Beers with Talos Podcast

Recorded May 26, 2020 – Prod. Note: Things are a hot mess right now and the team thinks that there are voices you have needed to hear more than ours, so we held back on releasing a few episodes. We are releasing those now, please pardon any weeks-old info. Be safe, be kind, and listen to each other. Black lives matter. You, our audience, have asked this question a lot - in person, on Twitter, in DMs, and one of you even sent me InMail - so we spend a whole EP talking about advancing your career in the middle stages - whether you are interested in jumping on the management track or rising to the top of the engineering/technical hill, there are certain skills, relationships, and habits that will make your quest more effective. Quest? Wow, I have really been playing too many games lately. Full show notes on the Talos blog

Recorded May 15, 2020 –Prod. Note: Things are a hot mess right now and the team thinks that there are voices you have needed to hear more than ours, so we held back on releasing a few episodes. We are releasing those now, please pardon any weeks-old info. Be safe, be kind, and listen to each other. Black lives matter. Sammi (inexplicably) continues tolerating hanging out with the rest of the crew on the The In-Between. As usual, we avoid discussing security at all costs. These EPs are all about keeping in touch and catching up to chat. We talk about cool stuff we are watching to occupy our time and JOEL DID HIS ONE JOB! so, we are taking your (amazing) questions from Twitter. Keep sending your questions for our regular episodes as well — @TalosSecurity #BWT.

Brad Garnett from Cisco Talos Incident Response joins us today to talk about DFIR, the Talos Quarterly Trends Report, and how a high-speed police chase on reality TV kick-started his DFIR career. That’s not even clickbait, for real. After Brads drops a quick IR trends briefing on us, the crew drills down on some key findings. (IDK what that means either, but there were good questions asked and great discussions in response).We are taking your questions from Twitter so keep sending them for the next “The In-Between” episode — @TalosSecurity #BWT.

Recorded May 1, 2020 –Sammi is back and the rest of the crew is here to hang out, chat, and as is The In-Between Way - avoid discussing security at all. These EPs are all about just keeping in touch and having some fun. Despite Joel forgetting his one. job. on this podcast, we are taking your (sometimes crazy) questions from Twitter on these episodes, so keep sending them for the next “The In-Between” episode — @TalosSecurity #BWT. Full show notes on the Talos blog

Matt isn’t with us today, but the rest of the crew discusses current security issues in our new WFH environment, including some more-than-the-basics advice on how to protect yourself and your organization’s data while working wherever. We go a bit more in depth on VPN and explain how VPNs work, how they protect you, and more importantly, how they DON’T protect you. The key takeaway of this podcast, however, is that we need to start a campaign to formally recognize the legitimacy of Social Mulligans (this counts as a trademark, right?) Send us your questions for the next “Quittin’ Time” episode — @TalosSecurity #BWT.Full show notes on the Talos Blog

We are renaming these episodes - “Quittin’ time” was okay and all, but “The In-between” better captures what these eps are. Compared to our normally named eps, you can expect the same lack of actual security content presented in Vol. 1, just a shorter format. You seem to enjoy us taking your (sometimes crazy) questions from Twitter, so keep sending them! We are doing these extra episodes because we need to laugh and have some fun right now, and hopefully give you the same little break from reality - we want you to come on in and have a laugh on us. Send us your questions for the next “The In-Between” episode — @TalosSecurity #BWT. Full show notes on the Talos blog

We have a couple great topics today - and only one of them is a COVID-19 related topic. So, it turns out that you can fake fingerprints - the good news is that it takes a lot of time, equipment, and expertise. It is much easier for a criminal to just make you unlock it yourself. We have also seen an unprecedented level of collaboration and righteous anger across all vendors responding to COVID-based scams. Literally everyone is just watching, documenting, and hunting anything even tangentially related to the current health crisis. The challenge is that all the cooks are in the kitchen, which is really a good problem to have… Send us your questions for the next “Quittin’ Time” ep! — @TalosSecurity #BWT.Full show notes on the Talos Blog

