| TaoSecurity | https://www.taosecurity.com/index.html |
| Blog | https://taosecurity.blogspot.com/ |
| https://www.linkedin.com/in/richardbejtlich/ | |
| Amazon | https://www.amazon.com/-/e/B001IR3KOW |
Episode 11 of the Corelight podcast is live. I speak with our product lead, Vijit Nair. We explore what it takes to mature AI in security operations, from the importance of high-quality, unopinionated data to the rise of agent-based systems and connected workflows.
https://www.youtube.com/playlist?list=PLBKbF72bCp2UtefR6_GhrKATP3tVD7Vev
https://open.spotify.com/show/2L2bkmbxaMxlz46xzhPNAH
https://podcasts.apple.com/us/podcast/corelight-defendrs/id1843154362
Oh snap. My single most important cybersecurity metric deteriorated again.
In the M-Trends report for calendar year 2024, Mandiant’s global median dwell time metric worsened from 10 to 11 days. In the newest report, released today, for calendar year 2025, that metric worsened again, from 11 to 14 days.
In other words, organizations are taking even longer to detect and respond to intrusions. 10 days was already still too much, in a world where teams need to detect and contain in an hour to be effective.
I’m not a doomer. We made amazing progress since 2011, when median global dwellers time was over 400 days. But, two bad years in a row has never happened. Before last year, the metric had always improved!
It’s possible Mandiant is just dealing with ever tougher cases. I have to dig into the full report.
Episode 10 of the Corelight podcast is live. I speak with our co-founder, Greg Bell, about what it's like to start a network security monitoring company and how to thrive in the long term.
https://www.youtube.com/playlist?list=PLBKbF72bCp2UtefR6_GhrKATP3tVD7Vev
https://open.spotify.com/show/2L2bkmbxaMxlz46xzhPNAH
https://podcasts.apple.com/us/podcast/corelight-defendrs/id1843154362
Episode 9 of the Corelight podcast is live. I speak with our federal CTO, Jean Schaffer, about challenges faced by governments when trying to secure their data.
https://www.youtube.com/playlist?list=PLBKbF72bCp2UtefR6_GhrKATP3tVD7Vev
https://open.spotify.com/show/2L2bkmbxaMxlz46xzhPNAH
https://podcasts.apple.com/us/podcast/corelight-defendrs/id1843154362
Episode 8 of the Corelight podcast is live. I speak with our CISO, Bernard Brantley, about his idea of using an enterprise nervous system to support and defend the business.
https://www.youtube.com/playlist?list=PLBKbF72bCp2UtefR6_GhrKATP3tVD7Vev
https://open.spotify.com/show/2L2bkmbxaMxlz46xzhPNAH
https://podcasts.apple.com/us/podcast/corelight-defendrs/id1843154362
RE: https://infosec.exchange/@jerry/116020940189408651
Let's not forget that, in the Phaedrus, Socrates argued against writing, because he feared it would make people reliant on external symbols over their own memory. The irony is that the only reason we know of Socrates' thinking is that his number one student, Plato, wrote down what Socrates said.
