Shows
The Defender's Advantage PodcastProtecting the Core: Securing Protection Relays in Modern SubstationsHost Luke McNamara is joined by members of Mandiant Consulting's Operational Technology team (Chris Sistrunk, Seemant Bisht, and Anthony Candarini) to discuss their latest blog on securing assets in the energy grid.https://cloud.google.com/blog/topics/threat-intelligence/securing-protection-relays-modern-substations
2025-07-2843 minThe Defender's Advantage PodcastVishing in the WildNick Guttilla and Emily Astranova, from Mandiant Consulting's Offensive Security team, join host Luke McNamara for an episode on voice-based phishing, or "vishing." Nick and Emily cover their respective blogs and experiences, diving into how they employ vishing techniques to social engineer organizations--both organically and using AI-powered voice cloning to mimic specific employees--during red team engagements. https://cloud.google.com/blog/topics/threat-intelligence/technical-analysis-vishing-threats?e=48754805https://cloud.google.com/blog/topics/threat-intelligence/ai-powered-voice-spoofing-vishing-attacks?e=48754805.
2025-06-0437 minThe Defender's Advantage PodcastResponding to a DPRK ITW IncidentJP Glab (Mandiant Consulting) joins host Luke to discuss responding to activity from North Korean IT workers. He walks through what initially triggered the investigation at this organization, how it progressed in parallel with an HR investigation, and ultimately what was discovered. For more on the DPRK IT workers and trends in incident response, check out Mandiant's 2025 M-Trends report. https://cloud.google.com/blog/topics/threat-intelligence/m-trends-2025
2025-05-1916 minThe Defender's Advantage PodcastUNC5221 and The Targeting of Ivanti Connect Secure VPNsMatt Lin (Senior Incident Response Consultant, Mandiant) and Daniel Spicer (Chief Security Officer, Ivanti) dive into the research and response of UNC5221's campaigns against Ivanti. They cover how this threat actor has evolved from earlier campaigns, the continued focus of edge infrastructure by APT actors, and the shared responsibility of security in mitigating threats like this. https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerabilityhttps://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-dayhttps://www.ivanti.com/blog/an-update-on-ivantis-ongoing-commitment-to-enhanced-product-securityhttps://www.ivanti.com/resources/secure-by-design/2024https://cloud.google.com/b...
2025-05-0527 minThe Defender's Advantage PodcastThe Art of Remediation in Incident ResponseJibran Ilyas (Consulting Leader, Mandiant Consulting) joins host Luke McNamara to discuss remediation as part of incident response. Jibran covers various scenarios (espionage and ransomware) and how they may differ in approaching remediation, how types of architecture could shape remediation efforts, non-technical components of the remediation phase, and more.
2024-12-0240 minThe Defender's Advantage PodcastHow to Run an Effective Tabletop ExerciseMandiant Senior Consultant Alishia Hui joins host Luke McNamara to discuss all things tabletop exercise related. Alishia walks through the elements of a tabletop exercise, important preparatory steps, the success factors for a good exercise, and how organizations can implement lessons learned. https://cloud.google.com/transform/the-empty-chair-guess-whos-missing-from-your-cybersecurity-tabletop-exercisehttps://www.mandiant.com/sites/default/files/2021-09/ds-tabletop-exercise-000005-2.pdf
2024-10-1829 minThe Defender's Advantage PodcastHow Threat Actors Bypass Multi-Factor AuthenticationJosh Fleischer, Principal Security Analyst with Mandiant's Managed Defense organization sits down with host Luke McNamara to discuss trends in MFA bypass and how threat actors are conducting adversary in the middle (AiTM) attacks to gain access to targeted organizations. Josh walks through a case study of MFA bypass, how token theft occurs, the increasing amount of AiTM activity with more features being added to phishing kits, and more.
2024-09-2627 minThe Defender's Advantage PodcastWhat Iranian Threat Actors Have Been Up To This YearMandiant APT Researcher Ofir Rozmann joins host Luke McNamara to discuss some notable Iranian cyber espionage actors and what they have been up to in 2024. Ofir covers campaigns from suspected IRGC-nexus actors such as APT42 and APT35-related clusters, as well as activity from TEMP.Zagros. For more on this topic, please see: https://blog.google/technology/safety-security/tool-of-first-resort-israel-hamas-war-in-cyber/https://cloud.google.com/blog/topics/threat-intelligence/untangling-iran-apt42-operations?e=48754805https://cloud.google.com/blog/topics/threat-intelligence/suspected-iranian-unc1549-targets-israel-middle-east?e=48754805
2024-07-2536 minThe Defender's Advantage PodcastMandiant's Approach to Securely Using AI SolutionsMandiant Consultants Trisha Alexander, Muhammed Muneer, and Pat McCoy join host Luke McNamara to discuss Mandiant's recently launched services for securing AI. They discuss how organizations can proactively approach securing the implementation of AI workloads, red-team and test these security controls protecting generative AI models in production, and then also employ AI within the security organization itself. For more, please see: https://cloud.google.com/security/solutions/mandiant-ai-consulting
2024-06-2732 minThe Defender's Advantage PodcastLessons Learned from Responding to Cloud CompromisesMandiant consultants Will Silverstone (Senior Consultant) and Omar ElAhdan (Principal Consultant) discuss their research into cloud compromise trends over 2023. They discuss living off the land techniques in the cloud, the concept of the extended cloud attack surface, how organizations can better secure their identities, third party cloud compromise trends, and more. Will and Omar's talk at Google Next: https://www.youtube.com/watch?v=Fg13kGsN9ok&t=2s
2024-06-0330 minThe Defender's Advantage PodcastThe ORB NetworksMichael Raggi (Principal Analyst, Mandiant Intelligence) joins host Luke McNamara to discuss Mandiant's research into China-nexus threat actors using proxy networks known as “ORBs” (operational relay box networks). Michael discusses the anatomy and framework Mandiant developed to map out these proxy networks, how ORB networks like SPACEHOP are leveraged by China-nexus APTs, and what this all means for defenders. For more, check out: https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-orb-networksFollow Michael on X at @aRtAGGI
2024-05-2229 minThe Defender's Advantage PodcastInvestigations Into Zero-Day Exploitation of the Ivanti Connect Secure AppliancesMandiant Principal Analysts John Wolfram and Tyler McLellan join host Luke McNamara to discuss their research in the "Cutting Edge" blog series, a series of investigations into zero-day exploitation of Ivanti appliances. John and Tyler discuss the process of analyzing the initial exploitation, and the attribution challenges that emerged following the disclosure and widespread exploitation by a range of threat actors. They also discuss the role a suspected Volt Typhoon cluster played into the follow-on exploitation, and share their thoughts on what else we might see from China-nexus zero-day exploitation of edge infrastructure this year. For more on...
2024-05-1627 minThe Defender's Advantage PodcastM-Trends 2024 with Mandiant Consulting Vice President Jurgen KutscherJurgen Kutscher, Mandiant Vice President for Consulting, joins host Luke McNamara to discuss the findings of the M-Trends 2024 report. Jurgen shares his perspective on the "By the Numbers" data, the theme of evasion of detection in this year's report, and how Mandiant consultants have been leveraging AI in purple and red teaming operations. For more on the M-Trends 2024 report: http://cloud.google.com/security/m-trends
2024-04-2925 minThe Defender's Advantage PodcastAssessing the State of Multifaceted Extortion OperationsKimberly Goody, Head of Mandiant's Cyber Crime Analysis team and Jeremy Kennelly, Lead Analyst of the same team join host Luke McNamara to breakdown the current state of ransomware and data theft extortion. Kimberly and Jeremy describe how 2023 differed from the activity they witnessed the year prior, and how changes in the makeup of various groups have played out in the threat landscape, why certain sectors see more targeting, and more.
2024-04-1140 minThe Defender's Advantage PodcastHunting for "Living off the Land" ActivityHost Luke McNamara is joined by Mandiant consultants Shanmukhanand Naikwade and Dan Nutting to discuss hunting for threat actors utilizing "living off the land" (LotL) techniques. They discuss how LotL techniques differ from traditional malware based attacks, ways to differentiate between normal and malicious use of utilities, Volt Typhoon, and more.
2024-03-2942 minThe Defender's Advantage PodcastThe North Korean IT WorkersPrincipal Analyst Michael Barnhart joins host Luke McNamara to discuss Mandiant's research into the threat posed by the Democratic People's Republic of Korea's (DPRK) usage of IT workers to gain access to enterprises. For more on Mandiant's analysis of North Korea's cyber capabilities, please see: https://www.mandiant.com/resources/blog/north-korea-cyber-structure-alignment-2023
2024-02-2134 minThe Defender's Advantage PodcastIs The CTI Lifecycle Due For An Update?Mandiant Intelligence Advisor Renze Jongman joins host Luke McNamara to discuss his blog on the CTI Process Hyperloop and applying threat intelligence to the needs of the security organization and larger enterprise. For more on this topic, please see: https://www.mandiant.com/resources/blog/cti-process-hyperloop
2024-01-2528 minThe Defender's Advantage PodcastThreat Trends: Hacktivists' Continued Use of DDoSFor our first episode of 2024, host Luke McNamara is joined by Mandiant Senior Technical Director Jose Nazario and Principal Analysts Alden Wahlstrom and Josh Palatucci, to discuss the hacktivist DDoS activity they tracked over the last year.
2024-01-1044 minThe Defender's Advantage PodcastThreat Trends: Tales from the 2023 TrenchesDoug Bienstock and Josh Madelay, Regional Leads for Mandiant Consulting, join host Luke McNamara to walk through some of the trends they have witnessed responding to breaches in 2023. Josh and Doug cover what is happening with business email compromise (BEC), common initial infection vectors, social engineering tactics, and more.
2023-12-1237 minThe Defender's Advantage PodcastThreat Trends: The Implications of the MOVEit CompromiseCharles Carmakal, CTO for Mandiant Consulting, joins host Luke McNamara to discuss the long tail impact of FIN11's compromise of the MOVEit file transfer solution. Charles breaks down some of the differences with this compromise in comparison to FIN11's previous operations, why the impact from this operation may impact organizations for some time, and what this spells for the changing landscape of multifaceted extortion. For more from Mandiant on MOVEit: https://www.mandiant.com/resources/blog/zero-day-moveit-data-theftIf you enjoyed this episode, please rate and leave us a review on your platform of cho...
2023-07-2027 minThe Defender's Advantage PodcastThreat Trends: A Requirements-Driven Approach to Cyber Threat IntelligenceDr. Jamie Collier (Senior Threat Intelligence Advisor, Mandiant) joins host Luke McNamara to discuss the recent white paper from Mandiant about developing a requirements-driven approach to intelligence, challenges organizations face in this area, and the importance of recurring stakeholder feedback to a well-functioing CTI team. Follow Jamie at @TheCollierJam on Twitter. For more on A Requirements-Driven Approach to Cyber Threat Intelligence, please see: https://www.mandiant.com/resources/blog/requirements-driven-approach-cti
2023-06-1627 minThe Defender's Advantage PodcastFrontline Stories: Crisis Communications During a BreachDan Wire from Mandiant joins host Kerry Matre to discuss the ins and outs of crisis communications during a breach as well as what you can do to prepare for a crisis.
2023-06-0631 minThe Defender's Advantage PodcastThreat Trends: UNC961 and How Managed Defense Approaches Threat HuntingRyan Tomcik, Dan Fenwick, and Tim Martin join host Luke McNamara to discuss how Managed Defense conducts proactive hunting, illustrated by several UNC961 intrusions. For more, please see: https://www.mandiant.com/resources/blog/unc961-multiverse-financially-motivatedFollow Ryan @heferyzan and Tim @Sa1jak on Twitter.
2023-05-2630 minThe Defender's Advantage PodcastFrontline Stories: The Executive's Role in CybersecurityWhat role do executives and the board play in cybersecurity and breach management. Hear from Jesse Jordan and Howard Israel of Mandiant discuss their experiences helping executives get the right information from their security leaders and understanding their role during a breach.
2023-05-1733 minThe Defender's Advantage PodcastThreat Trends: Bonus Episode - How Will AI Impact Threat Intelligence?The endless battle of threat actors versus cybersecurity professionals may come down to who deploys AI better. In this interview from RSA, John Hultquist, Senior Manager, Mandiant Intelligence, surmises how the bad guys may use AI in the near future to scale attacks, while Vijay Ganti, Head of Product Management, Threat Intelligence, Detection & Analytics for Google Cloud Security, walks through the AI use cases that will help organizations better defend against those attacks. Hosted by Dan Lamorena, Head of Mandiant Product Marketing.
2023-05-0909 minThe Defender's Advantage PodcastThreat Trends: M-Trends 2023Mandiant's Kirstie Failey and Jake Nicastro join host Luke McNamara to break down the findings from the 2023 M-Trends report. Kirstie and Jake cover some of the notable trends gleaned from Mandiant breach investigations over the past year around dwell time, ransomware, top initial intrusion vectors, and more. For more on Mandiant's 14th iteration of M-Trends, check out: https://www.mandiant.com/resources/blog/m-trends-2023Follow Kirstie (@Gigs_Security) and Jake (@nicastronaut) on Twitter.
2023-04-2440 minThe Defender's Advantage PodcastFrontline Stories: Exposure Management Beyond VulnerabilitiesJonathan Cran, Lead for Mandiant Attack Surface Management at Google Cloud, joins host Kerry Matre to discuss the evolution of vulnerability and exposure management and how important comprehensive approaches are to mitigating cyber risk.Jonathan shares his experiences from BugBounty, penetration testing and working with customers to solve the growing problem of too many CVEs, too little prioritization methods. He walks through the importance of an intelligence-led approach to exposure management, how CISOs can think about their organization and how to make informed business decisions.
