Down the Security Rabbithole Podcast (DtSR)
688 episodes Last Updated: Apr 22, 25
The DtSR Podcast is dedicated to the cyber security profession - with timely topics, lively personalities, deep dives, and no fear of the third rail. Running since 2011 - founded by Rafal Los (aka "@Wh1t3Rabbit"), and co-hosted by James Jardine and now featuring Mr. Jim Tiller - the weekly show will entertain you while you're learning something.On Twitter/X: https://twitter.com/@DtSR_PodcastOn YouTube: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqOn LinkedIn: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
Episodes
Send the hosts a message - try it now!TL;DR: This episode is a follow-up on two episodes, building up to this conversation. On episode 629 Hed Kovetz introduced us to "Identity Security" (https://dtsr.buzzsprout.com/2153215/episodes/16174464-dtsr-episode-629-what-the-hell-is-identity-security) and then on episode 646 Ward Pyles started the conversation about how security tools really aren't set up to protect from the identity perspective (https://dtsr.buzzsprout.com/2153215/episodes/16854549-dtsr-episode-646-ward-pyles-on-human-centric-security-for-real). Well - now we invited them both onto the show to talk it through and solve the problem Ward identified with the tech Hed spoke of.The result was better than we expected.YouTube video: https://youtube.com/live/N7cyIOdChtwSupport the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast
Send the hosts a message - try it now!TL;DR: This week's guest is BugCrowd's founder Casey Ellis. Casey's a pioneer in the security space and has some tremendous insights on how he started his business and what the future holds. Casey explains why it's important to think like a criminal, and why the 'locksmith' version of a hacker (versus 'burglar') is so important to today's security programs.YouTube video: https://youtube.com/live/8BLGfUqbOKQSupport the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast
Apr 08, 2025
DtSR Episode 648 - CyberSecurity Market Forces
Send the hosts a message - try it now!TL;DR: This week we're joined by the one and only Mike Privette - to talk about the market forces pushing and pulling cyber security's momentum. Whether you're into startups a la VC funding, or looking to refurbish companies a la Private Equity - this conversation is an analysis of the market from someone who knows a thing or two about the whole game. Oh yeah, and Mike writes this Return on Security newsletter you need to subscribe to.YouTube video: https://youtube.com/live/wq0KlteA1bUSupport the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast
Send the hosts a message - try it now!TL;DR: If you're deciding whether to listen to this episode - let me help you - YES. This episode is about the application of AI to one of the most difficult problems facing security teams - what and where is my most sensitive information? Face it, you have no idea - and maybe, just maybe, AI is part of the answer. Shiran Bareli joins Jim and Rafal to talk it over, and it's a doozy.YouTube Video: https://youtube.com/live/nhn6Q75syjkDon't forget to check out the after-show segment, only on our YouTube page!Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast
Send the hosts a message - try it now!TL;DR: This week Ward Pyles joins Jim Tiller and myself to talk about a relatively unremarkable topic - people-centric security. We've talked about it a bunch but it's not until this episode that something finally clicked in my brain. When Ward talks about the data that security needs - see if you can pick it up too.Also - I'm trying some new bonus content - the "After Show" which is a 2-5 minute post-show bit where we post what's said after the recording (usually) stops. I hope you enjoy it - check that out exclusively on our YouTube channel.YouTube video: https://youtube.com/live/LWzA2czvocQSupport the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast
Send the hosts a message - try it now!TL;DR: This week's episode is a sit-down in person at Zero Trust World 2025 (sponsored by ThreatLocker) with Ryan Benner. Ryan's the caretaker of "anything that powers up", as he puts it, which means this small organization's security is also his responsibility. So how do you do it with next to no staff, and on a small budget? And how do you even begin to "Zero Trust" your network? Listen in.YouTube Video: https://youtu.be/JUMcWFNsVaASupport the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast
Send the hosts a message - try it now!TL;DR: This week's episode shifts the focus from leadership in the enterprise, to leadership in the vendor space. Building security products that innovate, inspire, and meet market and customer demand is far from trivial. Meet two of the best in the business - Arash Marzban and Bryan Lares - and hear what makes the job exciting, and how they make it great.YouTube video: https://youtube.com/live/wA9-vgusyI0Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast
Send the hosts a message - try it now!TL;DR: This week's podcast features the wisdom and wit of Merlin Namuth - currently serving as the CISO for the city & county of Denver. Merlin provides insights into how he views the first 90 days of a CISO's role with a new organization, frameworks and processes he goes through to get his bearings and start a successful residency.YouTube Video: https://youtube.com/live/8y7bsKlBBXE?feature=shareSupport the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast
Send the hosts a message - try it now!TL;DR: This episode was recorded live from Zero Trust World 2025 in Orlando, FL sponsored by ThreatLocker. Chase Cunningham joins after finishing an epic keynote where he eviscerates security dogma and the repeated stupidity of the Cyber sector. Chase & Rafal discuss Zero Trust, implications, implementation, and value.YouTube: Big thanks to ThreatLocker for hosting Zero Trust World 2025 - can't wait to get back next year!Support the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast
Send the hosts a message - try it now!TL;DR: On this episodes we welcome Kevin Fielder, CISO @ NatWest Boxed & Mettle, Advisor, investor, Coach, and speaker to talk about building guard rails and principles to minimize security's negative impact on business and technology while raising the bar for attackers.YouTube Video: https://youtube.com/live/xYPdHkUW0TQSupport the show>>> If you're reading this, consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast