Shows
The Cosive Podcast - Cyber Threat Intelligence and Security OperationsCTI-CMM: Improving Cyber Threat Intel Maturity with Colin Connor, Terry MacDonald & Prescott PymIn this episode of the Cosive podcast, Terry MacDonald and Prescott Pym are joined by CTI-CMM framework co-lead Colin Connor to dive into what CTI-CMM is, why it exists, and how to use it.The Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) is an industry-driven framework for assessing and improving an organisation's CTI capability. At its core, it's all about helping CTI practitioners produce outcomes, not just outputs.CTI-CMM: https://cti-cmm.org/Cosive: https://www.cosive.com2025-05-2852 min
Risky BusinessSnake Oilers: Pangea, Cosive and SysdigIn this edition of Snake Oilers three vendors pitch host Patrick Gray on their tech:
Pangea: Guardrails and security for AI agents and applications (https://pangea.cloud)
Worried about your AI apps going rogue, being mean to your customers or even disclosing sensitive information? Pangea exists to address these risks. Fascinating stuff.
Cosive: A threat intelligence company that can host your MISP server in AWS. CloudMISP! (https://www.cosive.com/snakeoilers)
Are you running a MISP server on some old hardware under a desk in your SOC? There’s a better way! Cosive can run it...2025-04-1747 min
The Cosive Podcast - Cyber Threat Intelligence and Security OperationsThreat Sharing Communities with Prescott PymCosive Principal Consultant and CTI expert Prescott Pym discusses the how and why of threat sharing communities, including CTIS, the Australian Signals Directorate's national threat sharing program.👋 Check out our website: www.cosive.com2025-04-0120 minThe Cosive Podcast - Cyber Threat Intelligence and Security OperationsGetting Started with Cyber Threat Intelligence (CTI) with Chris HorsleyCan one analyst with zero budget start a Cyber Threat Intelligence (CTI) program?
Yes! In fact, you may already have started a small threat intelligence program without even realising it.
In this interview with Cosive CTO and renowned CTI expert Chris Horsley we delve into the following questions on how analysts and teams can start a threat intelligence practice with limited resources:
What is CTI and what purpose does it serve today?
What makes for a good threat intelligence analyst?
How can one analyst get started with collecting, sharing and analysing...2024-08-2731 min
AUSCERT "Share today, save tomorrow"029 -CTI (The importance of information and why context matters)In this episode, AUSCERT features the following guests:
> Chris Horsley, Cosive
> David Stockdale, AUSCERT
Anthony sits down with Chris from Cosive to discuss Cyber Threat Ingelligence, the importance of information and why context matters so much.
In the second half of the episode, Bek chats with David Stockdale, Director of AUSCERT to reflect on the past 12 months achievements and celebration of 30 years of AUSCERT.
This episode was hosted by Anthony Caruana and Bek Cheb2023-12-1845 minThe Cosive Podcast - Cyber Threat Intelligence and Security OperationsHow the NZITF Improves New Zealand's Security Posture with Terry MacDonaldNew Zealand Internet Taskforce (NZITF) chairman and Cosive COO Terry MacDonald speaks on all things NZITF, including what the NZITF does, why it was created, and how to get involved.
