Shows
Behind the Binary by Google Cloud SecurityEP20 Windows Under the Hood: Kernel Design, EDRs, and the Shift to VBS with Pavel YosifovichIn this episode, we get a unique look at the history of Windows through the eyes of one of its leading experts, Pavel Yosifovich. We delve into his fascinating origin story, including the "fluke" that led him to become the author of the legendary Windows Internals series, and why he describes himself as a developer who "hates security."The conversation explores the most significant foundational changes in Windows kernel design, specifically the architectural shift toward Virtualization-Based Security (VBS) and the long-term strategy behind the "Secure Kernel." We discuss the ever-evolving landscape of EDRs, the reality of kernel-level...
2025-12-101h 10
Simply DefensiveFrom Pre-Law to FLARE: How Josh Stroschein Became Google's Malware AnalystIn this episode of Simply Defensive, Josh Mason and Wade Wells sit down with Josh Stroschein — aka The Cyber Yeti — a former professor turned reverse engineer now working on one of the largest malware analysis teams in the world.Josh shares his unconventional path through .NET development, credit card processing security, and academia before landing at Google. He opens up about teaching reverse engineering while learning it himself, building educational CTFs, and the realities of making it as a full-time reverse engineer in an industry where those roles are rare.Wh...
2025-12-0139 minBehind the Binary by Google Cloud SecurityEP19 The Art of Deconstructing Problems: Tools, Tactics, and the ScatterBrain Obfuscator with Nino IsakovicIn this episode, we’re joined by Nino Isakovic, a long-time low-level security expert, for a thought-provoking conversation that spans the foundational and the cutting-edge. Nino discusses the art of deconstructing problems—sharing insights on how to learn effectively, the building blocks of a robust RE toolkit, and the critical shift required in our analytical approach. We then transition into the front lines of threat intelligence, where Nino discusses the specific challenges of analyzing sophisticated adversary tools. This includes systems like ORB Networks and a detailed look at his discovery of the ScatterBrain obfuscating compiler. Tune in for a full...
2025-11-191h 53Behind the Binary by Google Cloud SecurityEP18 10,000 DLLs and Too Much Math - Wrapping Up FLARE-On 12 with the FLARE TeamIn this episode, we sit down with Nick Harbour, Blas Kojusner, Moritz Raabe, and Sam Kim — members of the FLARE Team and some of this year’s challenge authors — for a deep dive into the design and execution of FLARE-On 12. The team discusses the complexity and intent behind this year's challenges, including how Sam created his grueling final challenge, "10,000," which featured 10,000 individual DLLs to force competitors toward automation. Sam reveals that solving the final puzzle required deep knowledge of both reverse engineering and group theory concepts like topological sorting and modular exponentiation of a matrix. Blas Kojusner explains his approa...
2025-11-0547 minBehind the Binary by Google Cloud SecurityEP17 What Lurks Beneath: Building a Robust Network at Black Hat with Mark OverholserIn this episode, we're asking the question: "What Lurks Beneath?" We're joined by Mark Overholser, a Technical Marketing Engineer at Corelight who's part of the team running the Black Hat Network Operations Center (NOC). We discuss the incident during Black Hat 2025 that introduced us and revealed the team's proactive approach to protecting every guest from the unseen threats hiding in the shadows. Mark gives us an insider’s look at the philosophy and challenges behind building a robust network for a security conference, which includes the complex infrastructure provided by partners like Arista, Cisco, Palo Alto Networks, and Lumen....
2025-10-221h 09Behind the Binary by Google Cloud SecurityEP16 The Machine Learning Revolution in Reverse Engineering with Hahna Kane LatonickIn this episode of Behind the Binary, we're joined by renowned security researcher Hahna Kane Latonick for a deep dive into the powerful world where reverse engineering meets data science. Hahna shares her expertise on how techniques like supervised and unsupervised learning can be used to classify and predict security threats, and she explains how deep learning and neural networks are being applied to identifying code sharing and solving other classification problems. We also discuss how Generative AI is transforming reverse engineering, from augmenting and assisting workflows to driving fully automated analysis.Resources mentioned during the episode:
2025-10-011h 25Behind the Binary by Google Cloud SecurityEP15 Getting Ready for FLARE-On 12 - An Inside Look at the Reverse Engineering GauntletIn this episode, we're "Getting Ready for FLARE-On 12" with an inside look at the world-renowned reverse engineering competition. We’re joined by long-time FLARE-On host and challenge author Nick Harbour and regular challenge author Blas Kojusner for an in-depth conversation.We'll take a brief tour of FLARE-On history and discuss how it has grown into a must-do event for malware analysts and reverse engineers. We’ll also break down how the competition works, from the evolution of the unique flag format to the mechanics of getting to the next challenge.Nick and Blas will then give...
