.NET Rocks! Coding for Security with Chris Ayers
Mar 25, 2026
Chris Ayers, an Azure reliability engineer and security expert, explains attacker-focused thinking with the MITRE ATT&CK matrix. Conversation highlights logging and behavioral detection, supply chain and package risks, AI-accelerated threats, and prioritizing CVEs and pipeline protections. Short, practical topics about spotting persistence, data exfiltration, and hardening build systems.
AI Snips
Chapters
Books
Transcript
Episode notes
MITRE ATT&CK Changes How You Think About Threats
- MITRE ATT&CK reframes defense by modeling attacker behavior as tactics and techniques rather than isolated vulnerabilities.
- Chris Ayers explains ATT&CK catalogs real attacker playbooks so teams can think like attackers and close detection gaps.
Alert On Anomalous Logins And Data Exports
- Do instrument and alert on anomalous authentication and query behavior to detect compromised accounts early.
- Chris Ayers recommends alerts for patterns like many requests from one IP or millions of rows exported within normal rate limits.
Maintainer Trust Was Exploited In A Supply Chain Con
- Chris Ayers recounts a malicious maintainer who slipped a payload into a trusted open-source package used by major distros.
- The attacker built trust via contributions, then introduced a decompression payload that caused real-world incidents before being caught.
