lee/hpr-knowledge-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
37e8274bffbd347c22b084a14454141cee746a76
hpr-knowledge-base/hpr_transcripts/hpr2691.txt
Lee Hanken 7c8efd2228 Initial commit: HPR Knowledge Base MCP Server 
- MCP server with stdio transport for local use
- Search episodes, transcripts, hosts, and series
- 4,511 episodes with metadata and transcripts
- Data loader with in-memory JSON storage

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-26 10:54:13 +00:00

116 lines
4.5 KiB
Plaintext
Raw Blame History

Episode: 2691
Title: HPR2691: DerbyCon Interview - John Strand
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr2691/hpr2691.mp3
Transcribed: 2025-10-19 07:34:49
---
This is HPR Episode 2691 entitled,
Narbicon Interview, John Strand, and in part of the series,
Interviews.
It is hosted by NOK and in about three minutes long
and Karina Cleanflag.
The summary is, John Strand talks about behavioral analytics
and blockchain.
This episode of HPR is brought to you by
an honesthost.com.
Get 15% discount on all shared hosting
with the offer code HPR15.
That's HPR15.
Better web hosting that's honest and fair
at An honesthost.com.
Hey, this is Zogue for Hacker Public Radio.
I'm here with John Strand,
who has a little known company called Black Hills Information
Security and he is a generally a fun person to talk to
about everything.
What are you going to talk to us about today?
Cool, I've got two things I want to talk about.
The first thing I want to talk about is
behavioral analytics for trying to identify
advanced malware in organizations.
The second thing I want to talk about just due to proximity
is the importance of blockchain, especially for people
in information security.
So whenever you're discussing frequency analysis
and beaconning detection, we're entering the point
where you can no longer identify malware
by standard signature-based detection.
And we've seen this on the endpoint
with the advent of products like silence and CrowdStrike,
but yet there's still ways to bypass those products.
Even though they are like an evolutionary jump
in the endpoint security market space,
they still have blind spots.
And we've also kind of seen that same blind spot exist
in the network side, which is the reason why we released
an open source free framework called RITA,
Real Intelligence Threat Analytics.
And I want people to check it out.
That's basically the main thing.
Download it, install it on a Ubuntu system,
give it pcaps and it'll analyze it,
and look for beaconning data.
The second thing I want to talk about is right now
this is a research area I haven't done a webcast
or anything about yet is blockchain.
And blockchain is really the butt of jokes
for everybody in computer security.
I've seen a couple of presentations here
where they kind of are saying blockchain is synonymous
with snake oil.
And really, the reason why people think that
is because of the current state of cryptocurrency
with Bitcoin going up and down
and all the cryptocurrencies jumping all over the place.
And unfortunately, people conflate the two.
And they start thinking that Bitcoin is blockchain
and they are the same thing.
That would be the equivalent of saying TCP IP is stupid
because telnet is unencrypted and it's an insecure protocol
and you shouldn't use it.
If you look at blockchain, it's really an underlying series
of technologies that are going to fundamentally change
or at least augment what we're going to be doing
moving forward in the future.
And I think that more of us in security
rather than just laughing at it and pointing at it,
we need to actually start embracing and trying
to understand this technology.
Or it's going to be something that's
foisted upon many security teams
with little to no background or information
to be prepared for that type of technology
that's coming through.
I've said myself that blockchain is the self-uncommoning
of it, called the self-blockchain just because we could
and it doubled their stock price overnight, basically.
I mean, so yeah, as you said, it is the joke,
but it is fascinating how we'll see if you're right.
Absolutely.
I think he will be.
Yes, so that's John Strand, awesome.
Thank you very much, sir.
And that was a blockchain-hills security.
I'm sorry.
Blackhills, information security.
But he does know about blockchain.
You've been listening to Hacker Public Radio
at HackerPublicRadio.org.
We are a community podcast network that
release the shows every weekday, Monday through Friday.
Today's show, like all our shows,
was contributed by an HBR listener like yourself.
If you ever thought of recording a podcast,
then click on our contribute link to find out
how easy it really is.
HackerPublic Radio was founded by the digital dog pound
and the Infonomicon Computer Club.
And it's part of the binary revolution at binrev.com.
If you have comments on today's show,
please email the host directly, leave a comment on the website
or record a follow-up episode yourself.
Unless otherwise status, today's show is released
on the creative comments, attribution,
share a light, 3.0 license.
Reference in New Issue View Git Blame Copy Permalink