2023-04-1125 minThe Defender's Advantage PodcastThreat Trends: How APT43 Targets Security Policy Experts Focused on North KoreaWith the public release of Mandiant's latest named threat actor--APT43--guests Michael Barnhart and Jenny Town join host Luke McNamara to uncover how this espionage actor targets policy experts to support North Korea's nuclear ambitions. Follow Jenny on Twitter @j3nnyt0wn and 38 North at https://www.38north.org/ Find Mandiant's full report on APT43 here: https://www.mandiant.com/resources/reports/apt43-north-korea-cybercrime-espionage
2023-03-2839 minThe Defender's Advantage PodcastThreat Trends: A Retrospective on Zero-Days in 2022 with Project Zero and MandiantJared Semrau (Mandiant) and Maddie Stone (Project Zero) join host Luke McNamara for a look back at the zero-day exploit trends of 2022. Maddie and Jared break down the differences in focus between their teams, and some of the interesting things they each observed last year. Jared covers some of the threat actors that drove last year's trends in observed zero-days, and Maddie highlights how variants of known vulnerabilities and bugs continue to shape the exploit landscape. They also discuss the challenges and trade-offs for defenders that arise from publishing technical details of exploits. For more on Google's P...
2023-03-2048 minThe Defender's Advantage PodcastThreat Trends: Head of TAG on Commercial Spyware, Cyber Activity in Eastern Europe and MoreShane Huntley, Senior Director of Google's Threat Analysis Group (TAG) joins host Luke McNamara to discuss his team's work keeping Google users secure. Shane breaks down the research his team has done on the problem of commercial spyware vendors, and how that is impacting the threat landscape today. While this threat has evolved over the years as vendors come and go, Shane highlights drivers to this market and how it may evolve in the years to come. Shane also delves into TAG's recent report on the past year of Russian cyber operations since the invasion of Ukraine, and provides...
2023-02-2325 minThe Defender's Advantage PodcastThreat Trends: An Episode (Mostly) About Non-Ransomware Cyber CrimeKimberly Goody and Jeremy Kennelly from Mandiant’s Financial Crime Analysis team join host Luke McNamara to discuss trends in the cyber crime landscape. Kimberly and Jeremy dive into the ongoing nature of banking malware repurposed for other types of financially-motivated crime, SIM swapping, experimentation with file types and post-compromise exploitation frameworks, and more. Of course, the discussion inevitably returns to the topic of extortion and ransomware, and where that might be heading next. Don’t forget to rate, review and subscribe to The Defender’s Advantage Podcast where you listen to podcasts.
2023-02-1048 min
The Defender's Advantage PodcastThreat Trends: APT by USBIn this week’s episode of The Defender’s Advantage Podcast, Threat Trends host Luke McNamara is joined by Mandiant analysts Tyler McLellan and John Wolfram for a discussion on the usage of USB as an infection vector as described in two recent Mandiant blog posts.Tyler details the activity outlined in the most recent blog on a new cyber espionage operation attributed to Turla Team (UNC4210), distributing the KOPILUWAK reconnaissance utility and QUIETCANARY backdoor to ANDROMEDA malware victims in Ukraine. John then jumps in to discuss another blog from late 2022 on cyber espionage activity from UNC4191 heav...
2023-01-1928 min
The Defender's Advantage PodcastSkills Gap: Addressing the Cyber Mobilization CrisisOur latest episode in The Defender’s Advantage Podcast Skills Gap series features Mandiant EVP and Chief of Business Operations Barbara Massa and Director of HR for Google Cloud Margaret Clarke who joined host Kevin Bordlemay to discuss the initiatives from Mandiant and Google Cloud to address the cyber mobilization crisis we are facing. Recent data shows that there are over 700,000 cybersecurity jobs that are unfilled in the US alone, and global estimates show this number is upwards of 3 million. Barbara and Margaret discuss how both Mandiant and Google Cloud are breaking down the barriers to employment in...
2023-01-1223 min
The Defender's Advantage PodcastThreat Trends: A Year in Review with Sandra JoyceThis week’s episode of the Threat Trends series is the final episode of 2022 for The Defender’s Advantage Podcast. To wrap up our year and provide a glimpse into what we can expect from 2023, Sandra Joyce, VP of Mandiant Intelligence, joins host Luke McNamara for a discussion on some of the highlights from the past year. Sandra chats through aspects of the Russian invasion on Ukraine, activity from the DRAGONBRIDGE IO campaign, and Mandiant’s graduation of APT42. She also discusses the evolution of ransomware and the possibility of threat actors targeting countries with ransomware – as we saw i...
2022-12-1530 min
The Defender's Advantage PodcastSkills Gap: Transitioning from Military Service to a Role in CyberThis week’s episode of The Defender’s Advantage Podcast features four members of Team Mandiant who previously served in the United States military and transitioned into careers in the cyber security industry. Skills Gap host Kevin Bordlemay was joined by Paul Shaver, Thomas Worthington, Lauren Krukar, and Brian Timberlake for a discussion on what the transition out of service looks like and the resources that are available to those interested in a role in cyber. The group discusses their tips for military personnel considering a transition out of service and the resources they were able to take...
2022-12-0127 min
The Defender's Advantage PodcastThreat Trends: Reflections on Russian Cyber Threat Activity During the War in UkraineThis week’s episode of The Defender’s Advantage Podcast features Mandiant analysts Gabby Roncone, John Wolfram and Tyler McLellan who joined Threat Trends host Luke McNamara for a discussion on Russian cyber operations over the last year.The group discusses the Russia linked threat groups and activity Mandiant has been tracking related to the conflict in Ukraine, including UNC2589 and APT29. They also share their perspectives on the targeting trends they’ve observed over the last year and the activity we might expect to see moving forward, such as an increase in economic espionage and continued diplom...
2022-11-2343 min
The Defender's Advantage PodcastFrontline Stories: Cyber Insurance to Make Companies SaferThis week’s episode of The Defender’s Advantage Podcast features Davis Hake, co-founder of cyber insurance company Resilience, who joined Frontline Stories host Kerry Matre for a discussion on the role of cyber insurance. During the conversation, Davis explains the model for how cyber insurance is sold, the application process and how insurance companies work with clients to determine their risks and set rates. He also discusses some of the advances in recent years and those he hopes to see in cyber insurance in the coming years, including global resilience to digital threats. Learn more a...
2022-11-1730 min
The Defender's Advantage PodcastThreat Trends: Tracking DPRK Use of CryptocurrenciesThis week’s episode of The Defender’s Advantage Podcast features Mandiant’s Michael Barnhart and Joe Dobson who joined Threat Trends host Luke McNamara for a discussion on recent cyber activity out of North Korea, including the targeting of cryptocurrency. Michael and Joe discuss some of the North Korean threat groups Mandiant is following and a view of the threat landscape in the region. They also chat about the tactics of actors targeting cryptocurrency, which includes applying for roles with companies associated with crypto projects to enable malicious actors within the network. Don’t forget to...
2022-11-1036 min
The Defender's Advantage PodcastSkills Gap: Finding Your Fit in CyberOn this week’s episode of The Defender’s Advantage Podcast, Mandiant’s Nader Zaveri and Simran Sakraney join Skills Gap host Chris Campbell for a discussion on how the cyber security industry and the companies within it can attract candidates from underrepresented groups and foster diversity. Nader and Simran share their individual journeys into the industry and their perspectives on how organizations in cyber can encourage more women to enter the security field and tactics recruiters can take to engage individuals from non-traditional educational and professional backgrounds. They also outline the various types of roles that live w...
