Source Code Podcast

I’m joined by Gwen Betts for the final episode of this season. She is a UX director at Rapid7 via the acquisition of her previous company, Komand. She provides unique perspective as someone who started in design and would later bring that expertise to security. We talked about her design principles and what makes good UX. We also discussed how security professionals can most effectively engage with UX and areas of the infosec space that are ripe for UX innovation.

We’re talking writing this week with my good friend Michael W. Lucas, a fellow No Starch Press Author. We discussed how he became interested in writing and how his career as an author evolved alongside his technical career. Now a full-time writer, Michael has written dozens of books, including technical and fiction works. If you've ever been interested in the business, skillset, or process of authorship then you'll enjoy our conversation.

I’m joined by Jen Kolde of the Vertex project. Jen formerly served as an investigator for the federal government and was an analyst on Mandiant/FireEye’s intel team. Her background is interesting, as she actually came to investigative work from a technical writing background. We discussed her story, what it means for someone with technical skills to become a good intel analyst, and her experience testifying to congress about structured threats.

This week we’re joined by Grady Summers, CTO of FireEye, former CISO of General Electric, and my former boss. During our conversation Grady discusses his rise through the ranks at one of the largest companies in the world and his decision to leave GE behind to join Mandiant. He talks about FireEye’s place in history and some of the unique challenges they face. We also discuss buzzword solutions and which products he thinks are overblown and which ones show real promise.

Sometimes you only need one name. Prince, Madonna, Oprah....and Sergio. This week I'm thrilled to be joined by my good friend Sergio Caltagirone. We talked about the importance of ICS security, control system themed road trips, and the intersection of information security and philosophy. Sergio takes us through his journey from the Department of Defense, Microsoft and at Dragos. We also get the story of how the Diamond model came into existence. Perhaps most importantly, we talk about his work to fight human trafficking and how he is applying data science to this problem at the Global Emancipation Network.

Haroon Meer joins us this week to talk about his journey from running South African flea market booths to founding one of the most innovative companies in information security. We discuss the differences between South African and US education, common pitfalls made by security product vendors, and the use of honeypots for detection. You can find Haroon on Twitter at @haroonmeer. Haroon chose to support hurricane relief efforts for Puerto Rico via the United for Puerto Rico charity.

This week I’m joined by Rick Holland, VP of Strategy for Digital Shadows. Rick is a Texan, so we kick things off right by talking BBQ. After that, we dive into his origin story where he describes his time in the Army and what he learned there. I also ask him about his time as a Forrester analyst and whether analyst firms are pay to play, and whether they have a negative impact on the security industry. Finally, we discuss the evolution of threat intelligence in the security field.

We kick off season two by welcoming Richard Bejtlich onto the podcast. Richard spent the bulk of his career helping further the evolution of network security monitoring through stints at AFCERT, GE, and Mandiant. We talked about his career evolution, the future of computer network defense, the revolution of private intelligence, and how he almost became an astronaut.

My long time friend Jason Smith joins me on our last episode of the season. He talks about growing up in western KY and how much his parents and teachers influenced his career development from budding physics student to senior architect at Cisco Systems. As we walk through his rapid career progression, we also talk about the state of education in our industry and some mentorship strategies he’s used to help newbies become successful in our industry.

In this highly anticipated interview, I have Bill Pollock who founded No Starch Press. We talk about his life growing up in New York and how he had really varied interest as a kid. He knew at a young age he wanted to be an entrepreneur and start a business for kids like him, and he did it! No Starch Press is one of the most significant names in technology publishing and through Bill’s story you’ll get a peek at why. He talks about his trials and tribulations through the publishing industry and exactly how those things shaped NSP. You can find Bill on Twitter @billpollock.

In this episode, I’m joined by Matt Swann who is a principle engineering manager at Microsoft. We talked about growing up in rural California, the influence of his tinkerer grandfather, and his journey up the ranks at Microsoft. Matt describes creating a culture of learning and how traditional computer science principles and evidence-based engineering guide the work of his security team.

Did you know that Wireshark was almost named Etherweasel? I brought in Gerald Combs to tell us about the history of Wireshark from a small tool for his own use to one of the world’s most popular open source projects in the world with over a million downloads a month. We also talk about growing up in Kansas City (with a good BBQ recommendation) and why open source is important to him.

This week, I'm joined by Mike Poor of InGuardians. We spoke about growing up in Brazil, how a few individuals in his early life led him towards an interest in computers, how he got involved teaching with SANS, the formation of InGuardians, fostering a family environment at work, and some stories from his long career teaching people about packets.

Magen Wu (tottenkoph) of Rapid7 joins us to talk about her career path. We talk about growing up in “God’s Waiting Room”, how we take our hash browns at Waffle House, speaking at security conferences, and our shared interest of psychology and how it applies to information security.

This week, my good friend Doug Burks joins us. Doug is most widely known for being the creator of the Security Onion Linux distribution that helps you peel back the layers of your network and make your adversaries cry. In this episode we talk about the origin of Security Onion, the reality check in college that helped turn Doug into one of the most disciplined and hard-working people I know, and his part in helping turn Augusta into the information security capital of the south.