Infoblox ThreatTalk

The Good, the Bad, and the Cybersecurity AI to Sort It All Out

Infoblox — Wed, 22 Nov 2023 06:00:00 -0500

From $400 toasters to robotics, AI seems to be showing up everywhere. But between doomsday predictions and the promises of a utopian future, what is a more realistic assessment of how AI can fit into the world of cybersecurity? Join us for a down-to-earth discussion with guests Karthik Haridoss and David Seeman, who are at the forefront of efforts to integrate AI into a variety of security tools.

Tune in to the live broadcast on LinkedIn and Facebook every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Spotify, Apple Podcasts, or your favorite podcast app.

Meet the Authors: Abusing DNS as Transport

Infoblox — Wed, 08 Nov 2023 08:20:00 -0500

From deploying dropper files and other malware, to stealing data, or for all the communications that modern attacks use in between, threat actors are increasingly using DNS as a transport that bypasses most defenses. Join us as we examine the good, the bad, and the grey areas of DNS as a transport in this final episode of our 3-part series with Josh Kuo and Ross Gibson, authors of a new security book, “The Hidden Potential of DNS in Security.”

Breaking Down Domain Takedown Services

Infoblox — Wed, 18 Oct 2023 06:00:00 -0500

Join us as we look at the powerful, proactive security value of takedown services. In addition to adding a highly proactive security layer, they may be your only option for addressing threats targeting your customers by impersonating your brand and destroying customer trust. Takedown veterans Gary Brewer and Chris Sills join us to clear the air on what these services are, what they are not, and their potential value in a comprehensive and mature risk management program.

Meet the Authors: Countering Redirection and Misdirection with DNS

Infoblox — Wed, 04 Oct 2023 06:00:00 -0500

Magicians are masters of redirection and misdirection, but these are also powerful elements in modern cyberattacks. Join us as we dive into these cyberthreat TTPs in this second of three episodes with authors Josh Kuo and Ross Gibson, who discuss this as one of the five areas of DNS abuse in their new security book, “The Hidden Potential of DNS in Security.”

Tune in to the live broadcast on LinkedIn and Facebook every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, PocketCasts or your favorite podcast app.

Outsourcing Teaming, Testing, and Trust with Third Parties

Infoblox — Wed, 20 Sep 2023 06:00:00 -0500

A few months back, ThreatTalk guest Amit Singh helped us consider some of the reasons a recent SANS 2022 SOC Survey showed so many organizations turning to ‘outsourcing’ to bolster their SOC capabilities. His Australian/New Zealand cybersecurity company, 3columns, has loaned him to us again to help us drill down into the pros and cons of outsourced Pen Testing, Red Teaming, and Purple Teaming which the SANS report showed to be the top 3 most outsourced SOC functions. Unless your security team is well-funded to do everything internally, this episode is a “must-listen”.

Meet the Authors: DNS Insecurity, or DNS in Security?

Infoblox — Wed, 06 Sep 2023 06:00:00 -0500

Is your DNS a security risk, or are you taking advantage of its strengths as a security tool? In this episode of ThreatTalk, we talk with Josh Kuo and Ross Gibson about their new security book titled “The Hidden Potential of DNS in Security.” The first of a 3-part series, we will discuss highlights from the book and the use cases that drove them to produce such a comprehensive reference on a commonly overlooked security resource.

Learn more about The Hidden Potential of DNS in Security: https://a.co/d/dsE2gyp

Overkill or ‘Just Right’? The Cybersecurity Role of Service Providers

Infoblox — Wed, 16 Aug 2023 06:00:00 -0500

Service Providers are pitching a growing range of options, to businesses of all sizes, in a world where cybersecurity has become so complex and resource intensive that no one can do it all on their own. Guest David Ayers, a veteran of the service provider space, will help us kick off a new series on service providers beginning with a review of where telecom started, where it is today, and what it might offer in a future of 5G, connected cars, and other imminent world-changing technologies.

This series will be a great supplement to other episodes on consultant and channel partner service offerings, to help listeners balance the best ways to achieve their desired security posture within budget, time, people, and other realities.

The Care and Feeding of an Effective Threat Intelligence System

Infoblox — Wed, 02 Aug 2023 06:00:00 -0500

From world cup soccer to horse racing, the slightest mistake can turn a winning ‘favorite’ into a loser. The same can be true for the various sources of threat intelligence that can make, or break, the effectiveness of our security tools.

Join host Bob Hansmann and his guests, threat intelligence and analytics experts Druce MacFarlane and Karthik Haridoss, for a sneak peek into their decision-making process for when to keep, add, or even drop a threat intelligence resource.

Security Outsourcing: Why, When and How to Make it Work

Infoblox — Wed, 19 Jul 2023 06:00:00 -0500

In the recent SANS 2022 SOC Survey, a lot of organizations reported that they used ‘outsourcing’ to bolster a wide variety of their SOC functions. To understand the value of outsourcing, and tips on how to ensure a successful outsourced engagement better, ThreatTalk has invited back guest Amit Sing, the Technical Director for Australian/New Zealand cybersecurity company 3columns. With years of experience providing a wide range of services to clients, Amit is an ideal resource to help us understand the outsourcing landscape.

The community has spoken: Top Topics of Q2’ 23

Infoblox — Wed, 21 Jun 2023 06:00:00 -0500

What were the hottest security topics discussed in the Infoblox security community during Q2 of 2023? Host Bob Hansmann is joined by Infoblox community manager Sunil Amanna, and VP of Product Management Craig Sanderson, to review the topics behind some of the quarter’s more active discussions among your peers about cybersecurity.

Center Stage: Persistent Infrastructure Threat Actors

Infoblox — Wed, 07 Jun 2023 06:00:00 -0500

While it is easy to get distracted by the ‘threat of the day’, there are those of us actively hunting instead for the infrastructures that drive and support those kinds of attacks before they are launched, so you can be prepared for the ‘threat of tomorrow’. Renée Burton, Head of Threat Intelligence for Infoblox, presented on this at the recent RSA conference and joins ThreatTalk to share what her team is learning about these infrastructures, the actors behind them, and why this matters so much.

