Below the Surface (Audio) - The Supply Chain Security Podcast
A lively discussion of the threats affecting supply chain, specifically focused on firmware and low-level code that is a blind spot for many organizations. This podcast will feature guests from the cybersecurity industry discussing the problems surrounding supply chain-related issues and potential solutions. Get the Supply Chain Security Toolkit from Eclypsium here: https://eclypsium.com/go
info_outline
Exploit Marketplaces - BTS #59
09/10/2025
Exploit Marketplaces - BTS #59
In this episode of Below the Surface, host Paul Asadoorian speaks with Evan Dornbush, CEO of Desired Effect, about the evolving landscape of exploit marketplaces and vulnerability research. They discuss the challenges researchers face in monetizing their findings, the ethical implications of selling exploits, and the importance of timely intelligence for defenders. The conversation also touches on the role of AI in vulnerability research, the dynamics between buyers and sellers in the marketplace, and the impact of end-of-life devices on cybersecurity. Overall, the episode provides valuable insights into the complexities of the exploit marketplace and the need for a more proactive approach to cybersecurity. Chapters 00:00 Introduction to Desired Effect and Evan Dornbush 02:35 The Evolution of Exploit Marketplaces 05:06 Monetizing Vulnerability Research 07:46 The Role of Disclosure in Exploit Sales 10:28 Understanding the Value of Exploits 13:14 Ethics and Motivations in Vulnerability Research 15:51 Validation of Vulnerabilities and Exploits 18:29 Buyer Vetting and Market Dynamics 21:31 Proactive Defense Strategies 24:32 Market Insights and Future Trends 27:43 The Marketplace for Exploits 31:08 The Role of Researchers and Vendors 34:51 The Asymmetry in Cybersecurity 38:03 Economic Incentives in Cybersecurity 40:25 The Complexity of Risk Management 43:57 The Future of Exploit Disclosure 47:23 The Role of AI in Cybersecurity 53:31 Closing Thoughts on Exploit Ethics
/episode/index/show/belowthesurfacesw/id/38170855
info_outline
UEFI Vulnerabilities and Hardware Risks - BTS #58
09/04/2025
UEFI Vulnerabilities and Hardware Risks - BTS #58
In this episode, the hosts discuss various cybersecurity topics, focusing on hardware vulnerabilities, UEFI attack vectors, and the implications of new regulations on device security. They explore the evolution of Mirai variants targeting IoT devices and the challenges of securing firmware. The conversation highlights the need for improved security measures and the complexities of managing vulnerabilities in a rapidly changing technological landscape. 00:00 Introduction and Technical Challenges 02:37 Exploring UEFI Settings and Hardware Vulnerabilities 10:14 The Risks of UEFI Control and Physical Damage 16:33 Static Tundra: Cyber Espionage and Exploits 22:23 Targeting Vulnerable Infrastructure in Cyber Attacks 26:27 Emerging Threats in IoT and Network Devices 31:55 The Evolution of Malware: A Deep Dive 34:30 The Challenge of Securing IoT Devices 35:13 Impact of EU Cyber Resilience Act 38:14 Vulnerability Management and Vendor Responsibilities 41:54 Living Outside the Operating System: New Attack Vectors
/episode/index/show/belowthesurfacesw/id/38090735
info_outline
Interview with Brian Mullen from AMI - BTS #57
08/15/2025
Interview with Brian Mullen from AMI - BTS #57
In this episode of Below the Surface, host Paul Asadoorian is joined by Brian Mullen, head of SSDLC at AMI, to discuss the complexities of supply chain and firmware security. They explore the challenges of maintaining security in a complicated supply chain, the importance of proactive and reactive security measures, and the implications of end-of-life software. The conversation also touches on the gaming industry's push for secure boot, recent vulnerabilities discovered in firmware, and the role of BMCs in security. Brian shares insights into AMI's approach to vulnerability management and the future of firmware security, including the significance of Software Bill of Materials (SBOMs). Whitepaper: https://eclypsium.com/wp-content/uploads/OpenBMC-Security-in-Practice.pdf Chapters 00:00 Introduction and Technical Setup 01:46 The Challenges of Podcasting and Marketing 03:42 Understanding AMI and Its Role in Firmware Security 06:13 Supply Chain Complexity and Security Measures 08:49 Proactive vs Reactive Security in Firmware 11:17 The Importance of Stable Firmware in Security 13:54 Navigating Vulnerabilities in UEFI and OpenSSL 16:24 The Impact of Cherry-Picking Security Updates 19:11 Tracking Vulnerabilities Across the Supply Chain 21:50 Solutions for Data Center Firmware Management 24:21 Future Directions in Vulnerability Management 24:38 Navigating Vulnerability Management 28:30 End of Life and Support Challenges 31:55 Gaming Security and Anti-Cheat Mechanisms 35:38 The Complexity of Secure Boot Implementation 36:50 Recent Vulnerabilities and Security Research 39:44 Understanding BMC Security 43:34 Open Source and BMC Development 46:30 The Role of SBOMs in Security Compliance
