The Defender’s Log Podcast

David Redekop

The Defender’s Log Podcast: Stories from the Cybersecurity FrontlinesThe Defender’s Log is your front-row seat to the real-world battles shaping today’s cybersecurity landscape. Hosted by seasoned professionals, each episode brings you face-to-face with the sharpest minds in digital defense, MSP/MSSP founders, CISOs, threat researchers, and architects, who are redefining what it means to secure our connected world.From zero-trust frameworks to ransomware takedowns, from DNS hardening to incident response in regulated industries, this podcast pulls back the curtain on the strategies, frameworks, and mindsets powering modern cyber resilience. Whether you're a security leader, IT strategist, or tech-savvy executive, you’ll walk away with the tools and stories that move the needle.🔐 Why Listen to The Defender’s Log?Cyber threats are evolving and so must our defenses. This isn’t theory. These are the actual voices of those defending systems under pressure, making real-time decisions that pr...

  1. Speed, Risk, and Responsibility in the Age of AI

    5D AGO

    Speed, Risk, and Responsibility in the Age of AI

    Cybersecurity used to be about perimeter defenses and patch cycles. Now it’s about decision speed, trust, and restraint—especially when AI is involved. This conversation with Rafael Ramírez moves through decades of engineering experience, real-world incident response, and the uncomfortable reality that AI is scaling faster than governance, policy, and human intuition. What stands out isn’t hype—it’s discipline. How leaders think about risk, how zero trust becomes a mindset (not a framework), and why AI security fails most often when it’s rushed instead of designed.   Key Discussion Points 00:00 – Cybersecurity, curiosity, and being “born an engineer” 04:30 – Early systems, reverse engineering, and learning by breaking things 10:45 – The moment cybersecurity became real: incident response under pressure 17:10 – AI security for small and mid-sized organizations (what actually matters) 18:40 – Governance, data, hygiene, and why fundamentals still win 22:15 – Why AI is moving faster than strategy can keep up 25:00 – The danger of shipping AI before it’s ready 29:00 – Deterministic vs. non-deterministic systems (and why it matters) 33:20 – Zero Trust as a mindset, not a checkbox 37:00 – Guardrails, outbound control, and constraining AI behavior 41:30 – AI as a double-edged sword 47:10 – Local models, cloud swings, and the return of the edge 52:00 – Trust is built over time—just like early firewalls 54:40 – Technology, trust, and talent: keeping people at the center   If you’re building, defending, or deploying AI inside real organizations, this one will challenge how you think about control, trust, and responsibility.   Join the conversation: 👍 Like this episode to support the channel 🔔 Subscribe for more real‑world security insights 💬 Share your biggest AI takeaway in the comments 🔗 Send this episode to a colleague or friend who works in network security   #CyberSecurity #AISecurity #ZeroTrust #AILeadership #Technology #RiskManagement #AgenticAI #TheDefendersLog #AdamNetworks #SecurityArchitecture #RiskManagement #CloudSecurity #DefensiveSecurity

    58 min
  2. Inside the DNS Battlefield: Malware, Tunnels & the Future of Network Defense

    FEB 6

    Inside the DNS Battlefield: Malware, Tunnels & the Future of Network Defense

    Attackers are getting smarter—and the protocol they rely on most isn’t what you think. In this powerful conversation, David Redekop and Johannes Weber break down how modern malware abuses DNS, why attackers prefer DNS tunneling and exfiltration, and the defensive strategies every organization needs in 2026. Johannes brings decades of hands‑on experience as a network security specialist, consultant, packet analyst, and educator. Together, they trace the full threat landscape around DNS and explore the evolving tools, behaviors, and techniques shaping the defender’s playbook. ⏱️ Chapters & Key Moments 00:00 – Why 90% of malware still depends on DNS 01:00 – A fun start: German names, dual identities & cultural overlaps 03:00 – Johannes’ origin story: LAN parties → network engineer → security consultant 06:00 – You don’t need to code to thrive in network security 07:00 – DNS basics: recursive resolvers vs. authoritative servers 08:00 – How attackers abuse DNS “as designed” 10:30 – Lookalike domains & deceptive URL patterns 11:00 – DGAs (Domain Generation Algorithms) explained 12:00 – Newly registered vs. newly observed domains 14:00 – Aging domains & reputation‑based defense 15:00 – DNS exfiltration: how attackers sneak data out 16:00 – Step‑by‑step breakdown of DNS exfiltration 18:00 – DNS tunneling: when attackers turn DNS into a VPN 19:00 – Why signature‑based defenses fail 21:00 – Deep Query Inspection & entropy analysis 22:00 – Where DNS security belongs in your architecture 24:00 – TXT, NULL, A/AAAA abuse & blocking strategies 27:00 – DNS spoofing & cache poisoning 30:00 – DNSSEC: authentication vs. confidentiality 33:00 – DOH/DOT: privacy vs. visibility 36:00 – TLS interception & enterprise tradeoffs 39:00 – Securing roaming users in a VPN‑less world 41:00 – What Pi‑hole solves at home (and what it won’t) 43:00 – Johannes’ favorite tools: DNSViz, DNSDiag, DNSPing 44:30 – The Ultimate PCAP collection (15 years, 90+ protocols) 46:00 – Why Johannes teaches — and the next generation of defenders 48:00 – Closing thoughts & community resources 🛠️ Mentioned Tools & Resources DNSViz – DNS trust visualization DNSDiag / DNSPing – Resolver latency + diagnostic toolkit Iodine / DNScat2 / DNS‑tunnel tools – Examples of DNS tunneling tech Ultimate PCAP Collection (Johannes’ blog) – 15 years of protocols for Wireshark training If this helped sharpen your defender instincts: 👍 Like this video to support the channel 🔔 Subscribe for more real‑world security insights 💬 Share your biggest DNS takeaway in the comments 🔗 Send this episode to a teammate or friend who works in network security   Together, we make the internet harder to attack — and easier to defend.#CyberSecurity #DNS #DNSSecurity #MalwareAnalysis #DNSExfiltration #DNSTunneling #DNSSEC #DOH #NetworkDefense #PacketAnalysis #Infosec #SecurityPodcast #BlueTeam

