Skip to main content
Security Insiders

Security Insiders

By Maarten Goet

A podcast about everything Microsoft security
Available on
Apple Podcasts Logo
Google Podcasts Logo
Overcast Logo
Pocket Casts Logo
RadioPublic Logo
Spotify Logo
Currently playing episode

Olaf Hartong - Sysmon, MITRE ATT&CK and Azure Sentinel

Security InsidersMay 13, 2020

00:00
32:28
Summer special: Marc Smeets - Red teaming

Summer special: Marc Smeets - Red teaming

From the sunny beaches of The Netherlands, Marc Smeets, co-founder of Outflank and experienced red teamer, talks to us about their DAMTA (defend against modern targeted attacks) training, the work they've done on building extensions for Cobalt Strike, RedELK, and the TIBER framework for the financial industry. We also learn if Microsoft Defender ATP is giving them a hard time during their red team exercises.

Jul 20, 202031:13
Dirk-jan Mollema - ROADtools, PrivExchange, Bloodhound for Azure AD and Microsoft BlueHat

Dirk-jan Mollema - ROADtools, PrivExchange, Bloodhound for Azure AD and Microsoft BlueHat

Dirk-jan Mollema, hacker,  teamer and researcher at Fox-IT, talks about red teaming, his ROADtools exploration framework for Azure AD, the privexchange bug he discovered last year, Microsoft BlueHat and his work with Microsoft's Security and Response Center, and his view on Microsoft Defender ATP.

Jul 06, 202029:02
Milad Aslaner - Microsoft Threat Protection, KQL and Android protection

Milad Aslaner - Microsoft Threat Protection, KQL and Android protection

Milad Aslaner, principal security program manager at Microsoft, part of the Microsoft Threat Protection engineering team, talks about Defender ATP, his ThreatHunt tool, advanced hunting with KQL, the newly announced Android protection and his brother and sister also get a mention!

Jun 29, 202037:25
Cristin Goodwin - Microsoft tracking nation state activity and Sharks with lasers

Cristin Goodwin - Microsoft tracking nation state activity and Sharks with lasers

Cristin Goodwin, Microsoft's assistant general counsel, talks about how Microsoft tracks nation state activities, providing context to governments and other stakeholders, what patterns they see and we briefly touch on threat modeling Sharks with Lasers ;-)

Jun 19, 202030:24
Ruben Bouman and Marcus Bakker - DETT&CT, MITRE, threat hunting and Microsoft Defender ATP

Ruben Bouman and Marcus Bakker - DETT&CT, MITRE, threat hunting and Microsoft Defender ATP

Ruben Bouman and Marcus Bakker, both threat hunters and cyberdefense specialists, join me in talking about their DETT&CT project, the MITRE ATT&CK framework, Microsoft Defender ATP and threat hunting in general.

Jun 11, 202027:57
Christina Lekati - social engineering, HUMINT and insider threats

Christina Lekati - social engineering, HUMINT and insider threats

Christina Lekati, social engineering security specialist, talks about HUMINT, insider threats and how social engineering is both a science and an art. We discuss psychology, ethics, and more. We also answer listener questions and learn what pizza toppings Christina likes ;-)

Jun 08, 202029:01
Ashwin Patil - AWS threat hunting with Azure Sentinel, Jupyter and Sysmon

Ashwin Patil - AWS threat hunting with Azure Sentinel, Jupyter and Sysmon

Ashwin Patil, senior program manager at Microsoft's Threat Intelligence Center, shares how he built the AWS threat hunting samples for Azure Sentinel, what he loves about Jupyter and we re-visit the subject of Sysmon as previously discussed with Olaf Hartong. We also answer listener questions and get tips on how to start a career in cybersecurity. 

May 24, 202026:12
Olaf Hartong - Sysmon, MITRE ATT&CK and Azure Sentinel

Olaf Hartong - Sysmon, MITRE ATT&CK and Azure Sentinel

Olaf Hartong, data dweller at FalconForce, talks about Sysmon, EDR tools, his work with Microsoft Defender ATP and Azure Sentinel, and his proposal for a rainbow of tactics in MITRE ATT&CK.

May 13, 202032:28
Ram Shankar - Cybersecurity and Machine Learning

Ram Shankar - Cybersecurity and Machine Learning

Ram Shankar, security data cowboy at Microsoft, gives us an introduction into the crossroads of cybersecurity and machine learning. We talk about adversarial machine learning, Azure Sentinel FUSION and how to go from billions of events to a handful of high fidelity incidents in 3 steps.

May 06, 202030:22