/episode/index/show/belowthesurfacesw/id/37836700
info_outline
BTS #56 - Vulnerabilities & Backdoors In IT Infrastructure
08/08/2025
BTS #56 - Vulnerabilities & Backdoors In IT Infrastructure
In this episode, the hosts discuss various cybersecurity topics, focusing on Nvidia vulnerabilities, the implications of backdoors in technology, and the importance of secure boot and certificate management. They also delve into SonicWall's security challenges and the ongoing debate of building versus buying security solutions, particularly in the context of AI infrastructure and cloud services. Articles and topics for this week: - Secure Boot and certificates - - - Researcher’s previous paper on SMM and malware: He presented at Blackhat last year on Option ROMS: - YouTube video:
/episode/index/show/belowthesurfacesw/id/37738655
info_outline
Netgear, Gigabyte, and Rowhammer Vulnerabilities - BTS #55
07/24/2025
Netgear, Gigabyte, and Rowhammer Vulnerabilities - BTS #55
In this episode of Below the Surface, the hosts discuss critical cybersecurity topics including vulnerabilities in Netgear and Gigabyte devices, the importance of asset inventory, and the implications of Row Hammer attacks on memory integrity. They emphasize the need for organizations to implement compensating controls and monitor for potential threats, especially in the context of supply chain security and IoT devices. Chapters 00:00 Introduction to Cybersecurity Challenges 02:20 Exploring Netgear's Role in Enterprise Security 09:08 The Impact of Shadow IT on Network Security 15:04 Firmware Integrity and Security Measures 18:05 Gigabyte's UEFI Vulnerabilities and Industry Implications 22:25 Understanding UEFI Vulnerabilities 28:46 Consumer vs. Enterprise Hardware Security 35:06 Monitoring and Mitigating Firmware Risks 41:11 The Impact of ECC on AI Performance
/episode/index/show/belowthesurfacesw/id/37534700
info_outline
CVE-2024-54085: The First of Its Kind - BTS #54
07/08/2025
CVE-2024-54085: The First of Its Kind - BTS #54
In this episode, the hosts delve into the critical vulnerabilities associated with Baseboard Management Controllers (BMCs), with a particular focus on CVE-2024-54085. They discuss the ease of exploitation, the potential threat actors involved, and the implications for data center security. The conversation highlights the challenges in detecting and mitigating these vulnerabilities, the importance of firmware updates, and the need for community tools to aid in vulnerability detection and mitigation. The episode concludes with a call to action for organizations to patch their systems and implement robust security measures. Chapters 00:00 Introduction to BMC Vulnerabilities 02:21 Exploring CVE 2024-54085 05:04 Understanding Exploitation and Threat Actors 07:47 The Implications of BMC Vulnerabilities 10:46 Mitigation Strategies and Challenges 13:35 The Future of BMC Security 28:36 Understanding BMC Vulnerabilities 36:24 The Importance of Disclosure and Community Tools 45:13 Navigating Firmware Updates and Vendor Challenges 52:19 Community Engagement and Future Considerations
/episode/index/show/belowthesurfacesw/id/37335565
info_outline
Exploring the Evolution of Zero Trust - BTS #53
07/07/2025
Exploring the Evolution of Zero Trust - BTS #53
In this episode, the hosts discuss the evolving landscape of AI infrastructure security, focusing on the complexities of building and maintaining AI data centers. They explore the critical role of Baseboard Management Controllers (BMCs) as an attack surface, the importance of supply chain security, and best practices for hardware procurement. The conversation underscores the importance of validating hardware and firmware integrity for organizations while also addressing the significant security risks associated with AI workloads. As AI data centers continue to grow, understanding these challenges and implementing robust security measures will be essential for future success. Chapters 00:00 Introduction to Zero Trust and Its Evolution 03:33 Current State of Zero Trust Implementation 05:22 Micro-Segmentation and Infrastructure Security 10:02 Zero Trust and Lateral Movement Prevention 11:32 The Role of Zero Trust in Ransomware Defense 14:51 Chase Cunningham's Insights on Cyber Warfare 16:23 The Intersection of Cyber Warfare and Modern Conflicts 21:35 The Future of Warfare: Drones and Cybersecurity 24:01 Understanding the Drone Threat 28:28 The Evolution of Cyber Warfare 35:00 The State of Critical Infrastructure 39:26 The Economics of Breaches 44:29 Incentivizing Cybersecurity Improvements
/episode/index/show/belowthesurfacesw/id/37237840
info_outline
Securing the Future of AI Infrastructure - BTS #52
07/01/2025
Securing the Future of AI Infrastructure - BTS #52
