The BlueHat Podcast

Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft and Host of The Microsoft Threat Intelligence Podcast, joins Nic Fillingham on this week's episode of The BlueHat Podcast. Sherrod is a frequently cited threat intelligence expert in media, including televised appearances on the BBC news and commentary in the Wall Street Journal, CNN, New York Times, and more. She is a well-known public speaker, having presented at Black Hat, RSA Conference, RMISC, BrunchCon, and others. Sherrod and Nic discuss various topics, including different types of threat actors, the overlap between nation-state actors and cybercrime, and Sherrod's fascination with cybercrime, emphasizing cybercriminals' creativity and ingenuity, particularly those who use social engineering techniques.    In This Episode You Will Learn:     Why many cybercriminals don't believe they are engaging in criminal activity How understanding a threat actor's psychology is essential to creating detection methods The importance of maintaining proper security hygiene  Some Questions We Ask:     How can threat actors operate with impunity? Should individuals and small businesses worry about nation-state threat actors? Can we reform and convince cybercrime groups to use their talents for good?  Resources:   View Sherrod DeGrippo on LinkedIn  View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn   Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Hyrum Anderson and Ram Shankar join Nic Fillingham and Wendy Zenone on this week’s episode of The BlueHat Podcast. Hyrum Anderson is a distinguished ML Engineer at Robust Intelligence. He received his Ph.D. in Electrical Engineering from the University of Washington, emphasizing signal processing and machine learning. Much of his technical career has focused on security, and he has directed research projects at MIT Lincoln Laboratory and Sandia National Laboratories. Ram Shankar works on the intersection of machine learning and security at Microsoft and founded the AI Red Team, bringing together an interdisciplinary group of researchers and engineers to proactively attack AI systems and defend them from attacks. In This Episode You Will Learn:   The difference between AI and machine learningWhy embracing a holistic, healthy AI development is to our advantageThe security vulnerabilities and risks associated with AI and Machine LearningSome Questions We Ask:   Who did you write this book for, and what will the readers learn? What type of vulnerabilities are you finding the most concerning currently? How do adversarial attacks exploit vulnerabilities in AI algorithms?Resources:  View Hyrum Anderson on LinkedInView Ram Shankar on LinkedInView Wendy Zenone on LinkedInView Nic Fillingham on LinkedInNot with a Bug, But with a Sticker is available hereFollow Hyrum on TwitterFollow Ram on TwitterDiscover and follow other Microsoft podcasts at microsoft.com/podcasts

Amanda Rousseau, Offensive Security Engineer for the Microsoft Offensive Research and Security Engineering Team, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Amanda loves malware; she worked as an Offensive Security Engineer on the Red Team at Facebook, a Malware Researcher at Endgame, and the U.S. Department of Defense Cyber Crime Center. Amanda mainly focuses on vulnerability, research fuzzing, and security engineering and discusses with Nic and Wendy her time reviewing and analyzing offline digital devices, known as Dead-Box Forensics, reverse engineering malware, and how she finds success from her creative and artistic background.    In This Episode You Will Learn:     What "shift left" means as a security professional How to learn more about fuzzing and understand some of the tooling Why having a creative background helps when communicating with security teams   Some Questions We Ask:     How would you describe fuzzing for someone that's doesn't know the definition?   What is Dead-Box Forensics, and can you share the investigative process? How can we make fuzzing and security more accessible and less intimidating for developers?  Resources:   View Amanda Rousseau on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn  Follow Amanda on Twitter and malwareunicorn.org Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Michael Hendrickx, Principal Security Engineering Manager at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Michael works in Azure security at Microsoft and leads a team focused on conducting penetration tests on Azure services. The team draws inspiration from the bug bounty community and external sources, leveraging their insights and findings for their research. Michael also discusses the curiosity and exploration mindset needed for both engineers and researchers when it comes to investigating and discovering security vulnerabilities, how developers can effectively protect sensitive data transmitted over insecure networks, and the potential risks and challenges associated with third-party integrations in web applications. In This Episode You Will Learn:   Server-side request forgery and its importance in the context of securityPotential security vulnerabilities associated with different parts of a URIImportance of collaboration, knowledge sharing, and investigation among developersSome Questions We Ask:   What is the focus and target audience for "Shift Left?" Should researchers engage in URL manipulation to identify potential vulnerabilities?What security vulnerabilities should developers be aware of when designing web applications?Resources:  View Michael Hendrickx on LinkedInView Wendy Zenone on LinkedInView Nic Fillingham on LinkedInDiscover and follow other Microsoft podcasts at microsoft.com/podcasts

