regulation Price Out the Competition

DtSR Episode 556 - Will Regulation Price Out the Competition

Down the Security Rabbithole Podcast (DtSR)

play

06/20/23 • 47 min

Send the hosts a message - try it now!

TL;DR:
On this software security and regulation-focused episode of the podcast, the OG of AppSec (Jeff Williams) joins James & I to talk about the latest spate of regulations that require self-attested transparency about what companies are doing with respect to securing their software via supply chain and direct action.
Jeff contends this is a good thing and it's hard to argue that transparency drives good - however - I'm always curious what this does to those who struggle to afford to do better, which is what the vast majority of vendors to FedGov are.
Interesting discussion, join us!
YouTube Video: https://youtube.com/live/iavtEVADp4g
Guest

Support the show

>>> If you're reading this, consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast

profile image

1 Listener

bookmark
plus icon
share episode
Down the Security Rabbithole Podcast (DtSR) - DtSR Episode 644 - Inside the Minds of Great Product Managers

DtSR Episode 644 - Inside the Minds of Great Product Managers

Down the Security Rabbithole Podcast (DtSR)

play

03/11/25 • 43 min

Send the hosts a message - try it now!

TL;DR: This week's episode shifts the focus from leadership in the enterprise, to leadership in the vendor space. Building security products that innovate, inspire, and meet market and customer demand is far from trivial. Meet two of the best in the business - Arash Marzban and Bryan Lares - and hear what makes the job exciting, and how they make it great.

YouTube video: https://youtube.com/live/wA9-vgusyI0

Support the show

>>> If you're reading this, consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast

bookmark
plus icon
share episode
Down the Security Rabbithole Podcast (DtSR) - * DtR Episode 50 - The Emergence of Geopolitics in InfoSec

* DtR Episode 50 - The Emergence of Geopolitics in InfoSec

Down the Security Rabbithole Podcast (DtSR)

play

07/22/13 • 42 min

Send the hosts a message - try it now!

Welcome down the rabbithole as we hit EPISODE 50! I'm thrilled that we've made it this far, and look forward to having you along for the ride into the future! At this point, I'd like to encourage you to listen to some of the fascinating guests we've had on this show, people I'm proud to have had a chat with, in the past archives... suggest guests, or just leave us a comment.

/Wh1t3Rabbit

In this episode...

  • We try and discuss 'defense in depth' on the geopolitical scale
  • @packetknife drops the truth about 'geopolitics experts' in InfoSec
  • Ali explains navigating the undocumented security requirements in emerging markets
  • We talk about whether all this stolen data from enterprise has actually made a difference
  • Ali discusses the 'western sense of intellectual property' (eye-opening!)
  • Deperimeterization - why #InfoSec must adapt this RIGHT NOW, but seems allergic to it
  • Ali drops 'lawfare' on us - and why #InfoSec must know its options
  • Wwe discuss why people 'generally just don't get it' when it comes to moving to triage over 'secure'
  • Ali decides he wants to be Frank, or is that frank? :-)

Guest

  • Ali-Reza Anghaie ( @PacketKnife ) - Ali is a resident expert (or as much as one can be) on geopolitics from his unique background, experience and perspective. He's a well-known figure in the community and has deep insight into the things that most of us read in the media, and pretend to understand. He's the perfect guest for Episode 50!

Support the show

>>> If you're reading this, consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast

bookmark
plus icon
share episode
Down the Security Rabbithole Podcast (DtSR) - DtSR Episode 217 - NewsCast for October 25th 2016

DtSR Episode 217 - NewsCast for October 25th 2016

Down the Security Rabbithole Podcast (DtSR)

play

10/25/16 • 47 min

Send the hosts a message - try it now!

The Massive DDoS That Hit Dyn.Org

Verizon Reviewing Terms of Yahoo Deal As Revenue Slides

Passwords - We’re Still Giving Out Horrible Advice

St. Jude Medical to Create Cybersecurity Advisory Board; Muddy Waters Releases More Vulnerability Allegations

  • The ‘fight’ between the short-sell firm and St. Jude Medical is back
  • Smack in

Support the show

>>> If you're reading this, consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast

bookmark
plus icon
share episode
Down the Security Rabbithole Podcast (DtSR) - DtSR Episode 284 - MSS SOS

DtSR Episode 284 - MSS SOS

Down the Security Rabbithole Podcast (DtSR)

play

02/20/18 • 50 min

Send the hosts a message - try it now!