You can see Terry in-person at the NZITF conference on the 13th and 14th of November, 2023.2023-11-0717 minThe Cosive Podcast - Cyber Threat Intelligence and Security OperationsSecuring Medical Devices with Emily EtchellEver wondered how medical devices like pacemakers, ventilators, and cochlear implants are protected from threat actors? Emily Etchell is a Security Consultant at Cosive. Previously, Emily worked for Australia's Therapeutic Goods Administration (TGA), focusing on how medical devices can be kept safe from malicious actors. Emily shares her experiences in this podcast, explaining some of the challenges involved with securing medical devices, and how they're currently being overcome.2023-10-1916 min
Build Amazing Things (securely)The Person They Call When Things GO WRONG with Shanna DalyShanna Daly is a computer forensics and cyber security specialist for Cosive Security. She is the person companies call when things have gone very wrong.In this episode, Laura and Shanna talk through what actually happens when a forensics team is called in after an incident, what data really matters, and what we can do as developers to make investigations easier.2023-08-0129 min
The Cosive Podcast - Cyber Threat Intelligence and Security OperationsSecurity-focused Code Review for Software Developers with Sid OdgersCosive's Software Development Lead Sid Odgers is a cybersecurity expert who spends his days building secure software. In this podcast you'll learn how Sid approaches code review so that all code shipped to production is secure as well as high-quality. The tips shared here are language agnostic and will be of use to any software developer who wants to get better at security.2023-04-2615 min
The Cosive Podcast - Cyber Threat Intelligence and Security OperationsHow ChatGPT Could Transform the CTI Analyst Role with Chris HorsleyCosive CTO Chris Horsley conducted early experiments using ChatGPT to help assign ATT&CK IDs to threat intelligence reports. While the tool won’t replace an experienced analyst as of today, it will likely change the way we do this kind of work.
Read the blog post where Chris deep-dives on his experiments with using ChatGPT for CTI: https://www.cosive.com/podcast/2022/12/21/episode-004-how-chatgpt-could-transform-the-cti-analyst-role-with-chris-horsley2022-12-2114 min
AUSCERT "Share today, save tomorrow"017 – Digital Forensics and Incident ResponsesIn this episode, AusCERT features the following guests:
> Shanna Daly, Cosive
> Mark Carey-Smith, AusCERT
With the changing threat surface presenting new and evolving challenges, Anthony speaks with Shanna Daly to discuss her views on digital forensics and incident response.
They delve into the ‘how’ and ‘why’, which requires looking for proof of how something happened, from low-level investigations to evidence-based hypotheses of what is likely to have occurred.
Shanna explains how understanding the connection between digital forensics and incident response helps help paint a picture of attribution that is factually accurate but also, identifies oversights or errors that can be removed...2022-11-2532 min
The Cosive Podcast - Cyber Threat Intelligence and Security OperationsSecuring REST API Endpoints (or How to Avoid Another Optus) with James CooperUnless you have been living in a cave on Mars with your eyes shut and your fingers in your ears for the past few weeks, you have probably heard something about a data breach at Australian telecommunications giant Optus.
As security mistakes go, the vulnerability reported to have enabled the attack leans toward the more embarrassing side of the scale. If reports are true, Optus has effectively exposed customer data on an endpoint available to the entire internet.
While it is plausible that a developer will forget to (re)secure an endpoint once they finish their development work, there are...2022-10-2735 min
The Cosive Podcast - Cyber Threat Intelligence and Security OperationsBuilding Production-worthy Software in SecOps Teams with Chris Horsley, CTO at CosiveBefore jointly founding Cosive with Kayne Naughton and Terry MacDonald, Chris Horsley (Cosive’s CTO) spent many years working in national CSIRTs in both Australia and Japan, as well as doing freelance secure software development for operations teams.
In this interview Chris Horsley (CTO at Cosive) talks about the challenges of building software and doing development in SecOps teams.
An edited transcription of this podcast is available here: https://www.cosive.com/blog/2022/8/17/building-production-worthy-software-in-secops-teams-an-impossible-challenge2022-08-1620 min
The Cosive Podcast - Cyber Threat Intelligence and Security OperationsWhat Goes Wrong in Threat Intel Programs with Kayne Naughton, MD & Co-founder at CosiveIn this interview Cosive’s Managing Director Kayne Naughton shares what he’s learned about threat intelligence programs throughout his career in vulnerability development, SysAdmin and working on threat intel in the financial sector.
Kayne is one of the co-founders of Cosive. Founded in 2015, Cosive specialises in trying to solve the difficult problems in security for Australian and New Zealand organisations.
An edited transcript of this podcast is available here: https://www.cosive.com/blog/2022/8/2/what-goes-wrong-in-threat-intel-programs2022-08-0928 min