    49 min
  3. The Defender’s Mindset: Why Proactive Security Beats Detection

    JAN 24

    The Defender’s Mindset: Why Proactive Security Beats Detection

    The odds remain badly stacked against the defender. As we hurtle toward a digital ecosystem populated by a trillion AI agents, the Universal Threat Ecosystem (UTE) is expanding at an asymmetric rate. The traditional security stack—obsessed with detection and response—is fundamentally broken because it requires a "Patient Zero." It waits for the compromise to occur before it rings the alarm. In this episode of The Defender’s Log, David Redekop sits down with Francois, CISO and partner at ADAMnetworks, to dismantle the "Whack-a-mole" approach to cybersecurity. From the high-stakes world of film production and technical diving to the front lines of cyber warfare, Francois shares how a life spent mitigating physical risk informed a "Default Deny-all" posture. The Asymmetric Challenge We are currently witnessing the rise of Generative Adversarial Networks (GANs) in the hands of the adversary. Initial Access Brokers (IAB) and Ransomware-as-a-Service (RaaS) operators are using the defender’s own AI tools to train malware to be invisible. If your strategy relies on identifying "known bad," you have already lost. Why "True Proactive" Defense is Mandatory: Neutralize Egress: If the malware cannot "call home" to its Command & Control (C2), the ATTACK IS DISRUPTED. Eliminate the Patient Zero Requirement: By moving the security boundary to the DNS layer with a Zero Trust Resolver, we stop connections to unknown and unverified entities. Sovereign Capability: Reclaim control over your network’s connectivity. Stop letting the internet happen to you and start shaping it. Detection is a post-mortem. Prevention is sovereignty. Francois and David explore the human element of the "Sheepdog mentality" and why the next generation of Blue Teamers must move beyond the application layer (Layer 7) and harden the foundation of connectivity itself. Key Technical Concepts Discussed: Zero Trust Connectivity (ZTC): Moving beyond identity to strict connection control. OT & IoT Vulnerabilities: Why agentless protection is the only path forward for critical infrastructure. Preemptive Defense: Cutting off the attacker's resources before the infrastructure is even fully deployed. In a world of a trillion AI agents, where the adversary uses your own defenses to train their attacks, can you afford to maintain a "Detect and Respond" posture? At what point does the convenience of an "open" network become an existential liability for your organization?

    41 min
  4. The Architect of the Internet on the Future of Trust | Dr. Paul Mockapetris | Inventor, DNS

    12/26/2025

    The Architect of the Internet on the Future of Trust | Dr. Paul Mockapetris | Inventor, DNS

    The internet is a collision of legacy protocols and modern asymmetric threats. In this episode of The Defenders Log, I sit down with the man who built the foundation: Dr. Paul Mockapetris, the inventor of the Domain Name System (DNS). We don't just reminisce about the 1980s; we dissect how the Universal Threat Ecosystem (UTE) has weaponized the very decentralization that made the internet possible. The failure today does not come from gross negligence, but the imperfect application of the current stack. The odds remain badly stacked against the defender. While generic tools focus on detection, which is fundamentally too late, this conversation pivots toward Zero Trust Connectivity (ZTC). Strategic Deep Dive: The "Whack-a-Mole" Reality: Why chasing RaaS and IABs through traditional feeds is a losing game. Default Deny-All: Dr. Mockapetris explains his "day job"—making sure DNS doesn't work when you don't want it to. The DoH/DoT Trap: How hyperscalers are centralizing authority and eroding Sovereign Capabilities. Agentic AI: Preparing for a world with trillions of automated agents jabbering across your infrastructure. If you want to survive the next evolution of cyber warfare, you must shut down egress to the attacker. It is time to move beyond simple resolution and toward a hardened state of prevention. #CyberSecurity #ZeroTrust #DNS #ZTC #ThreatIntelligence #ADAMnetworks #InfoSec #CyberWarfare #PaulMockapetris #SovereignCapability #DefaultDeny