2022-11-0336 min
The Defender's Advantage PodcastSkills Gap: More Than a ResumeOn this week’s episode of The Defender’s Advantage Podcast, Skills Gap series host Chris Campbell is joined by Mandiant’s Fernando Tomlinson and Matt Boyle for a discussion on the value of hiring individuals from diverse professional backgrounds and ensuring accessibility to certifications and tools for those interested in transitioning to the cyber security field. Fernando and Matt share their thoughts on what hiring teams in the industry can do to learn more about an applicant’s analytical or soft skills outside of their resume. They also discuss the tools and resources that are available to foster...
2022-10-2032 min
The Defender's Advantage PodcastThreat Trends: The Threat Landscape in APJThis week’s episode of The Defender’s Advantage Podcast, Mandiant’s Yihao Lim joins the Threat Trends series to chat with host Luke McNamara about the threat landscape in the Asia-Pacific region. Yihao discusses recent IO campaigns in the region, particularly DragonBridge and HaiEnergy, and how these attacks influence how organizations view disinformation campaigns in APJ. He also discusses the impact of geopolitical drivers, such as Russia’s invasion of Ukraine and tensions between China and Taiwan, impact the cyber security landscape in the region. Additionally, Yihao shares the trends that he sees in the threat landscape...
2022-10-1322 min
The Defender's Advantage PodcastThreat Trends: The Security Landscape Facing ManufacturingThe latest episode in The Defender’s Advantage Podcast Threat Trends series features Todd Boppell, COO of the National Association of Manufacturers (NAM), who joined host Luke McNamara to discuss cyber security in the manufacturing landscape. During the conversation Todd shares the top concerns for NAM’s member organizations, how the industry approaches cyber security, and the challenges and opportunities he sees in the space. Learn more about NAM at https://www.nam.org and follow at @ShopFloorNAM Additional Resources Watch Mandiant’s recent manufacturing focused webinar on-demand now: https://mndt.info/3C1j...
2022-09-2137 min
The Defender's Advantage PodcastSkills Gap: Expanding Diversity in Cyber SecurityIn this week’s episode of The Defender’s Advantage Podcast, Skills Gap series host Chris Campbell is joined by Dawn Hagen and Kevin Bordlemay for a discussion on diversity, inclusion, and belonging initiatives. The group discusses Mandiant’s internal focus on diversity, including employee resource groups, as well as efforts to build awareness of career paths in cyber security via middle school, high school, and college information sessions. They also discuss ways Mandiant is partnering with external organizations on initiatives to expand diversity in the broader industry, including the Elevate program and Mandiant Gives Back. Dawn and Kev...
2022-09-1537 min
The Defender's Advantage PodcastThreat Trends: APT42 - Crooked Charms, Cons, and CompromisesThis week’s episode of The Defender’s Advantage Podcast features Emiel Haeghebaert and Ashley Zaya who joined Threat Trends series host Luke McNamara to discuss Mandiant’s most recently graduated APT group, APT42. Mandiant has identified APT42 as an Iranian-sponsored cyber espionage group tasked with conducting information collection and surveillance operations against individuals and organizations of strategic interest to the Iranian government. During the conversation, Emiel and Ashley dig into APT42’s activity and tactics, including spear-phishing and social engineering techniques. They also discuss where the group fits in to the threat landscape and how they see threa...
2022-09-0750 min
The Defender's Advantage PodcastSkills Gap: Building a Successful Security Operations TeamThe latest episode of the Skills Gap series, part of The Defender’s Advantage Podcast, features Mandiant Managed Defense team members Robert Parker and David Lindquist, who joined host Chris Campbell to discuss what they look for when hiring for their team. They detail the skills they look for most as they interview candidates and their tips for those looking to enhance their marketability in the industry. Robert and David also share instances in which they might shift their requirements of a potential candidate in favor of hiring someone with less experience and building them up. Don’t for...
2022-08-1817 min
The Defender's Advantage PodcastFrontline Stories: Shields Up, MandiantIn this week’s episode of The Defender’s Advantage Podcast, Kerry Matre, host of the Frontline Stories series, is joined by Mandiant’s Tim Crothers and Matt Shelton who discuss their role in protecting the company from attackers. Both share their professional journeys, how changes at the company have impacted their responsibilities, and some standout moments they’ve experienced while safeguarding Mandiant, such as the SolarWinds attack campaign. Tim and Matt also detail how they continue to promote security awareness among employees and offer their insights on the steps security and non-security companies can take to ensure that their en...
2022-08-0436 min
The Defender's Advantage PodcastThreat Trends: Securing the Vote in 2022In the latest Threat Trends episode of The Defender’s Advantage Podcast, Mandiant’s Jon Ford and Stacy O’Mara join host Luke McNamara for a conversation on election security. They discuss how organizations involved in the process of elections should think of cyber security in the lead up to these events, preparedness steps they have seen states take, and the evolution of the federal approach in the United States. Jon and Stacy also discuss some of the federal resources states and local entities can leverage for preparation going into the 2022 midterm elections and the 2024 general election in the U.S.
2022-07-2836 min
The Defender's Advantage PodcastSkills Gap: Looking Beyond the Unicorn CandidateAll too often, hiring managers find themselves seeking candidates who fit 100% of the description for the role they are trying to fill. Because of this, they overlook a swath of applicants who are good for the job. In this week’s Skills Gap episode of The Defender’s Advantage Podcast, host Chris Campbell speaks with Mandiant consulting team members Dan Nutting, Kal Guntuku, and Chris Linklater about this habit and its contribution to the cyber security skills gap. The group also discusses the skills that companies could weigh outsourcing versus what skills they should consider keeping in-house. Don’t...
2022-07-2128 minThe Defender's Advantage PodcastBonus: Securing OT/ICS Systems with Nozomi NetworksThis special episode of The Defender’s Advantage Podcast features Mandiant CTO Marshall Heilman speaking with Edgard Capdevielle, CEO of Nozomi Networks. The conversation, recorded in-person at RSA Conference 2022, delves into the partnership between Mandiant and Nozomi, and how the organizations can take on escalating cyber risks to secure cyber-physical infrastructure. Marshall and Edgard discuss the trends they are seeing in the industrial and critical infrastructure space and the role of zero trust in how we secure modern day OT and ICS systems. You can learn more about Nozomi Networks at their website: https://www.nozominetworks.com/
2022-07-0724 min
The Defender's Advantage PodcastSkills Gap: Bridging the Skills GapThis week’s episode of The Defender’s Advantage Podcast kicks off our new monthly series, Skills Gap, which focuses on thoughts, ideas, and initiatives for narrowing the skills gap in cyber security. Our host Chris Campbell was joined for this conversation by Mandiant’s John Doyle, Principal Consultant, and Matt Shelton, Director of Technology Risk and Threat Intelligence, to discuss talent and bridging the skills gap. The guests share their tips and resources for those interested in getting into the cyber security space and discuss what they look for when interviewing potential members of their teams. Follow...
