Tracking Nation State Actors
Security Unlocked
English - January 13, 2021 08:30 - 58 minutes - ★★★★ - 56 ratingsTechnology security security ai artificial intelligence machine learning microsoft microsoft security microsoft ai microsoft ml microsoft security ai nic fillingham Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Watchdogs in tow, hosts Nic Fillingham and Natalia Godyla are joined by guest Randy Treit, Principal Security Leader at Microsoft, to examine the process of identifying the source of a threat and stopping the spread by protecting “patient zero.” Randy has a few key tricks up his sleeve as a defender, but you can decide if they’re more impressive than the antics he and his identical twin have pulled while working at Microsoft.
In the second segment, Jeremy Dallman, Principal Program Manager at Microsoft, discusses why some bad actors are known in the security world under some of the most seemingly harmless codenames, such as “Fancy Bear” and “Charming Kitten”, and highlights the techniques his team is using to protect Microsoft’s customers from Nation-State actors.
In This Episode, You Will Learn:
How Microsoft is defending and protecting patient zero
The history of Defender and antimalware
The process of finding gaps in protections
The importance of protecting customers from Nation-State actors
How and why security vendors use codenames to refer to threat activity groups
Some Questions We Ask:
What is different about focusing on patient zero than other aspects of security?
How does Microsoft measure the false positive rate in protecting patient zero?
What tools are being used on a day-to-day basis in defender security?
Why does Microsoft partner with the industry to identify Nation-State actors?
How many groups are utilizing AI and ML to enhance their ability to become a threat?
Resources:
Microsoft Digital Defense Report
Randy’s LinkedIn
Jeremy’s LinkedIn
Microsoft Security Blog
Nic’s LinkedIn
Natalia’s LinkedIn
Related:
Listen to: Afternoon Cyber Tea with Ann Johnson
Listen to: Security Unlocked: CISO Series with Bret Arsenault
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.
Watchdogs in tow, hosts Nic Fillingham and Natalia Godyla are joined by guest Randy Treit, Principal Security Leader at Microsoft, to examine the process of identifying the source of a threat and stopping the spread by protecting “patient zero.” Randy has a few key tricks up his sleeve as a defender, but you can decide if they’re more impressive than the antics he and his identical twin have pulled while working at Microsoft.
In the second segment, Jeremy Dallman, Principal Program Manager at Microsoft, discusses why some bad actors are known in the security world under some of the most seemingly harmless codenames, such as “Fancy Bear” and “Charming Kitten”, and highlights the techniques his team is using to protect Microsoft’s customers from Nation-State actors.
In This Episode, You Will Learn:
How Microsoft is defending and protecting patient zero
The history of Defender and antimalware
The process of finding gaps in protections
The importance of protecting customers from Nation-State actors
How and why security vendors use codenames to refer to threat activity groups
Some Questions We Ask:
What is different about focusing on patient zero than other aspects of security?
How does Microsoft measure the false positive rate in protecting patient zero?
What tools are being used on a day-to-day basis in defender security?
Why does Microsoft partner with the industry to identify Nation-State actors?
How many groups are utilizing AI and ML to enhance their ability to become a threat?
Resources:
Microsoft Digital Defense Report
Related:
Listen to: Afternoon Cyber Tea with Ann Johnson
Listen to: Security Unlocked: CISO Series with Bret Arsenault
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.