Category: Lost Bots

[Lost Bots] S03 E04 A Security Leader’s Playbook for the C-suite

In a special two-part “Lost Bots,” hosts Jeffrey Gardner and Stephen Davis talk about presenting cybersecurity results up the org chart. Both have handled C-suite and board communications and have lots of lessons learned.

Part 1 is about the style of a presentation: the point, the delivery, the storytelling. Gardner believes anyone can be great because he’s “an extreme introvert” himself. He shares a ton of wisdom about how to structure your presentation and really own the room with confidence. About halfway through, the ideas start coming fast and furious.

Part 2 brings it together with a deep dive into metrics (and an extraordinary bowtie on Mr. Davis, seriously). Metrics aren’t your story, but they do prove it true. The episode with one thing you must take away and remember: you’re not there to sell more security, you’re there to help stakeholders make well-informed business decisions. When that purpose is clear, some things get simpler.

[The Lost Bots] S03E03. The Rise of The Machines

Artificial Intelligence (AI) is both a profound topic and now, a practical one too: cybersecurity marketers in particular are loving the letters “A” an “I.” But exactly where are we?

Everybody knows an early version of Bing AI spawned a weird personality named “Sidney” and expressed the desire to be both human and destructive. Then there’s that “AI pause” letter almost everybody signed. And now this, from the New York Times: the godfather of AI, Geoffrey Hinton, 75, is leaving Google. He wants to speak freely about the grave dangers he predicts: “It is hard to see how you can prevent the bad actors from using it for bad things.”

A part of him, Hinton said, has come to regret his life’s work.

According to Wired, security researchers are “jailbreaking large language models to get around safety rules.” Our life’s work? Yours? It’s more important than ever. We just might save humanity. But that’s for later…

Separating real and hype about AI and cybersecurity

Rapid7 Detection and Response Practice Advisor Jeffrey Gardner and Stephen Davis, Lead Technical Customer Advisor for MDR may get profound in the future—but this episode is 100% practical and useful right now.

Around the 5:00 mark, they go through exactly how AI is being used in cybersecurity today (and not used, no matter what you hear).

And around the 7:00 mark, heed Gardner’s passionate warning about what you and all your company staff need to think about every time you engage with an AI tool. Every time. In any way. Seriously. Gardner and Stephen are funny, but this warning sure isn’t.

[The Lost Bots] S03E02: Finding unknowns, even spy balloons

When a balloon crossed through Canada and the United States, everyone lost their minds. The news was all-balloon, all-the-time. And the big, obvious, serious questions flew too: “why didn't we see the balloon sooner? Have there been other balloons?”

That sounded pretty familiar to Rapid7 Detection and Response Practice Advisor Jeffrey Gardner. When the U.S. Military responded to the visibility problem in the airspace, it discussed “adjusting filters.” And that sounded familiar too. Because that’s what security practitioners are expected to do every day: find things they don’t even know exist.

While this Lost Bots episode is packed with practical guidance (you’ll likely watch parts of it more than once) it’s delivered by the “Team America” avatars of Gardner and co-host Stephen Davis, Lead Technical Customer Advisor for MDR.

Anyone in cybersecurity is in it for the humans, but we can still be fun.

[The Lost Bots] S03E01: Tech stack consolidation and bacon

It’s 2023, and according to Gartner, ESG, and everybody else, the vendor consolidation trend continues. Throwing tools at the problem isn’t working well, and creates problems of its own.

So, this season of “Lost Bots” starts with Jeffrey Gardner, Detection and Response Practice Advisor and Stephen Davis, Lead D&R Sales Technical Advisor, talking the many upsides of consolidation—deals, integration, one throat to choke—and what they call the “gotchas” too.

At the 4:00 mark, there’s a good discussion of consolidation of layers vs. function. Pay attention: some consolidation decisions can actually increase your risk.  And because these guys are more than valuable fonts of free tips, the episode is packed with air quotes, bacon, and other surprises.

NEVER MISS A BLOG

Get the latest stories, expertise, and news about security today.


[The Lost Bots] S02E06: Play “Experts or Scuttlebutt?” With Us

As the year winds down, Jeffrey Gardner, Detection and Response Practice Advisor and Stephen Davis, Lead D&R Sales Technical Advisor, collected predictions that were made for 2022, and new ones for 2023. Then, they asked their Rapid7 colleagues to decide if the prediction was made by a cybersecurity expert—or if it was scuttlebutt from, say, Reddit. It’s more interesting than a simple true and false game and appropriate in a world where you need to keep your ear to the ground but be wary of what you hear at the same time.

Play along and see if you beat our winner.

