web01.fireside.fm Thu, 14 May 2026 10:54:23 -0500 Fireside (https://fireside.fm) Three Buddy Problem - Episodes Tagged with “Windows” https://securityconversations.fireside.fm/tags/windows Fri, 26 Jul 2024 01:00:00 -0700 The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. <a href="https://twitter.com/ryanaraine">Connect with Ryan on Twitter</a> (Open DMs). en-us episodic A Security Conversations podcast Security Conversations The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. <a href="https://twitter.com/ryanaraine">Connect with Ryan on Twitter</a> (Open DMs). no cybersecurity, ciso, infosec, security, hacking, information security, research Security Conversations naraine@gmail.com Ep6: After CrowdStrike chaos, should Microsoft kick EDR agents out of Windows kernel? http://securityconversations.fireside.fm/tbp-ep6 874c67ec-26cd-4395-8713-df1b58629041 Fri, 26 Jul 2024 01:00:00 -0700 Security Conversations full Security Conversations The 'Three Buddy Problem' Podcast Episode 6: As the dust settles on the CrowdStrike incident that blue-screened 8.5 million Windows computers worldwide, we dig into CrowdStrike’s preliminary incident report, the lack of transparency in the update process and the need for more robust testing and validation. We also discuss Microsoft's responsibility to avoid infinite BSOD loops, risks of deploying EDR agents on critical systems, and how an EU settlement is being blamed for EDR vendors having access to the Windows kernel. Other topics on the show include Mandiant's attribution capabilities, North Korea’s gov-backed hacking teams launching ransomware on hospitals, KnowBe4 hiring a fake North Korean IT worker, and new developments in the NSO Group surveillance-ware lawsuit. Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek) 1:16:37 no <p><strong>Three Buddy Problem - Episode 6</strong>: As the dust settles on the CrowdStrike incident that blue-screened 8.5 million Windows computers worldwide, we dig into CrowdStrike’s preliminary incident report, the lack of transparency in the update process and the need for more robust testing and validation. We also discuss Microsoft's responsibility to avoid infinite BSOD loops, risks of deploying EDR agents on critical systems, and how an EU settlement is being blamed for EDR vendors having access to the Windows kernel.</p> <p>Other topics on the show include Mandiant's attribution capabilities, North Korea’s gov-backed hacking teams launching ransomware on hospitals, KnowBe4 hiring a fake North Korean IT worker, and new developments in the NSO Group surveillance-ware lawsuit.</p> <p><strong>Hosts:</strong> Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)</p> CrowdStrike, Windows, BSOD, detection update, testing, validation, EDR, detection, APT45, groups, IOCs, North Korea, NSO lawsuit, surveillance industry, exploits, zero-days Three Buddy Problem - Episode 6: As the dust settles on the CrowdStrike incident that blue-screened 8.5 million Windows computers worldwide, we dig into CrowdStrike’s preliminary incident report, the lack of transparency in the update process and the need for more robust testing and validation. We also discuss Microsoft's responsibility to avoid infinite BSOD loops, risks of deploying EDR agents on critical systems, and how an EU settlement is being blamed for EDR vendors having access to the Windows kernel.

Other topics on the show include Mandiant's attribution capabilities, North Korea’s gov-backed hacking teams launching ransomware on hospitals, KnowBe4 hiring a fake North Korean IT worker, and new developments in the NSO Group surveillance-ware lawsuit.

Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)

Links:

]]> Three Buddy Problem - Episode 6: As the dust settles on the CrowdStrike incident that blue-screened 8.5 million Windows computers worldwide, we dig into CrowdStrike’s preliminary incident report, the lack of transparency in the update process and the need for more robust testing and validation. We also discuss Microsoft's responsibility to avoid infinite BSOD loops, risks of deploying EDR agents on critical systems, and how an EU settlement is being blamed for EDR vendors having access to the Windows kernel.

Other topics on the show include Mandiant's attribution capabilities, North Korea’s gov-backed hacking teams launching ransomware on hospitals, KnowBe4 hiring a fake North Korean IT worker, and new developments in the NSO Group surveillance-ware lawsuit.

Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)

Links:

]]> Microsoft's Justin Campbell on offensive security research http://securityconversations.fireside.fm/justin-campbell-microsoft 367c5dd6-8956-42a5-b804-887991a31ff3 Sat, 08 Jan 2022 12:00:00 -0700 Security Conversations full Security Conversations Justin Campbell leads Microsoft’s Offensive Research and Security Engineering (MORSE) team. He joins the show to talk about his team's discovery of a SolarWinds in-the-wild zero-day, the never-ending stream of memory safety vulnerabilities, the evolving 'shift-left' mindset and Redmond's ongoing work to reduce attack surfaces. 27:16 no <p>Justin Campbell leads Microsoft’s Offensive Research and Security Engineering (MORSE) team. He joins the show to talk about his team's discovery of a SolarWinds in-the-wild zero-day, the never-ending stream of memory safety vulnerabilities, the evolving 'shift-left' mindset and Redmond's ongoing work to reduce attack surfaces. </p> microsoft, windows, memory safety, shift-left, secure coding, zero-days Justin Campbell leads Microsoft’s Offensive Research and Security Engineering (MORSE) team. He joins the show to talk about his team's discovery of a SolarWinds in-the-wild zero-day, the never-ending stream of memory safety vulnerabilities, the evolving 'shift-left' mindset and Redmond's ongoing work to reduce attack surfaces.

Links:

]]> Justin Campbell leads Microsoft’s Offensive Research and Security Engineering (MORSE) team. He joins the show to talk about his team's discovery of a SolarWinds in-the-wild zero-day, the never-ending stream of memory safety vulnerabilities, the evolving 'shift-left' mindset and Redmond's ongoing work to reduce attack surfaces.

Links:

]]> David Weston, Principal Security Engineering Manager, Microsoft http://securityconversations.fireside.fm/david-weston-microsoft 904ca3fd-d3eb-481f-8a0e-819e0bfd87c4 Sun, 24 Jun 2018 18:00:00 -0700 Security Conversations full Security Conversations David Weston manages the Windows Device and Offensive Security Research teams at Microsoft. He joins the podcast to talk about how proactive red-team exercises push major mitigations to Microsoft's products and the current state of security in the Windows ecosystem. 46:23 no <p>David Weston manages the Windows Device and Offensive Security Research teams at Microsoft. He joins the podcast to talk about how proactive red-team exercises push major mitigations to Microsoft's products and the current state of security in the Windows ecosystem. </p> David Weston manages the Windows Device and Offensive Security Research teams at Microsoft. He joins the podcast to talk about how proactive red-team exercises push major mitigations to Microsoft's products and the current state of security in the Windows ecosystem.

Links:

]]> David Weston manages the Windows Device and Offensive Security Research teams at Microsoft. He joins the podcast to talk about how proactive red-team exercises push major mitigations to Microsoft's products and the current state of security in the Windows ecosystem.

Links:

]]>