2022-06-2324 min
The Defender's Advantage PodcastFrontline Stories: Introducing Mandiant Digital Risk ProtectionIn this Frontline Stories episode of the Defender’s Advantage Podcast, host Kerry Matre is joined by Joshua Bass, Director of Product Management, and Sarah Korth, Director of Commercial Intel Services, to discuss Mandiant’s Digital Risk Protection (DRP) solution. The group discusses digital risk protection, what it can reveal about cyber threat profiles, and how attackers find weaknesses. They also discuss advancements made in digital threat management, a service included in our DRP solution, such as natural language processing. To learn more, read our blog, “Protecting Supply Chains and Third Party Vendor Connections" Don’t forget t...
2022-06-0634 min
The Defender's Advantage PodcastFrontline Stories: OT/ICS SecurityIn the inaugural episode of the Frontline Stories series, part of The Defender’s Advantage Podcast, host Kerry Matre is joined by Rob Caldwell, Director of OT/ICS Services at Mandiant. During the conversation, they discuss OT/ICS security and the impact an OT attack can have on an organization. They also dive specifically into the INCONTROLLER and INDUSTROYER2 attacks and how they targeted OT environments. For more information on OT/ICS Security, visit https://mndt.info/3PF5JJD You can follow Rob Caldwell at @robac3. Don’t forget to rate, review, and subscri...
2022-05-2628 min
The Defender's Advantage PodcastThreat Trends: Information Operations Surrounding the Russian Invasion of UkraineIn this week’s Threat Trends episode of The Defender’s Advantage Podcast, host Luke McNamara is joined by Sam Riddell and Alden Wahlstrom, analysts on Mandiant’s IO team, to discuss what they are seeing in the cyber threat landscape around Russia’s invasion of Ukraine. They talk about what their team has observed in the lead up to the invasion and the activity they have seen in the IO space since. Sam and Alden dive in on the threat actors in the space, the tactics being employed, and where they see the activity moving as the conflict continue...
2022-05-1845 min
The Defender's Advantage PodcastThreat Trends: UNC3524 - Eye Spy on Your EmailIn this week’s episode of The Defender’s Advantage Podcast, host Luke McNamara is joined by Doug Bienstock and Josh Madeley, members of the Mandiant consulting team to discuss a new threat actor, UNC3524. Doug and Josh share their observations of the group’s activities and tactics, like the use of IoT devices. Read more about UNC3524 in the team’s latest blog post, “UNC3524: Eye Spy on Your Email”: https://mndt.info/3KCGtQm Follow Doug Bienstock at @doughsec and Josh Madeley at @MadeleyJosh. Don’t forget to rate, review, and subscribe where you listen
2022-05-0232 min
The Defender's Advantage PodcastThreat Trends: Breaking Down the 2022 M-Trends ReportIt’s that time of year again: Mandiant has just published its M-Trends 2022 report. With almost 100 pages to unpack in this year’s report, host Luke McNamara is joined by Regina Elwell, Senior Principal Threat Analyst and Kirstie Failey, Senior Threat Analyst, who both contributed to the development of this year’s report. Among the aspects highlighted during the conversation are notable threat actors, including FIN12 and FIN13, the financially motivated threat groups that Mandiant graduated in 2021. The group also discussed the threat trends and techniques that have been observed during the report period. You can foll...
2022-04-1542 min
The Defender's Advantage PodcastThreat Trends: The Evolving Threat Landscape in EuropeThis week, host Luke McNamara is joined by Jens Monrad, Director, EMEA, Mandiant Threat Intelligence. The two discuss the evolving threat landscape in Europe following the COVID-19 pandemic and touch on the cyber aspect of Russia’s invasion of Ukraine. You can follow Jens on Twitter at @jenschm. Learn about Mandiant's Ukraine Crisis Resource Center: https://mndt.info/3roZ4JvRead the Mandiant blog, "Responses to Russia's invasion of Ukraine Likely to Spur Retaliation": https://mndt.info/3IM8Co5Don’t forget to rate, review, and subscribe on the platform where you l...
2022-04-0136 minThe Defender's Advantage PodcastWelcome to the Defender's Advantage PodcastLooking for Eye on Security? We are still here, but with a few important changes. This week we're launching Mandiant's new Defender's Advantage Podcast featuring the same great content you've come to expect from us and even more.Host Luke McNamara anchors our Threat Trends series, chatting with Mandiant intel analysts, consultants, and researchers, as well as external practitioners and leaders in cyber security, all through a threat-focused lens.And Mandiant's Kerry Matre joins to host monthly conversations with Mandiant customers and industry experts who will share their experiences and stories from the f...
2022-03-3001 minThe Defender's Advantage PodcastLeft on Read: Telegram Malware Spotted in Latest Iranian Cyber Espionage ActivityIn this episode, Ryan Tomcik, Emiel Haeghebaert, and Tufail Ahmed joins host Luke McNamara to discuss their blog post detailing their investigation on the activity of UNC3313. The group details the collaboration between their respective teams at Mandiant to detect and respond to an intrusion by the threat actor.Read their blog post, “Left on Read: Telegram Malware Spotted in Latest Iranian Cyber Espionage Activity,” at https://www.mandiant.com/resources/telegram-malware-iranian-espionage
2022-02-2433 minThe Defender's Advantage PodcastCyber Threats to the OlympicsIn this episode, Mandiant Principal Analyst Cristiana Brafman Kittner joins host Luke McNamara to discuss the potential cyber threats to the 2022 Winter Olympic Games. The conversation delves into cyber incidents attached to previous games as well as what we could see this year at the games being held in Beijing.
2022-02-1026 minThe Defender's Advantage PodcastThe Role of Contractors in Cyber OperationsHost Luke McNamara is joined by Michelle Cantos, John Doyle, and James Sadowski to discuss the role of contractors in cyber network exploitation (CNE) and other cyber operations. For further reading on this topic for Mandiant Advantage and MA Free users, please see “She Doesn’t Even Go Here: The Role of Contractors in the Cyber Landscape” at https://advantage.mandiant.com/reports/21-00013849. Register today for Mandiant Threat Intelligence Free.
2022-01-2759 minThe Defender's Advantage PodcastA Year in Review with Kevin MandiaFor our last episode of the year, Mandiant CEO Kevin Mandia joins host Luke McNamara for a year in review of 2021. The discussion includes a look back at the SolarWinds incident one year later as well as look forward to 2022 with the three things that are top of his mind going into the New Year. Additionally, Kevin touches on the future of Mandiant and the Mandiant Advantage platform.
2021-12-1533 minThe Defender's Advantage PodcastLeveraging Military Experience in an InfoSec CareerJake Knowlton, Andy Schmidt, and Paul Shaver join host Luke McNamara to discuss making the transition from the military to working in cyber security. Jake, Andy, and Paul share their perspectives and how they became involved in this field, some of the challenges veterans might face, and how veterans can position their prior experience for roles in infosec. For more on Mandiant’s partnership with VetSec, please see this blog post: https://www.mandiant.com/resources/mandiant-collaborating-with-vetsec-to-train-us-service-members-veterans
2021-11-1133 minThe Defender's Advantage PodcastAnalyzing Vulnerability and Exploitation Activity in 2021Jared Semrau and James Sadowski join host Luke McNamara to discuss some of their teams’ research this year into the rise of observed 0-days and other exploitation trends. They cover how the vulnerability landscape has evolved over the years, what has made 2021 stand out so far, and how the nature of threat activity—particularly the growth of ransomware—has shifted the makeup of actors in this space. For Mandiant Advantage users, please see related reporting mentioned in this episode: Patch Me If You Can: Analyzing Trends in Time to Exploit (Q1 2020 Through Q1 2021)Shut the...
