Best Mandiant Podcasts (2025)

1
Cross Examining Cyber EP17: Cross Examining Google Mandiant’s Karen Kukoda 33:10

Play Pause

17d ago33:10

33:10

Karen is a genuine global leader in the cyber-legal space. She manages the relationship between Google Mandiant and its law firm and insurance partners. She has had a remarkable cyber career…think FireEye, Safeguard Cyber, Mandiant and now Google Mandiant! Karen and I caught up at the IAPP Global Conference in Washington D.C. and then again at the …

1
EP 10 Tim Blazytko - Protecting Intellectual Property: Obfuscation & Anti-Reverse Engineering in Software 1:08:32

14h ago1:08:32

1:08:32

What goes into creating effective software protections? This episode features a conversation with Tim Blazytko, Chief Scientist and Head of Engineering at Emproof, about the essential strategies for protecting software intellectual property. We cover the core concepts of code obfuscation and anti-reverse engineering and discuss practical, modern ap…

1
Vishing in the Wild 37:48

15h ago37:48

37:48

Nick Guttilla and Emily Astranova, from Mandiant Consulting's Offensive Security team, join host Luke McNamara for an episode on voice-based phishing, or "vishing." Nick and Emily cover their respective blogs and experiences, diving into how they employ vishing techniques to social engineer organizations--both organically and using AI-powered voice…

1
EP228 SIEM in 2025: Still Hard? Reimagining Detection at Cloud Scale and with More Pipelines 27:09

3d ago27:09

27:09

Guest Alan Braithwaite, Co-founder and CTO @ RunReveal Topics: SIEM is hard, and many vendors have discovered this over the years. You need to get storage, security and integration complexity just right. You also need to be better than incumbents. How would you approach this now? Decoupled SIEM vs SIEM/EDR/XDR combo. These point in the opposite dir…

1
Public M&A EP34: Auctions under the Takeover Code 7:19

3d ago7:19

7:19

In this episode we talk about auction procedures under the Takeover Code. We discuss: what an auction procedure is; when they are used; and how they work.By Herbert Smith Freehills Kramer Podcasts

1
FSR Brief EP6: The road to Crypto regulation 28:51

3d ago28:51

28:51

After initial scepticism, Crypto is making its way into the UK regulatory perimeter. In the sixth episode of the FSR Brief, Jon Ford and Michael Tan are joined by Chris Ninan and Elizabeth Stephens to discuss the road to regulation, with a focus on the recently published statutory instrument from the UK Government, and the FCA's "DP25/1: Regulating…

1
(Replay) How To Harden Active Directory To Prevent Cyber Attacks - Webinar 1:00:04

5d ago1:00:04

1:00:04

(REPLAY) This is a recording of a webinar aimed at IT professionals, system administrators, and cybersecurity professionals eager to bolster their defenses against cyber threats. In this session, "How to Harden Active Directory to Prevent Cyber Attacks," our expert speakers will discuss comprehensive strategies and best practices for securing your …

1
EP227 AI-Native MDR: Betting on the Future of Security Operations? 23:58

10d ago23:58

23:58

Guests: Eric Foster, CEO of Tenex.AI Venkata Koppaka, CTO of Tenex.AI Topics: Why is your AI-powered MDR special? Why start an MDR from scratch using AI? So why should users bet on an “AI-native” MDR instead of an MDR that has already got its act together and is now applying AI to an existing set of practices? What’s the current breakdown in labor …

1
FSR Podcast: The new UK crypto rules: top 3 takeaways 17:52

13d ago17:52

17:52

Marina Reason and Ioannis Asimakopoulos discuss the scope of the new UK crypto rules and highlight the top 3 takeaways. They consider the draft legislation that will bring certain cryptoassets within the financial services regulatory perimeter. They also outline the key aspects of a related Financial Conduct Authority (FCA) discussion paper that se…

1
Episode 135: We Couldn’t Get In...And That’s a Good Thing, Or Is It? 41:45

13d ago41:45

41:45

In this episode of The Cyber Threat Perspective, we dive into why a “we couldn’t get in” result on a pentest isn’t always the victory it seems—and why it can be a great sign if interpreted correctly. We break down the real defensive controls that prevented compromise, explore what might still be hiding under the surface, and share why even a clean …

1
Inside IR (Australian Industrial Relations) EP27: Managing picket lines at the workplace – The crossover between IR and safety 36:13

13d ago36:13

36:13

Tune into our 27th episode of Inside IR, in which IR experts Rohan Doyle (Partner) and Emma Vautin (Senior Associate) are joined by Steve Bell, Managing Partner and Safety lead, to discuss “Managing picket lines at the workplace – the crossover between IR and safety”. In this episode, the team share their extensive experience in working alongside c…

