Podcasts, Security

Podcast #49 – Byron Acohido, USAToday reporter and Pulitzer prize winner

11 Nov , 2007  

MicrophoneIt’s that time again… time for another podcast episode.

Joining us for a very special interview is Byron Acohido, USAToday tech reporter and Pulitzer prize winner for Beat Reporting. Byron, together with fellow USAToday journalist Jon Swartz, are working on a new investigative book, Zero Day Threat. (Check out their bio’s here.) The book, due out spring of 2008, exposes the participants and enablers in the growing industry of identity theft. This is a fun interview and I know you’ll enjoy hearing about Bryon’s and Jon’s new book.

ByronacohidoAlan and I also jump into the fray and talk about the war chest big security companies claim they will use to continue buying up companies in the security industry. We also talk about all the new things happening with me, creating my new company Converging Network, LLC, and helping companies with product, technology and business strategies.

Enjoy the podcast and feel free to drop us any suggestions or questions at podcast@stillsecure.com.

Icon_enclosure_music_7mp3 file

Podcasts, Security

Podcast #48 – Dean Drako of Barracuda Networks

11 Oct , 2007  

MicrophoneWelcome to podcast #48. We’re quickly approaching podcast nifty-fifty so I’d like to start by thanking all of you for listening. This week Dean Drako, CEO of Barracuda Networks, joins us for the interview. Dean saw the opportunity to bring open source and low cost hardware to solve the growing problem of spam back in 2003. A bootstrapped company, Dean and the team haven’t stopped to look back since. I talked about the interview with Dean in my Challenge your assumptions post. Dean also makes some comparisons of their approach to Apple’s. Some interesting and maybe even controversial ideas.

In The Converging Minute I discuss virtualization and how much you CFO should love this technology and its business benefits. During our This Week In Security segment, Alan and I talk about the 3Com acquision, Microsoft’s sneak attack patch, and Joel Snyder’s NAC whitepaper.

Enjoy the show and please send your comments, ideas and suggestions to podcast@stillsecure.com.

Icon_enclosure_music_7mp3 file

Podcasts, Security

Podcast #47 – Jeremiah Grossman and Rober Hansen/rsnake

25 Sep , 2007  

MicrophoneIt’s time to talk about application security again and we have two of the best to tackle the topic. Jeremiah Grossman, of Whitehat Security, and his good friend Robert Hansen (a.k.a "rsnake"), of SecTheory, join us for another romp through this hot industry topic. This is as top-shelf as it gets when it comes to application security so button down your networks and come along for the ride.

We hit a number of relevant topics, from why just using your browser is a big security risk (including the latest XSS vuln. btw), how the "safety in numbers" philosophy is not longer a valid strategy, and the lessons application security can learn from the security industry’s past experiences. We don’t leave too many stones uncovered so if you are interested in security research or application vulnerabilities, this is the podcast to listen to.

Enjoy the podcast. Please send us any questions, ideas or suggestions at podcast@stillsecure.com.

Icon_enclosure_music_7mp3 file


Podcast #46 – Journalists on NAC

19 Sep , 2007  

Microphone It’s another NAC-spec-NAC-tac-ular podcast! This time with some of the best in the industry from the other side of the fence, security industry journalists. This week none other than Mike Fratto of Information Week and leader of the NAC Immersion Center, Joel Snyder of Opus One and Network World, and Matt Hines of InfoWorld (formerly with eWeek) join Alan and me for a rousing panel discussion on network access control.

I have to be up front and tell you that I wasn’t expecting such a frank and spirited response from our panel members. Not only was there insightful commentary and opinions about the NAC industry, vendors, analysts and what customers want, but they didn’t hold much back. If punches were pulled, it wasn’t obvious during our discussions.