Meet the Author: Bill Brenner on the 2023 Global State of Cybersecurity Study

Infoblox — Wed, 17 May 2023 06:00:00 -0500

While business line execs can get distracted by the latest media cyberthreat hype, effective security professionals stay on top of data-based security research and studies to constantly evolve their security programs. Tune into our latest podcast where we have invited Bill Brenner from the CyberRisk Alliance to discuss their 2023 Global State of Cybersecurity Study. Used to produce over a dozen global, regional, and country-level reports, we will discuss highlights from the study, as well as some insights from Bill that go beyond the report.

View the full report here: https://info.infoblox.com/resources-whitepapers-2023-global-state-of-cybersecurity-study

ThreatTalk Season 4 Preview

Infoblox — Tue, 02 May 2023 07:30:00 -0500

Infoblox is excited to present season 4 of the ThreatTalk podcast series. This season, we are looking forward to featuring external guests as well as the industry experts within Infoblox. Join us every 1st and 3rd Tuesday of the month at 11:00 am (PST) for engaging conversations with cybersecurity experts.

Get FREE 3rd Party Help to Combat Your Cybersecurity Skill Shortage

Infoblox — Wed, 22 Mar 2023 06:00:00 -0500

From how to get the most out of a specific tool, to general best practices, there is always a lot to learn and a lot to stay on top of for a security professional, and there are limits to how much any single team will know. In this episode, the community manager for Infoblox, Sunil Amanna, joins us on ThreatTalk to talk about the value of online communities (commonly available at no charge) as a source of information and inspiration, and how to get the most out of your community memberships.

Show Me the Value: Understanding the Security Channel Landscape

Infoblox — Wed, 08 Mar 2023 06:00:00 -0500

From storefronts and online box pushers to consultants and outsourcers, the channel partner landscape for cybersecurity continues to evolve. In this episode of ThreatTalk, guest Amit Sing, the Technical Director for Australian/New Zealand cybersecurity company 3columns, helps us break down the partner landscape, understand how to identify relationships that can uplift our security profile, and share tips on how to qualify potential partners for the greatest chance at success.

Are There Smarter Ways to Gather and Apply Threat Intelligence?

Infoblox — Wed, 22 Feb 2023 06:00:00 -0500

Everyone talks about threat intelligence as if it was a ‘thing’ you need. But detection, investigation, response, and other security functions will require unique blends of threat intelligence from multiple sources to be effective. And the ‘best’ blend can vary greatly from one organization to another. So how do you identify the right blend of feeds for your needs? And what are the tools to help you manage your threat intelligence, and apply it to maximum effectiveness?

Join us for a replay of a highlight episode from Season 2 of ThreatTalk, where threat intel experts Druce MacFarlane and David Seeman walk us through some of the key issues that can help you get the most from your threat intelligence program.

A SANS Author Interview: A DNS Security Architecture as a SecOps Force Multiplier

Infoblox — Wed, 08 Feb 2023 06:00:00 -0500

Leveraging your DNS architecture can be a much more effective and efficient approach to securing critical business services than relying on DNS security features in a firewall or web gateway. This episode of ThreatTalk will review a new SANS paper on this topic with author John Pescatore, SANS Director of Emerging Security Trends and guest Cricket Liu, Infoblox Chief DNS Architect. Join host Bob Hansmann and his guests to understand how you can use DNS for more than just a phone book.

Part 2 | Eliminating Blind Spots: A Forrester Report on 20-20 Visibility

Infoblox — Wed, 18 Jan 2023 06:00:00 -0500

In a world where most security tools are ‘user-centric’, devices like switches, printers, BYOD, ICS, IoT and more represent a blind spot that is being actively exploited by attackers. In this episode of ThreatTalk, we’ve invited back network guru Bob Rose to discuss a recent report from Forrester Research to understand how big this problem is and how both networking and security teams are responding for 2023.

Eliminating Blind Spots: A Forrester Report on 20-20 Visibility

Infoblox — Wed, 07 Dec 2022 06:00:00 -0500

Bringing Shadow IT into the Light

Infoblox — Wed, 16 Nov 2022 06:00:00 -0500

Shadow IT once conjured strong draconian responses from IT and security teams alike to prevent potential security and management nightmares. But in a world dominated by agility, hybrid work, and fast-moving technology, this approach has become unsustainable. Our guest, David Seeman, product manager at Infoblox, helps us understand how organizations are managing their risks while taking advantage of the benefits of Shadow IT.

Re:Bots in Disguise-Detecting Cyberthreat Camouflage

Infoblox — Wed, 02 Nov 2022 06:00:00 -0500

Threat Actors are also incredible makeup artists. To penetrate defenses, both human and technological, they have a suitcase full of tools to make any threat look innocent and even desirable. Guest Druce MacFarlane, Sr. Product Manager for Threat Intelligence at Infoblox joins us to talk about the current state of threat camouflage, and some of the key tools to reveal them before it’s too late.

Losing Sleep over Security: A Halloween Review

Infoblox — Wed, 19 Oct 2022 06:00:00 -0500

There is no shortage of “Scary Stories” for Halloween or Cybersecurity Awareness month this year. But a lot of them, despite the media hype, won’t cause most security professionals to lose any sleep. But others might. So we’ve invited back Ed Hunter, the CISO for Infoblox, to talk about the last year and what threats, trends or technologies landed on his list of things to be concerned about.

Managing Risk While Getting Closer to the Network Edge

Infoblox — Wed, 05 Oct 2022 06:00:00 -0500

The shift to the network edge is transforming the work environment but there is so much information about it, including some confusing marketing messaging, that many are unclear about why it matters, what it costs, and how they should go about assessing and altering their own operations. The Sr. PMM for cloud-managed core networking solutions at Infoblox, Rod Dixon, joins this episode of ThreatTalk to update us on the shift to the edge, and provide some thoughts that can help anyone trying to make decisions about the transition.

Paying for Protection: What is the Performance Cost of Security?

Infoblox — Wed, 21 Sep 2022 06:00:00 -0500

It is easy to find headline stories of a breach that can be traced to poor security investments and practices. But such stories will continue to appear as many in management persist in restricting security investments. They often cite worker productivity, or even employee satisfaction, as factors. How can SecOps balance the needs for both productivity and protection? Anthony Ciarochi, SecOps Manager for Infoblox, returns to ThreatTalk to discuss.

A Researchers Story: Uncovering the Omnatour Malvertising Network

Infoblox — Wed, 07 Sep 2022 06:00:00 -0500

To deliver malware, threat actors depend on techniques like phishing and malvertising, but malvertising doesn’t get as much visibility. To address this imbalance, we’ve invited Chance Tudor, an official “Threat Hunter” in the Infoblox threat research group, to talk about his recent work uncovering the Omnatour Malvertising network, an unusually large and persistent threat delivery system. Our discussion will focus on the behind-the-scenes investigation work, starting with how they even knew a threat even needed to be investigated.

Putting Threat Intelligence Labs Under the Microscope

Infoblox — Wed, 17 Aug 2022 06:00:00 -0500

In previous episodes, we’ve discussed the broad array of threat intelligence (TI) available and how important it is to get the right blend of TI. But where does it all come from? Renee Burton is the Sr. Director of Threat Intelligence for Infoblox and her teams, produce or curate dozens of threat feeds of different types, so we’ve asked her to help us understand the different kinds of labs producing all of these different types of threat intelligence.

Decisions, Decisions: Vulnerable, Exploitable, Patchable or Possibly Ignorable?

Infoblox — Wed, 03 Aug 2022 06:00:00 -0500

Vulnerabilities. The breadth of products impacted is growing, while our options for dealing with them are shrinking. For example, the luxury of having months to test patches in labs before deployment has, in many cases, completely disappeared. So, we have asked the SecOps Manager for Infoblox, Anthony Ciarochi, to be our guest for this episode of ThreatTalk and talk with us about how his security operations are adapting to the current state of vulnerabilities, exploits, and all the rest.

Summer Revival: Sharing Responsibility Between IT and End Users

Infoblox — Wed, 20 Jul 2022 07:37:00 -0500

Since we are in the dog days of summer, we have decided to celebrate the hot weather by reviving our hottest episode from Season 2! In this episode of ThreatTalk, Infoblox CIO Brad Bell and Infoblox CISO Ed Hunter join host Bob Hansmann in an exciting and relevant discussion. We will explore the threats, defenses, and pros & cons of user awareness from the endpoint perspective, with particular attention to the impact of our new work-from-anywhere reality.

Solving Hidden SecOps Vulnerabilities with Network Discovery

Infoblox — Wed, 06 Jul 2022 06:00:00 -0500

The SecOps benefits from device visibility is limited if that data is incomplete. Depending on DHCP alone can leave gaps in missed devices and partial data. Rogue DHCP, rogue devices, and more present risks that SecOps cannot ignore.

This episode of threat talk will focus on how to fill in these gaps with the help of Bob Rose, our resident expert on networking technologies. As we investigate ‘discovery’ technologies, we’ll look at some additional security benefits they can provide in a world where any vulnerability can be exploited with devastating results.

On Top of Everything Else - Why DNS for Security

Infoblox — Wed, 22 Jun 2022 06:00:00 -0500

In the beginning… there was a desktop AV and a firewall. Today, security teams manage scores of security tools from dozens of vendors. With interest in DNS security growing significantly over the last few years, we need to ask why you would want to invest in it, what would DNS security do to the rest of the security stack, and how would it impact SecOps? To answer these questions and more, this week’s guest is Anthony James, Infoblox products VP. An industry veteran with a broad vendor background, he will help us demystify DNS security and understand how it fits, or not, in a security profile.

An Author Interview: 2022 Global State of Security Report

Infoblox — Wed, 08 Jun 2022 06:00:00 -0500

ThreatTalk guest Bill Brenner of the CyberRisk Alliance (CRA) joins us to discuss a recent global security survey they conducted on behalf of Infoblox. We’ll go over and beyond survey results to better understand how they plan to address current security concerns, investment issues, preferred methodologies, and more.

Gaining Enlightenment Through Dark Reading

Infoblox — Wed, 18 May 2022 06:00:00 -0500

Dark Reading magazine recently published a series of articles on DNS, shining a light on one of the most overlooked areas of cybersecurity despite the role of DNS at the foundation of modern communications. We’ve invited Krupa Srivatsan, a Director in the Infoblox security products team, to share her favorite highlights from this 17 page, in depth review by Dark Reading into the potential security benefits to be found in DNS and other core network services.

A Security Ecosystem Diet for Healthier Risk Levels

Infoblox — Wed, 04 May 2022 06:00:00 -0500

Have you figured out a recipe for blending your security solutions into a satisfying ecosystem that optimizes your SecOps while lowering overall risk levels? If not, join us and our guest Pallavi Singh, an Infoblox lead on security integrations for everything from endpoints to cloud services, as we go beyond the hype and drill into ecosystem pros and cons.

Is Network Metadata the New Meta for Security?

Infoblox — Wed, 20 Apr 2022 07:07:00 -0500

Security teams have always depended on network and login data to help connect events to users and devices. But is there more to be found in that raw data? What about the metadata being made available on modern hybrid and distributed networks? We’ve invited veteran networking guru Bob Rose to join us to take a deeper look at ‘metadata’, and the hidden gems for security teams to be found buried in it.

Did You Fall For April Fools 2.0 | Trends In Phishing

Infoblox — Wed, 06 Apr 2022 06:00:00 -0500

April first is a day full of mostly harmless pranks and hijinks; but what about cyber threats that are fooling your users year-round? Join Bob Hansmann and guest Druce MacFarlane, Sr. Product Manager for Threat Intelligence at Infoblox for our annual discussion on the current state of phishing, lookalikes, social engineering, BECs and other evasion techniques. We will pull from recent examples and discuss trends that may help you prepare for future threats.

Examining the State of Nation-state Cyberattacks

Infoblox — Wed, 16 Mar 2022 06:00:00 -0500

Nation-state threats are nothing new but, considering cyberactivity linked to the current crisis in Ukraine, we need to update our understanding of nation-state cyber threat potential, and the security strategies necessary to address them. Join host Bob Hansmann and his guests Ed Hunter, CISO for Infoblox, and Anthony Ciarochi, SecOps Manager for Infoblox, as they take us up a level on the current cyberthreat landscape.

Let’s dwell a moment on ‘Dwell-time’

Infoblox — Wed, 02 Mar 2022 06:00:00 -0500

How long would it take your defenses to detect an intruder? Average breach dwell-time estimates range from 24 days to almost a year. So, unless your organization’s acceptable dwell-time falls in that range, we’ve invited Gary Cox to talk about dwell-time and how to reduce it based on his extensive IT and security work throughout Europe.

Emails That Say “ILOVEYOU”: Lessons Learned from the Love Bug Virus

Infoblox — Wed, 16 Feb 2022 06:00:00 -0500

The “I Love You” virus was the first major, global cyberattack of the millennium, setting records for damage and speed of dissemination. So we’ve invited Infoblox Security Operations Manager Anthony Ciarochi to discuss the evolution of email into the #1 attack vector, and how defenders have adapted to deal with it.

Is Cloud just a networking dream and Hybrid the reality?

Infoblox — Wed, 02 Feb 2022 06:00:00 -0500

Everyone talks about moving to the cloud and dreams of one day turning the data center into a VR gaming room. (For team-building exercises, certainly.) But, after several years of the ‘moving to cloud’, the world seems to be stuck in a Hybrid state. So this week’s ThreatTalk invites Vincent Berk, Author at Riverbed Blog, to help us look at the networking and security realities that may be dashing dreams of a 100% cloud future.

Log4J: Behind the headlines and beyond

Infoblox — Wed, 19 Jan 2022 06:00:00 -0500

The story around the Log4J vulnerability has been told and retold by countless security publications and vendors. Join us on January 18 as guests Renee Burton and Druce MacFarlane take us behindthe scenes to understand the threat posed by vulnerabilities, the threat actors exploiting them, andhow researchers work to counter those threats.

Tune in to the live broadcast on LinkedIn and Facebook every first and third Tuesday of the month at 11:00 am (PDT). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

ThreatTalk Season 3 Preview

Infoblox — Wed, 05 Jan 2022 06:00:00 -0500

Infoblox is excited to present season 3 of the ThreatTalk podcast series. This season, we are looking forward to featuring external guests as well as the industry experts within Infoblox. Join us every 1st and 3rd Tuesday of the month at 11:00 am (PST) for engaging conversations with cybersecurity experts.

Are There Smarter Ways to Gather and Apply Threat Intelligence?

Infoblox — Wed, 08 Dec 2021 06:00:00 -0500

Everyone talks about threat intelligence as if it was a ‘thing’ you need. But detection, investigation, response, and other security functions will require unique blends of threat intelligence from multiple sources to be effective. Join us as guests Druce MacFarland and David Seeman discuss key concepts that can help you maximize the value of your own Threat Intel program.

Tune in to the live broadcast on LinkedIn, YouTube and Facebook every first and third Tuesday of the month at 11:00 am (PDT). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Does Security Automation Need To SOAR, Or Just Fly?

Infoblox — Wed, 17 Nov 2021 06:00:00 -0500

From writing a few scripts using APIs, to full-fledge SOAR solutions, automation is getting a serious look from those who are seeing little success from throwing bodies at security problems. But choosing the right automation approach is a tough decision that demands a solid understanding of each option, what it can deliver, and what it will cost in time and money.

Due to his extensive background in security ecosystems, and SOAR solutions in in particular, ThreatTalk has invited Craig Sanderson, VP of Product Management for security solutions at Infoblox, to join us for this discussion. We look forward to hearing both his technical and philosophical perspectives on important issues around automation including’ “Just because you ‘can’ automate a thing, it doesn’t mean you ‘should’ automate it.”

Discovering Visibility You Didn't Know You Had or Even Needed

Infoblox — Wed, 03 Nov 2021 06:00:00 -0500

Zero Trust Networking is typically discussed in the context of users or devices connecting to the network. But what about the devices that are already there? Security monitoring needs to include all aspects of the network, as well as the devices and users connected to it.

Check out this week’s ThreatTalk podcast with host Bob Hansmann and his guest, veteran networking technology expert Bob Rose of Infoblox, as they examine the security risks and benefits to be found in seldom discussed areas of networking. Learn about the tools for monitoring, managing, and automating security measures for these foundational areas of modern networks.

Tune in to the live broadcast on LinkedIn, YouTube and Facebook every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Avoiding Dumb Mistakes With Smart Cities

Infoblox — Wed, 20 Oct 2021 06:00:00 -0500

Smart City development is accelerating and even expanding in response to the new world realities of how citizens access services. But solutions to make municipal services easier to access and consume require greater attention to the inherent security of those solutions and the connective foundation they operate on. Over the last year, vulnerability exposures, ransomware, and other headline news have only served to underscore the need for a solid foundation. Reliability, resiliency, and security need to be the building blocks for constructing modern Smart Cities.

Guest Krupa Srivatsan, Security Products Director for Infoblox, has been working around the world with those on the front lines of Smart City planning and deployment. She will join host Bob Hansmann on Threat Talk to discuss risks imposed by our new world reality and essential steps that deliver significant, smart city-wide security benefits.

