20 episodes

Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.

Microsoft Threat Intelligence Podcast Microsoft

    • Technology
    • 5.0 • 17 Ratings

Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.

    Andrew Morris and Lauren Proehl on Infosec

    Andrew Morris and Lauren Proehl on Infosec

    On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Andrew Morris, Founder & Chief Architect at GreyNoise and Lauren Proehl, Director of Global Cyber Defense at Marsh McLennan. Lauren Proehl is an experienced cybersecurity leader who has helped defend against threat actors in Fortune 500 networks and has managed multiple divisions focused in defensive security and specializes in innovative cyber defense. GreyNoise operates a huge sensor network across the internet that collects primary sourced data on which vulnerabilities attackers are exploiting, when they start, and from where. Sherrod, Lauren, and Andrew discuss the effectiveness of banning ransomware payments, the importance of focusing on backup and disaster recovery strategies, the necessity of investing in basic security measures like endpoint detection and response, multi-factor authentication, and log storage.  
     

    In this episode you’ll learn:      

    The potential for ransomware attacks on physical infrastructure 

    Why most are hesitant to become a CISO and the expectations that come with the role 

    Challenges when try to balance technical expertise with leadership skills 

     

    Some questions we ask:     

    Can government or law enforcement agencies evolve in combating ransomware?  

    Where do you believe organizations can invest to improve their cybersecurity? 

    How do you expect ransomware to change with tactics like double or triple extortion? 

     

    Resources:  
    View Lauren Proehl on LinkedIn  
    View Andrew Morris on LinkedIn     
    View Sherrod DeGrippo on LinkedIn  
     

    Related Microsoft Podcasts:                   


    Afternoon Cyber Tea with Ann Johnson 


    The BlueHat Podcast 


    Uncovering Hidden Risks     

     
    Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
    Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

     
    The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

    • 43 min
    Behind the Scenes of the XZ vuln with Andres Freund and Thomas Roccia

    Behind the Scenes of the XZ vuln with Andres Freund and Thomas Roccia

    On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Thomas Roccia and Andres Freund. Andres stumbled upon a security issue within SSH while investigating performance discrepancies. He discovered a sophisticated backdoor, skillfully concealed within the LZMA library, part of the XZ package. Sherrod, Thomas, and Andres discuss the importance of proactive security measures and code review in the open-source community. They emphasize the critical role of community collaboration in identifying and mitigating security threats effectively and signal the need for heightened vigilance.  
      

    In this episode you’ll learn:      

    The importance of proactive security and code review in the open-source community 

    Why anomalies in software behavior should prompt curiosity and investigation 

    Open-source community cooperation is vital for spotting and addressing security risks 

     

    Some questions we ask:     

    Could you explain the security issue you found in SSH and its significance? 

    How serious is this threat, and what steps can organizations take to defend against it? 

    What advice do you have for open-source contributors? 

     

    Resources:  
    View Andres Freund on LinkedIn  
    View Thomas Roccia on LinkedIn     
    View Sherrod DeGrippo on LinkedIn  
     

    Related Microsoft Podcasts:                   


    Afternoon Cyber Tea with Ann Johnson 


    The BlueHat Podcast 


    Uncovering Hidden Risks     

     

    Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
    Get the latest threat intelligence insights and guidance at Microsoft Security Insider 
     
    The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

    • 33 min
    Paul Melson talks ScumBots

    Paul Melson talks ScumBots

    On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by former VP of Cybersecurity Solutions at Target Paul Melson. Sherrod and Paul reflect on his experiences in incident response, highlighting the adrenaline rush of detecting and evicting adversaries before they cause harm. Their discussion includes a run down the rabbit hole of open-source intelligence and the creation of the @scumbots twitter feed. They explore the culture at Target's cybersecurity team, emphasizing the importance of hiring for attitude and the potential for new threats like bribery and insider threats. Paul shares insights into his experiences in cybersecurity and his concerns about future threats, emphasizing the need for continued vigilance and innovation in defense strategies. The episode provides valuable insights into the challenges and developments in cybersecurity, offering practical advice for both professionals and organizations navigating the ever-changing threat landscape.  
      

    In this episode you’ll learn:      

    The genesis of the project scumbots and its functionality 

    Challenges when dealing with commercial threat intelligence companies  

    The increasing sophistication of cybercrime and the potential for new tactics 

      

    Some questions we ask:     

    How has your time in incident response evolved over the years? 

    What advice would you give to aspiring cybersecurity professionals 

    Do you believe organizations can adapt and innovate their defense strategies? 

     

    Resources:  
    Scumbots on Twitter 
    View Paul Melson on LinkedIn     
    View Sherrod DeGrippo on LinkedIn  
     

    Related Microsoft Podcasts:                   


    Afternoon Cyber Tea with Ann Johnson 


    The BlueHat Podcast 


    Uncovering Hidden Risks     

     
    Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
    Get the latest threat intelligence insights and guidance at Microsoft Security Insider

    The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

    • 42 min
    Microsoft Secure in San Francisco

    Microsoft Secure in San Francisco

    On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is Live from Microsoft Secure in San Francisco and is joined by Brandon Dixon and Vasu Jakkal. As Group Product Manager for Security Copilot, Brandon is helping to shape how generative AI is used to empower professionals to focus on what matters most. Brandon reflects on how security practices have changed, mental health in the security industry and how AI can empower individuals in the tech and infosec fields. Vasu discusses her passion for cybersecurity and its impact on global safety. She emphasizes the importance of inclusivity and optimism in tackling security challenges and shares her journey into cybersecurity, which was influenced by her love for technology instilled by watching Star Trek. Vasu also highlights the transformative potential of AI, particularly Microsoft Copilot for Security, in enhancing defense capabilities and catching new threats.  
     

