Join host G Mark Hardy on CISO Tradecraft as he welcomes Patrick Garrity from VulnCheck and Tod Beardsley from Run Zero to discuss the latest in cybersecurity vulnerabilities, exploits, and defense strategies. Learn about their backgrounds, the complexities of security research, and strategies for effective communication within enterprises. The discussion delves into vulnerabilities, the significant risks posed by ransomware, and actionable steps for CISOs and security executives to protect their organizations. Stay tuned for invaluable insights on cybersecurity leadership and management. Chapters

• 00:00 Introduction and Guest Welcome
• 00:57 Meet Patrick Garrity: Security Researcher and Skateboard Enthusiast
• 02:12 Meet Todd Beardsley: From Hacker to Security Research VP
• 03:58 The Evolution of Vulnerabilities and Patching
• 07:06 Understanding CVE Numbering and Exploitation
• 14:01 The Role of Attribution in Cybersecurity
• 16:48 Cyber Warfare and Global Threat Landscape
• 20:18 The Rise of International Hacking
• 22:01 Delegation of Duties in Offensive Warfare
• 22:25 The Role of Companies in Cyber Defense
• 23:00 Attack Vectors and Exploits
• 24:25 Real-World Scenarios and Threats
• 28:46 The Importance of Communication Skills for CISOs
• 31:42 Ransomware: A Divisive Topic
• 38:39 Actionable Steps for Security Executives
• 45:58 Conclusion and Final Thoughts

In this episode of CISO Tradecraft, host G Mark Hardy sits down with Tomas Roccia, a senior threat researcher at Microsoft, to delve into the evolving landscape of AI and cybersecurity. From AI-enhanced threat detection to the complexities of tracking cryptocurrency used in cybercrime, Tomas shares his extensive experience and insights. Discover how AI is transforming both defensive and offensive strategies in cybersecurity, learn about innovative tools like Nova for adversarial prompt detection, and explore the sophisticated techniques used by cybercriminals in high-profile crypto heists. This episode is packed with valuable information for cybersecurity professionals looking to stay ahead in a rapidly changing field.

Defcon presentation: Where is my crypto Dude? https://media.defcon.org/DEF%20CON%2033/DEF%20CON%2033%20presentations/Thomas%20Roccia%20-%20Where%E2%80%99s%20My%20Crypto%2C%20Dude%20The%20Ultimate%20Guide%20to%20Crypto%20Money%20Laundering%20%28and%20How%20to%20Track%20It%29.pdf

GenAI Breaches Generative AI Breaches: Threats, Investigations, and Response - Speaker Deck https://speakerdeck.com/fr0gger/generative-ai-breaches-threats-investigations-and-response

Transcripts: https://docs.google.com/document/d/1ZPkJ9P7Cm7D_JdgfgNGMH8O_2oPAbnlc

Chapters

• 00:00 Introduction to AI and Cryptocurrencies
• 00:27 Welcome to CISO Tradecraft
• 00:55 Guest Introduction: Tomas Roccia
• 01:06 Tomas Roccia's Background and Career
• 02:51 AI in Cybersecurity: Defensive Approaches
• 03:19 The Democratization of AI: Risks and Opportunities
• 06:09 AI Tools for Cyber Defense
• 08:09 Challenges and Limitations of AI in Cybersecurity
• 09:20 Microsoft's AI Tools for Defenders
• 12:13 Open Source AI Security: Project Nova
• 18:37 Community Contributions and Open Source Projects
• 19:30 Case Study: Babit Crypto Hack
• 22:12 Money Laundering Techniques in Cryptocurrency
• 23:01 AI in Tracking Cryptocurrency Transactions
• 26:09 Sophisticated Attacks and Money Laundering
• 33:50 Future of AI and Cryptocurrency
• 38:17 Final Thoughts and Advice for Security Executives
• 41:28 Conclusion and Farewell

In this episode of CISO Tradecraft, host G Mark Hardy sits down with Danny Jenkins, CEO and founder of ThreatLocker, live from the Black Hat conference. Danny shares insights into his technical background and explains how a customer-focused culture drives innovation and improvement at ThreatLocker. Learn about the company's unique practices, such as their 'control alt delight' sessions, 24/7 customer support, and how leadership at ThreatLocker leads by example. Danny also discusses the importance of learning from failures and removing obstacles for team members to help the company and its products continually evolve. Danny's LinkedIn - https://www.linkedin.com/in/dannyjenkinscyber/

ThreatLocker - https://www.threatlocker.com/

Transcripts -https://docs.google.com/document/d/1TOib3nTXwrWuwF6sJMlVjTFurgr-jc1b Chapters

• 00:00 Introduction and Welcome
• 00:27 Meet Danny Jenkins, CEO of Threat Locker
• 01:12 The Philosophy Behind Threat Locker
• 02:52 Customer-Centric Culture at Threat Locker
• 04:32 Technical Leadership and Personal Insights
• 08:55 Leadership Advice for Aspiring CISOs
• 11:22 Conclusion and Farewell