2021-11-0249 minThe Defender's Advantage PodcastThe FIN12 EpisodeFor the launch of Mandiant’s most newly graduated threat group, FIN12, Kimberly Goody (Director, Financial Crime Analysis) and Josh Shilko (Principal Technical Analyst, Financial Crime Analysis) join Eye on Security to discuss this actor. They cover this group’s TTPs and targets, where they fit into the ransomware ecosystem, and what makes this particular threat actor unique in the landscape.
2021-10-0741 minThe Defender's Advantage PodcastDisentangling the DPRKHost Luke McNamara is joined by Eli Fox and Michael Barnhart, both Senior Analysts at Mandiant, to discuss some of their work tracking various North Korean threat clusters. Michael and Eli share their perspectives on the continuously changing landscape of DPRK threat actors, some of the challenges in tracking them, and how information from defectors augments the technical data in their analysis. They share several stories of recent campaigns and delve into where some of these threats may be headed next.
2021-09-2356 minThe Defender's Advantage PodcastThe Evolving Ransomware LandscapeThis episode of Eye on Security delves into a security topic that continues to be front and center for many organizations: ransomware. Dave Wong, Vice President for Mandiant Consulting, joined host Luke McNamara to discuss some of the recent changes with threat activity in this space. Dave covered where the trends in ransomware operations have taken us over the last year and a half, with increasing ransom price demands and the frequent extortion over stolen data from the victim. Dave and Luke also chatted affiliate models common and the fluid nature of many ransomware families, as new malware emerges a...
2021-09-0731 minThe Defender's Advantage PodcastAssessing Iranian Threat Actors’ Usage of RansomwareWhile much of the discussion around modern ransomware campaigns has centered on threat actors from Eastern Europe and Russia, this episode highlights some of the lesser-known activity in a different region and explores how nations may experiment with asymmetric cyber capabilities in the future. In this episode of the Eye on Security podcast, host Luke McNamara sits down with Sanaz Yashar (Manager, Mandiant Intelligence) and Matan Mimran (Principal Analyst, Mandiant Intelligence) to discuss some of their research into Iranian threat actors leveraging ransomware and other cyber-crime tactics. Sanaz and Matan walk through campaigns they have witnessed from several UNCs...
2021-07-301h 07The Defender's Advantage PodcastFostering CTI Development with Mandiant Intelligence ServicesHost Luke McNamara is joined by Jeff Compton, Senior Manager for Mandiant’s Intelligence Capability Development team to discuss the focus of his team in helping customers build threat intelligence programs and how the needs of customers in this space continue to evolve, and how the regulatory landscape is driving change in particular regions and industries. One of the things that Jeff in particular highlighted is the importance of having a threat intel function that supports more than just the SOC, but broader stakeholders across the organization as well. Translating cyber threats into risk particular to the customer is a...
2021-07-1336 minThe Defender's Advantage PodcastFilling the CTI Skills Gap with Mandiant On-Demand Cyber Intelligence TrainingIn response to an increasing demand to fill the CTI skills gap, Mandiant has made a commitment to arm organizations around the world with skilled security teams to succeed on the fast-evolving threat landscape. Host Luke McNamara is joined by Shanyn Ronis, Manager, Intelligence Training Program to discuss the official launch of Mandiant On-Demand Cyber Intelligence Training. Backed by 15+ years of frontline expertise and accessible 24/7, this on-demand training provides a cost-effective approach that empowers cyber security teams to effectively use intelligence across different job roles, at different skill levels.
2021-06-1545 minThe Defender's Advantage PodcastLow Sophistication Threat Actors Continue to Target OTOn this episode we have Daniel Kappelman Zafra, a manager on Mandiant’s Cyber Physical Threat Intelligence team, to discuss a recent blog he and has team have released on the trend of lower sophistication threat actors targeting operational technology (OT). We discuss a precursor blog they put out last year, specific to this trend and the usage of ransomware by financially motivated actors to OT, and we talk about what Daniel is seeing change in this space. Our conversation touches on the various motivations that appear to be shaping this activity, and what it means for the potential pr...
2021-06-1043 minThe Defender's Advantage PodcastHow Mandiant is Helping Governments Build Cyber CapacityHost Luke McNamara is joined by Paul Tumelty, Government Security Manager, to discuss how Mandiant is partnering with governments in EMEA to help foster cyber capacity building in nations across the region. Paul walks through how governments are thinking about this, from the crafting of high-level strategies to working through the tasking of the appropriate entities for cyber defense, and establishing relationships with the private sector and beyond. Paul also highlights some of the challenges—and even advantages—that various nations may have depending on where they are in their journey of establishing a government framework to bette...
2021-05-1940 minThe Defender's Advantage PodcastPandemic Impacts to the Cyber Threat LandscapeIn the latest episode of Eye on Security, we invited Jens Monrad, Head of Mandiant Threat Intelligence, EMEA to join Luke for a conversation on how the threat landscape has changed in the past year and how it continues to be impacted by the ongoing pandemic. We reviewed the cyber events of the past year: pandemic-themed phishing, multiple APT campaigns against vaccine research and development, and ransomware targeting healthcare systems. Jens revealed that the biggest change still impacting the cyber threat landscape is the sheer volume of people working from home. He also highlighted the potential increase in...
2021-05-0423 minThe Defender's Advantage PodcastAutomated Defense Brings New Features to Mandiant AdvantageMandiant Advantage, our SaaS platform, was always intended to house more than just our threat intelligence—and now it does. With the addition of Mandiant Automated Defense and Mandiant Security Validation, we are continuing to roll out new features in a platform that is easily accessible, as well as easy to deploy and scale. Mike Armistead, SVP of Mandiant Advantage Products, joined host Luke McNamara to discuss what security teams will be able to do with these new features. Mike joined FireEye during the Respond Software acquisition, in which Respond’s solution became what is now known as Man...
2021-04-2828 minThe Defender's Advantage PodcastThe Making of an M-Trends ReportHave you ever wondered what it takes to develop our annual M-Trends report? The short answer is: a whole lot! Our host Luke McNamara asked Regina Elwell, Senior Principal Threat Analyst on the Advanced Practices Team, and Steve Stone, Senior Director for Advanced Practices, to take us behind the scenes so we can see exactly what goes into building an edition of M-Trends. Steve started by discussing the sheer amount of data collection that is required, and how the team has to pore over this data—which comes directly from our incident response investigations—to determine what is a...
2021-04-2246 minThe Defender's Advantage PodcastThe "Big Four": Spotlight on RussiaWe are wrapping up our “Big Four” series with a country that has beenone to watch for quite some time: Russia. And who better to join mefor this episode than our Vice President for Mandiant ThreatIntelligence, John Hultquist.We started off this episode discussing how Russian cyber threatactivity evolved to what we know today, from the days of MoonlightMaze and Agent.BTZ. We then shifted the conversation to some of themost notable Russian threat groups and the difficulties of assigningattribution at the organizational spon...
