Episode: 2691 Title: HPR2691: DerbyCon Interview - John Strand Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr2691/hpr2691.mp3 Transcribed: 2025-10-19 07:34:49 --- This is HPR Episode 2691 entitled, Narbicon Interview, John Strand, and in part of the series, Interviews. It is hosted by NOK and in about three minutes long and Karina Cleanflag. The summary is, John Strand talks about behavioral analytics and blockchain. This episode of HPR is brought to you by an honesthost.com. Get 15% discount on all shared hosting with the offer code HPR15. That's HPR15. Better web hosting that's honest and fair at An honesthost.com. Hey, this is Zogue for Hacker Public Radio. I'm here with John Strand, who has a little known company called Black Hills Information Security and he is a generally a fun person to talk to about everything. What are you going to talk to us about today? Cool, I've got two things I want to talk about. The first thing I want to talk about is behavioral analytics for trying to identify advanced malware in organizations. The second thing I want to talk about just due to proximity is the importance of blockchain, especially for people in information security. So whenever you're discussing frequency analysis and beaconning detection, we're entering the point where you can no longer identify malware by standard signature-based detection. And we've seen this on the endpoint with the advent of products like silence and CrowdStrike, but yet there's still ways to bypass those products. Even though they are like an evolutionary jump in the endpoint security market space, they still have blind spots. And we've also kind of seen that same blind spot exist in the network side, which is the reason why we released an open source free framework called RITA, Real Intelligence Threat Analytics. And I want people to check it out. That's basically the main thing. Download it, install it on a Ubuntu system, give it pcaps and it'll analyze it, and look for beaconning data. The second thing I want to talk about is right now this is a research area I haven't done a webcast or anything about yet is blockchain. And blockchain is really the butt of jokes for everybody in computer security. I've seen a couple of presentations here where they kind of are saying blockchain is synonymous with snake oil. And really, the reason why people think that is because of the current state of cryptocurrency with Bitcoin going up and down and all the cryptocurrencies jumping all over the place. And unfortunately, people conflate the two. And they start thinking that Bitcoin is blockchain and they are the same thing. That would be the equivalent of saying TCP IP is stupid because telnet is unencrypted and it's an insecure protocol and you shouldn't use it. If you look at blockchain, it's really an underlying series of technologies that are going to fundamentally change or at least augment what we're going to be doing moving forward in the future. And I think that more of us in security rather than just laughing at it and pointing at it, we need to actually start embracing and trying to understand this technology. Or it's going to be something that's foisted upon many security teams with little to no background or information to be prepared for that type of technology that's coming through. I've said myself that blockchain is the self-uncommoning of it, called the self-blockchain just because we could and it doubled their stock price overnight, basically. I mean, so yeah, as you said, it is the joke, but it is fascinating how we'll see if you're right. Absolutely. I think he will be. Yes, so that's John Strand, awesome. Thank you very much, sir. And that was a blockchain-hills security. I'm sorry. Blackhills, information security. But he does know about blockchain. You've been listening to Hacker Public Radio at HackerPublicRadio.org. We are a community podcast network that release the shows every weekday, Monday through Friday. Today's show, like all our shows, was contributed by an HBR listener like yourself. If you ever thought of recording a podcast, then click on our contribute link to find out how easy it really is. HackerPublic Radio was founded by the digital dog pound and the Infonomicon Computer Club. And it's part of the binary revolution at binrev.com. If you have comments on today's show, please email the host directly, leave a comment on the website or record a follow-up episode yourself. Unless otherwise status, today's show is released on the creative comments, attribution, share a light, 3.0 license.