Recorded April 3, 2020 – We’re kinda bored. We figured you are too. So we decided to get together between normal recordings to help save you from the bottom of the Netflix barrel. It gets weird down there. These Quittin’ Time eps are just the crew hanging out for a bit without a security topic agenda. Sans. None of that. Honestly, if you’re not a fan of the banter in the Roundtable and Closing Thoughts segments, this …probably isn’t your cup of tea. Anyway, we have fun getting together and feeling more normal for a bit, we hope you have fun listening to the heavily edited version of that. Send us your questions for the next QT ep - @TalosSecurity #BWT.Full show notes available on the Talos blog.

Our goal is always to talk to you about what’s on our minds. Right now, we are pretty sure we all have the same thing on our minds. In addition to our regular show material, we want to talk through some of the things that we are dealing with professionally and personally in the hopes that it applies and is useful to you. To that end, we asked Sammi Seaman (our Education coordinator and resident mega-extrovert) to stop by and chat with us about the challenges of working from home and shifting the way we work. We aren’t breaking any massive news and threats this week, rather we are talking about what the industry is thinking about. As a heads up, we are increasing episodes from biweekly to weekly, and rotating in different topics while we’re all stuck at home. Hopefully, this is helpful for you and us both. Drop us a tweet and let us know what is on your mind. Be safe, and wash your hands, you filthy animals. Full show notes on the Talos blog.

Recorded 3/13/20 - Of course we have to talk about the implications of Coronavirus to the way business and security are getting done. While everything about the COVID-19 pandemic seems to be a fluid situation, a rare constant has been the same rehashed disaster scams. But that could quickly change with the mass shift toward remote work. This episode takes a look at both securing that shift as well as practical advice for those of us finding ourselves as newly remote employees. Full show notes on the Talos blog

Recorded 3/02/20 - We open up the show with a sugary sweet poem before talking about RSA and our annual trip through the startup hall. Matt expertly segues the crew into talking about the impact the security industry can have on public-interest technologies and civil society - both in the industry sense as well as in the interpersonal sense. FInally, we take a look at opposing mindsets and approaches, discussing how partnering with an adversarial approach is not near the oxymoron it seems.Full show notes on the Talos blog

Recorded 2/19/20 - Craig made an oopsie. He sends his apologies for the echo-chamber reverb. We had no idea until he sent in his audio for mixing, we would never do this to you intentionally. This is a shorter ep focusing on software licencing and features as well as vulnerability disclosure. Join us to talk about vendors abilities to disable feature sets and owning versus using products. We further chat about vulnerabilities and how a vendor with no security advisories is often seen as a “more secure” option, when in fact, that can mean the exact opposite. Full show notes on the Talos blog

Recorded 1/31/20 - When a vulnerability is released, regardless if it has a website and logo or not, we need to understand the risk to the network and what defense options are possible before the patch is ready for production. Can you defend against the vulnerability or do you go straight for known exploits? What happens if an exploit occurs? Also discussed: Talos begins releasing Threat Assessment Reports based on IR engagement data and known prevalent threats. Snort has a new series of training and lab videos available for Snort 2 and Snort3.Full show notes on the Talos blog

Recorded 1/20/20 - Powershell is a frequent flyer in security headlines - a powerful and oft wielded tool for attackers and defenders alike. This ep takes a look at Powershell and how to help ensure its security posture as an effective management tool. We also look at the missing-the-forrest-for-the-trees concept of behind being concerned about the latest shiny ATP before all else.Full show notes on the Talos blog

Recorded 1/6/20 - There is a looming cyber conflict on the horizon between the US and Iran. We use all our time this week to discuss the situation at hand and take a hard look at what you should have already done foundationally. The crew offers insight and analysis of what nation-state cyber conflict looks like and what you can do to elevate your security strategy to the next level in an uncertain time of increased suspicion. Full show notes on the Talos blog