2021-04-1250 minThe Defender's Advantage PodcastThe "Big Four": Spotlight on ChinaThe third installment of our “Big Four” series on China is filled withso much great information that it’s our longest episode yet. LloydBrown, Principal Analyst for our Custom Intel Team, and ScottHenderson, Principal Analyst for our Cyber Espionage Team, joined ourhost, Luke McNamara to peel back the layers of China’s cybercapabilities.Similar to past episodes in this series, we started at the beginningof China’s cyber operations—dating back to 2003. Scott and Lloyd tookus through a detailed look at all the stages o...
2021-03-241h 12The Defender's Advantage PodcastTackling Digital Safety for WomenDid you know that women are disproportionately affected by cybercrime,cyber stalking, cyber bullying, cyber harassment, and image-basedsexual abuse? We asked Cris Kittner, Principal Analyst at MandiantThreat Intelligence, and Lillian Teng, Director of ThreatInvestigations from Verizon Media to join us for a discussion aroundtheir recent talk on digital safety for women and practical strategieswomen of all ages can take to increase their online safety.Cris and Lillian provided their reasons and motivations for puttingtogether the talk, which they first presented at the Grace Hopper
2021-03-0837 minThe Defender's Advantage PodcastThe "Big Four": Spotlight on IranWe’re back with the second episode of our “Big Four” series focused onNorth Korea, Iran, China, and Russia. We honed in on Iran for thisone, and to help explore their cyber capabilities, we invited SarahHawley, Principal Analyst for Mandiant Threat Intelligence, and LeeFoster, Senior Manager of Information Operations Analysis.Sarah kicked off the episode by providing an overview of Iran’s pastoffensive cyber activity and how these capabilities have developedover the years. Lee shared how they have also grown their usage andwillingness to use i...
2021-02-2232 minThe Defender's Advantage PodcastBreaking Down Malicious Insider Threats“Legitimate access rules the threat landscape”, says Jon Ford,Managing Director at Mandiant. In addition to loss of intellectualproperty, malicious insiders are increasingly impacting organizationalreputation, customer trust and investor confidence. There’s a lot moreto insider cyber security threats than disgruntled employees, which isthe first thing that comes to mind for most when they think of thisthreat. Jon Ford, Managing Director of Mandiant, and Johnny Collins,Director of Mandiant, joined us to break down what insider threats areand the trends Mandiant is seeing in recent invest...
2021-02-1634 minThe Defender's Advantage PodcastThe Cyber Landscape in Latin AmericaWhile many cyber threats and security issues are universal andexperienced by organizations in any part of the world, some are morecommon to a particular region than others. Host Luke McNamara invitedRyan Goss, Vice President for Latin America & the Caribbean, and JuanCarlos Garcias Caparros, Director of Mandiant Consulting for LatinAmerica and the Caribbean, to talk specifically about cyber securityin Latin America.Juan Carlos shares what threats we’ve seen our customers face in LatinAmerica. He also discusses the security culture in Latin America,co...
2021-01-2132 minThe Defender's Advantage PodcastThe "Big Four": Spotlight on North KoreaWe’re kicking off Eye on Security in 2021 with a nation-state-themedminiseries that focuses on the big four, which we recognize as NorthKorea, Iran, China and Russia. In this episode, host Luke McNamarainvited Fred Plan, Senior Analyst for Mandiant Threat Intelligence,onto the podcast to talk about North Korea.Fred started our discussion by providing some background on thecountry, how it operates geopolitically, and why they’ve shifted theirfocus to a cyber capability. We also review their early cyberoperations that primarily targeted South Korea and thei...
2021-01-1142 minThe Defender's Advantage PodcastA Look Back and a Look ForwardWith 2020 coming to an end, we’ve released our 2021 cyber securitypredictions report, videos with our senior leaders and more. Our host,Luke McNamara asked General Earl Matthews, VP, Strategy for MandiantSecurity Validation to join him on 'Eye on Security' to discuss whatwe can expect in the cyber space heading into a new year based on thethreat activity we’ve seen recently.Ransomware isn’t going away any time soon, so Luke asked GeneralMatthews how he’s seen executives react to this new type of threat andif t...
2020-11-1635 minThe Defender's Advantage PodcastThe Inception of Mandiant AdvantageOur customers expressed a desire for faster access to our intelligenceto focus on threat activity that matters to them, so we launchedMandiant Advantage. Mandiant Advantage is a new SaaS platform thatallows our customers to engage across all areas of our expertise,starting with threat intelligence.For this episode of ‘Eye on Security’, our host, Luke McNamara isjoined by Jon Heit, Senior Manager of Intel Product Management, andJeff Guilfoyle, Principal Product Manager. We start by looking back atwhere the idea for Mandiant Advantage came from and...
2020-10-1422 minThe Defender's Advantage PodcastBack to School: Training the Cyber Workforce in 2020The cyber skills shortage is a real problem. There just aren’t enoughqualified people to adequately meet the cyber security needs of allorganizations, and the problem is only expected to get worse. One ofthe ways we address this challenge at FireEye is through internal andexternal training courses. We invited two people involved in thoseefforts to join our host, Luke McNamara for this episode of Eye onSecurity: Dawn Hagen, Senior Director of Learning and Development, andDr. Brett Miller, Managing Director at Mandiant.They spoke ab...
2020-09-3028 minThe Defender's Advantage PodcastRansomware and Observations from Recent IR InvestigationsRansomware continues to be one of the most significant cyber securityissues affecting organizations today. The attack is very effective andcan be carried out relatively cheaply, making for larger net profits.With no end in sight to this nasty threat, Luke McNamara, our host andPrincipal Analyst for FireEye, spoke with someone who has a front-rowseat into how organizations think about ransomware and other similarthreats. For that we turned to Charles Carmakal, our SVP & CTO forMandiant, and one of our leading incident response experts.On this...
2020-09-1632 minThe Defender's Advantage PodcastMaking Sense of Cyber Threats at Scale with Strategic IntelThe Strategic Analysis team at Mandiant Threat Intelligence examineshundreds of discrete data points from numerous sources, distillingtrends from that raw information to identify the most important,common, and damaging cyber threats clients should prioritize in theirdefensive strategies. That’s what we’re talking about on this week’sepisode of Eye on Security with our guest Kelli Vanderlee, Manager ofStrategic Analysis at FireEye.Kelli shares the types of topics the team covers, including industryand geographic-based reporting, trend analysis looking at theevolution of actor types...
2020-08-2131 minThe Defender's Advantage PodcastBehind the Scenes with Mandiant Security ValidationYou’ve heard of security validation and know that it’s necessary totest your security effectiveness, but do you know how our teamdevelops the right attacks to test your controls against threatactivity we see in real life?On this episode of our Eye on Security podcast, Henry Peltokangas,Director of Product Management, and Nart Villeneuve, Director ofResearch & Collections, give us an inside look at what goes on behindthe scenes at Mandiant Security Validation.We begin our chat by discussing some of the key benefits of s...