2025-09-1739 minBehind the Binary by Google Cloud SecurityEP14 Web3's Dark Side: Unmasking the New Age of Financial CrimeWeb3 promised a new era of decentralized finance, but it has also created a new frontier for crime, with thefts and hacks far surpassing those in the traditional financial sector. In this episode, we sit down with experts Blas Kojusner, Robert Wallace, and Joseph Dobson to explore the Wild West of Web3 and decentralized finance (DeFi).But what is Web3? Our episode begins by taking a look at Web3 technologies like DeFi, blockchain, and smart contracts and explain how their very design makes them vulnerable. Our panel will then reveal how threat actors exploit these weaknesses, from...
2025-09-031h 12Behind the Binary by Google Cloud SecurityEP13 Beyond the Bug: Scaling Bug Bounty Programs & Launching a Cyber Startup with Dr. Jared DeMottIn this episode of Behind the Binary, we sit down with Dr. Jared DeMott to pull back the curtain on the world of cybersecurity. Formerly with the Microsoft Security Response Center (MSRC), Jared shares invaluable wisdom on managing bug bounty programs at scale and what truly makes a good bug report. We then pivot to explore his fascinating career journey, from his start with the NSA to leading teams at Microsoft. If that wasn’t enough, we’ll also dive into the unique challenges of a cyber startup. Get a firsthand account of his entrepreneurial spirit as he discusses why...
2025-08-1337 minBehind the Binary by Google Cloud SecurityEP12 Unpacking Malware & Minds: A Reverse Engineer's Journey with Danny QuistJoin us as we explore the world of reverse engineering with pioneer and CTO, Danny Quist. We'll examine the evolving landscape of binary analysis tools, the constant battle with malware obfuscation, and what it was like building one of the very first malware repositories for research. Plus, Danny shares unique insights on neuro-diversity and cognitive load – crucial topics that impact us all.That's just a glimpse of what's ahead. Danny Quist isn't just a leading mind in reverse engineering; he offers a rare look into the evolution of our field and some deeply personal reflections that I th...
2025-07-1659 minBehind the Binary by Google Cloud SecurityEP11 Tracing Lazarus: Greg Sinclair on Attributing North Korean Cyber Threats Through Binary SimilarityEver wonder who names the world's most notorious APTs? In this episode, we sit down with Greg Sinclair, a reverse engineer from the FLARE team at Google. Greg not only hunts down sophisticated malware but also shares the behind the scenes story of how he discovered and named the North Korean APT, the Lazarus Group. He also discusses his innovative methods for identifying malware families through binary similarities. Get ready for an inside look at the challenges, triumphs, and the sheer passion that defines a cutting-edge reverse engineer.
2025-06-251h 02Behind the Binary by Google Cloud SecurityEP10 Tim Blazytko - Protecting Intellectual Property: Obfuscation & Anti-Reverse Engineering in SoftwareWhat goes into creating effective software protections? This episode features a conversation with Tim Blazytko, Chief Scientist and Head of Engineering at Emproof, about the essential strategies for protecting software intellectual property. We cover the core concepts of code obfuscation and anti-reverse engineering and discuss practical, modern approaches to implementing these defenses effectively, while also shedding light on the significant challenges and trade-offs involved. Listeners will gain insight into the defender's mindset, the evolution of protection techniques, and the fundamental difficulties in truly hiding secrets within executable code.
2025-06-041h 08Behind the Binary by Google Cloud SecurityEP09 Thomas Roccia - AI, Data Visualization, and the Future of Security ResearchIn this episode, we’re joined by Thomas Roccia, a security researcher at Microsoft. Thomas discusses the growth of the Unprotect Project, how AI is changing security research, and the impact of data visualizations for conveying technical information. Drawing on his experience, Thomas offers a unique perspective on the intersection of open-source collaboration, artificial intelligence, and effective communication in the cybersecurity field.
2025-05-141h 08Behind the Binary by Google Cloud SecurityEP08 Roman Hussy - Inside AbuseCH: A Community's Fight Against MalwareThis episode shines a light on abuse.ch, a vital non-profit project built by and for the global cybersecurity community. We chat with founder Roman Huessy about the collective effort behind tracking malware and botnets for over a decade. Discover the journey of maintaining a crucial shared resource—the technical challenges of hosting an open platform designed for community benefit, and how collaboration fuels the fight against threat actors. Roman shares insights into the future of community-driven threat intelligence and the constant vigilance required to provide this essential service that empowers defenders worldwide.Find more information at ab...
2025-04-2342 minBehind the Binary by Google Cloud SecurityEP07 Jordan Wiens - Inside the Mind of a Binary Ninja: CTFs, AI and the Future of Cyber SecurityIn this episode, we have a fascinating conversation with Jordan Wiens, developer of the widely used Binary Ninja, and co-founder of Vector 35. Jordan brings his expertise as an avid CTF player to a discussion about the complexities of building a commercial reverse engineering platform, the importance of community growth, and the significant future role of AI. We also delve into the unique nature of having active adversaries inherent in cyber security work.Resources mentioned in this episode:Code visualization: https://github.com/voidALPHA/cgc_vizBinary Ninja features: https://binary.ninja/2024/11/20/4.2-frogstar.html...
