Microsoft Threat Intelligence Podcast Microsoft

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by former VP of Cybersecurity Solutions at Target Paul Melson. Sherrod and Paul reflect on his experiences in incident response, highlighting the adrenaline rush of detecting and evicting adversaries before they cause harm. Their discussion includes a run down the rabbit hole of open-source intelligence and the creation of the @scumbots twitter feed. They explore the culture at Target's cybersecurity team, emphasizing the importance of hiring for attitude and the potential for new threats like bribery and insider threats. Paul shares insights into his experiences in cybersecurity and his concerns about future threats, emphasizing the need for continued vigilance and innovation in defense strategies. The episode provides valuable insights into the challenges and developments in cybersecurity, offering practical advice for both professionals and organizations navigating the ever-changing threat landscape.  
  

In this episode you’ll learn:      

The genesis of the project scumbots and its functionality 

Challenges when dealing with commercial threat intelligence companies  

The increasing sophistication of cybercrime and the potential for new tactics 

  

Some questions we ask:     

How has your time in incident response evolved over the years? 

What advice would you give to aspiring cybersecurity professionals 

Do you believe organizations can adapt and innovate their defense strategies? 

 

Resources:  
Scumbots on Twitter 
View Paul Melson on LinkedIn     
View Sherrod DeGrippo on LinkedIn  
 

Related Microsoft Podcasts:                   


Afternoon Cyber Tea with Ann Johnson 


The BlueHat Podcast 


Uncovering Hidden Risks     

 
Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
Get the latest threat intelligence insights and guidance at Microsoft Security Insider

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is Live from Microsoft Secure in San Francisco and is joined by Brandon Dixon and Vasu Jakkal. As Group Product Manager for Security Copilot, Brandon is helping to shape how generative AI is used to empower professionals to focus on what matters most. Brandon reflects on how security practices have changed, mental health in the security industry and how AI can empower individuals in the tech and infosec fields. Vasu discusses her passion for cybersecurity and its impact on global safety. She emphasizes the importance of inclusivity and optimism in tackling security challenges and shares her journey into cybersecurity, which was influenced by her love for technology instilled by watching Star Trek. Vasu also highlights the transformative potential of AI, particularly Microsoft Copilot for Security, in enhancing defense capabilities and catching new threats.  
 

In this episode you’ll learn:      

AI enhancing security practices and empowering individuals in the cybersecurity field 

The value of sharing ideas for critique, fostering inspiration, and driving innovation 

How AI has the power to unveil the wonders of the world while enhancing safety  



Some questions we ask:     

How will Co-Pilot for Security affect threat intelligence professionals and their work? 

What are you using AI for at work, both in terms of security and more generic AI? 

Can you share examples of how Copilot helps in your personal life? 

 

Resources:  
View Brandon Dixon on LinkedIn  
View Vasu Jakkal on LinkedIn    
View Sherrod DeGrippo on LinkedIn  


Related Microsoft Podcasts:                   


Afternoon Cyber Tea with Ann Johnson 


The BlueHat Podcast 


Uncovering Hidden Risks     

 
Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
 
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is Live from Times Square at Microsoft Secure and is joined by Chris Wysopal, Chip Calhoun, and Torrell Funderburk. Chris (aka Weld Pond) reflects on his experiences with L0pht, the evolution of bug bounty programs and their dominance in the cybersecurity space, highlighting both the benefits and drawbacks. Chip explains how Copilot for Security assists with threat hunting and script analysis, enhancing analysts' capabilities in identifying threats and malicious activities. He also touches on the prevalent threat actor profiles, highlighting the prevalence of e-crime and the potential impact of nation-state actors. Terrell expresses excitement about the advancements in their security program and the ability to detect and respond at scale. He also discusses his transition from software engineering to cybersecurity and encourages others to consider the move due to the foundational similarities between the fields.  
   

In this episode you’ll learn:      

Complications from vulnerabilities discovered in open-source software 

Practical applications of Copilot in incident response and threat intelligence 

The importance of curiosity and problem-solving skills when building a security team. 

  

Some questions we ask:      

How do you view the role of AI and machine learning in security, and bug bounties? 

What do you think is unique about securing critical infrastructure targets? 

Will AI influence security practices in organizations and industries going forward? 