In this episode, the hosts discuss the evolving landscape of AI infrastructure security, focusing on the complexities of building and maintaining AI data centers. They explore the critical role of Baseboard Management Controllers (BMCs) as an attack surface, the importance of supply chain security, and best practices for hardware procurement. The conversation underscores the importance of validating hardware and firmware integrity for organizations while also addressing the significant security risks associated with AI workloads. As AI data centers continue to grow, understanding these challenges and implementing robust security measures will be essential for future success.
/episode/index/show/belowthesurfacesw/id/37237720
info_outline
When Windows 10 Expires - BTS #51
05/30/2025
When Windows 10 Expires - BTS #51
In this episode, the hosts discuss the impending end of life for Windows 10 and the necessary preparations for upgrading to Windows 11. They explore the specific hardware requirements for Windows 11, including the importance of Secure Boot and TPM 2.0, and the challenges enterprises face in managing large-scale migrations. The conversation underscores the importance of meticulous planning to prevent costly failures and the influence of legacy systems on the upgrade process. In this conversation, the speakers discuss the implications of transitioning to Windows 11, focusing on the challenges posed by legacy systems, supply chain issues, and the importance of modern hardware for security. They delve into the Black Lotus UEFI boot kit and the necessary mitigations, emphasizing the need for organizations to validate their security controls and establish a robust trust framework. The discussion also highlights the growing importance of third-party risk management in cybersecurity, particularly in relation to supply chain security.
/episode/index/show/belowthesurfacesw/id/36789665
info_outline
SBOMs, HBOMs, and Supply Chain Visibility - BTS #50
05/15/2025
SBOMs, HBOMs, and Supply Chain Visibility - BTS #50
Summary In this episode, Paul Asadoorian and Joshua Marpet delve into the complexities of compliance, inventory management, and the emerging concepts of SBOMs, HBOMs, and FBOMs (no, not that FBOM). They discuss the importance of understanding the components and origins of hardware and software, the challenges of managing technology lifecycles, and the need for clear standards and regulations in the tech industry. The conversation emphasizes the critical role of asset inventories in maintaining security and compliance in an ever-evolving technological landscape. In this conversation, Joshua Marpet and Paul Asadoorian delve into the complexities of hardware security, the cultural shifts needed in security practices, and the importance of transparency in software and firmware management. They discuss the challenges posed by hardware backdoors, the necessity of Software Bill of Materials (SBOMs), and the hidden risks associated with firmware updates. The dialogue emphasizes the need for a cultural change in how organizations approach security and compliance, advocating for continuous management and transparency to inspire confidence in security practices. Chapters 00:00 Introduction and Technical Challenges 02:02 Exploring Compliance and Frameworks 05:06 Understanding S-bombs, H-bombs, and F-bombs 10:10 The Importance of Inventory and Asset Management 15:01 Navigating Hardware and Software Lifecycle 19:58 Standards and Regulations in Technology 23:56 The Manchurian Microchip and Hardware Backdoors 27:44 Cultural Change in Security Practices 30:47 The Importance of Transparency and SBOMs 36:39 Challenges in Compliance and Risk Management 42:42 The Hidden Risks of Firmware and Hardware Updates
/episode/index/show/belowthesurfacesw/id/36579515
info_outline
The Hidden Risks of Open Source Components - BTS #49
05/06/2025
The Hidden Risks of Open Source Components - BTS #49
In this episode, Paul Asadorian and Josh Bressers delve into the complexities of open source supply chain security, discussing the prevalence of open source components in modern software, the challenges posed by legacy systems, and the critical importance of vulnerability management. They explore the regulatory landscape surrounding software liability and the need for better tools and practices to ensure secure product development. The conversation highlights the necessity of understanding dependencies and the implications of consumer security in a market driven by features rather than security. In this conversation, Josh Bressers and Paul discuss the importance of Software Bill of Materials (SBOMs) in enhancing supply chain security and vulnerability management. They explore the role of metadata in programming languages like Go and Rust, the challenges of accurately identifying vulnerabilities through CVEs, and the need for better automation in vulnerability detection. The discussion also touches on the potential of AI in identifying vulnerabilities, the introduction of tools like SIFT and GRIPE for generating SBOMs and scanning for vulnerabilities, and the future implications of these technologies in software security.
