Infoblox ThreatTalk

After a great discussion about using threat intelligence (TI) to improve threat blocking across the entire security stack, we bring back guest Druce MacFarlane for round 2 of this engaging topic. Investigators and responders need access to much more than IoCs to help guide their studies and reach effective response decisions as quickly as possible. But just as we discussed around threat defense last time, not all threat intelligence is created equal. Join host Bob Hansmann and his guest Druce MacFarlane on this week's quest for security enlightenment on ThreatTalk.Tune in to the live broadcast on LinkedIn every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

With ransoms in the millions called out in headlines, companies are taking a more serious look at cyber insurance. Brushing off scary ‘potential’ damage stories from the security team may be easy for some boards, they cannot easily ignore hard numbers like those in the press.ThreatTalk has invited Krupa Srivatsan, Director of Product Marketing for the security division at Infoblox to discuss cyber insurance in this week’s episode; “Making Cyber Insurance Pay”. Admittedly a broad topic, we will focus on clarifying what cyber insurance really is, what it covers, what it does not, and the factors that can make the premiums more palatable to the financial office. We’ll even speculate where it is all heading in the aftermath of the multi-million dollar ransoms paid in the recent ransomware attacks on Colonial Pipeline and JBS.Tune in to the live broadcast on LinkedIn every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Enterprise security teams rarely buy tools based purely on the current set of features and functions. They also assess the vendors' ability to deliver timely support and updates so the solution will continue to provide value over the entire investment period.  In particular, security solutions must be able to quickly adapt to shifts in technology, threat, and even workplace landscapes.  But how can you measure a vendors' ability to deliver on these vague, future requirements?This week's guests on ThreatTalk will discuss how a security vendor's strategic investment in a cloud-native 'platform' can help address these longer-term customer requirements. After several weeks of analyst briefings and consultations, we will be joined by Troy Hager, Infoblox Sr. Director for Product Management - SaaS Platforms, and Krupa Srivatsan, Infoblox Director of Product Marketing-Strategy, to talk about the value of platforms in an agile world to ensure long-term value.Tune in to the live event on LinkedIn every other Tuesday at 11:00 am (PST).  Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Security teams consume threat intelligence (TI) in many ways but struggle to find just the right mix because not all TI is created equal. Defenders constantly struggle to find the balance between high detection rates and low false positives. Meanwhile, threat investigators and incident responders need TI they can leverage to make more effective decisions faster. The result can be a complex blend of dozens of threat intelligence feeds.This week Druce MacFarlane, Sr. Product Manager for Security and Analytics at Infoblox, joins us to help break down the threat intelligence that underpins our protection, detection, investigation, and response capabilities.Tune in to the live event on LinkedIn every other Tuesday at 11:00 am (PST).Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

While headlines declare the Colonial Pipeline breach a "wake-up call", experienced cybersecurity professionals are biting their tongues from declaring, "I told you so".  So this episode of ThreatTalk will be light on the 'scary stories' of DarkSide to focus more on what we are learning from this latest real-world ransomware incident.Join host Bob Hansmann on this week’s show to go beyond the hype in search of the gems worth learning, with the help of guests Craig Sanderson, VP of Products-Security, and Krupa Srivatsan, Product Marketing Director-Security, both of Infoblox. Tune in to the live event on LinkedIn every other Tuesday at 11:00 am (PST).Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Michael Osterman of Osterman Research joins us on this week's ThreatTalk! Michael and host Bob Hansmann will be discussing the findings from an Osterman survey of security leaders about their long-term strategies and investment plans for a post-COVID world! For context, it will review their current security measures to understand what is working - and what is not. Tune in to the live event on LinkedIn every other Tuesday at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

This week our host Bob Hansmann is joined by Infoblox’s consulting senior product marketing manager, Michael Zuckerman. They will be talking about the latest trends and tactics uncovered in the Infoblox Q1 Cyberthreat Intelligence Report. The first quarter of 2021 saw many new cybersecurity issues, and this show is sure to provide some great discussions and actionable insights. Tune in to the live event on LinkedIn every other Tuesday at 11:00 am (PST).Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

