7MS #536: Interview with Amanda Berlin of Blumira
Today we're so excited to welcome Amanda Berlin, Lead Incident Detection Engineer at Blumira, back to the show (did you miss Amanda's first appearance on the show? Check it out here)! You might already be familiar with Amanda's awesome Defensive Security Handbook or her work with the Mental Health Hackers organization. Today we virtually sat down to tackle a variety of topics and questions, including:
- What if HAFNIUM2 comes out today and only affects 2 specific versions of Exchange? Does Blumira buy every software/hardware thingy out there and have an evil scientist lab where they test out all these different exploits, and then create detections for them?
- Can an old, out-of-touch security guy like me still find a place at the Vegas hacker conferences (even though I hate lines, heat, crowds and partying)? Spoiler alert: yes.
- Are security vendors more likely to share their software/hardware security services with a defensive security group like Blumira, rather than pentesters like 7MinSec?
- Does Amanda think there's a gender bias in the security industry?
- Besides being aware of it happening, what can we do to cut down the bullying/secure-splaining/d-baggery/etc. in the industry?