1
The Pensions Exchange: The AI Revolution – The Member Perspective 15:49

13d ago15:49

15:49

Artificial intelligence is upon us, but are schemes ready? Trustees may not yet be offering AI tools, but members have been quick off the mark. In this second episode, we discuss how members are using AI, before closing with practical tips for trustees. Our guest, again, is comms consultant Thomas Joy (Quietroom). Subscribe to our Pensions Notes Bl…

1
The Third Wheel (ESG Australia) EP49: Structuring your Sustainability Report 28:15

15d ago28:15

28:15

Tim Stutt, Anna Coroneo and Isabella Kelly delve into the integration of sustainability reports into annual reports, exploring the challenges and strategies for clear and effective climate-related disclosures. They cover a broad spectrum of topics including the potential for ASIC relief applications, complexities of cross-referencing and implicatio…

1
EP226 AI Supply Chain Security: Old Lessons, New Poisons, and Agentic Dreams 24:39

17d ago24:39

24:39

Guest: Christine Sizemore, Cloud Security Architect, Google Cloud Topics: Can you describe the key components of an AI software supply chain, and how do they compare to those in a traditional software supply chain? I hope folks listening have heard past episodes where we talked about poisoning training data. What are the other interesting and unexp…

1
Responding to a DPRK ITW Incident 16:35

17d ago16:35

16:35

JP Glab (Mandiant Consulting) joins host Luke to discuss responding to activity from North Korean IT workers. He walks through what initially triggered the investigation at this organization, how it progressed in parallel with an HR investigation, and ultimately what was discovered. For more on the DPRK IT workers and trends in incident response, c…

1
Episode 134: Preventing Data Breaches: Strategies to Mitigate Initial Compromise 47:20

19d ago47:20

47:20

In this episode of The Cyber Threat Perspective, we tackle the crucial first step in cybersecurity: preventing initial compromise. We'll dissect common attack vectors like phishing and exploitation and explore layered defenses ranging from MFA and patch management to DMZs and WAFs. Get actionable guidance to integrate these controls into your secur…

1
Inside Safety (Australia) EP1: Psychosocial health and safety 19:42

21d ago19:42

19:42

In the first episode of the podcast, hosted by Steve Bell and Nerida Jessup, we focus on a contemporary issue for Australian workplaces - psychosocial health and safety. Traditionally centred on physical risks, there has been a significant shift over the past five years towards managing non-physical risks such as bullying and sexual harassment. Thi…

1
Talking Shop EP20: How can fashion brands use IP as a tool for sustainability? 19:14

21d ago19:14

19:14

In this episode of the Talking Shop podcast, we delve into the role of Intellectual Property (IP) as a tool for sustainability. We explore how technology and IP can be leveraged to reduce waste while simultaneously increasing value for a brand, and the balance between innovation, sustainability, and IP protection.…

1
EP09 Thomas Roccia - AI, Data Visualization, and the Future of Security Research 1:08:07

21d ago1:08:07

1:08:07

In this episode, we’re joined by Thomas Roccia, a security researcher at Microsoft. Thomas discusses the growth of the Unprotect Project, how AI is changing security research, and the impact of data visualizations for conveying technical information. Drawing on his experience, Thomas offers a unique perspective on the intersection of open-source co…

1
EP225 Cross-promotion: The Cyber-Savvy Boardroom Podcast: EP2 Christian Karam on the Use of AI 24:46

22d ago24:46

24:46

Hosts: David Homovich, Customer Advocacy Lead, Office of the CISO, Google Cloud Alicja Cade, Director, Office of the CISO, Google Cloud Guest: Christian Karam, Strategic Advisor and Investor Resources: EP2 Christian Karam on the Use of AI (as aired originally) The Cyber-Savvy Boardroom podcast site The Cyber-Savvy Boardroom podcast on Spotify The C…

1
EP224 Protecting the Learning Machines: From AI Agents to Provenance in MLSecOps 30:40

24d ago30:40

30:40

Guest: Diana Kelley, CSO at Protect AI Topics: Can you explain the concept of "MLSecOps" as an analogy with DevSecOps, with 'Dev' replaced by 'ML'? This has nothing to do with SecOps, right? What are the most critical steps a CISO should prioritize when implementing MLSecOps within their organization? What gets better when you do it? How do we adap…

1
The Pensions Exchange: The AI Revolution – Trustees and Providers 15:17

24d ago15:17

15:17

Artificial intelligence is upon us, but are schemes ready? Like it or not, members are already turning to AI to guide their pension decisions. In the first of two episodes, we focus on the opportunities and challenges for trustees. Thomas Joy, from comms consultants Quietroom, joins to discuss with pensions partner Michael Aherne. Subscribe to the …