Overall, I’m extremely impressed with the depth of knowledge our guests have about NAC, not that they shouldn’t since they cover NAC from an enterprise perspective and Joel and Mike have a long history of doing in-depth product testing. Assuming these guys are patsies for covering vendor press releases would be far from the truth and all three of them prove they’ve got the chops to go toe-to-toe with anyone on NAC and a variety of other subjects. If you can’t tell by now, I was impressed. Whether you agree or disagree with the views of our journalist panel members, you certainly have to respect what they have to offer to the dialog.

Needless to say, I think you will really enjoy this NAC panel discussion, so enjoy the podcast. If you have any questions, please send us an email at podcast@stillsecure.com.

Icon_enclosure_music_7mp3 file


Podcast 45 – A. Antonopoulos of Nemertes Research

4 Sep , 2007  

MicrophoneWelcome to another edition of the podcast. It’s been a busy summer but Alan and I have managed to keep the guests interesting and informative. This week’s no different – We have Andreas M. Antonopoulos,  SVP and founding partner of Nemertes Research as our guest on the podcast. Andreas is someone we’ve both kept in touch with over the past several years and always wanted to get on the podcast, and now we finally have. Andreas has always seemed to "get" what StillSecure is all about and frankly was very enthused about Cobia when I first briefed him about it well over a year ago now.

Andreas and Nemertes both have some interesting views on the security industry and customers. During our interview, he challenges us and all security vendors with the premise that we are now more than a generation behind the "bad guys" in how we solve security problems vs. the way black hats work to exploit security for their gain. I think you’ll find Andreas’ interview very interesting and also thought provoking.

Enjoy the podcast. If you have any questions, please send us an email at podcast@stillsecure.com.

Icon_enclosure_music_7mp3 file

Podcasts, Security

Podcast #44 – Panel on Pre and Post Connect NAC

14 Aug , 2007  

MicrophoneIt’s a NAC-fest shoot out once again but of a different kind. This week we go off the reservation a bit by inviting two NAC competitors on our podcast; Michelle McLean from ConSentry Networks and Dominic Wilde from Nevis Networks. Alan and I bring the StillSecure perspective to the panel, and to keep things really interesting, well known analyst and pragmatic CSO specialist Mike Rothman of Security Incite joins in so we don’t forget the real reason NAC is here – to solve the customer’s problem.

It’s a rousing discussion with each of us giving our best arguments why one versus another approach is what customers are looking for. Some might say we are CRAZY for bringing competitors onto the podcast, but hey, the discussion’s happening in the marketplace so why not have that discussion here on our podcast. We talk about pre versus post connect NAC, pre plus post connect NAC, what role depth of testing plays in each, are post connect NAC watered down iPSs or do they solve a different problem, and the hype cycle that NAC is transitioning through.

The panel discussion is a little lengthy but like a good Jason Bourne move the action doesn’t stop for anything. I hope you enjoy this podcast. We’ve done a lot of podcasts around NAC so we’ll probably branch out into other areas next week.

Thanks for listening and please send your comments and questions to Alan and me at podcast@stillsecure.com.


Icon_enclosure_music_7mp3 file

Podcasts, Security

Podcast #43 – 2007 NAC Survey w/Current Analysis and Network Computing

30 Jul , 2007  

MicrophoneTime again for the next in our series of podcasts, and of course we’re covering more  network access control (NAC). This week we are joined by Andrew Braunberg, research director for enterprise security at Current Analysis, and Andy Dornan, author, journalist and senior technology editor for Network Computing.

Current Analysis and Network Computing teamed up again this year to do an extensive NAC survey of IT organizations. During our interview we focus on some of the meaty and most important insights from the data. In many ways, things have changed since the survey last year. Alan and I had a chance to review the survey data at Interop so we were able to dial into some of the most interesting insights.

I think you’ll enjoy what is discussed here and the full survey is available from Current Analysis. It’s great to have both of these gentlemen on the show. And in case you missed last week’s podcast #42, Microsoft and Trusted Computing Group were on the show to talk about Microsoft’s support for the Trusted Network Connect efforts. Be sure and check out podcast #42 if you haven’t already.