Defending the Endpoint: Sharing Responsibility Between IT and End Users

Infoblox — Wed, 06 Oct 2021 06:00:00 -0500

October is Cybersecurity Awareness month, which puts a spotlight on end-user knowledge and application of practices such as using strong passwords, MFA, and the ability to spot phishing scams. But what is the actual role of the end-user in the overall pursuit of cybersecurity? Where do IT tools and processes end, and where must the end-user take on a higher level of responsibility?

In this episode of ThreatTalk, Infoblox CIO Brad Bell and Infoblox CISO Ed Hunter join host Bob Hansmann in an exciting and relevant discussion. We will explore the threats, defenses, and pros & cons of user awareness from the endpoint perspective, with particular attention to the impact of our new work-from-anywhere reality.

Balancing In-house and Outsourced SecOps

Infoblox — Wed, 22 Sep 2021 06:00:00 -0500

30 years ago, cyber security involved little more than firewalls and desktop AV. But today's security tools, expertise, and services are so numerous and complex that few if any, organizations can claim to have everything they need 'in-house'. Due to various needs and constraints, including budgets, it is a constant struggle to balance what capabilities should be in-house and which can be safely outsourced.

This episode of ThreatTalk explores the fundamentals behind most outsourcing decisions with the help of telco and service provider veteran David Ayers. Join host Bob Hansmann and his guests for this exploratory discussion on "getting help" with your cybersecurity.

Tune in to the live broadcast on LinkedIn every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Do you know who or what is on your network? - Part 2!

Infoblox — Wed, 08 Sep 2021 06:00:00 -0500

On the heels of our last podcast on the need for greater synergy between networking and security technologies, the recent T-Mobile cyberattack has been linked to an unsecured router as the original point of entry. So we are bringing back Bob Rose, a veteran network technologies expert and a former product manager for AT&T's Enterprise Mobility Management. Together, we will explore the security risks that can exist in our networks and how leading companies are controlling them. We'll pay particular attention to the current reality of IoT, BYOD, and the hybrid workplace that only helps to complicate security efforts.

Visibility for Hybrid Networking and Security webinar: https://youtu.be/CptSuDpA51U

Tune in to the live broadcast on LinkedIn every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Do you know who or what is on your network?

Infoblox — Wed, 18 Aug 2021 05:00:00 -0500

Call it 'context,' 'metadata,' or just 'data,' but security teams need lots of it to defend, investigate, and respond more effectively. This episode goes beyond user names and IP addresses to understand the network data that is often overlooked and underutilized. We will talk about how this is sacrificing potential value to strengthen defenses, speed investigations, and improve incident response capabilities. Network data importance has only grown with global shifts toward IoT, BYOD, and the hybrid workplace.

Infoblox veteran networking technologies expert Bob Rose joins us to dig into the gold mine of security benefits to be found in network data, tools, and technologies, much of which you probably already have.

Tune in to the live broadcast on LinkedIn every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Q2 Threat Roundup: Rising Ransoms and Vanishing Villains

Infoblox — Wed, 04 Aug 2021 05:00:00 -0500

A lot has changed on the ransomware landscape in just the last month, with three headline-grabbing breaches and a disappearing act by two of the largest black-market dealers of ransomware tools and services. Join us on ThreatTalk for the return of Michael Zuckerman, consulting senior product marketing manager and author/editor of the ‘Q2 2021 Cyber Threat Intelligence Report’. Michael will help us understand how this critical segment of cyber risk is changing and what it means for defenders and responders alike!

Tune in to the live broadcast on LinkedIn every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Grading Threat Intelligence on a Curve – Part 2

Infoblox — Wed, 21 Jul 2021 05:00:00 -0500

After a great discussion about using threat intelligence (TI) to improve threat blocking across the entire security stack, we bring back guest Druce MacFarlane for round 2 of this engaging topic. Investigators and responders need access to much more than IoCs to help guide their studies and reach effective response decisions as quickly as possible. But just as we discussed around threat defense last time, not all threat intelligence is created equal.

Join host Bob Hansmann and his guest Druce MacFarlane on this week's quest for security enlightenment on ThreatTalk.

Tune in to the live broadcast on LinkedIn every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Making Cyber Insurance Pay

Infoblox — Wed, 07 Jul 2021 05:00:00 -0500

With ransoms in the millions called out in headlines, companies are taking a more serious look at cyber insurance. Brushing off scary ‘potential’ damage stories from the security team may be easy for some boards, they cannot easily ignore hard numbers like those in the press.

ThreatTalk has invited Krupa Srivatsan, Director of Product Marketing for the security division at Infoblox to discuss cyber insurance in this week’s episode; “Making Cyber Insurance Pay”. Admittedly a broad topic, we will focus on clarifying what cyber insurance really is, what it covers, what it does not, and the factors that can make the premiums more palatable to the financial office. We’ll even speculate where it is all heading in the aftermath of the multi-million dollar ransoms paid in the recent ransomware attacks on Colonial Pipeline and JBS.

Tune in to the live broadcast on LinkedIn every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

The Role of Platforms in an Agile World

Infoblox — Wed, 16 Jun 2021 05:00:00 -0500

Enterprise security teams rarely buy tools based purely on the current set of features and functions. They also assess the vendors' ability to deliver timely support and updates so the solution will continue to provide value over the entire investment period. In particular, security solutions must be able to quickly adapt to shifts in technology, threat, and even workplace landscapes. But how can you measure a vendors' ability to deliver on these vague, future requirements?

This week's guests on ThreatTalk will discuss how a security vendor's strategic investment in a cloud-native 'platform' can help address these longer-term customer requirements. After several weeks of analyst briefings and consultations, we will be joined by Troy Hager, Infoblox Sr. Director for Product Management - SaaS Platforms, and Krupa Srivatsan, Infoblox Director of Product Marketing-Strategy, to talk about the value of platforms in an agile world to ensure long-term value.