1
Episode 133: How Cyber Attackers Steal Credentials & Hijack Sessions 31:51

27d ago31:51

31:51

In this episode of The Cyber Threat Perspective, we break down how attackers steal credentials and hijack sessions to gain unauthorized access to systems and data. From phishing to cookie stealing to session token theft, we’ll explore the most common techniques and how to defend against them. Whether you're an IT admin or security pro, you’ll walk …

1
Talking Shop EP19: Global M&A trends in the consumer sector 12:57

29d ago12:57

12:57

Our M&A and Trade experts from the UK (Alex Kay), Europe (Morris Schonberg), Asia (Nanda Lau) and Australia (Andrew Rich) discuss the current economic and geopolitical headwinds impacting M&A activity in the consumer sector, reflect on the biggest transactions from the past year and make predictions for deal activity in the next 12 months.…

1
Giovanni Cruz - Founder @ BSides Colombia 48:31

29d ago48:31

48:31

https://bsidesco.org/

1
The Third Wheel (ESG Australia) EP48: Climate reporting readiness (and welcome back to TTW 2025!) 21:35

29d ago21:35

21:35

In our first episode of The Third Wheel for 2025, Tim Stutt, Anna Coroneo and Suzannah Hewson explore the key themes and latest trends in climate and sustainability reporting both globally and in Australia. They offer practical advice for companies preparing for new regulatory requirements and conducting climate reporting readiness initiatives, inc…

1
UNC5221 and The Targeting of Ivanti Connect Secure VPNs 27:55

1M ago27:55

27:55

Matt Lin (Senior Incident Response Consultant, Mandiant) and Daniel Spicer (Chief Security Officer, Ivanti) dive into the research and response of UNC5221's campaigns against Ivanti. They cover how this threat actor has evolved from earlier campaigns, the continued focus of edge infrastructure by APT actors, and the shared responsibility of securit…

1
EP223 AI Addressable, Not AI Solvable: Reflections from RSA 2025 31:37

1M ago31:37

31:37

Guests: no guests, just us in the studio Topics: At RSA 2025, did we see solid, measurably better outcomes from AI use in security, or mostly just "sizzle" and good ideas with potential? Are the promises of an "AI SOC" repeating the mistakes seen with SOAR in previous years regarding fully automated security operations? Does "AI SOC" work according…

1
FSR Brief EP5: Financial services and the growth agenda – a sword and shield 22:51

1M ago22:51

22:51

As part of Government's relentless drive to grow the economy, regulators have been challenged on how they can support the growth agenda. In Episode 5 of the FSR Brief, Jon Ford and Michael Tan are joined by Jenny Stainsby and Tim Parkes to discuss how this is playing out in Financial Services, and how regulators are responding. At the same time as …

1
Episode 132: Reviewing the Mandiant M-Trends 2025 Report 42:23

1M ago42:23

42:23

In this episode Spencer and Brad review the M-Trends 2025 Report. M-Trends 2025 is Mandiant's annual report that shares frontline learnings from its global incident-response engagements—over 450 000 hours of investigations in 2024—providing sanitized, data-driven analysis of evolving attacker tactics, dwell times, industry and regional trends, and …

1
EP222 From Post-IR Lessons to Proactive Security: Deconstructing Mandiant M-Trends 35:19

1M ago35:19

35:19

Guests: Kirstie Failey @ Google Threat Intelligence Group Scott Runnels @ Mandiant Incident Response Topics: What is the hardest thing about turning distinct incident reports into a fun to read and useful report like M-Trends? How much are the lessons and recommendations skewed by the fact that they are all “post-IR” stories? Are “IR-derived” secur…

1
(Replay) How To Defend Against Lateral Movement 37:48

1M ago37:48

37:48

In this replay, Spencer and Brad dive into lateral movement, discussing various techniques like RDP, RATs, Impacket tools, PsExec, PTH, PTT, and PowerShell Remoting. They explain how attackers use these methods to gain unauthorized access, evade detection, and enable malicious activities. They also discuss precursors to lateral movement and strateg…

1
EP221 Special - Semi-Live from Google Cloud Next 2025: AI, Agents, Security ... Cloud? 30:26

1M ago30:26

30:26

Guests: No guests [Tim in Vegas and Anton remote] Topics: So, another Next is done. Beyond the usual Vegas chaos, what was the overarching security theme or vibe you [Tim] felt dominated the conference this year? Thinking back to Next '24, what felt genuinely different this year versus just the next iteration of last year's trends? Last year, we po…

1
EP08 Roman Hussy - Inside AbuseCH: A Community's Fight Against Malware 42:13

1M ago42:13

42:13

This episode shines a light on abuse.ch, a vital non-profit project built by and for the global cybersecurity community. We chat with founder Roman Huessy about the collective effort behind tracking malware and botnets for over a decade. Discover the journey of maintaining a crucial shared resource—the technical challenges of hosting an open platfo…