2025-04-0259 minBehind the Binary by Google Cloud SecurityEP06 Duncan Ogilvie - Piano Tuning & Debugging: The Story of x64dbgIn this episode, we're sitting down with Duncan Ogilvie, the creator of x64dbg! We'll dive deep into how one of the most popular Windows debuggers got its start, explore the real-world challenges of running a major open-source software project, and even get a glimpse into the future of this essential tool. You'll also learn how piano tuning almost stopped this project from existing!Resources mentioned in this episdoe:Discord community for x64dbg: discord.x64dbg.com
2025-03-0546 minBehind the Binary by Google Cloud SecurityEP05 Saumil Shah - From Black Hat to RingZer0: Shaping the World of Reverse EngineeringSaumil Shah, a security researcher, discusses his journey into reverse engineering, starting with his early interest in patching games and analyzing viruses. He emphasizes the evolution of reverse engineering tools and techniques, from manual approaches to AI-driven automation, and shares his insights on the future of the field and the importance of continuous learning. We also discuss his journey from veteran Black Hat instructor to starting his own security conference.
2025-02-121h 06Behind the Binary by Google Cloud SecurityEP04 Stephen Eckels - A Journey From Game Modding to SolarWinds: How One Gamer Became a Renowned Reverse EngineerIn this episode, we are joined by Stephen Eckels of the FLARE team at Google (Mandiant). Stephen discusses his journey into the field, starting with his early interest in video game modding and hacking. He shares his experience in discovering the Sunburst backdoor in the SolarWinds attack and emphasizes the importance of continuous learning, community engagement, and the evolving landscape of reverse engineering tools and techniques.
2025-01-151h 05Behind the Binary by Google Cloud SecurityEP03 Ryan Chapman - From Software Cracking to Threat Hunting: A Reverse Engineering StoryJoin us as I sit down with renowned threat hunter, Ryan Chapman. Ryan shares his incredible journey from a curious young hacker to a formidable force in cybersecurity. Discover how his early fascination with software cracking ignited a passion for reverse engineering, ultimately leading him to the front lines of cyber defense. In this conversation, Ryan delves into his early days learning reverse engineering and recounts some pivotal moments. He discusses the evolution of malware obfuscation and what makes the field so engaging. And finally, Ryan shares insights into learning and building community to help anyone's career grow. Whether y...
2024-12-1153 minBehind the Binary by Google Cloud SecurityEP02 Victor Manuel Alvarez - Motivation, Community, and the Future with YARA-X: Building the Future of Threat DetectionIn this episode we’re sitting down with Victor Manuel Alvarez, the creator of YARA. YARA is one of the most powerful tools in cybersecurity. We discuss his early career, what motivated him to create YARA, and the role the community has played in its development. Plus, Victor shares his thoughts on the future of YARA and YARA-X, which is a ground-up rewrite of this venerable tool.
2024-11-2031 minBehind the Binary by Google Cloud SecurityEP01 Nick Harbour - Early Days of Incident Response, Mandiant History and FLARE-ONNick Harbour discusses his career journey from his early days in the Air Force to his work at Mandiant. He shares insights into the evolution of malware, his contributions to the field of malware analysis, and the development of the Flare-On contest, a reverse engineering challenge.
2024-10-301h 04
Blue Team DiariesBlue Team Diaries E011: Josh StroscheinWelcome to episode 11 of the Blue Team Diaries! In this episode, our host Peter Manev engages in a conversation with Dr. Josh Stroschein, Reverse Engineer @ FLARE with Google, as they delve into the world of malware analysis.In this episode, you’ll learn:Essential environments: Explore popular options like Remnix and Flare VM to set up your secure analysis workspace.Powerful tools: Discover functionalities of Olefile, oledump, and Cyber Chef used to dissect and decode suspicious files.Valuable resources: Gain access to helpful materials like Josh’s GitHub repository and curated malware sample libraries.The worl...
2024-03-0739 min
Daily Cyber Threat BriefHow To Reverse Engineer Like A BossReversing is a valuable skill within the #cybersecurity industry. The ability to take apart a binary to analyze it and see exactly how it works is useful on the blue side (to figure out what that malware is doing) and on the red side (to find vulnerabilities).How do you get this skill, how hard is it, and what it actually look like??Guest Links:https://www.linkedin.com/in/joshstroschein/https://twitter.com/jstroschhttps://www.youtube.com/c/M9developmenthttps://app.pluralsight.com/profile/author/josh-stroscheinhttps...
2022-04-041h 05