Tune in to the live event on LinkedIn every other Tuesday at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Grading Threat Intelligence on a Curve

Infoblox — Wed, 02 Jun 2021 05:00:00 -0500

Security teams consume threat intelligence (TI) in many ways but struggle to find just the right mix because not all TI is created equal. Defenders constantly struggle to find the balance between high detection rates and low false positives. Meanwhile, threat investigators and incident responders need TI they can leverage to make more effective decisions faster. The result can be a complex blend of dozens of threat intelligence feeds.

This week Druce MacFarlane, Sr. Product Manager for Security and Analytics at Infoblox, joins us to help break down the threat intelligence that underpins our protection, detection, investigation, and response capabilities.

Tune in to the live event on LinkedIn every other Tuesday at 11:00 am (PST).

Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Looking on the Bright Side of the DarkSide

Infoblox — Wed, 19 May 2021 05:00:00 -0500

While headlines declare the Colonial Pipeline breach a "wake-up call", experienced cybersecurity professionals are biting their tongues from declaring, "I told you so". So this episode of ThreatTalk will be light on the 'scary stories' of DarkSide to focus more on what we are learning from this latest real-world ransomware incident.

Join host Bob Hansmann on this week’s show to go beyond the hype in search of the gems worth learning, with the help of guests Craig Sanderson, VP of Products-Security, and Krupa Srivatsan, Product Marketing Director-Security, both of Infoblox.

Tune in to the live event on LinkedIn every other Tuesday at 11:00 am (PST).

Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Celebrating May Day and the Anywhere Workplace

Infoblox — Wed, 05 May 2021 05:00:00 -0500

Michael Osterman of Osterman Research joins us on this week's ThreatTalk! Michael and host Bob Hansmann will be discussing the findings from an Osterman survey of security leaders about their long-term strategies and investment plans for a post-COVID world! For context, it will review their current security measures to understand what is working - and what is not.

Tune in to the live event on LinkedIn every other Tuesday at 11:00 am (PST).

Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Q1 Threat Roundup | Trends, Tactics & Tails

Infoblox — Wed, 21 Apr 2021 05:00:00 -0500

This week our host Bob Hansmann is joined by Infoblox’s consulting senior product marketing manager, Michael Zuckerman. They will be talking about the latest trends and tactics uncovered in the Infoblox Q1 Cyberthreat Intelligence Report. The first quarter of 2021 saw many new cybersecurity issues, and this show is sure to provide some great discussions and actionable insights. Tune in to the live event on LinkedIn every other Tuesday at 11:00 am (PST).

Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Did You Fall For April F0015? | Current Trends In Phishing

Infoblox — Wed, 07 Apr 2021 05:00:00 -0500

ThreatTalk Season 2 kicks off with Bob Hansman and guest Druce MacFarlane, Sr. Product Manager at Infoblox, talking about the current state of phishing. We will discuss social engineering and lookalike tactics that hackers are using to steal valuable data. Tune in to the live event on LinkedIn at 11:00 am (PST).

Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

ThreatTalk Season 2 Preview | New Host, New Format, Same Great Content

Infoblox — Mon, 29 Mar 2021 12:30:00 -0500

Infoblox is excited to present season 2 of the ThreatTalk podcast series. Join us every 1st and 3rd Tuesday of the month at 11:00 am (PST) for engaging conversations with cybersecurity experts.

Infoblox Sr. Product Marketing Manager Bob Hansmann will be hosting ThreatTalk Season 2. Bob has been at the bleeding edge of cybersecurity since the early days when firewall and desktop antivirus were the only solutions available. His background as a developer, researcher, product architect, product manager, and product marketer is ideal for extracting interesting details from our guests on the strategic, tactical, or technical aspects of cybersecurity.

Subscribe to the Threat Talk podcast on Apple Podcasts or Spotify.

19. The CIS Framework and Foundational Security

Navneet Sood — Fri, 19 Jun 2020 16:00:00 -0500

Security teams are at war. Every day, attackers, tactics, techniques, and procedures evolve and are used to assault IT security defenses.

Enterprises must choose frameworks to help organize their cyber-defense playbooks and run their operations. The CIS framework provides one of the best options to develop an organization’s security strategies for long term success.

Michael Zukerman joins ThreatTalk to detail the CIS Framework and how it guides an organization to develop critical security fundamentals. Michael outlines the three categories of controls within the CIS Framework in detail and their benefits:

6 essential Basic Security Controls all organizations must adopt
10 highly recommended Security Foundational controls
4 Organization Security Controls for people, policies, and compliance.

After discussing each of the 20 controls, Michael illustrates how Infoblox Threat Defense implements foundational security for DNS, DHCP and IPAM across the entire enterprise. Unlike a traditional security stack, Infoblox can provide visibility and control critical for CIS into all enterprise environments including cloud resources and remote employees.

18. ISO Roadmaps to Foundational Security

Navneet Sood — Tue, 16 Jun 2020 06:49:53 -0500

Don’t be stuck in the IT stone age! The castle walls of defense in depth are down or at least damaged due to a combination of constant attack and the digital transformation.

The digital transformation constantly moves data away from traditional enterprise control:

Rapid expansion of SaaS Applications hosted everywhere
Branch offices on SDWANs
Explosion of IoT
Teleworkers logging in from unsecured locations

Michael Zuckerman joins ThreatTalk to discuss how adopting a robust framework like ISO27001 and ISO27002 can provide a roadmap to taking the initiative back from the attackers. The ISO standards provide key policies and procedures that inform the actions to be taken in advance or in response to an attack.

DNS security products provide the extended visibility necessary to implement ISO frameworks beyond the network by encompassing cloud resources and remote users. Combined with NAC devices, DNS security provides foundational security to detect, block, and quarantine infected machines and return control to the enterprise.

17. Find Threats Faster Using DNS

Navneet Sood — Fri, 08 May 2020 07:14:44 -0500

Most organizations think DNS security means that they must secure their various DNS systems. However, using DNS security strategically overlays an overarching layer of security capabilities across the enterprise.