/episode/index/show/belowthesurfacesw/id/36455395
info_outline
Hardware Hacking Tips & Tricks - BTS #48
04/07/2025
Hardware Hacking Tips & Tricks - BTS #48
In this episode, Paul and Chase delve into the world of hardware hacking, focusing on devices like the Flipper Zero and ESP32. They discuss the various applications of these tools, their impact on awareness in the hacking community, and the security implications surrounding their use. The conversation also touches on vulnerabilities in hotel security systems, challenges in remediating legacy systems, and the commoditization of hacking tools. Through practical examples and insights, the hosts explore the evolving landscape of cybersecurity and the role of hardware in it. In this conversation, Paul and Chase delve into the world of hardware hacking, discussing the accessibility of devices like the Flipper Zero and ESP32, the importance of supply chain security, and the real-world implications of vulnerabilities in firmware and bootloaders. They emphasize the need for validation in the supply chain and explore the growing interface between hardware hacking and enterprise risk.
/episode/index/show/belowthesurfacesw/id/36041385
info_outline
BMC&C Part 3 - BTS #47
03/19/2025
BMC&C Part 3 - BTS #47
In this episode, Paul Asadoorian, Vlad Babkin, and Chase Snyder delve into the latest vulnerability disclosures related to Baseboard Management Controllers (BMCs), specifically focusing on AMI Megarac and Redfish. They discuss the nature of the vulnerabilities, the discovery process, and the potential impacts of a BMC compromise. The conversation highlights the importance of understanding BMCs in the context of supply chain security and the risks associated with exposing these components to the internet. The conversation delves into the vulnerabilities associated with Baseboard Management Controllers (BMCs), particularly focusing on the Redfish API and the potential for exploitation. The speakers discuss the implications of these vulnerabilities on hardware, the challenges faced by vendors in patching, and the importance of network segmentation and monitoring. They also highlight the limitations of logging and the effectiveness of Web Application Firewalls (WAFs) in this context. The discussion emphasizes the need for robust security measures to protect enterprise networks from potential attacks.
/episode/index/show/belowthesurfacesw/id/35776205
info_outline
Black Basta - Threat Intelligence Insights - BTS #46
03/05/2025
Black Basta - Threat Intelligence Insights - BTS #46
In this episode, Paul Asadoorian, Vlad Babkin, and Chase Snyder delve into the recent leaks from the Black Basta ransomware group, exploring the implications of the leaked chat logs, the operational tactics of the group, and the evolving landscape of ransomware attacks. The conversation highlights the importance of understanding threat intelligence derived from these leaks, the significance of targeting exposed devices, and the necessity of robust security measures to mitigate risks. In this conversation, the speakers delve into the evolving tactics of ransomware groups, emphasizing the importance of understanding their operational scale and methodologies. They discuss the significance of early detection and the necessity for organizations to adopt robust defensive strategies, particularly in credential management and vulnerability monitoring. The conversation highlights the need for enterprises to harden their defenses against potential intrusions and the critical role of effective password management in mitigating risks.
/episode/index/show/belowthesurfacesw/id/35547550
info_outline
Understanding Firmware Vulnerabilities in Network Appliances - BTS #45
02/06/2025
Understanding Firmware Vulnerabilities in Network Appliances - BTS #45
In this episode, Paul, Vlad, and Chase discuss the security challenges of Palo Alto devices and network appliances. They explore the vulnerabilities present in these devices, the importance of best practices in device management, and the need for automatic updates. The conversation highlights the evolving nature of firmware vulnerabilities and the necessity for compensating controls to mitigate risks. The hosts emphasize the responsibility of vendors to ensure their products are secure and the need for a shift in user expectations regarding security appliances. In this conversation, the speakers discuss the pressing need for improved security standards in network appliances, the challenges posed by auto updates and supply chain security, and the importance of implementing zero trust principles. They also delve into the role of firmware encryption and key management in enhancing security while emphasizing the necessity of monitoring and detection to safeguard against vulnerabilities.
/episode/index/show/belowthesurfacesw/id/35181615
info_outline
Network Appliances: A Growing Concern - BTS #44
01/27/2025
Network Appliances: A Growing Concern - BTS #44
In this episode, Paul Asadorian and Chase Snyder discuss the latest security threats and vulnerabilities affecting network appliances, particularly focusing on Avanti and Fortinet platforms. They explore the increasing risks associated with these devices, the need for improved security standards, and the challenges of risk management and visibility in network security. The conversation emphasizes the importance of accountability among vendors and the necessity for customers to demand better security practices. In this conversation, Chase Snyder and Paul discuss the challenges and vulnerabilities in network security, particularly focusing on network appliances and the lack of standardization in security measures. They highlight the shift of attackers towards these devices due to their low visibility and the need for better transparency and monitoring. The discussion also covers specific vulnerabilities in Fortinet products, the implications of rolling disclosures, and best practices for securing network devices.
/episode/index/show/belowthesurfacesw/id/35029825
info_outline
CVE Turns 25 - BTS #43
12/09/2024
CVE Turns 25 - BTS #43
In this episode, Paul Asidorian, Alec Summers, and Lisa Olson discuss the 25th anniversary of the CVE program, its evolution, and the importance of transparency in vulnerability management. They explore the history of CVE, the process of creating CVE records, and the role of CNAs in ensuring accountability. The conversation also addresses challenges related to end-of-life software vulnerabilities and the need for maintaining the integrity of CVE records in an ever-evolving cybersecurity landscape. In this conversation, the speakers discuss the complexities of managing and analyzing vulnerabilities in software, mainly focusing on the roles of CVE and CVSS in providing accurate and enriched data. They explore the challenges of combining vulnerabilities to assess cumulative risk, the importance of community engagement in improving CVE records, and the evolving landscape of supply chain vulnerabilities. The discussion emphasizes the need for better data analysis methods, the significance of community involvement, and the ongoing efforts to enhance the quality and accessibility of vulnerability information.
/episode/index/show/belowthesurfacesw/id/34350245
info_outline
The China Threat - BTS #42
11/21/2024
The China Threat - BTS #42
In this episode, Paul Asadoorian, Allan Alford, and Josh Corman discuss the growing threat posed by China, particularly in the context of cyber operations and geopolitical ambitions. They explore the implications of China's strategies, the vulnerabilities in critical infrastructure, and the need for transparency and trust in digital systems. The conversation highlights the urgency of addressing these threats as they relate to Taiwan and the broader global landscape. In this conversation, the speakers discuss the critical issues surrounding digital infrastructure, emphasizing the over-dependence on unreliable systems and the need for greater trust and transparency. They explore the balance between usability and security, the challenges posed by security appliances, and the regulatory landscape affecting digital trust. The conversation also highlights the importance of empowering smaller enterprises and addressing the asymmetry in cyber defense, particularly for those at the bottom of the economic pyramid. The speakers advocate for proactive measures to prepare for future disruptions and the need for collective action to improve the overall security landscape. Takeaways: China's ambitions towards Taiwan are a significant concern. The geopolitical landscape is increasingly complex and interconnected. China's cyber operations are organized, funded, and strategic. Critical infrastructure in the U.S. is vulnerable to cyber threats. Cyber warfare will likely be a hybrid conflict involving multiple actors. Dependence on connected technology poses risks to national security. Malicious intent is not necessary for cyber harm to occur. Transparency in digital infrastructure is crucial for security. The threat of hardware exploits remains a significant concern. The recidivism rate of cyber threats is high, especially in critical sectors. There's a cost to connectivity that we haven't acknowledged. Usability is often prioritized over security, leading to vulnerabilities. Dependability in digital infrastructure is crucial for resilience. Security appliances can sometimes introduce more vulnerabilities than they solve. Regulatory frameworks need to adapt to the evolving digital landscape. Consumer demand can drive accountability in security practices. Smaller enterprises often lack the resources to secure their systems effectively. The asymmetry in cyber defense leaves many vulnerable to attacks. Proactive measures are necessary to prepare for potential disruptions. Collective action is needed to improve trust and transparency in digital infrastructure.
