Skip to content
PodcastsBusinessMicrosoft Threat Intelligence Podcast

Microsoft Threat Intelligence Podcast

Microsoft
Microsoft Threat Intelligence Podcast
Latest episode

74 episodes

  • Microsoft Threat Intelligence Podcast

    Behind the Book: Threat-Driven Software Development

    15/07/2026 | 59 mins.
    In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by co-authors Michael Howard, Lee Holmes, and Shawn Hernan for a discussion on their new book, Threat-Driven Software Development: Defending Online Services from Modern Threat Actors.

    Together, they explore how security teams and software developers can build more resilient systems by understanding how real-world threat actors operate. From threat modeling and operational security to the evolving role of AI in both cyber defense and cybercrime, the conversation examines lessons learned from major security incidents and why secure design must be a priority from the earliest stages of software development.

    In this episode you’ll learn:

    Why security should be driven by real-world threat actor behavior

    How developers can reduce risk through better design and operational practices

    The role of threat modeling in modern software development

    Some questions we ask:

    How did the idea for Threat-Driven Software Development come about?

    Why is operational security just as important as application security?

    What do you hope readers take away from this book?

    Resources:

    View Lee Holmes on LinkedIn

    View Michael Howard on LinkedIn

    View Shawn Hernan on LinkedIn

    View Sherrod DeGrippo on LinkedIn



    Related Microsoft Podcasts:

    The BlueHat Podcast

    Uncovering Hidden Risks

    Discover and follow other Microsoft podcasts at microsoft.com/podcasts



    Get the latest threat intelligence insights and guidance at Microsoft Security Insider



    The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
  • Microsoft Threat Intelligence Podcast

    Casey Ellis on How AI Is Reshaping Vulnerability Research and Patching

    01/07/2026 | 1h 3 mins.
    In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo sits down with Casey Ellis, founder of Bugcrowd and co-founder of disclose.io, to explore how AI is reshaping vulnerability research, bug bounty programs, and the future of cyber defense. They discuss the growing volume of vulnerabilities, the challenges of responsible disclosure, the rise of AI-assisted hacking, and what happens when increasingly powerful tools are placed in the hands of both defenders and attackers. The conversation also dives into the human side of cybersecurity, from community and creativity to maintaining optimism and connection in an AI-driven world. 

    In this episode you’ll learn:      


    How AI is changing vulnerability research for both defenders and threat actors 


    The challenges of responsible disclosure in an age of rapid software development 


    Why cybersecurity experts believe vulnerability volume is growing faster than ever 

    Some questions we ask:      


    How will AI affect individual threat actors, hacktivists, and cybercriminals? 


    What tasks should humans continue doing instead of outsourcing AI? 


    When does publishing vulnerability research help defenders versus help threat actors? 

    Resources:  

    View Casey Ellis on LinkedIn  

    View Sherrod DeGrippo on LinkedIn  

     

    Related Microsoft Podcasts:                   


    The BlueHat Podcast 


    Uncovering Hidden Risks     

    Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

    Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

     

    The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
  • Microsoft Threat Intelligence Podcast

    Hot Cybercrime Summer:  Smishing, Supply Chains, and Sleuthcon

    17/06/2026 | 40 mins.
    In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo sits down with Aurora Johnson of SpyCloud and Amitai Cohen of Wiz ahead of SleuthCon to explore two rapidly changing corners of the cybercrime landscape.  

    Aurora breaks down the highly organized Chinese-language smishing ecosystem, revealing how phishing operations, fraud networks, and cash-out schemes work together like a mature business.  

    Amitai examines the growing threat to software supply chains, explaining how groups like Team PCP are exploiting CI/CD pipelines, open-source dependencies, and AI-assisted malware development.  

    Together, they discuss the industrialization of cybercrime, the role of automation and AI, and why defenders must rethink how they secure today's interconnected digital ecosystem.  

    In this episode you’ll learn:      


    Why cybercrime ecosystems now operate like sophisticated businesses 


    How NFC relay attacks are being used to cash out stolen credit card data 


    The role Telegram marketplaces play in modern fraud operations 

    Some questions we ask:     


    How industrialized has modern cybercrime become? 


    What clues suggest threat actors are using AI to create malware? 


    What are defenders missing about CI/CD pipelines as an attack surface? 

    Resources:  

    View Aurora Johnson on LinkedIn  

    View Amitai Cohen on LinkedIn  

    View Sherrod DeGrippo on LinkedIn  

     

    Related Microsoft Podcasts:                   


    The BlueHat Podcast 


    Uncovering Hidden Risks     

    Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

     

    Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

     

    The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
  • Microsoft Threat Intelligence Podcast

    Supply Chain Attacks: Open Source or Open Door?

    03/06/2026 | 38 mins.
    In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Allie Luhrs and Mario Samolis from Microsoft Security to explore the growing threat of open source software supply chain attacks. They discuss how malicious NPM packages, compromised developer ecosystems, AI-generated attacks, and software dependency risks are reshaping modern incident response, while sharing insights from their recent presentation at BlueHat IL 2025.  

    In this episode you’ll learn:      


    How attackers are targeting open source software ecosystems at scale 


    Why AI is accelerating both cyberattacks and threat detection 


    What was uncovered during their BlueHat presentation on modern software supply chain attacks 

    Some questions we ask:     


    What patterns did you uncover in NPM attack campaigns? 


    Should developers rely on dependencies or build everything themselves? 


    Why should organizations pay closer attention to open source security risks? 

    Resources:  

    View Allie Luhrs on LinkedIn  

    View Mario Samolis on LinkedIn  

    View Sherrod DeGrippo on LinkedIn  

     

    Related Microsoft Podcasts:                   


    Afternoon Cyber Tea with Ann Johnson 


    The BlueHat Podcast 


    Uncovering Hidden Risks     

     

    Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

     

    Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

     

    The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
  • Microsoft Threat Intelligence Podcast

    Eviltokens: A Conversation with Huntress on an AI‑Enabled Device Code Phishing Campaign

    20/05/2026 | 42 mins.
    In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo joins researchers from Huntress to break down the rise of EvilTokens, an AI-powered phishing-as-a-service platform designed to bypass MFA and automate credential theft at scale. Together, they explore how attackers are leveraging legitimate authentication flows, trusted infrastructure, and AI-generated phishing lures to blend malicious activity into normal enterprise traffic. The conversation also examines how modern phishing operations have evolved into highly professionalized cybercrime ecosystems and what defenders must do to adapt their identity security strategies.  

    In this episode you’ll learn:      


    How EvilTokens bypasses MFA using device code phishing 


    Why AI-powered phishing campaigns are harder to detect 


    What makes modern phishing kits highly scalable and automated 

    Some questions we ask:     


    What role does trusted infrastructure play in these attacks? 


    Why are traditional phishing defenses struggling against these tactics? 


    How are modern phishing kits becoming more professionalized? 

    Resources:  


    Watch the LinkedIn live recording 


    Read Huntress’ related research 


    View Lindsay O’Donnell-Welch on LinkedIn 


    View Jamie Levy on LinkedIn 


    View Sherrod DeGrippo on LinkedIn  

    Related Microsoft Podcasts:                   


    Security Insider Conversations 


    The BlueHat Podcast 


    Uncovering Hidden Risks     

    Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

     

    Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

     

    The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
More Business podcasts
About Microsoft Threat Intelligence Podcast
Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.
Podcast website

Listen to Microsoft Threat Intelligence Podcast, Think Fast Talk Smart: Communication Techniques and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features
Microsoft Threat Intelligence Podcast: Podcasts in Family