Podme logo
HjemOppdagKategorierSøkStudent
7MS #529: Interview with Matthew Warner of Blumira

7MS #529: Interview with Matthew Warner of Blumira

01:13:542022-07-15

Om episode

Today we're featuring a great interview with Matthew Warner, CTO and co-founder of Blumira. You might remember Matt from such podcasts as this one) when Matt gave us a fountain of info on why out-of-the-box Windows logging isn't awesome, and how to get it turned up to 11! Today, we talk about a cool report that Blumira put out called 2022 Blumira's State of Detection & Response, and dive into some interesting topics within it, including: How do companies like Blumira (who we rely on to stay on top of threats) keep their teams on top of threats? Why open source detections are a great starting point - but not a magic bullet Consider this "what if" - a C2 beacon lands on your prod file server in the middle of the work day. Do you take it down during a busy time to save/clean the box as much as possible? Or do you hope to be able to wait until the weekend and triage it on a weekend? Why annoying traffic/alerts are still worth having a conversation about. For example, if you RDP out of your environment and into Azure, that might be fine. But what about when you see an RDP connection going out to a Digital Ocean droplet? Should you care? Well, do you use Digital Ocean for legit biz purposes? Data exfiltration - where does it sit on your priority list? How hard is it to monitor/block? Common lateral movement tools/techniques Why honeypots rule!

logo

PODME

INFORMASJON

  • Om informasjonskapsler
  • Generelle vilkår
  • Personvernerklæring

LAST NED APPEN

app storegoogle play store

REGION

flag
  • sweden_flag
  • norway_flag
  • finland_flag
redaktorsansvar

Podme arbeider etter Vær Varsom-plakatens regler for god presseskikk. Ansvarlig redaktør og daglig leder er Kristin Ward Heimdal. Redaktør for eksterne innholdssamarbeid er Mathias Thaulow Lisberg.

© Podme AB 2024