 

Resources:  
View Chris Wysopal on LinkedIn 
View Chip Calhoun on LinkedIn  
View Torrell Funderburk on LinkedIn   
View Sherrod DeGrippo on LinkedIn  


Related Microsoft Podcasts:                   


Afternoon Cyber Tea with Ann Johnson 


The BlueHat Podcast 


Uncovering Hidden Risks     


 
Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
 
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Emily Yale and Anna Bertiger. The discussion delves into Emily and Anna's daily activities within the security domain. Emily highlights her role in supporting Microsoft's internal Security Operations Center by building detections for potential threats. Anna emphasizes the practical application of research in solving security problems and focuses on anomaly detection in post-breach security. Emily and Anna provide insights into Microsoft's work culture, the intersection of technology and security, the importance of mathematical and data science skills in tech roles, and the practical applications of AI tools in professional and personal contexts. 
 
In this episode you’ll learn:      

How data scientists support the internal SOC and enhance security 

The importance of anomaly detection in post-breach security 

Combining security with mathematical skills to create practical solutions 

  
Some questions we ask:       

 What types of unusual patterns indicate malicious activity? 

 Is there difficulty in securing AI models compared to traditional code? 

 Should data science methods be used over complex models? 

 
Resources:  
View Emily Yale on LinkedIn  
View Anna Bertiger on LinkedIn  
View Sherrod DeGrippo on LinkedIn  
 
Related Microsoft Podcasts:                   


Afternoon Cyber Tea with Ann Johnson 


The BlueHat Podcast 


Uncovering Hidden Risks     

 
Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
 
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.   

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Stella Aghakian and Holly Burmaster. They explore the intrigue of watching threat actors and their techniques and walk through these techniques and how they are educational and critical in threat intelligence work. They also discuss their experiences at Microsoft Ignite, insights into the cyber threat actor Octo Tempest, and personal reflections on threat intelligence and favorite threat actors. Both Stella and Holly discuss how they thrive on the uncertainty and variety of their work despite the long hours and high pressure but appreciate the supportive team environment that helps them.  
  

In this episode you’ll learn:      

Challenges of incident response when dealing with destructive threat actors 

Difficulty in managing the emotional aspects of incident response 

The unpredictability and dynamic nature of incident response work 

  

Some questions we ask:       

How is the workflow structured in incident response teams? 

What traits are crucial for excelling in the high-pressure world of incident response? 

Do Dart and Mystic teams collaborate in incident responses? 

 

Resources:  
View Stella Aghakian on LinkedIn  
View Holly Burmaster on LinkedIn  
View Sherrod DeGrippo on LinkedIn  
Octo Tempest Threat Actor profile 
Protecting credentials against social engineering 
 

Related Microsoft Podcasts:                   


Afternoon Cyber Tea with Ann Johnson 


The BlueHat Podcast 


Uncovering Hidden Risks     

 
Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
 
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.   

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Bryan Prior and Nirit Hinkis from the Microsoft Threat Analysis Center. Sherrod, Bryan, and Nirit discuss Iranian influence operations, distinguishing between influence and information operations. The conversation covers examples of cyber-enabled influence operations, focusing on Iran's actions related to the 2020 U.S. presidential elections and the Israel-Hamas war. The discussion covers tactics Iranian actors use, such as impersonation, recruiting locals, and leveraging email and text messages for amplification. The podcast brings context to the intricacies of Iranian cyber activities, their collaborative efforts, propaganda consumption, creative tactics, and challenges in attribution for influence operations.  
   
In this episode you’ll learn:      

The collaboration among Iranian groups in cyber-enabled influence operations 

Wiper attacks in situations involving both cyber and kinetic operations 

Unique aspects of Iran's influence operations 

  
Some questions we ask:     

What's the reason behind a spike in Iranian propaganda consumption in Canada? 

Where does Iran fall compared to other countries like Russia and North Korea? 

What might be coming up regarding Iranian cyber attacks and influence operations?  


Resources:  
View Bryan Prior on LinkedIn 
View Sherrod DeGrippo on LinkedIn  
Iran Report  
Iran Accelerates Cyber Ops Against Israel 

Related Microsoft Podcasts:                   


Afternoon Cyber Tea with Ann Johnson 


The BlueHat Podcast 


Uncovering Hidden Risks     

 
Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
Get the latest threat intelligence insights and guidance at Microsoft Security Insider

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.