When harnessing DNS security, an organization can:

Bypass the need to configure of hundreds or thousands of firewalls to block specific addresses or websites.
Secure remote users without VPN overhead.
Control access for cloud resources, datacenters, and containers with a single, simple unifying policy.
Detect infrastructure attacks early in the Mitre Framework stages before data exfiltration or command and control attacks can begin

Michael Katz joins ThreatTalk to discuss how DNS enhances the capabilities of firewalls by taking a broader look at the traffic within an organization. They discuss three key strategies to implementing DNS and cover key DNS mistakes most organizations make when developing their security strategies.

16. 5 Key Threats for Remote Workers

Navneet Sood — Fri, 24 Apr 2020 07:44:35 -0500

How can an enterprise protect a surge of remote users?

Everyone is scrambling to deal with the consequences of the COVID19 quarantine. Enterprises suddenly shifted their employees from primarily within the office to primarily working from home. Now security managers must somehow extend the corporate security stack to non-technical employees working on home networks.

Krupa Srivatsan, Director of Product Marketing at Infoblox, joins ThreatTalk to cover 5 key threats for the remote worker.

With so many threats, an enterprise security team needs to respond quickly and efficiently. The best way to do that is to focus on the common denominator: everything uses DNS.

Srivatsan explains how cloud-based DNS with analytics allows an enterprise to remotely protect the employee. Security managers can restrict the remote worker to safe domains, protect against data exfiltration, and limit command and control commands from already-infected devices.

You can find this interview, and many more, by subscribing to the ThreatTalk podcast on Apple Podcasts or on Spotify.

15. Hidden Dangers with DNS Over HTTPS

Navneet Sood — Fri, 03 Apr 2020 09:22:15 -0500

How can a heralded new feature from Firefox be dangerous?

When the consumer-protecting DNS over HTTPS (DoH) feature creates a default that dangerously bypasses enterprise security and exposes organizations to serious risks.

Krupa Srivastan, Director of Product Marketing at Infoblox, discusses key issues with DoH and best practices to regain control of the DNS traffic to protect the enterprise environment.

14. DNS Flag Days Improve the Internet

Navneet Sood — Wed, 19 Feb 2020 06:30:00 -0500

The EVP Engineering and Chief DNS Architect at Infoblox, Cricket Liu, joins us on Threat Talk to talk about DNS Flag Days – why we need them and how they are improving the internet.

DNS Flag Days serve notices to obsolete Domain Name System (DNS) servers that existing accommodations to provide them with compatibility for pre-1999 standards will be phased out.

The Flag Days attempt to:

Speed up DNS
Improve DNS reliability
Improve DNS security

In 1999, DNS was extended with eDNS(0), yet servers incompatible with eDNS(0) continue to be used today. To improve the performance of the internet, the 2019 DNS flag day temporarily ceased to support those legacy DNS servers.

The 2020 Flag Day will tackle the maximum DNS message size to bring them down under 1232 bytes. This will stop DNS message fragmentation and improve both the reliability and security of DNS.

You can find this interview, and many more, by subscribing to the ThreatTalk podcast on Apple Podcasts or on Spotify.

13. Fundamentals of Zero Trust Principles

Navneet Sood — Thu, 06 Feb 2020 21:11:18 -0500

How can anyone manage their security when so much is literally out of their control within a 3rd party SaaS or BYOD?

A breach is going to happen so limit the impact using Zero Trust principles:

Focus on the Data
Trust no user
Trust no communication
Deny access by default and provide minimal access when required

Consulting Senior Product Marketing Manager at Infoblox, Michael Zuckerman, joins Threat Talk to discuss Zero Trust in detail. Designed with Data at the heart of the protection strategy, Zero Trust uses fundamental IT technology such as DNS filtering, encryption and microsegmentation as key components to control access and limit exposure.

You can find this interview, and many more, by subscribing to the ThreatTalk podcast on Apple Podcasts or on Spotify.

12. Securing Your DNS Infrastructure

Navneet Sood — Wed, 15 Jan 2020 06:30:00 -0500

Did you know that over 90% of the malware incidents and over half of all ransomware and data theft attacks rely on DNS as a vector.

In today’s day and age, securing your DNS has never been more critical.

Today we’re joined by David Ayers, a member of the Infoblox product marketing team, who is responsible for service provider and DNS privacy messaging. David fills us in on biggest security concerns and how to secure your DNS infrastructure.

To listen to this episode and many more like it, subscribe to ThreatTalk on Apple Podcasts or tune in on our website.

11. How the MITRE ATT&CK Framework Increases Objectivity in Cyber Defense

Navneet Sood — Wed, 20 Nov 2019 08:29:13 -0500

Objectivity in cyber defense is the goal, but, too often, emotion of the room rules the day.

In this episode, seasoned IT expert Michael Zuckerberg joins us to explain the MITRE ATT&CK framework and how to utilize it to reduce subjectivity and increase your cyber defense systems.

Michael is a consulting senior product marketing manager at Infoblox, an expert consultant in B2B product marketing and marketing strategy, with experience in cybersecurity and enterprise SaaS software markets. He has extensive domain experience in all facets of cybersecurity.

What we talked about:

MITRE ATT&CK framework
Explain high-level tactics versus techniques
How to use the MITRE ATT&CK framework as a matrix
Reducing subjectivity and increasing objectivity in cyber defense
Addressing cyber risks
Identifying priorities

You can find this interview, and many more, by subscribing to the ThreatTalk podcast on Apple Podcasts or on Spotify.

10. DNS Content Filtering: Why It Makes Sense (& Saves Money)

Navneet Sood — Wed, 13 Nov 2019 07:33:11 -0500

“Your employer’s firewall has blocked access to this website.” That’s a good way to protect a network. But its a bad way to cost effectively protect your network. There’s a better way, using DNS, which costs far less, and it’s extremely accurate.

On this episode, Director of Product Marketing at Infoblox, Krupa Srivatsan, discusses how DNS can be utilized to protect your network.

What we talked about:

Content filtering at the DNS level
Blocking objectionable material
DNS vs firewall protection

You can find this interview, and many more, by subscribing to the ThreatTalk podcast on Apple Podcasts or on Spotify.

9. How the NIST Cybersecurity Framework Helps You Stop Today’s Cyberthreats

Navneet Sood — Wed, 06 Nov 2019 09:03:49 -0500

DNS, DHCP, IPAM — most people within IT understand how these ensure connectivity. But they can, and should, also be leveraged as the major defenses for your network.

On this episode of the ThreatTalk podcast, Krupa Srivatsan joined us to discuss the security defense methodologies inherent within DHS, DHCP, & IPAM.

Krupa is the Director of Product Marketing at Infoblox. She has an MBA from Berkeley, and has worked with Pfizer, Agilent, Cisco Systems, and others.

What we talked about:

DNS, DHCP, & IPAM
IOT
Network Insights — key feature of Infoblox’s security system
NetMRI
NIST core functions
Improving branch officer experience
Multi Cloud

You can find this interview, and many more, by subscribing to the ThreatTalk podcast on Apple Podcasts or on Spotify.

8. Exploring Today’s Threatscape w/ Michael Katz

Navneet Sood — Wed, 02 Oct 2019 17:50:20 -0500

There are new cybersecurity tools coming out every day it seems.

Why, then, are so many security breaches happening still?

Michael Katz, Security Sales Specialist at Infoblox, fills us in on today’s threatscape and what companies can do to protect themselves.

In this episode, we cover:

Michael’s biggest security concern for today
Investing in security tools
Building a ground-up security strategy
Mitigating security risks

To listen to this episode and many more like it, subscribe to ThreatTalk on Apple Podcasts or tune in on our website.

7. Keep Your Cryptocurrencies Safe From Crypto-Jackers

Navneet Sood — Wed, 31 Jul 2019 16:23:56 -0500

Is there ever a victimless crime?

Cryptojacking - a form of malware that secretly infiltrates your system to steal computing resources for mining cryptocurrency - has gained traction as a steady stream of income for criminal hackers.

We sit down with the Technology Director of Western Europe Infoblox, Gary Cox, and the CEO of INSINIA Security, Mike Godfrey, to discuss combatting cryptojacking. In this episode, we cover common cryptojacking behavior, detecting crypto-jackers, and more.

6. Is It Possible to Secure Billions of Devices Out in the World?

Navneet Sood — Wed, 24 Jul 2019 05:22:28 -0500

Billions of devices are all connected together out there in the world... will it actually be possible to map and secure them all?

If so, how?

Whose responsibility should it be?

In this episode we ask Gary Cox, Infoblox’s Technology Director for Western Europe, and Mike Godfrey, CEO of Insignia Security, for answers.

5. Ransomware Today: Everything You Need to Know to Protect Your Business

Navneet Sood — Wed, 17 Jul 2019 19:31:45 -0500

Global volatile ransomware attacks are increasing by 11% year over year.

And it’s only continuing to evolve.

What do companies need to do to decrease the likelihood of a ransomware attack? What are the best products, toolsets, and controls?

These are just a few of the questions we cover with Infoblox technology writer, Gary Cox, and CEO of Insignia Security, Mike Godfrey.

In this episode, we traverse everything from cyber hygiene to cyber-attack investigations and more.

4. DNS Is Everywhere (So Make It Your Main Cybersecurity Defense)

Navneet Sood — Wed, 03 Jul 2019 17:35:03 -0500

DNS is everywhere — the public cloud, private cloud, the corporate network… That’s exactly why adversaries use it as a control plane for threats. It’s also exactly why it should become the foundational pillar of your cybersecurity architecture.

On this episode of the Threat Talk podcast, Craig Sanderson (VP of Security Products at Infoblox) joins us to share how we should rethink cybersecurity with DNS.

On this episode, we discuss how DNS can be utilized to distribute threat information across an organization, and become a basis for you cybersecurity infrastructure (and exactly how we’re doing that here at Infoblox).

3. DNS Security Best Practices, with Matt Larson

Navneet Sood — Wed, 19 Jun 2019 07:18:25 -0500

Do we really want to dramatically increase cybersecurity? Enable DNSSEC… by default. Perhaps that sounds a bit self-serving from a cybersecurity company.

But that wasn’t our suggestion.

That’s from Matt Larson, VP of Research at ICANN. He joined us on this episode of our ThreatTalk podcast series to discuss how he sees cyber security… and that’s just one of his phenomenal ideas on the subject.

In this episode, he also dives into:

Completely separating recursive servers from authoritative servers, DNSSEC Validation, DNS cache poisoning, and other DNS security best practices.

2. Automating Cybersecurity Through Ecosystem Integration

Navneet Sood — Fri, 14 Jun 2019 17:33:48 -0500

In this episode of Infoblox ThreatTalk, we will double click on security automation and how an integrated ecosystem approach can help speed up incident response. Organizations have reached a point where they are wary of putting in yet another security tool in their network, which will create more alerts and more cycles to manage. They just want the stuff they already have to work better and help them do their jobs with minimum overhead.

Presenters: Krupa Srivatsan, Director of Product Marketing for Security at Infoblox and Craig Sanderson, VP of Security Product Management at Infoblox

1. Using DNS as a Foundational Security Architecture for Scalable Malware Mitigation

Navneet Sood — Mon, 27 May 2019 15:30:30 -0500

In this episode of Infoblox Threat Talk, we talk about using DNS (Domain Name Service) as a foundational security architecture for automated, scalable, and early detection of malicious activity. Digital transformations like SD-WAN, IoT, and hybrid cloud are causing an impact on security and are causing organizations to evaluate how to protect their data and applications.