2020-07-3121 minThe Defender's Advantage PodcastUnique Threats to OT and Cyber Physical SystemsIn the latest episode of Eye on Security, our host Luke McNamara talksall about the world of operational technology (OT) and cyber physicalsystems with one of our foremost experts on the topic: NathanBrubaker, Senior Manager of Analysis for Mandiant Threat Intelligence.Nathan kicked off the chat by explaining what exactly we mean when weuse the term ‘cyber physical.’ They then turned their attention torelated threats. As it turns out, there are far less attempts byattackers to target these systems than one might believe. Nathan went...
2020-07-1533 minThe Defender's Advantage PodcastEye on APAC: Cyber Security & Threats in Asia PacificWe commonly see the same threat actors, techniques and malware poppingup in all corners of the globe, but that doesn’t mean each regionisn’t affected differently. In this episode, our host Luke McNamara,Principal Analyst for Mandiant Threat Intelligence is joined by YihaoLim, Principal Analyst for Mandiant Threat Intelligence, to discusscyber security and threats related specifically to the Asia Pacific(APAC) region.
2020-06-1621 minThe Defender's Advantage PodcastStay Secure While Using Collaboration PlatformsCOVID-19 has brought on a rapid shift to remote work. Manyorganizations were unprepared, so they quickly turned to collaborationplatforms that could help employees get back to work. But with moreapplications comes a bigger attack surface.On today’s Eye on Security podcast, Luke McNamara, Principal Analystfor Mandiant Threat Intelligence talks with Marcus Troiano, ManagingConsultant for Mandiant, about collaboration platform security.We begin the episode by discussing overall best practices forcollaboration tools, including those used for chatting, video andaudio conferencing, and file sh...
2020-05-1310 minThe Defender's Advantage PodcastGetting Ready for a New Era of COVID-19 Related PhishingCOVID-19 has rapidly taken over the headlines across the globe. Aswith many other major events, threat actors are quick to adaptrelevant topics as part of their phishing campaigns to increase thelikelihood of success. The same rings true for COVID-19, especiallydue to its global impact.On this latest Eye on Security podcast, John Atrache, PrincipalConsultant for Mandiant, joins me to discuss all things email in thetime of COVID-19. We cover a variety of topics, including how threatactors are continuously updating their phishing campaigns as...
2020-05-0515 minThe Defender's Advantage PodcastA Deeper Discussion About M-Trends 2020, Part TwoWe are back with the second part of our M-Trends podcast where LukeMcNamara, Principal Analyst continues discussing highlights andinsights from this year’s report with Jurgen Kutscher, EVP of MandiantSolutions.We pick back up with the nature of multiple attackers in anenvironment—notably, whether or not they are aware of other attackersin the environment and if they are collaborating. Jurgen thendiscusses the rise of insider threats and how organizations canimprove the monitoring and detection of insider threats.Ransomware use continues to rise...
2020-04-2121 minThe Defender's Advantage PodcastA Deeper Discussion About M-Trends, Part OneFireEye released M-Trends 2020 earlier this year to provide visibilityinto frontline investigations of the most interesting and impactfulcyber attacks of the year. In this first episode of our two-partM-Trends 2020 podcast, Luke McNamara discusses the report with JurgenKutscher, EVP of Mandiant Solutions.We begin the episode by highlighting the key themes from M-Trends2020, such as dwell time and the continued exploitation of legitimatecredentials. Jurgen discusses the decrease in dwell time and whetherit’s due to organizations getting better at detections or the changingnature of at...
2020-04-1817 minThe Defender's Advantage PodcastValidating Detection & Response with Purple Team AssessmentsIn October 2019, FireEye launched its Purple Team and ContinuousPurple Team Assessments to enable organizations to quantifiablyevaluate security controls and programs against Verodin simulatedattack scenarios. With Purple Team Assessments, Mandiant experts guidean organization’s security team through highly-realistic attackscenarios.Luke McNamara spoke with one of our global red team leads who is onthe front lines managing this new offering, Evan Pena. During theirdiscussion, Evan explains what exactly a purple team is vs. atraditional red and blue team, what are the outputs/deliverables th...
2019-10-2215 minThe Defender's Advantage PodcastM-Trends 2018: Tales from the TrenchesIt’s hard to believe, but April 2018 marked the release of our 9thedition of M-Trends. To learn more about the latest report, FireEyeCTO, Grady Summers sat down and spoke with one of the keycontributors: Jurgen Kutscher, senior vice president responsible forall Mandiant Consulting and Managed Defense offerings at FireEye.During their conversation, Jurgen and Grady discussed a wide varietyof topics touched on in the M-Trends report, including the significantincrease in attacks originating from threat actors sponsored by Iran,a typically dwindling global median dwell ti...
2018-05-0914 minThe Defender's Advantage PodcastCritical Infrastructure and ICS Cybersecurity IssuesIn this podcast, Dan Scali, senior manager for Mandiant consulting andGrady Summers, FireEye Chief Technology Officer, discuss key issues incritical infrastructure and industrial control systems. Bank datacenters, nuclear power plants, and water plants make up this nichearea of information security thatâs quickly gained increasedimportance with recent high profile breaches. Dan covers some of thevulnerabilities these organizations have, including lack of networksegmentation and patching, and how this allows everything fromcrimeware to nation state attacks to threaten the integrity ofcritical systems. Organizations o...
2016-10-1215 minThe Defender's Advantage PodcastGoing Beyond Detect, Respond, ContainOver the years we have seen our message of detect, respond, andcontain resonate through-out the cyber security industry. I wanted toexplore this mantra further by speaking with our Vice President,Mandiant Global Consulting â US Central & Latin America andExecutive Director, Strategic Services, Russell Teague.On this podcast we discuss how strategic services help by makingcompanies proactive in their security efforts, what the right level ofsecurity is for each organization, and the role board of directorsplay.
2016-08-0910 minThe Defender's Advantage PodcastHow 'Not Fitting In’ Changed The Future For Kevin MandiaFireEye CEO Kevin Mandia took the helm of the company in mid-June witha tall order: to understand the current challenges and arrange all ofthe components to make FireEye the best security company in theindustry.In this Eye on Security podcast, FireEye Chief Technology OfficerGrady Summers talks with Kevin about why he’s so well positioned tolead the company, including why he started Mandiant, why he scrappedhis business plan after just 30 minutes, and how his experiences withMandiant will help him move FireEye forward.
2016-08-0813 minThe Defender's Advantage PodcastApproaching Security Operational Readiness with Red Team OpsEarlier this year FireEye’s Mandiant business unit launched Red TeamOperations, which consists of two unique services designed to assessthe strength an organizations’ security program: Red Team Assessmentsand Red Teaming for Security Operations.During Black Hat USA 2016 I met up with Marshall Heilman, VicePresident, Mandiant Consulting – West and Executive Director, IR andRed Team Operations to discuss how his team determines their approachfor each engagement and what differentiates Mandiant’s Red Team fromothers.
2016-08-0310 minThe Defender's Advantage PodcastEye on Security: M-Trends 2016Learn more about the latest trends in cyber and what you can do toprotect your enterprise from Jurgen Kutscher, vice president ofsecurity consulting services at Mandiant, a FireEye company.
2016-03-0813 min