This week on the Down the Security Rabbithole Podcast, Raf and James welcome long-time friend of Rafal's - Scott Stanton - to the microphone. Scott's able to join Raf in person in Atlanta, while James is predictably on the other end of a Howdy Doodie (you'll get this if you listen).

This week, we tackle the MSS issue (Managed Security Services providers) again, but with a fresh angle where we aren't just spending the entire time bashing something we all rely on - but rather providing some constructive feedback into MSS providers from an enterprise perspective. And reminiscing a little. A lot.

Join us! And spread the word!

Guest:

  • Scott Stanton ( @Scott_Stanton ) - Information Security leader with experience in the High Tech, Manufacturing, Engineering, Services, and Energy industries. My technical depth includes application development, IP networking, operating systems, virtualization, and storage systems. Scott is currently the Senior Manager of Infrastructure Security at a medical technology company.

If you've noticed the new logo, it's courtesy of a phenomenal artist, whose name is Peter Czaplarski. Yes, you too can hire him to draw amazing things for you, you can find him here: http://fb.com/CzaplarskiArt. Peter is also the artist behind Vengence Nevada (found here, for you comic lovers: https://www.comixology.eu/Vengeance-Nevada-1/digital-comic/593731 ) and has been an artist in many other venues. We highly encourage you to give his Facebook page a like!

Support the show

>>> If you're reading this, consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast

bookmark
plus icon
share episode
Down the Security Rabbithole Podcast (DtSR) - DtSR Episode 207 - NewsCast for August 16th 2016

DtSR Episode 207 - NewsCast for August 16th 2016

Down the Security Rabbithole Podcast (DtSR)

play

08/18/16 • 47 min

Send the hosts a message - try it now!

Quick note from Michael about the Straight Talk Framework & Program -- >

  • Get your free copy at https://securitycatalyst.com/straight-talk-framework/
  • Launched a new program last week... boy, did I learn a lot.
    • Mostly, it’s my failure to explain. I’m going to chronicle some of the lessons over the next few days and share them
    • If you’ve already downloaded the questions - I’d love to chat with you about your experience...
    • If you find yourself in a situation like this, let’s chat. 25 minutes on the phone and we’ll both benefit
  • Until Monday, August 22nd, chance to get on board early and benefit yourself; i’ve got a lot to share this week and into the future. We’re at the start of something big!

Microsoft Accidentally Leaks 'Golden Keys' That Unlock Secure Boot-Protected Windows Devices: Oops?

The Future Of ATM Hacking

  • http://www.darkreading.com/endpoint/the-future-of-atm-hacking/d/d-id/1326549
  • We didn’t have a problem, but we went ahead with the solution. Looking back on it, imagine some straight talk on this fiasco?
  • Yes, I realize some of you like the elegance of chip + pin; do you like the UX? Because it sucks. And if you lament the mag stripe, does that mean you stopped using a terrestrial radio, too?
  • Our need as leaders - in the enterprise and across the industry - is to focus limited energy and assets on the areas that create the most value

Apple will reward hackers with "bug bounty" to find flaws

Support the show

>>> If you're reading this, consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast

bookmark
plus icon
share episode
Down the Security Rabbithole Podcast (DtSR) - Down the Rabbithole - Episode 09 - Jeff Reich Explains "Table Stakes" and Other InfoSec Genius
play

01/16/12 • 40 min

Send the hosts a message - try it now!

Synopsis

This episode with Jeff was awesome, recorded at the OWASP LASCON security conference, I got a chance to sit down with Jeff in person and talk shop. I always learn something, but in this podcast Jeff dispensed his usual wisdom in buckets, I could barely write this stuff down fast enough. We covered the raising of the "information security table stakes", and what the last 15 years have meant to the information security profession in terms of evolution. We went into a discussion on how information security can avoid being a cost center and feeling the traditional expansion and contraction with workload and economic times, and I learned what the phrase "it was a business decision" really means. In case you need one more compelling reason, Jeff brought up yet another gem when he discussed how the business pushes the boulder off the cliff, then expects information security to change its trajectory mid-fall ... you're not going to want to miss this. I had a wonderful time catching up with Mr. Reich, and you'll enjoy this podcast, that's a promise.

Guest

  • Jeff Reich - (hint: it's prounounced "rich") - A solid history of developing and providing expertise and leadership on information security and all associated disciplines by integrating Managed Risk into the business in the energy, manufacturing, technology and financial services industries. Successfully created and implemented comprehensive Security and Risk Management Infrastructure for a large oil and gas company as well as four of the largest Internet and e commerce providers in their respective industries. Holds a national reputation of excellence through results, publications and presentations of value. Known for ability to hire, train and inspire high performance teams that support and help drive the core business structures. [LinkedIn: http://www.linkedin.com/in/jreich]
    In addition to that, I've known Jeff for a very, very long time throughout his illustrious career, and have always been amazed by his ability to dispense one-liner wisdom, like this one on a recent blog post on "The compliance hamster wheel": "I have been saying for years that simply chasing compliance is like chasing your tail. You probably won't catch it and if you do, it will hurt."