    59 min
  5. The Hidden Layer of Cybersecurity: Andreas Taudte on DNS & DDI Defense

    12/12/2025

    The Hidden Layer of Cybersecurity: Andreas Taudte on DNS & DDI Defense

    In this episode of The Defender’s Log, host David Redekop sits down with DNS and DDI expert Andreas Taudte, who brings more than 16 years of experience in network security, DNS architecture, and threat mitigation. Together, they unpack the real challenges organizations face with DNS, from evasion techniques and tunneling threats to the growing complexity of legacy systems and hybrid networks. Andreas explains why DNS predictability is essential, how DDI (DNS, DHCP, IPAM) has evolved, and what enterprises must do to build resilient, zero-trust-aligned network foundations. This conversation is packed with real-world stories, practical insights, and actionable strategies for anyone responsible for securing modern infrastructures. If you touch networking, cybersecurity, or cloud architecture; this deep dive is for you. Timestamps - 00:00 Introduction to DNS and DDI 01:20 Meet Andreas: A Deep Dive into DNS 06:22 The Journey into DNS and DDI 06:49 Understanding DDI: DNS, DHCP, and IPAM 09:53 Challenges and Stories from the Field 22:21 Security and Management in DNS and DDI 28:13 External Audits and DNS Management 30:16 Infrastructure as Code and Network Configuration 31:15 Building a Strong Foundation for Networks 31:30 The Reality of Temporary Solutions 32:00 Buzzwords and IT Management 33:34 Zero Trust and Default Deny All 34:25 DNS Threats and Exploits 44:22 Complex DNS Evasion Techniques 46:49 Combining Security Layers for Better Defense 52:03 Predictable DNS Resolution 54:17 Final Thoughts and Advice #DNS #DNSSecurity #DDI #Cybersecurity #NetworkSecurity #ZeroTrust #ITInfrastructure #CyberThreats #IPAM #DHCP #SecurityArchitecture #BlueTeam #NetworkEngineering

    58 min
  6. The Dark Truth About Modern Cyber Threats | Joshua Domagalski, CISO, Astronomer

    11/28/2025

    The Dark Truth About Modern Cyber Threats | Joshua Domagalski, CISO, Astronomer

    In this powerful episode, host David Redekop sits down with Joshua Domagalski, Chief Information Security Officer and former offensive operator, to explore the real complexities of modern cyber defense. Joshua opens up about his journey from the military to cybersecurity leadership, the shift from attacking systems to protecting them, and why defending is far more challenging than breaking in. This conversation goes far beyond tools and tactics, it uncovers the human, strategic, and geopolitical layers that shape cybersecurity today. You’ll learn about: Why offensive skills are essential for strong defense The truth about AI adoption in security operations How insider threats actually work Ransomware strategy (not just response) Why experience matters more than certifications The real job of a CISO in 2025 The importance of humility, discipline, and continuous learning How geopolitics fuels cyber conflict Why most breaches originate from human behavior If you're a SOC analyst, aspiring CISO, blue team operator, or cybersecurity enthusiast — this episode will reshape how you see the defender’s role. Timestamps - 00:00 Introduction and Early Interests 01:00 Welcome to The Defender's Log 01:16 Joshua Domagalski's Journey into Cybersecurity 02:38 Challenges in Cyber Defense 04:19 The Importance of Offensive Skills for Defense 05:08 Balancing Proactive and Reactive Defense 06:42 AI Adoption and Cybersecurity 09:46 The Role of Experience vs. Certification 11:39 Joshua's Path to Becoming a CISO 14:16 Human Elements in Cybersecurity 22:09 Strategies for Insider Threats and Ransomware 36:17 Geopolitical Challenges in Cybersecurity 39:40 Final Thoughts and Advice 40:35 Conclusion and Call to Action #Cybersecurity #CISO #CyberDefense #Infosec #BlueTeam #Ransomware #AIinSecurity #OffensiveSecurity #SecurityLeadership #TheDefendersLog

    41 min

About

The Defender’s Log Podcast: Stories from the Cybersecurity FrontlinesThe Defender’s Log is your front-row seat to the real-world battles shaping today’s cybersecurity landscape. Hosted by seasoned professionals, each episode brings you face-to-face with the sharpest minds in digital defense, MSP/MSSP founders, CISOs, threat researchers, and architects, who are redefining what it means to secure our connected world.From zero-trust frameworks to ransomware takedowns, from DNS hardening to incident response in regulated industries, this podcast pulls back the curtain on the strategies, frameworks, and mindsets powering modern cyber resilience. Whether you're a security leader, IT strategist, or tech-savvy executive, you’ll walk away with the tools and stories that move the needle.🔐 Why Listen to The Defender’s Log?Cyber threats are evolving and so must our defenses. This isn’t theory. These are the actual voices of those defending systems under pressure, making real-time decisions that pr...

You Might Also Like