Down the Security Rabbithole

By Rafal Los (Wh1t3Rabbit)

About this podcast   English    United States

Follow the Wh1t3 Rabbit
... attention technology and business leaders!
The "Down the Security Rabbithole" podcast is not your ordinary security podcast, primarily because we take a business perspective on the colorful and fast-paced world of information security. Bringing useful commentary on relevant events in the information security community, filtered through a no-nonsense business first approach, this is a podcast that helps you get the sane perspective on hacks, risks, threats and technology that you need to help make decisions in your daily life and in your organization.
324 episodes · since Sep, 2011
April 17, 2018
This week, James is back and he and Raf sit down for a discussion on navigating the big industry conferences, as RSA Conference kicks off in San Francisco. We add just the right bit of snark to your day, and provide some much-needed commentary on the industry, conferences, and survival. Highlights from this week's show include... A quick overview of RSA Conference Getting value, learning something, or whatever else Buzzwords, and navigating marketing speak Attendee personas: buyer, attendee, vendor - there is a huge difference in how you experience a conference from these angles Feature, product, or startup (sometimes they're the same thing!) Tips, tricks and ideas for having a successful experience
April 10, 2018
[This week's episode and fantastic discussion on endpoint security is sponsored by Nyotron]. DtSR listeners already know we don't do advertisements or traditional sponsorship - so when we bring in a sponsored guest it's because we believe the topic is interesting and the guests have a genuinely interesting point of view. On that note... The topic this week is the endpoint. Yes, the endpoint - the place where security started, and was subsequently abandoned, and reborn. Whether you're talking about virtual cloud workloads, laptops or other types of endpoints - we can all agree on the fact that there are too many buzz words, too many tools, and too many 'solutions' to the various ailments of the endpoint. This week we dive down the rabbit hole with Rene and Nir, from Nyotron, to hear their unique perspective and get an understanding on why they think their approach to this very difficult problem is worthy of your time. I invite you to give this episode a listen, as it's a bit of a pilot for us. If you all enjoy it, we will do 1-2 of these per quarter ... if the audience votes that these add no value, we will give it more thought. If you're coming out to RSA 2018, come see demos of live attacks (including Rubber Ducky) and learn more about Nyotron's technology at the RSA Conference - South Hall, booth #1639. More information on Nyotron which we invite you to check out are here:  Nyotron's latest OilRig report - Background on Nyotron's technology - Endpoint security assessment - Don't forget the hashtag #DtSR on Twitter and you can find us on LinkedIn as well! Thanks for Rene and Nir of Nyotron for the discussion and recognition of the DtSR audience!
April 3, 2018
This week on the Down the Security Rabbithole Podcast, Tony Perez stops by for an early morning chat about the content management systems we in InfoSec love to hate on. We talk about Drupal, Wordpress and all the other CMSes out there that have similar issues.   Highlights from this week's show include... Why start a company that does CMS security (they're hopeless anyway right?) How many of the most popular CMSes are actually not as bad as you may think, security wise The core, the plug-in infrastructure, and plug-ins Finding, responding to, and fixing bugs in the modern software world Guest Tony Perez ( @Perezbox ) - [Tony has perhaps one of the coolest LinkedIn write-ups, so I'm pasting it here.] Tony is a proven business leader and operator. He is a former US Marine (2000 - 2005), and former CEO of Sucuri (2011 - 2017), a website security platform that was acquired by GoDaddy in April 2017. He has proven experience taking a security product from startup to a global, multi-national, organization.  His core competency revolves around: leadership, management, marketing, product position, product pricing, sales, business institutionalization, revenue and organizational strategy.  He believes that our greatest responsibility in sales and marketing is to bridge the gap between the value a customer expects from your product, and the value you assume you are delivering.  He brings with him an intoxicating level of energy, work ethic and passion. Excelling in high-tempo environments, and executing flawlessly against strategies. He is adamant about self-reflection and self-actualization, placing energy on learning his weaknesses and building on them.  He is horrible at spelling, but amazing at motivating people. He is known for challenging people to be better, to strive for more, to never settle for the cards they've been dealt. He was a leader of Marines, and today he's a leader of people, technology and industry.
March 27, 2018
This week, join DtSR as Rafal sits down across the virtual table with the one and only Robert Hansen. Rob (aka @Rsnake ) discusses his roots of being an almost-bad-guy, to the security of browsers, and privacy. Plus we get to reveal something pretty awesome...   Highlights from this week's show include... Rob's fascination with alien conspiracy theories A back history of browsers you've never heard of, that you benefit from today Google... Security vs. Privacy - why you don't actually get either A secret reveal from Rob about his exciting new venture
March 20, 2018
