Player FM 앱으로 오프라인으로 전환하세요!
Canary (Tokens) in the Code Mine with Casey Smith
Manage episode 394425086 series 3486243
Thinkst Canary, Cyber Security Researcher Casey Smith joins Nic Fillingham on this week's episode of The BlueHat Podcast. Nic and Casey discuss his background in security, his experience presenting at Blue Hat, and his session on building a Canary token to monitor Windows process execution. The Canary token project is an open-source initiative that creates artifacts on a network to alert defenders when an attacker interacts with them. The tokens can take various forms, such as documents, cloud credentials, QR codes, or executables, providing an early warning system for potential breaches. They also cover the importance of failure in the research process and the evolution of the canary token project to adapt to new attack techniques.
In This Episode You Will Learn:
- The need for defenders to explore new features in the Windows operating system
- Challenges of keeping ahead of more sophisticated adversaries
- The use of legitimate binaries for malicious activities
Some Questions We Ask:
- How do you balance curiosity-driven research with practical security concerns?
- What challenges do you see in the current state of endpoint security?
- How do you navigate working with customers and using what you learn for research?
Resources:
View Nic Fillingham on LinkedIn
Related Microsoft Podcasts:
- Afternoon Cyber Tea with Ann Johnson
- Uncovering Hidden Risks
- The Microsoft Threat Intelligence Podcast
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Hosted on Acast. See acast.com/privacy for more information.
37 에피소드
Manage episode 394425086 series 3486243
Thinkst Canary, Cyber Security Researcher Casey Smith joins Nic Fillingham on this week's episode of The BlueHat Podcast. Nic and Casey discuss his background in security, his experience presenting at Blue Hat, and his session on building a Canary token to monitor Windows process execution. The Canary token project is an open-source initiative that creates artifacts on a network to alert defenders when an attacker interacts with them. The tokens can take various forms, such as documents, cloud credentials, QR codes, or executables, providing an early warning system for potential breaches. They also cover the importance of failure in the research process and the evolution of the canary token project to adapt to new attack techniques.
In This Episode You Will Learn:
- The need for defenders to explore new features in the Windows operating system
- Challenges of keeping ahead of more sophisticated adversaries
- The use of legitimate binaries for malicious activities
Some Questions We Ask:
- How do you balance curiosity-driven research with practical security concerns?
- What challenges do you see in the current state of endpoint security?
- How do you navigate working with customers and using what you learn for research?
Resources:
View Nic Fillingham on LinkedIn
Related Microsoft Podcasts:
- Afternoon Cyber Tea with Ann Johnson
- Uncovering Hidden Risks
- The Microsoft Threat Intelligence Podcast
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Hosted on Acast. See acast.com/privacy for more information.
37 에피소드
Усі епізоди
×플레이어 FM에 오신것을 환영합니다!
플레이어 FM은 웹에서 고품질 팟캐스트를 검색하여 지금 바로 즐길 수 있도록 합니다. 최고의 팟캐스트 앱이며 Android, iPhone 및 웹에서도 작동합니다. 장치 간 구독 동기화를 위해 가입하세요.