ThreatTalk Season 2 kicks off with Bob Hansman and guest Druce MacFarlane, Sr. Product Manager at Infoblox, talking about the current state of phishing. We will discuss social engineering and lookalike tactics that hackers are using to steal valuable data. Tune in to the live event on LinkedIn at 11:00 am (PST).Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Infoblox is excited to present season 2 of the ThreatTalk podcast series. Join us every 1st and 3rd Tuesday of the month at 11:00 am (PST) for engaging conversations with cybersecurity experts. Infoblox Sr. Product Marketing Manager Bob Hansmann will be hosting ThreatTalk Season 2. Bob has been at the bleeding edge of cybersecurity since the early days when firewall and desktop antivirus were the only solutions available. His background as a developer, researcher, product architect, product manager, and product marketer is ideal for extracting interesting details from our guests on the strategic, tactical, or technical aspects of cybersecurity.Subscribe to the Threat Talk podcast on Apple Podcasts or Spotify.

Security teams are at war. Every day, attackers, tactics, techniques, and procedures evolve and are used to assault IT security defenses. Enterprises must choose frameworks to help organize their cyber-defense playbooks and run their operations. The CIS framework provides one of the best options to develop an organization’s security strategies for long term success. Michael Zukerman joins ThreatTalk to detail the CIS Framework and how it guides an organization to develop critical security fundamentals. Michael outlines the three categories of controls within the CIS Framework in detail and their benefits: 6 essential Basic Security Controls all organizations must adopt 10 highly recommended Security Foundational controls 4 Organization Security Controls for people, policies, and compliance. After discussing each of the 20 controls, Michael illustrates how Infoblox Threat Defense implements foundational security for DNS, DHCP and IPAM across the entire enterprise. Unlike a traditional security stack, Infoblox can provide visibility and control critical for CIS into all enterprise environments including cloud resources and remote employees.

Don’t be stuck in the IT stone age! The castle walls of defense in depth are down or at least damaged due to a combination of constant attack and the digital transformation. The digital transformation constantly moves data away from traditional enterprise control: Rapid expansion of SaaS Applications hosted everywhere Branch offices on SDWANs Explosion of IoT Teleworkers logging in from unsecured locations Michael Zuckerman joins ThreatTalk to discuss how adopting a robust framework like ISO27001 and ISO27002 can provide a roadmap to taking the initiative back from the attackers. The ISO standards provide key policies and procedures that inform the actions to be taken in advance or in response to an attack. DNS security products provide the extended visibility necessary to implement ISO frameworks beyond the network by encompassing cloud resources and remote users. Combined with NAC devices, DNS security provides foundational security to detect, block, and quarantine infected machines and return control to the enterprise.

Most organizations think DNS security means that they must secure their various DNS systems. However, using DNS security strategically overlays an overarching layer of security capabilities across the enterprise. When harnessing DNS security, an organization can: Bypass the need to configure of hundreds or thousands of firewalls to block specific addresses or websites. Secure remote users without VPN overhead. Control access for cloud resources, datacenters, and containers with a single, simple unifying policy. Detect infrastructure attacks early in the Mitre Framework stages before data exfiltration or command and control attacks can begin Michael Katz joins ThreatTalk to discuss how DNS enhances the capabilities of firewalls by taking a broader look at the traffic within an organization. They discuss three key strategies to implementing DNS and cover key DNS mistakes most organizations make when developing their security strategies.

How can an enterprise protect a surge of remote users? Everyone is scrambling to deal with the consequences of the COVID19 quarantine. Enterprises suddenly shifted their employees from primarily within the office to primarily working from home. Now security managers must somehow extend the corporate security stack to non-technical employees working on home networks. Krupa Srivatsan, Director of Product Marketing at Infoblox, joins ThreatTalk to cover 5 key threats for the remote worker. With so many threats, an enterprise security team needs to respond quickly and efficiently. The best way to do that is to focus on the common denominator: everything uses DNS. Srivatsan explains how cloud-based DNS with analytics allows an enterprise to remotely protect the employee. Security managers can restrict the remote worker to safe domains, protect against data exfiltration, and limit command and control commands from already-infected devices. You can find this interview, and many more, by subscribing to the ThreatTalk podcast on Apple Podcasts or on Spotify.