/episode/index/show/belowthesurfacesw/id/34078566
info_outline
Pacific Rim - BTS #41
11/06/2024
Pacific Rim - BTS #41
In this episode, Paul Asadorian, Larry Pesce, and Evan Dornbusch delve into the recent Sophos reports on threat actors, particularly focusing on the Pacific Rim case. They discuss the implications of the findings, including the tactics used by attackers, the vulnerabilities in network devices, and the challenges of securing appliances. The conversation also highlights the importance of network detection solutions, the impact of zero-day exploits, and the need for a shift in how appliance security is approached, especially concerning firmware backdoors and UEFI threats. In this conversation, the speakers discuss the implications of UEFI attacks, highlighting Sophos' proactive measures in cybersecurity. They emphasize the importance of observing attackers, the role of manufacturers in enhancing security, and the need for better monitoring and visibility in devices. The discussion also touches on the significance of shared responsibility in cybersecurity, learning from transparency in incidents, and the challenges posed by overpowered devices. The speakers advocate for the implementation of security software and the necessity of bills of materials to improve device security.
/episode/index/show/belowthesurfacesw/id/33818762
info_outline
Backdoors in Backdoors
10/23/2024
Backdoors in Backdoors
In this episode, Paul Ascidorian and Matt Johansen discuss the recent targeted attacks by Chinese threat actors, particularly focusing on the Volt Typhoon group. They explore the implications of back doors in cybersecurity, the role of ISPs, and the ongoing tension between privacy and security. The conversation delves into historical contexts, the evolution of threat actor tactics, and the shared responsibility model in cybersecurity. They also highlight the challenges of supply chain security and the visibility issues that make network devices vulnerable to attacks. In this conversation, Paul and Matt discuss the evolution of software security, focusing on the shift from traditional vulnerabilities to emerging threats in network devices. They emphasize the importance of observability and aligning incentives for better security practices. The discussion also highlights the need for innovation in infrastructure security, including the use of modern web frameworks and memory-safe languages to enhance security measures.
/episode/index/show/belowthesurfacesw/id/33582667
info_outline
The Art of Firmware Scraping - BTS #39
10/08/2024
The Art of Firmware Scraping - BTS #39
In this episode, Edwin Shuttleworth from Finite State discusses firmware security, insights from the GRRCON Security Conference, and the challenges of firmware analysis. The conversation covers various topics, including firmware scraping techniques, the IoT landscape, types of firmware, the importance of Software Bill of Materials (SBOMs), and emulation in firmware analysis. Edwin shares his experiences and offers advice for those looking to get started in firmware reverse engineering.
/episode/index/show/belowthesurfacesw/id/33376577
info_outline
Vulnerability Tracking & Scoring - Patrick Garrity - BTS #38
09/27/2024
Vulnerability Tracking & Scoring - Patrick Garrity - BTS #38
In this episode of Below the Surface, host Paul Ascadorian and guest Patrick Garrity discuss the complexities of vulnerability tracking and prioritization. They explore various sources of vulnerability data, the significance of known exploited vulnerabilities, and the concept of weaponization in cybersecurity. The conversation delves into the challenges posed by supply chain vulnerabilities, the importance of Software Bill of Materials (SBOM), and the impact of user behavior on security. The episode concludes with thoughts on the future of vulnerability management and the need for a more comprehensive approach to cybersecurity.