1
Public Law Podcast EP20: Easter wrap up of key developments 15:14

1M ago15:14

15:14

In this Easter edition of the public law podcast, Jasveer Randhawa is joined by HSF partners Nusrat Zar and James Wood. Together, they discuss the application and availability of public law in a contractual context. They then delve into the cases of Sarcp and Clifford to consider the duty to consult and the Gunning principles. To conclude, they exp…

1
Investigate 360: EP10 – The ‘new’ tipping off offence – what you need to know 22:25

1M ago22:25

22:25

Reforms to the ‘tipping off’ offence under section 123 of the Australian Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) came into force from the 31st of March. The revised offence differs significantly from the former regime and will have significant implications for the day-to-day practices of many Australian businesses. In t…

1
EP220 Big Rewards for Cloud Security: Exploring the Google VRP 29:13

1M ago29:13

29:13

Guests: Michael Cote, Cloud VRP Lead, Google Cloud Aadarsh Karumathil, Security Engineer, Google Cloud Topics: Vulnerability response at cloud-scale sounds very hard! How do you triage vulnerability reports and make sure we’re addressing the right ones in the underlying cloud infrastructure? How do you determine how much to pay for each vulnerabili…

1
Cross Examining Cyber EP16: Cross Examining Mark Rigotti 37:22

2M ago37:22

37:22

In this episode, we cross examine Mark Rigotti, Managing Director and Chief Executive Officer of the Australian Institute of Company Directors (AICD), technically the largest director institute in the world with 53,000 members. Mark has had a remarkable career, including as Global CEO at Herbert Smith Freehills for two terms over 2014-2020 (based i…

1
Public M&A EP33: The return of the bear hug 9:11

2M ago9:11

9:11

In this episode we discuss "bear hugs", that is where a potential bidder for a target goes public about its possible offer without the target board's consent and appeals directly to the target's shareholders.We talk about: why a bear hug might be used by a bidder; where we have seen them used in recent months; and why we are seeing more of them.…

1
Windows Remote Desktop Protocol: Remote to Rogue 34:27

2M ago34:27

34:27

Host Luke McNamara is joined by GTIG Senior Security Researcher Rohit Nambiar to discuss Rohit's recent blog on some interesting usage of RDP by UNC5837. Rohit covers the discovery of the campaign, and the novel functionalities they were using to likely support cyber espionage goals. He delves into these findings and the usage of RemoteApps and vic…

1
EP219 Beyond the Buzzwords: Decoding Cyber Risk and Threat Actors in Asia Pacific 31:46

2M ago31:46

31:46

Guest: Steve Ledzian, APAC CTO, Mandiant at Google Cloud Topics: We've seen a shift in how boards engage with cybersecurity. From your perspective, what's the most significant misconception boards still hold about cyber risk, particularly in the Asia Pacific region, and how has that impacted their decision-making? Cybersecurity is rife with jargon.…

1
Episode 131: DMARC & PCI 4.0 Compliance - Is your Organization Compliant? 28:19

2M ago28:19

28:19

In this episode, Tyler and Brad discuss DMARC and how the latest version of the PCI framework requires phishing protection. You'll also learn about DMARC, DKIM, and SPF and how to elevate them to help protect your organization from attacks like Business Email Compromise (BEC). Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreat…

1
LPP: The Legal Privilege Podcast (Aus) EP9 – Privilege and collaboration platforms 20:13

2M ago20:13

20:13

Join our experts as they discuss how to approach legal professional privilege in the context of collaboration platforms such as Microsoft Teams, Slack and WhatsApp, particularly in light of possible requirements to produce documents to regulators, discovery obligations and other litigation processes.…

1
EP218 IAM in the Cloud & AI Era: Navigating Evolution, Challenges, and the Rise of ITDR/ISPM 30:10

2M ago30:10

30:10

Guest: Henrique Teixeira, Senior VP of Strategy, Saviynt, ex-Gartner analyst Topics: How have you seen IAM evolve over the years, especially with the shift to the cloud, and now AI? What are some of the biggest challenges and opportunities these two shifts present? ITDR (Identity Threat Detection and Response) and ISPM (Identity Security Posture Ma…

1
Inside IR (Australian Industrial Relations) EP26: Election Special 23:07

2M ago23:07

23:07

Recorded 31 March 2025 This election special of Inside IR looks at the upcoming 2025 Australian Federal Election through an industrial relations and employment lens. Given the vast amount of reform over the last 3 years, what does the next term of federal politics look like? Our team explores how the major parties are approaching their election cam…

1
Episode 130: Using Deception Technology to Detect Cyber Attacks 46:31

2M ago46:31

46:31

In this episode of The Cyber Threat Perspective, we explore the strategic integration of deception technology like canaries and honeypots into your cybersecurity defenses. Discover how these tools allow you to detect threat actors earlier in their attack sequence, disrupt malicious activities, and mitigate potential damage to your organization. Joi…