I’m heading off to Black Hat this week in Vegas so we give a little pre-view of some of the goings on coming up in Vegas. If you are going to be there, definitely stop by the booth so we can say hello and meet in person.

Please send any questions or comments to podcast@stillsecure.com. Thanks for listening and we’ll see you soon.


Icon_enclosure_music_7mp3 file

Podcasts, Security

Podcast #42 – NAC/NAP”spec-TAC-ular”with Micorsoft and TCG!

18 Jul , 2007  

MicrophoneWell, we pulled it off; Microsoft and TCG on a podcast talking all about TNC and Microsoft NAP interoperability. We went straight to the guys in the know about Microsoft’s TNC support announcement from back at Interop LV. It’s an all-star lineup as Amith Krishnan, senior product manager for NAP at Microsoft, and Steve Hanna, co-chair of the TCG’s Trusted Network Connect workgroup and distinguished engineer at Juniper, join us for the podcast. Wow, we have a great time discussing NAC, NAP, TNC, Server 2008, Windows, Linux and all the ins and outs of this announcement. The entire podcast is dedicated to the interview with Steve and Amith so I know you’ll really enjoy this show.

And where’s Cisco you might ask? (Sounds like "Where’s Waldo" to me.) We tried, boy did we try but to no avail. Mysteriously no matter how many weeks we gave them, it just wasn’t enough notice to have a Cisco representative show up on our ‘lil ol’ podcast with "Al and Mitch". Hmmm. Seriously, we would really have liked for someone from Cisco to join since they’ve been very silent since the Microsoft NAP and TNC announcement. Maybe that’ll happen in a later podcast. Cisco – you have a standing invitation to join us anytime.

Thanks for listening and enjoy the podcast. Please send any questions or comments to podcast@stillsecure.com.

Icon_enclosure_music_7mp3 file


Cobia podcast #4 – Interview with Cobia User

18 Jun , 2007  

Martin has put up the next Cobia podcast (#4). We spend most of the time interviewing one of our Cobia users, Jason Huggett. Jason was chosen to go with us to Interop Vegas and work the booth to tell people about Cobia so we decided to go one step further and interview him on the podcast.

A unique aspect of Jason is that he is also a VAR which gives him another perspective about Cobia and why he feels Cobia benefits his customers.

Enjoy the podcast and please send any questions or comments to cobia@stillsecure.com.

BTW – If you are a passionate Cobia user and would like to attend an upcoming industry conference as a representative of the Cobia community, please send me an email to the email address above.

Icon_enclosure_music_7mp3 file

Podcasts, Security

Podcast #41 – Rothman and Farnum

12 Jun , 2007  

MicrophoneIt was a pleasure recording this week’s podcast. What started out as an interview, turned into an entire podcast show together with Mike Rothman and Michael Farnum, two guys who you’d have a beer with any day of the week. And the good news is they will be joining Alan and me for the second half of this interview on next week’s show (so stay tuned for that one too.)

During This Week In Security we talk about a range of news items for the week, including the slow death of Caymas (another Johnny come lately to the NAC market), Symantec’s next strategy de jour Hamlet, and is there a plank in my eEye?,  The Converging Minute was in hiatus this week while we dedicate the entire show to our guests Michael and Mike.

During out interview portion of the show, we check in with Mike Rothman about what he’s seeing and learning through his Pragmatic CSO bootcamps. If you’ve not heard about or looked into Mike’s program, do check it out at www.pragmaticcso.com. It is definitely time well spent for any CSO who wants to be effective in this important roll.

Our friends at Sensepost bring another language lesson in "South African" and also talk about the value of their Hacking By Numbers combat rating system. Evaluate and improve your technical skills at the upcoming Vegas Black Hat.

Thank you for listening and please send your comments, questions and suggestions to podcast@stillsecure.com.

Icon_enclosure_music_7mp3 file