Episode 3: Chris Long

In Episode 3, Chris Long stops by to talk about Detection Lab, potential harm to small business from open source offensive security, and how valuable third-party telemetry can be for detection.

Episode Guide

0:00 - Episode Introduction
1:00 - Chris Introduction
9:05 - Protecting Small Businesses
21:45 - Detection Lab
35:40 - Red Team as Part of the Blue Team
38:00 - EDR Preventative Controls vs. Detective Controls
41:20 - Attacker vs Defender Dilemma
44:50 - SOC Centric Detection and Response Program
52:20 - When is the right time to red team?
1:00:17 - The inherent limitation of ATT&CK (treating it like a bingo card, emergence of non endpoint non network threats)
1:13:05 - Strive to be a strong generalist with a specialization
1:25:45 - OSQuery