Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In Episode 5 of Corelight Defenders, I, Richard Bejtlich, engage with Corelight's co-founder and chief scientist, Vern Paxson, to delve into the intricate world of DNS covert channels. We explore how adversaries exploit DNS lookups to silently communicate within tightly controlled enterprise environments. Vern explains various methods attackers may use, from encoding data in seemingly benign domain names to manipulating the timing of requests. Our discussion highlights the challenges of detecting these covert channels, especially in the presence of network monitoring.

The Razorwire Christmas Party 2025 episode compares automation in law and cybersecurity, where junior roles shrink and the talent pipeline starts to break. AI pressure on tier one soc work in 2025 leaves new entrants with debt and fewer real training grounds, raising hard questions about the future of senior expertise.

The 2025 year in review reflects on research that shows daily grind and relentless tasks weigh more on the mind than rare major incidents. Flight deck style design offers a model for soc dashboards in 2025, where each instrument should cut cognitive load instead of drowning analysts in flashing warnings and clutter.

“The best way to compromise a ‘secure organization’ was to go find the things they didn’t know about.” Vulnerability management – within both the enterprise as well as the vendor ecosystem – is largely broken. Join Aleksandr Yampolskiy and HD Moore for this webinar discussing: SecurityScorecard monitors and scores over 12 million companies worldwide.

Safe Remediation is the process of turning validated exposure insights into coordinated, non-disruptive fixes across security controls ensuring teams can reduce risk quickly without breaking production. More specifically, Safe Remediation includes: Validation before enforcement Remediation without downtime Automated, coordinated action across controls Preemptive blocking of attacker infrastructure Safe-by-design automation Safe Remediation ensures that exposures are fixed quickly, automatically, and without operational risk – turning detection into trusted, validated action.

In this section, we cover what to do when ggshield finds something you don’t actually need to remediate, like a false positive, an intentionally fake credential in a demo repo, or a known non-sensitive test value. ggshield secret ignore lets you mark specific findings as ignored by adding them to the secrets.ignored_matches section of your local configuration. If your repo doesn’t already have a local config file, ggshield will create a.gitguardian.yaml file for you.

Watch the second episode of CISO Global's podcast, "Black Hat News," with host CEO David Jemmett. In this episode, David sits down with Steve Kass, COO of Highspring.

Try THIS Prompt to Build a CRUD Note Taking App!