How can a heralded new feature from Firefox be dangerous? When the consumer-protecting DNS over HTTPS (DoH) feature creates a default that dangerously bypasses enterprise security and exposes organizations to serious risks. Krupa Srivastan, Director of Product Marketing at Infoblox, discusses key issues with DoH and best practices to regain control of the DNS traffic to protect the enterprise environment.

The EVP Engineering and Chief DNS Architect at Infoblox, Cricket Liu, joins us on Threat Talk to talk about DNS Flag Days – why we need them and how they are improving the internet. DNS Flag Days serve notices to obsolete Domain Name System (DNS) servers that existing accommodations to provide them with compatibility for pre-1999 standards will be phased out. The Flag Days attempt to: Speed up DNS Improve DNS reliability Improve DNS security In 1999, DNS was extended with eDNS(0), yet servers incompatible with eDNS(0) continue to be used today. To improve the performance of the internet, the 2019 DNS flag day temporarily ceased to support those legacy DNS servers. The 2020 Flag Day will tackle the maximum DNS message size to bring them down under 1232 bytes. This will stop DNS message fragmentation and improve both the reliability and security of DNS. You can find this interview, and many more, by subscribing to the ThreatTalk podcast on Apple Podcasts or on Spotify.

How can anyone manage their security when so much is literally out of their control within a 3rd party SaaS or BYOD? A breach is going to happen so limit the impact using Zero Trust principles: Focus on the Data Trust no user Trust no communication Deny access by default and provide minimal access when required Consulting Senior Product Marketing Manager at Infoblox, Michael Zuckerman, joins Threat Talk to discuss Zero Trust in detail. Designed with Data at the heart of the protection strategy, Zero Trust uses fundamental IT technology such as DNS filtering, encryption and microsegmentation as key components to control access and limit exposure. You can find this interview, and many more, by subscribing to the ThreatTalk podcast on Apple Podcasts or on Spotify.

Did you know that over 90% of the malware incidents and over half of all ransomware and data theft attacks rely on DNS as a vector. In today’s day and age, securing your DNS has never been more critical. Today we’re joined by David Ayers, a member of the Infoblox product marketing team, who is responsible for service provider and DNS privacy messaging. David fills us in on biggest security concerns and how to secure your DNS infrastructure. To listen to this episode and many more like it, subscribe to ThreatTalk on Apple Podcasts or tune in on our website.

Objectivity in cyber defense is the goal, but, too often, emotion of the room rules the day. In this episode, seasoned IT expert Michael Zuckerberg joins us to explain the MITRE ATT&CK framework and how to utilize it to reduce subjectivity and increase your cyber defense systems. Michael is a consulting senior product marketing manager at Infoblox, an expert consultant in B2B product marketing and marketing strategy, with experience in cybersecurity and enterprise SaaS software markets. He has extensive domain experience in all facets of cybersecurity. What we talked about: MITRE ATT&CK framework Explain high-level tactics versus techniques How to use the MITRE ATT&CK framework as a matrix Reducing subjectivity and increasing objectivity in cyber defense Addressing cyber risks Identifying priorities You can find this interview, and many more, by subscribing to the ThreatTalk podcast on Apple Podcasts or on Spotify.

“Your employer’s firewall has blocked access to this website.” That’s a good way to protect a network. But its a bad way to cost effectively protect your network. There’s a better way, using DNS, which costs far less, and it’s extremely accurate. On this episode, Director of Product Marketing at Infoblox, Krupa Srivatsan, discusses how DNS can be utilized to protect your network. What we talked about: Content filtering at the DNS level Blocking objectionable material DNS vs firewall protection You can find this interview, and many more, by subscribing to the ThreatTalk podcast on Apple Podcasts or on Spotify.

DNS, DHCP, IPAM — most people within IT understand how these ensure connectivity. But they can, and should, also be leveraged as the major defenses for your network. On this episode of the ThreatTalk podcast, Krupa Srivatsan joined us to discuss the security defense methodologies inherent within DHS, DHCP, & IPAM. Krupa is the Director of Product Marketing at Infoblox. She has an MBA from Berkeley, and has worked with Pfizer, Agilent, Cisco Systems, and others. What we talked about: DNS, DHCP, & IPAM IOT Network Insights — key feature of Infoblox’s security system NetMRI NIST core functions Improving branch officer experience Multi Cloud You can find this interview, and many more, by subscribing to the ThreatTalk podcast on Apple Podcasts or on Spotify.

There are new cybersecurity tools coming out every day it seems. Why, then, are so many security breaches happening still? Michael Katz, Security Sales Specialist at Infoblox, fills us in on today’s threatscape and what companies can do to protect themselves. In this episode, we cover: Michael’s biggest security concern for today Investing in security tools Building a ground-up security strategy Mitigating security risks To listen to this episode and many more like it, subscribe to ThreatTalk on Apple Podcasts or tune in on our website.

Is there ever a victimless crime? Cryptojacking - a form of malware that secretly infiltrates your system to steal computing resources for mining cryptocurrency - has gained traction as a steady stream of income for criminal hackers. We sit down with the Technology Director of Western Europe Infoblox, Gary Cox, and the CEO of INSINIA Security, Mike Godfrey, to discuss combatting cryptojacking. In this episode, we cover common cryptojacking behavior, detecting crypto-jackers, and more.

Billions of devices are all connected together out there in the world... will it actually be possible to map and secure them all? If so, how? Whose responsibility should it be? In this episode we ask Gary Cox, Infoblox’s Technology Director for Western Europe, and Mike Godfrey, CEO of Insignia Security, for answers.

Global volatile ransomware attacks are increasing by 11% year over year. And it’s only continuing to evolve. What do companies need to do to decrease the likelihood of a ransomware attack? What are the best products, toolsets, and controls? These are just a few of the questions we cover with Infoblox technology writer, Gary Cox, and CEO of Insignia Security, Mike Godfrey. In this episode, we traverse everything from cyber hygiene to cyber-attack investigations and more.

DNS is everywhere — the public cloud, private cloud, the corporate network… That’s exactly why adversaries use it as a control plane for threats. It’s also exactly why it should become the foundational pillar of your cybersecurity architecture. On this episode of the Threat Talk podcast, Craig Sanderson (VP of Security Products at Infoblox) joins us to share how we should rethink cybersecurity with DNS. On this episode, we discuss how DNS can be utilized to distribute threat information across an organization, and become a basis for you cybersecurity infrastructure (and exactly how we’re doing that here at Infoblox).

Do we really want to dramatically increase cybersecurity? Enable DNSSEC… by default. Perhaps that sounds a bit self-serving from a cybersecurity company. But that wasn’t our suggestion. That’s from Matt Larson, VP of Research at ICANN. He joined us on this episode of our ThreatTalk podcast series to discuss how he sees cyber security… and that’s just one of his phenomenal ideas on the subject. In this episode, he also dives into: Completely separating recursive servers from authoritative servers, DNSSEC Validation, DNS cache poisoning, and other DNS security best practices.

In this episode of Infoblox ThreatTalk, we will double click on security automation and how an integrated ecosystem approach can help speed up incident response. Organizations have reached a point where they are wary of putting in yet another security tool in their network, which will create more alerts and more cycles to manage. They just want the stuff they already have to work better and help them do their jobs with minimum overhead. Presenters: Krupa Srivatsan, Director of Product Marketing for Security at Infoblox and Craig Sanderson, VP of Security Product Management at Infoblox

In this episode of Infoblox Threat Talk, we talk about using DNS (Domain Name Service) as a foundational security architecture for automated, scalable, and early detection of malicious activity. Digital transformations like SD-WAN, IoT, and hybrid cloud are causing an impact on security and are causing organizations to evaluate how to protect their data and applications. Presenters: Krupa Srivatsan, Director of Product Marketing for Security at Infoblox and Craig Sanderson, VP of Security Product Management at Infoblox