Vai offline con l'app Player FM !
Craig Nelson on Simulating Attacks with Microsoft’s Red Team
Manage episode 430478811 series 3486243
Craig Nelson, leader of Microsoft's Red Team joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Craig explains how the Red Team simulates attacks on Microsoft's infrastructure to identify vulnerabilities and protect customer data stored in the cloud. He emphasizes the importance of these simulated attacks in preparing for real threats and describes the collaborative efforts with other security teams at Microsoft, such as the Azure penetration testing team and the Microsoft Security Response Center. Craig shares his personal journey into cybersecurity, highlighting his early fascination with cryptography and computer security. He also discusses the unique challenges and strategies of Red Teaming at Microsoft, including the need to influence engineering teams and the importance of systemic thinking to create durable security solutions.
In This Episode You Will Learn:
- The need for early detection of vulnerabilities during the development lifecycle
- Why a mix of technical and persuasive skill build successful red teams
- Significance of internal security education and training initiatives
Some Questions We Ask:
- What projects are you pursuing in AI and security?
- How do you have conversations with engineers to influence their security decisions?
- What skills are important for someone aspiring to join the Red Team?
Resources:
View Nic Fillingham on LinkedIn
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
37 episodi
Manage episode 430478811 series 3486243
Craig Nelson, leader of Microsoft's Red Team joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Craig explains how the Red Team simulates attacks on Microsoft's infrastructure to identify vulnerabilities and protect customer data stored in the cloud. He emphasizes the importance of these simulated attacks in preparing for real threats and describes the collaborative efforts with other security teams at Microsoft, such as the Azure penetration testing team and the Microsoft Security Response Center. Craig shares his personal journey into cybersecurity, highlighting his early fascination with cryptography and computer security. He also discusses the unique challenges and strategies of Red Teaming at Microsoft, including the need to influence engineering teams and the importance of systemic thinking to create durable security solutions.
In This Episode You Will Learn:
- The need for early detection of vulnerabilities during the development lifecycle
- Why a mix of technical and persuasive skill build successful red teams
- Significance of internal security education and training initiatives
Some Questions We Ask:
- What projects are you pursuing in AI and security?
- How do you have conversations with engineers to influence their security decisions?
- What skills are important for someone aspiring to join the Red Team?
Resources:
View Nic Fillingham on LinkedIn
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
37 episodi
Tutti gli episodi
×Benvenuto su Player FM!
Player FM ricerca sul web podcast di alta qualità che tu possa goderti adesso. È la migliore app di podcast e funziona su Android, iPhone e web. Registrati per sincronizzare le iscrizioni su tutti i tuoi dispositivi.