Support the show

>>> If you're reading this, consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast

bookmark
plus icon
share episode
Down the Security Rabbithole Podcast (DtSR) - DtR Episode 42 - Threat Modeling

DtR Episode 42 - Threat Modeling

Down the Security Rabbithole Podcast (DtSR)

play

05/28/13 • 47 min

Send the hosts a message - try it now!

In this episode...

  • John discusses some of the foundational principles of Threat Modeling
  • We talk about why threat modeling is like your time in high school
  • We discuss why threat modeling is such an incredibly important tool to the enterprise
  • John gives us some nuggets of his experience with threat modeling enterprise applications

Guest

  • John Steven ( @m1splacedsoul ) - John Steven is the Internal CTO at Cigital with over a decade of hands-on experience in software security. John’s expertise runs the gamut of software security from threat modeling and architectural risk analysis, through static analysis (with an emphasis on automation), to security testing. As a consultant, John has provided strategic direction as a trusted advisor to many multi-national corporations. John’s keen interest in automation keeps Cigital technology at the cutting edge. He has served as co-editor of the Building Security In department of IEEE Security & Privacy magazine, speaks with regularity at conferences and trade shows, and is the leader of the Northern Virginia OWASP chapter. John holds a B.S. in Computer Engineering and an M.S. in Computer Science both from Case Western Reserve University.
    John is known for his in-depth work in software security, his expertise in the field of threat modeling, and his snarkcasm. If you don't follow John on Twitter or haven't attended one of the talks he's been known to give occasionally - I recommend you do so.

Support the show

>>> If you're reading this, consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast

bookmark
plus icon
share episode
Down the Security Rabbithole Podcast (DtSR) - DtSR Episode 569 - Keeping Secrets a Secret

DtSR Episode 569 - Keeping Secrets a Secret

Down the Security Rabbithole Podcast (DtSR)

play

09/19/23 • 39 min

Send the hosts a message - try it now!

TL;DR:
This week's show features Oded Hareven, Co-Founder & CEO at Akeyless, and we cover some topics that are important, but brand new to us. Oded started a secrets management company and addressed some of the challenges and new technology with us.
First, we discuss the "secret zero" problem (the one I worry about quite often), then zero-knowledge secrets management, and finally, this thing called "distributed fragmented crypto" (which is a bit mind-blowing honestly). I think you'll enjoy this podcast, as it's a little more technical than most, and something you may not hear elsewhere.
YouTube Video: https://youtube.com/live/uNtoFbFrTjo
Guest:

Support the show

>>> If you're reading this, consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast

bookmark
plus icon
share episode
Down the Security Rabbithole Podcast (DtSR) - DtSR Episode 187 - NewsCast for March 29th, 2016

DtSR Episode 187 - NewsCast for March 29th, 2016

Down the Security Rabbithole Podcast (DtSR)

play

03/29/16 • 40 min

Send the hosts a message - try it now!

In this episode...

Support the show

>>> If you're reading this, consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast

bookmark
plus icon
share episode

Show more best episodes

Toggle view more icon

FAQ

How many episodes does Down the Security Rabbithole Podcast (DtSR) have?

Down the Security Rabbithole Podcast (DtSR) currently has 683 episodes available.

What topics does Down the Security Rabbithole Podcast (DtSR) cover?

The podcast is about News, Security, Infosec, Risk, Tech News, Hacking, Podcasts, Technology, Cyber and Cybersecurity.

What is the most popular episode on Down the Security Rabbithole Podcast (DtSR)?

The episode title 'DtSR Episode 556 - Will Regulation Price Out the Competition' is the most popular.

What is the average episode length on Down the Security Rabbithole Podcast (DtSR)?

The average episode length on Down the Security Rabbithole Podcast (DtSR) is 43 minutes.

How often are episodes of Down the Security Rabbithole Podcast (DtSR) released?

Episodes of Down the Security Rabbithole Podcast (DtSR) are typically released every 7 days.

When was the first episode of Down the Security Rabbithole Podcast (DtSR)?

The first episode of Down the Security Rabbithole Podcast (DtSR) was released on Sep 13, 2011.

Show more FAQ

Toggle view more icon

Comments