This week, while James was out on family duty, I sat down on a Saturday morning with my good friend Will Gragido to talk security. Will is an industry old-timer (sorry buddy, we're old) and has some seriously valid opinions on many things. We discuss some interesting topics, and apologize for nothing.   Highlights from this week's show include... It's conference season again... and time for more buzzword bingo Marketing people are the worst...except we're all complicit Threat Intelligence. Again. Still. Yep. Let's go hunting for threats - who should have a threat hunt team, and why Mergers, acquisitions, and the future of our industry   Guest Will Gragido ( @WGragido ) - Will Gragido is a seasoned security professional with over 20 years’ experience in networking and information security. Will’s extensive background is the result of his service as a United States Marine, a consultant with the world renowned International Network Services, Internet Security Systems (now IBM ISS), McAfee, Damballa, Cassandra Security, RSA Netwitness, Carbon Black, Digital Shadows and now Digital Guardian where he leads the organization’s Advanced Threat Protection Product Line as its Director.
March 13, 2018
In case y'all don't read LinkedIn or Twitter - Rafal recently joined Armor (, so what better time to interview the CEO Chris Drake than right now. So this week, Chris Drake joins us in the studio to talk about his background (which is quite interesting, by the way) and how he got to start a fast-paced cloud security-as-a-service company.   Highlights from this week's show include... The road starts with jumping out of airplanes The Butterball story More discussion on challenges with existing security models Security-as-a-Service vs. Managed Security (MSS) - differences and big differences   Guest: Chris Drake, Founder and CEO of Armor ( @ChrisDrake ) - Chris is currently the founder and CEO of Armor, a fast-paced cloud Security-as-a-Service provider. If you want more on Chris, you'll have to listen to the podcast.
March 6, 2018
This week's DtSR Podcast sits down in the offices of Shawn Tuma to discuss an update on the law with regards to data breaches, or incidents - and what the differences between. We talk through current events, past history and look into the future a bit. Highlights from this week's show include... the legal differences in the words we use (breach vs. incident) notification and disclosure in a global economy planning, preparation, and the big day costs - specifically around insurance - when things go badly right to sue for current, and future, damages (did they really happen?) overview of GDPR, and the cornucopia of other local, regional, national, and international laws as they are evolving Guest Shawn Tuma ( @ShawnETuma )
Feb. 27, 2018
We have a treat for you folks this week! On episode 285 of the podcast I'm joined by three well repected, forward thinking, and entrepreneurial-minded security executives to talk about about some of the challenges they see in the industry and what they're doing to solve them. From cloud, to threat intelligence, staffing, and other scaling issues - we address the issues head-on, and provide some insight into what these three are thinking going forward. *The audio quality isn't the usual high-quality I expect to publish, so my apologies for that in advance. Somewhere the recording tool I use had an issue, but I did my best to make sure you could hear the speakers clearly. Apologies for the background noise on this recording.   Guests: Susan Magee Dustin Wilcox Jason Clark   If you've noticed the new logo, it's courtesy of a phenomenal artist, whose name is Peter Czaplarski. Yes, you too can hire him to draw amazing things for you, you can find him here: Peter is also the artist behind Vengence Nevada (found here, for you comic lovers: ) and has been an artist in many other venues. We highly encourage you to give his Facebook page a like!
Feb. 20, 2018
This week on the Down the Security Rabbithole Podcast, Raf and James welcome long-time friend of Rafal's - Scott Stanton - to the microphone. Scott's able to join Raf in person in Atlanta, while James is predictably on the other end of a Howdy Doodie (you'll get this if you listen). This week, we tackle the MSS issue (Managed Security Services providers) again, but with a fresh angle where we aren't just spending the entire time bashing something we all rely on - but rather providing some constructive feedback into MSS providers from an enterprise perspective. And reminiscing a little. A lot. Join us! And spread the word! Guest: Scott Stanton ( @Scott_Stanton ) - Information Security leader with experience in the High Tech, Manufacturing, Engineering, Services, and Energy industries. My technical depth includes application development, IP networking, operating systems, virtualization, and storage systems. Scott is currently the Senior Manager of Infrastructure Security at a medical technology company.   If you've noticed the new logo, it's courtesy of a phenomenal artist, whose name is Peter Czaplarski. Yes, you too can hire him to draw amazing things for you, you can find him here: Peter is also the artist behind Vengence Nevada (found here, for you comic lovers: ) and has been an artist in many other venues. We highly encourage you to give his Facebook page a like!
Feb. 13, 2018
This week an old friend, Vinnie Liu of Bishop Fox, joins Raf and James to talk about the history of App Sec. We started trying to test ourselves secure, and we continue to come back to it - so this episode is a walk down memory lane and a glimpse into the future of application security. Don't forget to like us on iTunes and share with your colleagues!   Guest Vinnie Liu ( @VinnieLiu ) - Vincent Liu (CISSP) is a Partner at Bishop Fox, a security consulting firm providing services to the Fortune 500, global financial institutions, and high-tech startups. With nearly two decades of experience, Vincent is an expert in security strategy, red teaming, and product security; and at Bishop Fox, he oversees firm strategy and client relationships. 

Podcasts like "Down the Security Rabbithole"   ·   View all

By Binary Barbershop
By Woke Radio / Anchor
By The Boutique Hub with Ashley Alderson
By OTI Media
By Dylan Steven
Disclaimer: The podcast and artwork embedded on this page are from Rafal Los (Wh1t3Rabbit), which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.