Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec Defensive Security Podcast Episode 336
Jan 15, 2026
Explore the rising trends in cybersecurity, including insurers' recommendations for 2026 that focus on phishing and vendor outages. Discover the importance of role-based access control to limit risk and the dangers of legacy systems. Delve into the implications of a recent $8.5 million theft linked to a compromised developer key and the data leak involving Conde Nast. The hosts also discuss the complexities of software liability in reseller chains, highlighting vulnerabilities that need urgent attention.
AI Snips
Chapters
Transcript
Episode notes
Zero Trust Is An Architectural Intent
- "Zero Trust" is often conflated with replacing VPNs and firewalls, but its intent is architectural: don't trust by network location.
- True zero trust focuses on continuous authentication and limiting implicit trust, not merely switching to SASE.
Vet And Monitor MDR Providers
- Vet managed detection and response (MDR) providers; they vary widely in quality and context awareness.
- Monitor ticket noise and ensure MDR staff have business context to avoid desensitization and missed incidents.
Guarantee Truly Immutable Backups
- Ensure backups are truly immutable and isolated from production so attackers can't delete them.
- Validate immutability and test restores regularly to confirm recoverability during ransomware incidents.