    In this episode you’ll learn:      

    AI enhancing security practices and empowering individuals in the cybersecurity field 

    The value of sharing ideas for critique, fostering inspiration, and driving innovation 

    How AI has the power to unveil the wonders of the world while enhancing safety  



    Some questions we ask:     

    How will Co-Pilot for Security affect threat intelligence professionals and their work? 

    What are you using AI for at work, both in terms of security and more generic AI? 

    Can you share examples of how Copilot helps in your personal life? 

     

    Resources:  
    View Brandon Dixon on LinkedIn  
    View Vasu Jakkal on LinkedIn    
    View Sherrod DeGrippo on LinkedIn  


    Related Microsoft Podcasts:                   


    Afternoon Cyber Tea with Ann Johnson 


    The BlueHat Podcast 


    Uncovering Hidden Risks     

     
    Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
    Get the latest threat intelligence insights and guidance at Microsoft Security Insider
     
    The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

    • 1 hr 3 min
    Live from New York it’s Microsoft Secure

    Live from New York it’s Microsoft Secure

    On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is Live from Times Square at Microsoft Secure and is joined by Chris Wysopal, Chip Calhoun, and Torrell Funderburk. Chris (aka Weld Pond) reflects on his experiences with L0pht, the evolution of bug bounty programs and their dominance in the cybersecurity space, highlighting both the benefits and drawbacks. Chip explains how Copilot for Security assists with threat hunting and script analysis, enhancing analysts' capabilities in identifying threats and malicious activities. He also touches on the prevalent threat actor profiles, highlighting the prevalence of e-crime and the potential impact of nation-state actors. Terrell expresses excitement about the advancements in their security program and the ability to detect and respond at scale. He also discusses his transition from software engineering to cybersecurity and encourages others to consider the move due to the foundational similarities between the fields.  
       

    In this episode you’ll learn:      

    Complications from vulnerabilities discovered in open-source software 

    Practical applications of Copilot in incident response and threat intelligence 

    The importance of curiosity and problem-solving skills when building a security team. 

      

    Some questions we ask:      

    How do you view the role of AI and machine learning in security, and bug bounties? 

    What do you think is unique about securing critical infrastructure targets? 

    Will AI influence security practices in organizations and industries going forward? 

     

    Resources:  
    View Chris Wysopal on LinkedIn 
    View Chip Calhoun on LinkedIn  
    View Torrell Funderburk on LinkedIn   
    View Sherrod DeGrippo on LinkedIn  


    Related Microsoft Podcasts:                   


    Afternoon Cyber Tea with Ann Johnson 


    The BlueHat Podcast 


    Uncovering Hidden Risks     

    
     
    Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
    Get the latest threat intelligence insights and guidance at Microsoft Security Insider
     
    The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.

    • 47 min
    Data Science for Security

    Data Science for Security

    On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Emily Yale and Anna Bertiger. The discussion delves into Emily and Anna's daily activities within the security domain. Emily highlights her role in supporting Microsoft's internal Security Operations Center by building detections for potential threats. Anna emphasizes the practical application of research in solving security problems and focuses on anomaly detection in post-breach security. Emily and Anna provide insights into Microsoft's work culture, the intersection of technology and security, the importance of mathematical and data science skills in tech roles, and the practical applications of AI tools in professional and personal contexts. 
     
    In this episode you’ll learn:      

    How data scientists support the internal SOC and enhance security 

    The importance of anomaly detection in post-breach security 

    Combining security with mathematical skills to create practical solutions 

      
    Some questions we ask:       

     What types of unusual patterns indicate malicious activity? 

     Is there difficulty in securing AI models compared to traditional code? 

     Should data science methods be used over complex models? 

     
    Resources:  
    View Emily Yale on LinkedIn  
    View Anna Bertiger on LinkedIn  
    View Sherrod DeGrippo on LinkedIn  
     
    Related Microsoft Podcasts:                   


    Afternoon Cyber Tea with Ann Johnson 


    The BlueHat Podcast 


    Uncovering Hidden Risks     

     
    Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
    Get the latest threat intelligence insights and guidance at Microsoft Security Insider
     
    The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.   

    • 44 min

Customer Reviews

5.0 out of 5
17 Ratings

17 Ratings

Avion Vector Cloud ,

Work together

Let’s work together. Yay!

lizzieheinze ,

An inside look with top experts

This podcast is super informative for security pros. Sherrod asks great questions and the guests are knowledgeable and awesome! Great way to keep a pulse on the cybersecurity industry.

girlvinyl ,

THE Podcast for the threat intelligencia

This is where the cool kids are. Wow. Ok.

Top Podcasts In Technology

Acquired
Ben Gilbert and David Rosenthal
Lex Fridman Podcast
Lex Fridman
All-In with Chamath, Jason, Sacks & Friedberg
All-In Podcast, LLC
Hard Fork
The New York Times
Darknet Diaries
Jack Rhysider
TED Radio Hour
NPR

You Might Also Like

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
Risky Business
Patrick Gray
CyberWire Daily
N2K Networks
Malicious Life
Malicious Life
Risky Business News
risky.biz
CISO Series Podcast
David Spark, Mike Johnson, and Andy Ellis