Ep13: The Consolation of Threat Intel (JAG-S LABScon keynote)

September 21st, 2024  |  31 mins 41 secs

journalism, threat intelligence, transparency, venture capital

Three Buddy Problem Episode 13: This is a special edition of the show, featuring Juan Andres Guerrero-Saade's full keynote day remarks at LABScon2024. In this talk, Juanito addresses the current state of the threat intelligence industry, expressing a need for a difficult conversation about its direction and purpose. He discusses feelings of disenfranchisement among professionals, the void in meaningful work, and the importance of reclaiming control and value in cybersecurity. Juan emphasizes the need for researchers, journalists, and even VCs, to be the change to reinvigorate the industry and ensure its relevance and impact.

Cast: Juan Andres Guerrero-Saade (SentinelLabs). Costin Raiu and Ryan Naraine are listening to this episode.

Jason Chan on Microsoft's security problems, layoffs and startups

August 7th, 2023  |  27 mins 7 secs

ciso, entrepreneurship, generative ai, layoffs, microsoft, open source software, transparency, vc funding

Episode sponsors:

• Binarly (https://binarly.io)
• FwHunt (https://fwhunt.run)

Bessemer Venture Partner's Jason Chan returns to the show for a frank discussion on the state of cyber, including thoughts on Microsoft's prominent security failures, the meaning of layoffs hitting security teams, the excitement around AI, and the long road ahead. The former Netflix security chief also talks about merging of the IT and security functions and the importance of cybersecurity proving its value to the business.

Project Zero's Maddie Stone on the surge in zero-day discoveries

May 10th, 2022  |  42 mins 10 secs

disclosure, exploits, google, memory safety, project zero, transparency, zero-day

Maddie Stone is a security researcher in Google's Project Zero team. Over the last few years, she has publicly tracked the discovery and disclosure of zero-day malware attacks seen in the wild. On this episode, Maddie joins Ryan to chat about three years of zero-day exploitation data, the nuances around 0day disclosures, the never-ending struggle to mitigate memory corruption attacks and the need for transparency among affected vendors.