Every Tuesday at 1 PM ET, Red Canary’s security experts tackle cybersecurity news and industry trends with special guests and exclusive operational insights.

October’s episodes touched on how both defenders and adversaries are using AI, the basics of threat hunting, and more. We’ve embedded them all here for your viewing pleasure.

Episode 35: National Preparedness Month, incident response planning, and you!

Red Canary CISO Dave Farrow and Principal Security Solutions Specialist Gerry Johansen kick things off by going through some of the latest headlines, including a recent Comcast breach and news of the first malicious MCP server found stealing emails. Next, Dave touches on a series of blogs he’s been reading around securing AI, including this UC Berkeley white paper and this NIST guidance, and how they may impact the future of security operations.

They conclude by digging into highlights from Red Canary’s recently published Incident Response & Readiness guide including how artificial intelligence and large language models (LLMs) are converging with incident response, how to account for supply chain and third-party risk in incident response plans, and more.

Episode 36: Building AI agents for SecOps

Keith McCammon and Dave Farrow kick things off by touching on some recent infosec news, including a breach in a GitLab instance used for internal Red Hat Consulting collaboration and how disabling EDR as an evasion tactic (EDR-Freeze) has popped up in the news more of late.

The two are then joined by Jimmy Astle, Director of Machine Learning at Red Canary, who walks through a new project he’s open sourced on how to build AI agents and integrate them into a workflow to automate endpoint data forensics analysis.

Episode 37: A beginner’s guide to threat hunting

Dave and Chris Brook, Senior Information Security Researcher at Red Canary, discuss recent infosec headlines, including the latest in the Crimson Collective saga and how the group has begun attacking AWS environments, as well as a Redis vulnerability that may not be as bad as the CVSS score suggests.

We then welcome Brie Barbaro, a manager with Red Canary’s Threat Hunting team and Brittany Sattler, one of the team’s threat hunters, to discuss how Red Canary’s approach to threat hunting has evolved, some of the biggest day-to-day challenges, as well as tips and techniques for those who may just be starting out.

>

Episode 38: October Intelligence Insights

Brian Donohue, Principal Security Researcher at Red Canary, and Chris Brook, Senior Security Researcher at Red Canary, discuss the week’s infosec news, including what was behind the massive AWS outage that brought the internet to a standstill on Monday and what organizations need to prioritize following last week’s F5 nation state attack.

Red Canary Senior Intelligence Analyst Stef Rand then joins to parse through October’s Intelligence Insights, including the debut at number one on our list of Tampered Chef, a suspicious-looking threat that’s been largely been delivered via recipe or calendar-themed lures.

Episode 39: Nightmare on supply chain street

On this extra spooky, Halloween-themed Red Canary Office Hours, Dave and Brian Donohue go over the news of the week, including CISA’s recent guidance on identifying and patching the critical-severity Windows Server Update Service (WSUS) vulnerability.

Later, they discuss real life supply chain horrors—and tips on how to exorcise them—before being joined by Senior Threat Researcher Jesse Griggs to talk about his research on the recent influx of AI-fueled command line interface (CLI) supply chain attacks and how to best defend against them.