Since Rich is on the road this week, Martin and Zach are joined by none other than friend of the podcast, Josh Corman.  Which is not that surprising, since there’s only one story we’re talking about tonight, the latest Verizon Data Breach Investigation Report.  There’s a lot to talk about again in this year’s report, as well as a few things that left us scratching our head (cough *activists* cough).  Despite our minor criticism, the DBIR is once again a great report, though folks like Mandiant and Trustwave also turn out some pretty good reports as well. Oh, and as expected when Josh is on, we go a little long this week.

Network Security Podcast, Episode 271, March 27, 2011

Time:  46:35

Show Notes:

Posted by martin, filed under Podcast. Date: March 27, 2012, 5:44 pm | No Comments »

It’s a good thing we’ve started double-checking Rich’s work, because he hasn’t been that reliable as of late.  Luckily Martin is recording this week, so the audio quality is back to it’s normal levels, but that means the content is back to normal levels as well.  Which actually turns out to be a good thing, since we all seemed to be firing on most cylinders this week.

Network Security Podcast, Episode  270, March 13, 2012

Time:  36:51

Show Notes:

Posted by rmogull, filed under Podcast. Date: March 13, 2012, 4:47 pm | No Comments »

Let the record show that I (Rich) should no longer be allowed to record the show. Last time I tried I lost the entire episode due to a bug in my recording software (not updated for Lion). So I switched back to my older software, and proceeded to apply so much reverb that AutoTune is jealous.

We won’t blame you if you can’t handle the echoes. And I really need to apologize to Zach and Martin since there is a lot of good stuff in this one. It’s entirely my fault for applying the effect to even out the other guys being on an iPad and mobile phone, but failing to properly listen to the adjustment.

Anyway, this episode is a post-RSA recap plus talk of LulzSec and infosec burnout. Good stuff if you can handle my mangling.

Network Security Podcast, Episode 268, February 21, 2012

Time:  33:36

Show Notes:

Posted by rmogull, filed under Uncategorized. Date: March 7, 2012, 9:40 am | 1 Comment »

Dell SecureWorks Chief Technology Officer Jon Ramsey took a few minutes out of his day at the RSA Conference to talk to me about a new study his team had recently written on series of attacks they dubbed Sin Digoo Affair.  In addition to being a detailed analysis of the tools and actions performed by the attackers, the paper also contains specific steps defenders can take to detect and respond to similar attacks.  This is part of an ongoing series that the folks at SecureWorks have been publishing.

RSAC2012 Microcast:  Jon Ramsey from Dell SecureWorks

Posted by martin, filed under Microcast. Date: March 5, 2012, 7:00 am | 1 Comment »

My first interview this year at the 2012 RSA Conference was with Urvish Vashi from AlertLogic.  We talked briefly about the recent acquisition of ArmorLogic, but my real interest was the State of Cloud Security Report issued by AlertLogic.  It’s an interesting report and gives us some fuel for the debate about which is more secure, cloud or on-premise.  But it’s a first effort and raises more questions than it answers and definitely doesn’t answer the ‘which is more secure’ question.  It’s hard when you’re comparing apples to cucumbers, which is what AlertLogic has done, unless they’ve normalized the data to take into account that desktops are included in the statistics.  Which they fully acknowledge, by the way.

RSAC 2012 Microcast:  AlertLogic

Posted by martin, filed under Microcast. Date: March 4, 2012, 10:23 am | 1 Comment »