Rohit Mothe, Senior Security Researcher at Microsoft, and Windows Security professional George Hughey join Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. In this episode, they discuss integer overflow bugs, how they can be nuanced and often confused with other bug categories, why accurately classifying these bugs is crucial for developing effective strategies to fix them at scale, and examples of high-profile vulnerabilities caused by integer overflow.   In This Episode You Will Learn:     The challenges of accurately identifying integer overflow bugs How developers can proactively prevent integer overflow vulnerabilities in their code Why not all integer overflows are malicious and also necessary for certain applications   Some Questions We Ask:     What is an integer overflow? How can developers mitigate the risk of integer overflow vulnerabilities? What are some examples of high-profile exploits based on integer overflow vulnerabilities? Resources:   View Rohit Mothe on LinkedIn View George Hughey on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn  Follow George on Twitter Follow Rohit on Twitter  Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Rachel Giacobozzi, Principal Research Lead at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Rachel explains the importance of creating a cohesive story not only to convey what happened in an attack but also to explain its significance, why we need to start addressing phishing attacks through education and guidance, and how they make their content concise, clear, and understandable to a wide range of audiences.   In This Episode You Will Learn:     How threat intelligence be used to stay ahead of cyber attacks Why being open to growth benefits both security candidates and employers The concept of "telling stories" in threat intelligence  Some Questions We Ask:     What is the importance of actionable insights in threat intelligence? How does the team behind threat intelligence stay updated with the latest trends? What is the decision-making process for selecting which stories to tell?    Resources:   View Rachel Giacobozzi on LinkedIn View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn  Send us feedback: bluehat@microsoft.com Follow us on Twitter: @MSFTBlueHat  Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Raul Rojas, Principal Security Compliance Manager at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Raul manages and leads a team of information security professionals across application security, incident response, remediation, security data science & engineering. Raul discusses the importance of AI in various fields, such as healthcare, finance, and cybersecurity, the impact AI will have on privacy, and the need for regulations and governance frameworks to ensure responsible AI development and deployment.   In This Episode You Will Learn:     How the field of AI and machine learning in security is evolving The value of integrating security principles and seeking input from the security community  Why the security community needs to develop new tools and processes for  AI and Data.   Some Questions We Ask:     Can you share an example of a successful project transition from research to production? Are there already existing fundamentals in machine learning and AI security? What are the potential risks of attackers manipulating AI and machine learning models?  Resources:   View Raul Rojas on LinkedIn View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn  Send us feedback: bluehat@microsoft.com Follow us on Twitter: @MSFTBlueHat  Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Dan Tentler, Executive Founder and CTO of Phobos Group, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Dan has a wealth of defensive and adversarial knowledge and a strong background in systems, networking, architecture, and wireless networks. Dan discusses his time at BlueHat 2023, why you should put everything behind a VPN, and how a typo and Jeff Goldblum's movie Hideaway helped create his current online handle.     In This Episode You Will Learn:     Why it's important to hold onto old techniques and knowledge  The premise and thoughts behind Dan’s 2023 BlueHat presentation How people can still protect themselves with old security tools  Some Questions We Ask:     How did your security career start and grow into speaking at BlueHat 2023? What tools and techniques were available in the beginning of your career?  What were some big takeaways from your presentation at BlueHat?    Resources:    View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn  Send us feedback: bluehat@microsoft.com Follow us on Twitter: @MSFTBlueHat  Discover and follow other Microsoft podcasts at microsoft.com/podcasts