/episode/index/show/belowthesurfacesw/id/33232332
info_outline
Firmware Reverse Engineering - Matt Brown - BTS #37
09/11/2024
Firmware Reverse Engineering - Matt Brown - BTS #37
In this episode, Matt Brown joins the podcast to talk about firmware reverse engineering and supply chains. They discuss Matt's start in information security, his journey into hardware security, and the creation of his YouTube channel. They also explore the vulnerabilities and weaknesses in the supply chain of IoT devices and the challenges of extracting firmware from embedded Linux systems. Matt shares his favorite tools for firmware extraction and the complexities of creating an SBOM in the embedded Linux ecosystem. In this conversation, Paul and Allan discuss the challenges and vulnerabilities in IoT devices. They highlight the lack of security incentives in the IoT industry, the reuse of code across different devices, and the importance of validating firmware updates. They also mention the use of tools like binwalk and unblob for firmware analysis, and the benefits of UART and JTAG for hardware hacking. The conversation emphasizes the need for passion and hands-on experience in exploring IoT security.
/episode/index/show/belowthesurfacesw/id/33005997
info_outline
Supply Chain Policies - Trey Herr, Stewart Scott - BTS #36
08/14/2024
Supply Chain Policies - Trey Herr, Stewart Scott - BTS #36
Stewart and Trey join us to talk about driving cybersecurity policies for the nation, what makes a good policy, what makes a bad policy, supply chain research and policies, and overall how we shape policies that benefit cybersecurity. Segment Resources: This segment is sponsored by Eclypsium. Visit to learn more about them! Show Notes:
/episode/index/show/belowthesurfacesw/id/32559367
info_outline
The Known Exploited Vulnerability catalogue, aka the KEV - Tod Beardsley - BTS #35
07/31/2024
The Known Exploited Vulnerability catalogue, aka the KEV - Tod Beardsley - BTS #35
Gain insights into the CISA KEV straight from one of the folks at CISA, Tod Beardsley. Learn how KEV was created, where the data comes from, and how you should use it in your environment. This segment is sponsored by Eclypsium. Visit to learn more about them! Resource: Show Notes:
/episode/index/show/belowthesurfacesw/id/32355067
info_outline
EPSS - The Exploit Prediction Scoring System - Jay Jacobs, Wade Baker - BTS #34
07/17/2024
EPSS - The Exploit Prediction Scoring System - Jay Jacobs, Wade Baker - BTS #34
Jay Jacobs Co-Founder and Data Scientist and Wade Baker Co-Founder; Data Storyteller from The Cyentia Institute come on the show to talk about The Exploit Prediction Scoring System (EPSS). This segment is sponsored by Eclypsium. Visit to learn more about them! Show Notes:
/episode/index/show/belowthesurfacesw/id/32160522
info_outline
Securing OT Environments - Dr. Ed Harris - BTS #33
07/03/2024
Securing OT Environments - Dr. Ed Harris - BTS #33
Ed Harris joins us to discuss how to secure OT environments, implement effective air gaps, and more! This segment is sponsored by Eclypsium. Visit to learn more about them! Show Notes:
/episode/index/show/belowthesurfacesw/id/31962152
info_outline
Mitre ATT&CK - Adam Pennington - BTS #32
06/19/2024
Mitre ATT&CK - Adam Pennington - BTS #32
We discuss the various aspects of Mitre Att&ck, including tools, techniques, supply chain aspects, and more! This segment is sponsored by Eclypsium. Visit to learn more about them! Show Notes:
/episode/index/show/belowthesurfacesw/id/31807232
info_outline
Managing Complex Digital Supply Chains - Cassie Crossley - BTS #31
06/05/2024
Managing Complex Digital Supply Chains - Cassie Crossley - BTS #31
Cassie has a long history of successfully managing a variety of security programs. Today, she leads supply chain efforts for a very large product company. We will tackle topics such as software supply chain management, SBOMs, third-party supply chain challenges, asset management, and more! This segment is sponsored by Eclypsium. Visit to learn more about them! Show Notes:
/episode/index/show/belowthesurfacesw/id/31616072
info_outline
Systems Of Trust - Robert Martin - BTS #30
05/22/2024
Systems Of Trust - Robert Martin - BTS #30
Bob Martin comes on the show to discuss systems of trust, supply chain security and more! This segment is sponsored by Eclypsium. Visit to learn more about them! Show Notes:
/episode/index/show/belowthesurfacesw/id/31419372