The episode ends with a quick game of “Never Have I Ever.” While some revelations are a bit embarrassing, it’s all safe for work and safe for the kiddies. (You won’t believe who got phished.)

Enjoy your holidays and see you next year.

Additional reading:

[The Lost Bots] S02E05: The real magic in the Magic Quadrant

In this episode, we discuss the best use of market research reports, like Magic Quadrants and Waves. If you're in the market for a new cybersecurity solution, do you just pick a Leader and call it a day?

“Consult the MQ only after you’ve identified two vendors that would be a perfect security solution for you,” say our hosts Jeffrey Gardner, Detection and Response Practice Advisor and Stephen Davis, Lead D&R Sales Technical Advisor. When you have two that meet or exceed the requirements? “I'll be honest, I might not care about the MQ placement,” says Davis.

Do not under any circumstances leave before the jazz hands bit: they do gather themselves and talk about how outcomes have to run the show, first and always.

Check back with us in November for our next installment of The Lost Bots!

Additional reading:

[The Lost Bots] S02E04: Cyber's Most Dangerous Game — Threat Hunting

Welcome back to The Lost Bots! In this episode, we dive into one of our favorite topics: threat hunting. It's a subject we've talked about before, but this time, we're focusing on the practical side of getting your threat hunting efforts up and running.

Our hosts Stephen Davis, Lead D&R Sales Technical Advisor, and Jeffrey Gardner, Detection and Response Practice Advisor, give us the basics of what a threat hunting hypothesis is and what makes a good one. They talk about the importance of ensuring your hypothesis is both observable and testable. They also cover the differences between intelligence-driven, situational, and domain expertise hypotheses, and explain how to actually put these concepts into action when engaging in cyber threat hunting.

Check back with us on Thursday, October 26, for our next installment of The Lost Bots!

Additional reading:

NEVER MISS A BLOG

Get the latest stories, expertise, and news about security today.


[The Lost Bots] S02E03: Browser-in-Browser Attacks — Don't Get (Cat)-Phished

Welcome back to The Lost Bots! In our latest episode, we're talking about phishing attacks — but not your standard run-of-the-mill version. Instead, we're focusing on a new technique known as browser-in-browser attacks, unpacking what it means and how it should factor into your organization's security strategy.

Our hosts Jeffrey Gardner, Detection and Response Practice Advisor, and Stephen Davis, Lead D&R Sales Technical Advisor, highlight the telltale signs of browser-in-browser attacks you should look out for as you're carrying out your day-to-day work and life on the internet. They also discuss how to set up user behavior analytics rules in your SIEM that will help you detect this type of threat, as well as how to make end-user training more effective.

Check back with us on Thursday, September 29, for the next Lost Bots installment!

Additional reading:

NEVER MISS A BLOG

Get the latest stories, expertise, and news about security today.


[The Lost Bots] Season 2, Episode 2: The Worst and Best Hollywood Cybersecurity Depictions

Welcome back to The Lost Bots! In this episode, our hosts Jeffrey Gardner, Detection and Response (D&R) Practice Advisor, and Steven Davis, Lead D&R Sales Technical Advisor, walk us through the most hilariously bad and surprisingly accurate depictions of cybersecurity in popular film and television. They chat about back-end inaccuracies, made-up levels of encryption, and pulled power plugs that somehow end cyberattacks. Then they give a shout-out to some of the cinematic treatments that get it right — including a surprising nod to the original 1993 "Jurassic Park."

For Season 2, we're publishing new episodes of The Lost Bots on the last Thursday of every month. Check back with us on Thursday, August 31, for Episode 3!

Additional reading:

NEVER MISS A BLOG

Get the latest stories, expertise, and news about security today.


[The Lost Bots] Season 2, Episode 1: SIEM Deployment in 10 Minutes

Welcome back to The Lost Bots! In the first installment of Season 2, Rapid7 Detection and Response (D&R) Practice Advisor Jeffrey Gardner and his new co-host Stephen Davis, Lead D&R Sales Technical Advisor, give us their five pillars of success for deploying a security information and event management (SIEM) solution. They tell us which pillars are their favorites and how security practitioners — including our hosts themselves — sometimes misstep in these areas.

Watch below for a rundown of how to successfully deploy a SIEM, all in a cool 10 minutes. (Fair warning: Your actual SIEM deployment might take slightly longer than it takes to watch this episode.)

Throughout Season 2, Jeffrey and Stephen will talk through some of the biggest topics and most pressing questions in D&R and cybersecurity, both one-on-one and with guests. We'll be publishing new episodes on the last Thursday of every month. See you in July!

NEVER MISS A BLOG

Get the latest stories, expertise, and news about security today.


Additional reading: